Ed25519Signature2020 is a standardized cryptographic suite defined by the W3C for creating and verifying digital signatures on Linked Data documents, such as Verifiable Credentials (VCs) and Verifiable Presentations. It specifies the use of the Ed25519 elliptic curve digital signature algorithm, which is known for its high performance, strong security, and small key sizes. This suite provides a concrete set of rules for canonicalizing data, creating a cryptographic digest, and generating a signature that can be independently verified, ensuring data integrity and authentication in decentralized identity systems.
LABS
Glossary
Ed25519Signature2020
Ed25519Signature2020 is a cryptographic suite specification for creating and verifying digital signatures on Linked Data using the Ed25519 signature algorithm.
Chainscore © 2026
definition
CRYPTOSUITE
What is Ed25519Signature2020?
Ed25519Signature2020 is a cryptographic suite specification for creating and verifying digital signatures using the Ed25519 algorithm, designed for use with Linked Data and Verifiable Credentials.
The suite operates by first transforming the input JSON-LD data into a deterministic form through a process called URDNA2015 canonicalization (also known as RDF Dataset Canonicalization). This step is critical for Linked Data, as the same semantic information can be expressed in multiple syntactically different JSON documents. After canonicalization, the data is hashed using the SHA-256 algorithm to produce a digest. The Ed25519 private key is then used to sign this digest, resulting in a Ed25519Signature2020 data integrity proof that is attached to the original document.
A key component of this proof is the verification method, which is typically expressed as a DID URL (e.g., did:example:123#key-1) pointing to the public key within a Decentralized Identifier (DID) document. This creates a strong, cryptographically verifiable link between the issuer of a credential, their public key, and the signed data. The suite's design ensures selective disclosure is possible when combined with other technologies, though the base Ed25519Signature2020 itself produces a signature over the entire canonicalized dataset.
Ed25519Signature2020 is a cornerstone of the W3C Verifiable Credentials Data Model, providing a practical and widely implemented signature option. Its advantages include speed and security, making it suitable for environments requiring high-throughput verification, such as mobile or IoT contexts. When comparing suites, it is often contrasted with JSON Web Signatures (JWS) and other suites like EcdsaSecp256k1Signature2019, with the primary differentiators being its reliance on RDF canonicalization and its native integration with the Linked Data proof format.
Developers implement this suite by following the specification to create a DataIntegrityProof with type set to Ed25519Signature2020. The proof object includes the verification method, proof purpose (e.g., assertionMethod), the signature value itself, and a created timestamp. Libraries such as jsonld-signatures and vc-js provide built-in support for creating and verifying these proofs, handling the complex steps of canonicalization and signing transparently.
how-it-works
CRYPTOSUITE EXPLAINER
How Ed25519Signature2020 Works
An in-depth look at the cryptographic suite for signing and verifying Linked Data using the Ed25519 algorithm, a core component of decentralized identity.
Ed25519Signature2020 is a Linked Data Proof cryptosuite defined in the W3C Verifiable Credentials Data Integrity specification that uses the Ed25519 elliptic curve digital signature algorithm to create and verify proofs on JSON-LD documents. It provides a standardized method for generating a cryptographic signature over a canonicalized and hashed representation of the data, ensuring the integrity and authenticity of the signed information. This suite is distinguished by its use of the RDF Dataset Canonicalization (RDFC-1.0) algorithm and the SHA-256 hash function to create a deterministic data payload before signing, which is critical for interoperability across different systems.
The signing process follows a precise sequence: first, the input JSON-LD document is transformed into an RDF dataset using a JSON-LD processor. This dataset is then canonicalized using RDFC-1.0, producing a unique, deterministic N-Quads representation. The canonicalized data is hashed with SHA-256 to create the final payload for the signature. The signer's private key, corresponding to an Ed25519 public key listed in a verification method within the document, is used to generate the Ed25519Signature2020 proof object. This proof contains the signature value itself and metadata such as the proofPurpose, verificationMethod, and created timestamp.
Verification is the inverse process. The verifier retrieves the signer's public key from the verificationMethod, re-computes the canonicalization and hash of the document (excluding the proof), and uses the Ed25519 algorithm to check the signature against the computed hash. A successful verification proves that the data has not been altered since it was signed by the holder of the corresponding private key. This process is selective disclosure-ready; the suite can be used with mechanisms like BBS+ signatures for derived proofs, though Ed25519Signature2020 itself creates signatures over the entire disclosed data set.
