Ed25519 is Great, But …
“You can lead a horse to water, but you can’t make it drink”
Sometimes, you feel that some software developers struggle to properly secure their code. For example, a recent survey showed by some developers struggled to know the difference between encoding methods (such as Base 64), hashing methods (such as SHA-1) and encryption methods (such as AES).
One of the most important function within a trusted infrastructure is the usage of a digital signature. In the past, ECDSA has been shown to have weaknesses, including where Sony used a private key of “9”. And, so, now Konstantinos Chalkias from MystenLabs has reported a major vulnerability in the implementation of the Ed25519 (EdDSA) signature method, and which could allow attackers to steal private keys from wallets.
Ed25519
With digital signatures, we create a key pair: a private (or secret) key and a public (or verifier) key. We can store this key pair in our wallet, and then use the private key when we have to sign for something. Basically for a signature, we take a hash of a message and then apply our private key to produce the signature. This is typically in the form of an R and an s value (R,s). These values can then be used with the public key and the message to verify the signature.
