Bunkr-2FA · 0xRigel · Oct 25, 2023 · Sep 10, 2023 · Sep 10, 2023 · Oct 19, 2023
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -192,6 +192,7 @@ eager = "0.1.0"
 ed25519-dalek = "=1.0.1"
 ed25519-dalek-bip32 = "0.2.0"
 either = "1.9.0"
+elliptic-curve = "0.11.0"
 enum-iterator = "1.4.1"
 env_logger = "0.9.3"
 etcd-client = "0.11.1"
@@ -256,6 +257,7 @@ parking_lot = "0.12"
 pbkdf2 = { version = "0.11.0", default-features = false }
 pem = "1.1.1"
 percentage = "0.1.0"
+p256 = { version = "0.10.1" }
 pickledb = { version = "0.5.1", default-features = false }
 pkcs8 = "0.8.0"
 predicates = "2.1"

diff --git a/docs/src/developing/runtime-facilities/programs.md b/docs/src/developing/runtime-facilities/programs.md
@@ -158,6 +158,52 @@ process_instruction() {
 }
 ```
 
+## Secp256r1 Program
+
+Verify Secp256r1 signature program. This program takes an Secp256r1 signature, SEC1 encoded public key, and message.
+Multiple signatures can be verified. If any of the signatures fail to verify, an error is returned.
+
+- Program id: `Secp256r1SigVerify1111111111111111111111111`
+- Instructions: [new_secp256r1_instruction](https://github.com/solana-labs/solana/blob/master/sdk/src/secp256r1_instruction.rs#L36)
+
+The secp256r1 program processes an instruction. The first `u8` is a count of the number of
+signatures to check, which is followed by a single byte padding. After that, the
+following struct is serialized, one for each signature to check.
+
+```
+struct Secp256r1SignatureOffsets {
+    signature_offset: u16,             // offset to secp256r1 signature of 64 bytes
+    signature_instruction_index: u16,  // instruction index to find signature
+    public_key_offset: u16,            // offset to SEC1-encoded public key of 33 or 65 bytes
+    public_key_instruction_index: u16, // instruction index to find public key
+    message_data_offset: u16,          // offset to start of message data
+    message_data_size: u16,            // size of message data
+    message_instruction_index: u16,    // index of instruction data to get message data
+}
+```
+
+Pseudo code of the operation:
+
+```
+process_instruction() {
+    for i in 0..count {
+        // i'th index values referenced:
+        instructions = &transaction.message().instructions
+        instruction_index = secp256r1_signature_instruction_index != u16::MAX ? secp256r1_signature_instruction_index : current_instruction;
+        signature = instructions[instruction_index].data[secp256r1_signature_offset..secp256r1_signature_offset + 64]
+        instruction_index = secp256r1_pubkey_instruction_index != u16::MAX ? secp256r1_pubkey_instruction_index : current_instruction;
+        pubkey_length = instructions[instruction_index].data[secp256r1_pubkey_offset] != 1 ? 33 : 65;
+        pubkey = instructions[instruction_index].data[secp256r1_pubkey_offset..secp256r1_pubkey_offset + pubkey_length]
+        instruction_index = secp256r1_message_instruction_index != u16::MAX ? secp256r1_message_instruction_index : current_instruction;
+        message = instructions[instruction_index].data[secp256r1_message_data_offset..secp256r1_message_data_offset + secp256r1_message_data_size]
+        if pubkey.verify(signature, message) != Success {
+            return Error
+        }
+    }
+    return Success
+}
+```
+
 This allows the user to specify any instruction data in the transaction for
 signature and message data. By specifying a special instructions sysvar, one can
 also receive data from the transaction itself.

