In the code of ECC with SEXP, some parts are handled as signed, other parts are handled as unsigned.
While having this inconsistency, it works.
Because it (computation result) never emits negative value (writing is handled as signed data with leading zero octet,
and reading is done by signed or unsigned).
In the code for curve Ed25519, we use negative constants unfortunately in its domain parameters, and it affects the computation of keygrip.
<-- only this part should be kept for the use of negative value.
Except this part of Ed25519, other parts are all unsigned.