A key advantage of Ed25519Signature2020 is its performance and wide support. The Ed25519 algorithm is known for its fast verification speeds, small key sizes, and built-in resilience to common cryptographic pitfalls. As a Data Integrity suite, it is a foundational building block for Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs), enabling use cases like digital driver's licenses, educational credentials, and professional certifications. Its standardization within the W3C ecosystem ensures it can be implemented consistently across various verifiable data registry platforms and agent frameworks.
When implementing this suite, developers must ensure correct canonicalization, as even semantically identical JSON-LD documents with different key orders or formatting will produce different canonical hashes, causing verification to fail. The suite is typically identified by the type property set to "Ed25519Signature2020" within a proof object. It represents a move away from older, less secure proof types like Ed25519Signature2018, incorporating modern cryptographic standards and the rigorous data integrity model defined by the W3C.
key-features
SIGNATURE SUITE
Key Features of Ed25519Signature2020
Ed25519Signature2020 is a W3C Verifiable Credentials signature suite that uses the EdDSA algorithm with the Curve25519 elliptic curve for creating and verifying cryptographically secure digital proofs.
01
Algorithm & Curve
The suite is based on the Edwards-curve Digital Signature Algorithm (EdDSA) using the Curve25519 elliptic curve. This combination is renowned for its high performance, strong security guarantees, and resistance to side-channel attacks. It provides 128-bit security, comparable to RSA-3072 or ECDSA with P-256, but with faster signing and verification operations.
02
Linked Data Proof Format
It produces Linked Data Proofs, a JSON-LD-based format that embeds the signature data directly into the credential's JSON structure. This includes:
- proofPurpose: The intent (e.g.,
assertionMethod). - verificationMethod: The public key identifier.
- created: The proof's timestamp.
- proofValue: The base58-encoded signature itself. This structure ensures the proof is cryptographically bound to the exact data it signs.
03
Deterministic Signatures
Unlike ECDSA, which requires a unique random nonce for each signature, EdDSA signatures are deterministic. The same private key and message will always produce the same signature. This eliminates a critical failure mode where poor randomness can lead to private key compromise, significantly enhancing implementation security and reliability.
04
Cryptographic Suite Context
The suite is formally defined by the https://w3id.org/security/suites/ed25519-2020/v1 JSON-LD context. This context provides the necessary vocabulary and data model for processors to understand and validate the proof format, ensuring interoperability across different verifiable credential implementations that support this standard.
05
Selective Disclosure (with Merkle Proofs)
While the base suite signs the entire credential, it is commonly used as a foundation for selective disclosure mechanisms. It can be combined with BBS+ signatures or Merkle Disclosing Proofs (MDP) to allow a holder to cryptographically prove only specific claims from a credential without revealing the entire document, enabling privacy-preserving verification.
06
Verification Process
Verification involves several steps:
- Canonicalization: Transforming the signed data into a deterministic byte array using the URDNA2015 (RDF Dataset Normalization) algorithm.
- Hashing: Creating a cryptographic digest of the canonicalized data.
- Signature Check: Using the signer's public key (from the
verificationMethod) to verify theproofValuesignature against the hash. This process ensures data integrity and authenticates the issuer.
etymology-and-specification
CRYPTOGRAPHIC SUITE
Etymology and Specification
This section details the formal definition and technical lineage of the Ed25519Signature2020 cryptographic suite, a cornerstone of modern decentralized identity.
The Ed25519Signature2020 is a Linked Data Proof suite defined by the W3C that uses the Ed25519 digital signature algorithm to create and verify cryptographically secure proofs on JSON-LD documents. It is formally specified in the W3C Verifiable Credentials Data Integrity specification, providing a standardized method for ensuring data integrity and authenticity in decentralized identity ecosystems like Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs). The suite's name follows a common pattern in the W3C ecosystem: the cryptographic algorithm (Ed25519) followed by the proof purpose (Signature) and the year of its primary specification (2020).
The etymology of the term is directly derived from its core components. Ed25519 refers to the Edwards-curve Digital Signature Algorithm using the twisted Edwards curve over the finite field defined by the prime 2^255 - 19, a highly efficient and secure algorithm developed by Daniel J. Bernstein et al. The Signature component indicates its primary function as a digital signature mechanism for non-repudiation. The 2020 suffix denotes the year the cryptographic suite was formally introduced and standardized within the W3C's Verifiable Credentials working group, distinguishing it from potential future iterations or similar suites.
