{"id":27796449,"url":"https://github.com/base/fcl-ecdsa-verify-audit","last_synced_at":"2025-08-02T17:06:49.882Z","repository":{"id":226095421,"uuid":"767678138","full_name":"base/FCL-ecdsa-verify-audit","owner":"base","description":"We audited the sepc256r1 ecdsa verify in FreshCryptoLib. This repo contains the test files we used to conduct it.  ","archived":false,"fork":false,"pushed_at":"2024-03-14T20:43:19.000Z","size":24315,"stargazers_count":49,"open_issues_count":1,"forks_count":30,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-04-19T08:34:30.383Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Solidity","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/base.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-05T17:54:21.000Z","updated_at":"2025-04-15T12:39:15.000Z","dependencies_parsed_at":"2024-11-09T04:27:44.081Z","dependency_job_id":"cb09ccd1-0ff6-4c14-bd20-1a226e43ac52","html_url":"https://github.com/base/FCL-ecdsa-verify-audit","commit_stats":null,"previous_names":["base-org/fresh-crypto-lib-audit","base-org/fcl-ecdsa-verify-audit","base/fcl-ecdsa-verify-audit"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/base%2FFCL-ecdsa-verify-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/base%2FFCL-ecdsa-verify-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/base%2FFCL-ecdsa-verify-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/base%2FFCL-ecdsa-verify-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/base","download_url":"https://codeload.github.com/base/FCL-ecdsa-verify-audit/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251780928,"owners_count":21642863,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-04-30T20:47:49.654Z","updated_at":"2025-04-30T20:47:50.450Z","avatar_url":"https://github.com/base.png","language":"Solidity","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003e [!IMPORTANT]  \n\u003e This audit's scope is extremely narrow. Ensure use of this audit as a reference is appropriately scoped.\n\n## FreshCryptoLib ecdsa_verify Audit\n\n**This repo contains the set of tests used to audit the FCL ecdsa sepc256r1 verify method implemented by FreshCryptoLib [here](https://github.com/rdubois-crypto/FreshCryptoLib/tree/master/solidity).**\n\n## Scope\n\nThe scope of the audit is restricted only to methods used in the context of `ecdsa_verify`:\n\n```solidity\n    function ecdsa_verify(bytes32 message, uint256 r, uint256 s, uint256 Qx, uint256 Qy)  internal view returns (bool){\n\n        if (r == 0 || r \u003e= FCL_Elliptic_ZZ.n || s == 0 || s \u003e= FCL_Elliptic_ZZ.n) {\n            return false;\n        }\n        \n        if (!FCL_Elliptic_ZZ.ecAff_isOnCurve(Qx, Qy)) {\n            return false;\n        }\n\n        uint256 sInv = FCL_Elliptic_ZZ.FCL_nModInv(s);\n\n        uint256 scalar_u = mulmod(uint256(message), sInv, FCL_Elliptic_ZZ.n);\n        uint256 scalar_v = mulmod(r, sInv, FCL_Elliptic_ZZ.n);\n        uint256 x1;\n\n        x1 = FCL_Elliptic_ZZ.ecZZ_mulmuladd_S_asm(Qx, Qy, scalar_u, scalar_v);\n\n        x1= addmod(x1, n-r,n );\n    \n        return x1 == 0;\n    }\n```\n\nAs such, only the following files were in-scope for this exercise:\n- [FCL_ecdsa.sol](https://github.com/rdubois-crypto/FreshCryptoLib/blob/master/solidity/src/FCL_ecdsa.sol)\n- [FCL_ecdsa_utils.sol](https://github.com/rdubois-crypto/FreshCryptoLib/blob/master/solidity/src/FCL_ecdsa_utils.sol)\n- [FCL_elliptic.sol](https://github.com/rdubois-crypto/FreshCryptoLib/blob/master/solidity/src/FCL_elliptic.sol)\n\n\n## Methodology\n\nThe test suite was conducted in three major parts:\n1. Unit tests were written for each of the helper methods employed in the `ecdsa_verify` flow. By leveraging calls against the [go/elliptic](https://pkg.go.dev/crypto/elliptic#section-sourcefiles) library, each solidity implementation was fuzz-tested for accuracy across a range of inputs. \n2. Targeted tests were written against inline assembly exceperts taken from the extensive `ecZZ_mulmuladd_S_asm` method found [here](https://github.com/rdubois-crypto/FreshCryptoLib/blob/ec7122f20900f9486a7c018d635f69738b14dfc3/solidity/src/FCL_elliptic.sol#L345C14-L345C34).\n3. Our in-house cryptography team reviewed the methodology and implementation then conducted targeted edge case testing against relevant methods in the library. \n\n\n## Results\n\nOfficial reports can be found in the [docs](https://github.com/base-org/FCL-ecdsa-verify-audit/tree/main/docs). \n\nThrough our testing, we determined there were two issues with the implementation. Both were addressed and fixed in the subject libraries. The PRs for these changes can be found [here](https://github.com/rdubois-crypto/FreshCryptoLib/pull/60) and [here](https://github.com/rdubois-crypto/FreshCryptoLib/pull/61).\n\n## Usage\n\n### Build\n\n```shell\n$ forge build\n```\n\n### Test\n\n```shell\n$ forge test --ffi\n```\n\n### Help\n\n```shell\n$ forge --help\n$ anvil --help\n$ cast --help\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbase%2Ffcl-ecdsa-verify-audit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbase%2Ffcl-ecdsa-verify-audit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbase%2Ffcl-ecdsa-verify-audit/lists"}