diff --git a/common/src/utils/circuits/formatOutputs.ts b/common/src/utils/circuits/formatOutputs.ts index a74a81029..c547dea32 100644 --- a/common/src/utils/circuits/formatOutputs.ts +++ b/common/src/utils/circuits/formatOutputs.ts @@ -1,5 +1,5 @@ import { attributeToPosition } from '../../constants/constants'; -import { DisclosureOptions } from '../appType'; +import { SelfAppDisclosureConfig } from '../appType'; /*** OpenPassport Attestation ***/ export function formatForbiddenCountriesListFromCircuitOutput( @@ -103,7 +103,7 @@ export function revealBitmapFromMapping(attributeToReveal: { [key: string]: stri return reveal_bitmap; } -export function revealBitmapFromAttributes(disclosureOptions: DisclosureOptions): string[] { +export function revealBitmapFromAttributes(disclosureOptions: SelfAppDisclosureConfig): string[] { const reveal_bitmap = Array(88).fill('0'); Object.entries(disclosureOptions).forEach(([attribute, { enabled }]) => { diff --git a/common/src/utils/selfAttestation.ts b/common/src/utils/selfAttestation.ts index 680db287a..562d73aad 100644 --- a/common/src/utils/selfAttestation.ts +++ b/common/src/utils/selfAttestation.ts @@ -17,7 +17,6 @@ export interface SelfVerificationResult { credentialSubject: { merkle_root?: string; attestation_id?: string; - targetRootTimestamp?: string; current_date?: string; issuing_state?: string; name?: string; diff --git a/contracts/contracts/sdk/VerifyAll.sol b/contracts/contracts/sdk/VerifyAll.sol index eded8ef56..965e81a68 100644 --- a/contracts/contracts/sdk/VerifyAll.sol +++ b/contracts/contracts/sdk/VerifyAll.sol @@ -11,8 +11,8 @@ import {CircuitConstants} from "../constants/CircuitConstants.sol"; /// @dev This contract interacts with IdentityVerificationHub and IdentityRegistry contract VerifyAll is Ownable { - IIdentityVerificationHubV1 _hub; - IIdentityRegistryV1 _registry; + IIdentityVerificationHubV1 public _hub; + IIdentityRegistryV1 public _registry; /// @notice Initializes the contract with hub and registry addresses /// @param hub The address of the IdentityVerificationHub contract diff --git a/contracts/ignition/modules/deployHub.ts b/contracts/ignition/modules/deployHub.ts index f8b103bfe..027e8d84b 100644 --- a/contracts/ignition/modules/deployHub.ts +++ b/contracts/ignition/modules/deployHub.ts @@ -3,6 +3,7 @@ import { artifacts, ethers } from "hardhat"; import hre from "hardhat"; import fs from "fs"; import path from "path"; +import { RegisterVerifierId, DscVerifierId } from "../../../common/src/constants/constants"; function getHubInitializeData() { const hubArtifact = artifacts.readArtifactSync("IdentityVerificationHubImplV1"); @@ -28,9 +29,15 @@ export default buildModule("DeployHub", (m) => { const initializeData = hubInterface.encodeFunctionData("initialize", [ registryAddress, vcAndDiscloseVerifierAddress, - ["4", "7", "0"], + [ + RegisterVerifierId.register_sha1_sha256_sha256_rsa_65537_4096, + RegisterVerifierId.register_sha256_sha256_sha256_ecdsa_brainpoolP256r1, + RegisterVerifierId.register_sha256_sha256_sha256_rsa_65537_4096 + ], [registerVerifierAddress, registerVerifierAddress2, registerVerifierAddress3], - ["1"], + [ + DscVerifierId.dsc_sha256_rsa_65537_4096 + ], [dscVerifierAddress] ]); diff --git a/contracts/ignition/modules/deployVerifyAll.ts b/contracts/ignition/modules/deployVerifyAll.ts index 5263eec43..fcebba8bb 100644 --- a/contracts/ignition/modules/deployVerifyAll.ts +++ b/contracts/ignition/modules/deployVerifyAll.ts @@ -10,6 +10,8 @@ export default buildModule("DeployVerifyAll", (m) => { const deployedAddresses = JSON.parse(fs.readFileSync(deployedAddressesPath, "utf8")); const hubAddress = deployedAddresses["DeployHub#IdentityVerificationHub"]; const registryAddress = deployedAddresses["DeployRegistryModule#IdentityRegistry"]; + // const hubAddress = "0x1Fe004D984a6Caba2a3849A4a20BAA08350e91CB"; + // const registryAddress = "0x537F2fd23A0432887F32414001Cc7572260544B1"; const verifyAll = m.contract("VerifyAll", [hubAddress, registryAddress]); return { diff --git a/contracts/test/example/airdrop.test.ts b/contracts/test/example/airdrop.test.ts index 82caeca00..bd5fdbece 100644 --- a/contracts/test/example/airdrop.test.ts +++ b/contracts/test/example/airdrop.test.ts @@ -2,7 +2,7 @@ import { expect } from "chai"; import { deploySystemFixtures } from "../utils/deployment"; import { DeployedActors } from "../utils/types"; import { ethers } from "hardhat"; -import { CIRCUIT_CONSTANTS } from "../utils/constants"; +import { CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; import { ATTESTATION_ID } from "../utils/constants"; import {generateVcAndDiscloseProof } from "../utils/generateProof"; import { LeanIMT } from "@openpassport/zk-kit-lean-imt"; diff --git a/contracts/test/integration/commitmentRegistration.test.ts b/contracts/test/integration/commitmentRegistration.test.ts index 3799b883e..74461fa17 100644 --- a/contracts/test/integration/commitmentRegistration.test.ts +++ b/contracts/test/integration/commitmentRegistration.test.ts @@ -2,8 +2,7 @@ import { expect } from "chai"; import { deploySystemFixtures } from "../utils/deployment"; import { DeployedActors } from "../utils/types"; import { ethers } from "hardhat"; -import { CIRCUIT_CONSTANTS } from "../utils/constants"; -import { RegisterVerifierId, DscVerifierId } from "../../../common/src/constants/constants"; +import { RegisterVerifierId, DscVerifierId, CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; import { ATTESTATION_ID } from "../utils/constants"; import { generateRegisterProof, generateDscProof } from "../utils/generateProof"; import { generateRandomFieldElement } from "../utils/utils"; diff --git a/contracts/test/integration/endToEnd.test.ts b/contracts/test/integration/endToEnd.test.ts index d430a061f..084110936 100644 --- a/contracts/test/integration/endToEnd.test.ts +++ b/contracts/test/integration/endToEnd.test.ts @@ -2,8 +2,7 @@ import { expect } from "chai"; import { deploySystemFixtures } from "../utils/deployment"; import { DeployedActors } from "../utils/types"; import { ethers } from "hardhat"; -import { CIRCUIT_CONSTANTS } from "../utils/constants"; -import { RegisterVerifierId, DscVerifierId } from "../../../common/src/constants/constants"; +import { RegisterVerifierId, DscVerifierId, CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; import { ATTESTATION_ID } from "../utils/constants"; import { generateRegisterProof, generateDscProof, generateVcAndDiscloseProof } from "../utils/generateProof"; import { generateRandomFieldElement } from "../utils/utils"; diff --git a/contracts/test/integration/vcAndDisclose.test.ts b/contracts/test/integration/vcAndDisclose.test.ts index bc5f75812..96b12d37c 100644 --- a/contracts/test/integration/vcAndDisclose.test.ts +++ b/contracts/test/integration/vcAndDisclose.test.ts @@ -2,7 +2,7 @@ import { expect } from "chai"; import { deploySystemFixtures } from "../utils/deployment"; import { DeployedActors } from "../utils/types"; import { ethers } from "hardhat"; -import { CIRCUIT_CONSTANTS } from "../utils/constants"; +import { CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; import { ATTESTATION_ID } from "../utils/constants"; import { generateVcAndDiscloseProof, getSMTs } from "../utils/generateProof"; import { LeanIMT } from "@openpassport/zk-kit-lean-imt"; diff --git a/contracts/test/integration/verifyAll.test.ts b/contracts/test/integration/verifyAll.test.ts index 87937d001..447df7de2 100644 --- a/contracts/test/integration/verifyAll.test.ts +++ b/contracts/test/integration/verifyAll.test.ts @@ -4,7 +4,8 @@ import { deploySystemFixtures } from "../utils/deployment"; import { DeployedActors } from "../utils/types"; import { generateRandomFieldElement } from "../utils/utils"; import { generateCommitment } from "../../../common/src/utils/passports/passport"; -import { ATTESTATION_ID, CIRCUIT_CONSTANTS } from "../utils/constants"; +import { ATTESTATION_ID } from "../utils/constants"; +import { CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; import { LeanIMT } from "@openpassport/zk-kit-lean-imt"; import { poseidon2 } from "poseidon-lite"; import { generateVcAndDiscloseProof, parseSolidityCalldata } from "../utils/generateProof"; diff --git a/contracts/test/sdk/sdkCore.test.ts b/contracts/test/sdk/sdkCore.test.ts index f91175c9b..d0e7e949d 100644 --- a/contracts/test/sdk/sdkCore.test.ts +++ b/contracts/test/sdk/sdkCore.test.ts @@ -4,7 +4,8 @@ // import { DeployedActors } from "../utils/types"; // import { generateRandomFieldElement } from "../utils/utils"; // import { generateCommitment } from "../../../common/src/utils/passports/passport"; -// import { ATTESTATION_ID, CIRCUIT_CONSTANTS } from "../utils/constants"; +// import { ATTESTATION_ID } from "../utils/constants"; +// import { CIRCUIT_CONSTANTS } from "../../../common/src/constants/constants"; // import { LeanIMT } from "@openpassport/zk-kit-lean-imt"; // import { poseidon2 } from "poseidon-lite"; // import { generateVcAndDiscloseRawProof, parseSolidityCalldata } from "../utils/generateProof"; diff --git a/contracts/test/utils/constants.ts b/contracts/test/utils/constants.ts index 51cdebc02..85064b954 100644 --- a/contracts/test/utils/constants.ts +++ b/contracts/test/utils/constants.ts @@ -3,27 +3,6 @@ export const ATTESTATION_ID = { E_PASSPORT: "0x0000000000000000000000000000000000000000000000000000000000000001" } -export const CIRCUIT_CONSTANTS = { - REGISTER_NULLIFIER_INDEX: 0, - REGISTER_COMMITMENT_INDEX: 1, - REGISTER_MERKLE_ROOT_INDEX: 2, - - DSC_TREE_LEAF_INDEX: 0, - DSC_CSCA_ROOT_INDEX: 1, - - VC_AND_DISCLOSE_REVEALED_DATA_PACKED_INDEX: 0, - VC_AND_DISCLOSE_FORBIDDEN_COUNTRIES_LIST_PACKED_INDEX: 3, - VC_AND_DISCLOSE_NULLIFIER_INDEX: 4, - VC_AND_DISCLOSE_ATTESTATION_ID_INDEX: 5, - VC_AND_DISCLOSE_MERKLE_ROOT_INDEX: 6, - VC_AND_DISCLOSE_CURRENT_DATE_INDEX: 7, - VC_AND_DISCLOSE_PASSPORT_NO_SMT_ROOT_INDEX: 13, - VC_AND_DISCLOSE_NAME_DOB_SMT_ROOT_INDEX: 14, - VC_AND_DISCLOSE_NAME_YOB_SMT_ROOT_INDEX: 15, - VC_AND_DISCLOSE_SCOPE_INDEX: 16, - VC_AND_DISCLOSE_USER_IDENTIFIER_INDEX: 17, -} - export const FIELD_PRIME = BigInt( "21888242871839275222246405745257275088548364400416034343698204186575808495617" ); \ No newline at end of file diff --git a/sdk/core/README.md b/sdk/core/README.md index fbcaf5052..39d72f692 100644 --- a/sdk/core/README.md +++ b/sdk/core/README.md @@ -1,3 +1,113 @@ +# How to use this SDK +## Install +You can install with this command +``` +npm i @openpassport/core +``` + +## Initialize +You should have CELO_RPC_URL and SCOPE in your environment or somewhere in your code. +```typescript +import { SelfBackendVerifier } from "@openpassport/core"; + +const selfBackendVerifier = new SelfBackendVerifier( + process.env.CELO_RPC_URL as string, + process.env.SCOPE as string, +); +``` +## Setup +You can setup which data you want to verify in this sdk +```typescript +// In default, verification will be done with latest identity commitment root, but if you have some other root in your mind, you can choose with timestamp +selfBackendVerifier.setTargetRootTimestamp(0); +// Set minimum age verification +selfBackendVerifier.setMinimumAge(20); +// Set nationality verification +selfBackendVerifier.setNationality('France') +// Set exclude countries verification +selfBackendVerifier.excludeCountries('Country Name1', 'Country Name2', 'Coutry Name3', 'etc...'); +// Enable if you want to do passport number ofac check +// Default false +selfBackendVerifier.enablePassportNoOfacCheck(); +// Enable if you want to do name and date of birth ofac check +// Default false +selfBackendVerifier.enableNameAndDobOfacCheck(); +// Enable if you want to do name and year of birth ofac check +// Default false +selfBackendVerifier.enableNameAndYobOfacCheck(); +``` + +## Verification +You can do the verification with this +```typescript +const result = await selfBackendVerifier.verify( + request.body.proof, + request.body.publicSignals +); +``` +## Result +Result from the verify function is like this +```typescript +export interface SelfVerificationResult { + // Check if the whole verification is succeeded + isValid: boolean; + isValidDetails: { + // Verifies that the proof is generated under the expected scope. + isValidScope: boolean; + // Checks that the attestation identifier in the proof matches the expected value. + isValidAttestationId: boolean; + // Verifies the cryptographic validity of the proof. + isValidProof: boolean; + // Ensures that the revealed nationality is correct (when nationality verification is enabled). + isValidNationality: boolean; + }; + // User Identifier which is included in the proof + userId: string; + // Application name which is showed as scope + application: string; + // A cryptographic value used to prevent double registration or reuse of the same proof. + nullifier: string; + // Revealed data by users + credentialSubject: { + // Merkle root which is used to generate proof. + merkle_root?: string; + // Proved identity type, for passport this value is fixed as 1. + attestation_id?: string; + // Date when the proof is generated + current_date?: string; + // Revealed issuing state in the passport + issuing_state?: string; + // Revealed name in the passport + name?: string; + // Revealed passport number in the passport + passport_number?: string; + // Revealed nationality in the passport + nationality?: string; + // Revealed date of birth in the passport + date_of_birth?: string; + // Revealed gender in the passport + gender?: string; + // Revealed expiry date in the passport + expiry_date?: string; + // Result of older than + older_than?: string; + // Result of passport number ofac check + passport_no_ofac?: string; + // Result of name and date of birth ofac check + name_and_dob_ofac?: string; + // Result of name and year of birth ofac check + name_and_yob_ofac?: string; + }; + proof: { + // Proof which is used for this verification + value: { + proof: Groth16Proof; + publicSignals: PublicSignals; + }; + }; +} +``` + # When you run the tests First you need to copy the abi files to the sdk/core/src/abi folder. diff --git a/sdk/core/package.json b/sdk/core/package.json index efb795cf3..ec503277f 100644 --- a/sdk/core/package.json +++ b/sdk/core/package.json @@ -1,6 +1,6 @@ { "name": "@openpassport/core", - "version": "0.0.12", + "version": "0.0.18", "repository": { "type": "git", "url": "https://github.com/zk-passport/openpassport" diff --git a/sdk/core/src/SelfBackendVerifier.ts b/sdk/core/src/SelfBackendVerifier.ts index 94a3f0165..e863e4b91 100644 --- a/sdk/core/src/SelfBackendVerifier.ts +++ b/sdk/core/src/SelfBackendVerifier.ts @@ -2,18 +2,26 @@ import { VcAndDiscloseProof } from './types/types'; import { registryAbi } from './abi/IdentityRegistryImplV1'; import { verifyAllAbi } from './abi/VerifyAll'; import { parseSolidityCalldata } from './utils/utils'; +import { REGISTRY_ADDRESS, VERIFYALL_ADDRESS } from './constants/contractAddresses'; import { ethers } from 'ethers'; import { groth16, Groth16Proof, PublicSignals } from 'snarkjs'; -import { countryCodes, countryNames, getCountryCode } from '@common/constants/constants'; -import type { SelfVerificationResult } from '@common/utils/selfAttestation'; -import { castToScope } from '@common/utils/circuits/uuid'; -import { CIRCUIT_CONSTANTS, revealedDataTypes } from '@common/constants/constants'; -import { packForbiddenCountriesList } from '@common/utils/contracts/formatCallData'; +import { + countryCodes, + countryNames, + getCountryCode, +} from '../../../common/src/constants/constants'; +import type { SelfVerificationResult } from '../../../common/src/utils/selfAttestation'; +import { castToScope } from '../../../common/src/utils/circuits/uuid'; +import { CIRCUIT_CONSTANTS, revealedDataTypes } from '../../../common/src/constants/constants'; +import { packForbiddenCountriesList } from '../../../common/src/utils/contracts/formatCallData'; export class SelfBackendVerifier { protected scope: string; protected attestationId: number = 1; - protected targetRootTimestamp: number = 0; + protected targetRootTimestamp: { enabled: boolean; value: number } = { + enabled: false, + value: 0, + }; protected nationality: { enabled: boolean; value: (typeof countryNames)[number] } = { enabled: false, @@ -31,15 +39,10 @@ export class SelfBackendVerifier { protected registryContract: any; protected verifyAllContract: any; - constructor( - rpcUrl: string, - scope: string, - registryContractAddress: `0x${string}`, - verifyAllContractAddress: `0x${string}` - ) { + constructor(rpcUrl: string, scope: string) { const provider = new ethers.JsonRpcProvider(rpcUrl); - this.registryContract = new ethers.Contract(registryContractAddress, registryAbi, provider); - this.verifyAllContract = new ethers.Contract(verifyAllContractAddress, verifyAllAbi, provider); + this.registryContract = new ethers.Contract(REGISTRY_ADDRESS, registryAbi, provider); + this.verifyAllContract = new ethers.Contract(VERIFYALL_ADDRESS, verifyAllAbi, provider); this.scope = scope; } @@ -61,6 +64,7 @@ export class SelfBackendVerifier { const isValidScope = this.scope === castToScope(BigInt(publicSignals[CIRCUIT_CONSTANTS.VC_AND_DISCLOSE_SCOPE_INDEX])); + const isValidAttestationId = this.attestationId.toString() === publicSignals[CIRCUIT_CONSTANTS.VC_AND_DISCLOSE_ATTESTATION_ID_INDEX]; @@ -93,9 +97,16 @@ export class SelfBackendVerifier { revealedDataTypes.name_and_yob_ofac, ]; - const