diff --git a/contracts/abstraction/identity/IdentityP256.sol b/contracts/abstraction/identity/IdentityP256.sol
index d520a011a54..d0fb085104d 100644
--- a/contracts/abstraction/identity/IdentityP256.sol
+++ b/contracts/abstraction/identity/IdentityP256.sol
@@ -11,17 +11,19 @@ contract IdentityP256Implementation is IERC1271 {
         return Clones.fetchCloneArgs(address(this));
     }
 
-    function isValidSignature(bytes32 h, bytes memory signature) external view returns (bytes4 magicValue) {
-        // fetch and decode immutable public key for the clone
-        (bytes32 qx, bytes32 qy) = abi.decode(publicKey(), (bytes32, bytes32));
-
+    function isValidSignature(bytes32 h, bytes calldata signature) external view returns (bytes4 magicValue) {
+        // parse signature
+        if (signature.length < 0x40) return bytes4(0);
         bytes32 r;
         bytes32 s;
         assembly ("memory-safe") {
-            r := mload(add(signature, 0x20))
-            s := mload(add(signature, 0x40))
+            r := calldataload(add(signature.offset, 0x00))
+            s := calldataload(add(signature.offset, 0x20))
         }
 
+        // fetch and decode immutable public key for the clone
+        (bytes32 qx, bytes32 qy) = abi.decode(publicKey(), (bytes32, bytes32));
+
         return P256.verify(h, r, s, qx, qy) ? IERC1271.isValidSignature.selector : bytes4(0);
     }
 }
diff --git a/contracts/abstraction/identity/IdentityRSA.sol b/contracts/abstraction/identity/IdentityRSA.sol
index b9d721c5a5f..e8af41721f3 100644
--- a/contracts/abstraction/identity/IdentityRSA.sol
+++ b/contracts/abstraction/identity/IdentityRSA.sol
@@ -11,7 +11,7 @@ contract IdentityRSAImplementation is IERC1271 {
         return abi.decode(Clones.fetchCloneArgs(address(this)), (bytes, bytes));
     }
 
-    function isValidSignature(bytes32 h, bytes memory signature) external view returns (bytes4 magicValue) {
+    function isValidSignature(bytes32 h, bytes calldata signature) external view returns (bytes4 magicValue) {
         // fetch immutable public key for the clone
         (bytes memory e, bytes memory n) = publicKey();
 
@@ -25,7 +25,7 @@ contract IdentityRSAImplementation is IERC1271 {
 contract IdentityRSAFactory {
     address public immutable implementation = address(new IdentityRSAImplementation());
 
-    function create(bytes memory e, bytes memory n) public returns (address instance) {
+    function create(bytes calldata e, bytes calldata n) public returns (address instance) {
         // predict the address of the instance for that key
         address predicted = predict(e, n);
         // if instance does not exist ...
@@ -36,7 +36,7 @@ contract IdentityRSAFactory {
         return predicted;
     }
 
-    function predict(bytes memory e, bytes memory n) public view returns (address instance) {
+    function predict(bytes calldata e, bytes calldata n) public view returns (address instance) {
         return Clones.predictWithImmutableArgsDeterministicAddress(implementation, abi.encode(e, n), bytes32(0));
     }
 }