github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-02-19 02:24:25 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore: remove all instances of selfrica (#1665)

Browse Source
This commit is contained in:
Nesopie
2026-01-28 15:46:49 +05:30
committed by GitHub
parent a7fb017a49
commit 16c58906d9
17 changed files with 183 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
circuits/scripts/build/build_disclose_circuits.sh
View File

@@ -15,9 +15,9 @@ OUTPUT_DIR="build/${CIRCUIT_TYPE}"
# Define circuits and their configurations
# format: name:poweroftau:build_flag
CIRCUITS=(
# "vc_and_disclose:20:true"
# "vc_and_disclose_id:20:true"
# "vc_and_disclose_aadhaar:20:true"
"vc_and_disclose:20:true"
"vc_and_disclose_id:20:true"
"vc_and_disclose_aadhaar:20:true"
"vc_and_disclose_kyc:17:true"
)

10
contracts/contracts/IdentityVerificationHubImplV2.sol
View File

@@ -313,8 +313,8 @@ contract IdentityVerificationHubImplV2 is ImplRoot {
);
} else if (attestationId == AttestationId.KYC) {
IIdentityRegistryKycV1($._registries[attestationId]).registerCommitment(
registerCircuitProof.pubSignals[CircuitConstantsV2.SELFRICA_NULLIFIER_INDEX],
registerCircuitProof.pubSignals[CircuitConstantsV2.SELFRICA_COMMITMENT_INDEX]
registerCircuitProof.pubSignals[CircuitConstantsV2.KYC_NULLIFIER_INDEX],
registerCircuitProof.pubSignals[CircuitConstantsV2.KYC_COMMITMENT_INDEX]
);
} else {
revert InvalidAttestationId();
@@ -876,7 +876,7 @@ contract IdentityVerificationHubImplV2 is ImplRoot {
* @notice Performs current date validation with format-aware parsing
* @dev Handles three date formats:
* - E_PASSPORT/EU_ID_CARD: 6 ASCII chars (YYMMDD)
* - SELFRICA_ID_CARD: 8 ASCII digits (YYYYMMDD)
* - KYC: 8 ASCII digits (YYYYMMDD)
* - AADHAAR: 3 numeric signals (year, month, day)
* @param attestationId The attestation type to determine date format
* @param vcAndDiscloseProof The proof containing date information
@@ -900,7 +900,7 @@ contract IdentityVerificationHubImplV2 is ImplRoot {
}
currentTimestamp = Formatter.proofDateToUnixTimestamp(dateNum);
} else if (attestationId == AttestationId.KYC) {
// SELFRICA: 8 ASCII digits (YYYYMMDD)
// KYC: 8 ASCII digits (YYYYMMDD)
uint256[3] memory dateNum; // [year, month, day]
unchecked {
for (uint256 i; i < 4; ++i)
@@ -1016,7 +1016,7 @@ contract IdentityVerificationHubImplV2 is ImplRoot {
/**
* @notice Creates verification output based on attestation type.
* @dev Formats proof data into the appropriate output structure for the attestation type.
* @param attestationId The attestation identifier (passport, EU ID card, Aadhaar, or Selfrica).
* @param attestationId The attestation identifier (passport, EU ID card, Aadhaar, or KYC).
* @param vcAndDiscloseProof The VC and Disclose proof data.
* @param indices The circuit-specific indices for extracting proof values.
* @param userIdentifier The user identifier to include in the output.

4
contracts/contracts/constants/AttestationId.sol
View File

@@ -8,7 +8,7 @@ pragma solidity 0.8.28;
* - E_PASSPORT (1): Electronic passports with NFC chip
* - EU_ID_CARD (2): EU biometric ID cards with NFC chip
* - AADHAAR (3): Indian Aadhaar identity documents
* - SELFRICA_ID_CARD (4): African identity documents via Selfrica/SmileID
* - KYC (4): African identity documents via SumSub
*/
library AttestationId {
/// @notice Identifier for an E-PASSPORT attestation (electronic passports with NFC chip).
@@ -20,6 +20,6 @@ library AttestationId {
/// @notice Identifier for an AADHAAR attestation (Indian Aadhaar identity documents).
bytes32 constant AADHAAR = bytes32(uint256(3));
/// @notice Identifier for a SELFRICA_ID_CARD attestation (African identity documents via Selfrica/SmileID).
/// @notice Identifier for a KYC attestation (African identity documents via SumSub).
bytes32 constant KYC = bytes32(uint256(4));
}

12
contracts/contracts/constants/CircuitConstantsV2.sol
View File

@@ -55,15 +55,15 @@ library CircuitConstantsV2 {
uint256 constant AADHAAR_TIMESTAMP_INDEX = 3;
// ---------------------------
// Selfrica Circuit Constants
// KYC Circuit Constants
// ---------------------------
/**
* @notice Index to access the pubkey commitment in the Selfrica circuit public signals.
* @notice Index to access the pubkey commitment in the KYC circuit public signals.
*/
uint256 constant SELFRICA_NULLIFIER_INDEX = 0;
uint256 constant SELFRICA_COMMITMENT_INDEX = 1;
uint256 constant SELFRICA_PUBKEY_COMMITMENT_INDEX = 2;
uint256 constant SELFRICA_ATTESTATION_ID_INDEX = 3;
uint256 constant KYC_NULLIFIER_INDEX = 0;
uint256 constant KYC_COMMITMENT_INDEX = 1;
uint256 constant KYC_PUBKEY_COMMITMENT_INDEX = 2;
uint256 constant KYC_ATTESTATION_ID_INDEX = 3;
// -------------------------------------
// VC and Disclose Circuit Constants

4
contracts/contracts/interfaces/IIdentityRegistryKycV1.sol
View File

@@ -2,8 +2,8 @@
pragma solidity 0.8.28;
/**
* @title IIdentityRegistrySelfricaV1
* @notice Interface for the Identity Registry Selfrica v1.
* @title IIdentityRegistryKycV1
* @notice Interface for the Identity Registry KYC v1.
* @dev This interface exposes only the external functions accessible by regular callers,
* i.e. functions that are not owner-restricted.
*/

2
contracts/contracts/interfaces/IRegisterCircuitVerifier.sol
View File

@@ -64,7 +64,7 @@ interface IAadhaarRegisterCircuitVerifier {
) external view returns (bool isValid);
}
interface ISelfricaRegisterCircuitVerifier {
interface IKycRegisterCircuitVerifier {
/**
* @notice Verifies a given register circuit proof.
* @dev This function checks the validity of the provided proof parameters.

2
contracts/contracts/interfaces/IVcAndDiscloseCircuitVerifier.sol
View File

@@ -50,7 +50,7 @@ interface IVcAndDiscloseAadhaarCircuitVerifier {
) external view returns (bool);
}
interface IVcAndDiscloseSelfricaCircuitVerifier {
interface IVcAndDiscloseKycCircuitVerifier {
/**
* @notice Verifies a given VC and Disclose zero-knowledge proof.
* @dev This function checks the validity of the provided proof parameters.

