status-im/EIPs
2
0
Fork 0
mirror of https://github.com/status-im/EIPs.git synced 2025-01-27 07:05:47 +00:00
Code Issues Projects Releases Wiki Activity

don't use function selectors, but direct input/output encoding in spec

Browse Source
This commit is contained in:
Tobias Oberstein 2018-03-25 21:46:11 +02:00
parent a70a025520
commit 3e9e531fd9
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
EIPS/eip-665.md
View File

@ -30,20 +30,27 @@ For example, a contract might check a Ed25519 signed piece of data submitted to
## Specification
The proposal adds a new precompiled function with the following signature
If `block.number >= CONSTANTINOPLE_FORK_BLKNUM`, add a precompiled contract for Ed25519 signature verification (`ED25519VFY`).
```
ed25519verify(bytes32 m, bytes32 pk, bytes32 s1, bytes32 s2) returns (uint8)
```
The proposal adds a new precompiled function `ED25519VFY` with the following input and output.
The `ed25519verify` function takes as parameters:
`ED25519VFY` takes as input 128 bytes:
1. `m` (bytes32): The message that was signed.
2. `pk` (bytes32): The Ed25519 public key of the signer.
3. `s1` (bytes32): The first part of the 64-byte Ed25519 signature.
4. `s2` (bytes32): The second part of the 64-byte Ed25519 signature.
1. **message**: The 32-byte message that was signed
2. **public key**: The 32-byte Ed25519 public key of the signer
3. **signature**: The 64-byte Ed25519 signature
The `ed25519verify` function returns zero if the signature was valid, and a non-zero value if the signature was invalid.
`ED25519VFY` returns as output 1 byte:
1. **result**: `0x00` if signature is valid, else invalid signature
### Address
The address of `ED25519VFY` is `0x08`.
### Gas costs
Gas cost for `ED25519VFY` is 2000.
## Rationale
@ -51,9 +58,11 @@ The proposed `ed25519verify` function takes the signer public key as a call para
The proposed `ed25519verify` function uses a zero return value to indicate success, since this allows for different errors to be distinguished by return value, as all non-zero return values signal a verification failure.
`ECRECOVER` has a gas cost of 3000. Since Ed25519 is computationally cheaper, the gas price should be less.
## Backwards Compatibility
The proposal is belived not to introduce any backward compatibility issues.
As the proposed precompiled contract is deployed at a reserved (<255) and previously unused address, an implementation of the proposal should not introduce any backward compatibility issues.
## Test Cases