diff --git a/Podfile b/Podfile
index 4d1564b8fc..79a86c6d0b 100644
--- a/Podfile
+++ b/Podfile
@@ -17,9 +17,6 @@ ENV['LIBSIGNAL_FFI_PREBUILD_CHECKSUM'] = '33d29e8d4ebf0acd861ca6a934ac038b187f43
 pod 'LibSignalClient', git: 'https://github.com/signalapp/libsignal-client.git', tag: 'v0.33.0', testspecs: ["Tests"]
 # pod 'LibSignalClient', path: '../libsignal-client', testspecs: ["Tests"]
 
-pod 'Curve25519Kit', git: 'https://github.com/signalapp/Curve25519Kit', testspecs: ["Tests"], branch: 'feature/SignalClient-adoption'
-# pod 'Curve25519Kit', path: '../Curve25519Kit', testspecs: ["Tests"]
-
 pod 'blurhash', git: 'https://github.com/signalapp/blurhash', branch: 'signal-master'
 # pod 'blurhash', path: '../blurhash'
 
diff --git a/Podfile.lock b/Podfile.lock
index 16ebeb70eb..fc6d392950 100644
--- a/Podfile.lock
+++ b/Podfile.lock
@@ -4,14 +4,6 @@ PODS:
   - CocoaLumberjack (3.7.4):
     - CocoaLumberjack/Core (= 3.7.4)
   - CocoaLumberjack/Core (3.7.4)
-  - Curve25519Kit (2.1.0):
-    - CocoaLumberjack
-    - LibSignalClient (>= 0.15.0)
-    - SignalCoreKit
-  - Curve25519Kit/Tests (2.1.0):
-    - CocoaLumberjack
-    - LibSignalClient (>= 0.15.0)
-    - SignalCoreKit
   - GRDB.swift/SQLCipher (5.26.0):
     - SQLCipher (>= 3.4.0)
   - LibMobileCoin/CoreHTTP (5.0.0):
@@ -76,8 +68,6 @@ DEPENDENCIES:
   - blurhash (from `https://github.com/signalapp/blurhash`, branch `signal-master`)
   - BonMot
   - CocoaLumberjack
-  - Curve25519Kit (from `https://github.com/signalapp/Curve25519Kit`, branch `feature/SignalClient-adoption`)
-  - Curve25519Kit/Tests (from `https://github.com/signalapp/Curve25519Kit`, branch `feature/SignalClient-adoption`)
   - GRDB.swift/SQLCipher
   - LibMobileCoin/CoreHTTP (from `https://github.com/signalapp/libmobilecoin-ios-artifacts`, commit `5cd4f39a24d06708d1c19aced8384740689d7f61`)
   - libPhoneNumber-iOS (from `https://github.com/signalapp/libPhoneNumber-iOS`, branch `signal-master`)
@@ -117,9 +107,6 @@ EXTERNAL SOURCES:
   blurhash:
     :branch: signal-master
     :git: https://github.com/signalapp/blurhash
-  Curve25519Kit:
-    :branch: feature/SignalClient-adoption
-    :git: https://github.com/signalapp/Curve25519Kit
   LibMobileCoin:
     :commit: 5cd4f39a24d06708d1c19aced8384740689d7f61
     :git: https://github.com/signalapp/libmobilecoin-ios-artifacts
@@ -157,9 +144,6 @@ CHECKOUT OPTIONS:
   blurhash:
     :commit: 890ffdab14207154819415da7e6c969e9dfff0e9
     :git: https://github.com/signalapp/blurhash
-  Curve25519Kit:
-    :commit: 0af175812b5335dd32879a3556524c569dea95c9
-    :git: https://github.com/signalapp/Curve25519Kit
   LibMobileCoin:
     :commit: 5cd4f39a24d06708d1c19aced8384740689d7f61
     :git: https://github.com/signalapp/libmobilecoin-ios-artifacts
@@ -195,7 +179,6 @@ SPEC CHECKSUMS:
   blurhash: 4b3b2b8909cf41ab59fa349788654b8387284ff4
   BonMot: fb2b6a2209cb3149aca37b7131d49c051c04ae86
   CocoaLumberjack: 543c79c114dadc3b1aba95641d8738b06b05b646
-  Curve25519Kit: 003b546a89ceb374a64c7771b40f8362d63b91bd
   GRDB.swift: 1395cb3556df6b16ed69dfc74c3886abc75d2825
   LibMobileCoin: b1a473933091536cb87fc92a7ca35c63855451f3
   libPhoneNumber-iOS: 2d26d0a38933eee2702962a4dbdec2fc20e5ef9f
@@ -216,6 +199,6 @@ SPEC CHECKSUMS:
   SwiftProtobuf: b02b5075dcf60c9f5f403000b3b0c202a11b6ae1
   YYImage: f1ddd15ac032a58b78bbed1e012b50302d318331
 
-PODFILE CHECKSUM: f836e7dd326831911a85d3a42b21bdb015ff90dd
+PODFILE CHECKSUM: 298e6e543767061c4ba6dbdd571794eb29cdcccf
 
