Monero secret key (32b) vs libsodium ed25519 secret key (64b)

Question

I'm trying to move cryptographic key operations in the Monero Python module from pure Python to pynacl which is a wrapper around libsodium.

The first problem I stumbled upon is that Monero secret keys are 256 bit (32 bytes) while nacl.bindings.crypto_sign_ed25519_sk_to_pk expects the secret key to be twice as large (64 bytes).

I also see that unclamped scalar is also 64-byte long. Perhaps the reason for key size difference is related to that?

jtgrassie · Answer 1 · 2021-12-01T20:23:50.237

2

Looking at the source you can see it's reading the end bytes from the parameter, and as crypto_sign_SEEDBYTES is defined (1,2) as 32, only the last 32 bytes of the supplied 64 byte parameter are used.

edited Dec 01 '21 at 20:23

answered Dec 01 '21 at 20:14

jtgrassie

19,601
4
17
54

Monero secret key (32b) vs libsodium ed25519 secret key (64b)

1 Answers1