Ed25519Tool

Ed25519 signing and verification online tool.

Live tool

Also, Github hosted copy

All functions are ran locally. Nothing is sent or computed by a remote server (other than downloading the page itself).

This tool may be used offline and does not need an Internet connection

For local use, git clone this project:

(
git clone https://github.com/Cyphrme/Ed25519Tool.git ed25519_tool
cd ed25519_tool 
git clone git@github.com:Cyphrme/URLFormJS.git urlformjs
git submodule add git@github.com:Cyphrme/URLFormJS.git urlformjs
)

Alternatively, download from the release page.
Integrity checking may be done by comparing the digests on the release page, or use git which will integrity check

Then navigate to file://path_to_file/ed.html.

file:///path_to_file/ed.html

Naming Differences in Implementations

Many libraries, including this tool, refer to what the RFC calls "private key" as the "seed" (like Go ). The 32 byte seed is used to generate the private component "secret scalar s" (sss), the public key, and the "prefix" (nounce).

The "actual" private component (secret scalar s as named by the RFC (Section 5.1.5.3)) is typically regenerated from seed on signing, although it is possible to use sss and prefix to sign without the seed. The public component is computed from sss, but prefix is generated from seed and is used for signing. For example, NaCL, in the past, returned the private key as sss concatenated with prefix .

Instead of requiring sss and prefix for signing, most libraries require the seed and regenerate both sss and prefix from seed, and optionally cache the public key since caching the public key precludes relatively slow regeneration when signing. What some libraries call the "private key" (64 bytes) is the seed (32 bytes) concatenated with the public key (32 bytes). For example, Go's "private key" is seed || public key.

TODO

Ed25519ph

paulmillr/noble-ed25519#63

Paul's Noble library currently only supports "PureEdDSA" and does not support Ed25519ph ("pre-hashed"). We are waiting for it to be supported before we can implement it.

Generate from seed "secret scalar s" and permit input from sss || prefix

It would be nice to output "secret scalar s" || "prefix" and accept it as input as well. See paulmillr/noble-ed25519#64. It would require additional code to Noble since sss || prefix is not a possible input, assuming seed is not given.

We might never do this if there's no use for it among modern tools.

Dist

noble-ed25519.js is taken directly from Noble and may be used in other applications. See also join.js.

Other ed25519 resources:

• https://ed25519.cr.yp.to/
• https://en.wikipedia.org/wiki/EdDSA
• https://ianix.com/pub/ed25519-deployment.html

Why

Previously, the top result on Google was an evil tool that stole private keys. 😱

This tool replaced the evil tool in Google results. Special thank you to /r/ethfinance for helping report the evil site and getting it removed.

License, Attribution, and Trademark Notice

Ed25519Tool is released under the 3-Clause BSD License.

Implemented using noble/ed25519.

"Cyphr.me" is a trademark of Cypherpunk, LLC. The Cyphr.me logo is all rights reserved Cypherpunk, LLC and may not be used without permission.

Keywords

Ed25519 test page, Ed25519 online tool.