mirror of
https://github.com/selfxyz/self.git
synced 2026-04-05 03:00:53 -04:00
8c5b90e89f
* refactor: use singular ETHERSCAN_API_KEY in .env Etherscan has unified all keys of associated explorers like Celoscan into a singular key rather than different keys for different networks. * refactor: use one .env instead of separate .env.test + .env files * refactor: deploy contracts with runs of 1000 instead of 200 Decreases gas cost of function calls on deployed contracts * clean: remove duplicate/redundant deploy modules + scripts * clean: cleanup empty script file * refactor: cleanup default network of scripts Read network from .env instead of using defaults of alfajores (outdated) or staging * clean: remove references to Alfajores, replace with Sepolia * chore: add default .env variables * chore: update build-all script to include aardhaar circuit * chore: update broken Powers of Tau download link (use iden3) * chore: remove duplicate script * fix: use stable version 18 for disclose circuits * test: update test import paths to allow for .ts version of generateProof * test: fix broken tests * test: uncomment critical code for registration, change error names to updated names, fix broken import paths, update disclose tests for new scope generation/handling * fix: broken import path * test: fix Airdrop tests to use V2 logic * docs: update docs for necessary prerequisite programs * chore: yarn prettier formatting * fix: CI errors occuring when deploying contracts as can't read .env Using a dummy key for CI builds * chore: yarn prettier * refactor: change runs to 100000
9.9 KiB
9.9 KiB
Self Contracts
Overview
This is the implementation of contracts for verification and management of identities in Self.
⚠️Cautions⚠️
When you do the upgrade, be careful with this storage patterns
- You can not change the order in which the contract state variables are declared, nor their type.
Pls see this page for more details: https://docs.openzeppelin.com/upgrades-plugins/writing-upgradeable#modifying-your-contracts
Integration Guide
In the npm package, you'll find the following directory structure:
.
├── abstract
│ └── SelfVerificationRoot.sol # Base impl in self verification
├── constants
│ ├── AttestationId.sol # A unique identifier assigned to the identity documents
│ └── CircuitConstants.sol # Indices for public signals in our circuits
├── interfaces
│ ├── IDscCircuitVerifier.sol
│ ├── IIdentityRegistryV1.sol
│ ├── IIdentityVerificationHubV1.sol
│ ├── IPassportAirdropRoot.sol
│ ├── IRegisterCircuitVerifier.sol
│ ├── ISelfVerificationRoot.sol
│ └── IVcAndDiscloseCircuitVerifier.sol
└── libraries
├── CircuitAttributeHandler.sol # Library to extract each attribute from public signals
└── Formatter.sol # Utility functions to manage public signals to meaningful format
If you want to integrate SelfVerificationRoot.sol into your contract, you should also import these files.
import { SelfVerificationRoot } from "@selfxyz/contracts/contracts/abstract/SelfVerificationRoot.sol";
import { IVcAndDiscloseCircuitVerifier } from "@selfxyz/contracts/contracts/interfaces/IVcAndDiscloseCircuitVerifier.sol";
import { IIdentityVerificationHubV1 } from "@selfxyz/contracts/contracts/interfaces/IIdentityVerificationHubV1.sol";
import { CircuitConstants } from "@selfxyz/contracts/contracts/constants/CircuitConstants.sol";
And override verifySelfProof function and write your own logic. You can take a look at these examples.
In the verifySelfProof function, you should add these validations
- Mandatory
- scope validation
- attestation id validation
- Optional
- nullifier validation
- user id validation
- age verification with olderThan
- forbidden countries validation
- ofac validation
Also, if you want to play with some attributes in the passport, you should import these libraries.
import { CircuitAttributeHandler } from "@selfxyz/contracts/contracts/libraries/CircuitAttributeHandler.sol";
import { Formatter } from "@selfxyz/contracts/contracts/libraries/Formatter.sol";
CircuitAttributeHandler is the library to extract readable attributes in the passport from public signals. The formatter is responsible for converting other data included in the public signals. Use it when you want to validate information related to birthdays or the time when the proof was generated.