40
contracts/contracts/libraries/CustomVerifier.sol
View File

@@ -38,8 +38,8 @@ library CustomVerifier {
SelfStructs.AadhaarOutput memory aadhaarOutput = abi.decode(proofOutput, (SelfStructs.AadhaarOutput));
return CustomVerifier.verifyAadhaar(verificationConfig, aadhaarOutput);
} else if (attestationId == AttestationId.KYC) {
SelfStructs.KycOutput memory selfricaOutput = abi.decode(proofOutput, (SelfStructs.KycOutput));
return CustomVerifier.verifySelfrica(verificationConfig, selfricaOutput);
SelfStructs.KycOutput memory kycOutput = abi.decode(proofOutput, (SelfStructs.KycOutput));
return CustomVerifier.verifyKyc(verificationConfig, kycOutput);
} else {
revert InvalidAttestationId();
}
@@ -298,20 +298,20 @@ library CustomVerifier {
}
/**
* @notice Verifies a Selfrica output.
* @notice Verifies a KYC output.
* @param verificationConfig The verification configuration.
* @param selfricaOutput The Selfrica output from the circuit.
* @param kycOutput The KYC output from the circuit.
* @return genericDiscloseOutput The generic disclose output.
*/
function verifySelfrica(
function verifyKyc(
SelfStructs.VerificationConfigV2 memory verificationConfig,
SelfStructs.KycOutput memory selfricaOutput
SelfStructs.KycOutput memory kycOutput
) internal pure returns (SelfStructs.GenericDiscloseOutputV2 memory) {
if (verificationConfig.ofacEnabled[1] || verificationConfig.ofacEnabled[2]) {
if (
!CircuitAttributeHandlerV2.compareOfac(
AttestationId.KYC,
selfricaOutput.revealedDataPacked,
kycOutput.revealedDataPacked,
false,
verificationConfig.ofacEnabled[1],
verificationConfig.ofacEnabled[2]
@@ -324,7 +324,7 @@ library CustomVerifier {
if (verificationConfig.forbiddenCountriesEnabled) {
for (uint256 i = 0; i < 4; i++) {
if (
selfricaOutput.forbiddenCountriesListPacked[i] != verificationConfig.forbiddenCountriesListPacked[i]
kycOutput.forbiddenCountriesListPacked[i] != verificationConfig.forbiddenCountriesListPacked[i]
) {
revert InvalidForbiddenCountries();
}
@@ -335,7 +335,7 @@ library CustomVerifier {
if (
!CircuitAttributeHandlerV2.compareOlderThanNumeric(
AttestationId.KYC,
selfricaOutput.revealedDataPacked,
kycOutput.revealedDataPacked,
verificationConfig.olderThan
)
) {
@@ -345,27 +345,27 @@ library CustomVerifier {
SelfStructs.GenericDiscloseOutputV2 memory genericDiscloseOutput = SelfStructs.GenericDiscloseOutputV2({
attestationId: AttestationId.KYC,
userIdentifier: selfricaOutput.userIdentifier,
nullifier: selfricaOutput.nullifier,
forbiddenCountriesListPacked: selfricaOutput.forbiddenCountriesListPacked,
userIdentifier: kycOutput.userIdentifier,
nullifier: kycOutput.nullifier,
forbiddenCountriesListPacked: kycOutput.forbiddenCountriesListPacked,
issuingState: "UNAVAILABLE",
name: CircuitAttributeHandlerV2.getName(AttestationId.KYC, selfricaOutput.revealedDataPacked),
idNumber: CircuitAttributeHandlerV2.getDocumentNumber(AttestationId.KYC, selfricaOutput.revealedDataPacked),
nationality: CircuitAttributeHandlerV2.getNationality(AttestationId.KYC, selfricaOutput.revealedDataPacked),
name: CircuitAttributeHandlerV2.getName(AttestationId.KYC, kycOutput.revealedDataPacked),
idNumber: CircuitAttributeHandlerV2.getDocumentNumber(AttestationId.KYC, kycOutput.revealedDataPacked),
nationality: CircuitAttributeHandlerV2.getNationality(AttestationId.KYC, kycOutput.revealedDataPacked),
dateOfBirth: CircuitAttributeHandlerV2.getDateOfBirthFullYear(
AttestationId.KYC,
selfricaOutput.revealedDataPacked
kycOutput.revealedDataPacked
),
gender: CircuitAttributeHandlerV2.getGender(AttestationId.KYC, selfricaOutput.revealedDataPacked),
gender: CircuitAttributeHandlerV2.getGender(AttestationId.KYC, kycOutput.revealedDataPacked),
expiryDate: CircuitAttributeHandlerV2.getExpiryDateFullYear(
AttestationId.KYC,
selfricaOutput.revealedDataPacked
kycOutput.revealedDataPacked
),
olderThan: verificationConfig.olderThan,
ofac: [
false,
CircuitAttributeHandlerV2.getNameAndDobOfac(AttestationId.KYC, selfricaOutput.revealedDataPacked),
CircuitAttributeHandlerV2.getNameAndYobOfac(AttestationId.KYC, selfricaOutput.revealedDataPacked)
CircuitAttributeHandlerV2.getNameAndDobOfac(AttestationId.KYC, kycOutput.revealedDataPacked),
CircuitAttributeHandlerV2.getNameAndYobOfac(AttestationId.KYC, kycOutput.revealedDataPacked)
]
});

6
contracts/contracts/libraries/ProofVerifierLib.sol
View File

@@ -5,7 +5,7 @@ import {AttestationId} from "../constants/AttestationId.sol";
import {GenericProofStruct} from "../interfaces/IRegisterCircuitVerifier.sol";
import {IVcAndDiscloseCircuitVerifier} from "../interfaces/IVcAndDiscloseCircuitVerifier.sol";
import {IVcAndDiscloseAadhaarCircuitVerifier} from "../interfaces/IVcAndDiscloseCircuitVerifier.sol";
import {IVcAndDiscloseSelfricaCircuitVerifier} from "../interfaces/IVcAndDiscloseCircuitVerifier.sol";
import {IVcAndDiscloseKycCircuitVerifier} from "../interfaces/IVcAndDiscloseCircuitVerifier.sol";
/**
* @title ProofVerifierLib
@@ -25,7 +25,7 @@ library ProofVerifierLib {
* @dev Handles different attestation types with different public signal counts:
* - E_PASSPORT and EU_ID_CARD: 21 public signals
* - AADHAAR: 19 public signals
* - SELFRICA_ID_CARD: 28 public signals
* - KYC: 29 public signals
* @param attestationId The type of attestation being verified
* @param verifierAddress The address of the verifier contract
* @param vcAndDiscloseProof The proof data including public signals
@@ -73,7 +73,7 @@ library ProofVerifierLib {
}
if (
!IVcAndDiscloseSelfricaCircuitVerifier(verifierAddress).verifyProof(
!IVcAndDiscloseKycCircuitVerifier(verifierAddress).verifyProof(
vcAndDiscloseProof.a,
vcAndDiscloseProof.b,
vcAndDiscloseProof.c,

