From 897064abf44bf4b6830825c581aa94468b7ce6b2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Sep 2025 21:40:17 +0000 Subject: [PATCH 1/2] fix(deps): update dependency @noble/ed25519 to v3 --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index ffe6e8eb8..cf441625b 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ }, "dependencies": { "@interledger/open-payments": "^7.1.3", - "@noble/ed25519": "^2.3.0", + "@noble/ed25519": "^3.0.0", "@noble/hashes": "^2.0.1", "@radix-ui/react-tabs": "^1.1.13", "awilix": "^12.0.5", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index adfb4f12a..bab1e97f0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -19,8 +19,8 @@ importers: specifier: ^7.1.3 version: 7.1.3 '@noble/ed25519': - specifier: ^2.3.0 - version: 2.3.0 + specifier: ^3.0.0 + version: 3.0.0 '@noble/hashes': specifier: ^2.0.1 version: 2.0.1 @@ -821,8 +821,8 @@ packages: '@napi-rs/wasm-runtime@0.2.11': resolution: {integrity: sha512-9DPkXtvHydrcOsopiYpUgPHpmj0HWZKMUnL2dZqpvC42lsratuBG06V5ipyno0fUek5VlFsNQ+AcFATSrJXgMA==} - '@noble/ed25519@2.3.0': - resolution: {integrity: sha512-M7dvXL2B92/M7dw9+gzuydL8qn/jiqNHaoR3Q+cb1q1GHV7uwE17WCyFMG+Y+TZb5izcaXk5TdJRrDUxHXL78A==} + '@noble/ed25519@3.0.0': + resolution: {integrity: sha512-QyteqMNm0GLqfa5SoYbSC3+Pvykwpn95Zgth4MFVSMKBB75ELl9tX1LAVsN4c3HXOrakHsF2gL4zWDAYCcsnzg==} '@noble/hashes@2.0.1': resolution: {integrity: sha512-XlOlEbQcE9fmuXxrVTXCTlG2nlRXa9Rj3rr5Ue/+tX+nmkgbX720YHh0VR3hBF9xDvwnb8D2shVGOwNx+ulArw==} @@ -4251,7 +4251,7 @@ snapshots: '@tybys/wasm-util': 0.9.0 optional: true - '@noble/ed25519@2.3.0': {} + '@noble/ed25519@3.0.0': {} '@noble/hashes@2.0.1': {} From c32ab52b3d79ee7af3cc881fafc35967fb045ecb Mon Sep 17 00:00:00 2001 From: Sid Vishnoi <8426945+sidvishnoi@users.noreply.github.com> Date: Tue, 30 Sep 2025 15:14:06 +0530 Subject: [PATCH 2/2] ed25519 keypair generation and usage --- src/background/services/openPayments.ts | 2 +- src/shared/crypto.ts | 14 ++------------ 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/src/background/services/openPayments.ts b/src/background/services/openPayments.ts index a16eafd93..2888cd7ae 100644 --- a/src/background/services/openPayments.ts +++ b/src/background/services/openPayments.ts @@ -98,7 +98,7 @@ export class OpenPaymentsService { id: keyId, alg: 'ed25519', async sign(data: Uint8Array) { - return Buffer.from(await ed.signAsync(data, key.slice(16))); + return Buffer.from(await ed.signAsync(data, key)); }, }; } diff --git a/src/shared/crypto.ts b/src/shared/crypto.ts index de2456bb6..ffcd63fd7 100644 --- a/src/shared/crypto.ts +++ b/src/shared/crypto.ts @@ -1,18 +1,8 @@ import * as ed from '@noble/ed25519'; export async function generateEd25519KeyPair() { - const rawPrivateKey = ed.utils.randomPrivateKey(); - // PKCS#8 format (version + algorithm) - // Adding these values upfront solves the future import of the key using - // `crypto.subtle.importKey` once the WebCrypto API supports the Ed25519 algorithm. - // biome-ignore format: inline array looks cleaner - const privateKey = new Uint8Array([ - 48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, - ...rawPrivateKey, - ]) - const publicKey = await ed.getPublicKeyAsync(rawPrivateKey); - - return { privateKey, publicKey }; + const keyPair = await ed.keygenAsync(); + return { privateKey: keyPair.secretKey, publicKey: keyPair.publicKey }; } export function exportJWK(key: Uint8Array, kid: string) {