As an example, please refer to the following contract.
Building Contracts
Prerequisites
Before building contracts, you must install these system-level dependencies manually or ensure they are already installed.
1. Node.js and Yarn
We use yarn 4. If you haven't already, it can be enabled with:
corepack enable yarn
corepack is a built-in nodejs command
2. Rust (for Circom)
Install Rust using rustup:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source ~/.cargo/env
3. Circom 2.1.9
Install the specific version of Circom required:
git clone https://github.com/iden3/circom.git
cd circom
git checkout v2.1.9
cargo build --release
cp ./target/release/circom ~/.cargo/bin/
Verify installation:
circom --version
# Should output: circom compiler 2.1.9
4. wget
Install wget using your system's package manager:
- macOS:
brew install wget - Ubuntu/Debian:
apt-get install wget
Installation
- Install Node.js dependencies (after installing the system dependencies above):
yarn install
- Compile the contracts:
yarn run build
Deployments
- Deploy verifiers
yarn run deploy:allverifiers:celo
- Deploy registry proxy and impl
yarn run deploy:registry:celo
- Deploy hub proxy and impl
yarn run deploy:hub:celo
- Update csca, ofac and hub address in registry
yarn run update:cscaroot:celo
yarn run update:ofacroot:celo
yarn run update:hub:celo
Testing
When you compile the circuits, make sure you set the build flag to true for these circuits:
- register_sha256_sha256_sha256_rsa_65537_4096
- dsc_sha256_rsa_65537_4096
- vc_and_disclose Go to ../circuits/scripts/build/ and change false to true for these circuits. Then you can run the following command to see the coverage.
cd ../circuits
yarn run build-all
cd ../contracts
yarn run test:coverage:local
Deployed Contract Addresses
| Contract | Address |
|---|---|
| Verifier_dsc_sha1_ecdsa_brainpoolP256r1 | 0xE7B4A70fc1d96D3Fb6577206c932eF1e634Cf2d0 |
| Verifier_dsc_sha1_rsa_65537_4096 | 0x19E25a5772df0D7D6Db59D94a4d6FBd7098a3012 |
| Verifier_dsc_sha256_ecdsa_brainpoolP256r1 | 0x1F3afAe85992B1B8CF6946B091225dAF8307675d |
| Verifier_dsc_sha256_ecdsa_brainpoolP384r1 | 0x52A6EF39655D662A8Cf8eB56CD853883fe43eb2b |
| Verifier_dsc_sha256_ecdsa_secp256r1 | 0x643735Cd44F8b2BDa47b4a7962c8BDf12E6CDdf8 |
| Verifier_dsc_sha256_ecdsa_secp384r1 | 0x00F0D1A32Def293DAB78100A6569ebb4EC035F82 |
| Verifier_dsc_sha256_rsa_65537_4096 | 0x711e655c43410fB985c4EDB48E9bCBdDb770368d |
| Verifier_dsc_sha256_rsapss_3_32_3072 | 0xDAFF470e561F3f96C7410AeF02196913E981fF1B |
| Verifier_dsc_sha256_rsapss_65537_32_3072 | 0x07B6C2FFB098B131eAD104396d399177014ae15f |
| Verifier_dsc_sha256_rsapss_65537_32_4096 | 0xFBDDADb864b24B2c4336081A22f41D04E7b35DA9 |
| Verifier_dsc_sha384_ecdsa_brainpoolP384r1 | 0x6a40dfa6f99FA178aB6cc88928Bf30661e917A76 |