6
contracts/contracts/libraries/RegisterProofVerifierLib.sol
View File

@@ -6,7 +6,7 @@ import {CircuitConstantsV2} from "../constants/CircuitConstantsV2.sol";
import {GenericProofStruct} from "../interfaces/IRegisterCircuitVerifier.sol";
import {IRegisterCircuitVerifier} from "../interfaces/IRegisterCircuitVerifier.sol";
import {IAadhaarRegisterCircuitVerifier} from "../interfaces/IRegisterCircuitVerifier.sol";
import {ISelfricaRegisterCircuitVerifier} from "../interfaces/IRegisterCircuitVerifier.sol";
import {IKycRegisterCircuitVerifier} from "../interfaces/IRegisterCircuitVerifier.sol";
import {IIdentityRegistryV1} from "../interfaces/IIdentityRegistryV1.sol";
import {IIdentityRegistryIdCardV1} from "../interfaces/IIdentityRegistryIdCardV1.sol";
import {IIdentityRegistryAadhaarV1} from "../interfaces/IIdentityRegistryAadhaarV1.sol";
@@ -100,7 +100,7 @@ library RegisterProofVerifierLib {
} else if (attestationId == AttestationId.KYC) {
if (
!IIdentityRegistryKycV1(registryAddress).checkPubkeyCommitment(
registerCircuitProof.pubSignals[CircuitConstantsV2.SELFRICA_PUBKEY_COMMITMENT_INDEX]
registerCircuitProof.pubSignals[CircuitConstantsV2.KYC_PUBKEY_COMMITMENT_INDEX]
)
) {
revert InvalidPubkeyCommitment();
@@ -158,7 +158,7 @@ library RegisterProofVerifierLib {
registerCircuitProof.pubSignals[3]
];
if (
!ISelfricaRegisterCircuitVerifier(verifier).verifyProof(
!IKycRegisterCircuitVerifier(verifier).verifyProof(
registerCircuitProof.a,
registerCircuitProof.b,
registerCircuitProof.c,

14
contracts/contracts/registry/IdentityRegistrySelfricaImplV1.sol → contracts/contracts/registry/IdentityRegistryKycImplV1.sol
View File

@@ -32,11 +32,11 @@ import {Formatter} from "../libraries/Formatter.sol";
*/
/**
* @title IdentityRegistrySelfricaStorageV1
* @dev Abstract contract for storage layout of IdentityRegistrySelfricaImplV1.
* @title IdentityRegistryKycStorageV1
* @dev Abstract contract for storage layout of IdentityRegistryKycImplV1.
* Inherits from ImplRoot to provide upgradeable functionality.
*/
abstract contract IdentityRegistrySelfricaStorageV1 is ImplRoot {
abstract contract IdentityRegistryKycStorageV1 is ImplRoot {
// =============================================
// Storage Variables
// =============================================
@@ -56,7 +56,7 @@ abstract contract IdentityRegistrySelfricaStorageV1 is ImplRoot {
/// @notice Mapping from nullifier to a boolean indicating registration.
mapping(uint256 => bool) internal _nullifiers;
/// @notice Pubkey commitments registered for Selfrica.
/// @notice Pubkey commitments registered for KYC.
mapping(uint256 => bool) internal _isRegisteredPubkeyCommitment;
/// @notice Current name and date of birth OFAC root.
@@ -110,11 +110,11 @@ interface IPCR0Manager {
}
/**
* @title IdentityRegistrySelfricaImplV1
* @title IdentityRegistryKycImplV1
* @notice Provides functions to register and manage identity commitments using a Merkle tree structure.
* @dev Inherits from IdentityRegistrySelfricaStorageV1 and implements IIdentityRegistrySelfricaV1.
* @dev Inherits from IdentityRegistryKycStorageV1 and implements IIdentityRegistryKycV1.
*/
contract IdentityRegistrySelfricaImplV1 is IdentityRegistrySelfricaStorageV1, IIdentityRegistryKycV1 {
contract IdentityRegistryKycImplV1 is IdentityRegistryKycStorageV1, IIdentityRegistryKycV1 {
using InternalLeanIMT for LeanIMTData;
// ====================================================

2
contracts/ignition/modules/hub/deployHubV2.ts
View File

@@ -38,7 +38,7 @@ function getHubImplV2InitializeData() {
* - Verification configs via setVerificationConfigV2()
*
* Post-deployment configuration steps:
* 1. Set registry addresses for each attestation type (E_PASSPORT, EU_ID_CARD, AADHAAR, SELFRICA_ID_CARD)
* 1. Set registry addresses for each attestation type (E_PASSPORT, EU_ID_CARD, AADHAAR, KYC)
* 2. Configure circuit verifiers for different signature types
* 3. Set up verification configurations using setVerificationConfigV2()
* 4. Transfer ownership to the appropriate address if needed

