Optimize ERC-1271 path in isValidSignatureNowCalldata to avoid extra allocation (#6123)

Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>

Author: Bashmunta

.changeset/fuzzy-lizards-do.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`SignatureChecker`: Add `isValidERC1271SignatureNowCalldata`, a variant of `isValidERC1271SignatureNow` that takes the signature from calldata.

contracts/utils/cryptography/SignatureChecker.sol

@@ -50,7 +50,7 @@ library SignatureChecker {
             (address recovered, ECDSA.RecoverError err, ) = ECDSA.tryRecoverCalldata(hash, signature);
             return err == ECDSA.RecoverError.NoError && recovered == signer;
         } else {
-            return isValidERC1271SignatureNow(signer, hash, signature);
+            return isValidERC1271SignatureNowCalldata(signer, hash, signature);
         }
     }
 
@@ -73,8 +73,8 @@ library SignatureChecker {
             // Encoded calldata is :
             // [ 0x00 - 0x03 ] <selector>
             // [ 0x04 - 0x23 ] <hash>
-            // [ 0x24 - 0x44 ] <signature offset> (0x40)
-            // [ 0x44 - 0x64 ] <signature length>
+            // [ 0x24 - 0x43 ] <signature offset> (0x40)
+            // [ 0x44 - 0x63 ] <signature length>
             // [ 0x64 - ...  ] <signature data>
             let ptr := mload(0x40)
             mstore(ptr, selector)
@@ -87,6 +87,33 @@ library SignatureChecker {
         }
     }
 
+    function isValidERC1271SignatureNowCalldata(
+        address signer,
+        bytes32 hash,
+        bytes calldata signature
+    ) internal view returns (bool result) {
+        bytes4 selector = IERC1271.isValidSignature.selector;
+        uint256 length = signature.length;
+
+        assembly ("memory-safe") {
+            // Encoded calldata is :
+            // [ 0x00 - 0x03 ] <selector>
+            // [ 0x04 - 0x23 ] <hash>
+            // [ 0x24 - 0x43 ] <signature offset> (0x40)
+            // [ 0x44 - 0x63 ] <signature length>
+            // [ 0x64 - ...  ] <signature data>
+            let ptr := mload(0x40)
+            mstore(ptr, selector)
+            mstore(add(ptr, 0x04), hash)
+            mstore(add(ptr, 0x24), 0x40)
+            mstore(add(ptr, 0x44), length)
+            calldatacopy(add(ptr, 0x64), signature.offset, length)
+
+            let success := staticcall(gas(), signer, ptr, add(length, 0x64), 0x00, 0x20)
+            result := and(success, and(gt(returndatasize(), 0x1f), eq(mload(0x00), selector)))
+        }
+    }
+
     /**
      * @dev Verifies a signature for a given ERC-7913 signer and hash.
      *

test/utils/cryptography/SignatureChecker.test.js

@@ -58,7 +58,12 @@ describe('SignatureChecker (ERC1271)', function () {
   });
 
   describe('ERC1271 wallet', function () {
-    for (const fn of ['isValidERC1271SignatureNow', 'isValidSignatureNow', 'isValidSignatureNowCalldata']) {
+    for (const fn of [
+      'isValidERC1271SignatureNow',
+      'isValidERC1271SignatureNowCalldata',
+      'isValidSignatureNow',
+      'isValidSignatureNowCalldata',
+    ]) {
       describe(fn, function () {
         it('with matching signer and signature', async function () {
           await expect(