 COCOAPODS: 1.12.1
diff --git a/Pods b/Pods
index 2daab44308..5bb0bddaa2 160000
--- a/Pods
+++ b/Pods
@@ -1 +1 @@
-Subproject commit 2daab4430806bdeb5f35774ba5c47a9bf66d9e68
+Subproject commit 5bb0bddaa2948c48bd979ae858a0f82fd13c4a6b
diff --git a/Signal.xcodeproj/project.pbxproj b/Signal.xcodeproj/project.pbxproj
index a9e70fddbe..bec29c505c 100644
--- a/Signal.xcodeproj/project.pbxproj
+++ b/Signal.xcodeproj/project.pbxproj
@@ -657,6 +657,7 @@
 		5011D9732A04721A000FE8E5 /* OWSOrphanDataCleaner.m in Sources */ = {isa = PBXBuildFile; fileRef = 3464450B22B7F93600A957B1 /* OWSOrphanDataCleaner.m */; };
 		50169695291B0627007AD709 /* ContactDiscoveryManagerTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50169694291B0627007AD709 /* ContactDiscoveryManagerTest.swift */; };
 		5018B9DD2ADF4157001DFB12 /* AuthedDevice.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5018B9DC2ADF4157001DFB12 /* AuthedDevice.swift */; };
+		501AD1C42AF17A16001B796A /* ECKeyPairTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 501AD1C32AF17A16001B796A /* ECKeyPairTest.swift */; };
 		501D64FC28C027BA008D5993 /* OWSPaymentsLock.swift in Sources */ = {isa = PBXBuildFile; fileRef = 501D64FA28C027BA008D5993 /* OWSPaymentsLock.swift */; };
 		502B1B55297B28AF00FDB3AE /* ErrorTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 502B1B54297B28AF00FDB3AE /* ErrorTest.swift */; };
 		502D45442A05A34B00B8BCE0 /* ThreadRemover.swift in Sources */ = {isa = PBXBuildFile; fileRef = 502D45432A05A34B00B8BCE0 /* ThreadRemover.swift */; };
@@ -678,6 +679,8 @@
 		503AECC629B2AD6700642F66 /* VoiceMessageInterruptedDraft.swift in Sources */ = {isa = PBXBuildFile; fileRef = 34A955A1271B510500B05242 /* VoiceMessageInterruptedDraft.swift */; };
 		503AECC829B2AEFA00642F66 /* VoiceMessageSendableDraft.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503AECC729B2AEFA00642F66 /* VoiceMessageSendableDraft.swift */; };
 		503AECCD29B2B88600642F66 /* VoiceMessageConstants.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503AECC929B2B22E00642F66 /* VoiceMessageConstants.swift */; };
+		503B47222AF0569B00978266 /* PublicKey.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503B471E2AF0569A00978266 /* PublicKey.swift */; };
+		503B47232AF0569B00978266 /* ECKeyPair.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503B471F2AF0569A00978266 /* ECKeyPair.swift */; };
 		503BDDB4296F3E2C00FED3B2 /* SystemContactsDataProviderTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503BDDB3296F3E2C00FED3B2 /* SystemContactsDataProviderTest.swift */; };
 		503BDDB6296F5BE100FED3B2 /* ContactReminderTableViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503BDDB5296F5BE100FED3B2 /* ContactReminderTableViewCell.swift */; };
 		503C2F432977752B00217527 /* OWSURLSessionEndpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = 503C2F422977752B00217527 /* OWSURLSessionEndpoint.swift */; };
@@ -3239,6 +3242,7 @@
 		5011D96F2A0429B6000FE8E5 /* ThreadMergerTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ThreadMergerTest.swift; sourceTree = "<group>"; };
 		50169694291B0627007AD709 /* ContactDiscoveryManagerTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContactDiscoveryManagerTest.swift; sourceTree = "<group>"; };
 		5018B9DC2ADF4157001DFB12 /* AuthedDevice.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AuthedDevice.swift; sourceTree = "<group>"; };
+		501AD1C32AF17A16001B796A /* ECKeyPairTest.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ECKeyPairTest.swift; sourceTree = "<group>"; };
 		501D64FA28C027BA008D5993 /* OWSPaymentsLock.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OWSPaymentsLock.swift; sourceTree = "<group>"; };
 		502B1B54297B28AF00FDB3AE /* ErrorTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ErrorTest.swift; sourceTree = "<group>"; };
 		502D45432A05A34B00B8BCE0 /* ThreadRemover.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ThreadRemover.swift; sourceTree = "<group>"; };
@@ -3269,6 +3273,8 @@
 		503AECC429B2A4D300642F66 /* VoiceMessageInProgressDraft.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = VoiceMessageInProgressDraft.swift; sourceTree = "<group>"; };
 		503AECC729B2AEFA00642F66 /* VoiceMessageSendableDraft.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = VoiceMessageSendableDraft.swift; sourceTree = "<group>"; };
 		503AECC929B2B22E00642F66 /* VoiceMessageConstants.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = VoiceMessageConstants.swift; sourceTree = "<group>"; };
+		503B471E2AF0569A00978266 /* PublicKey.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = PublicKey.swift; sourceTree = "<group>"; };
+		503B471F2AF0569A00978266 /* ECKeyPair.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ECKeyPair.swift; sourceTree = "<group>"; };
 		503BDDB3296F3E2C00FED3B2 /* SystemContactsDataProviderTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SystemContactsDataProviderTest.swift; sourceTree = "<group>"; };
 		503BDDB5296F5BE100FED3B2 /* ContactReminderTableViewCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContactReminderTableViewCell.swift; sourceTree = "<group>"; };
 		503C2F422977752B00217527 /* OWSURLSessionEndpoint.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OWSURLSessionEndpoint.swift; sourceTree = "<group>"; };
@@ -6582,6 +6588,14 @@
 			path = OrphanData;
 			sourceTree = "<group>";
 		};
+		501AD1C22AF17A0B001B796A /* Curve25519 */ = {
+			isa = PBXGroup;
+			children = (
+				501AD1C32AF17A16001B796A /* ECKeyPairTest.swift */,
+			);
+			path = Curve25519;
+			sourceTree = "<group>";
+		};
 		5033D46C29DCA8DE007FEADA /* URLs */ = {
 			isa = PBXGroup;
 			children = (
@@ -6617,6 +6631,15 @@
 			path = VoiceMessage;
 			sourceTree = "<group>";
 		};
+		503B471C2AF0566B00978266 /* Curve25519 */ = {
+			isa = PBXGroup;
+			children = (
+				503B471F2AF0569A00978266 /* ECKeyPair.swift */,
+				503B471E2AF0569A00978266 /* PublicKey.swift */,
+			);
+			path = Curve25519;
+			sourceTree = "<group>";
+		};
 		5045F44129E0DAA400058E5F /* Launch */ = {
 			isa = PBXGroup;
 			children = (
@@ -8867,6 +8890,7 @@
 				D9C2D78529A80BE700D79715 /* ChangePhoneNumber */,
 				665C0D5A2ADF537000539A37 /* CloudBackup */,
 				F9C5C9CC289453B100548EEE /* Contacts */,
+				503B471C2AF0566B00978266 /* Curve25519 */,
 				6600F36A298DAA4F00B1EDB7 /* DateProvider */,
 				666BAB0E2980B76B00867196 /* Dependencies */,
 				F9C5CA09289453B100548EEE /* Devices */,
@@ -8906,6 +8930,7 @@
 				F945FE4B298481D800C835C7 /* Calls */,
 				D985D86229B91C2B0087C90C /* ChangePhoneNumber */,
 				F9426205289B1B5500460798 /* Contacts */,
+				501AD1C22AF17A0B001B796A /* Curve25519 */,
 				F94261C7289B1B5300460798 /* Devices */,
 				F908AA7B28CE628700472E68 /* Fixtures */,
 				5075C21529CA1ED500A260D2 /* GroupMembers */,
@@ -10958,7 +10983,6 @@
 			inputPaths = (
 				"${PODS_ROOT}/Target Support Files/Pods-Signal/Pods-Signal-frameworks.sh",
 				"${BUILT_PRODUCTS_DIR}/CocoaLumberjack/CocoaLumberjack.framework",
-				"${BUILT_PRODUCTS_DIR}/Curve25519Kit/Curve25519Kit.framework",
 				"${BUILT_PRODUCTS_DIR}/GRDB.swift/GRDB.framework",
 				"${BUILT_PRODUCTS_DIR}/LibSignalClient/LibSignalClient.framework",
 				"${BUILT_PRODUCTS_DIR}/Mantle/Mantle.framework",
@@ -10985,7 +11009,6 @@
 			name = "[CP] Embed Pods Frameworks";
 			outputPaths = (
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/CocoaLumberjack.framework",
-				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Curve25519Kit.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/GRDB.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/LibSignalClient.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Mantle.framework",
@@ -11040,7 +11063,6 @@
 			inputPaths = (
 				"${PODS_ROOT}/Target Support Files/Pods-SignalPerformanceTests/Pods-SignalPerformanceTests-frameworks.sh",
 				"${BUILT_PRODUCTS_DIR}/CocoaLumberjack/CocoaLumberjack.framework",
-				"${BUILT_PRODUCTS_DIR}/Curve25519Kit/Curve25519Kit.framework",
 				"${BUILT_PRODUCTS_DIR}/GRDB.swift/GRDB.framework",
 				"${BUILT_PRODUCTS_DIR}/LibSignalClient/LibSignalClient.framework",
 				"${BUILT_PRODUCTS_DIR}/Mantle/Mantle.framework",
@@ -11060,7 +11082,6 @@
 			name = "[CP] Embed Pods Frameworks";
 			outputPaths = (
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/CocoaLumberjack.framework",
-				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Curve25519Kit.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/GRDB.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/LibSignalClient.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Mantle.framework",
@@ -11134,7 +11155,6 @@
 			inputPaths = (
 				"${PODS_ROOT}/Target Support Files/Pods-SignalTests/Pods-SignalTests-frameworks.sh",
 				"${BUILT_PRODUCTS_DIR}/CocoaLumberjack/CocoaLumberjack.framework",
-				"${BUILT_PRODUCTS_DIR}/Curve25519Kit/Curve25519Kit.framework",
 				"${BUILT_PRODUCTS_DIR}/GRDB.swift/GRDB.framework",
 				"${BUILT_PRODUCTS_DIR}/LibSignalClient/LibSignalClient.framework",
 				"${BUILT_PRODUCTS_DIR}/Mantle/Mantle.framework",
@@ -11154,7 +11174,6 @@
 			name = "[CP] Embed Pods Frameworks";
 			outputPaths = (
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/CocoaLumberjack.framework",
-				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Curve25519Kit.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/GRDB.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/LibSignalClient.framework",
 				"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Mantle.framework",
@@ -12469,6 +12488,7 @@
 				F9C5CC18289453B300548EEE /* DownloadStickerPackOperation.swift in Sources */,
 				5003BB43299F034D0037159B /* E164.swift in Sources */,
 				F9C5CC8A289453B300548EEE /* EarlyMessageManager.swift in Sources */,
+				503B47232AF0569B00978266 /* ECKeyPair.swift in Sources */,
 				66F2CE1F2A3A37CB00519342 /* EditableMessageBody.swift in Sources */,
 				C1DB22C329C9F95500757380 /* EditManager.swift in Sources */,
 				C1C4AA3329E7038D000CE9D3 /* EditManagerShims.swift in Sources */,
@@ -12828,6 +12848,7 @@
 				F9C5CC95289453B300548EEE /* ProvisioningProto.swift in Sources */,
 				F9C5CCFB289453B300548EEE /* ProvisioningSocket.swift in Sources */,
 				F9C5CD97289453B300548EEE /* ProxiedContentDownloader.swift in Sources */,
+				503B47222AF0569B00978266 /* PublicKey.swift in Sources */,
 				F9C5CD91289453B300548EEE /* PushChallenge.swift in Sources */,
 				F9C5CD95289453B300548EEE /* ReachabilityManager.swift in Sources */,
 				F9C5CC3C289453B300548EEE /* ReactionFinder.swift in Sources */,
@@ -13157,6 +13178,7 @@
 				F9426263289B1B5500460798 /* DeviceNamesTest.swift in Sources */,
 				F9E39CE929493D4C001D7721 /* DisappearingMessageFinderTest.swift in Sources */,
 				F9426267289B1B5500460798 /* DispatchQueue+OWSTest.swift in Sources */,
+				501AD1C42AF17A16001B796A /* ECKeyPairTest.swift in Sources */,
 				C13B9BB22A17BC32007F74C4 /* EditManagerTests.swift in Sources */,
 				D9106E022AC20066007ABFE6 /* EmptyForCodableTest.swift in Sources */,
 				502B1B55297B28AF00FDB3AE /* ErrorTest.swift in Sources */,
diff --git a/Signal/Settings.bundle/Acknowledgements.plist b/Signal/Settings.bundle/Acknowledgements.plist
index bce11f4b48..c345c0c995 100644
--- a/Signal/Settings.bundle/Acknowledgements.plist
+++ b/Signal/Settings.bundle/Acknowledgements.plist
@@ -84,354 +84,6 @@ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 			<key>Type</key>
 			<string>PSGroupSpecifier</string>
 		</dict>
-		<dict>
-			<key>FooterText</key>
-			<string>GNU GENERAL PUBLIC LICENSE
-                       Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc., &lt;http://fsf.org/&gt;
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.)  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
-  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
-rights.
-
-  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
-  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
-  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
-  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
-  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
-
-    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
-    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
-
-    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
-
-    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
-  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
-  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
-  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
-
-  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
-  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
-                            NO WARRANTY
-
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    {description}
-    Copyright (C) {year}  {fullname}
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
-    Gnomovision version 69, Copyright (C) year name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
-  {signature of Ty Coon}, 1 April 1989
-  Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.</string>
-			<key>License</key>
-			<string>GPLv3</string>
-			<key>Title</key>
-			<string>Curve25519Kit</string>
-			<key>Type</key>
-			<string>PSGroupSpecifier</string>
-		</dict>
 		<dict>
 			<key>FooterText</key>
 			<string>Copyright (C) 2015-2020 Gwendal Roué
diff --git a/Signal/src/Models/AccountManager.swift b/Signal/src/Models/AccountManager.swift
index 422f15ab1b..a19d336134 100644
--- a/Signal/src/Models/AccountManager.swift
+++ b/Signal/src/Models/AccountManager.swift
@@ -124,7 +124,8 @@ public class AccountManager: NSObject, Dependencies {
         }.then { (apnRegistrationId, prekeyBundles) throws -> Promise<VerifySecondaryDeviceResponse> in
             let encryptedDeviceName = try DeviceNames.encryptDeviceName(
                 plaintext: deviceName,
-                identityKeyPair: provisionMessage.aciIdentityKeyPair)
+                identityKeyPair: provisionMessage.aciIdentityKeyPair.keyPair
+            )
 
             return self.accountServiceClient.verifySecondaryDevice(
                 verificationCode: provisionMessage.provisioningCode,
diff --git a/Signal/src/ViewControllers/Registration/Provisioning/ProvisioningController.swift b/Signal/src/ViewControllers/Registration/Provisioning/ProvisioningController.swift
index cde6e9108c..1b0aac255c 100644
--- a/Signal/src/ViewControllers/Registration/Provisioning/ProvisioningController.swift
+++ b/Signal/src/ViewControllers/Registration/Provisioning/ProvisioningController.swift
@@ -381,10 +381,9 @@ public class ProvisioningController: NSObject {
     // MARK: -
 
     private func buildProvisioningUrl(deviceId: String) throws -> URL {
-        let base64PubKey: String = provisioningCipher
-            .secondaryDevicePublicKey
-            .serialized
-            .base64EncodedString()
+        let base64PubKey: String = Data(
+            provisioningCipher.secondaryDevicePublicKey.serialize()
+        ).base64EncodedString()
         guard let encodedPubKey = base64PubKey.encodeURIComponent else {
             throw OWSAssertionError("Failed to url encode query params")
         }
diff --git a/Signal/test/Payments/PaymentsTest.swift b/Signal/test/Payments/PaymentsTest.swift
index f68a0ce487..7f86a2070e 100644
--- a/Signal/test/Payments/PaymentsTest.swift
+++ b/Signal/test/Payments/PaymentsTest.swift
@@ -62,7 +62,7 @@ class PaymentsTest: SignalBaseTest {
     }
 
     func test_paymentAddressSigning() {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = ECKeyPair.generateKeyPair()
         let publicAddressData = Randomness.generateRandomBytes(256)
         let signatureData = try! TSPaymentAddress.sign(identityKeyPair: identityKeyPair,
                                                        publicAddressData: publicAddressData)
diff --git a/Signal/test/PerformanceTests/SessionMigrationPerfTest.swift b/Signal/test/PerformanceTests/SessionMigrationPerfTest.swift
index ec20c843a9..c50c7b3de3 100644
--- a/Signal/test/PerformanceTests/SessionMigrationPerfTest.swift
+++ b/Signal/test/PerformanceTests/SessionMigrationPerfTest.swift
@@ -33,7 +33,7 @@ class SessionMigrationPerfTest: PerformanceBaseTest {
             session.setState(state)
 
             state.receivingChains = (1...5).map { _ in
-                let senderRatchetKey = Curve25519.generateKeyPair().publicKey
+                let senderRatchetKey = ECKeyPair.generateKeyPair().publicKey
                 let chain = LegacyReceivingChain(chainKey: LegacyChainKey(data: senderRatchetKey, index: 0),
                                            senderRatchetKey: senderRatchetKey)!
                 let dummyKeys = LegacyMessageKeys(cipherKey: Data(repeating: 1, count: 32),
diff --git a/Signal/test/Registration/RegistrationCoordinatorTest.swift b/Signal/test/Registration/RegistrationCoordinatorTest.swift
index 5f98e180cf..d7d5f14fdb 100644
--- a/Signal/test/Registration/RegistrationCoordinatorTest.swift
+++ b/Signal/test/Registration/RegistrationCoordinatorTest.swift
@@ -3436,14 +3436,14 @@ public class RegistrationCoordinatorTest: XCTestCase {
         }
 
         static func preKeyBundle(identity: OWSIdentity) -> RegistrationPreKeyUploadBundle {
-            let identityKeyPair = Curve25519.generateKeyPair()
+            let identityKeyPair = ECKeyPair.generateKeyPair()
             return RegistrationPreKeyUploadBundle(
                 identity: identity,
                 identityKeyPair: identityKeyPair,
                 signedPreKey: SSKSignedPreKeyStore.generateSignedPreKey(signedBy: identityKeyPair),
                 lastResortPreKey: {
                     let keyPair = KEMKeyPair.generate()
-                    let signature = try! Ed25519.sign(Data(keyPair.publicKey.serialize()), with: identityKeyPair)
+                    let signature = Data(identityKeyPair.keyPair.privateKey.generateSignature(message: Data(keyPair.publicKey.serialize())))
 
                     let record = SignalServiceKit.KyberPreKeyRecord(
                         0,
diff --git a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager+Shims.swift b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager+Shims.swift
index 70bc5ba3fa..dbce7d86dc 100644
--- a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager+Shims.swift
+++ b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager+Shims.swift
@@ -3,8 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
-
 extension ChangePhoneNumberPniManagerImpl {
     enum Shims {
         typealias IdentityManager = _ChangePhoneNumberPniManager_IdentityManagerShim
diff --git a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager.swift b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager.swift
index 1420b91c02..0a0efefc60 100644
--- a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager.swift
+++ b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManager.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import LibSignalClient
 