109
contracts/test/utils/deploymentV2.ts
View File

@@ -16,9 +16,8 @@ import RegisterVerifierArtifactLocal from "../../artifacts/contracts/verifiers/l
import RegisterIdVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/register_id/Verifier_register_id_sha256_sha256_sha256_rsa_65537_4096_staging.sol/Verifier_register_id_sha256_sha256_sha256_rsa_65537_4096_staging.json";
import RegisterAadhaarVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/register/Verifier_register_aadhaar_staging.sol/Verifier_register_aadhaar_staging.json";
import DscVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/dsc/Verifier_dsc_sha256_rsa_65537_4096_staging.sol/Verifier_dsc_sha256_rsa_65537_4096_staging.json";
import RegisterSelfricaVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/register/Verifier_register_kyc_staging.sol/Verifier_register_kyc_staging.json";
// import GCPJWTVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/gcp_jwt_verifier/Verifier_gcp_jwt_verifier_staging.sol/Verifier_gcp_jwt_verifier_staging.json";
import VcAndDiscloseSelfricaVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/disclose/Verifier_vc_and_disclose_kyc_staging.sol/Verifier_vc_and_disclose_kyc_staging.json";
import RegisterKycVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/register/Verifier_register_kyc_staging.sol/Verifier_register_kyc_staging.json";
import VcAndDiscloseKycVerifierArtifactLocal from "../../artifacts/contracts/verifiers/local/staging/disclose/Verifier_vc_and_disclose_kyc_staging.sol/Verifier_vc_and_disclose_kyc_staging.json";
export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
let identityVerificationHubV2: any;
@@ -29,16 +28,16 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
let identityRegistryIdImpl: any;
let identityRegistryAadhaarImpl: any;
let identityRegistryAadhaarProxy: any;
let identityRegistrySelfricaImpl: any;
let identityRegistrySelfricaProxy: any;
let identityRegistryKycImpl: any;
let identityRegistryKycProxy: any;
let vcAndDiscloseVerifier: any;
let vcAndDiscloseIdVerifier: any;
let vcAndDiscloseAadhaarVerifier: any;
let vcAndDiscloseSelfricaVerifier: any;
let vcAndDiscloseKycVerifier: any;
let registerVerifier: any;
let registerIdVerifier: any;
let registerAadhaarVerifier: any;
let registerSelfricaVerifier: any;
let registerKycVerifier: any;
let dscVerifier: any;
let testSelfVerificationRoot: any;
let owner: HardhatEthersSigner;
@@ -92,16 +91,16 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await vcAndDiscloseAadhaarVerifier.waitForDeployment();
}
let vcAndDiscloseSelfricaVerifierArtifact;
// Deploy VC and Disclose Selfrica verifier
let vcAndDiscloseKycVerifierArtifact;
// Deploy VC and Disclose KYC verifier
{
vcAndDiscloseSelfricaVerifierArtifact = VcAndDiscloseSelfricaVerifierArtifactLocal;
const vcAndDiscloseSelfricaVerifierFactory = await ethers.getContractFactory(
vcAndDiscloseSelfricaVerifierArtifact.abi,
vcAndDiscloseSelfricaVerifierArtifact.bytecode,
vcAndDiscloseKycVerifierArtifact = VcAndDiscloseKycVerifierArtifactLocal;
const vcAndDiscloseKycVerifierFactory = await ethers.getContractFactory(
vcAndDiscloseKycVerifierArtifact.abi,
vcAndDiscloseKycVerifierArtifact.bytecode,
);
vcAndDiscloseSelfricaVerifier = await vcAndDiscloseSelfricaVerifierFactory.connect(owner).deploy();
await vcAndDiscloseSelfricaVerifier.waitForDeployment();
vcAndDiscloseKycVerifier = await vcAndDiscloseKycVerifierFactory.connect(owner).deploy();
await vcAndDiscloseKycVerifier.waitForDeployment();
}
// Deploy register verifier
@@ -140,16 +139,16 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await registerAadhaarVerifier.waitForDeployment();
}
// Deploy register selfrica verifier
let registerSelfricaVerifierArtifact, registerSelfricaVerifierFactory;
// Deploy register kyc verifier
let registerKycVerifierArtifact, registerKycVerifierFactory;
{
registerSelfricaVerifierArtifact = RegisterSelfricaVerifierArtifactLocal;
registerSelfricaVerifierFactory = await ethers.getContractFactory(
registerSelfricaVerifierArtifact.abi,
registerSelfricaVerifierArtifact.bytecode,
registerKycVerifierArtifact = RegisterKycVerifierArtifactLocal;
registerKycVerifierFactory = await ethers.getContractFactory(
registerKycVerifierArtifact.abi,
registerKycVerifierArtifact.bytecode,
);
registerSelfricaVerifier = await registerSelfricaVerifierFactory.connect(owner).deploy();
await registerSelfricaVerifier.waitForDeployment();
registerKycVerifier = await registerKycVerifierFactory.connect(owner).deploy();
await registerKycVerifier.waitForDeployment();
}
// Deploy dsc verifier
@@ -257,16 +256,16 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await identityRegistryAadhaarImpl.waitForDeployment();
}
// Deploy IdentityRegistrySelfricaImplV1 for Selfrica
let IdentityRegistrySelfricaImplFactory;
// Deploy IdentityRegistryKycImplV1 for KYC
let IdentityRegistryKycImplFactory;
{
IdentityRegistrySelfricaImplFactory = await ethers.getContractFactory("IdentityRegistrySelfricaImplV1", {
IdentityRegistryKycImplFactory = await ethers.getContractFactory("IdentityRegistryKycImplV1", {
libraries: {
PoseidonT3: poseidonT3.target,
},
});
identityRegistrySelfricaImpl = await IdentityRegistrySelfricaImplFactory.connect(owner).deploy();
await identityRegistrySelfricaImpl.waitForDeployment();
identityRegistryKycImpl = await IdentityRegistryKycImplFactory.connect(owner).deploy();
await identityRegistryKycImpl.waitForDeployment();
}
// Deploy IdentityVerificationHubImplV2
@@ -324,18 +323,18 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await identityRegistryAadhaarProxy.waitForDeployment();
}
// Deploy Selfrica registry with temporary hub address and local PCR0Manager
let registrySelfricaInitData, registrySelfricaProxyFactory;
// Deploy Kyc registry with temporary hub address and local PCR0Manager
let registryKycInitData, registryKycProxyFactory;
{
registrySelfricaInitData = identityRegistrySelfricaImpl.interface.encodeFunctionData("initialize", [
registryKycInitData = identityRegistryKycImpl.interface.encodeFunctionData("initialize", [
temporaryHubAddress,
pcr0Manager.target,
]);
registrySelfricaProxyFactory = await ethers.getContractFactory("IdentityRegistry");
identityRegistrySelfricaProxy = await registrySelfricaProxyFactory
registryKycProxyFactory = await ethers.getContractFactory("IdentityRegistry");
identityRegistryKycProxy = await registryKycProxyFactory
.connect(owner)
.deploy(identityRegistrySelfricaImpl.target, registrySelfricaInitData);
await identityRegistrySelfricaProxy.waitForDeployment();
.deploy(identityRegistryKycImpl.target, registryKycInitData);
await identityRegistryKycProxy.waitForDeployment();
}
// Deploy hub V2 with simple initialization (V2 has different initialization)
@@ -374,17 +373,17 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await updateAadhaarHubTx.wait();
}
let registrySelfricaContract, updateSelfricaHubTx;
let registryKycContract, updateKycHubTx;
{
registrySelfricaContract = await ethers.getContractAt(
"IdentityRegistrySelfricaImplV1",
identityRegistrySelfricaProxy.target,
registryKycContract = await ethers.getContractAt(
"IdentityRegistryKycImplV1",
identityRegistryKycProxy.target,
);
updateSelfricaHubTx = await registrySelfricaContract.updateHub(identityVerificationHubV2.target);
await updateSelfricaHubTx.wait();
updateKycHubTx = await registryKycContract.updateHub(identityVerificationHubV2.target);
await updateKycHubTx.wait();
// Configure GCP JWT verifier for Selfrica
await registrySelfricaContract.updateGCPJWTVerifier(gcpJwtVerifier.target);
// Configure GCP JWT verifier for Kyc
await registryKycContract.updateGCPJWTVerifier(gcpJwtVerifier.target);
}
let hubContract;
@@ -412,8 +411,8 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
nameAndYob_smt,
nameDobAadhar_smt,
nameYobAadhar_smt,
nameAndDob_selfrica_smt,
nameAndYob_selfrica_smt,
nameAndDob_kyc_smt,
nameAndYob_kyc_smt,
} = getSMTs();
// Update passport roots
@@ -429,27 +428,27 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
await registryAadhaarContract.updateNameAndDobOfacRoot(nameDobAadhar_smt.root, { from: owner });
await registryAadhaarContract.updateNameAndYobOfacRoot(nameYobAadhar_smt.root, { from: owner });
// Update Selfrica roots
await registrySelfricaContract.updateNameAndDobOfacRoot(nameAndDob_selfrica_smt.root, { from: owner });
await registrySelfricaContract.updateNameAndYobOfacRoot(nameAndYob_selfrica_smt.root, { from: owner });
// Update Kyc roots
await registryKycContract.updateNameAndDobOfacRoot(nameAndDob_kyc_smt.root, { from: owner });
await registryKycContract.updateNameAndYobOfacRoot(nameAndYob_kyc_smt.root, { from: owner });
// Register verifiers with the hub
const E_PASSPORT = ethers.hexlify(ethers.zeroPadValue(ethers.toBeHex(1), 32));
const EU_ID_CARD = ethers.hexlify(ethers.zeroPadValue(ethers.toBeHex(2), 32));
const AADHAAR = ethers.hexlify(ethers.zeroPadValue(ethers.toBeHex(3), 32));
const SELFRICA = ethers.hexlify(ethers.zeroPadValue(ethers.toBeHex(4), 32));
const Kyc = ethers.hexlify(ethers.zeroPadValue(ethers.toBeHex(4), 32));
// Update registries in the hub
await hubContract.updateRegistry(E_PASSPORT, identityRegistryProxy.target);
await hubContract.updateRegistry(EU_ID_CARD, identityRegistryIdProxy.target);
await hubContract.updateRegistry(AADHAAR, identityRegistryAadhaarProxy.target);
await hubContract.updateRegistry(SELFRICA, identityRegistrySelfricaProxy.target);
await hubContract.updateRegistry(Kyc, identityRegistryKycProxy.target);
// Update VC and Disclose verifiers
await hubContract.updateVcAndDiscloseCircuit(E_PASSPORT, vcAndDiscloseVerifier.target);
await hubContract.updateVcAndDiscloseCircuit(EU_ID_CARD, vcAndDiscloseIdVerifier.target);
await hubContract.updateVcAndDiscloseCircuit(AADHAAR, vcAndDiscloseAadhaarVerifier.target);
await hubContract.updateVcAndDiscloseCircuit(SELFRICA, vcAndDiscloseSelfricaVerifier.target);
await hubContract.updateVcAndDiscloseCircuit(Kyc, vcAndDiscloseKycVerifier.target);
// Update register verifiers
await hubContract.updateRegisterCircuitVerifier(
@@ -463,7 +462,7 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
registerIdVerifier.target,
);
await hubContract.updateRegisterCircuitVerifier(AADHAAR, 0, registerAadhaarVerifier.target);
await hubContract.updateRegisterCircuitVerifier(SELFRICA, 0, registerSelfricaVerifier.target);
await hubContract.updateRegisterCircuitVerifier(Kyc, 0, registerKycVerifier.target);
// Update DSC verifiers
await hubContract.updateDscVerifier(E_PASSPORT, DscVerifierId.dsc_sha256_rsa_65537_4096, dscVerifier.target);
@@ -487,12 +486,12 @@ export async function deploySystemFixturesV2(): Promise<DeployedActorsV2> {
registryId: registryIdContract,
registryAadhaarImpl: identityRegistryAadhaarImpl,
registryAadhaar: registryAadhaarContract,
registrySelfrica: registrySelfricaContract,
registrySelfricaImpl: identityRegistrySelfricaImpl,
registryKyc: registryKycContract,
registryKycImpl: identityRegistryKycImpl,
vcAndDisclose: vcAndDiscloseVerifier,
vcAndDiscloseId: vcAndDiscloseIdVerifier,
vcAndDiscloseAadhaar: vcAndDiscloseAadhaarVerifier,
vcAndDiscloseSelfrica: vcAndDiscloseSelfricaVerifier,
vcAndDiscloseKyc: vcAndDiscloseKycVerifier,
aadhaarPubkey: aadhaarPubkeyCommitment,
register: registerVerifier,
registerId: RegisterVerifierId.register_sha256_sha256_sha256_rsa_65537_4096,

