fn verify_ed25519( canonical_bytes: &[u8], signature: &[u8], public_b64: &str, ) -> Result<(), VerifyError>
LOADBEARING: uses verify_strict (not verify) - rejects malleable signatures for root-of-trust keys.
verify_strict
verify