XMPP uses addresses called JID which behave like email addresses but there is also a resource value that maps to a unique device. Community chest breaks down into the original Social IDs, which are what is currently used most people and Financial IDs, which is what we will focus on here. Financial IDs have strict rules about how they are generated. The user value is defined as HMAC-SHA256(Bare SID, Master Key Address) in base 58 and the resource is HMAC-SHA256(Bare FID, User Key || Device Signing Key).
This video discusses the User Signing Key and Device (called self-signing) key strategy:
We add to this the Master Key Address which is defined as HMAC-SHA256(Successor Address, Predecessor Key). The Successor will be the address to a quantum resistant key such as Falcon[1], ML-DSA or SLH-DSA we are most interested in digital signatures that are going to receive RISC-V hardware acceleration[3].
- https://en.wikipedia.org/wiki/Falcon_(signature_scheme)
- https://fprox.substack.com/p/risc-v-and-post-quantum-cryptography
Each Successor can have multiple successors and will include at least two of the above three algorithms. The early successor maybe computationally lighter versions of the same algorithm – for instance FALCON -128 may be used as the first successor and FALCON-256 maybe the second successor. The address is defined in such a way that it each key is itself not revealed so that if a future standard is broken it cannot be used. The final successor is defined as HMAC-SHA256(“Final”, Final Successor Key). Unfortunately we will have to use Ed255 as original master key because.