| Verifier_dsc_sha384_ecdsa_secp384r1 | 0x1719430107E66717d8b34d4190838dfABAf810e6 |
| Verifier_dsc_sha512_rsa_65537_4096 | 0xf5eE920d6D50a8A83C22f548bf406fCBcD558751 |
| Verifier_dsc_sha512_rsapss_65537_64_4096 | 0x5438C4ebFD8Fcce6eb54542e3A5C192B22227f70 |
| Verifier_register_sha1_sha1_sha1_ecdsa_brainpoolP224r1 | 0x8588e473428cf415F10AC96CAa701F6Cd1C8641F |
| Verifier_register_sha1_sha1_sha1_rsa_65537_4096 | 0x15fd0d58cfF9DaA4A60105c0DAC73659530BB7f7 |
| Verifier_register_sha1_sha256_sha256_rsa_65537_4096 | 0xaC5166A01Aee75A10703177896122F4d6e3836d1 |
| Verifier_register_sha224_sha224_sha224_ecdsa_brainpoolP224r1 | 0x7d9b7D2A95541b50CECDB44d82c0570a818111Ac |
| Verifier_register_sha256_sha224_sha224_ecdsa_secp224r1 | 0x48cEc90de8d746efD316968Ea65417e74C6A1a74 |
| Verifier_register_sha256_sha256_sha256_ecdsa_brainpoolP256r1 | 0x9C5Af0FC9A32b457e300905929A05356D3C0DB25 |
| Verifier_register_sha256_sha256_sha256_ecdsa_brainpoolP384r1 | 0x5286E20745A0d4C35E6D97832D56e30A28303BD6 |
| Verifier_register_sha256_sha256_sha256_ecdsa_secp256r1 | 0xaC861bf9FC8B44ccbAde8E2A39C851bbCf38c392 |
| Verifier_register_sha256_sha256_sha256_ecdsa_secp384r1 | 0x03FCc979cf2d69275647095E4079A3389F24525D |
| Verifier_register_sha256_sha256_sha256_rsa_3_4096 | 0xbE036B26317F013D2c6cB092Aa1fa903220be846 |
| Verifier_register_sha256_sha256_sha256_rsa_65537_4096 | 0xE80537B3399bd405e40136D08e24c250397c09F1 |
| Verifier_register_sha256_sha256_sha256_rsapss_3_32_2048 | 0xe063BD3188341B2D17d96cE38FD31584147d3219 |
| Verifier_register_sha256_sha256_sha256_rsapss_65537_32_2048 | 0xe93Be9382868f30150cAF77793aF384905c2C7E4 |
| Verifier_register_sha256_sha256_sha256_rsapss_65537_32_3072 | 0xD39E5eAfb6d266E3c4AC8255578F23a514fd8B36 |
| Verifier_register_sha384_sha384_sha384_ecdsa_brainpoolP384r1 | 0xd2F65a76A10f5E0e7aE9d18826ab463f4CEb33C9 |
| Verifier_register_sha384_sha384_sha384_ecdsa_secp384r1 | 0xC33E6A04b7296A3062Cf438C33dc8D8157c3916d |
| Verifier_register_sha384_sha384_sha384_rsapss_65537_48_2048 | 0xa7A5A581C2Eb8dF39f486e9ABBc4898546D70C3e |
| Verifier_register_sha512_sha512_sha512_rsa_65537_4096 | 0x6C88A6Afc38cA2859e157532b1b872EcC1ED0424 |
| Verifier_register_sha512_sha512_sha512_rsapss_65537_64_2048 | 0x04A1D0d51Bc078CB137088424b2ec569699dd7A5 |
| Verifier_vc_and_disclose | 0x44d314c2F9b3690735808d26d17dFCc9F906A9B4 |
| PoseidonT3 | 0xF134707a4C4a3a76b8410fC0294d620A7c341581 |
| IdentityRegistryImplV1 | 0xC473d5F784e424A70Bf7aCf887E33448E64F8798 |
| IdentityRegistry | 0x37F5CB8cB1f6B00aa768D8aA99F1A9289802A968 |
| IdentityVerificationHubImplV1 | 0x85FD004B2312a6703F1ce293242Dc15B719772b1 |
| IdentityVerificationHub | 0x77117D60eaB7C044e785D68edB6C7E0e134970Ea |
| VerifyAll | 0xe6D61680A6ED381bb5A0dB5cF4E9Cc933cF43915 |