A naive implementation of a twisted Ed25519 curve in Plutus for fun. This implementation is naive since it implements the twisted Edward curve over the finite field F_q (q = 2^255-19) in a mathematical correct but inefficient way.

This is not an audited, use at your own risk!

From the source of these improvements see the original DJB paper "High speed High-security signatures".

• Use bitwise primitives and Redix 64 notation of the field to improve the speed of multiplication of points.
• Represent group points in their projective plane form to prevent the usage of the costly field inversion in point addition.

• Add El Gamal and some ZK proofs (DLOG and DLEQ) and possibly a proof of correct shuffle (though I do not know how succinct this proof is).
• Add an EC VRF. It would be cool to have onchain randomness generated this way as chainlink does.