26
contracts/test/utils/generateProof.ts
View File

@@ -86,8 +86,8 @@ const vcAndDiscloseCircuitsAadhaar: CircuitArtifacts = {
},
};
const vcAndDiscloseCircuitsSelfrica: CircuitArtifacts = {
vc_and_disclose_selfrica: {
const vcAndDiscloseCircuitsKyc: CircuitArtifacts = {
vc_and_disclose_kyc: {
wasm: "../circuits/build/disclose/vc_and_disclose_kyc/vc_and_disclose_kyc_js/vc_and_disclose_kyc.wasm",
zkey: "../circuits/build/disclose/vc_and_disclose_kyc/vc_and_disclose_kyc_final.zkey",
vkey: "../circuits/build/disclose/vc_and_disclose_kyc/vc_and_disclose_kyc_vkey.json",
@@ -206,7 +206,7 @@ export async function generateRegisterAadhaarProof(
return fixedProof;
}
export async function generateRegisterSelfricaProof(
export async function generateRegisterKycProof(
secret: string,
//return type of prepareAadhaarTestData
inputs: Awaited<ReturnType<typeof generateMockKycRegisterInput>>,
@@ -529,11 +529,11 @@ export async function generateVcAndDiscloseAadhaarProof(
return fixedProof;
}
export async function generateVcAndDiscloseSelfricaProof(
export async function generateVcAndDiscloseKycProof(
inputs: ReturnType<typeof generateKycDiscloseInput>,
): Promise<GenericProofStructStruct> {
const circuitName = "vc_and_disclose_selfrica";
const circuitArtifacts = vcAndDiscloseCircuitsSelfrica;
const circuitName = "vc_and_disclose_kyc";
const circuitArtifacts = vcAndDiscloseCircuitsKyc;
const artifactKey = circuitName;
const vcAndDiscloseProof = await groth16.fullProve(
@@ -545,7 +545,7 @@ export async function generateVcAndDiscloseSelfricaProof(
const vKey = JSON.parse(fs.readFileSync(circuitArtifacts[artifactKey].vkey, "utf8"));
const isValid = await groth16.verify(vKey, vcAndDiscloseProof.publicSignals, vcAndDiscloseProof.proof);
if (!isValid) {
throw new Error("Generated VC and Disclose Selfrica proof verification failed");
throw new Error("Generated VC and Disclose KYC proof verification failed");
}
const rawCallData = await groth16.exportSolidityCallData(vcAndDiscloseProof.proof, vcAndDiscloseProof.publicSignals);
@@ -589,11 +589,11 @@ export function getSMTs() {
) as typeof SMT;
const nameAndDob_id_smt = importSMTFromJsonFile("../circuits/tests/consts/ofac/nameAndDobSMT_ID.json") as typeof SMT;
const nameAndYob_id_smt = importSMTFromJsonFile("../circuits/tests/consts/ofac/nameAndYobSMT_ID.json") as typeof SMT;
const nameAndDob_selfrica_smt = importSMTFromJsonFile(
"../circuits/tests/consts/ofac/nameAndDobSelfricaSMT.json",
const nameAndDob_kyc_smt = importSMTFromJsonFile(
"../circuits/tests/consts/ofac/nameAndDobKycSMT.json",
) as typeof SMT;
const nameAndYob_selfrica_smt = importSMTFromJsonFile(
"../circuits/tests/consts/ofac/nameAndYobSelfricaSMT.json",
const nameAndYob_kyc_smt = importSMTFromJsonFile(
"../circuits/tests/consts/ofac/nameAndYobKycSMT.json",
) as typeof SMT;
return {
@@ -604,8 +604,8 @@ export function getSMTs() {
nameAndYob_id_smt,
nameDobAadhar_smt,
nameYobAadhar_smt,
nameAndDob_selfrica_smt,
nameAndYob_selfrica_smt,
nameAndDob_kyc_smt,
nameAndYob_kyc_smt,
};
}

