Skip to content

Commit

Permalink
Merge pull request #356 from zk-passport/dev
Browse files Browse the repository at this point in the history 
Dev
  • Loading branch information
@motemotech
motemotech authored Feb 3, 2025
2 parents 92753c3 + 4f46f5e commit abc9a38
Show file tree
Hide file tree
Showing 6 changed files with 217 additions and 105 deletions.
14 changes: 14 additions & 0 deletions common/src/utils/circuits/formatInputs.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,18 @@ export function reverseBytes(input: string): string {
const reversedBytes = bytes.reverse();

return '0x' + reversedBytes.join('');
}

export function reverseCountryBytes(input: string): string {
const hex = input.slice(2);
const groups = hex.match(/.{6}/g) || [];
const reversedGroups = groups.reverse();

const remainderLength = hex.length % 6;
let remainder = "";
if (remainderLength > 0) {
remainder = hex.slice(hex.length - remainderLength);
}

return '0x' + reversedGroups.join('') + remainder;
}
14 changes: 3 additions & 11 deletions contracts/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,7 @@

Contracts for OpenPassport.

## OpenPassport Contract Architecture

![OpenPassport Contract Architecture](./assets/contract_architecture_v1.png)

## Cautions
## ⚠️Cautions⚠️

When you do the upgrade, be careful with this storage patterns
- You can not change the order in which the contract state variables are declared, nor their type.
Expand All @@ -17,12 +13,8 @@ When you compile the circuits, make sure you set the build flag to true for thes
- register_sha256_sha256_sha256_rsa_65537_4096
- dsc_sha256_rsa_65537_4096
- vc_and_disclose

