Optimize ERC-1271 path in isValidSignatureNowCalldata to avoid extra allocation

[Bashmunta]

The calldata variant of SignatureChecker was passing bytes calldata into a memory-based ERC-1271 helper, introducing an unnecessary calldata-to-memory allocation followed by another memory copy when assembling the low-level call. This change adds isValidERC1271SignatureNowCalldata(address,bytes32,bytes calldata), which constructs the call buffer with calldatacopy and preserves the existing ABI layout and success checks. The isValidSignatureNowCalldata branch for contract signers now uses the calldata helper, eliminating the extra allocation/copy. Behavior is unchanged; only gas/memory efficiency improves and this is consistent with the library’s existing calldata optimizations in ECDSA

[changeset-bot]

⚠️ No Changeset found

Latest commit: 5c0658b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

This change introduces a new internal view function isValidERC1271SignatureNowCalldata in the SignatureChecker contract to validate ERC-1271 signatures using calldata-based parameters. The function constructs and sends ERC-1271 isValidSignature calldata to a signer contract and returns true if the call succeeds with the correct selector. The existing isValidSignatureNowCalldata function has been refactored to delegate to this new function for contract-initiated ERC-1271 validation paths. Additionally, calldata encoding offset values in comments have been updated to reflect corrected boundary handling calculations.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main change: optimizing the ERC-1271 path in isValidSignatureNowCalldata to avoid unnecessary memory allocation.
Description check	✅ Passed	The description clearly explains the optimization by detailing the problem (unnecessary calldata-to-memory allocation), the solution (new calldata-optimized helper), and the benefits (improved gas/memory efficiency).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6308fdc and 5c0658b.

📒 Files selected for processing (1)

• contracts/utils/cryptography/SignatureChecker.sol (3 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-15T02:52:05.027Z

Learnt from: ernestognw
Repo: OpenZeppelin/openzeppelin-contracts PR: 5891
File: test/account/modules/ERC7579Module.behavior.js:56-61
Timestamp: 2025-10-15T02:52:05.027Z
Learning: In ERC7579 validator tests for `isValidSignatureWithSender`, using `this.mock` (not bound to a specific account) is valid when testing signature validation with any arbitrary sender, while `this.mockFromAccount` is used when testing account-specific validation scenarios.

Applied to files:

• contracts/utils/cryptography/SignatureChecker.sol

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Redirect rules - solidity-contracts
• GitHub Check: Header rules - solidity-contracts
• GitHub Check: Pages changed - solidity-contracts
• GitHub Check: halmos
• GitHub Check: slither
• GitHub Check: tests-upgradeable
• GitHub Check: coverage
• GitHub Check: tests-foundry
• GitHub Check: tests

🔇 Additional comments (3)

contracts/utils/cryptography/SignatureChecker.sol (3)

49-54: Calldata path now uses ERC-1271 calldata helper (no behavior change, better gas).

Switching the contract-signer branch to isValidERC1271SignatureNowCalldata keeps the logic identical while avoiding the implicit calldata→memory copy for signature. This looks correct and aligned with the calldata optimization goals.

---

72-84: ABI layout comment now matches the actual word boundaries.

Updating the ranges to [0x24 - 0x43] and [0x44 - 0x63] correctly reflects 32‑byte words given the existing mstore / mcopy pattern. The comment is now consistent with the implemented encoding.

---

90-115: New calldata-based ERC-1271 helper is ABI-correct and matches the memory variant’s behavior.

The assembly builds isValidSignature(bytes32,bytes) calldata with the same layout as the memory helper (selector, hash, offset 0x40, length, then raw signature bytes from calldatacopy), and the staticcall length add(length, 0x64) is consistent with that layout. The return check mirrors the existing helper, so behavior should be unchanged while saving the extra allocation/copy.

To be safe, please confirm this compiles and passes the existing SignatureChecker test suite on Solidity 0.8.24+, since it relies on inline assembly access to signature.offset / signature.length.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}