Digital Signatures
Digital signatures provide authentication, integrity, and non-repudiation for messages and documents. MetaMUI implements both classical and modern signature algorithms.
Available Algorithms
Ed25519
EdDSA over Curve25519
- Security Level: 128-bit
- Public Key: 32 bytes
- Private Key: 32 bytes
- Signature: 64 bytes
- Detailed Documentation
Ed25519-ZIP215
ZIP-215 Compliant Ed25519
- Security Level: 128-bit
- Public Key: 32 bytes
- Private Key: 32 bytes
- Signature: 64 bytes
- Detailed Documentation
Sr25519
Schnorrkel for Blockchain
- Security Level: 128-bit
- Public Key: 32 bytes
- Private Key: 32 bytes
- Signature: 64 bytes
- Detailed Documentation
RSA-2048 ⚠️ TRANSITIONAL
Transitional RSA for PQC Migration (Deprecated 2030)
- Security Level: 112-bit (classical only, 0-bit quantum)
- Public Key: 256 bytes
- Private Key: 256 bytes
- Signature: 256 bytes
- WARNING: Vulnerable to quantum attacks - migrate to PQC
- Detailed Documentation
Comparison
| Algorithm | Use Case | Performance | Compatibility | Quantum-Safe |
|---|---|---|---|---|
| Ed25519 | General purpose | Fastest | Excellent | ❌ |
| Ed25519-ZIP215 | Zcash/blockchain | Fast | Blockchain-specific | ❌ |
| Sr25519 | Substrate/Polkadot | Fast | Substrate ecosystem | ❌ |
| RSA-2048 | Legacy/Transition | Slow | Universal | ❌ CRITICAL |
Usage Examples
Basic Signing and Verification
from metamui_crypto import Ed25519
# Generate keypair
keypair = Ed25519.generate_keypair()
# Sign message
message = b"Hello, World!"
signature = Ed25519.sign(message, keypair.private_key)
# Verify signature
is_valid = Ed25519.verify(signature, message, keypair.public_key)
print(f"Signature valid: {is_valid}")
Deterministic Key Generation
from metamui_crypto import Ed25519
# Generate from seed (deterministic)
seed = bytes.fromhex("4c94485e0c21ae6c41ce1dfe7b6bfaceea5ab68e40a32c98d312a9b3c0c4a60c")
keypair = Ed25519.from_seed(seed)
# Same seed always produces same keypair
keypair2 = Ed25519.from_seed(seed)
assert keypair.public_key == keypair2.public_key
Batch Verification (Ed25519)
from metamui_crypto import Ed25519
# Prepare multiple signatures
messages = [b"msg1", b"msg2", b"msg3"]
keypairs = [Ed25519.generate_keypair() for _ in range(3)]
signatures = [
Ed25519.sign(msg, kp.private_key)
for msg, kp in zip(messages, keypairs)
]
# Batch verify (more efficient than individual verification)
public_keys = [kp.public_key for kp in keypairs]
all_valid = Ed25519.batch_verify(signatures, messages, public_keys)
Sr25519 with Context
from metamui_crypto import Sr25519
# Sr25519 supports signing contexts
keypair = Sr25519.generate_keypair()
message = b"Transfer 100 DOT"
context = b"substrate"
# Sign with context
signature = Sr25519.sign_with_context(
message,
keypair.private_key,
context
)
# Verify with same context
is_valid = Sr25519.verify_with_context(
signature,
message,
keypair.public_key,
context
)
Security Considerations
Key Generation
- Always use cryptographically secure random number generators
- Store private keys securely (consider hardware security modules)
- Never reuse nonces or randomness
Signature Malleability
- Ed25519 signatures can be malleable without proper validation
- Ed25519-ZIP215 addresses specific malleability concerns
- Always use canonical signature encoding
Side-Channel Protection
- All implementations use constant-time operations
- Protected against timing attacks
- Memory is securely cleared after use
Implementation Details
Ed25519
- Based on Curve25519 in Edwards form
- Uses SHA-512 for hashing
- Deterministic signatures (no randomness needed)
- Fast verification with batch support
Sr25519
- Schnorr signatures with Ristretto compression
- Supports VRF (Verifiable Random Functions)
- Hierarchical deterministic key derivation
- Used extensively in Substrate/Polkadot
Performance Benchmarks
| Operation | Ed25519 | Sr25519 | Ed25519-ZIP215 |
|---|---|---|---|
| Key Generation | 15 μs | 18 μs | 15 μs |
| Sign | 25 μs | 30 μs | 25 μs |
| Verify | 50 μs | 55 μs | 52 μs |
| Batch Verify (64) | 1.2 ms | N/A | 1.2 ms |
Best Practices
- Choose the Right Algorithm
- Ed25519 for general use
- Sr25519 for Substrate/Polkadot
- Ed25519-ZIP215 for Zcash compatibility
- Secure Key Management
- Generate keys in secure environments
- Use hardware security modules when possible
- Implement key rotation policies
- Signature Verification
- Always verify signatures before trusting data
- Use batch verification for multiple signatures
- Check for canonical encoding
- Avoid Common Pitfalls
- Never reuse signing nonces
- Don’t implement your own crypto
- Always use constant-time operations
Migration Guide
From RSA to Post-Quantum ⚠️ URGENT
# Current RSA-2048 (DEPRECATED BY 2030)
from metamui_crypto import RSA2048
rsa_key = RSA2048.generate_key()
rsa_signature = RSA2048.sign(message, rsa_key)
# Hybrid mode during transition (RECOMMENDED NOW)
from metamui_crypto import RSA2048, MLDSA65
rsa_sig = RSA2048.sign(message, rsa_key)
pqc_sig = MLDSA65.sign(message, pqc_key)
hybrid_sig = combine(rsa_sig, pqc_sig)
# Future PQC-only (REQUIRED BY 2030)
from metamui_crypto import MLDSA65 # or Falcon512
keypair = MLDSA65.generate_keypair()
signature = MLDSA65.sign(message, keypair.private_key)
From RSA/ECDSA to Ed25519
# Old RSA/ECDSA code
# rsa_key = RSA.generate(2048)
# signature = rsa_key.sign(message)
# New Ed25519 code (NOT quantum-safe but faster)
from metamui_crypto import Ed25519
keypair = Ed25519.generate_keypair()
signature = Ed25519.sign(message, keypair.private_key)
From Other Ed25519 Libraries
# Most Ed25519 libraries are compatible
# Just ensure you're using the same encoding
# libsodium/PyNaCl
# signing_key = nacl.signing.SigningKey.generate()
# MetaMUI (compatible)
keypair = Ed25519.generate_keypair()
# Use keypair.private_key as signing key