or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

curves.mdecdsa.mdeddsa.mdindex.mdutils.md
tile.json

eddsa.mddocs/

EdDSA Operations

Edwards Digital Signature Algorithm (EdDSA) implementation specifically for ed25519 curve, providing secure digital signatures with deterministic signing and high performance.

Capabilities

EDDSA Constructor

Creates an EdDSA context for signing operations on the ed25519 curve.

/**
 * Create EdDSA context for signature operations
 * @param curve - Curve name (currently only 'ed25519' supported)
 * @returns EDDSA instance configured for ed25519
 */
function EDDSA(curve);

Usage Examples:

const EdDSA = require('elliptic').eddsa;

// Create EdDSA context for ed25519
const ec = new EdDSA('ed25519');

Key Management

Create and manage EdDSA key pairs from secrets or public keys.

/**
 * Create KeyPair from secret seed
 * @param secret - Secret seed (hex string, array, or Buffer)
 * @returns EdDSA KeyPair instance
 */
eddsa.keyFromSecret(secret);

/**
 * Create KeyPair from public key
 * @param pub - Public key data (hex string, array, or Buffer)
 * @returns EdDSA KeyPair instance (verification only)
 */
eddsa.keyFromPublic(pub);

Usage Examples:

const EdDSA = require('elliptic').eddsa;
const ec = new EdDSA('ed25519');

// Create from secret hex string
const key1 = ec.keyFromSecret('693e3c7374bd16c03e0d6d8151e1d2d8eb12c49726c8169e8d5d2c9a2ca5b5cc');

// Create from secret array
const key2 = ec.keyFromSecret([0x69, 0x3e, 0x3c, 0x73, ...]);

// Create from public key
const pubKey = '0a1af638c9df80150b23bd227eb5db8d99e8c06b436b5e46942fa7b47ee2504e';
const key3 = ec.keyFromPublic(pubKey, 'hex');

Digital Signatures

Create and verify EdDSA digital signatures with deterministic generation.

/**
 * Sign message with EdDSA
 * @param message - Message to sign (array or hex string)
 * @param secret - Secret key (KeyPair, hex string, array, or Buffer)
 * @returns EdDSA Signature instance
 */
eddsa.sign(message, secret);

/**
 * Verify EdDSA signature
 * @param message - Original message (array or hex string)
 * @param sig - Signature to verify (Signature instance, hex string, or array)
 * @param pub - Public key (KeyPair, hex string, array, or Buffer)
 * @returns Boolean indicating signature validity
 */
eddsa.verify(message, sig, pub);

Usage Examples:

const EdDSA = require('elliptic').eddsa;
const ec = new EdDSA('ed25519');

const key = ec.keyFromSecret('693e3c7374bd16c03e0d6d8151e1d2d8eb12c49726c8169e8d5d2c9a2ca5b5cc');
const msgHash = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10];

// Sign message
const signature = ec.sign(msgHash, key);

// Verify signature
const isValid = ec.verify(msgHash, signature, key);

// Verify with separate public key
const pubKey = key.getPublic('hex');
const isValid2 = ec.verify(msgHash, signature, pubKey);

Point Encoding/Decoding

Low-level operations for encoding and decoding curve points.

/**
 * Encode curve point to bytes
 * @param point - Curve point to encode
 * @returns Encoded point as byte array
 */
eddsa.encodePoint(point);

/**
 * Decode bytes to curve point
 * @param bytes - Encoded point bytes
 * @returns Decoded curve point
 */
eddsa.decodePoint(bytes);

/**
 * Encode integer to bytes
 * @param num - Integer to encode
 * @returns Encoded integer as byte array
 */
eddsa.encodeInt(num);

/**
 * Decode bytes to integer
 * @param bytes - Encoded integer bytes
 * @returns Decoded integer as BN
 */
eddsa.decodeInt(bytes);

/**
 * Check if value is a curve point
 * @param val - Value to check
 * @returns Boolean indicating if value is a point
 */
eddsa.isPoint(val);

EdDSA KeyPair Class Methods

Methods available on EdDSA KeyPair instances.