diff --git a/sdk/Cargo.toml b/sdk/Cargo.toml
@@ -22,6 +22,7 @@ default = [
 full = [
     "assert_matches",
     "byteorder",
+    "elliptic-curve",
     "chrono",
     "generic-array",
     "memmap2",
@@ -32,6 +33,7 @@ full = [
     "ed25519-dalek-bip32",
     "solana-logger",
     "libsecp256k1",
+    "p256",
     "sha3",
     "digest",
 ]
@@ -52,6 +54,7 @@ derivation-path = { workspace = true }
 digest = { workspace = true, optional = true }
 ed25519-dalek = { workspace = true, optional = true }
 ed25519-dalek-bip32 = { workspace = true, optional = true }
+elliptic-curve = { workspace = true, optional = true }
 generic-array = { workspace = true, features = ["serde", "more_lengths"], optional = true }
 hmac = { workspace = true }
 itertools =  { workspace = true }
@@ -63,6 +66,7 @@ num-derive = { workspace = true }
 num-traits = { workspace = true }
 num_enum = { workspace = true }
 pbkdf2 = { workspace = true }
+p256 = { workspace = true, optional = true }
 qstring = { workspace = true }
 qualifier_attr = { workspace = true }
 rand = { workspace = true, optional = true }

diff --git a/sdk/program/src/lib.rs b/sdk/program/src/lib.rs
@@ -520,6 +520,7 @@ pub mod rent;
 pub mod sanitize;
 pub mod secp256k1_program;
 pub mod secp256k1_recover;
+pub mod secp256r1_program;
 pub mod serde_varint;
 pub mod serialize_utils;
 pub mod short_vec;

diff --git a/sdk/program/src/secp256r1_program.rs b/sdk/program/src/secp256r1_program.rs
@@ -0,0 +1,6 @@
+//! The [secp256r1 native program][np].
+//!
+//! [np]:
+
+
+crate::declare_id!("Secp256r1SigVerify1111111111111111111111111");
diff --git a/sdk/src/feature_set.rs b/sdk/src/feature_set.rs
@@ -680,6 +680,9 @@ pub mod enable_poseidon_syscall {
     solana_sdk::declare_id!("FL9RsQA6TVUoh5xJQ9d936RHSebA1NLQqe3Zv9sXZRpr");
 }
 
+pub mod secp256r1_program_enabled {
+    solana_sdk::declare_id!("GkVUbiefEqFzzLcArWgNG7r3BCs551UUjdH2hVE5ns3E");
+
 pub mod timely_vote_credits {
     solana_sdk::declare_id!("2oXpeh141pPZCTCFHBsvCwG2BtaHZZAtrVhwaxSy6brS");
 }
@@ -888,6 +891,7 @@ lazy_static! {
         (reduce_stake_warmup_cooldown::id(), "reduce stake warmup cooldown from 25% to 9%"),
         (revise_turbine_epoch_stakes::id(), "revise turbine epoch stakes"),
         (enable_poseidon_syscall::id(), "Enable Poseidon syscall"),
+        (secp256r1_program_enabled::id(), "Enable secp256r1 signature verification program"),
         (timely_vote_credits::id(), "use timeliness of votes in determining credits to award"),
         (remaining_compute_units_syscall_enabled::id(), "enable the remaining_compute_units syscall"),
         (enable_program_runtime_v2_and_loader_v4::id(), "Enable Program-Runtime-v2 and Loader-v4 #33293"),

diff --git a/sdk/src/lib.rs b/sdk/src/lib.rs
@@ -52,7 +52,7 @@ pub use solana_program::{
     incinerator, instruction, keccak, lamports, loader_instruction, loader_upgradeable_instruction,
     loader_v4, loader_v4_instruction, message, msg, native_token, nonce, poseidon, program,
     program_error, program_memory, program_option, program_pack, rent, sanitize, sdk_ids,
-    secp256k1_program, secp256k1_recover, serde_varint, serialize_utils, short_vec, slot_hashes,
+    secp256k1_program, secp256k1_recover,secp256r1_program, serde_varint, serialize_utils, short_vec, slot_hashes,
     slot_history, stable_layout, stake, stake_history, syscalls, system_instruction,
     system_program, sysvar, unchecked_div_by_const, vote, wasm_bindgen,
 };
@@ -92,6 +92,7 @@ pub mod recent_blockhashes_account;
 pub mod reward_type;
 pub mod rpc_port;
 pub mod secp256k1_instruction;
+pub mod secp256r1_instruction;
 pub mod shred_version;
 pub mod signature;
 pub mod signer;