Ed25519 AI Certificates
An Ed25519 AI certificate is a certification record whose payload has been signed using the Ed25519 elliptic-curve digital signature algorithm. The signature binds the SHA-256 dataset fingerprint, generation metadata, and issuer identity into a single tamper-evident artifact.
CertifiedData uses Ed25519 to sign all AI artifact certification records. Any party can independently verify an Ed25519 certificate using the published public key — no account, no API key, no contact with CertifiedData required.
Why Ed25519 for AI certificate signing
Ed25519 is a modern elliptic-curve signature scheme with specific properties that make it well-suited for AI artifact certification records.
Ed25519 signatures are 64 bytes. RSA-2048 signatures are 256 bytes; RSA-4096 are 512 bytes. Compact signatures reduce certificate payload size and make embedding in JSON records practical.
Ed25519 verification is fast and designed to run in constant time — no timing side-channels that could leak private key information. RSA verification is slower; ECDSA requires careful nonce management to avoid key recovery attacks.
Ed25519 public keys are 32 bytes. Publishing the key at /.well-known/signing-keys.json keeps the well-known response minimal and cache-friendly.
Ed25519 is supported in standard cryptographic libraries across Python (PyNaCl, cryptography), Go (crypto/ed25519), JavaScript (noble-curves, tweetnacl), Rust (ed25519-dalek), and Java (Bouncy Castle). Verifiers need no special tooling.
How to verify an Ed25519 AI certificate
Verification is fully self-serve. No CertifiedData account or API key is required.
Fetch the certificate JSON for the artifact (from /verify/{id} or the registry entry). Download the issuer public key from /.well-known/signing-keys.json.
Serialize the certificate payload using RFC 8785 JSON Canonicalization Scheme (JCS). This produces a deterministic byte sequence regardless of field ordering or whitespace.
Pass the canonical payload and the issuer public key to an Ed25519 verify function. A passing result proves the certificate was signed by the holder of the corresponding private key and has not been modified since.
Example — Python verification
import json, base64
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
from cryptography.hazmat.primitives.serialization import load_pem_public_key
# 1. Load certificate
with open("certificate.json") as f:
cert = json.load(f)
# 2. Canonicalize payload (RFC 8785 JCS — use jcs library)
import jcs
payload = jcs.canonicalize(cert["payload"])
# 3. Load public key from /.well-known/signing-keys.json
public_key = load_pem_public_key(pem_bytes)
# 4. Verify
signature = base64.b64decode(cert["signature"])
public_key.verify(signature, payload) # raises InvalidSignature if invalid
print("Certificate is authentic and unmodified.")Ed25519 AI certificates — frequently asked questions
What is an Ed25519 AI certificate?
An Ed25519 AI certificate is a certification record whose payload has been digitally signed using the Ed25519 elliptic-curve signature algorithm. CertifiedData uses Ed25519 to sign AI artifact certification records — binding the SHA-256 dataset fingerprint, generation metadata, and issuer identity into a tamper-evident artifact that any party can independently verify.
Why does CertifiedData use Ed25519 instead of RSA or ECDSA?
Ed25519 offers several advantages for AI certificate verification: signatures are 64 bytes (compact for embedding in certificate payloads), verification is fast and constant-time (no timing side-channels), key generation produces 32-byte public keys, and support is broad across cryptographic libraries in Python, Go, JavaScript, Rust, and Java. RSA signatures are larger and slower; ECDSA requires careful nonce management. Ed25519 is the modern standard for programmatic certificate verification.
How do I verify an Ed25519 AI certificate?
Verification requires: (1) the certificate JSON, (2) the issuer's Ed25519 public key from /.well-known/signing-keys.json. Serialize the certificate payload using RFC 8785 JSON Canonicalization (JCS) to produce a deterministic byte sequence, then call Ed25519.verify(publicKey, signature, canonicalPayload). A passing result confirms the certificate is authentic and unmodified. Use the interactive tool at /verify or verify programmatically using any standard Ed25519 library.
What does Ed25519 signature verification prove?
Ed25519 signature verification proves that the certificate payload was signed by the holder of the private key corresponding to the published public key — that is, by CertifiedData.io. It also proves the payload has not been modified since signing: any alteration to the certificate JSON invalidates the signature. Signature verification alone does not confirm dataset integrity — you must also compare the dataset SHA-256 hash to the dataset_hash field in the certificate.
Is a valid Ed25519 signature enough to trust a certificate?
A valid signature proves the certificate is authentic and unmodified since issuance. However, full verification requires both: (1) Ed25519 signature verification (certificate authenticity) and (2) SHA-256 hash comparison (dataset integrity). A certificate can have a valid signature while the dataset file has been replaced. Both checks together confirm the complete chain of trust.
Related resources
Verification
Verify a Certificate
Interactively verify any Ed25519-signed AI artifact certificate.
Certified Data
Certified Synthetic Datasets
What a certified synthetic dataset is and what its certificate contains.
Certification
AI Artifact Certification
Cryptographic certification for datasets, models, and AI outputs.