From 44b6bbca3abc5d8f61de1a1561d84097f2174d33 Mon Sep 17 00:00:00 2001 From: DC Date: Sat, 9 Sep 2023 18:56:23 -0700 Subject: [PATCH] doc: update README --- README.md | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1e716e1..c51763d 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,12 @@ ## EIP-7212 fallback `P256Verifier` contract -This repo implements a gas-efficient P256 signature verifier based on [Renaud Dubois from Ledger's implementation](https://github.com/rdubois-crypto/FreshCryptoLib). - -Verifying a signature costs about 200k gas. Pure function, no precomputation. - -This implementation is a fallback contract exactly matching the proposed [EIP-7212 precompile](https://eips.ethereum.org/EIPS/eip-7212), letting us ship it as a [progressive precompile](https://ethereum-magicians.org/t/progressive-precompiles-via-create2-shadowing/). +This repo implements a gas-efficient P256 signature verifier inspired by [Renaud Dubois's implementation](https://github.com/rdubois-crypto/FreshCryptoLib). Verifying a signature costs about 200k gas. Pure function, no precomputation. **The contract exists at a deterministic CREATE2 address. You can use it on any EVM chain. If a chain has implemented EIP-7212, you pay ~3k gas. If not, you pay ~200k gas. Either way, the contract address and results are identical.** -The secp256r1 elliptic curve, aka P256, is interesting because it's a widely implemented standard. P256 is used in hardware keys such as Yubikey, Apple's Secure Element, the Android Keystore, and WebAuthn. P256 verification is especially useful for contract wallets, enabling hardware-based signing keys. +This contract matches the proposed [EIP-7212 precompile](https://eips.ethereum.org/EIPS/eip-7212), letting us ship it as a [progressive precompile](https://ethereum-magicians.org/t/progressive-precompiles-via-create2-shadowing/). + +The secp256r1 elliptic curve, aka P256, is interesting because it's supported by high-quality consumer enclaves including Yubikey, Apple's Secure Enclave, the Android Keystore, and WebAuthn. P256 verification is especially useful for contract wallets, enabling hardware-based signing keys. ## Development @@ -18,11 +16,25 @@ Run `foundryup` to ensure you have the latest foundry. Then, git clone --recurse-submodules git@github.com:daimo-eth/eip-7212 cd eip-7212 forge test --via-ir -vv +``` + +This runs test input and output handling as well as all applicable Wycheproof +test vectors, covering a range of edge cases. -# Coverage. Install the recommended extension to view. +
+Code coverage +Install the recommended extension to view line-by-line test coverage. +To regenerate coverage: + +``` forge coverage --via-ir --ir-minimum --report lcov ``` +
+ +
+Test vectors + To regenerate test vectors: ``` @@ -43,3 +55,5 @@ forge test --via-ir -vv # In future, execution spec and clients can test against the same clean vectors ``` + +