Use assembly in WebAuthnVerifier for Base64 encoding

[akshay-ap]

This PR implements #289

The algorithm is implemented as a library instead of the suggested in-place adjustment from the original issue. Akshay's original implementation was doing it in-place (which can still be found in the commit history). While it was efficient code size-wise, but gas-wise, it consumed more gas than FCL's implementation, probably due to some inefficient stack manipulations. I tested it with Solady's library then, and it turned out to be much more efficient even though it wasn't doing the encoding in place.

The implementation I'm proposing is based on Solady's efficient algorithm. It seems to me that it's not adjustable to in-place encoding due to the fact the algorithm takes advantage of optimizing stack operations by writing X bytes to the scratch space and then writing them to the string at position Y+(I*N) (I=Iteration, Y=start, N=bytes written in an iteration) as a 32-byte word. Because it writes them as a 32-byte word, it’s not suitable for modifying a string in place because it will overwrite the existing string bytes with empty characters. (I'm happy if I'm wrong though)

Changes in PR:

• Add codesize task
• Add a Base64Url.sol library with a Base64Url encoding algorithm that is optimized for encoding bytes32 data.
• Add tests for the base64 library
• Edit the typescript configuration to include the hardhat.config.ts so all the type extensions are picked up. Necessary to get the project compiled.

Code size change

This PR:
WebAuthnSigner 2693 bytes (limit is 24576)

Default main branch:
WebAuthnSigner 2817 bytes (limit is 24576)

Gas Usage - Needs additional test for benchmarking

Solady:

  Gas Benchmarking
    WebAuthnSigner
      ⛽ deployment: 550077
      ✔ Benchmark signer deployment cost
      ⛽ verification (FreshCryptoLib): 216563
      ✔ Benchmark signer verification cost with FreshCryptoLib verifier (70ms)
      ⛽ verification (daimo-eth): 347246
      ✔ Benchmark signer verification cost with daimo-eth verifier (116ms)
      ⛽ verification (Dummy): 12713
      ✔ Benchmark signer verification cost with Dummy verifier

FCL:

  Gas Benchmarking
    WebAuthnSigner
      ⛽ deployment: 612929
      ✔ Benchmark signer deployment cost
      ⛽ verification (FreshCryptoLib): 217272
      ✔ Benchmark signer verification cost with FreshCryptoLib verifier (70ms)
      ⛽ verification (daimo-eth): 347636
      ✔ Benchmark signer verification cost with daimo-eth verifier (108ms)
      ⛽ verification (Dummy): 13844
      ✔ Benchmark signer verification cost with Dummy verifier

This PR:

  Gas Benchmarking
    WebAuthnSigner
      ⛽ deployment: 533456
      ✔ Benchmark signer deployment cost
      ⛽ verification (FreshCryptoLib): 210645
      ✔ Benchmark signer verification cost with FreshCryptoLib verifier (64ms)
      ⛽ verification (daimo-eth): 337941
      ✔ Benchmark signer verification cost with daimo-eth verifier (108ms)
      ⛽ verification (Dummy): 12281
      ✔ Benchmark signer verification cost with Dummy verifier

This PR (viaIR):

  Gas Benchmarking
    WebAuthnSigner
      ⛽ deployment: 544844
      ✔ Benchmark signer deployment cost
      ⛽ verification (FreshCryptoLib): 294440
      ✔ Benchmark signer verification cost with FreshCryptoLib verifier (108ms)
      ⛽ verification (daimo-eth): 335453
      ✔ Benchmark signer verification cost with daimo-eth verifier (117ms)
      ⛽ verification (Dummy): 10352
      ✔ Benchmark signer verification cost with Dummy verifier

[coveralls]

Pull Request Test Coverage Report for Build 8452699560

Details

• 2 of 2 (100.0%) changed or added relevant lines in 2 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.1%) to 81.633%

---

Totals
Change from base Build 8393417595:	0.1%
Covered Lines:	95
Relevant Lines:	103

---

💛 - Coveralls

[nlordell]

The code in question is notable missing unit tests.

[akshay-ap]

Gas Usage - Needs additional test for benchmarking

These tests to be added in #287. So, need to close #287 before merging this PR if benchmarking results are required.

yes, I was thinking to add tests and benchmarking tests in #287 or else we can even do it in this

[nlordell]

I think we should add unit tests for the functions to ensure that we have 100% coverage (for example, check that it does not validate a correctly signed signature if the authentication flags aren't correctly set).

This should be different than general benchmarking.

[akshay-ap]

I think we should add unit tests for the functions to ensure that we have 100% coverage (for example, check that it does not validate a correctly signed signature if the authentication flags aren't correctly set).

This should be different than general benchmarking.

Already added here: https://github.com/safe-global/safe-modules/pull/301/files

[nlordell]

The experimental code will be removed, so I wouldn't update it here as well.

[nlordell]

nit: this can be a single string instead of mutiple strings (not sure how it affects the generated assembly though).

[mmv08]

For some reason, tests fail when run through the coverage command. When run normally, tests pass. I will investigate tomorrow.

[nlordell]

nit:lints

[nlordell]

Shouldn't tests be included as well?

[mmv08]

Have included it now

[nlordell]

Fairly sure these types aren't used anywhere - and I think are inaccurate (in particular CompilerOutput specifically depends on the outputSelection of the input). I would remove them if they aren't used.

[mmv08]

They're used in the codesize task; without type declaration for solc, the project won't compile. They might be inaccurate since I generated them using the perplexity AI tool - however, I believe they're still safer than just declaring everything as any, like here. I'll take one more look and fix the inaccuracies

[mmv08]

Ahh, now I see what you mean, you're right

[akshay-ap]

LGTM