This is pretty inefficient, consider using unchecked at minimum.

Also unclear why this is useful:

➜ nibbles(hex"ABCD")
Type: dynamic bytes
├ Hex (Memory):
├─ Length ([0x00:0x20]): 0x0000000000000000000000000000000000000000000000000000000000000004
├─ Contents ([0x20:..]): 0xa00bc00d00000000000000000000000000000000000000000000000000000000
├ Hex (Tuple Encoded):
├─ Pointer ([0x00:0x20]): 0x0000000000000000000000000000000000000000000000000000000000000020
├─ Length ([0x20:0x40]): 0x0000000000000000000000000000000000000000000000000000000000000004
└─ Contents ([0x40:..]): 0xa00bc00d00000000000000000000000000000000000000000000000000000000
➜ 

Using unchecked would be safe since overflow is impossible given bytes memory can realistically only have a length smaller than 256 bits.

➜ bytes memory b = new bytes(type(uint32).max);
Traces:
  [942682544] 0xBd770416a3345F91E4B34576cb804a576fa48EB1::run()
    └─ ← [MemoryOOG] EvmError: MemoryOOG

I'd fix tests first and then optimize, it's likely that we may leverage other functions of the Bytes library

The initial motivation for this function is to use it in #5680 for TrieProof, but I agree that reallocating memory is perhaps not the most efficient thing to do. I suspect TrieProof may not require the nibbles() function if these are read in place, but I need to experiment a bit with that.

We can add the unchecked, but, is there an alternative you were thinking of? I am more worried about the memory expansion cost

Wondering if inspecting the nibbles JIT rather than converting to separate nibbles array is worthwhile to explore.

In regard to memory expansion, we need calldata variants for all methods related to MPT proofs (both RLP decoding and MPT branch verification) since the input data is almost always provided by the user via calldata. There's rarely a reason to copy the full RLP payload into memory, because typical use cases (like verifying a historical blockhash) only require extracting one or two fields (e.g. stateRoot, txRoot). Operating directly on calldata avoids unnecessary memory allocation and is significantly more gas-efficient. Comparing my personal implementation to RLPReader I'm saving about 40k gas when parsing every block header field (which should never really be needed but serves as a good gas comparison and unit test).

On the nibbles method it may make sense to first check the size of the input, if less than or equal to 32 bytes the above calculation could be much simpler (no loop needed)

Thanks for your feedback @0xClandestine!

We discussed it internally and we agreed to remove the nibbles function for now since it doesn't seem to be useful outside of the context of MPT. I'll reimplement the function privately in MPT