How to generate a BIP39 mnemonic from an Ed25519 (Ed25519+libsodium, with 8 for salt, 48 for key plus 32 bytes) encrypted private key? I have an Ed25519 encrypted private key (for which I know the password). I would like to create a BIP39 mnemonic from it.
This is to import a private key generated elsewhere into a Nano Ledger S wallet. I get this is not recommended, but I am aware of the risks and want to make it an exercise.
An Ed25519 private key can come in any of several typical forms—almost always either just a 32-byte or 64-byte string. Which form you have or need depends on what software or protocol you are using it with.
For, e.g., a BIP32-style hierarchical wallet, for instance, you almost certainly need the full 64-byte string encoding the PRF secret and the secret scalar. I don't know about the Nano Ledger S: if you want a specific answer about it, you'll have to point to specific documentation about the specific protocol that the Nano Ledger S implements.
If you already have an Ed25519 private key, then you can't generate a BIP39 mnemonic from it because BIP39 is a system for generating keys by way of generating mnemonics from which the keys are derived. Inventing a BIP39 mnemonic for a private key not generated from one would be an amazing feat of cryptography demonstrating an unbelievably structured preimage attack on SHA-256.
If you want to generate an Ed25519 private key by way of a mnemonic, then you could in principle use BIP39 for that. Whether the software you're using supports it, I can't say.
If all you want is a memorable representation of an Ed25519 private key or any other (say) 32-byte string, you could take a (say) 256-entry word list, and map each octet to a word, yielding a 32-word mnemonic. If 32 words is too long, you could use a 65536-entry word list and map a 32-byte string to a 16-word mnemonic. That's not BIP39, but it is a potentially memorable way you could back up an Ed25519 private key.
