This follows a discussion with an auditor on ED25519 in libp2p.
We need to use all measures possible to prevent leaking private keys, hence I recommend that all private keys use distinct byte.
We should also prevent toHex, == on them or for toHex output a SecretHex / SecretString.
This follows a discussion with an auditor on ED25519 in libp2p.
We need to use all measures possible to prevent leaking private keys, hence I recommend that all private keys use distinct byte. We should also prevent
toHex,==on them or fortoHexoutput aSecretHex/SecretString.In nim-beacon-chain this should prevent introducing private key logging by mistake: https://github.com/status-im/nim-beacon-chain/blob/40c2714ff30c811978fcc234f438ddd473851009/beacon_chain/spec/crypto.nim#L312-L314
Even though some thoughts was given to prevent that: https://github.com/status-im/nim-beacon-chain/blob/40c2714ff30c811978fcc234f438ddd473851009/beacon_chain/spec/crypto.nim#L186-L187