feat: add secp256r1 support

bus-mapping/src/circuit_input_builder/execution.rs

@@ -26,6 +26,15 @@ use halo2_proofs::{
 };
 use strum_macros::EnumIter;
 
+use halo2_proofs::halo2curves::{
+    // secp256k1 curve
+    secp256k1::{Fp as Fp_K1, Fq as Fq_K1, Secp256k1Affine},
+    // p256 curve
+    secp256r1::{Fp as Fp_R1, Fq as Fq_R1, Secp256r1Affine},
+    Coordinates,
+    //CurveAffine,
+};
+
 /// An execution step of the EVM.
 #[derive(Clone, Debug)]
 pub struct ExecStep {
@@ -843,7 +852,7 @@ pub struct PrecompileEvents {
 
 impl PrecompileEvents {
     /// Get all ecrecover events.
-    pub fn get_ecrecover_events(&self) -> Vec<SignData> {
+    pub fn get_ecrecover_events(&self) -> Vec<SignData<Fq_K1, Secp256k1Affine>> {
         self.events
             .iter()
             .filter_map(|e| {
@@ -926,13 +935,28 @@ impl PrecompileEvents {
             .cloned()
             .collect()
     }
+
+    /// Get all p256 verify events.
+    pub fn get_p256_verify_events(&self) -> Vec<SignData<Fq_R1, Secp256r1Affine>> {
+        self.events
+            .iter()
+            .filter_map(|e: &PrecompileEvent| {
+                if let PrecompileEvent::P256Verify(sign_data) = e {
+                    Some(sign_data)
+                } else {
+                    None
+                }
+            })
+            .cloned()
+            .collect()
+    }
 }
 
 /// I/O from a precompiled contract call.
 #[derive(Clone, Debug)]
 pub enum PrecompileEvent {
     /// Represents the I/O from Ecrecover call.
-    Ecrecover(SignData),
+    Ecrecover(SignData<Fq_K1, Secp256k1Affine>),
     /// Represents the I/O from EcAdd call.
     EcAdd(EcAddOp),
     /// Represents the I/O from EcMul call.
@@ -943,6 +967,8 @@ pub enum PrecompileEvent {
     ModExp(BigModExp),
     /// Represents the I/O from SHA256 call.
     SHA256(SHA256),
+    /// Represents the I/O from P256Verify call.
+    P256Verify(SignData<Fq_R1, Secp256r1Affine>),
 }
 
 impl Default for PrecompileEvent {

eth-types/src/geth_types.rs

@@ -11,7 +11,10 @@ use ethers_core::types::{
     transaction::eip2718::TypedTransaction, Eip1559TransactionRequest, Eip2930TransactionRequest,
     NameOrAddress, TransactionRequest, H256,
 };
-use halo2curves::{group::ff::PrimeField, secp256k1::Fq};
+use halo2curves::{
+    group::ff::PrimeField,
+    secp256k1::{Fq as Fq_K1, Secp256k1Affine},
+};
 use num::Integer;
 use num_bigint::BigUint;
 use serde::{Serialize, Serializer};
@@ -357,12 +360,13 @@ impl From<&Transaction> for TransactionRequest {
 }
 
 impl Transaction {
+    /// secp256k1 method:
     /// Return the SignData associated with this Transaction.
-    pub fn sign_data(&self) -> Result<SignData, Error> {
+    pub fn sign_data(&self) -> Result<SignData<Fq_K1, Secp256k1Affine>, Error> {
         let sig_r_le = self.r.to_le_bytes();
         let sig_s_le = self.s.to_le_bytes();
-        let sig_r = ct_option_ok_or(Fq::from_repr(sig_r_le), Error::Signature)?;
-        let sig_s = ct_option_ok_or(Fq::from_repr(sig_s_le), Error::Signature)?;
+        let sig_r = ct_option_ok_or(Fq_K1::from_repr(sig_r_le), Error::Signature)?;
+        let sig_s = ct_option_ok_or(Fq_K1::from_repr(sig_s_le), Error::Signature)?;
         let msg = self.rlp_unsigned_bytes.clone().into();
         let msg_hash: [u8; 32] = Keccak256::digest(&msg)
             .as_slice()
@@ -375,7 +379,7 @@ impl Transaction {
         let msg_hash = BigUint::from_bytes_be(msg_hash.as_slice());
         let msg_hash = msg_hash.mod_floor(&*SECP256K1_Q);
         let msg_hash_le = biguint_to_32bytes_le(msg_hash);
-        let msg_hash = ct_option_ok_or(Fq::from_repr(msg_hash_le), Error::Signature)?;
+        let msg_hash = ct_option_ok_or(Fq_K1::from_repr(msg_hash_le), Error::Signature)?;
         Ok(SignData {
             signature: (sig_r, sig_s, v),
             pk,