 // MARK: - ChangePhoneNumberPniManager protocol
diff --git a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManagerMock.swift b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManagerMock.swift
index fcd1209c58..b4cb707514 100644
--- a/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManagerMock.swift
+++ b/SignalServiceKit/ChangePhoneNumber/ChangePhoneNumberPniManagerMock.swift
@@ -22,7 +22,7 @@ public class ChangePhoneNumberPniManagerMock: ChangePhoneNumberPniManager {
         localDeviceId: UInt32,
         localUserAllDeviceIds: [UInt32]
     ) -> Guarantee<ChangePhoneNumberPni.GeneratePniIdentityResult> {
-        let keyPair = Curve25519.generateKeyPair()
+        let keyPair = ECKeyPair.generateKeyPair()
         let registrationId = UInt32.random(in: 1...0x3fff)
 
         let localPqKey1 = try! self.mockKyberStore.generateEphemeralLastResortKyberPreKey(signedBy: keyPair)
diff --git a/SignalServiceKit/Curve25519/ECKeyPair.swift b/SignalServiceKit/Curve25519/ECKeyPair.swift
new file mode 100644
index 0000000000..45a0ffa88b
--- /dev/null
+++ b/SignalServiceKit/Curve25519/ECKeyPair.swift
@@ -0,0 +1,86 @@
+//
+// Copyright 2022 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+//
+
+import Foundation
+import SignalCoreKit
+import LibSignalClient
+
+@objc(ECKeyPair)
+public final class ECKeyPair: NSObject, NSSecureCoding {
+    public let keyPair: IdentityKeyPair
+    public var identityKeyPair: IdentityKeyPair { keyPair }
+
+    init(_ keyPair: IdentityKeyPair) {
+        self.keyPair = keyPair
+    }
+
+    /**
+     * Build a keypair from existing key data.
+     * If you need a *new* keypair, user `ECKeyPair.generateKeyPair` instead.
+     */
+    convenience init(publicKeyData: Data, privateKeyData: Data) throws {
+        let publicKey = try PublicKey(keyData: publicKeyData)
+        let privateKey = try PrivateKey(privateKeyData)
+
+        self.init(IdentityKeyPair(publicKey: publicKey, privateKey: privateKey))
+    }
+
+    private static let TSECKeyPairPublicKey = "TSECKeyPairPublicKey"
+    private static let TSECKeyPairPrivateKey = "TSECKeyPairPrivateKey"
+
+    public convenience init?(coder: NSCoder) {
+        var returnedLength = 0
+        let publicKeyBuffer = coder.decodeBytes(forKey: Self.TSECKeyPairPublicKey, returnedLength: &returnedLength)
+        guard let publicKeyBuffer else {
+            return nil
+        }
+        let publicKeyData = Data(bytes: publicKeyBuffer, count: returnedLength)
+
+        returnedLength = 0
+        let privateKeyBuffer = coder.decodeBytes(forKey: Self.TSECKeyPairPrivateKey, returnedLength: &returnedLength)
+        guard let privateKeyBuffer else {
+            return nil
+        }
+        let privateKeyData = Data(bytes: privateKeyBuffer, count: returnedLength)
+
+        do {
+            try self.init(publicKeyData: publicKeyData, privateKeyData: privateKeyData)
+        } catch {
+            Logger.warn("\(error)")
+            return nil
+        }
+    }
+
+    public func encode(with coder: NSCoder) {
+        self.identityKeyPair.publicKey.keyBytes.withUnsafeBufferPointer {
+            coder.encodeBytes($0.baseAddress, length: $0.count, forKey: Self.TSECKeyPairPublicKey)
+        }
+        self.identityKeyPair.privateKey.serialize().withUnsafeBufferPointer {
+            coder.encodeBytes($0.baseAddress, length: $0.count, forKey: Self.TSECKeyPairPrivateKey)
+        }
+    }
+
+    public class var supportsSecureCoding: Bool {
+        return true
+    }
+
+    @objc
+    public static func generateKeyPair() -> ECKeyPair {
+        return ECKeyPair(IdentityKeyPair.generate())
+    }
+
+    private func sign(_ data: Data) throws -> Data {
+        return Data(identityKeyPair.privateKey.generateSignature(message: data))
+    }
+
+    @objc
+    public var publicKey: Data {
+        return Data(identityKeyPair.publicKey.keyBytes)
+    }
+
+    public var privateKey: Data {
+        return Data(identityKeyPair.privateKey.serialize())
+    }
+}
diff --git a/SignalServiceKit/Curve25519/PublicKey.swift b/SignalServiceKit/Curve25519/PublicKey.swift
new file mode 100644
index 0000000000..671a0525e6
--- /dev/null
+++ b/SignalServiceKit/Curve25519/PublicKey.swift
@@ -0,0 +1,17 @@
+//
+// Copyright 2023 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+//
+
+import Foundation
+import LibSignalClient
+
+extension PublicKey {
+    public convenience init(keyData: Data) throws {
+        try self.init([Constants.keyTypeDJB] + keyData)
+    }
+
+    public enum Constants {
+        public static let keyTypeDJB: UInt8 = 0x05
+    }
+}
diff --git a/SignalServiceKit/Mocks/SignalProtocolStore/SignalProtocolStoreMocks.swift b/SignalServiceKit/Mocks/SignalProtocolStore/SignalProtocolStoreMocks.swift
index 8d3a493033..e73b38ebe5 100644
--- a/SignalServiceKit/Mocks/SignalProtocolStore/SignalProtocolStoreMocks.swift
+++ b/SignalServiceKit/Mocks/SignalProtocolStore/SignalProtocolStoreMocks.swift
@@ -62,7 +62,7 @@ public class MockPreKeyStore: SignalPreKeyStore {
     }
 
     internal func generatePreKeyRecord() -> SignalServiceKit.PreKeyRecord {
-        let keyPair = Curve25519.generateKeyPair()
+        let keyPair = ECKeyPair.generateKeyPair()
         let record = SignalServiceKit.PreKeyRecord(
             id: preKeyId,
             keyPair: keyPair,
@@ -138,7 +138,7 @@ internal class MockSignalSignedPreKeyStore: SignalSignedPreKeyStore {
     }
 
     func generateRandomSignedRecord() -> SignalServiceKit.SignedPreKeyRecord {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = ECKeyPair.generateKeyPair()
         return self.generateSignedPreKey(signedBy: identityKeyPair)
     }
 
@@ -192,7 +192,7 @@ internal class MockSignalSignedPreKeyStore: SignalSignedPreKeyStore {
 internal class MockKyberPreKeyStore: SignalKyberPreKeyStore {
 
     private(set) var nextKeyId: Int32 = 0
-    var identityKeyPair = Curve25519.generateKeyPair()
+    var identityKeyPair = ECKeyPair.generateKeyPair()
     var dateProvider: DateProvider
 
     private(set) var lastPreKeyRotation: Date?
@@ -237,7 +237,7 @@ internal class MockKyberPreKeyStore: SignalKyberPreKeyStore {
     func generateKyberPreKey(signedBy keyPair: ECKeyPair, isLastResort: Bool) throws -> SignalServiceKit.KyberPreKeyRecord {
 
         let keyPair = KEMKeyPair.generate()
-        let signature = try Ed25519.sign(Data(keyPair.publicKey.serialize()), with: identityKeyPair)
+        let signature = Data(identityKeyPair.keyPair.privateKey.generateSignature(message: Data(keyPair.publicKey.serialize())))
 
         let record = SignalServiceKit.KyberPreKeyRecord(
             nextKeyId,
@@ -253,7 +253,7 @@ internal class MockKyberPreKeyStore: SignalKyberPreKeyStore {
         let keyId = self.nextKeyId
         self.nextKeyId += 1
         let keyPair = KEMKeyPair.generate()
-        let signature = try Ed25519.sign(Data(keyPair.publicKey.serialize()), with: identityKeyPair)
+        let signature = Data(identityKeyPair.keyPair.privateKey.generateSignature(message: Data(keyPair.publicKey.serialize())))
         return try LibSignalClient.KyberPreKeyRecord(
             id: UInt32(bitPattern: keyId),
             timestamp: Date().ows_millisecondsSince1970,
diff --git a/SignalServiceKit/src/Account/LearnMyOwnPniManager.swift b/SignalServiceKit/src/Account/LearnMyOwnPniManager.swift
index 01d268df50..e6a720813a 100644
--- a/SignalServiceKit/src/Account/LearnMyOwnPniManager.swift
+++ b/SignalServiceKit/src/Account/LearnMyOwnPniManager.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import LibSignalClient
 import SignalCoreKit
 
diff --git a/SignalServiceKit/src/Account/PniDistributionParameterBuilder.swift b/SignalServiceKit/src/Account/PniDistributionParameterBuilder.swift
index 027e14e0ce..b99c41830d 100644
--- a/SignalServiceKit/src/Account/PniDistributionParameterBuilder.swift
+++ b/SignalServiceKit/src/Account/PniDistributionParameterBuilder.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import LibSignalClient
 import SignalCoreKit
 
diff --git a/SignalServiceKit/src/Account/PniDistributionSyncMessage.swift b/SignalServiceKit/src/Account/PniDistributionSyncMessage.swift
index 42da5cce14..19ae56b255 100644
--- a/SignalServiceKit/src/Account/PniDistributionSyncMessage.swift
+++ b/SignalServiceKit/src/Account/PniDistributionSyncMessage.swift
@@ -4,7 +4,6 @@
 //
 
 import Foundation
-import Curve25519Kit
 
 /// Represents a message sent to linked devices during a PNI distribution event
 /// informing those devices of the new PNI identity.
diff --git a/SignalServiceKit/src/Account/PniHelloWorldManager.swift b/SignalServiceKit/src/Account/PniHelloWorldManager.swift
index 947e91d5b2..a99a127742 100644
--- a/SignalServiceKit/src/Account/PniHelloWorldManager.swift
+++ b/SignalServiceKit/src/Account/PniHelloWorldManager.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import LibSignalClient
 import SignalCoreKit
 
diff --git a/SignalServiceKit/src/Account/PreKeys/MockPreKeyManager.swift b/SignalServiceKit/src/Account/PreKeys/MockPreKeyManager.swift
index 51d01b17f4..f8766fda33 100644
--- a/SignalServiceKit/src/Account/PreKeys/MockPreKeyManager.swift
+++ b/SignalServiceKit/src/Account/PreKeys/MockPreKeyManager.swift
@@ -12,7 +12,7 @@ internal class MockPreKeyManager: PreKeyManager {
     func checkPreKeysIfNecessary(tx: SignalServiceKit.DBReadTransaction) { }
 
