implement country list verification

sdk/src/OpenPassportVerifier.ts

@@ -25,12 +25,15 @@ import {
 import forge from 'node-forge';
 import { castToScope, splitToWords } from '../../common/src/utils/utils';
 import { parseDSC } from '../../common/src/utils/certificates/handleCertificate';
+import { CircuitMode, CircuitName } from '../../common/src/utils/appType';
 
 export class OpenPassportVerifier {
   scope: string;
   attestationId: string;
   olderThan?: string;
   nationality?: (typeof countryCodes)[keyof typeof countryCodes];
+  ofac?: string;
+  forbidden_countries_list?: string[];
   rpcUrl: string;
   report: OpenPassportVerifierReport;
   dev_mode: boolean;
@@ -42,20 +45,24 @@ export class OpenPassportVerifier {
     attestationId?: string;
     olderThan?: string;
     nationality?: (typeof countryCodes)[keyof typeof countryCodes];
+    ofac?: string;
+    forbidden_countries_list?: string[];
     rpcUrl?: string;
     dev_mode?: boolean;
-    circuit: string;
-    circuitMode?;
+    circuit: CircuitName;
+    circuitMode?: CircuitMode;
   }) {
     this.scope = options.scope;
     this.attestationId = options.attestationId || PASSPORT_ATTESTATION_ID;
     this.olderThan = options.olderThan || null;
     this.nationality = options.nationality || null;
+    this.ofac = options.ofac || null;
+    this.forbidden_countries_list = options.forbidden_countries_list || null;
     this.rpcUrl = options.rpcUrl || DEFAULT_RPC_URL;
     this.report = new OpenPassportVerifierReport();
     this.dev_mode = options.dev_mode || false;
     this.circuit = options.circuit;
-    this.circuitMode = options.circuitMode || 'prove';
+    this.circuitMode = options.circuitMode || 'prove_offchain';
   }
 
   async verify(attestation: OpenPassportAttestation): Promise<OpenPassportVerifierReport> {
@@ -72,11 +79,13 @@ export class OpenPassportVerifier {
     const { signatureAlgorithm, hashFunction } = parseDSC(dsc);
     const kScaled = signatureAlgorithm === 'ecdsa' ? ECDSA_K_LENGTH_FACTOR * k_dsc_ecdsa : k_dsc;
     this.parsedPublicSignals = parsePublicSignalsProve(publicSignals, kScaled);
+    console.log('this.parsedPublicSignals', this.parsedPublicSignals);
 
     await this.verifyProof(proof, publicSignals, dsc);
+    console.log('this.circuit', this.circuit);
     switch (this.circuit) {
       case 'prove':
-        if (this.circuitMode === 'prove') {
+        if (this.circuitMode === 'prove_offchain') {
           await this.verifyProveArguments();
           await this.verifyDsc(dsc);
         } else if (this.circuitMode === 'register') {
@@ -117,6 +126,26 @@ export class OpenPassportVerifier {
       const attributeValue = getAttributeFromUnpackedReveal(unpackedReveal, 'nationality');
       this.verifyAttribute('nationality', countryCodes[attributeValue], this.nationality);
     }
+    // if (this.ofac) {
+    //   const attributeValue = getAttributeFromUnpackedReveal(unpackedReveal, 'ofac');
+    //   this.verifyAttribute('ofac', attributeValue, this.ofac);
+    // }
+    if (this.forbidden_countries_list) {
+      const countryList1 = unpackReveal(this.parsedPublicSignals.forbidden_countries_list_packed_disclosed[0]);
+      const countryList2 = unpackReveal(this.parsedPublicSignals.forbidden_countries_list_packed_disclosed[1]);
+      const concatenatedCountryList = countryList1.concat(countryList2);
+      // dump every '\x00' value from the list
+      const cleanedCountryList = concatenatedCountryList.filter(value => value !== '\x00');
+      // Concatenate every 3 elements to form country codes
+      const formattedCountryList = [];
+      for (let i = 0; i < cleanedCountryList.length; i += 3) {
+        const countryCode = cleanedCountryList.slice(i, i + 3).join('');
+        if (countryCode.length === 3) {
+          formattedCountryList.push(countryCode);
+        }
+      }
+      this.verifyAttribute('forbidden_countries_list', formattedCountryList.toString(), this.forbidden_countries_list.toString());
+    }
 
     return this.report;
   }

sdk/src/OpenPassportVerifierReport.ts

@@ -17,6 +17,8 @@ export class OpenPassportVerifierReport {
   dsc: boolean = true;
   pubKey: boolean = true;
   valid: boolean = true;
+  ofac: boolean = true;
+  forbidden_countries_list: boolean = true;
 
   public user_identifier: string;
   public nullifier: string;

sdk/src/QRcode/OpenPassportQRcode.tsx

@@ -15,7 +15,7 @@ import {
   WEBSOCKET_URL,
 } from '../../../common/src/constants/constants';
 import { UserIdType } from '../../../common/src/utils/utils';
-import { CircuitName, reconstructAppType } from '../../../common/src/utils/appType';
+import { CircuitMode, CircuitName, reconstructAppType } from '../../../common/src/utils/appType';
 import { v4 as uuidv4 } from 'uuid';
 import { QRcodeSteps } from './utils/utils';
 import { containerStyle, ledContainerStyle, qrContainerStyle } from './utils/styles';
@@ -32,9 +32,11 @@ interface OpenPassportQRcodeProps {
   userIdType?: UserIdType;
   olderThan?: string;
   nationality?: string;
+  ofac?: string;
+  forbidden_countries_list?: string[];
   onSuccess?: (proof: OpenPassportVerifierInputs, report: OpenPassportVerifierReport) => void;
   circuit: CircuitName;
-  circuitMode?: 'prove' | 'register' | '';
+  circuitMode?: CircuitMode;
   devMode?: boolean;
   size?: number;
   websocketUrl?: string;
@@ -49,11 +51,13 @@ const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
   userIdType = DEFAULT_USER_ID_TYPE,
   olderThan = '',
   nationality = '',
+  ofac = null,
+  forbidden_countries_list = null,
   onSuccess = (proof: OpenPassportVerifierInputs, report: OpenPassportVerifierReport) => {
     console.log(proof, report);
   },
   circuit,
-  circuitMode = 'prove',
+  circuitMode = 'prove_onchain',
   devMode = false,
   size = 300,
   websocketUrl = WEBSOCKET_URL,
@@ -68,6 +72,8 @@ const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
     scope: scope,
     olderThan: olderThan,
     nationality: nationality,
+    ofac: ofac,
+    forbidden_countries_list: forbidden_countries_list,
     dev_mode: devMode,
     circuit: circuit,
     circuitMode: circuitMode,
@@ -92,10 +98,12 @@ const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
             websocketUrl: websocketUrl,
           })
         );
-      } else {
+      } else if (circuitMode === 'prove_offchain') {
         const disclosureOptions = [
           ['nationality', nationality],
           ['older_than', olderThan],
+          ['ofac', ofac],
+          ['forbidden_countries_list', forbidden_countries_list],
         ];
         return JSON.stringify(
           reconstructAppType({

sdk/tests/web-app/src/app/prove/page.tsx

@@ -18,8 +18,10 @@ export default function Prove() {
         userId={userId}
         olderThan="18"
         circuit="prove"
-        circuitMode="prove"
-        nationality="France"
+        circuitMode="prove_offchain"
+        // nationality="France"
+        ofac="true"
+        forbidden_countries_list={["BMU", "BLZ", "PAN"]}
         devMode={true}
       />