Expand description
§Ed25519 keypair bundle with post-quantum commitment
Keys packages together everything a client or server needs to sign messages and be
identified on the network:
- the Ed25519 secret half (
signature_key) used to sign, - the Ed25519 public half in two forms (
verification_keyfor verification, and the serialisableverification_key_bytesfor wire/storage), - and the 32-byte
pq_commitment_bytes(Falcon + Dilithium commitments — seecrate::tools::keys_post_quantum) that future-proofs the identity.
Construction paths:
Keys::from_rnd— generate a fresh random keypair (optionally skipping the slow PQ commitment derivation for test scenarios).Keys::from_seed— deterministic derivation from a 32-byte seed; used internally and by tests that need reproducible keys.Keys::from_phrase— Argon2 stretch a user-supplied passphrase into a 32-byte seed, then derive keys from it. Passphrase-recoverable accounts.
Persistence:
Keys::to_persistence/Keys::from_persistenceencrypt the full keypair under a passphrase using ChaCha20Poly1305 for at-rest storage in the key locker.