From 502a29aa45da64b7a468724d56bb4a3ae7fd3d94 Mon Sep 17 00:00:00 2001 From: DC Date: Sat, 18 May 2024 20:58:47 -0700 Subject: [PATCH] doc: update README --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a016a40..894679f 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,13 @@ ## `P256Verifier` Solidity contract -This repo implements a gas-efficient, audited P256 signature verifier. Verifying a signature costs about 330k gas. Pure function, no precomputation. +> **This is currently the only audited, open source P256 verifier contract.** It's not quite the lowest-gas verifier, but it's close. +> This implementation uses no `unsafe` or assembly to maximize simplicity and safety. -The contract matches the proposed [EIP-7212 precompile](https://eips.ethereum.org/EIPS/eip-7212), letting us ship it as a [progressive precompile](https://ethereum-magicians.org/t/progressive-precompiles-via-create2-shadowing/). +Verifying a signature costs about 330k gas. Pure function, no precomputation. -**The contract exists at a deterministic CREATE2 address. You can use it on any EVM chain. If the chain implements EIP-7212 at the same CREATE2 address as this contract, you pay ~3.4k gas. If not, you pay ~330k gas. Either way, the contract address and results are identical.** This is particularly beneficial for chains that want to maintain full EVM compatibility while adding this new precompiles (upto gas schedules). +The contract matches the [EIP-7212 precompile spec](https://eips.ethereum.org/EIPS/eip-7212). -The secp256r1 elliptic curve, aka P256, is used by high-quality consumer enclaves including Yubikey, Apple's Secure Enclave, the Android Keystore, and WebAuthn. P256 verification is especially useful for contract wallets, enabling hardware-based signing keys and smoother UX. +**The contract exists at a deterministic CREATE2 address. You can use it on any EVM chain.** The secp256r1 elliptic curve, aka P256, is used by security keys like Yubikey, Apple's Secure Enclave, the Android Keystore, and WebAuthn, aka passkeys. P256 verification enables hardware-based signing keys, smoother UX, and passkey backup. This implementation was inspired by [Renaud Dubois/Ledger's implementation](https://github.com/rdubois-crypto/FreshCryptoLib) and [blst](https://github.com/supranational/blst).