Skip to main content

Solana Encryption

Solana employs Edwards-curve Digital Signature Algorithm (EdDSA), an elliptical signature algorithm for cryptography.


K2 is a fork of Solana, so messages can also be encrypted using Koii addresses!

Helper Functions

Create two helper functions to help encode a message and decode data using TextEncoder and TextDecoder, respectively.

  • TextEncoder — An interface that takes in a stream of code points as input and emits a stream of UTF-8 bytes.
  • TextDecoder — An interface that represents a decoder for a specific text encoding, such as UTF-8, ISO-8859-2 etc.
// Encode message
const encode = (message) => {
const encoder = new TextEncoder();
const messageUint8 = encoder.encode(message); // Takes a string and returns a Uint8Array

return messageUint8;

// Decode data
const decode = (data) => {
const decoder = new TextDecoder();
const decodedMessage = decoder.decode(data); // Returns a string containing the text decoded

return decodedMessage;

Sign and Verify Message

A keypair's primary function is to sign messages and enable signature verification. Verification of a signature ensures that the data was signed by the owner of a specific private key.

  • sign() — Signs the message using the secretKey and returns a signature.
  • verify() — Verifies the message's signature and returns true if it was successful or false if it was unsuccessful.

To do this, we will use TweetNaCl library.

const nacl = require("tweetnacl");

// Sign Message
function sign(message, secretKey) {
const encodedMessage = encode(message); // Encode message using helper function
const signature = nacl.sign.detached(encodedMessage, secretKey);

return signature;

// Verify Message
function verify(message, signature, publicKey) {
const encodedMessage = encode(message); // Encode message using helper function
const verified = nacl.sign.detached.verify(

return verified;

Encrypt Message

Encode the message using the encode() helper function and then encrypt and authenticate encoded message using Parameters

  • message — The encoded message
  • nonce — The given nonce
  • publicKeyB — Peer's public key
  • privateKeyA — Our secret key (private key)

Returns an encrypted and authenticated message.

// Encrypt Message
const encrypt = (message, nonce, publicKeyB, privateKeyA) => {
const messageUint8 = encode(message); // Encode message

//encrypt and authenticate encoded message
const encrypted =, nonce, publicKeyB, privateKeyA);

return encrypted;

Decrypt Message

Use to authenticate and decrypt the given box with peer's public key, our secret key, and the given nonce. Parameters

  • encrypted — The given box
  • nonce — The given nonce
  • publicKeyA — Peer's public key
  • privateKeyB — Our secret key (private key)

Returns the original message, or null if authentication fails.

// Decrypt Message
const decrypt = (encrypted, nonce, publicKeyA, privateKeyB) => {
const decrypted =, nonce, publicKeyA, privateKeyB); // Authenticate and decrypt
const decryptedMessage = decode(decrypted); // Decode message

return decryptedMessage;