Skip to content

Commit

Permalink
doc: update README
Browse files Browse the repository at this point in the history
  • Loading branch information
dcposch authored May 19, 2024
1 parent e210c5e commit 502a29a
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
## `P256Verifier` Solidity contract

This repo implements a gas-efficient, audited P256 signature verifier. Verifying a signature costs about 330k gas. Pure function, no precomputation.
> **This is currently the only audited, open source P256 verifier contract.** It's not quite the lowest-gas verifier, but it's close.
> This implementation uses no `unsafe` or assembly to maximize simplicity and safety.
The contract matches the proposed [EIP-7212 precompile](https://eips.ethereum.org/EIPS/eip-7212), letting us ship it as a [progressive precompile](https://ethereum-magicians.org/t/progressive-precompiles-via-create2-shadowing/).
Verifying a signature costs about 330k gas. Pure function, no precomputation.

**The contract exists at a deterministic CREATE2 address. You can use it on any EVM chain. If the chain implements EIP-7212 at the same CREATE2 address as this contract, you pay ~3.4k gas. If not, you pay ~330k gas. Either way, the contract address and results are identical.** This is particularly beneficial for chains that want to maintain full EVM compatibility while adding this new precompiles (upto gas schedules).
The contract matches the [EIP-7212 precompile spec](https://eips.ethereum.org/EIPS/eip-7212).

The secp256r1 elliptic curve, aka P256, is used by high-quality consumer enclaves including Yubikey, Apple's Secure Enclave, the Android Keystore, and WebAuthn. P256 verification is especially useful for contract wallets, enabling hardware-based signing keys and smoother UX.
**The contract exists at a deterministic CREATE2 address. You can use it on any EVM chain.** The secp256r1 elliptic curve, aka P256, is used by security keys like Yubikey, Apple's Secure Enclave, the Android Keystore, and WebAuthn, aka passkeys. P256 verification enables hardware-based signing keys, smoother UX, and passkey backup.

This implementation was inspired by [Renaud Dubois/Ledger's implementation](https://github.com/rdubois-crypto/FreshCryptoLib) and [blst](https://github.com/supranational/blst).

Expand Down

0 comments on commit 502a29a

Please sign in to comment.