     func createPreKeysForRegistration() -> Promise<RegistrationPreKeyUploadBundles> {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = ECKeyPair.generateKeyPair()
         return .value(.init(
             aci: .init(
                 identity: .aci,
@@ -33,7 +33,7 @@ internal class MockPreKeyManager: PreKeyManager {
         aciIdentityKeyPair: ECKeyPair,
         pniIdentityKeyPair: ECKeyPair
     ) -> Promise<RegistrationPreKeyUploadBundles> {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = ECKeyPair.generateKeyPair()
         return .value(.init(
             aci: .init(
                 identity: .aci,
@@ -69,7 +69,7 @@ internal class MockPreKeyManager: PreKeyManager {
     func generateLastResortKyberPreKey(signedBy signingKeyPair: ECKeyPair) -> SignalServiceKit.KyberPreKeyRecord {
 
         let keyPair = KEMKeyPair.generate()
-        let signature = try! Ed25519.sign(Data(keyPair.publicKey.serialize()), with: signingKeyPair)
+        let signature = Data(signingKeyPair.keyPair.privateKey.generateSignature(message: Data(keyPair.publicKey.serialize())))
 
         let record = SignalServiceKit.KyberPreKeyRecord(
             0,
diff --git a/SignalServiceKit/src/Devices/OWSDevice.swift b/SignalServiceKit/src/Devices/OWSDevice.swift
index e8a687d2e1..4fcc3a915b 100644
--- a/SignalServiceKit/src/Devices/OWSDevice.swift
+++ b/SignalServiceKit/src/Devices/OWSDevice.swift
@@ -92,7 +92,7 @@ public extension OWSDevice {
                 do {
                     return try DeviceNames.decryptDeviceName(
                         base64String: encryptedName,
-                        identityKeyPair: identityKeyPair
+                        identityKeyPair: identityKeyPair.keyPair
                     )
                 } catch let error {
                     Logger.error("Failed to decrypt device name: \(error). Is this a legacy device name?")
diff --git a/SignalServiceKit/src/Devices/OWSProvisioningCipher.swift b/SignalServiceKit/src/Devices/OWSProvisioningCipher.swift
index 3474b40368..57f4a7456d 100644
--- a/SignalServiceKit/src/Devices/OWSProvisioningCipher.swift
+++ b/SignalServiceKit/src/Devices/OWSProvisioningCipher.swift
@@ -53,7 +53,7 @@ public class OWSProvisioningCipher: NSObject {
     @objc
     public func encrypt(_ data: Data) -> Data? {
         do {
-            let theirPublicKey = try! ECPublicKey(keyData: theirPublicKeyData).key
+            let theirPublicKey = try! PublicKey(keyData: theirPublicKeyData)
             let sharedSecret = self.ourKeyPair.privateKey.keyAgreement(with: theirPublicKey)
 
             let infoData = ProvisioningCipher.messageInfo
diff --git a/SignalServiceKit/src/Devices/ProvisioningCipher.swift b/SignalServiceKit/src/Devices/ProvisioningCipher.swift
index 62e0b999ed..a0b48acc71 100644
--- a/SignalServiceKit/src/Devices/ProvisioningCipher.swift
+++ b/SignalServiceKit/src/Devices/ProvisioningCipher.swift
@@ -4,7 +4,6 @@
 //
 
 import CommonCrypto
-import Curve25519Kit
 import Foundation
 import LibSignalClient
 
@@ -27,8 +26,8 @@ public enum ProvisioningError: Error {
 
 public class ProvisioningCipher {
 
-    public var secondaryDevicePublicKey: ECPublicKey {
-        return ECPublicKey(secondaryDeviceKeyPair.publicKey)
+    public var secondaryDevicePublicKey: PublicKey {
+        return secondaryDeviceKeyPair.publicKey
     }
 
     let secondaryDeviceKeyPair: IdentityKeyPair
diff --git a/SignalServiceKit/src/Messages/MockIdentityManager.swift b/SignalServiceKit/src/Messages/MockIdentityManager.swift
index 343d1ba8fd..0b980721ff 100644
--- a/SignalServiceKit/src/Messages/MockIdentityManager.swift
+++ b/SignalServiceKit/src/Messages/MockIdentityManager.swift
@@ -29,7 +29,7 @@ final class MockIdentityManager: OWSIdentityManager {
     func identityKey(for serviceId: ServiceId, tx: DBReadTransaction) throws -> IdentityKey? {
         guard let recipientId = try recipientIdFinder.recipientId(for: serviceId, tx: tx)?.get() else { return nil }
         guard let recipientIdentity = recipientIdentities[recipientId] else { return nil}
-        return try IdentityKey(publicKey: ECPublicKey(keyData: recipientIdentity.identityKey).key)
+        return try IdentityKey(publicKey: PublicKey(keyData: recipientIdentity.identityKey))
     }
 
     var identityChangeInfoMessages: [ServiceId]!
diff --git a/SignalServiceKit/src/Messages/OWSIdentityManager.swift b/SignalServiceKit/src/Messages/OWSIdentityManager.swift
index 9cbc619f8c..58b324027d 100644
--- a/SignalServiceKit/src/Messages/OWSIdentityManager.swift
+++ b/SignalServiceKit/src/Messages/OWSIdentityManager.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import LibSignalClient
 import SignalCoreKit
 
@@ -189,7 +188,7 @@ private extension OWSIdentity {
 
 extension OWSIdentityManager {
     func generateNewIdentityKeyPair() -> ECKeyPair {
-        Curve25519.generateKeyPair()
+        ECKeyPair.generateKeyPair()
     }
 }
 
@@ -328,7 +327,7 @@ public class OWSIdentityManagerImpl: OWSIdentityManager {
             return nil
         }
         guard let keyData = try _identityKey(for: recipientIdResult.get(), tx: tx) else { return nil }
-        return try IdentityKey(publicKey: ECPublicKey(keyData: keyData).key)
+        return try IdentityKey(publicKey: PublicKey(keyData: keyData))
     }
 
     private func _identityKey(for recipientId: AccountId, tx: DBReadTransaction) -> Data? {
diff --git a/SignalServiceKit/src/Messages/OWSMessageDecrypter.swift b/SignalServiceKit/src/Messages/OWSMessageDecrypter.swift
index 7a5fd352bb..128b1f6239 100644
--- a/SignalServiceKit/src/Messages/OWSMessageDecrypter.swift
+++ b/SignalServiceKit/src/Messages/OWSMessageDecrypter.swift
@@ -570,7 +570,7 @@ public class OWSMessageDecrypter: OWSMessageHandler {
         let decryptResult: SMKDecryptResult
         do {
             decryptResult = try cipher.decryptMessage(
-                trustRoot: Self.udManager.trustRoot.key,
+                trustRoot: Self.udManager.trustRoot,
                 cipherTextData: encryptedData,
                 timestamp: validatedEnvelope.serverTimestamp,
                 localIdentifiers: localIdentifiers,
diff --git a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
index 1385df903c..d3dd221935 100644
--- a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
+++ b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
@@ -4,7 +4,6 @@
 //
 
 import Foundation
-import Curve25519Kit
 import SignalCoreKit
 import LibSignalClient
 
@@ -112,7 +111,7 @@ public class OWSUDSendingAccess: NSObject {
 
 public protocol OWSUDManager {
 
-    var trustRoot: ECPublicKey { get }
+    var trustRoot: PublicKey { get }
 
     // MARK: - Recipient State
 
@@ -169,7 +168,7 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
     // MARK: Recipient State
 
     // Exposed for testing
-    public internal(set) var trustRoot: ECPublicKey
+    public internal(set) var trustRoot: PublicKey
 
     public required override init() {
         self.trustRoot = OWSUDManagerImpl.trustRoot()
@@ -466,21 +465,21 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
         let nowMs = NSDate.ows_millisecondTimeStamp()
         let anHourFromNowMs = nowMs + kHourInMs
 
-        if case .some(true) = try? certificate.validate(trustRoot: trustRoot.key, time: anHourFromNowMs) {
+        if case .some(true) = try? certificate.validate(trustRoot: trustRoot, time: anHourFromNowMs) {
             return true
         }
         Logger.error("Invalid certificate")
         return false
     }
 
-    public class func trustRoot() -> ECPublicKey {
+    public class func trustRoot() -> PublicKey {
         guard let trustRootData = NSData(fromBase64String: TSConstants.kUDTrustRoot) else {
             // This exits.
             owsFail("Invalid trust root data.")
         }
 
         do {
-            return try ECPublicKey(serializedKeyData: trustRootData as Data)
+            return try PublicKey(trustRootData as Data)
         } catch {
             // This exits.
             owsFail("Invalid trust root.")
diff --git a/SignalServiceKit/src/Messages/UD/SMKSecretSessionCipher.swift b/SignalServiceKit/src/Messages/UD/SMKSecretSessionCipher.swift
index 3708cf092a..ef4c0fd148 100644
--- a/SignalServiceKit/src/Messages/UD/SMKSecretSessionCipher.swift
+++ b/SignalServiceKit/src/Messages/UD/SMKSecretSessionCipher.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import Foundation
 import LibSignalClient
 import SignalCoreKit
diff --git a/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m b/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
index f409124df3..cf5dadf7c1 100644
--- a/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
+++ b/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
@@ -8,7 +8,6 @@
 #import "OWS2FAManager.h"
 #import "ProfileManagerProtocol.h"
 #import "SignedPrekeyRecord.h"
-#import <Curve25519Kit/Curve25519.h>
 #import <SignalCoreKit/Cryptography.h>
 #import <SignalCoreKit/NSData+OWS.h>
 #import <SignalServiceKit/SignalServiceKit-Swift.h>
diff --git a/SignalServiceKit/src/Payments/TSPaymentModels.swift b/SignalServiceKit/src/Payments/TSPaymentModels.swift
index 0a02289dea..198dee71fa 100644
--- a/SignalServiceKit/src/Payments/TSPaymentModels.swift
+++ b/SignalServiceKit/src/Payments/TSPaymentModels.swift
@@ -4,7 +4,6 @@
 //
 
 import Foundation
-import Curve25519Kit
 import LibSignalClient
 
 @objc
@@ -141,9 +140,8 @@ extension TSPaymentAddress: Dependencies, TSPaymentBaseModel {
                                 publicAddressData: Data,
                                 signatureData: Data) -> Bool {
         do {
-            let publicKey = try ECPublicKey(keyData: publicIdentityKeyData).key
-            return try publicKey.verifySignature(message: publicAddressData,
-                                                 signature: signatureData)
+            let publicKey = try PublicKey(keyData: publicIdentityKeyData)
+            return try publicKey.verifySignature(message: publicAddressData, signature: signatureData)
         } catch {
             owsFailDebug("Error: \(error)")
             return false
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyChainKey.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyChainKey.m
index dbb9347f80..e239a9d101 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyChainKey.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyChainKey.m
@@ -5,7 +5,6 @@
 
 #import "LegacyChainKey.h"
 #import <CommonCrypto/CommonCrypto.h>
-#import <Curve25519Kit/Curve25519.h>
 
 NS_ASSUME_NONNULL_BEGIN
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyReceivingChain.h b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyReceivingChain.h
index 89718b7f3b..4550325d86 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyReceivingChain.h
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyReceivingChain.h
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-#import <Curve25519Kit/Curve25519.h>
 #import <Foundation/Foundation.h>
 
 @class LegacyChainKey;
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyRootKey.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyRootKey.m
index 935deee7b6..295c2ca36b 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyRootKey.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacyRootKey.m
@@ -5,7 +5,6 @@
 
 #import "LegacyRootKey.h"
 #import "LegacyChainKey.h"
-#import <Curve25519Kit/Curve25519.h>
 
 static NSString* const kCoderData      = @"kCoderData";
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.h b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.h
index 2d190935ee..8deb500eee 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.h
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.h
@@ -3,9 +3,9 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-#import <Curve25519Kit/Curve25519.h>
 #import <Foundation/Foundation.h>
 
+@class ECKeyPair;
 @class LegacyChainKey;
 
 @interface LegacySendingChain : NSObject <NSSecureCoding>
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.m
index 0b4d9a770e..946cb8de28 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySendingChain.m
@@ -5,6 +5,7 @@
 