Technically, the suite specifies the exact cryptographic primitives and data serialization methods required for interoperability. This includes the use of the Ed25519 algorithm for signing, the SHA-256 hash function for creating the data to be signed (the proof hash), and a strict JSON-LD canonicalization algorithm (like URDNA2015) to ensure the data is serialized identically for both signer and verifier. The specification mandates the format of the resulting proof object, which includes essential fields like type, verificationMethod, created, and the proofValue (the Base58-encoded signature).
Its role within the specification is to provide a concrete, testable implementation profile for Data Integrity proofs. Unlike a general description of Ed25519, the Ed25519Signature2020 suite defines precisely how to use the algorithm within the context of Linked Data and the Verifiable Credentials data model. This eliminates ambiguity for developers, ensuring that a proof created by one software library can be validated by another, fostering ecosystem interoperability. It is a key building block for trust in decentralized systems where cryptographic verification replaces centralized authorities.
In practice, the specification addresses critical security considerations such as key rotation, proof purpose validation (e.g., assertionMethod or authentication), and protection against replay attacks through the use of the created timestamp and optional challenge or domain parameters. By bundling these conventions with the core signing algorithm, Ed25519Signature2020 elevates a raw cryptographic primitive into a full-fledged, context-aware verification protocol suitable for the complex graph-based data structures of the semantic web.
ecosystem-usage
SIGNATURE SUITE
Ecosystem Usage and Adoption
Ed25519Signature2020 is a Linked Data Proof signature suite used to create and verify cryptographically secure digital signatures for verifiable credentials and decentralized identifiers (DIDs).
01
Core Cryptographic Foundation
The suite is built on the Ed25519 elliptic curve algorithm, which provides:
- High performance with fast signature generation and verification.
- Strong security with 128-bit security strength.
- Compact signatures of 64 bytes, making it efficient for storage and transmission. It uses the RDF Dataset Canonicalization algorithm to create a deterministic data hash before signing, ensuring integrity.
02
Primary Use Case: Verifiable Credentials
Ed25519Signature2020 is a cornerstone for W3C Verifiable Credentials. It cryptographically binds a credential (like a digital driver's license) to its issuer's Decentralized Identifier (DID).
- Example: A university issues a digital diploma. The credential is signed with the university's private key using this suite. Anyone can verify the signature against the university's public key listed in its DID document.
03
Decentralized Identifier (DID) Authentication
The suite is specified in a DID's authentication or assertionMethod verification relationship.
- A DID controller proves control by signing a challenge with their private key.
- A verifier checks the signature against the public key in the DID document. This enables password-less, cryptographic authentication for decentralized systems.
04
Key W3C & IETF Specifications
Ed25519Signature2020 is defined by major web standards bodies, ensuring interoperability:
- W3C VC Data Integrity Specification: Defines the signature suite's proof format.
- IETF RFC 8037: Specifies the core Ed25519 algorithm.
- JSON-LD Contexts: Uses
https://w3id.org/security/suites/ed25519-2020/v1to define the cryptographic terms in a machine-readable way.
05
Adoption in SSI & Identity Networks
Widely implemented by Self-Sovereign Identity (SSI) platforms and DID methods:
- Sidetree-based protocols (ION, Element): Use it for DID operation anchoring.
- Veramo & Aries Frameworks: Provide SDK support for creating and verifying these signatures.
- Digital Wallet Providers: Used to sign verifiable presentations from user-held credentials.
06
Comparison with Other Suites
Contrasted with other common Linked Data Proof suites:
- vs. Ed25519Signature2018: The 2020 version uses the newer RDF Dataset Canonicalization standard, fixing graph normalization ambiguities.
- vs. JSON Web Signatures (JWS): Ed25519Signature2020 is JSON-LD native, preserving semantic context, whereas JWS is a generic compact serialization.
- vs. EcdsaSecp256k1Signature2019: Uses a different elliptic curve (Ed25519 vs. secp256k1), common in Bitcoin/Ethereum contexts.
security-considerations
ED25519SIGNATURE2020
Security Considerations
Ed25519Signature2020 is a Linked Data Signature suite providing cryptographic integrity for verifiable credentials and data. Its security is defined by the underlying Ed25519 algorithm and its implementation within the W3C Verifiable Credentials data model.
