How to verify signature used with EdDsa(ed25519)?

Hi I am trying to verify webhook payloads.

message is Base.encode64 message
public_key is plain text

:crypto.verify(:ed25519, :none, message, signature, public_key)

But got an error

(ArgumentError) argument error
    (crypto 5.0.6) :crypto.pkey_verify_nif
(crypto 5.0.6) crypto.erl:1467: :crypto.verify/6

Current version

Erlang/OTP 24 [erts-12.3.2] [source] [64-bit] [smp:10:10] [ds:10:10:10] [async-threads:1]

Elixir 1.13.0 (compiled with Erlang/OTP 23)

Hello.

You should do
:crypto.verify(:eddsa, :sha512, message, signature, [public_key, :ed25519])

:crypto.verify(:eddsa, :sha512, message, signature, [public_key, :ed25519])

Yes, I tried. also but doesn’t work.

I was looking into this yesterday and wrote the following down in my notes. I haven’t had a chance to try it yet, so YMMV:

:public_key.verify(
  body,
  :ignore,
  signature,
  {:ed_pub, :ed52219, pub_key}
)

I believe this requires OTP 24+.

I think it’s halfway between your attempts. It’s been a while since I’ve attempted this, but it looks like what I got to work was this:

:crypto.verify(:eddsa, :none, message, signature, [public_key, :ed25519])

Is this because public key format is not in binary? like <<161, 106, 13, 138, 39, 222, 65, 139, 90, 1, 98, 233, 100, 168, 27, 127, 127...>>?
My key is just plain text like “FD2432423423sdf”

I’m using this way in production without problem. But yes the key is in binary form.

Actually message is json encoded message like

"{\"data\":{\"event_type\":\"message.received\",\"id\":\"d5d76320-6c58-44ed-ad17-4cbe79dbc5c4\",\"occurred_at\":\"2022-10-18T23:58:07.235+00:00\",\"payload\":{\"cc\":[],\"completed_at\":null,\"cost\":null}"

that is including \ escape character.
I wonder if this json encoded message is different from raw json message(without backslach) when I verify it.

But in this thread, other says it doesn’t matter.