timestamp = this.targetRootTimestamp; + let timestamp; + if (this.targetRootTimestamp.enabled) { + timestamp = this.targetRootTimestamp.value; + } else { + const currentRoot = await this.registryContract.getIdentityCommitmentMerkleRoot(); + timestamp = await this.registryContract.rootTimestamps(currentRoot); + } const result = await this.verifyAllContract.verifyAll(timestamp, vcAndDiscloseHubProof, types); + console.log('result: ', result); let isValidNationality = true; if (this.nationality.enabled) { @@ -145,7 +156,7 @@ export class SelfBackendVerifier { } setTargetRootTimestamp(targetRootTimestamp: number): this { - this.targetRootTimestamp = targetRootTimestamp; + this.targetRootTimestamp = { enabled: true, value: targetRootTimestamp }; return this; } diff --git a/sdk/core/src/abi/VerifyAll.ts b/sdk/core/src/abi/VerifyAll.ts index 8baaecf18..f15deb6e1 100644 --- a/sdk/core/src/abi/VerifyAll.ts +++ b/sdk/core/src/abi/VerifyAll.ts @@ -56,6 +56,32 @@ export const verifyAllAbi = [ name: 'OwnershipTransferred', type: 'event', }, + { + inputs: [], + name: '_hub', + outputs: [ + { + internalType: 'contract IIdentityVerificationHubV1', + name: '', + type: 'address', + }, + ], + stateMutability: 'view', + type: 'function', + }, + { + inputs: [], + name: '_registry', + outputs: [ + { + internalType: 'contract IIdentityRegistryV1', + name: '', + type: 'address', + }, + ], + stateMutability: 'view', + type: 'function', + }, { inputs: [], name: 'owner', diff --git a/sdk/core/src/constants/contractAddresses.ts b/sdk/core/src/constants/contractAddresses.ts new file mode 100644 index 000000000..92bb5782c --- /dev/null +++ b/sdk/core/src/constants/contractAddresses.ts @@ -0,0 +1,2 @@ +export const REGISTRY_ADDRESS = '0x537F2fd23A0432887F32414001Cc7572260544B1'; +export const VERIFYALL_ADDRESS = '0x3a2944Ab6C76ff8770924637b5da6EC22ab77Ab9'; diff --git a/sdk/core/src/contractAddress/chain-42220_deployed_addresses.json b/sdk/core/src/contractAddress/chain-42220_deployed_addresses.json deleted file mode 100644 index 3fefe5a24..000000000 --- a/sdk/core/src/contractAddress/chain-42220_deployed_addresses.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "DeployVerifiers#Verifier_dsc_sha256_rsa_65537_4096": "0x5304e8883594528B02677ADE02065e7C307680EE", - "DeployVerifiers#Verifier_register_sha1_sha256_sha256_rsa_65537_4096": "0x5703782A401bcC41ea9daE040D100500D2d39052", - "DeployVerifiers#Verifier_register_sha256_sha256_sha256_ecdsa_brainpoolP256r1": "0x08DCD36a211aa1402A71069DCa5A2256baaf82B2", - "DeployVerifiers#Verifier_register_sha256_sha256_sha256_rsa_65537_4096": "0x891e360cF2e6B96E68abEA6ddddF01D51f25f984", - "DeployVerifiers#Verifier_vc_and_disclose": "0x9C76e0F1bbE3667eb227c7F575faa425D8Ef21CA", - "DeployRegistryModule#PoseidonT3": "0x36F4d19d753Ba3B84a28d45219469e0f36b8D083", - "DeployRegistryModule#IdentityRegistryImplV1": "0x71139287BBcdEFC29EC18fB5Ee6936F23f0D25b2", - "DeployRegistryModule#IdentityRegistry": "0x537F2fd23A0432887F32414001Cc7572260544B1", - "DeployHub#IdentityVerificationHubImplV1": "0x0cBA1Cd19C76aEf96fA5095c3c53325Ded92b836", - "DeployHub#IdentityVerificationHub": "0x1Fe004D984a6Caba2a3849A4a20BAA08350e91CB", - "UpdateRegistryCscaRoot#IdentityRegistryImplV1": "0x537F2fd23A0432887F32414001Cc7572260544B1", - "UpdateRegistryHub#IdentityRegistryImplV1": "0x537F2fd23A0432887F32414001Cc7572260544B1", - "UpdateRegistryOfacRoot#IdentityRegistryImplV1": "0x537F2fd23A0432887F32414001Cc7572260544B1" -}