secretKeyMultibase size incorrect

[brianorwhatever]

This library creates secretKeyMultibase values that are 64 bytes in size whereas the DI spec says that they should be only 32 bytes. I assume the public key is appended or prepended and this is what used to be done in the older signature suites and maybe this has been updated? The @noble/ed25519 crypto package expects only 32 bytes.

[dlongley]

Yeah, there was some debate on how this should be formatted and we ended up on cutting it to 32 bytes. We should update this package and do a major release. Note: You're right that it's just appending the public key onto the secret key material to get to 64 bytes.

[dlongley]

There is already some code that does something around this... so we should investigate to figure out what is needed:

https://github.com/digitalbazaar/ed25519-multikey/blob/main/lib/serialize.js#L12

[dlongley]

@brianorwhatever,

There's an option, canonicalize that can be set to true to force old keys that used 64 bytes to output 32 when exporting, see here:

https://github.com/digitalbazaar/ed25519-multikey/blob/main/lib/serialize.js#L14-L15

The current version doesn't mess with imported keys, exporting them the same way they were imported (it looks like). We could have a new major release that defaults to canonicalize=true -- or we could leave things as-is.