Name | Supported | optimized | audited |
---|---|---|---|
ecAdd |
β | π | π |
ecMul |
β | π | π |
modExp |
π | β | β |
ecPairing |
β | β | β |
P256 |
β | β | β |
secp256r1 |
β | β | β |
secp256q1 |
β | β | β |
invmod
needs to be optimized- Points addition performance should be improved by using Projective Coordinates
- The code still needs some refactoring
invmod
needs to be optimized- The implementation is naive, a double and add algorithm could be used instead
- Points addition performance should be improved by using Projective Coordinates
- The code still needs some refactoring
- Define the gas model. Should we follow eth eip's specification? or used a custom zksync gas for each operation instead?
- We need to discuss how this piece of code should be implemented for each precompile:
let precompileParams := unsafePackPrecompileParams(
0, // input offset in words
// TODO: Double check that the input length is 4 because it could be 2
// if the input points are packed in a single word (points as tuples of coordinates)
3, // input length in words (x, y, scalar)
0, // output offset in words
// TODO: Double check that the input length is 4 because it could be 1
// if the input points are packed in a single word (points as tuples of coordinates)
2, // output length in words (x, y)
0 // No special meaning, ecMul circuit doesn't check this value
)
let gasToPay := ECMUL_GAS_COST()
// Check whether the call is successfully handled by the ecMul circuit
let success := precompileCall(precompileParams, gasToPay)
let internalSuccess := mload(0)
switch and(success, internalSuccess)
case 0 {
return(0, 0)
}
default {
return(0, 64)
}
- EVM precompiles list
- EIP-196: Precompiled contracts for addition and scalar multiplication on the elliptic curve alt_bn128
- EIP-197: Precompiled contracts for optimal ate pairing check on the elliptic curve alt_bn128
- EIP-198: Big integer modular exponentiation
- EIP-1108: Reduce alt_bn128 precompile gas costs
- EIP-2565: ModExp Gas Cost