SIE1: A BIE1-based ECIES implementation that is compatible with Ed25519 keys on Solana.
The encryption protocol does the following:
- Converts an Ed25519 public and private key to their X25519 keys. If no private key is provided, a new one is generated on the fly.
- Computes a shared secret using ECDH
- Creates a Public key from the shared secret
- SHA512 hashes it and splits the resulting bytes into iv, kE and kM
- AESCBC encrypts the desired message with kE and iv
- Checksums the message with kM using SHA256-HMAC
In order to reverse this process, the decryption protocol does the following:
- Takes in the private key of the opposing public key provided in the encryption phase
- Extracts the public key of the opposing private key provided/created in the encryption phase
- Computes the same shared secret using ECDH, but with the opposing keys to those in the encryption phase
- Creates a Public key from the shared secret
- SHA512 hashes it and splits the resulting bytes into iv, kE and kM
- AESCBC decrypts the ciphertext with kE and iv
- Calculates the SHA256-HMAC of the message to ensure the provided checksum matches