Ed25519 signing and verification online tool.

Also, Github hosted copy

All functions are ran locally. Nothing is sent or computed by a remote server (other than downloading the page itself).

For local use, git clone this project:

(
git clone https://github.com/Cyphrme/Ed25519Tool.git ed25519_tool
cd ed25519_tool 
git clone [email protected]:Cyphrme/URLFormJS.git urlformjs
git submodule add [email protected]:Cyphrme/URLFormJS.git urlformjs
)

Alternatively, download from the release page.
Integrity checking may be done by comparing the digests on the release page, or use git which will integrity check

Then navigate to file://path_to_file/ed.html.

file:///path_to_file/ed.html

Many libraries, including this tool, refer to what the RFC calls "private key" as the "seed" (like Go ). The 32 byte seed is used to generate the private component "secret scalar s" (sss), the public key, and the "prefix" (nounce).

The "actual" private component (secret scalar s as named by the RFC (Section 5.1.5.3)) is typically regenerated from seed on signing, although it is possible to use sss and prefix to sign without the seed. The public component is computed from sss, but prefix is generated from seed and is used for signing. For example, NaCL, in the past, returned the private key as sss concatenated with prefix .

Instead of requiring sss and prefix for signing, most libraries require the seed and regenerate both sss and prefix from seed, and optionally cache the public key since caching the public key precludes relatively slow regeneration when signing. What some libraries call the "private key" (64 bytes) is the seed (32 bytes) concatenated with the public key (32 bytes). For example, Go's "private key" is seed || public key.

paulmillr/noble-ed25519#63

Paul's Noble library currently only supports "PureEdDSA" and does not support Ed25519ph ("pre-hashed"). We are waiting for it to be supported before we can implement it.

It would be nice to output "secret scalar s" || "prefix" and accept it as input as well. See paulmillr/noble-ed25519#64. It would require additional code to Noble since sss || prefix is not a possible input, assuming seed is not given.

We might never do this if there's no use for it among modern tools.

noble-ed25519.js is taken directly from Noble and may be used in other applications. See also join.js.

• https://ed25519.cr.yp.to/
• https://en.wikipedia.org/wiki/EdDSA
• https://ianix.com/pub/ed25519-deployment.html

Previously, the top result on Google was an evil tool that stole private keys. 😱

This tool replaced the evil tool in Google results. Special thank you to /r/ethfinance for helping report the evil site and getting it removed.

Ed25519Tool is released under the 3-Clause BSD License.

Implemented using noble/ed25519.

"Cyphr.me" is a trademark of Cypherpunk, LLC. The Cyphr.me logo is all rights reserved Cypherpunk, LLC and may not be used without permission.

Ed25519 test page, Ed25519 online tool.