Use calldata ECDSA recovery variants to avoid memory copies

[radik878]

Replace ECDSA.tryRecover(hash, signature) with ECDSA.tryRecoverCalldata(hash, signature)
Reason: signatures are received as bytes calldata; using the calldata variant prevents copying to memory, reducing gas without changing behavior.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9c7eb41

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Multiple cryptographic signer contracts are updated to use tryRecoverCalldata instead of tryRecover for ECDSA signature recovery operations. These changes affect ERC2771Forwarder, SignerECDSA, and SignerEIP7702. Additionally, ERC2771Forwarder documentation is updated to clarify nonce handling as implicit and to correct method documentation references from request.signer to request.from. No public function signatures are modified.

Possibly related PRs

• docs(ERC2771Forwarder): fix validate signer reference and clarify implicit nonce #5938: Updates ERC2771Forwarder documentation to clarify implicit nonce handling and reference request.from instead of request.signer
• fix: ERC2771Forwarder _validate doc comment #6029: Corrects ERC2771Forwarder's _validate documentation to reference request.from instead of request.signer

Suggested labels

ignore-changeset

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main optimization: replacing standard ECDSA recovery with calldata variants to eliminate memory copies.
Description check	✅ Passed	The description is directly related to the changeset, explaining the specific function replacement and the gas optimization rationale.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 04e683b and 9c7eb41.

📒 Files selected for processing (3)

• contracts/metatx/ERC2771Forwarder.sol (3 hunks)
• contracts/utils/cryptography/signers/SignerECDSA.sol (1 hunks)
• contracts/utils/cryptography/signers/SignerEIP7702.sol (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-03T13:14:57.679Z

Learnt from: Amxx
Repo: OpenZeppelin/openzeppelin-contracts PR: 5914
File: contracts/crosschain/bridges/BridgeERC20.sol:57-58
Timestamp: 2025-10-03T13:14:57.679Z
Learning: In cross-chain bridge contracts like BridgeERC20, when processing incoming messages in _processMessage, avoid validation checks that revert on malformed addresses. Reverting would create cross-chain inconsistency where tokens are locked/burned on the source chain but never minted on the destination. Instead, use best-effort address extraction (e.g., address(bytes20(toBinary))) to maintain atomicity across chains. If tokens are minted to an incorrect address due to user error, recovery may be possible through admin controls rather than leaving funds permanently locked.

Applied to files:

• contracts/metatx/ERC2771Forwarder.sol

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Redirect rules - solidity-contracts
• GitHub Check: Header rules - solidity-contracts
• GitHub Check: Pages changed - solidity-contracts
• GitHub Check: tests-foundry
• GitHub Check: coverage
• GitHub Check: tests-upgradeable
• GitHub Check: slither
• GitHub Check: tests
• GitHub Check: halmos

🔇 Additional comments (5)

contracts/utils/cryptography/signers/SignerECDSA.sol (1)

53-55: Gas optimization confirmed

Using tryRecoverCalldata avoids copying the calldata signature while preserving the existing validation semantics.

contracts/utils/cryptography/signers/SignerEIP7702.sol (1)

22-24: Calldata recovery matches the contract shape

Swapping to tryRecoverCalldata takes advantage of the calldata signature for the stateless account path without altering the validation logic.

contracts/metatx/ERC2771Forwarder.sol (3)

22-24: Nonce documentation now mirrors behavior

Calling out the nonce as implicit via {Nonces} matches how the struct is encoded today.

---

198-199: Signature validation docs clarified

Referencing request.from aligns the prose with the real signer check in _validate.

---

235-237: Calldata recovery is the right fit here

request.signature resides in calldata, so .tryRecoverCalldata removes a memory copy while keeping recover-error handling intact.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}