 #import "LegacySendingChain.h"
 #import "LegacyChainKey.h"
+#import <SignalServiceKit/SignalServiceKit-Swift.h>
 
 @interface LegacySendingChain ()
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySessionState.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySessionState.m
index ceeb67f5d5..d20cc2f15c 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySessionState.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/LegacySessionState.m
@@ -6,7 +6,7 @@
 #import "LegacySessionState.h"
 #import "LegacyReceivingChain.h"
 #import "LegacySendingChain.h"
-#import <Curve25519Kit/Curve25519.h>
+#import <SignalServiceKit/SignalServiceKit-Swift.h>
 
 @implementation LegacyPendingPreKey
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.h b/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.h
index ef933603d6..d3216c3d34 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.h
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.h
@@ -3,11 +3,12 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-#import <Curve25519Kit/Curve25519.h>
 #import <Foundation/Foundation.h>
 
 NS_ASSUME_NONNULL_BEGIN
 
+@class ECKeyPair;
+
 @interface PreKeyRecord : NSObject <NSSecureCoding>
 
 @property (nonatomic, readonly) int       Id;
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.m
index f9dd9fc8d3..02e86dd254 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/PreKeyRecord.m
@@ -4,6 +4,7 @@
 //
 
 #import "PreKeyRecord.h"
+#import <SignalServiceKit/SignalServiceKit-Swift.h>
 
 NS_ASSUME_NONNULL_BEGIN
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.h b/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.h
index eff0d4257c..b071a3c949 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.h
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.h
@@ -3,12 +3,13 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-#import <Curve25519Kit/Curve25519.h>
 #import <Foundation/Foundation.h>
 #import <SignalServiceKit/PreKeyRecord.h>
 
 NS_ASSUME_NONNULL_BEGIN
 
+@class ECKeyPair;
+
 @interface SignedPreKeyRecord : PreKeyRecord <NSSecureCoding>
 
 @property (nonatomic, readonly) NSData *signature;
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.m b/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.m
index a0b525685a..30a0f761e7 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/Model/SignedPrekeyRecord.m
@@ -4,6 +4,7 @@
 //
 
 #import "SignedPrekeyRecord.h"
+#import <SignalServiceKit/SignalServiceKit-Swift.h>
 
 NS_ASSUME_NONNULL_BEGIN
 
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SSKKyberPreKeyStore.swift b/SignalServiceKit/src/Storage/AxolotlStore/SSKKyberPreKeyStore.swift
index a46477ca2f..60544a3acd 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SSKKyberPreKeyStore.swift
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SSKKyberPreKeyStore.swift
@@ -202,7 +202,7 @@ public class SSKKyberPreKeyStore: SignalKyberPreKeyStore {
         isLastResort: Bool
     ) throws -> KyberPreKeyRecord {
         let keyPair = KEMKeyPair.generate()
-        let signature = try Ed25519.sign(Data(keyPair.publicKey.serialize()), with: identityKeyPair)
+        let signature = Data(identityKeyPair.keyPair.privateKey.generateSignature(message: Data(keyPair.publicKey.serialize())))
 
         let record = KyberPreKeyRecord(
             id,
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SSKPreKeyStore.m b/SignalServiceKit/src/Storage/AxolotlStore/SSKPreKeyStore.m
index 21edb75425..e6a4be2d03 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SSKPreKeyStore.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SSKPreKeyStore.m
@@ -99,7 +99,7 @@ NSString *const TSNextPrekeyIdKey = @"TSStorageInternalSettingsNextPreKeyId";
 
         OWSLogInfo(@"building %d new preKeys starting from preKeyId: %d", BATCH_SIZE, preKeyId);
         for (int i = 0; i < BATCH_SIZE; i++) {
-            ECKeyPair *keyPair = [Curve25519 generateKeyPair];
+            ECKeyPair *keyPair = [ECKeyPair generateKeyPair];
             PreKeyRecord *record = [[PreKeyRecord alloc] initWithId:preKeyId
                                                             keyPair:keyPair
                                                           createdAt:[NSDate date]];
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.h b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.h
index f5d5c7d63d..40ddf70def 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.h
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.h
@@ -36,8 +36,6 @@ NS_ASSUME_NONNULL_BEGIN
 
 #pragma mark -
 
-+ (SignedPreKeyRecord *)generateSignedPreKeySignedWithIdentityKey:(ECKeyPair *)identityKeyPair
-    NS_SWIFT_NAME(generateSignedPreKey(signedBy:));
 - (SignedPreKeyRecord *)generateRandomSignedRecord;
 
 - (nullable SignedPreKeyRecord *)currentSignedPreKey;
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.m b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.m
index 07ec5b81de..390174911e 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.m
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.m
@@ -9,7 +9,6 @@
 #import "SDSKeyValueStore+ObjC.h"
 #import "SSKPreKeyStore.h"
 #import "SignedPrekeyRecord.h"
-#import <Curve25519Kit/Ed25519.h>
 #import <SignalServiceKit/SignalServiceKit-Swift.h>
 
 NS_ASSUME_NONNULL_BEGIN
@@ -90,35 +89,12 @@ NSString *const kLastPreKeyRotationDate = @"lastKeyRotationDate";
 
 #pragma mark -
 
-+ (SignedPreKeyRecord *)generateSignedPreKeySignedWithIdentityKey:(ECKeyPair *)identityKeyPair
-{
-    OWSAssert(identityKeyPair);
-
-    ECKeyPair *keyPair = [Curve25519 generateKeyPair];
-
-    // Signed prekey ids must be > 0.
-    int preKeyId = 1 + (int)arc4random_uniform(INT32_MAX - 1);
-
-    @try {
-        NSData *signature = [Ed25519 throws_sign:keyPair.publicKey.prependKeyType withKeyPair:identityKeyPair];
-        return [[SignedPreKeyRecord alloc] initWithId:preKeyId
-                                              keyPair:keyPair
-                                            signature:signature
-                                          generatedAt:[NSDate date]];
-    } @catch (NSException *exception) {
-        // throws_sign only throws when the data to sign is empty or `keyPair` is nil.
-        // Neither of which should happen.
-        OWSFail(@"exception: %@", exception);
-        return nil;
-    }
-}
-
 - (SignedPreKeyRecord *)generateRandomSignedRecord
 {
     ECKeyPair *_Nullable identityKeyPair = [OWSIdentityManagerObjCBridge identityKeyPairForIdentity:_identity];
     OWSAssert(identityKeyPair);
 
-    return [SSKSignedPreKeyStore generateSignedPreKeySignedWithIdentityKey:identityKeyPair];
+    return [SSKSignedPreKeyStore generateSignedPreKeyWithSignedBy:identityKeyPair];
 }
 
 - (nullable SignedPreKeyRecord *)loadSignedPreKey:(int)signedPreKeyId transaction:(SDSAnyReadTransaction *)transaction
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.swift b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.swift
index 821098cb14..22b818280d 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.swift
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SSKSignedPreKeyStore.swift
@@ -6,6 +6,25 @@
 import LibSignalClient
 
 extension SSKSignedPreKeyStore {
+    @objc
+    public class func generateSignedPreKey(
+        signedBy identityKeyPair: ECKeyPair
+    ) -> SignalServiceKit.SignedPreKeyRecord {
+        let keyPair = ECKeyPair.generateKeyPair()
+
+        // Signed prekey ids must be > 0.
+        let preKeyId = Int32.random(in: 1..<Int32.max)
+
+        return SignedPreKeyRecord(
+            id: preKeyId,
+            keyPair: keyPair,
+            signature: Data(identityKeyPair.keyPair.privateKey.generateSignature(
+                message: Data(keyPair.keyPair.publicKey.serialize())
+            )),
+            generatedAt: Date()
+        )
+    }
+
     func storeSignedPreKeyAsAcceptedAndCurrent(
         signedPreKeyId: Int32,
         signedPreKeyRecord: SignalServiceKit.SignedPreKeyRecord,
diff --git a/SignalServiceKit/src/Storage/AxolotlStore/SessionRecordMigration.swift b/SignalServiceKit/src/Storage/AxolotlStore/SessionRecordMigration.swift
index 05bf559eb1..f9350740c8 100644
--- a/SignalServiceKit/src/Storage/AxolotlStore/SessionRecordMigration.swift
+++ b/SignalServiceKit/src/Storage/AxolotlStore/SessionRecordMigration.swift
@@ -17,7 +17,7 @@ private func validate(_ condition: @autoclosure () -> Bool,
 
 private func prependKeyType(to data: Data) -> Data {
     validate(data.count == 32)
-    return [ECPublicKey.keyTypeDJB] + data
+    return [PublicKey.Constants.keyTypeDJB] + data
 }
 
 private func removeKeyType(from data: Data) -> Data {
diff --git a/SignalServiceKit/src/Util/DeviceNames.swift b/SignalServiceKit/src/Util/DeviceNames.swift
index e99adb8132..3c2242597c 100644
--- a/SignalServiceKit/src/Util/DeviceNames.swift
+++ b/SignalServiceKit/src/Util/DeviceNames.swift
@@ -3,7 +3,6 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 
-import Curve25519Kit
 import Foundation
 import LibSignalClient
 
@@ -20,26 +19,17 @@ public class DeviceNames: NSObject {
 
     private static let syntheticIVLength: UInt = 16
 
-    @objc
-    public class func encryptDeviceName(plaintext: String,
-                                        identityKeyPair: ECKeyPair) throws -> Data {
+    public class func encryptDeviceName(plaintext: String, identityKeyPair: IdentityKeyPair) throws -> Data {
 
         guard let plaintextData = plaintext.data(using: .utf8) else {
             owsFailDebug("Could not convert text to UTF-8.")
             throw DeviceNameError.invalidInput
         }
 
-        let ephemeralKeyPair = Curve25519.generateKeyPair()
+        let ephemeralKeyPair = IdentityKeyPair.generate()
 
         // master_secret = ECDH(ephemeral_private, identity_public).
-        let masterSecret: Data
-        do {
-            masterSecret = try Curve25519.generateSharedSecret(fromPublicKey: identityKeyPair.publicKey,
-                                                               privateKey: ephemeralKeyPair.privateKey)
-        } catch {
-            Logger.error("Could not generate shared secret: \(error)")
-            throw error
-        }
+        let masterSecret = Data(ephemeralKeyPair.privateKey.keyAgreement(with: identityKeyPair.publicKey))
 
         // synthetic_iv = HmacSHA256(key=HmacSHA256(key=master_secret, input=“auth”), input=plaintext)[0:16]
         let syntheticIV = try computeSyntheticIV(masterSecret: masterSecret,
@@ -54,7 +44,7 @@ public class DeviceNames: NSObject {
         try Aes256Ctr32.process(&ciphertext, key: cipherKey, nonce: Data(count: Aes256Ctr32.nonceLength))
 
         let protoBuilder = SignalIOSProtoDeviceName.builder(
-            ephemeralPublic: ephemeralKeyPair.publicKey.prependKeyType(),
+            ephemeralPublic: Data(ephemeralKeyPair.publicKey.serialize()),
             syntheticIv: syntheticIV,
             ciphertext: ciphertext
         )
@@ -97,22 +87,17 @@ public class DeviceNames: NSObject {
         return cipherKey
     }
 
-    @objc
-    public class func decryptDeviceName(base64String: String,
-                                        identityKeyPair: ECKeyPair) throws -> String {
+    public class func decryptDeviceName(base64String: String, identityKeyPair: IdentityKeyPair) throws -> String {
 
         guard let protoData = Data(base64Encoded: base64String) else {
             // Not necessarily an error; might be a legacy device name.
             throw DeviceNameError.invalidInput
         }
 
-        return try decryptDeviceName(protoData: protoData,
-                                     identityKeyPair: identityKeyPair)
+        return try decryptDeviceName(protoData: protoData, identityKeyPair: identityKeyPair)
     }
 
