FYI, I closed #219 as a duplicate of this issue. The issue description there was this:

Blockchain applications increasingly use the EdDSA signature scheme combined with SHA-512 and Curve25519 (Ed25519). This ticket is a support request to add the scheme and curve in the webcrypto spec.

Want to express positive implementer interest for curve25519 from the Deno team. We have gotten some user feedback requesting it.

This would be very useful for a lot of peer to peer systems that are coming out.

Just to repeat what I wrote in #280 (comment), I've reached out to the browser vendors regarding Curve25519 and Curve448, and have gotten enough positive signals to justify moving forward with this, so I'll put together a proposal, present it to the WICG, and hopefully then it can get implemented and merged into this spec eventually.

There is now a draft spec for Curve25519 and Curve448 in Web Crypto, here: https://twiss.github.io/webcrypto-secure-curves/.

There is also an explainer (based on a previous proposal by Qingsi Wang to include Curve25519 in WebCrypto).

I've posted to the WICG about it here.

@panva, @jasnell, @lucacasonato, @littledivy, and anyone else who's interested, it would be great if you could take a look at it, and let me know if you have any feedback, either there or here.

@twiss had a quick look.

The are numerous occurrences of Let algorithm be a new EcKeyAlgorithm, shouldn't those be Let algorithm be a new KeyAlgorithm instead?

@panva Yep, you're right. Fixed, thanks!

@twiss what are the next steps for https://twiss.github.io/webcrypto-secure-curves?

Hey @panva 👋 I've looked a bit more into the WICG process and it turns out they're transitioning from Discourse to GitHub. So I've created an issue for this proposal here: WICG/proposals#46. Hopefully we'll get some more engagement from the browsers there 😊

Then, the goal is to hopefully move the repo to the WICG GitHub org, and once it has seen some adoption, merge it into the main spec here.

Just posting another update here, or rather two: the draft has been moved to WICG/webcrypto-secure-curves, and the new charter of the Web Application Security Working Group has been adopted, which says that "the WG may adopt well-supported proposals from incubation for maintenance of the Web Cryptography API". I've posted to the WebAppSec mailing list here to hopefully get some feedback and/or get the draft to be "well-supported" :)