[DO NOT MERGE] Simulation-only verifySim for use in VGL estimation bundler bytecode overrides

[amiecorso]

Problem

• Removing early returns in verify doesn’t fix VGL estimation:
  • On RIP‑7212 chains, simulations with invalid sigs still fall back to FCL, overestimating vs. onchain precompile.
  • FCL gas varies by input, so “invalid” simulations are noisy and inconsistent with later valid ones.
  • Bundlers change the userOp hash during binary search, so you can’t reuse a single valid signature through estimation.

Approach

• Make simulation take the same path as production:
  • Add verifySim (simulation‑only): ignores caller inputs and uses a known‑valid P‑256 vector. If RIP‑7212 is present, it succeeds there via the precompile, otherwise falls back to FCL using the conservatively high-gas vector.

What changed

• WebAuthn.sol: add verifySim, a simulation-only version of verify that uses a hardcoded successful P‑256ri max‑gas vector.
• Profiling pipeline (scripts + tests): (See README diff for experimental setup and reproducibility!)
  • Generate many valid vectors, measure FCL gas per index, pick the highest‑gas valid case.
  • Emit test/fixtures/fcl_gas_profile.csv and test/fixtures/fcl_gas_hist.html; commit artifacts to show work.

Why this works

• On 7212 chains, simulations follow the precompile path (like production).
• On non‑7212 chains, simulations use a measured worst‑case FCL vector, yielding a stable, conservative VGL without manual buffers.

Validate

• Use verifySim in your bundler sim; VGL should be stable and conservative.
• Optional: rerun the profiling scripts and confirm the selected max‑gas vector matches hardcoded max vector.
• Test added to confirm that verifySim returns true even when fed an invalid signature.

Gas usage for test vectors

The difference between the highest- and lowest-gas-consuming vectors is about 17,000 gas. Given that the full gas cost for a call to verify is roughly 250,000 gas (see benchmarks here, without RIP7212), a potential overestimation by 17,000 gas is only about a 7% overestimation for the call to WebAuthn.verify, and an even smaller percentage of the total gas required for the full ERC-4337 verification path. Therefore it is safe to use the maximum-gas vector for the FCL simulation without being likely to trigger the bundler's gas efficiency requirements (which typically tolerates closer to 50% overestimation for VGL above the actual VG used).

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1

[amiecorso]

The most important change on this branch, hard-coding the highest-gas, known-valid experimental test vector.