Feat/sumsub (#1654)

* fix: circuits and contracts

* feat: add reverse ofac logic

* feat: add onlyRole modifiers to functions

* style: replace onlyOwner reference in comment code to role-based access

* test: unskip and update governance tests for access control

* test: fix PCR0 setup in kyc test

---------

Co-authored-by: Evi Nova <tranquil_flow@protonmail.com>

circuits/tests/disclose/vc_and_disclose_kyc.test.ts

@@ -154,6 +154,33 @@ describe('VC_AND_DISCLOSE KYC Circuit Tests', () => {
     deepEqual(ofac_results, ['\x00', '\x00']);
   });
 
+  it('should return 0 for an OFAC person with reverse', async function () {
+    this.timeout(0);
+    const input = generateKycDiscloseInput(
+      true,
+      namedob_smt,
+      nameyob_smt,
+      tree as any,
+      true,
+      '0',
+      '1234567890',
+      undefined,
+      undefined,
+      undefined,
+      true,
+      '1234',
+      true
+    );
+    const witness = await circuit.calculateWitness(input);
+    await circuit.checkConstraints(witness);
+
+    const revealedData_packed = await getRevealedDataPacked(witness);
+    const revealedDataUnpacked = unpackReveal(revealedData_packed, 'id');
+    const ofac_results = revealedDataUnpacked.slice(maxLength, maxLength + 2);
+
+    deepEqual(ofac_results, ['\x00', '\x00']);
+  });
+
   it('should return 1 for a non OFAC person', async function () {
     this.timeout(0);
     const input = generateKycDiscloseInput(
@@ -193,7 +220,6 @@ describe('VC_AND_DISCLOSE KYC Circuit Tests', () => {
       'DOB',
       'PHOTO_HASH',
       'PHONE_NUMBER',
-      'DOCUMENT',
       'GENDER',
       'ADDRESS',
     ];
@@ -251,7 +277,6 @@ describe('VC_AND_DISCLOSE KYC Circuit Tests', () => {
       'DOB',
       'PHOTO_HASH',
       'PHONE_NUMBER',
-      'DOCUMENT',
       'GENDER',
       'ADDRESS',
     ];

circuits/tests/register/register_kyc.test.ts

@@ -5,7 +5,7 @@ import { packBytesAndPoseidon } from '@selfxyz/common/utils/hash';
 import { poseidon2 } from 'poseidon-lite';
 import { generateMockKycRegisterInput } from '@selfxyz/common/utils/kyc/generateInputs.js';
 import { KycRegisterInput } from '@selfxyz/common/utils/kyc/types';
-import { KYC_ID_NUMBER_INDEX, KYC_ID_NUMBER_LENGTH } from '@selfxyz/common/utils/kyc/constants';
+import { KYC_ID_NUMBER_INDEX, KYC_ID_NUMBER_LENGTH, KYC_ID_TYPE_INDEX, KYC_ID_TYPE_LENGTH } from '@selfxyz/common/utils/kyc/constants';
 
 describe('REGISTER KYC Circuit Tests', () => {
   let circuit: any;
@@ -15,7 +15,7 @@ describe('REGISTER KYC Circuit Tests', () => {
     this.timeout(0);
     input = await generateMockKycRegisterInput(null, true, undefined);
     circuit = await wasmTester(
-      path.join(__dirname, '../../circuits/register/instances/register_selfrica.circom'),
+      path.join(__dirname, '../../circuits/register/instances/register_kyc.circom'),
       {
         verbose: true,
         logOutput: true,
@@ -42,7 +42,8 @@ describe('REGISTER KYC Circuit Tests', () => {
       KYC_ID_NUMBER_INDEX,
       KYC_ID_NUMBER_INDEX + KYC_ID_NUMBER_LENGTH
     );
-    const nullifier = packBytesAndPoseidon(idnumber.map((x) => Number(x)));
+    const nullifierInputs = [...'sumsub'.split('').map((x) => x.charCodeAt(0)), ...idnumber, ...input.data_padded.slice(KYC_ID_TYPE_INDEX, KYC_ID_TYPE_INDEX + KYC_ID_TYPE_LENGTH)];
+    const nullifier = packBytesAndPoseidon(nullifierInputs);
     const commitment = poseidon2([
       input.secret,
       packBytesAndPoseidon(input.data_padded.map((x) => Number(x))),