From 31c0060ffbe5a68d747bf8a75515af8866332b34 Mon Sep 17 00:00:00 2001
From: nickray <n+github@stalder.io>
Date: Sun, 21 Oct 2018 16:54:26 +0200
Subject: [PATCH] specify bootloader signature scheme

---
 docs/signed-updates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/signed-updates.md b/docs/signed-updates.md
index f2a00e4..38b15ac 100644
--- a/docs/signed-updates.md
+++ b/docs/signed-updates.md
@@ -1,6 +1,6 @@
 
 Solo has a bootloader that's fixed in memory to allow for signed firmware updates.  It is not a built-in bootloader provided by the chip
-manufacturer, it is our own.
+manufacturer, it is our own. We plan to use Ed25519 signatures, which have [efficient constant-time implementations on Cortex-M4 chips](http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf).
 
 On the STM32L442, there is 256 KB of memory.  The first 14 KB of memory is reserved for the bootloader.
 The bootloader is the first thing that boots, and if the button of the device is not held for 2 seconds, the