This library implements the decoding and verification of a signed Webauthn payload following the EIP 1271 providing an implementation of Standard Signature Validation Method when the account is a smart contract.
The FCL_Elliptic_ZZ library implements computation of ECDSA verification using the secp256r1 curve.It uses a XYZZ system coordinates.
This contract is from here. The original repository also contains tests.
The Webauthn library implements the decoding and verification of a signed Webauthn payload.
The P256Signer contract represents a Gnosis Safe signer for a given secp256r1 public key.
The P256SignerFactory contract is a factory for P256Signers. It allows us to have deterministic addresses for a given secp256r1 public key.
Gnosis chain audit: https://gnosischain.notion.site/p256-signer-Audit-a9e7807bc9dd4a768d0f78e3919d3eac
We've updated our contracts following the audit's recommandations, see deployments: cometh-hq#23
Clients need to note there is a potential signature malleability by replacing (r, s) by (r, -s mod n).
It is the responsibility of the client to check the message signed is played only once if necessary.
You will need INFURA_ID=<your_infura_id> in your env variables.
You will need forge installed, see foundry book for instructions here.
Install FCL dependency:
forge installTo launch both hardhat and forge tests:
yarn testnpx hardhat testforge testHARDHAT_NETWORK=<target_network> npx hardhat deploy