12
contracts/test/utils/types.ts
View File

@@ -10,12 +10,11 @@ import {
IdentityRegistry,
IdentityRegistryImplV1,
IdentityRegistryIdCardImplV1,
IdentityRegistrySelfricaImplV1,
TestSelfVerificationRoot,
Verifier_vc_and_disclose_staging as LocalVerifier,
Verifier_vc_and_disclose_id_staging as LocalIdCardVerifier,
Verifier_vc_and_disclose_aadhaar_staging as LocalAadhaarVerifier,
Verifier_vc_and_disclose_selfrica_staging as LocalSelfricaVerifier,
Verifier_vc_and_disclose_kyc_staging as LocalKycVerifier,
Verifier_vc_and_disclose as ProdVerifier,
Verifier_vc_and_disclose_id as ProdIdCardVerifier,
Verifier_register_sha256_sha256_sha256_rsa_65537_4096 as ProdRegisterVerifier,
@@ -25,7 +24,7 @@ import {
Verifier_dsc_sha256_rsa_65537_4096 as ProdDscVerifier,
Verifier_dsc_sha256_rsa_65537_4096_staging as LocalDscVerifier,
IIdentityVerificationHubV1,
IVcAndDiscloseSelfricaCircuitVerifier,
IVcAndDiscloseKycCircuitVerifier,
IVcAndDiscloseAadhaarCircuitVerifier,
IIdentityVerificationHubV2,
IIdentityRegistryIdCardV1,
@@ -35,6 +34,7 @@ import {
IVcAndDiscloseCircuitVerifier,
IdentityRegistryAadhaarImplV1,
PCR0Manager,
IdentityRegistryKycImplV1,
} from "../../typechain-types";
import { DscVerifierId, RegisterVerifierId } from "@selfxyz/common";
@@ -82,11 +82,11 @@ export interface DeployedActorsV2 {
registryId: IdentityRegistryIdCardImplV1;
registryAadhaarImpl: IdentityRegistryAadhaarImplV1;
registryAadhaar: IdentityRegistryAadhaarImplV1;
registrySelfrica: IdentityRegistrySelfricaImplV1;
registrySelfricaImpl: IdentityRegistrySelfricaImplV1;
registryKyc: IdentityRegistryKycImplV1;
registryKycImpl: IdentityRegistryKycImplV1;
vcAndDisclose: VcAndDiscloseVerifier;
vcAndDiscloseAadhaar: LocalAadhaarVerifier;
vcAndDiscloseSelfrica: LocalSelfricaVerifier;
vcAndDiscloseKyc: LocalKycVerifier;
aadhaarPubkey: bigint;
vcAndDiscloseId: VcAndDiscloseIdVerifier;
register: RegisterVerifier;

