Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt

Use this file to discover all available pages before exploring further.

Low-level cryptographic primitives for Ed25519 signing and verification. Consumed internally by the governance pipeline. Use @parmanasystems/core for most applications - reach for this package only when you need direct access to the underlying sign/verify operations.

Install

npm install @parmanasystems/crypto

Key exports

ExportDescription
signManifestSign a bundle manifest file with a PEM private key
verifySignatureVerify a base64 signature against a file
writeSignatureWrite a base64 signature to disk
readSignatureRead a base64 signature from disk
loadPrivateKeyLoad an Ed25519 PEM private key from a file path
loadPublicKeyLoad an Ed25519 PEM public key from a file path
signBundleAsync variant - sign a manifest using a Signer object
verifyPayloadSignatureVerify a base64 signature over a string payload

Signing a bundle manifest

import { signManifest, writeSignature } from "@parmanasystems/crypto";

const signature = signManifest(
  "./policies/loan-approval/1.0.0/bundle.manifest.json",
  "./trust/root.key"
);

writeSignature(signature, "./policies/loan-approval/1.0.0");
// Writes: bundle.sig

Verifying a payload signature

import { verifyPayloadSignature } from "@parmanasystems/crypto";

const valid = verifyPayloadSignature(
  payload,    // canonical JSON string
  signature,  // base64-encoded Ed25519 signature
  publicKey   // PEM-encoded SPKI public key
);

Key format

All keys are standard PEM-encoded Ed25519:
  • Private keys: PKCS8 format (-----BEGIN PRIVATE KEY-----)
  • Public keys: SPKI format (-----BEGIN PUBLIC KEY-----)
Generate a key pair: 
import crypto from "crypto";

const { privateKey, publicKey } = crypto.generateKeyPairSync("ed25519", {
  privateKeyEncoding: { type: "pkcs8", format: "pem" },
  publicKeyEncoding:  { type: "spki",  format: "pem" },
});

See also