-    @objc
-    public class func decryptDeviceName(protoData: Data,
-                                        identityKeyPair: ECKeyPair) throws -> String {
+    public class func decryptDeviceName(protoData: Data, identityKeyPair: IdentityKeyPair) throws -> String {
 
         let proto: SignalIOSProtoDeviceName
         do {
@@ -127,9 +112,9 @@ public class DeviceNames: NSObject {
         let receivedSyntheticIV = proto.syntheticIv
         let ciphertext = proto.ciphertext
 
-        let ephemeralPublic: Data
+        let ephemeralPublic: PublicKey
         do {
-            ephemeralPublic = try ephemeralPublicData.removeKeyType()
+            ephemeralPublic = try PublicKey(ephemeralPublicData)
         } catch {
             owsFailDebug("failed to remove key type")
             throw DeviceNameError.invalidInput
@@ -145,14 +130,7 @@ public class DeviceNames: NSObject {
         }
 
         // master_secret = ECDH(identity_private, ephemeral_public)
-        let masterSecret: Data
-        do {
-            masterSecret = try Curve25519.generateSharedSecret(fromPublicKey: ephemeralPublic,
-                                                               privateKey: identityKeyPair.privateKey)
-        } catch {
-            Logger.error("Could not generate shared secret: \(error)")
-            throw error
-        }
+        let masterSecret = Data(identityKeyPair.privateKey.keyAgreement(with: ephemeralPublic))
 
         // cipher_key = HmacSHA256(key=HmacSHA256(key=master_secret, input=“cipher”), input=synthetic_iv)
         let cipherKey = try computeCipherKey(masterSecret: masterSecret, syntheticIV: receivedSyntheticIV)
diff --git a/SignalServiceKit/tests/Account/PniDistributionParameterBuilderTest.swift b/SignalServiceKit/tests/Account/PniDistributionParameterBuilderTest.swift
index 3506057b99..09d517d7d2 100644
--- a/SignalServiceKit/tests/Account/PniDistributionParameterBuilderTest.swift
+++ b/SignalServiceKit/tests/Account/PniDistributionParameterBuilderTest.swift
@@ -42,7 +42,7 @@ class PniDistributionParameterBuilderTest: XCTestCase {
     }
 
     func testBuildParametersHappyPath() async {
-        let pniKeyPair = Curve25519.generateKeyPair()
+        let pniKeyPair = ECKeyPair.generateKeyPair()
         let localSignedPreKey = pniSignedPreKeyStoreMock.generateSignedPreKey(signedBy: pniKeyPair)
         let localRegistrationId = registrationIdGeneratorMock.generate()
         let localPqLastResortPreKey = try! db.write { tx in
@@ -87,7 +87,7 @@ class PniDistributionParameterBuilderTest: XCTestCase {
     }
 
     func testBuildParametersFailsBeforeMessageBuildingIfDeviceIdsMismatched() async {
-        let pniKeyPair = Curve25519.generateKeyPair()
+        let pniKeyPair = ECKeyPair.generateKeyPair()
         let localSignedPreKey = pniSignedPreKeyStoreMock.generateSignedPreKey(signedBy: pniKeyPair)
         let localRegistrationId = registrationIdGeneratorMock.generate()
         let localPqLastResortPreKey = try! db.write { tx in
@@ -114,7 +114,7 @@ class PniDistributionParameterBuilderTest: XCTestCase {
     /// If one of our linked devices is invalid, per the message sender, we
     /// should skip it and generate identity without parameters for it.
     func testBuildParametersWithInvalidDevice() async {
-        let pniKeyPair = Curve25519.generateKeyPair()
+        let pniKeyPair = ECKeyPair.generateKeyPair()
         let localSignedPreKey = pniSignedPreKeyStoreMock.generateSignedPreKey(signedBy: pniKeyPair)
         let localRegistrationId = registrationIdGeneratorMock.generate()
         let localPqLastResortPreKey = try! db.write { tx in
@@ -153,7 +153,7 @@ class PniDistributionParameterBuilderTest: XCTestCase {
     }
 
     func testBuildParametersWithError() async {
-        let pniKeyPair = Curve25519.generateKeyPair()
+        let pniKeyPair = ECKeyPair.generateKeyPair()
         let localSignedPreKey = pniSignedPreKeyStoreMock.generateSignedPreKey(signedBy: pniKeyPair)
         let localRegistrationId = registrationIdGeneratorMock.generate()
         let localPqLastResortPreKey = try! db.write { tx in
diff --git a/SignalServiceKit/tests/Account/PniHelloWorldManagerTest.swift b/SignalServiceKit/tests/Account/PniHelloWorldManagerTest.swift
index c1a28e7b3b..e03b0d13bf 100644
--- a/SignalServiceKit/tests/Account/PniHelloWorldManagerTest.swift
+++ b/SignalServiceKit/tests/Account/PniHelloWorldManagerTest.swift
@@ -94,7 +94,7 @@ class PniHelloWorldManagerTest: XCTestCase {
         signalRecipientStoreMock.deviceIds = [1, 2, 3]
         profileManagerMock.isPniCapable = true
 
-        let keyPair = Curve25519.generateKeyPair()
+        let keyPair = ECKeyPair.generateKeyPair()
         identityManagerMock.identityKeyPair = keyPair
         pniSignedPreKeyStoreMock.setCurrentSignedPreKey(
             pniSignedPreKeyStoreMock.generateSignedPreKey(
diff --git a/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTestMocks.swift b/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTestMocks.swift
index c988d7e37e..907a6f6126 100644
--- a/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTestMocks.swift
+++ b/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTestMocks.swift
@@ -41,7 +41,7 @@ class _PreKey_IdentityManagerMock: PreKey.Operation.Shims.IdentityManager {
         }
     }
 
-    func generateNewIdentityKeyPair() -> ECKeyPair { Curve25519.generateKeyPair() }
+    func generateNewIdentityKeyPair() -> ECKeyPair { ECKeyPair.generateKeyPair() }
 
     func store(keyPair: ECKeyPair?, for identity: OWSIdentity, tx: DBWriteTransaction) {
         switch identity {
diff --git a/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTests.swift b/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTests.swift
index 3a1dd5d657..1ef36739db 100644
--- a/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTests.swift
+++ b/SignalServiceKit/tests/Account/PreKeys/PreKeyTaskTests.swift
@@ -146,7 +146,7 @@ final class PreKeyTaskTests: XCTestCase {
     // Test that the IdentityMananger keypair makes it through to the
     // service client
     func testMockPreKeyTaskCreateWithExistingIdentityKey() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -169,7 +169,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testMockCreateSignedPreKeyWithExisting() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -193,7 +193,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testMockCreatePreKeyOnlyWithExisting() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -266,7 +266,7 @@ final class PreKeyTaskTests: XCTestCase {
     //
 
     func testMockPreKeyTaskUpdate() {
-        let aciKeyPair = Curve25519.generateKeyPair()
+        let aciKeyPair = ECKeyPair.generateKeyPair()
         mockIdentityManager.aciKeyPair = aciKeyPair
 
         let originalSignedPreKey = mockAciProtocolStore.mockSignedPreKeyStore.generateRandomSignedRecord()
@@ -298,7 +298,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testMockPreKeyTaskNoUpdate() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -352,7 +352,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testMockUpdateSkipSignedPreKey() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -380,7 +380,7 @@ final class PreKeyTaskTests: XCTestCase {
     //
 
     func testRefreshNoUpdatesNeeded() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -410,7 +410,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testForceRefreshAll() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -439,7 +439,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testForceRefreshOnlyPreKeys() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -492,7 +492,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func test403WhileSettingKeysReportsSuspectedPniIdentityKeyIssue() {
-        mockIdentityManager.pniKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.pniKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .error(OWSHTTPError.forServiceResponse(
             requestUrl: URL(string: "https://example.com")!,
             responseStatus: 403,
@@ -519,7 +519,7 @@ final class PreKeyTaskTests: XCTestCase {
     //
 
     func testSignedPreKeyExpired() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
@@ -544,7 +544,7 @@ final class PreKeyTaskTests: XCTestCase {
     }
 
     func testRefreshOnlyPreKeysBasedOnCount() {
-        mockIdentityManager.aciKeyPair = Curve25519.generateKeyPair()
+        mockIdentityManager.aciKeyPair = ECKeyPair.generateKeyPair()
         mockServiceClient.setPreKeysResult = .value(())
 
         let task = PreKeyTasks.PreKeyTask(
diff --git a/SignalServiceKit/tests/Account/PreKeys/SignedPreKeyDeletionTests.m b/SignalServiceKit/tests/Account/PreKeys/SignedPreKeyDeletionTests.m
index 8382cceeda..a26bbcb773 100644
--- a/SignalServiceKit/tests/Account/PreKeys/SignedPreKeyDeletionTests.m
+++ b/SignalServiceKit/tests/Account/PreKeys/SignedPreKeyDeletionTests.m
@@ -64,7 +64,7 @@
         NSAssert(secondsAgo <= 0, @"Time in past must be negative");
         NSDate *generatedAt = [NSDate dateWithTimeIntervalSinceNow:secondsAgo];
         SignedPreKeyRecord *record = [[SignedPreKeyRecord alloc] initWithId:i
-                                                                    keyPair:[Curve25519 generateKeyPair]
+                                                                    keyPair:[ECKeyPair generateKeyPair]
                                                                   signature:[NSData new]
                                                                 generatedAt:generatedAt];
         DatabaseStorageWrite(self.databaseStorage, ^(SDSAnyWriteTransaction *transaction) {
@@ -97,7 +97,7 @@
         NSAssert(secondsAgo <= 0, @"Time in past must be negative");
         NSDate *generatedAt = [NSDate dateWithTimeIntervalSinceNow:secondsAgo];
         SignedPreKeyRecord *record = [[SignedPreKeyRecord alloc] initWithId:i
-                                                                    keyPair:[Curve25519 generateKeyPair]
+                                                                    keyPair:[ECKeyPair generateKeyPair]
                                                                   signature:[NSData new]
                                                                 generatedAt:generatedAt];
         // we only retain accepted keys
@@ -133,7 +133,7 @@
         NSAssert(secondsAgo <= 0, @"Time in past must be negative");
         NSDate *generatedAt = [NSDate dateWithTimeIntervalSinceNow:secondsAgo];
         SignedPreKeyRecord *record = [[SignedPreKeyRecord alloc] initWithId:i
-                                                                    keyPair:[Curve25519 generateKeyPair]
+                                                                    keyPair:[ECKeyPair generateKeyPair]
                                                                   signature:[NSData new]
                                                                 generatedAt:generatedAt];
         DatabaseStorageWrite(self.databaseStorage, ^(SDSAnyWriteTransaction *transaction) {
diff --git a/SignalServiceKit/tests/ChangePhoneNumber/ChangePhoneNumberPniManagerTest.swift b/SignalServiceKit/tests/ChangePhoneNumber/ChangePhoneNumberPniManagerTest.swift
index 32ddebf39d..2d92922632 100644
--- a/SignalServiceKit/tests/ChangePhoneNumber/ChangePhoneNumberPniManagerTest.swift
+++ b/SignalServiceKit/tests/ChangePhoneNumber/ChangePhoneNumberPniManagerTest.swift
@@ -191,7 +191,7 @@ private class IdentityManagerMock: ChangePhoneNumberPniManagerImpl.Shims.Identit
     var storedKeyPairs: [OWSIdentity: ECKeyPair] = [:]
 
