noble-ed25519
noble-curves
noble-ed25519 | noble-curves | |
---|---|---|
2 | 2 | |
391 | 588 | |
- | - | |
7.2 | 8.8 | |
10 days ago | 10 days ago | |
JavaScript | TypeScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
noble-ed25519
-
Go 1.20 Cryptography
[For reference, see section 7.8](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft...).
I've also been looking for Ed25519ph support for other languages. [Paul Miller](https://github.com/paulmillr), who is the author of the noble libraries for Javascript has just added support in his newly released [curves](https://github.com/paulmillr/noble-ed25519/issues/63) library. Paul has suggested on Twitter holding off on using "curves" until an audit, but most of his other work has already been audited and all his works are highly polished.
Also, for all readers, we wrote an [online Ed25519 tool](https://cyphr.me/ed25519_applet/ed.html), which is useful for testing and verifying. Previously the top result on Google, which has now been taken down, was sending the keys off to a server, which motivated us to write a tool that didn't openly phone home.
-
r/Crypto, can you help take down an evil tool that's stealing people's private keys?
(Git hashes the repo and provides version history. It's not "super secure", but it is much better than nothing. I could also sign releases, but I'm not doing that at the moment, since I don't think the marginal benefit is there, especially since Paul is signing the crypto part already.)
noble-curves
-
The AT protocol is the most obtuse crock of s*
BlueSky uses @noble/secp256k1 which performs this stuff in Javascript, with about 880* verifications per second on the Apple M2 (a chip with a relatively high IPC, likely higher than your average server).
Verifying those messages will take about a minute of CPU time per user (assuming no impact from cache misses due to threads swapping in and out and processing new data). I think that's quite significant.
* = https://github.com/paulmillr/noble-curves
- Zero-dependency JavaScript implementation of elliptic curve cryptography
What are some alternatives?
DOMtegrity - JavaScript Framework to ensure webpage DOM integrity in presence of a malicious browser extension.
noble-secp256k1 - Fastest 4KB JS implementation of secp256k1 signatures and ECDH
bogbook - bogbook v3 - A replicated and secure social network made from ed25519 hash chains
matrix-spec - The Matrix protocol specification
VulnTLS - Collection of TLS vulnerabilities ready to be exploited.
zkp-ecdsa - Proves knowledge of an ECDSA-P256 signature under one of many public keys that are stored in a list.
tweetnacl-js - Port of TweetNaCl cryptographic library to JavaScript
signature-sdk-js - Wacom’s Signature SDK library for JavaScript provides software components to capture handwritten signatures from a Web Browser.
Ed25519Tool - Ed25519 signing and verification online tool.
fiat-crypto - Cryptographic Primitive Code Generation by Fiat