01
Algorithmic Security
The Ed25519Signature2020 suite relies on the EdDSA (Edwards-curve Digital Signature Algorithm) using the Curve25519 elliptic curve. Its primary security properties are:
- Strong Collision Resistance: Based on the SHA-512 hash function.
- High Performance: Designed to be fast and constant-time to mitigate side-channel attacks.
- Deterministic Signatures: Nonces are derived from the private key and message, eliminating the risk of random number generator failures that plagued earlier algorithms like ECDSA.
02
Key Management & Storage
The security of any signature scheme depends on private key security. For Ed25519Signature2020:
- Key Generation: Must use a cryptographically secure random number generator.
- Storage: Private keys should be kept in hardware security modules (HSMs), secure enclaves, or encrypted keystores, never in plaintext.
- Key Rotation: While Ed25519 keys are considered long-lived, protocols should support key revocation and rotation mechanisms to respond to potential compromises.
03
Canonicalization & Data Integrity
Linked Data Signatures sign a canonicalized form of the JSON-LD document, not the raw bytes. This introduces critical considerations:
- Canonicalization Algorithm: Ed25519Signature2020 typically uses URDNA2015 (RDF Dataset Normalization). All parties must apply the exact same algorithm to verify the signature.
- Context Security: The
@contextfield defines the data model. Attackers could alter the context to change the semantic meaning of signed data without breaking the cryptographic signature. Verifiers must pin or trust specific contexts.
04
Implementation & Side-Channel Attacks
The theoretical security of Ed25519 can be undermined by flawed implementations:
- Timing Attacks: Code must run in constant time to prevent leaking key information through operation timing variations.
- Library Audits: Use widely-audited libraries (e.g., libsodium, TweetNaCl) rather than custom implementations.
- Protocol-Level Attacks: Be aware of signature malleability (though Ed25519 is designed to be non-malleable) and ensure the entire verification logic is sound.
05
Quantum Resistance
Ed25519Signature2020 is not quantum-resistant. It is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP).
- Threat Timeline: Large-scale quantum computers, when developed, could break Ed25519 signatures using Shor's algorithm.
- Migration Path: For long-term data integrity (decades), consider post-quantum cryptography (PQC) signature suites or hybrid approaches. The W3C VC data model allows for multiple proof types to facilitate future migration.
06
Verification & Trust Frameworks
A valid signature alone does not establish trust. Security requires a broader framework:
- Key Discovery & Resolution: Verifiers need a secure method to obtain the signer's public key (e.g., via Decentralized Identifiers - DIDs).
- Revocation Checks: Must check if a signature's key or credential has been revoked, which is an external process.
- Proof Purpose: The
proofPurposefield (e.g.,assertionMethod,authentication) must be validated to ensure the signature is used for its intended purpose, preventing misuse.
DID-CORE SIGNATURE SUITES
Comparison with Other Signature Suites
A technical comparison of Ed25519Signature2020 against other common Linked Data Signature suites, highlighting key cryptographic and protocol features.
| Feature | Ed25519Signature2020 | Ed25519Signature2018 | JsonWebSignature2020 | EcdsaSecp256k1Signature2019 |
|---|---|---|---|---|
Cryptographic Curve | Ed25519 (EdDSA) | Ed25519 (EdDSA) | P-256, P-384, etc. (ECDSA) | secp256k1 (ECDSA) |
Proof Format | Data Integrity Proof | RDF Dataset Canonicalization | JSON Web Signature (JWS) | RDF Dataset Canonicalization |
Canonicalization Required | ||||
Default Hashing Algorithm | SHA-256 | SHA-256 | Determined by JWK | SHA-256 |
Linked Data Proof Type | DataIntegrityProof | Ed25519Signature2018 | JsonWebSignature2020 | EcdsaSecp256k1Signature2019 |
Key Representation | Multibase-encoded public key | Base58-encoded public key | JSON Web Key (JWK) | Base58-encoded public key |
Deterministic Signatures | ||||
Common Use Case | Decentralized Identifiers (DIDs) | Verifiable Credentials (legacy) | JWT-based ecosystems | Blockchain-linked credentials |
examples
IMPLEMENTATION PATTERNS
Practical Examples and Use Cases
Ed25519Signature2020 is a core cryptographic suite for creating and verifying Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs). Its primary use is in establishing cryptographic proof of data integrity and origin.
02
Signing Verifiable Credentials
Issuers use Ed25519Signature2020 to create cryptographically verifiable claims about a subject (e.g., a diploma, license, or membership). The signature is attached as proof in the VC JSON-LD document.
