Ed25519 Sign/Verify

Workflow

1. Generate a key pair in the key tab, or derive a public key from an existing private key.
2. In the sign tab, choose message and key formats, then create a signature.
3. In the verify tab, provide public key, original message, and signature to validate.
4. Use copy actions to export keys and signatures quickly.

Key Features

• Supports key generation, signing, verification, and public-key derivation.
• Supports Text, Hex, Base64, spaced Hex, and C array formats.
• Runs locally in the browser without uploading private keys or messages.
• Validates key and signature byte lengths to prevent format misuse.

Technical Specifications

• Curve: Curve25519 (Twisted Edwards form).
• Private key size: 32 bytes (256-bit).
• Public key size: 32 bytes (256-bit).
• Signature size: 64 bytes (512-bit).
• Security strength: ~128-bit, commonly compared to RSA-3072.
• Standard: RFC 8032.

Common Use Cases

• SSH key authentication and secure automation.
• TLS/SSL certificate and handshake signing flows.
• Blockchain transaction signing and identity validation.
• Software package and firmware signing verification.
• High-assurance API request signing workflows.

Security Best Practices

• Protect private keys and never expose raw key material.
• Distribute and pin trusted public-key fingerprints.
• Use HSMs for critical production signing operations.
• Rotate signing keys regularly with expiration policies.
• Log and alert on verification failures in production.