30
contracts/test/v2/discloseKyc.test.ts
View File

@@ -14,15 +14,15 @@ import { generateKycDiscloseInput } from "@selfxyz/common";
import { getSMTs } from "../utils/generateProof";
import { getPackedForbiddenCountries } from "@selfxyz/common/utils/contracts/forbiddenCountries";
import { BigNumberish } from "ethers";
import { generateVcAndDiscloseSelfricaProof } from "../utils/generateProof";
import { generateVcAndDiscloseKycProof } from "../utils/generateProof";
import { KYC_ATTESTATION_ID } from "@selfxyz/common/constants/constants";
import { poseidon2 } from "poseidon-lite";
// Selfrica circuit indices - matches CircuitConstantsV2.getDiscloseIndices(SELFRICA_ID_CARD)
// KYC circuit indices - matches CircuitConstantsV2.getDiscloseIndices(KYC_ID_CARD)
// See CircuitConstantsV2.sol for full layout documentation
const SELFRICA_CURRENT_DATE_INDEX = 21;
const KYC_CURRENT_DATE_INDEX = 21;
describe("Self Verification Flow V2 - Selfrica", () => {
describe("Self Verification Flow V2 - KYC", () => {
let deployedActors: DeployedActorsV2;
let snapshotId: string;
let nullifier: any;
@@ -51,8 +51,8 @@ describe("Self Verification Flow V2 - Selfrica", () => {
const userData = "test-user-data-for-verification";
userIdentifierHash = BigInt(calculateUserIdentifierHash(destChainId, user1Address.slice(2), userData).toString());
nameAndDob_smt = getSMTs().nameAndDob_selfrica_smt;
nameAndYob_smt = getSMTs().nameAndYob_selfrica_smt;
nameAndDob_smt = getSMTs().nameAndDob_kyc_smt;
nameAndYob_smt = getSMTs().nameAndYob_kyc_smt;
const hashFunction = (a: bigint, b: bigint) => poseidon2([a, b]);
const LeanIMT = await import("@openpassport/zk-kit-lean-imt").then((mod) => mod.LeanIMT);
@@ -78,7 +78,7 @@ describe("Self Verification Flow V2 - Selfrica", () => {
nullifier = packBytesAndPoseidon(nullifier);
const commitment = poseidon2([BigInt(testInputs.secret), packBytesAndPoseidon(dataPadded)]);
await deployedActors.registrySelfrica.devAddIdentityCommitment(nullifier, commitment);
await deployedActors.registryKyc.devAddIdentityCommitment(nullifier, commitment);
forbiddenCountriesList = [] as Country3LetterCode[];
forbiddenCountriesListPacked = getPackedForbiddenCountries(forbiddenCountriesList);
@@ -97,7 +97,7 @@ describe("Self Verification Flow V2 - Selfrica", () => {
};
await deployedActors.testSelfVerificationRoot.setVerificationConfig(verificationConfigV2);
baseVcAndDiscloseProof = await generateVcAndDiscloseSelfricaProof(testInputs);
baseVcAndDiscloseProof = await generateVcAndDiscloseKycProof(testInputs);
snapshotId = await ethers.provider.send("evm_snapshot", []);
});
@@ -302,7 +302,7 @@ describe("Self Verification Flow V2 - Selfrica", () => {
const attestationId = ethers.zeroPadValue(ethers.toBeHex(BigInt(KYC_ATTESTATION_ID)), 32);
const clonedPubSignal = structuredClone(baseVcAndDiscloseProof.pubSignals);
// scopeIndex for Selfrica is 16
// scopeIndex for KYC is 16
clonedPubSignal[16] = 1n;
const encodedProof = ethers.AbiCoder.defaultAbiCoder().encode(
@@ -348,7 +348,7 @@ describe("Self Verification Flow V2 - Selfrica", () => {
const attestationId = ethers.zeroPadValue(ethers.toBeHex(BigInt(KYC_ATTESTATION_ID)), 32);
const clonedPubSignal = structuredClone(baseVcAndDiscloseProof.pubSignals);
// userIdentifierIndex for Selfrica is 20
// userIdentifierIndex for KYC is 20
clonedPubSignal[20] = 1n;
const encodedProof = ethers.AbiCoder.defaultAbiCoder().encode(
@@ -395,8 +395,8 @@ describe("Self Verification Flow V2 - Selfrica", () => {
const clonedPubSignal = structuredClone(baseVcAndDiscloseProof.pubSignals);
// Modify current date at the correct index using BigInt for safe arithmetic
const currentDateValue = BigInt(clonedPubSignal[SELFRICA_CURRENT_DATE_INDEX]);
clonedPubSignal[SELFRICA_CURRENT_DATE_INDEX] = (currentDateValue + 2n).toString();
const currentDateValue = BigInt(clonedPubSignal[KYC_CURRENT_DATE_INDEX]);
clonedPubSignal[KYC_CURRENT_DATE_INDEX] = (currentDateValue + 2n).toString();
const encodedProof = ethers.AbiCoder.defaultAbiCoder().encode(
["tuple(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[] pubSignals)"],
@@ -443,8 +443,8 @@ describe("Self Verification Flow V2 - Selfrica", () => {
const clonedPubSignal = structuredClone(baseVcAndDiscloseProof.pubSignals);
// Modify current date at the correct index using BigInt for safe arithmetic
const currentDateValue = BigInt(clonedPubSignal[SELFRICA_CURRENT_DATE_INDEX]);
clonedPubSignal[SELFRICA_CURRENT_DATE_INDEX] = (currentDateValue - 1n).toString();
const currentDateValue = BigInt(clonedPubSignal[KYC_CURRENT_DATE_INDEX]);
clonedPubSignal[KYC_CURRENT_DATE_INDEX] = (currentDateValue - 1n).toString();
const encodedProof = ethers.AbiCoder.defaultAbiCoder().encode(
["tuple(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[] pubSignals)"],
@@ -733,7 +733,7 @@ describe("Self Verification Flow V2 - Selfrica", () => {
KYC_ATTESTATION_ID,
);
const newProof = await generateVcAndDiscloseSelfricaProof(inputs);
const newProof = await generateVcAndDiscloseKycProof(inputs);
const attestationId = ethers.zeroPadValue(ethers.toBeHex(BigInt(KYC_ATTESTATION_ID)), 32);
const encodedProof = ethers.AbiCoder.defaultAbiCoder().encode(
["tuple(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[] pubSignals)"],

