github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-04-27 03:01:15 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
e71860d7ee9b526f2b09dbfb38e7b2b4d4fb1850
self/circuits
History
turnoffthiscomputer 3d0e1b4589 feat: 2.9 (#1325) 
* 2.9 release

* 2.9 release

* Remove debug console logs from generateTEEInputsRegister function in registerInputs.ts

* parse only the passport data during the dsc step

* Add ReferralScreen and integrate referral functionality
- Introduced ReferralScreen for sharing referral links via messages, WhatsApp, and clipboard.
- Updated navigation to include ReferralScreen in the home stack.
- Added new icons for sharing and messaging.
- Enhanced points utility functions to check user identity document registration and points disclosure status.
- Minor adjustments to existing components for better integration with the new referral feature.

* fix types

* fix font

* fix vertical spacing

* save current abstraction

* clean up linking

* clean up spurious ai slop comments

* add dinot bold font

* minify animations

* update fonts and add placeholder animation

* fix pipelines

* fix order

* Update dependencies and enhance Points component functionality
- Added `@react-native-masked-view/masked-view` and `react-native-linear-gradient` to dependencies for improved UI components.
- Refactored `PointHistoryList` to accept `ListHeaderComponent` and `onRefreshRef` props for better integration with parent components.
- Enhanced `Points` component to manage notification and backup point events, including user feedback through modals.
- Updated navigation to use `PointsNavBar` for a more cohesive user experience.
- Introduced new utility functions for managing incoming points and point event records.

* update lock

* update lock and project settings

* fix line height for android

* save wip referral message fix and deeplink setup

* Fix whatsapp link (#1352)

* add 2 new lines

* use path based param instead of query string

* use staging url for now

* SELF-1089: Fix black screen on Points (#1351)

* Fix black screen on Points

* Fix: black screen on Referral Page

* fix: prevent BlurView from displaying when IdDetailsScreen loses focus

* Fix Android message share (#1355)

* Referral flow (#1354)

* SELF-1139: update getUserAddress() (#1353)

* update getUserAddress()

* rename getUserAddress to getPointsAddress

* [SELF-1098, SELF-1099] polish gratification screen post referrer update history (#1356)

* fix: mark document as registered after restoring secret (#1350)

* update lock

* create useRegisterReferral hook and test

* add referral message test

* save wip register referral flow request

* use register referral from the home screen

* fix typing and sort screens

* fix linting issues

* register poitns and update tests

* use package

* fix tests

* simplify HomeScreen with hooks

* fix tests

* address tests

* abstract points logic, fix types and linting

* add test referral flow hook

* coderabbit feedback: fix refereral logic issues, remove sensitive logs

* move test referral flow button to dev settings screen

* close modal after referring and viewing gratification screen

* fix tests, remove alert, format

---------

Co-authored-by: Seshanth.S <35675963+seshanthS@users.noreply.github.com>

* add gratification bg; use safe bottom padding hook on home screen

* prep 2.7.4 as 2.9.0

* manually bump version for custom deploy

* match version code

* fix types

* formatting

* fix tests

* SELF-1144 - use real points on home screen and improve points screen (#1361)

* fix whitespace

* move effects for fetching points and incoming points to hooks, add items to deps array so that they refresh when we expect points to change.

* cleanup

* Add events for new Points Flow (#1362)

* remove deeplinkCallback from pointsSelfApp. (#1365)

* fix pipelines

* SELF-978: wire cloudbackup with points (#1360)

* wire cloudbackup with points

* wire cloudbackup with points

* Remove redundant setSelfPoints()

* add signature and simplify POST api requests (#1367)

* add signature and simplify POST api requests

* better gitleaks ignore

* update toml

* have gitguardian ignore gitleaks

* add buffer lib

* update api with 202 success code

* update scope and contract-address (#1366)

* fix navigation test

* SELF-915: Setup and add turnkey utils (#1314)

* Setup and add turnkey utils

* update CloudBackupScreen

* fix: turnkey

* add yarn.lock

* lint

* add podfile.lock

* fix deeplink

* fix tests: mock turnkey

* yarn nice

* update .gitleaksignore

* patch react-native-svg

* fix patch-package

* fix lineHeight

* points.tsx: fix lineHeight

* fix: recover with turnkey disabled state

* fix turnkey flow

* fix: address generation

* minify animations (#1368)