     func generateNewIdentityKeyPair() -> ECKeyPair {
-        let keyPair = Curve25519.generateKeyPair()
+        let keyPair = ECKeyPair.generateKeyPair()
         generatedKeyPairs.append(keyPair)
         return keyPair
     }
diff --git a/SignalServiceKit/tests/Contacts/OWSRecipientIdentityTest.swift b/SignalServiceKit/tests/Contacts/OWSRecipientIdentityTest.swift
index f9e152357c..389995682e 100644
--- a/SignalServiceKit/tests/Contacts/OWSRecipientIdentityTest.swift
+++ b/SignalServiceKit/tests/Contacts/OWSRecipientIdentityTest.swift
@@ -25,7 +25,7 @@ class OWSRecipientIdentityTest: SSKBaseTestSwift {
         if let value = identityKeys[serviceId] {
             return value
         }
-        let data = Curve25519.generateKeyPair().publicKey
+        let data = ECKeyPair.generateKeyPair().publicKey
         identityKeys[serviceId] = data
         return data
     }
diff --git a/SignalServiceKit/tests/Curve25519/ECKeyPairTest.swift b/SignalServiceKit/tests/Curve25519/ECKeyPairTest.swift
new file mode 100644
index 0000000000..38b6a8fc0e
--- /dev/null
+++ b/SignalServiceKit/tests/Curve25519/ECKeyPairTest.swift
@@ -0,0 +1,52 @@
+//
+// Copyright 2023 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+//
+
+import LibSignalClient
+import XCTest
+
+@testable import SignalServiceKit
+
+final class ECKeyPairTest: XCTestCase {
+    func testEncodeDecode() throws {
+        let privateKey = try PrivateKey(Array(repeating: 0, count: 31) + [0x41])
+        let keyPair = ECKeyPair(IdentityKeyPair(publicKey: privateKey.publicKey, privateKey: privateKey))
+
+        let encodedData = try NSKeyedArchiver.archivedData(withRootObject: keyPair, requiringSecureCoding: true)
+        let decodedKeyPair = try XCTUnwrap(NSKeyedUnarchiver.unarchivedObject(ofClass: ECKeyPair.self, from: encodedData, requiringSecureCoding: true))
+
+        XCTAssertEqual(decodedKeyPair.identityKeyPair.privateKey.serialize(), keyPair.identityKeyPair.privateKey.serialize())
+        XCTAssertEqual(decodedKeyPair.identityKeyPair.publicKey, keyPair.identityKeyPair.publicKey)
+    }
+
+    func testStableDecoding() throws {
+        let privateKey = try PrivateKey(Array(repeating: 0, count: 31) + [0x41])
+        let keyPair = ECKeyPair(IdentityKeyPair(publicKey: privateKey.publicKey, privateKey: privateKey))
+
+        let encodedData = try XCTUnwrap(Data(
+            base64Encoded: "YnBsaXN0MDDUAQIDBAUGBwpYJHZlcnNpb25ZJGFyY2hpdmVyVCR0b3BYJG9iamVjdHMSAAGGoF8QD05TS2V5ZWRBcmNoaXZlctEICVRyb290gAGjCwwTVSRudWxs0w0ODxAREl8QFVRTRUNLZXlQYWlyUHJpdmF0ZUtleV8QFFRTRUNLZXlQYWlyUHVibGljS2V5ViRjbGFzc08QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBTxAg/TOE4TKtAqVsePRVR+5AA43HkAK5DSntkOCO7nYq5xWAAtIUFRYXWiRjbGFzc25hbWVYJGNsYXNzZXNZRUNLZXlQYWlyohYYWE5TT2JqZWN0AAgAEQAaACQAKQAyADcASQBMAFEAUwBXAF0AZAB8AJMAmgC9AOAA4gDnAPIA+wEFAQgAAAAAAAACAQAAAAAAAAAZAAAAAAAAAAAAAAAAAAABEQ=="
+        ))
+        let decodedKeyPair = try XCTUnwrap(
+            NSKeyedUnarchiver.unarchivedObject(ofClass: ECKeyPair.self, from: encodedData, requiringSecureCoding: true)
+        )
+
+        XCTAssertEqual(decodedKeyPair.identityKeyPair.privateKey.serialize(), keyPair.identityKeyPair.privateKey.serialize())
+        XCTAssertEqual(decodedKeyPair.identityKeyPair.publicKey, keyPair.identityKeyPair.publicKey)
+    }
+
+    func testInvalidEncodings() throws {
+        let encodedValues = [
+            "YnBsaXN0MDDUAQIDBAUGFRZYJHZlcnNpb25YJG9iamVjdHNZJGFyY2hpdmVyVCR0b3ASAAGGoKMHCA9VJG51bGzTCQoLDA0OXxAVVFNFQ0tleVBhaXJQcml2YXRlS2V5XxAUVFNFQ0tleVBhaXJQdWJsaWNLZXlWJGNsYXNzTxAfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE8QIP0zhOEyrQKlbHj0VUfuQAONx5ACuQ0p7ZDgju52KucVgALSEBESE1gkY2xhc3Nlc1okY2xhc3NuYW1lohMUWUVDS2V5UGFpclhOU09iamVjdF8QD05TS2V5ZWRBcmNoaXZlctEXGFRyb290gAEACAARABoAIwAtADIANwA7AEEASABgAHcAfgCgAMMAxQDKANMA3gDhAOsA9AEGAQkBDgAAAAAAAAIBAAAAAAAAABkAAAAAAAAAAAAAAAAAAAEQ",
+            "YnBsaXN0MDDUAQIDBAUGFRZYJHZlcnNpb25YJG9iamVjdHNZJGFyY2hpdmVyVCR0b3ASAAGGoKMHCA9VJG51bGzTCQoLDA0OXxAVVFNFQ0tleVBhaXJQcml2YXRlS2V5XxAUVFNFQ0tleVBhaXJQdWJsaWNLZXlWJGNsYXNzQE8QIP0zhOEyrQKlbHj0VUfuQAONx5ACuQ0p7ZDgju52KucVgALSEBESE1gkY2xhc3Nlc1okY2xhc3NuYW1lohMUWUVDS2V5UGFpclhOU09iamVjdF8QD05TS2V5ZWRBcmNoaXZlctEXGFRyb290gAEIERojLTI3O0FIYHd+f6KkqbK9wMrT5ejtAAAAAAAAAQEAAAAAAAAAGQAAAAAAAAAAAAAAAAAAAO8=",
+            "YnBsaXN0MDDUAQIDBAUGExRYJHZlcnNpb25YJG9iamVjdHNZJGFyY2hpdmVyVCR0b3ASAAGGoKMHCA1VJG51bGzSCQoLDF8QFFRTRUNLZXlQYWlyUHVibGljS2V5ViRjbGFzc08QIP0zhOEyrQKlbHj0VUfuQAONx5ACuQ0p7ZDgju52KucVgALSDg8QEVgkY2xhc3Nlc1okY2xhc3NuYW1lohESWUVDS2V5UGFpclhOU09iamVjdF8QD05TS2V5ZWRBcmNoaXZlctEVFlRyb290gAEIERojLTI3O0FGXWSHiY6XoqWvuMrN0gAAAAAAAAEBAAAAAAAAABcAAAAAAAAAAAAAAAAAAADU",
+            "YnBsaXN0MDDUAQIDBAUGFRZYJHZlcnNpb25YJG9iamVjdHNZJGFyY2hpdmVyVCR0b3ASAAGGoKMHCA9VJG51bGzTCQoLDA0OXxAVVFNFQ0tleVBhaXJQcml2YXRlS2V5XxAUVFNFQ0tleVBhaXJQdWJsaWNLZXlWJGNsYXNzTxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEFPEB/9M4ThMq0CpWx49FVH7kADjceQArkNKe2Q4I7udirkgALSEBESE1gkY2xhc3Nlc1okY2xhc3NuYW1lohMUWUVDS2V5UGFpclhOU09iamVjdF8QD05TS2V5ZWRBcmNoaXZlctEXGFRyb290gAEACAARABoAIwAtADIANwA7AEEASABgAHcAfgChAMMAxQDKANMA3gDhAOsA9AEGAQkBDgAAAAAAAAIBAAAAAAAAABkAAAAAAAAAAAAAAAAAAAEQ",
+        ]
+        for encodedValue in encodedValues {
+            let encodedData = try XCTUnwrap(Data(base64Encoded: encodedValue))
+            XCTAssertNil(
+                try NSKeyedUnarchiver.unarchivedObject(ofClass: ECKeyPair.self, from: encodedData, requiringSecureCoding: true)
+            )
+        }
+    }
+}
diff --git a/SignalServiceKit/tests/Devices/OWSDeviceProvisionerTest.swift b/SignalServiceKit/tests/Devices/OWSDeviceProvisionerTest.swift
index de42ad9798..ec45764269 100644
--- a/SignalServiceKit/tests/Devices/OWSDeviceProvisionerTest.swift
+++ b/SignalServiceKit/tests/Devices/OWSDeviceProvisionerTest.swift
@@ -49,7 +49,7 @@ class OWSDeviceProvisionerTest: XCTestCase {
         let provisioner = OWSDeviceProvisioner(
             myAciIdentityKeyPair: myAciIdentityKeyPair,
             myPniIdentityKeyPair: myPniIdentityKeyPair,
-            theirPublicKey: Data(linkedDeviceCipher.secondaryDevicePublicKey.keyData),
+            theirPublicKey: Data(linkedDeviceCipher.secondaryDevicePublicKey.keyBytes),
             theirEphemeralDeviceId: "",
             myAci: myAci,
             myPhoneNumber: myPhoneNumber,
diff --git a/SignalServiceKit/tests/Devices/OWSProvisioningCipherTest.swift b/SignalServiceKit/tests/Devices/OWSProvisioningCipherTest.swift
index 7b7ccd8827..f3d38d9f0c 100644
--- a/SignalServiceKit/tests/Devices/OWSProvisioningCipherTest.swift
+++ b/SignalServiceKit/tests/Devices/OWSProvisioningCipherTest.swift
@@ -5,9 +5,9 @@
 
 import Foundation
 import XCTest
-import Curve25519Kit
 import SignalCoreKit
-import SignalServiceKit
+
+@testable import SignalServiceKit
 
 final class OWSProvisioningCipherTest: XCTestCase {
     private let knownInitializationVector = Data([
diff --git a/SignalServiceKit/tests/Messages/MessageDecryptionTest.swift b/SignalServiceKit/tests/Messages/MessageDecryptionTest.swift
index 2152da8704..7df9b20720 100644
--- a/SignalServiceKit/tests/Messages/MessageDecryptionTest.swift
+++ b/SignalServiceKit/tests/Messages/MessageDecryptionTest.swift
@@ -19,7 +19,7 @@ class MessageDecryptionTest: SSKBaseTestSwift {
     private lazy var localPniClient = LocalSignalClient(identity: .pni)
     let runner = TestProtocolRunner()
 
-    let sealedSenderTrustRoot = Curve25519.generateKeyPair()
+    let sealedSenderTrustRoot = IdentityKeyPair.generate()
 
     private var fakeMessageSender: FakeMessageSender {
         MockSSKEnvironment.shared.messageSender as! FakeMessageSender
@@ -46,7 +46,7 @@ class MessageDecryptionTest: SSKBaseTestSwift {
         }
 
         (notificationsManager as! NoopNotificationsManager).expectErrors = true
-        (udManager as! OWSUDManagerImpl).trustRoot = try! sealedSenderTrustRoot.ecPublicKey()
+        (udManager as! OWSUDManagerImpl).trustRoot = sealedSenderTrustRoot.publicKey
     }
 
     // MARK: - Tests
@@ -104,7 +104,7 @@ class MessageDecryptionTest: SSKBaseTestSwift {
 
             if type == .unidentifiedSender {
                 let senderCert = SMKSecretSessionCipherTest.createCertificateFor(
-                    trustRoot: sealedSenderTrustRoot.identityKeyPair,
+                    trustRoot: sealedSenderTrustRoot,
                     senderAddress: try! SealedSenderAddress(
                         e164: remoteClient.e164Identifier,
                         aci: remoteClient.serviceId as! Aci,
diff --git a/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift b/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
index 0b6d2ab76c..663d755e0f 100644
--- a/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
+++ b/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
@@ -5,7 +5,6 @@
 
 import XCTest
 import Foundation
-import Curve25519Kit
 import SignalCoreKit
 import LibSignalClient
 @testable import SignalServiceKit
diff --git a/SignalServiceKit/tests/Messages/SMKSecretSessionCipherTest.swift b/SignalServiceKit/tests/Messages/SMKSecretSessionCipherTest.swift
index fffa9c41a7..94403b7b4a 100644
--- a/SignalServiceKit/tests/Messages/SMKSecretSessionCipherTest.swift
+++ b/SignalServiceKit/tests/Messages/SMKSecretSessionCipherTest.swift
@@ -6,7 +6,6 @@
 import XCTest
 @testable import SignalServiceKit
 @testable import LibSignalClient
-import Curve25519Kit
 import SignalCoreKit
 
 // https://github.com/signalapp/libsignal-metadata-java/blob/4a0e0c87ea733d5c007488671b74ace0dc5dcbef/tests/src/test/java/org/signal/libsignal/metadata/SealedSessionCipherTest.java
diff --git a/SignalServiceKit/tests/Security/OWSFingerprintTest.swift b/SignalServiceKit/tests/Security/OWSFingerprintTest.swift
index 96cfda1079..cf6ddee153 100644
--- a/SignalServiceKit/tests/Security/OWSFingerprintTest.swift
+++ b/SignalServiceKit/tests/Security/OWSFingerprintTest.swift
@@ -13,8 +13,8 @@ final class OWSFingerprintTest: XCTestCase {
         let aliceE164 = E164("+19995550101")!
         let bobE164 = E164("+18885550102")!
 
