fix: reject malformed ed25519 private keys in PrivateKeyFromBase58

* feat: add test for private key validation against mismatched seed and public key

* address review commnets

Author: tanmay4l

keys.go

@@ -72,10 +72,14 @@ func ValidatePrivateKey(b []byte) (bool, error) {
 	if len(b) != ed25519.PrivateKeySize {
 		return false, fmt.Errorf("invalid private key size, expected %v, got %d", ed25519.PrivateKeySize, len(b))
 	}
-	// check if the public key is on the ed25519 curve
-	pub := ed25519.PrivateKey(b).Public().(ed25519.PublicKey)
-	if !IsOnCurve(pub) {
-		return false, errors.New("the corresponding public key is NOT on the ed25519 curve")
+
+	// ed25519 private keys are seed(32) + public(32); ensure they match.
+	derived := ed25519.NewKeyFromSeed(b[:ed25519.SeedSize])
+	if !bytes.Equal(derived, b) {
+		if !IsOnCurve(b[ed25519.SeedSize:]) {
+			return false, errors.New("invalid private key: seed/public key mismatch (provided public key is NOT on the ed25519 curve)")
+		}
+		return false, errors.New("invalid private key: seed/public key mismatch")
 	}
 	return true, nil
 }

keys_test.go

@@ -18,6 +18,7 @@
 package solana
 
 import (
+	"crypto/ed25519"
 	"encoding/binary"
 	"encoding/hex"
 	"errors"
@@ -143,6 +144,43 @@ func TestPrivateKeyFromSolanaKeygenFile(t *testing.T) {
 	}
 }
 
+func TestPrivateKeyFromBase58RejectsMismatchedSeedAndPublicKey(t *testing.T) {
+	original := MustPrivateKeyFromBase58("66cDvko73yAf8LYvFMM3r8vF5vJtkk7JKMgEKwkmBC86oHdq41C7i1a2vS3zE1yCcdLLk6VUatUb32ZzVjSBXtRs")
+	require.Len(t, original, PrivateKeyLength)
+
+	tampered := append([]byte(nil), original...)
+	tampered[0] ^= 0xFF
+
+	valid, err := ValidatePrivateKey(tampered)
+	require.False(t, valid)
+	require.EqualError(t, err, "invalid private key: seed/public key mismatch")
+
+	_, err = PrivateKeyFromBase58(PrivateKey(tampered).String())
+	require.EqualError(t, err, "invalid private key: seed/public key mismatch")
+}
+
+func TestPrivateKeyFromBase58ReturnsDiagnosticForOffCurvePublicKey(t *testing.T) {
+	original := MustPrivateKeyFromBase58("66cDvko73yAf8LYvFMM3r8vF5vJtkk7JKMgEKwkmBC86oHdq41C7i1a2vS3zE1yCcdLLk6VUatUb32ZzVjSBXtRs")
+	require.Len(t, original, PrivateKeyLength)
+
+	tampered := append([]byte(nil), original...)
+	offCurve := make([]byte, ed25519.PublicKeySize)
+	found := false
+	for i := uint32(0); i < 100_000; i++ {
+		binary.LittleEndian.PutUint32(offCurve[:4], i)
+		if !IsOnCurve(offCurve) {
+			found = true
+			break
+		}
+	}
+	require.True(t, found, "expected to find an off-curve public key test vector")
+	copy(tampered[ed25519.SeedSize:], offCurve)
+
+	valid, err := ValidatePrivateKey(tampered)
+	require.False(t, valid)
+	require.EqualError(t, err, "invalid private key: seed/public key mismatch (provided public key is NOT on the ed25519 curve)")
+}
+
 func TestPublicKey_MarshalText(t *testing.T) {
 	keyString := "4wBqpZM9k69W87zdYXT2bRtLViWqTiJV3i2Kn9q7S6j"
 	keyParsed := MustPublicKeyFromBase58(keyString)