dcec7ca2dc
Per #798, we want to make sure that we never pass around an `ed25519::SecretKey`; only an `ed25519::Keypair` (or `ExpandedKeypair`). This is because, when you're computing an ed25519 signature, you have to use the public key as one of your inputs, and if you ever use a mismatched public key you are vulnerable to a nonce reuse attack. (For more info see https://moderncrypto.org/mail-archive/curves/2020/001012.html ) |
||
---|---|---|
.. | ||
misc.rs | ||
testvec.rs |