Giving a Face to a Naked Key

The Identicon Approach — based on Ch1ffr3punk's identicons

You've probably seen them without knowing what they are. Those little colorful geometric squares next to usernames on GitHub, WordPress comment sections, forums. They look like tiny quilts or pixelated flags. They're called identicons, and there's more going on under the hood than you'd think.

The Problem With Bare Keys

Ed25519 is a great signature scheme. It's fast, it's small, it's solid. But there's something it doesn't have that PGP does: a built-in user identity. An Ed25519 public key is just 32 bytes of nothing-in-particular. No name, no email, no metadata. You can verify that a signature is mathematically valid, but you have no idea who made it.

In pseudonymous environments like Usenet, this is a real problem. Anyone can slap your username and email into a From: header. There's no authority checking IDs at the door. So how do you give people a way to recognize you across messages, without revealing who you actually are?

Ch1ffr3punk came up with a clean answer: tie the key to a visual fingerprint that humans can recognize at a glance. His identicons project does exactly that.

How It Works

The concept is straightforward. Take three identity components — a username, an email, and an Ed25519 public key — concatenate them with a pipe delimiter, and hash the result: 

identitySHA256("Alice|alice@example.invalid|hlHxqZ3uXv4TMXDM1Xus7xsJhlZzwovxg25SHmRKNrQ=")

That gives you 32 bytes of deterministic entropy. Same input, same hash, always. Now you turn those bytes into an image.

The algorithm reads specific bit ranges from the hash to decide everything: which cells to fill in a 5×5 symmetric grid, which colors to use from two fixed palettes (16 primary colors, 16 secondary colors), and what background to apply. The symmetry is horizontal — columns 0 and 4 mirror each other, columns 1 and 3 mirror each other, column 2 stands alone. This is what makes them look structured rather than random, and it's why your brain latches onto them so quickly.

The output is a tiny PNG — 48×48 pixels for the Usenet Face: header, 256×256 for display. And because the algorithm is deterministic, anyone can regenerate the same identicon from the same inputs and verify it matches.

Not Your GitHub Identicon

If this sounds familiar, it should — but the implementation is fundamentally different from what GitHub and WordPress do.

GitHub's identicons hash a user ID with MD5, extract 15 bits for a 5×5 symmetric pattern, and pull a single color from the hash. It's a visual placeholder, nothing more. WordPress/Gravatar does something similar with 44 predefined geometric patches rotated around a center. Both are purely decorative — they help you tell commenters apart, but they carry zero cryptographic weight.

Ch1ffr3punk's version is built around a cryptographic identity. The three-component input binds the visual to a specific key. Change any single character in the username, the email, or the public key, and you get a completely different identicon. This means you can pair it with an Ed25519 signature to create a system where impersonation becomes visually obvious — the impostor's identicon won't match, because they don't hold the original private key.

The CLI Tool

The original identicons application uses Fyne, a Go GUI toolkit — which is a problem if you want to run it on a headless server. So we made a CLI version that strips out the GUI and keeps the algorithm byte-for-byte identical: 

bash./identicons-cli -input "Alice|alice@example.invalid|hlHxqZ3u..." \
  -size 48 -transparent -format base64

It outputs raw base64, ready for a Face: header or a web <img> tag. The binary is about 1.8MB, uses only Go stdlib, zero external dependencies.

On the server side, PHP calls the binary and uses the output directly: 

php$input = $username . '|' . $email . '|' . $pubkey;
$cmd = './identicons-cli -input ' . escapeshellarg($input)
     . ' -size 48 -transparent -format base64';
$base64 = trim(shell_exec($cmd));

No reimplementation of the algorithm in PHP, no risk of subtle differences. The Go binary is the single source of truth.

What This Enables

On its own, an identicon is just a pretty picture. But combined with a few more pieces — an Ed25519 signature on each message, an identity hash in the headers, and optionally a blockchain timestamp to prove first-claim priority — it becomes the visual layer of a complete pseudonymous identity system.

This is where Ch1ffr3punk's other tools come in: yubicrypt and its successor yubisigner, which handle Ed25519 signing via YubiKey hardware tokens. The identicon generated from your key is the same one both tools display when verifying a signature — same algorithm, same input, same output. And because the private key lives inside the YubiKey and never leaves the hardware, there's nothing to steal from disk or memory. The key has no face, but it also has no attack surface.

Someone copies your username and email? Their key is different, so their identicon is different. Someone copies your key too? They can't sign messages with it because they don't have the private key. The identicon is the part humans see; the cryptography is the part that makes it trustworthy.

Ch1ffr3punk put it well when explaining why he built identicons for Ed25519 in the first place: the key has no face. Now it does.