Extractable One-Time Signatures (EOTS) Algorithm Demo

1. Key Generation

This will generate a new private/public key pair and populate the private key field below for signing.

2. Generate EOTS Signature

Private Key (32 bytes hex)

Message Text (will be SHA-256 hashed)

Or use the message hash field below for direct hash input

Message Hash (32 bytes hex)

Nonce (32 bytes hex) - Optional

3. Verify EOTS Signature

Public Key (33 bytes hex - compressed)

Signature R (32 bytes hex)

Signature S (32 bytes hex)

4. Extract Private Key from Nonce Reuse

First Signature:

Message Hash 1

Second Signature:

Message Hash 2

⚠️ Security Notice

EOTS (Extractable One-Time Signatures) are designed to reveal the private key if the same nonce is used twice. This is a feature, not a bug! Never reuse nonces in production systems. This demo is for testing purposes only.