ED25519

ED25519 is a public-key signature system based on elliptic curve cryptography. It uses the elliptic curve known as Curve25519 and the EdDSA (Edwards-curve Digital Signature Algorithm) scheme.

ED25519 offers strong security, high performance, and resistance to various cryptographic attacks, making it suitable for applications such as digital signatures, authentication, and secure communication protocols.

Creating a private key from seed

A seed string is a representation of entropy, from which you can re-create deterministically all the private keys for one wallet. It should be long enough so that the probability of selection is unrealistic and negligible.

In fact, seed should be an array of bytes but for ease of memorization, the LTO wallet uses a mnemonic seed phrase, to ensure that the seed is made up of words and easy to write down or remember. The application takes the UTF-8 bytes of the string and uses them to create keys and addresses.

For example, seed string

manage manual recall harvest series desert melt police rose hollow moral pledge kitten position add

after reading this string as UTF-8 bytes and encoding them to Base58, the string will be coded as

xrv7ffrv2A9g5pKSxt7gHGrPYJgRnsEMDyc4G7srbia6PhXYLDKVsDxnqsEqhAVbbko7N1tDyaSrWCZBoMyvdwaFNjWNPjKdcoZTKbKr2Vw9vu53Uf4dYpyWCyvfPbRskHfgt9q

A seed string is involved with the creation of private keys. The nonce' field is an integer prepended to the seed bytes. Typically, this value is initially 0 and increases every time you create the new address.

We use this array of bytes to calculate the hash sha256(blake2b256(bytes)). This resulting array of bytes called the account seed. From the account seed, you can deterministically generate a private and public key pair.

Use NaCl or sodium to create an account from the account seed.

Example

Brainwallet seed string

manage manual recall harvest series desert melt police rose hollow moral pledge kitten position add

As Base58 encoded byte array

xrv7ffrv2A9g5pKSxt7gHGrPYJgRnsEMDyc4G7srbia6PhXYLDKVsDxnqsEqhAVbbko7N1tDyaSrWCZBoMyvdwaFNjWNPjKdcoZTKbKr2Vw9vu53Uf4dYpyWCyvfPbRskHfgt9q

Account seed bytes with nonce 0 before apply hash function (Base58 encoded)

1111xrv7ffrv2A9g5pKSxt7gHGrPYJgRnsEMDyc4G7srbia6PhXYLDKVsDxnqsEqhAVbbko7N1tDyaSrWCZBoMyvdwaFNjWNPjKdcoZTKbKr2Vw9vu53Uf4dYpyWCyvfPbRskHfgt9q

Account seed sha256(blake2b256(account seed bytes)) (Base58 encoded)

93dvzDQ8KBe4y7Nw89xsguWe8ZTVYGAA5kjvJ7miQS1v

Account seed after sha256 hashing (optional, if your library does not do it yourself)

ETYQWXzC2h8VXahYdeUTXNPXEkan3vi9ikXbn912ijiw

Alternative methods

Using the method based on the account seed, ensure that the seed phrase is compatible with the LTO wallet. However, it's not required to use this method.

The seed is not needed for signing, only the private key. The key can be generated through other means, for instance using OpenSSL genkey.

Signing

Example

Created private key using the account seed 93d...S1v.

4zsR9xoFpxfnNwLcY4hdRUarwf5xWtLj6FpKGDFBgscPxecPj2qgRNx4kJsFCpe9YDxBRNoeBWTh2SDAdwTySomS

Created public key

GjSacB6a5DFNEHjDSmn724QsrRStKYzkahPH67wyrhAY

Encryption

It's possible to convert an ED25519 key into an X25519 key, which can be used for signing.

This is a public key encryption schema, where the public key is used to encrypt data and the private key is used to decrypt data.

Convertion functions are available in libsodium, but not in other nacl libraries. You may need to find a library for your platform that can do this, or implement it yourself.

Example

Created private key using the account seed 93d...S1v.

4q7HKMbwbLcG58iFV3pz4vkRnPTwbrY9Q5JrwnwLEZCC

Created public key

6fDod1xcVj4Zezwyy3tdPGHkuDyMq8bDHQouyp5BjXsX
PreviousAccountsNextsecp256k1

Last updated