From 52a5f2b1d987b8b236608737914f190cb2aee8fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thoorens?= <fx.thoorens@gmail.com>
Date: Wed, 8 Oct 2025 15:38:41 +0200
Subject: [PATCH 1/5] Update crypto_scalarmult.js

fix for missing crypto_scalarmult_ed25519_BYTES exportation
---
 crypto_scalarmult.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js
index d591e05..ce4f3b1 100644
--- a/crypto_scalarmult.js
+++ b/crypto_scalarmult.js
@@ -3,12 +3,15 @@ const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S
 
 const crypto_scalarmult_BYTES = 32
 const crypto_scalarmult_SCALARBYTES = 32
+const crypto_scalarmult_SCALARBYTES = 32
+const crypto_scalarmult_ed25519_BYTES = 32
 
 module.exports = {
   crypto_scalarmult,
   crypto_scalarmult_base,
   crypto_scalarmult_BYTES,
-  crypto_scalarmult_SCALARBYTES
+  crypto_scalarmult_SCALARBYTES,
+  crypto_scalarmult_ed25519_BYTES
 }
 
 function crypto_scalarmult (q, n, p) {

From e8ababd9828c7ef855a8eeff733d7e88bb127eb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thoorens?= <fx.thoorens@gmail.com>
Date: Wed, 8 Oct 2025 15:40:50 +0200
Subject: [PATCH 2/5] Update crypto_scalarmult.js

---
 crypto_scalarmult.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js
index ce4f3b1..dbf4bb6 100644
--- a/crypto_scalarmult.js
+++ b/crypto_scalarmult.js
@@ -3,7 +3,6 @@ const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S
 
 const crypto_scalarmult_BYTES = 32
 const crypto_scalarmult_SCALARBYTES = 32
-const crypto_scalarmult_SCALARBYTES = 32
 const crypto_scalarmult_ed25519_BYTES = 32
 
 module.exports = {

From 04d1ca059cb11c869fa7eb1dc29e0b72305c5eeb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thoorens?= <fx.thoorens@gmail.com>
Date: Wed, 8 Oct 2025 18:52:42 +0200
Subject: [PATCH 3/5] Update crypto_scalarmult.js

added crypto_scalarmult_ed25519_noclamp
---
 crypto_scalarmult.js | 57 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js
index dbf4bb6..dbaea72 100644
--- a/crypto_scalarmult.js
+++ b/crypto_scalarmult.js
@@ -7,12 +7,69 @@ const crypto_scalarmult_ed25519_BYTES = 32
 
 module.exports = {
   crypto_scalarmult,
+  crypto_scalarmult_ed25519_noclamp,
   crypto_scalarmult_base,
   crypto_scalarmult_BYTES,
   crypto_scalarmult_SCALARBYTES,
   crypto_scalarmult_ed25519_BYTES
 }
 
+function crypto_scalarmult_ed25519_noclamp (q, n, p) {
+  check(q, crypto_scalarmult_BYTES)
+  check(n, crypto_scalarmult_SCALARBYTES)
+  check(p, crypto_scalarmult_BYTES)
+  var z = new Uint8Array(32)
+  var x = new Float64Array(80), r, i
+  var a = gf(), b = gf(), c = gf(),
+    d = gf(), e = gf(), f = gf()
+  for (i = 0; i < 31; i++) z[i] = n[i]
+  // z[31] = (n[31] & 127) | 64
+  // z[0] &= 248
+  unpack25519(x, p)
+  for (i = 0; i < 16; i++) {
+    b[i] = x[i]
+    d[i] = a[i] = c[i] = 0
+  }
+  a[0] = d[0] = 1
+  for (i = 254; i >= 0; --i) {
+    r = (z[i >>> 3] >>> (i & 7)) & 1
+    sel25519(a, b, r)
+    sel25519(c, d, r)
+    A(e, a, c)
+    Z(a, a, c)
+    A(c, b, d)
+    Z(b, b, d)
+    S(d, e)
+    S(f, a)
+    M(a, c, a)
+    M(c, b, e)
+    A(e, a, c)
+    Z(a, a, c)
+    S(b, a)
+    Z(c, d, f)
+    M(a, c, _121665)
+    A(a, a, d)
+    M(c, c, a)
+    M(a, d, f)
+    M(d, b, x)
+    S(b, e)
+    sel25519(a, b, r)
+    sel25519(c, d, r)
+  }
+  for (i = 0; i < 16; i++) {
+    x[i + 16] = a[i]
+    x[i + 32] = c[i]
+    x[i + 48] = b[i]
+    x[i + 64] = d[i]
+  }
+  var x32 = x.subarray(32)
+  var x16 = x.subarray(16)
+  inv25519(x32, x32)
+  M(x16, x16, x32)
+  pack25519(q, x16)
+  return 0
+}
+
 function crypto_scalarmult (q, n, p) {
   check(q, crypto_scalarmult_BYTES)
   check(n, crypto_scalarmult_SCALARBYTES)

From 55bbf31dd87bb674b2771e389413747ae87ac4c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thoorens?= <fx.thoorens@gmail.com>
Date: Thu, 9 Oct 2025 10:16:02 +0200
Subject: [PATCH 4/5] better noclamping

---
 crypto_scalarmult.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js
index dbaea72..143d715 100644
--- a/crypto_scalarmult.js
+++ b/crypto_scalarmult.js
@@ -23,6 +23,8 @@ function crypto_scalarmult_ed25519_noclamp (q, n, p) {
   var a = gf(), b = gf(), c = gf(),
     d = gf(), e = gf(), f = gf()
   for (i = 0; i < 31; i++) z[i] = n[i]
+  // no clamp src: https://github.com/jedisct1/libsodium/blob/589d67b8396abebfcf3fc7a754c6797a9e93b8b4/src/libsodium/crypto_scalarmult/ed25519/ref10/scalarmult_ed25519_ref10.c#L49
+  z[31] = n[31] & 127;
   // z[31] = (n[31] & 127) | 64
   // z[0] &= 248
   unpack25519(x, p)

From 1bdde7058a54a7eb99cfddcf5d278785308dfe96 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thoorens?= <fx.thoorens@gmail.com>
Date: Thu, 9 Oct 2025 11:05:01 +0200
Subject: [PATCH 5/5] Update crypto_scalarmult.js

---
 crypto_scalarmult.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js
index 143d715..6ce7798 100644
--- a/crypto_scalarmult.js
+++ b/crypto_scalarmult.js
@@ -24,7 +24,7 @@ function crypto_scalarmult_ed25519_noclamp (q, n, p) {
     d = gf(), e = gf(), f = gf()
   for (i = 0; i < 31; i++) z[i] = n[i]
   // no clamp src: https://github.com/jedisct1/libsodium/blob/589d67b8396abebfcf3fc7a754c6797a9e93b8b4/src/libsodium/crypto_scalarmult/ed25519/ref10/scalarmult_ed25519_ref10.c#L49
-  z[31] = n[31] & 127;
+  z[31] &= 127;
   // z[31] = (n[31] & 127) | 64
   // z[0] &= 248
   unpack25519(x, p)