Ed25519 Signature

Ed25519 is a public-key signature scheme designed by Daniel Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. It uses the EdDSA construction over the Curve25519 elliptic curve and produces 64-byte signatures that can be verified in roughly 100 microseconds on a modern CPU. The keypair is 32 bytes private, 32 bytes public.

Trillboards uses Ed25519 as the signing primitive for proof-of-play. Each screen generates an Ed25519 keypair during first boot; the private key stays in the screen's secure-key store and never leaves the device; the public key is registered with the Trillboards API at device onboarding. Every playout the screen emits is signed with the private key; any verifier can fetch the public key from GET /v1/advertiser/proof/.well-known/public-key and validate.

Ed25519 was chosen over RSA-2048 (much slower signing on low-power tablets) and ECDSA over secp256k1 (vulnerability to nonce-reuse attacks if the player's RNG is weak). Ed25519's deterministic-nonce construction sidesteps the ECDSA RNG problem entirely — the same message always produces the same signature, and a correct implementation has no extractable bias.

Practical note: Ed25519 is implemented natively in modern Android (since API 31), iOS (since iOS 13), and via libsodium / NaCl on Node.js. The Trillboards edge SDK uses libsodium under the hood for both signing and verification.