update sdk

2026-04-05 03:00:53 -04:00 · 2024-09-27 17:01:57 +02:00
parent 0c0c6dc2a9
commit b68d510c48
9 changed files with 404 additions and 58 deletions
--- a/sdk/src/OpenPassportVerifier.ts
+++ b/sdk/src/OpenPassportVerifier.ts
@@ -23,13 +23,7 @@ import {
 } from '../../common/src/utils/openPassportAttestation';

 import forge from 'node-forge';
-import {
-  bigIntToHex,
-  castToScope,
-  castToUUID,
-  splitToWords,
-  UserIdType,
-} from '../../common/src/utils/utils';
+import { castToScope, splitToWords } from '../../common/src/utils/utils';
 import { parseDSC } from '../../common/src/utils/certificates/handleCertificate';

 export class OpenPassportVerifier {
@@ -42,6 +36,7 @@ export class OpenPassportVerifier {
  dev_mode: boolean;
  parsedPublicSignals: any;
  circuit: string;
+  circuitMode?: string;
  constructor(options: {
    scope: string;
    attestationId?: string;
@@ -50,6 +45,7 @@ export class OpenPassportVerifier {
    rpcUrl?: string;
    dev_mode?: boolean;
    circuit: string;
+    circuitMode?;
  }) {
    this.scope = options.scope;
    this.attestationId = options.attestationId || PASSPORT_ATTESTATION_ID;
@@ -59,6 +55,7 @@ export class OpenPassportVerifier {
    this.report = new OpenPassportVerifierReport();
    this.dev_mode = options.dev_mode || false;
    this.circuit = options.circuit;
+    this.circuitMode = options.circuitMode || 'prove';
  }

  async verify(attestation: OpenPassportAttestation): Promise<OpenPassportVerifierReport> {
@@ -67,6 +64,9 @@ export class OpenPassportVerifier {
        value: { proof, publicSignals },
      },
      dsc: { value: dsc },
+      dscProof: {
+        value: { proof: dscProof, publicSignals: dscPublicSignals },
+      },
    } = attestation;

    const { signatureAlgorithm, hashFunction } = parseDSC(dsc);
@@ -76,8 +76,13 @@ export class OpenPassportVerifier {
    await this.verifyProof(proof, publicSignals, dsc);
    switch (this.circuit) {
      case 'prove':
-        await this.verifyProveArguments();
-        await this.verifyDsc(dsc);
+        if (this.circuitMode === 'prove') {
+          await this.verifyProveArguments();
+          await this.verifyDsc(dsc);
+        } else if (this.circuitMode === 'register') {
+          await this.verifyRegisterArguments();
+          await this.verifyDscProof(dscProof, dscPublicSignals, dsc);
+        }
        break;
      case 'disclose':
        await this.verifyDiscloseArguments();
@@ -131,13 +136,18 @@ export class OpenPassportVerifier {

  private getVkey(dsc: string) {
    const { signatureAlgorithm, hashFunction } = parseDSC(dsc);
-    if (this.circuit === 'prove' || this.circuit === 'register') {
+    if (this.circuit === 'prove') {
      return getVkeyFromArtifacts(this.circuit, signatureAlgorithm, hashFunction);
    } else {
      throw new Error('vkey of ' + this.circuit + ' not found');
    }
  }

+  private getVkeyDsc(dsc: string) {
+    const { signatureAlgorithm, hashFunction } = parseDSC(dsc);
+    return getVkeyFromArtifacts('dsc', signatureAlgorithm, hashFunction);
+  }
+
  private verifyDsc(dsc: string) {
    const dscCertificate = forge.pki.certificateFromPem(dsc);
    const verified_certificate = verifyDSCValidity(dscCertificate, this.dev_mode);
@@ -156,4 +166,16 @@ export class OpenPassportVerifier {
      this.report.exposeAttribute('pubKey', pubKeyFromProof, dsc_modulus_words);
    }
  }
+
+  private async verifyDscProof(proof: string[], publicSignals: string[], dsc: string) {
+    console.log('verifyDscProof', publicSignals, proof);
+    const vkey = this.getVkeyDsc(dsc);
+    const verified_dscProof = await groth16.verify(vkey, publicSignals, proof as any);
+    this.verifyAttribute('dscProof', verified_dscProof.toString(), 'true');
+  }
+
+  private verifyRegisterArguments() {
+    // verify that the blindedDscCommitment is the same in both proofs
+    const blindedPubKeyCommitmentFromLocalProof = this.parsedPublicSignals.blinded_dsc_commitment;
+  }
 }
--- a/sdk/src/OpenPassportVerifierReport.ts
+++ b/sdk/src/OpenPassportVerifierReport.ts
@@ -15,6 +15,7 @@ export class OpenPassportVerifierReport {
  older_than: boolean = true;
  owner_of: boolean = true;
  proof: boolean = true;
+  dscProof: boolean = true;
  dsc: boolean = true;
  pubKey: boolean = true;
  valid: boolean = true;
--- a/sdk/src/QRcode/OpenPassportQRcode.tsx
+++ b/sdk/src/QRcode/OpenPassportQRcode.tsx
@@ -9,7 +9,11 @@ import Lottie from 'lottie-react';
 import CHECK_ANIMATION from './animations/check_animation.json';
 import X_ANIMATION from './animations/x_animation.json';
 import LED from './components/LED';
-import { DEFAULT_USER_ID_TYPE, WEBSOCKET_URL } from '../../../common/src/constants/constants';
+import {
+  DEFAULT_USER_ID_TYPE,
+  MODAL_SERVER_ADDRESS,
+  WEBSOCKET_URL,
+} from '../../../common/src/constants/constants';
 import { UserIdType } from '../../../common/src/utils/utils';
 import { CircuitName, reconstructAppType } from '../../../common/src/utils/appType';
 import { v4 as uuidv4 } from 'uuid';
@@ -35,7 +39,7 @@ interface OpenPassportQRcodeProps {
  size?: number;
  websocketUrl?: string;
  merkleTreeUrl?: string;
-  attestationId?: string;
+  modalServerUrl?: string;
 }