82
contracts/test/v2/registerKyc.test.ts
View File

@@ -3,7 +3,7 @@ import { deploySystemFixturesV2 } from "../utils/deploymentV2";
import { DeployedActorsV2 } from "../utils/types";
import { KYC_ATTESTATION_ID } from "@selfxyz/common/constants/constants";
import { generateMockKycRegisterInput } from "@selfxyz/common/utils/kyc/generateInputs";
import { generateRegisterSelfricaProof } from "../utils/generateProof";
import { generateRegisterKycProof } from "../utils/generateProof";
import { expect } from "chai";
function getCurrentDateDigitsYYMMDDHHMMSS(hoursOffset: number = 0): bigint[] {
@@ -46,7 +46,7 @@ function packUint256ToHexFields(value: bigint): [bigint, bigint, bigint] {
return [p0, p1, p2];
}
describe("Selfrica Registration test", function () {
describe("KYC Registration test", function () {
this.timeout(0);
let deployedActors: DeployedActorsV2;
@@ -60,10 +60,10 @@ describe("Selfrica Registration test", function () {
attestationIdBytes32 = ethers.zeroPadValue(ethers.toBeHex(BigInt(KYC_ATTESTATION_ID)), 32);
// Set the owner as the TEE for all tests
await deployedActors.registrySelfrica.updateTEE(await deployedActors.owner.getAddress());
await deployedActors.registryKyc.updateTEE(await deployedActors.owner.getAddress());
// Set the GCP root CA pubkey hash
await deployedActors.registrySelfrica.updateGCPRootCAPubkeyHash(GCP_ROOT_CA_PUBKEY_HASH);
await deployedActors.registryKyc.updateGCPRootCAPubkeyHash(GCP_ROOT_CA_PUBKEY_HASH);
console.log("🎉 System deployment and initial setup completed!");
});
@@ -77,7 +77,7 @@ describe("Selfrica Registration test", function () {
});
describe("Identity Commitment", () => {
let selfricaData: any;
let kycData: any;
let registerProof: any;
let registerSecret: string;
let mockVerifier: any;
@@ -87,14 +87,14 @@ describe("Selfrica Registration test", function () {
before(async () => {
registerSecret = "12345";
selfricaData = await generateMockKycRegisterInput(undefined, true, registerSecret);
registerProof = await generateRegisterSelfricaProof(registerSecret, selfricaData);
kycData = await generateMockKycRegisterInput(undefined, true, registerSecret);
registerProof = await generateRegisterKycProof(registerSecret, kycData);
// Deploy and set mock GCP JWT verifier
const MockVerifierFactory = await ethers.getContractFactory("MockGCPJWTVerifier");
mockVerifier = await MockVerifierFactory.deploy();
await mockVerifier.waitForDeployment();
await deployedActors.registrySelfrica.updateGCPJWTVerifier(mockVerifier.target);
await deployedActors.registryKyc.updateGCPJWTVerifier(mockVerifier.target);
// Get the pubkey commitment from the register proof and pack as hex
const pubkeyCommitment = registerProof.pubSignals[registerProof.pubSignals.length - 2];
@@ -145,7 +145,7 @@ describe("Selfrica Registration test", function () {
});
it("should successfully register an identity commitment", async () => {
await deployedActors.registrySelfrica.registerPubkeyCommitment(
await deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
@@ -153,11 +153,11 @@ describe("Selfrica Registration test", function () {
);
await expect(deployedActors.hub.registerCommitment(attestationIdBytes32, 0n, registerProof)).to.emit(
deployedActors.registrySelfrica,
deployedActors.registryKyc,
"CommitmentRegistered",
);
const isRegistered = await deployedActors.registrySelfrica.nullifiers(registerProof.pubSignals[0]);
const isRegistered = await deployedActors.registryKyc.nullifiers(registerProof.pubSignals[0]);
expect(isRegistered).to.be.true;
});
@@ -168,7 +168,7 @@ describe("Selfrica Registration test", function () {
});
it("should not register an identity commitment if the proof is invalid", async () => {
await deployedActors.registrySelfrica.registerPubkeyCommitment(
await deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
@@ -229,21 +229,21 @@ describe("Selfrica Registration test", function () {
};
it("should have correct GCP root CA pubkey hash", async () => {
const contractHash = await deployedActors.registrySelfrica.gcpRootCAPubkeyHash();
const contractHash = await deployedActors.registryKyc.gcpRootCAPubkeyHash();
expect(contractHash).to.equal(GCP_ROOT_CA_PUBKEY_HASH);
});
it("should allow owner to update GCP root CA pubkey hash", async () => {
const newHash = 12345n;
await deployedActors.registrySelfrica.updateGCPRootCAPubkeyHash(newHash);
const contractHash = await deployedActors.registrySelfrica.gcpRootCAPubkeyHash();
await deployedActors.registryKyc.updateGCPRootCAPubkeyHash(newHash);
const contractHash = await deployedActors.registryKyc.gcpRootCAPubkeyHash();
expect(contractHash).to.equal(newHash);
});
it("should not allow non-owner to update GCP root CA pubkey hash", async () => {
await expect(
deployedActors.registrySelfrica.connect(deployedActors.user1).updateGCPRootCAPubkeyHash(12345n),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "AccessControlUnauthorizedAccount");
deployedActors.registryKyc.connect(deployedActors.user1).updateGCPRootCAPubkeyHash(12345n),
).to.be.revertedWithCustomError(deployedActors.registryKyc, "AccessControlUnauthorizedAccount");
});
it("should fail with INVALID_IMAGE when image hash not in PCR0Manager", async () => {
@@ -259,21 +259,21 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(mockProof.a, mockProof.b, mockProof.c, mockPubSignals),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_IMAGE");
deployedActors.registryKyc.registerPubkeyCommitment(mockProof.a, mockProof.b, mockProof.c, mockPubSignals),
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_IMAGE");
});
it("should not allow non-owner to update GCP JWT verifier", async () => {
await expect(
deployedActors.registrySelfrica
deployedActors.registryKyc
.connect(deployedActors.user1)
.updateGCPJWTVerifier(ethers.Wallet.createRandom().address),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "AccessControlUnauthorizedAccount");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "AccessControlUnauthorizedAccount");
});
it("should allow owner to update GCP JWT verifier", async () => {
const newVerifier = ethers.Wallet.createRandom().address;
await deployedActors.registrySelfrica.updateGCPJWTVerifier(newVerifier);
await deployedActors.registryKyc.updateGCPJWTVerifier(newVerifier);
});
describe("TEE Access Control", () => {
@@ -290,28 +290,28 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica
deployedActors.registryKyc
.connect(deployedActors.user1)
.registerPubkeyCommitment(mockProof.a, mockProof.b, mockProof.c, mockPubSignals),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "ONLY_TEE_CAN_ACCESS");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "ONLY_TEE_CAN_ACCESS");
});
it("should not allow non-owner to update TEE", async () => {
await expect(
deployedActors.registrySelfrica.connect(deployedActors.user1).updateTEE(ethers.Wallet.createRandom().address),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "AccessControlUnauthorizedAccount");
deployedActors.registryKyc.connect(deployedActors.user1).updateTEE(ethers.Wallet.createRandom().address),
).to.be.revertedWithCustomError(deployedActors.registryKyc, "AccessControlUnauthorizedAccount");
});
it("should allow owner to update TEE", async () => {
const newTee = ethers.Wallet.createRandom().address;
await deployedActors.registrySelfrica.updateTEE(newTee);
expect(await deployedActors.registrySelfrica.tee()).to.equal(newTee);
await deployedActors.registryKyc.updateTEE(newTee);
expect(await deployedActors.registryKyc.tee()).to.equal(newTee);
});
it("should fail with TEE_NOT_SET when TEE address is zero", async () => {
// Deploy minimal fresh registry to test uninitialized TEE state
const freshImpl = await (
await ethers.getContractFactory("IdentityRegistrySelfricaImplV1", {
await ethers.getContractFactory("IdentityRegistryKycImplV1", {
libraries: { PoseidonT3: deployedActors.poseidonT3.target },
})
).deploy();
@@ -324,7 +324,7 @@ describe("Selfrica Registration test", function () {
await ethers.getContractFactory("IdentityRegistry")
).deploy(freshImpl.target, initData);
const freshRegistry = await ethers.getContractAt("IdentityRegistrySelfricaImplV1", freshProxy.target);
const freshRegistry = await ethers.getContractAt("IdentityRegistryKycImplV1", freshProxy.target);
await freshRegistry.updateGCPJWTVerifier(deployedActors.gcpJwtVerifier.target);
const mockPubSignals: bigint[] = [
@@ -373,13 +373,13 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(
deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
mockPubSignalsPast,
),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_TIMESTAMP");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_TIMESTAMP");
// Create a timestamp 2 hours in the future (more than 1 hour threshold)
const nextHourDate = getCurrentDateDigitsYYMMDDHHMMSS(2);
@@ -396,13 +396,13 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(
deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
mockPubSignalsFuture,
),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_TIMESTAMP");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_TIMESTAMP");
});
});
@@ -413,7 +413,7 @@ describe("Selfrica Registration test", function () {
const MockVerifierFactory = await ethers.getContractFactory("MockGCPJWTVerifier");
mockVerifier = await MockVerifierFactory.deploy();
await mockVerifier.waitForDeployment();
await deployedActors.registrySelfrica.updateGCPJWTVerifier(mockVerifier.target);
await deployedActors.registryKyc.updateGCPJWTVerifier(mockVerifier.target);
});
afterEach(async () => {
@@ -434,13 +434,13 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(
deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
mockPubSignals,
),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_PROOF");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_PROOF");
});
it("should fail with INVALID_ROOT_CA when root CA hash does not match", async () => {
@@ -456,13 +456,13 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(
deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
mockPubSignals,
),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_ROOT_CA");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_ROOT_CA");
});
it("should fail with INVALID_IMAGE when image hash not in PCR0Manager", async () => {
@@ -478,13 +478,13 @@ describe("Selfrica Registration test", function () {
];
await expect(
deployedActors.registrySelfrica.registerPubkeyCommitment(
deployedActors.registryKyc.registerPubkeyCommitment(
mockProof.a,
mockProof.b,
mockProof.c,
mockPubSignals,
),
).to.be.revertedWithCustomError(deployedActors.registrySelfrica, "INVALID_IMAGE");
).to.be.revertedWithCustomError(deployedActors.registryKyc, "INVALID_IMAGE");
});
});
});