-        let aliceIdentityKey = Curve25519.generateKeyPair().publicKey
-        let bobIdentityKey = Curve25519.generateKeyPair().publicKey
+        let aliceIdentityKey = ECKeyPair.generateKeyPair().publicKey
+        let bobIdentityKey = ECKeyPair.generateKeyPair().publicKey
 
         let aliceToBobFingerprint = OWSFingerprint(
             source: .e164(myE164: aliceE164, theirE164: bobE164),
@@ -70,9 +70,9 @@ final class OWSFingerprintTest: XCTestCase {
             }()
         ]
 
-        let aliceIdentityKey = Curve25519.generateKeyPair().publicKey
-        let bobIdentityKey = Curve25519.generateKeyPair().publicKey
-        let charlieIdentityKey = Curve25519.generateKeyPair().publicKey
+        let aliceIdentityKey = ECKeyPair.generateKeyPair().publicKey
+        let bobIdentityKey = ECKeyPair.generateKeyPair().publicKey
+        let charlieIdentityKey = ECKeyPair.generateKeyPair().publicKey
 
         for (aliceToBob, bobToAlice, charlieToAlice) in sourceSets {
             let aliceToBobFingerprint = OWSFingerprint(
diff --git a/SignalServiceKit/tests/Storage/SSKKyberPreKeyStoreTest.swift b/SignalServiceKit/tests/Storage/SSKKyberPreKeyStoreTest.swift
index d6a0ce0cde..71b6212fbe 100644
--- a/SignalServiceKit/tests/Storage/SSKKyberPreKeyStoreTest.swift
+++ b/SignalServiceKit/tests/Storage/SSKKyberPreKeyStoreTest.swift
@@ -22,7 +22,7 @@ class KyberPreKeyStoreTest: XCTestCase {
     override func setUp() {
         keyValueStoreFactory = InMemoryKeyValueStoreFactory()
         dateProvider = { return self.currentDate }
-        identityKey = Curve25519.generateKeyPair()
+        identityKey = ECKeyPair.generateKeyPair()
         kyberPreKeyStore = SSKKyberPreKeyStore(
             for: .aci,
             keyValueStoreFactory: keyValueStoreFactory,
@@ -39,10 +39,9 @@ class KyberPreKeyStoreTest: XCTestCase {
         }
 
         XCTAssert(
-            try! Ed25519.verifySignature(
-                key.signature,
-                publicKey: self.identityKey.publicKey,
-                data: Data(key.keyPair.publicKey.serialize())
+            try! self.identityKey.keyPair.publicKey.verifySignature(
+                message: Data(key.keyPair.publicKey.serialize()),
+                signature: key.signature
             )
         )
         XCTAssertNotNil(key)
@@ -63,10 +62,9 @@ class KyberPreKeyStoreTest: XCTestCase {
 
         XCTAssertEqual(record.id, decodedRecord.id)
         XCTAssert(
-            try Ed25519.verifySignature(
-                decodedRecord.signature,
-                publicKey: self.identityKey.publicKey,
-                data: Data(decodedRecord.keyPair.publicKey.serialize())
+            try self.identityKey.keyPair.publicKey.verifySignature(
+                message: Data(decodedRecord.keyPair.publicKey.serialize()),
+                signature: decodedRecord.signature
             )
         )
     }
@@ -166,10 +164,9 @@ class KyberPreKeyStoreTest: XCTestCase {
 
         XCTAssertNotNil(key)
         XCTAssert(
-            try! Ed25519.verifySignature(
-                key!.signature,
-                publicKey: self.identityKey.publicKey,
-                data: Data(key!.keyPair.publicKey.serialize())
+            try! self.identityKey.keyPair.publicKey.verifySignature(
+                message: Data(key!.keyPair.publicKey.serialize()),
+                signature: key!.signature
             )
         )
         XCTAssertFalse(key!.isLastResort)
@@ -385,7 +382,7 @@ class KyberPreKeyStoreTest: XCTestCase {
 
     func testPniStoreIsSeparate() {
 
-        let pniIdentityKey = Curve25519.generateKeyPair()
+        let pniIdentityKey = ECKeyPair.generateKeyPair()
         let pniKyberPreKeyStore = SSKKyberPreKeyStore(
             for: .pni,
             keyValueStoreFactory: keyValueStoreFactory,
diff --git a/SignalServiceKit/tests/Storage/SSKSignedPreKeyStoreTest.swift b/SignalServiceKit/tests/Storage/SSKSignedPreKeyStoreTest.swift
index 04027b3e43..fe27160c24 100644
--- a/SignalServiceKit/tests/Storage/SSKSignedPreKeyStoreTest.swift
+++ b/SignalServiceKit/tests/Storage/SSKSignedPreKeyStoreTest.swift
@@ -37,7 +37,7 @@ class SSKSignedPreKeyStoreTest: SSKBaseTestSwift {
             assert(secondsAgo <= 0, "Time in past must be negative")
             let generatedAt = Date(timeIntervalSinceNow: secondsAgo)
             let record = SignedPreKeyRecord(id: i,
-                                            keyPair: Curve25519.generateKeyPair(),
+                                            keyPair: ECKeyPair.generateKeyPair(),
                                             signature: Data(),
                                             generatedAt: generatedAt)
             self.databaseStorage.write { transaction in
@@ -53,7 +53,7 @@ class SSKSignedPreKeyStoreTest: SSKBaseTestSwift {
             assert(secondsAgo <= 0, "Time in past must be negative")
             let generatedAt = Date(timeIntervalSinceNow: secondsAgo)
             let record = SignedPreKeyRecord(id: i,
-                                            keyPair: Curve25519.generateKeyPair(),
+                                            keyPair: ECKeyPair.generateKeyPair(),
                                             signature: Data(),
                                             generatedAt: generatedAt)
             self.databaseStorage.write { transaction in
diff --git a/SignalServiceKit/tests/Util/DeviceNamesTest.swift b/SignalServiceKit/tests/Util/DeviceNamesTest.swift
index 8276c2c934..5fa814b1c6 100644
--- a/SignalServiceKit/tests/Util/DeviceNamesTest.swift
+++ b/SignalServiceKit/tests/Util/DeviceNamesTest.swift
@@ -4,20 +4,19 @@
 //
 
 import Foundation
+import LibSignalClient
 import XCTest
-import Curve25519Kit
 
 @testable import SignalServiceKit
 
 class DeviceNamesTest: XCTestCase {
     func testNotEncrypted() {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = IdentityKeyPair.generate()
 
         let plaintext = "alice"
 
         do {
-            _ = try DeviceNames.decryptDeviceName(base64String: plaintext,
-                                                  identityKeyPair: identityKeyPair)
+            _ = try DeviceNames.decryptDeviceName(base64String: plaintext, identityKeyPair: identityKeyPair)
             XCTFail("Unexpectedly did not throw error.")
         } catch DeviceNameError.invalidInput {
             // Expected error.
@@ -26,29 +25,40 @@ class DeviceNamesTest: XCTestCase {
         }
     }
 
-    func testEncrypted() {
-        let identityKeyPair = Curve25519.generateKeyPair()
+    func testStable() throws {
+        let identityPrivateKey = try PrivateKey(Array(repeating: 0, count: 31) + [0x41])
+        let identityKeyPair = IdentityKeyPair(publicKey: identityPrivateKey.publicKey, privateKey: identityPrivateKey)
 
-        let encrypted = try! DeviceNames.encryptDeviceName(plaintext: "alice",
-                                                           identityKeyPair: identityKeyPair)
+        let otherPrivateKey = try PrivateKey(Array(repeating: 0, count: 31) + [0x42])
+        let otherKeyPair = IdentityKeyPair(publicKey: otherPrivateKey.publicKey, privateKey: otherPrivateKey)
+
+        let encryptedDeviceName = try XCTUnwrap(Data(
+            base64Encoded: "CiEFrYxIwmdlrqetxTYolgXBq+qVBQCT29IYyWq9JIGgNWUSEFNO1AI2/J8BQ+9Re91Y5OcaBsNYrahasg=="
+        ))
+
+        let deviceName = try DeviceNames.decryptDeviceName(protoData: encryptedDeviceName, identityKeyPair: identityKeyPair)
+        XCTAssertEqual(deviceName, "Abc123")
+    }
+
+    func testEncrypted() {
+        let identityKeyPair = IdentityKeyPair.generate()
+
+        let encrypted = try! DeviceNames.encryptDeviceName(plaintext: "alice", identityKeyPair: identityKeyPair)
         let payload = encrypted.base64EncodedString()
 
-        let decrypted = try! DeviceNames.decryptDeviceName(base64String: payload,
-                                                           identityKeyPair: identityKeyPair)
+        let decrypted = try! DeviceNames.decryptDeviceName(base64String: payload, identityKeyPair: identityKeyPair)
         XCTAssertEqual("alice", decrypted)
     }
 
     func testBadlyEncrypted() {
-        let identityKeyPair = Curve25519.generateKeyPair()
+        let identityKeyPair = IdentityKeyPair.generate()
 
-        let encrypted = try! DeviceNames.encryptDeviceName(plaintext: "alice",
-                                                           identityKeyPair: identityKeyPair)
+        let encrypted = try! DeviceNames.encryptDeviceName(plaintext: "alice", identityKeyPair: identityKeyPair)
         let payload = encrypted.base64EncodedString()
 
-        let otherKeyPair = Curve25519.generateKeyPair()
+        let otherKeyPair = IdentityKeyPair.generate()
         do {
-            _ = try DeviceNames.decryptDeviceName(base64String: payload,
-                                                  identityKeyPair: otherKeyPair)
+            _ = try DeviceNames.decryptDeviceName(base64String: payload, identityKeyPair: otherKeyPair)
             XCTFail("Unexpectedly did not throw error.")
         } catch DeviceNameError.cryptError {
             // Expected error.
diff --git a/SignalServiceKit/tests/Util/LRUCacheTest.swift b/SignalServiceKit/tests/Util/LRUCacheTest.swift
index 301c379ac8..0a40a831a9 100644
--- a/SignalServiceKit/tests/Util/LRUCacheTest.swift
+++ b/SignalServiceKit/tests/Util/LRUCacheTest.swift
@@ -5,7 +5,6 @@
 
 import Foundation
 import XCTest
-import Curve25519Kit
 
 @testable import SignalServiceKit