 const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
@@ -53,8 +57,8 @@ const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
  devMode = false,
  size = 300,
  websocketUrl = WEBSOCKET_URL,
+  modalServerUrl = MODAL_SERVER_ADDRESS,
  merkleTreeUrl,
-  attestationId,
 }) => {
  const [proofStep, setProofStep] = useState(QRcodeSteps.WAITING_FOR_MOBILE);
  const [proofVerified, setProofVerified] = useState(null);
@@ -66,29 +70,49 @@ const OpenPassportQRcode: React.FC<OpenPassportQRcodeProps> = ({
    nationality: nationality,
    dev_mode: devMode,
    circuit: circuit,
+    circuitMode: circuitMode,
  });

  const getAppStringified = () => {
    if (circuit === 'prove') {
-      const disclosureOptions = [
-        ['nationality', nationality],
-        ['older_than', olderThan],
-      ];
-      return JSON.stringify(
-        reconstructAppType({
-          name: appName,
-          scope: scope,
-          userId: userId,
-          userIdType: userIdType,
-          sessionId: sessionId,
-          circuit: circuit,
-          circuitMode: circuitMode,
-          arguments: {
-            disclosureOptions: Object.fromEntries(disclosureOptions),
-          },
-          websocketUrl: websocketUrl,
-        })
-      );
+      if (circuitMode == 'register') {
+        return JSON.stringify(
+          reconstructAppType({
+            name: appName,
+            scope: scope,
+            userId: userId,
+            userIdType: userIdType,
+            sessionId: sessionId,
+            circuit: circuit,
+            circuitMode: circuitMode,
+            arguments: {
+              modalServerUrl: modalServerUrl,
+              merkleTreeUrl: merkleTreeUrl,
+            },
+            websocketUrl: websocketUrl,
+          })
+        );
+      } else {
+        const disclosureOptions = [
+          ['nationality', nationality],
+          ['older_than', olderThan],
+        ];
+        return JSON.stringify(
+          reconstructAppType({
+            name: appName,
+            scope: scope,
+            userId: userId,
+            userIdType: userIdType,
+            sessionId: sessionId,
+            circuit: circuit,
+            circuitMode: circuitMode,
+            arguments: {
+              disclosureOptions: Object.fromEntries(disclosureOptions),
+            },
+            websocketUrl: websocketUrl,
+          })
+        );
+      }
    }
    // } else if (circuit === 'prove' && circuitMode === 'register') {
    //   return JSON.stringify(
--- a/sdk/src/QRcode/utils/websocket.ts
+++ b/sdk/src/QRcode/utils/websocket.ts
@@ -1,5 +1,3 @@
-import React, { useEffect, useRef, useState } from 'react';
-
 import io, { Socket } from 'socket.io-client';
 import { QRcodeSteps } from './utils';
 import { OpenPassportVerifier } from '../../OpenPassportVerifier';
--- a/sdk/tests/web-app/src/app/prove/page.tsx
+++ b/sdk/tests/web-app/src/app/prove/page.tsx
@@ -17,9 +17,10 @@ export default function Prove() {
        scope="test"
        userId={userId}
        olderThan="18"
+        circuit="prove"
+        circuitMode="prove"
        nationality="France"
        devMode={true}
-        circuit="prove"
      />

      <TextField
--- a/sdk/tests/web-app/src/app/register/page.tsx
+++ b/sdk/tests/web-app/src/app/register/page.tsx
@@ -18,7 +18,6 @@ export default function Register() {
        devMode={true}
        circuit="prove"
        circuitMode="register"
-        attestationId="PASSPORT"
        merkleTreeUrl={COMMITMENT_TREE_TRACKER_URL}
        userId={userId}
      />
--- a/sdk/utils/utils.ts
+++ b/sdk/utils/utils.ts
@@ -12,9 +12,9 @@ import {
  vkey_prove_rsa_65537_sha1,
  vkey_prove_rsa_65537_sha256,
  vkey_prove_rsapss_65537_sha256,
-  vkey_register_rsa_65537_sha1,
-  vkey_register_rsa_65537_sha256,
-  vkey_register_rsapss_65537_sha256,
+  vkey_dsc_rsa_65537_sha1,
+  vkey_dsc_rsa_65537_sha256,
+  vkey_dsc_rsapss_65537_sha256,
 } from '../../common/src/constants/vkey';
 import { getCircuitName } from '../../common/src/utils/certificates/handleCertificate';

@@ -36,12 +36,12 @@ export function getVkeyFromArtifacts(
      return vkey_prove_rsa_65537_sha1;
    case 'prove_rsapss_65537_sha256':
      return vkey_prove_rsapss_65537_sha256;
-    case 'register_rsa_65537_sha256':
-      return vkey_register_rsa_65537_sha256;
-    case 'register_rsa_65537_sha1':
-      return vkey_register_rsa_65537_sha1;
-    case 'register_rsapss_65537_sha256':
-      return vkey_register_rsapss_65537_sha256;
+    case 'dsc_rsa_65537_sha1':
+      return vkey_dsc_rsa_65537_sha1;
+    case 'dsc_rsa_65537_sha256':
+      return vkey_dsc_rsa_65537_sha256;
+    case 'dsc_rsapss_65537_sha256':
+      return vkey_dsc_rsapss_65537_sha256;
    default:
      throw new Error('Invalid signature algorithm or hash function');
  }