We welcome contributions to this list of high-sensitive ed25519 content — just send a pull request!
Types of requests should include any of the following:
- adding one or more affected libraries that allow the vulnerable ed25519 signing api(s)
- improving the exploit description in the main readme file
- adding news and blog post references to this vulnerability
- adding proof of concept implementation references (or push the whole code to this repo)
- any other relevant (edu) material that improves community awareness around visibility of this potential exploit.
As the list grows over time, we may do more curation by splitting some sections from the list into separate docs and highlight a smaller set of prominent projects on the main list.
However, we will always bias toward inclusion of anything a cryptography community member might find interesting or useful.
Ensure your addition adheres to the following guidelines:
- Use the following format for reporting affected libraries:
[project](link) - description. - Link should point to the GitHub repo and line reference, if applicable.
- Descriptions should
- be short and simple, but descriptive;
- not be marketing taglines;
- not be title-case;
- begin with a capital;
- end with a full stop/period;
- not have trailing whitespaces.
- Additions should be added to the bottom of the relevant category.
- New categories or improvements to the existing categorization are welcome, but should be done in a separate pull request.
- Check your spelling and grammar.
Thank you for your suggestion!
A lot of times, making a PR adhere to the standards above can be difficult. If the maintainers notice anything that we'd like changed, we'll ask you to edit your PR before we merge it. If you're not sure how to do that, here is a guide on the different ways you can update your PR so that we can merge it.