Merge pull request libp2p#1134 from GautamBytes/fix/issue-ed25519-interop

seetadev · web-flow · commit 1a54acd5744d · 2026-01-29T15:41:25.000+05:30
Fix Ed25519 key generation interoperability
diff --git a/libp2p/crypto/ed25519.py b/libp2p/crypto/ed25519.py
@@ -5,6 +5,7 @@
 the PyNaCl library. Ed25519 is used for libp2p peer identity signatures.
 """
 
+from nacl.bindings import crypto_core_ed25519_is_valid_point
 from nacl.exceptions import (
     BadSignatureError,
 )
@@ -66,8 +67,25 @@ def __init__(self, impl: PrivateKeyImpl) -> None:
     def new(cls, seed: bytes | None = None) -> "Ed25519PrivateKey":
         if seed:
             private_key_impl = PrivateKeyImpl(seed)
+            if not crypto_core_ed25519_is_valid_point(
+                bytes(private_key_impl.verify_key)
+            ):
+                raise ValueError(
+                    "Provided seed generates a public key that is not a "
+                    "valid Ed25519 curve point."
+                )
         else:
-            private_key_impl = PrivateKeyImpl.generate()
+            for _ in range(100):
+                private_key_impl = PrivateKeyImpl.generate()
+                if crypto_core_ed25519_is_valid_point(
+                    bytes(private_key_impl.verify_key)
+                ):
+                    break
+            else:
+                raise RuntimeError(
+                    "Failed to generate a valid Ed25519 key after 100 attempts."
+                )
+
         return cls(private_key_impl)
 
     def to_bytes(self) -> bytes:
diff --git a/newsfragments/921.bugfix.rst b/newsfragments/921.bugfix.rst
@@ -0,0 +1 @@
+Fixed interoperability issue where generated Ed25519 keys were not always valid curve points, complying with strict ZIP-215 validation.
diff --git a/tests/core/crypto/test_ed25519_comprehensive.py b/tests/core/crypto/test_ed25519_comprehensive.py
@@ -6,6 +6,7 @@
 """
 
 import pytest
+from nacl.bindings import crypto_core_ed25519_is_valid_point
 
 from libp2p.crypto.ed25519 import (
     Ed25519PrivateKey,
@@ -266,3 +267,29 @@ def test_public_key_equality(self):
 
         # Note: Ed25519PublicKey is not hashable, so we can't test set operations
         # This is expected behavior for cryptographic key objects
+
+    def test_generated_keys_are_valid_curve_points(self):
+        """
+        Test that keys generated by Ed25519PrivateKey.new() are always
+        valid curve points. This prevents interoperability issues with
+        strict implementations (e.g. Rust).
+        """
+        # 1. Test Random Generation (50 iterations for probabilistic check)
+        for _ in range(50):
+            key_pair = create_new_key_pair()
+            is_valid = crypto_core_ed25519_is_valid_point(
+                key_pair.public_key.to_bytes()
+            )
+            assert is_valid is True, "Generated public key is not a valid curve point"
+
+        # 2. Test Seeded Generation with various patterns
+        seeds = [
+            b"a" * 32,
+            b"b" * 32,
+            b"\x00" * 32,
+            b"\xff" * 32,
+            bytes(range(32)),
+        ]
+        for seed in seeds:
+            key = Ed25519PrivateKey.new(seed)
+            assert crypto_core_ed25519_is_valid_point(key.get_public_key().to_bytes())

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Fixed interoperability issue where generated Ed25519 keys were not always valid curve points, complying with strict ZIP-215 validation.`