- Example: A university issues a digital diploma signed with its institutional key.
- Verification: Anyone can verify the credential's authenticity using the issuer's public DID.
03
Data Integrity Proofs for Linked Data
The suite creates cryptographic proofs for Linked Data (JSON-LD). It uses canonicalization and hashing to create a deterministic data digest before signing, ensuring the signed data's structure is preserved.
- Core Mechanism: Uses the RDF Dataset Canonicalization (RDFC-1.0) algorithm.
- Benefit: Guarantees the signature is valid for the exact semantic meaning of the data, not just its serialization.
04
Secure Interoperability in SSI Ecosystems
Ed25519Signature2020 is a W3C-standardized suite, enabling interoperability across different Self-Sovereign Identity (SSI) platforms and agents (e.g., Aries, DIF agents).
- Why it's used: Its deterministic nature and strong security make it a preferred choice for standardized implementations.
- Ecosystem Example: Used in European Digital Identity (EUDI) Wallet pilots and COVID-19 vaccination credential systems.
05
Performance-Critical Applications
Chosen for scenarios requiring high-speed signing/verification with minimal resource consumption. Ed25519 signatures are fast and small (64 bytes).
- Typical Context: Mobile wallets, IoT devices, or high-throughput credential issuance services.
- Comparison: Offers ~12x faster verification than RSA-2048 and is resistant to side-channel attacks.
06
Key Rotation and Revocation
Demonstrates how keys are managed within a DID lifecycle. A DID controller can add a new Ed25519VerificationKey2020 key to their DID document and sign the update with a previous valid key.
- Process: The update is a signed DID operation anchored to a blockchain.
- Revocation: For VCs, revocation is typically handled by a revocation list or status registry, separate from the signature suite itself.
CRYPTOGRAPHIC SIGNATURE SUITE
Technical Deep Dive
Ed25519Signature2020 is a W3C-verifiable credential signature suite that uses the EdDSA algorithm with the edwards25519 elliptic curve. This section answers key technical questions about its operation, security, and role in decentralized identity.
Ed25519Signature2020 is a W3C-verifiable credential signature suite that uses the EdDSA (Edwards-curve Digital Signature Algorithm) with the edwards25519 elliptic curve to create and verify digital proofs. It works by generating a cryptographic signature over a canonicalized JSON-LD document using a private key, which can be independently verified by anyone possessing the corresponding public key. The suite is defined by a specific cryptosuite identifier (eddsa-rdfc-2022 in its latest draft) and follows the Data Integrity specification, ensuring the signed data is cryptographically bound to the issuer's Decentralized Identifier (DID). This mechanism is foundational for creating tamper-evident credentials in systems like SSI (Self-Sovereign Identity).
ED25519SIGNATURE2020
Common Misconceptions
Ed25519Signature2020 is a cryptographic suite for Linked Data Signatures, but its role in decentralized identity is often misunderstood. This section clarifies its technical scope and limitations.
No, Ed25519Signature2020 is not the raw signature algorithm itself; it is a Linked Data Signature suite that uses the Ed25519 algorithm. The standard Ed25519 algorithm (EdDSA with Curve25519) is a low-level cryptographic primitive for signing arbitrary bytes. Ed25519Signature2020 is a higher-level specification that defines how to create, verify, and serialize a Verifiable Credential or any Linked Data document. It standardizes the canonicalization process (transforming JSON-LD into a deterministic byte string), the hashing method, and the proof format (embedding the signature in a JSON-LD proof object). The cryptographic signing operation at its core is standard Ed25519, but the surrounding data model and processing rules are defined by the W3C suite.
ED25519SIGNATURE2020
Frequently Asked Questions (FAQ)
Answers to common technical questions about the Ed25519Signature2020 cryptographic suite, a standard for creating and verifying digital signatures in decentralized identity systems.
Ed25519Signature2020 is a Linked Data Proof suite that uses the Ed25519 digital signature algorithm to cryptographically sign and verify Verifiable Credentials and other data structures. It works by taking a canonicalized JSON-LD document (transformed into a deterministic byte sequence), creating a cryptographic hash (digest) of that data, and then signing that digest with a private key corresponding to an Ed25519 public key. The resulting proof object, which includes the signature and verification method, is attached to the data, allowing any verifier to check its authenticity and integrity using the signer's public key.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall