Comment by EGreg

2 years ago

I wish chip makers would bake the elliptic curve used in Bitcoin and Ethereum (secp256k) as well, instead of the entire industry coalescing around secp256r, which many suspect was somehow weaker (since its parameters are some weird large number X instead of a hard-to-game number like 15, leading some to believe that the first X-1 candidates were tried and X was found to be weaker).

The real reason I would have liked that to be the case is so that one could use WebAuthn and Subtle Web Crypto to sign things and have the blockchain natively verify the signature.

As it is, I am hoping that EVM will roll out a precompiled signature verifier for secp256r, which is on the roadmap — they say!

2 comments

EGreg

arjvik 2 years ago

There are a few different on-chain implementations of secp256r1 signature verification for use with passkeys, my favorite of which is demoed at https://p256.alembic.tech

Work is also being done on SNARK-based cross-curve signature verification

But I fully agree, especially with the growing popularity of account abstraction, the EVM desperately needs a secp256r1 precompile!

bamborde_zaiku 2 years ago

[dead]