/**
 * Get secret seed bytes
 * @returns Secret seed as byte array
 */
keyPair.secret();

/**
 * Get public key as encoded bytes
 * @returns Public key bytes
 */
keyPair.pubBytes();

/**
 * Get public key as curve point
 * @returns Public key point
 */
keyPair.pub();

/**
 * Get private key as encoded bytes
 * @returns Private key bytes
 */
keyPair.privBytes();

/**
 * Get private key as integer
 * @returns Private key as BN
 */
keyPair.priv();

/**
 * Get hash of secret
 * @returns Hash digest as byte array
 */
keyPair.hash();

/**
 * Get message prefix for signing
 * @returns Message prefix bytes
 */
keyPair.messagePrefix();

/**
 * Sign message with this key pair
 * @param message - Message to sign
 * @returns EdDSA Signature instance
 */
keyPair.sign(message);

/**
 * Verify signature with this key pair
 * @param message - Original message
 * @param sig - Signature to verify
 * @returns Boolean indicating validity
 */
keyPair.verify(message, sig);

/**
 * Get secret with encoding
 * @param enc - Output encoding ('hex', 'base64', etc.)
 * @returns Encoded secret
 */
keyPair.getSecret(enc);

/**
 * Get public key with encoding
 * @param enc - Output encoding ('hex', 'base64', etc.)
 * @returns Encoded public key
 */
keyPair.getPublic(enc);

Usage Examples:

const EdDSA = require('elliptic').eddsa;
const ec = new EdDSA('ed25519');

const key = ec.keyFromSecret('693e3c7374bd16c03e0d6d8151e1d2d8eb12c49726c8169e8d5d2c9a2ca5b5cc');

// Get key data in different formats
const secretHex = key.getSecret('hex');
const publicHex = key.getPublic('hex');
const publicBytes = key.pubBytes();

// Sign and verify
const message = 'Hello, World!';
const signature = key.sign(message);
const isValid = key.verify(message, signature);

console.log('Secret:', secretHex);
console.log('Public:', publicHex);
console.log('Signature valid:', isValid);

EdDSA Signature Class Methods

Methods available on EdDSA Signature instances.

/**
 * Get R component of signature
 * @returns R as curve point
 */
signature.R();

/**
 * Get S component of signature
 * @returns S as BN integer
 */
signature.S();

/**
 * Get encoded R component
 * @returns Encoded R as byte array
 */
signature.Rencoded();

/**
 * Convert signature to byte array
 * @returns Signature as byte array
 */
signature.toBytes();

/**
 * Convert signature to hex string
 * @returns Signature as hex string
 */
signature.toHex();

Usage Examples:

const EdDSA = require('elliptic').eddsa;
const ec = new EdDSA('ed25519');

const key = ec.keyFromSecret('693e3c...');
const message = 'Hello, World!';
const signature = key.sign(message);

// Get signature in different formats
const sigHex = signature.toHex();
const sigBytes = signature.toBytes();
const rComponent = signature.R();
const sComponent = signature.S();

console.log('Signature hex:', sigHex);
console.log('R component:', rComponent);
console.log('S component:', sComponent.toString(16));

Signature Creation Helper

Create EdDSA signature instances from various formats.

/**
 * Create signature instance from various formats
 * @param sig - Signature data (object, hex string, or byte array)
 * @returns EdDSA Signature instance
 */
eddsa.makeSignature(sig);

Key Formats

Secret Key Formats

Secret keys (seeds) can be provided as:

  • Hex string: '693e3c7374bd16c03e0d6d8151e1d2d8eb12c49726c8169e8d5d2c9a2ca5b5cc'
  • Buffer: Node.js Buffer instance
  • Array: Byte array [0x69, 0x3e, 0x3c, ...]

Public Key Formats

Public keys can be provided as:

  • Hex string: Encoded ed25519 public key
  • Buffer: Node.js Buffer instance
  • Array: Byte array representation
  • KeyPair instance: For verification

Signature Formats

Signatures can be provided as:

  • Hex string: 64-byte signature as hex
  • Buffer: Node.js Buffer instance
  • Array: 64-byte signature array
  • Object: { R: point, S: integer } or similar
  • Signature instance: EdDSA Signature object

EdDSA vs ECDSA

Key Differences

EdDSA Advantages:

  • Deterministic signatures (no nonce generation)
  • Resistant to side-channel attacks
  • Faster verification
  • Simpler implementation
  • No malleability issues

Use Cases:

  • EdDSA (ed25519): Modern applications, cryptocurrency, secure messaging
  • ECDSA: Legacy compatibility, Bitcoin, traditional PKI

Performance Characteristics

EdDSA on ed25519 typically provides:

  • Faster signature generation than ECDSA
  • Faster signature verification than ECDSA
  • Smaller signature size (64 bytes)
  • Deterministic behavior (same message + key = same signature)

Security Considerations

Best Practices

  1. Key Generation: Use cryptographically secure random sources for secret generation
  2. Key Storage: Never expose private keys in logs or client-side code
  3. Message Handling: Hash messages before signing for consistency
  4. Validation: Always validate public keys before use
  5. Side Channels: EdDSA is designed to be resistant to timing attacks

Common Pitfalls

  • Using weak entropy for key generation
  • Reusing secrets across different applications
  • Not validating signatures before trusting signed data
  • Exposing private key material in error messages