interledger · sidvishnoi · Sep 30, 2025 · Sep 30, 2025 · Sep 30, 2025 · Oct 1, 2025
diff --git a/package.json b/package.json
@@ -27,7 +27,7 @@
   },
   "dependencies": {
     "@interledger/open-payments": "^7.1.3",
-    "@noble/ed25519": "^2.3.0",
+    "@noble/ed25519": "^3.0.0",
     "@noble/hashes": "^2.0.1",
     "@radix-ui/react-tabs": "^1.1.13",
     "awilix": "^12.0.5",

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/src/background/services/openPayments.ts b/src/background/services/openPayments.ts
@@ -4,7 +4,8 @@ import {
   createAuthenticatedClient,
   OpenPaymentsClientError,
 } from '@interledger/open-payments/dist/client';
-import * as ed from '@noble/ed25519';
+import { signAsync } from '@noble/ed25519';
+import { hexToBytes } from '@noble/hashes/utils.js';
 import type { Request } from 'http-message-signatures';
 import { signMessage } from 'http-message-signatures/lib/httpbis';
 import { createContentDigestHeader } from 'httpbis-digest-headers';
@@ -98,7 +99,7 @@ export class OpenPaymentsService {
       id: keyId,
       alg: 'ed25519',
       async sign(data: Uint8Array) {
-        return Buffer.from(await ed.signAsync(data, key.slice(16)));
+        return Buffer.from(await signAsync(data, key));
       },
     };
   }
@@ -162,7 +163,12 @@ export class OpenPaymentsService {
 
   async initClient(walletAddressUrl: string) {
     const { privateKey, keyId } = await this.getPrivateKeyInformation();
-
+    let privateKeyBytes = hexToBytes(privateKey);
+    if (privateKeyBytes.length === 48) {
+      // For keys generated before https://github.com/interledger/web-monetization-extension/pull/1192
+      // biome-ignore format: inline array looks cleaner
+      privateKeyBytes = privateKeyBytes.slice(16)
+    }
     this.client = await createAuthenticatedClient({
       validateResponses: false,
       requestTimeoutMs: 10_000,
@@ -185,7 +191,7 @@ export class OpenPaymentsService {
               ? JSON.stringify(await request.json())
               : undefined,
           },
-          privateKey: ed.etc.hexToBytes(privateKey),
+          privateKey: privateKeyBytes,
           keyId,
         });
 

diff --git a/src/shared/crypto.ts b/src/shared/crypto.ts
@@ -1,18 +1,8 @@
-import * as ed from '@noble/ed25519';
+import { keygenAsync } from '@noble/ed25519';
 
 export async function generateEd25519KeyPair() {
-  const rawPrivateKey = ed.utils.randomPrivateKey();
-  // PKCS#8 format (version + algorithm)
-  // Adding these values upfront solves the future import of the key using
-  // `crypto.subtle.importKey` once the WebCrypto API supports the Ed25519 algorithm.
-  // biome-ignore format: inline array looks cleaner
-  const privateKey = new Uint8Array([
-    48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32,
-    ...rawPrivateKey,
-  ])
-  const publicKey = await ed.getPublicKeyAsync(rawPrivateKey);
-
-  return { privateKey, publicKey };
+  const keyPair = await keygenAsync();
+  return { privateKey: keyPair.secretKey, publicKey: keyPair.publicKey };
 }
 
 export function exportJWK(key: Uint8Array, kid: string) {