* fix pipelines

* fix false positives

* fix gitguardian

---------

Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>

* enable turnkey only on success

* use prod url

* fix tests and update mocks

* update version and fastlane readme

* pointsSelfApp: update scope

* bump android version to 117

* incremenet timestamp

* abstract points css, hide explore button for now, add points guardrail

* better logic

* simplify point event list data acquisition (#1375)

* simplify point event list data acquisition

* explain

* Remove BlurView in Points.tsx

* Move Points and IncomingPoints to the Point Events Store (#1363)


* add polling for event processing.
atomically update store state

* handle failed states and use real backend api


* improve concurrency reliability of pointevents

* move points to the store


* refresh all points on pull

* add points tracking events

* fix imports

* fix headers

* fix import

* fix misspelling

* enable apps link

* remove __DEV__ logging

* remove additional referall dev mode features

* Add turnkey env

* don't allow users to refer themselves

* prettier

* trim both addresses

* fix close webview button

* fix tests and format

* lint and format

* Update point rewards in NavBar component: change earned points from 20 to 44 and from 100 to 32.

* Refactor point rewards in NavBar component: replace hardcoded values with constants for backup and notification points, and update subscription state variable names for clarity.

* Update POINT_VALUES in types.ts: adjust point rewards for disclosure, notification, and backup events to 8, 44, and 32 respectively.

* App/fix backup points (#1381)

* Enhance backup completion tracking in Points component: Introduce a ref to manage backup check flag, ensuring points are recorded only when explicitly set, preventing false triggers from other navigation flows.

* Update API endpoint in getTotalPoints function: change URL from /distribution to /points for accurate points retrieval.

* formatting

* update points url

* Clear referrer on modal dismiss in useEarnPointsFlow hook to prevent retry loop

* use points private key to sign api requests

* formatting

* save working version of referral confirmation

* fix circular dependency

* don't fetch private key if unable to fetch points key

* add url

* add debug info

* Refactor optimistic points calculation in usePointEventStore: update return value to only include incomingPoints.amount, marking the optimistic approach for future improvement.

* save clean up

* clean useReferralConfirmation logic

* fix tests

* tests pass

* standardize android compile sdk version

* fix package version

* don't log errors

* Update app/src/hooks/useReferralConfirmation.ts

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* better test

* add turnkey entitlements

* fix linting

* remove entitlements

* prettier and fix lint

* update gradle version

* update lock file

* fix tests

* fix build failure

* bump android version to 118

* update date

* bump version for next build

* address failing pipelines due to cache issues

* Hide turnkey button (#1387)

* prep for 2.9.0 release

* fix mobile e2e test

* fix tests

* bump android version

---------

Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Seshanth.S <35675963+seshanthS@users.noreply.github.com>
Co-authored-by: Leszek Stachowski <leszek.stachowski@self.xyz>
Co-authored-by: Aaron DeRuvo <aaron.deruvo@clabs.co>
Co-authored-by: seshanthS <seshanth@protonmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2025-11-11 10:37:05 -08:00
..
circuits
feat: 2.9 (#1325)
2025-11-11 10:37:05 -08:00
scripts
feat(circuits): add GCP JWT verifier with TEE attestation claims extraction (#1317)
2025-11-10 19:57:36 +05:30
src
feat: modernize circuits build pipeline (#876)
2025-08-10 22:26:29 -07:00
tests
Feat/update contract scripts (#1212)
2025-10-06 11:45:22 +02:00
.gitignore
Bringing openpassport/main (#19)
2025-02-05 11:13:52 +01:00
.prettierignore
SEL-56: Setup Yarn Workspaces (#584)
2025-06-04 11:37:32 +02:00
.prettierrc
add prettier
2024-07-14 19:19:55 +02:00
.yarnrc.yml
yarn format
2024-12-16 16:55:15 +01:00
LICENSE
update circuit imports to @zk-email
2024-01-15 22:10:40 +01:00
package.json
feat(circuits): add GCP JWT verifier with TEE attestation claims extraction (#1317)
2025-11-10 19:57:36 +05:30
README.md
SEL-56: Setup Yarn Workspaces (#584)
2025-06-04 11:37:32 +02:00
tsconfig.json
[SELF-747] feat: clone android passport reader during setup (#1080)
2025-09-18 14:55:25 -07:00

README.md

OpenPassport Circuits

Requirements

Requirement Version Installation Guide
nodejs > v18 Install nodejs
circom Latest Install circom
snarkjs Latest Install snarkjs

Overview of the circuits

Circom circuits are located in the circuits/ folder. The circuits are split into two parts: register and disclose. This design is close to that of semaphore.

The register circuit is used for the following:

  1. Verify the signature of the passport
  2. Verify that the public key which signed the passport is part of the registry merkle tree (a check of the merkle roots will be performed on-chain)
  3. Generate commitment = H (secret + passportData + some other data)

Once the proof is generated, the user can register on-chain and their commitment will be added to the Lean merkle tree.

As the hash function and signature algorithm is different upon the issuer country, there will be different register circuits for each of those set-ups. The register will follow the register_<hash>With<signature>.circom naming convention. One verifier for each register circuit will be deployed on-chain, all of them committing to the same merkle tree.

The disclose circuit is used for the following:

  1. Verify that a user knows a secret e.g., he is able to reconstruct one leaf of the merkle tree (a check of the merkle roots will be performed on-chain)
  2. Passport expiry is verified
  3. A range check is performed over the age of the user
  4. The output is multiplied by an input selector_dg1 to allow the user to disclose only what they want to disclose.
  5. Final output is packed.

Any application that wants to use OpenPassport can actually build its own disclose circuit.

🚧 Under development 🚧

OpenPassport currently supports the following sig/hash algorithms:

  • sha256WithRSAEncryption
  • sha1WithRSAEncryption
  • sha256WithRSASSAPSS
  • ecdsa-with-SHA384
  • ecdsa-with-SHA1
  • ecdsa-with-SHA256
  • ecdsa-with-SHA512
  • sha512WithRSAEncryption

💡 We currently have a bounty program if you implement a sig/hash setup.

Installation

you can do a focused install with


yarn workspace @selfxyz/circuits focus

or you can run yarn install (it has the same affect whether ran in workspace root or circuits folder)

Build TS Dependencies

from circuits directory run

yarn build:deps

Build circuits (dev only)

./scripts/build_circuits.sh

Run tests ()

yarn test

This will run tests with sample data generated on the fly.

OpenPassport Prove circuit

OpenPassport Prove is the main circuit of the project. It is used for these 3 different circuit modes:

  • prove offChain
  • prove onChain
  • register

Learn more on these 3 use cases on OpenPassport documentation.

The circuit achieves the following actions:

  • verify the signature of the passport and the integrity of the datagroups
  • disclose attributes
  • verify that user's name is not part of the OFAC list
  • verify that passport issuer's country is not part of a forbidden countries list
  • generate a commitment: Hash(secret, DG1)
  • generate a blinded DSC commitment: Hash(anotherSecret, dscPubKey)

If this "everything circuit" is executing all those actions each time, we want according to the circuit mode we selected to disclose only specific attributes and hide others.

In order to achieve that we will input a bitmap selector_mode[2] that will ensure that the circuit can only disclose the attributes related to the circuit mode selected.

Circuit Mode selector_mode[0] selector_mode[1]
prove offChain 1 1
prove onChain 1 0
register 0 0

Using the value [0,1] for selector_mode will fail proof generation.

Here are the attributes disclosed according to the circuit_mode:

Circuit Mode Attributes Disclosed
prove offChain packedReveal-dg1, older than, OFAC, countryIsNotInList, pubKey
prove onChain packedReveal-dg1, older than, OFAC, countryIsNotInList, blinded DSC commitment
register blinded DSC commitment, commitment

Certificate Chain verification

Passports are signed by Document Signing Certificates (DSC). DSCs are signed by Country Signing Certificate Authority (CSCA). Both DSC and CSCA lists are published on online registry of the ICAO, however many countries still don't publish their certificates on the ICAO website. In order to maximize passport readability we need to verify the full certificate chain.

On chain

To avoid huge proving time and (too) heavy zkeys, the signature of the passport data is verified on the mobile (the passport data never leaves the device) and the certificate chain verification is done on a remote modal server. A blindedDscCommitment is generated on both sides to link proofs.

Off chain

In off chain setup users will send their DSC to the verifier along with their passport proof. The pubKey will be revealed as an output of the proof.

Reference in New Issue View Git Blame Copy Permalink