Secp256r1 (a.k.a p256) curve signature verifier rewritten and optimized in Huff Language. This was greatly inspired by dcposch's and nalinbhardwaj's implementation here and pcaversaccio's Vyper implementation here. Also, for more technical details, please refer to EIP-7212.
This is experimental software and is provided on an "as is" and "as available" basis. We do not give any warranties and will not be liable for any losses incurred through any use of this code base.
Implementation | Min gas | Avg gas | Max gas | OnChain Address | Available Networks |
---|---|---|---|---|---|
FCL Solidity P256 Verifier | 227,000 | 0xE9399D1183a5cf9E14B120875A616b6E2bcB840a | Polygon(M), Sepolia, Base, OP, Linea | ||
Huff P256 Verifier | 228,475 | 239,164 | 249,574 | 0x00000083Ea3aBb243c4acfDB095DB5aD5A606fc5 | Goerli, Sepolia, Base Goerli, Base Sepolia |
Daimo Solidity P256 Verifier | 319,943 | 333,892 | 347,505 | 0xc2b78104907F722DABAc4C69f826a522B2754De4 | Mainnet, Base(T) |
Vyper P256 Verifier | 0xD99D0f622506C2521cceb80B78CAeBE1798C7Ed5 | Goerli, Sepolia, Holesky |
To regenerate test vectors:
cd test-vectors
npm i
# Download, extract, clean test vectors
# This regenerates ../test/vectors.jsonl
npm run generate_wycheproof
# Validate that all vectors produce expected results with SubtleCrypto and noble library implementation
npm test
# Validate that all vectors also work with EIP-7212
# Test the fallback contract...
cd ..
forge test -vvv
# In future, execution spec and clients can test against the same clean vectors