The app maintains cryptographic compatibility with Tribler, using Libsodium. To achieve this, Java JNI bindings has been used to allow the Trustchain Android app to use native libsodium method invocations.
Libsodium supports the notion of Dual Secrets, an object that supports both encryption and signing. The key formats used in the app match the keys used in Triber, using
xsalsa20poly1305 for identity management and
ed25519 for signing.
During transmission and storage, keys are serialized and deserialized in the following manner:
- Public key pair:
LibNaCLPk:+ public key bytes + verify key bytes
- Private key pair:
LibNaCLSk:+ encryption seed + signing seed
The signing key is then generated using the signing seed. The private key can be generated from the encryption seed.