There is the difference in build scripts in circuits directory.
```shell
cd ../circuits/scripts/build/common.sh
```
Change the comment out place depends on your OS.
Go to ../circuits/scripts/build/ and change false to true for these circuits.
Then you can run the following command to see the coverage.

```shell
cd ../circuits
Expand Down
152 changes: 93 additions & 59 deletions contracts/contracts/IdentityVerificationHubImplV1.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,23 +127,56 @@ contract IdentityVerificationHubImplV1 is
// ====================================================

/// @notice Thrown when the lengths of provided arrays do not match.
/// @dev Used when initializing or updating arrays that must have equal length.
error LENGTH_MISMATCH();
/// @notice Thrown when no verifier is set for a signature type.

/// @notice Thrown when no verifier is set for a given signature type.
/// @dev Indicates that the mapping lookup for the verifier returned the zero address.
error NO_VERIFIER_SET();
/// @notice Thrown when the current date in the proof is not within a valid range.

/// @notice Thrown when the current date in the proof is not within the valid range.
/// @dev Ensures that the provided proof's date is within one day of the expected start time.
error CURRENT_DATE_NOT_IN_VALID_RANGE();


/// @notice Thrown when the 'older than' attribute in the proof is invalid.
/// @dev The 'older than' value derived from the proof does not match the expected criteria.
error INVALID_OLDER_THAN();

/// @notice Thrown when the provided forbidden countries list is invalid.
/// @dev The forbidden countries list in the proof does not match the expected packed data.
error INVALID_FORBIDDEN_COUNTRIES();

/// @notice Thrown when the OFAC check fails.
/// @dev Indicates that the proof did not satisfy the required OFAC conditions.
error INVALID_OFAC();


/// @notice Thrown when the register circuit proof is invalid.
/// @dev The register circuit verifier did not validate the provided proof.
error INVALID_REGISTER_PROOF();

/// @notice Thrown when the DSC circuit proof is invalid.
/// @dev The DSC circuit verifier did not validate the provided proof.
error INVALID_DSC_PROOF();

/// @notice Thrown when the VC and Disclose proof is invalid.
/// @dev The VC and Disclose circuit verifier did not validate the provided proof.
error INVALID_VC_AND_DISCLOSE_PROOF();


/// @notice Thrown when the provided commitment root is invalid.
/// @dev Used in proofs to ensure that the commitment root matches the expected value in the registry.
error INVALID_COMMITMENT_ROOT();

/// @notice Thrown when the provided OFAC root is invalid.
/// @dev Indicates that the OFAC root from the proof does not match the expected OFAC root.
error INVALID_OFAC_ROOT();

/// @notice Thrown when the provided CSCA root is invalid.
/// @dev Indicates that the CSCA root from the DSC proof does not match the expected CSCA root.
error INVALID_CSCA_ROOT();

/// @notice Thrown when the revealed data type is invalid or not supported.
/// @dev Raised during the processing of revealed data if it does not match any supported type.
error INVALID_REVEALED_DATA_TYPE();

// ====================================================
// Constructor
Expand Down Expand Up @@ -353,7 +386,7 @@ contract IdentityVerificationHubImplV1 is
{
VcAndDiscloseVerificationResult memory result;

result.identityCommitmentRoot = verifyVcAndDiscloseProof(proof);
result.identityCommitmentRoot = _verifyVcAndDiscloseProof(proof);

for (uint256 i = 0; i < 3; i++) {
result.revealedDataPacked[i] = proof.vcAndDiscloseProof.pubSignals[CircuitConstants.VC_AND_DISCLOSE_REVEALED_DATA_PACKED_INDEX + i];
Expand All @@ -367,7 +400,54 @@ contract IdentityVerificationHubImplV1 is
}

// ====================================================
// External Update Functions
// External Functions - Registration
// ====================================================

/**
* @notice Registers a passport commitment using a register circuit proof.
* @dev Verifies the proof and then calls the Identity Registry to register the commitment.
* @param registerCircuitVerifierId The identifier for the register circuit verifier to use.
* @param registerCircuitProof The register circuit proof data.
*/
function registerPassportCommitment(
uint256 registerCircuitVerifierId,
IRegisterCircuitVerifier.RegisterCircuitProof memory registerCircuitProof
)
external
virtual
onlyProxy
{
_verifyPassportRegisterProof(registerCircuitVerifierId, registerCircuitProof);
IIdentityRegistryV1(_registry).registerCommitment(
AttestationId.E_PASSPORT,
registerCircuitProof.pubSignals[CircuitConstants.REGISTER_NULLIFIER_INDEX],
registerCircuitProof.pubSignals[CircuitConstants.REGISTER_COMMITMENT_INDEX]
);
}

/**
* @notice Registers a DSC key commitment using a DSC circuit proof.
* @dev Verifies the DSC proof and then calls the Identity Registry to register the dsc key commitment.
* @param dscCircuitVerifierId The identifier for the DSC circuit verifier to use.
* @param dscCircuitProof The DSC circuit proof data.
*/
function registerDscKeyCommitment(
uint256 dscCircuitVerifierId,
IDscCircuitVerifier.DscCircuitProof memory dscCircuitProof
)
external
virtual
onlyProxy
{
_verifyPassportDscProof(dscCircuitVerifierId, dscCircuitProof);
IIdentityRegistryV1(_registry).registerDscKeyCommitment(
dscCircuitProof.pubSignals[CircuitConstants.DSC_TREE_LEAF_INDEX]
);
}


// ====================================================
// External Functions - Only Owner
// ====================================================

/**
Expand Down Expand Up @@ -484,52 +564,6 @@ contract IdentityVerificationHubImplV1 is
}
}

// ====================================================
// External Register Functions
// ====================================================

/**
* @notice Registers a passport commitment using a register circuit proof.
* @dev Verifies the proof and then calls the Identity Registry to register the commitment.
* @param registerCircuitVerifierId The identifier for the register circuit verifier to use.
* @param registerCircuitProof The register circuit proof data.
*/
function registerPassportCommitment(
uint256 registerCircuitVerifierId,
IRegisterCircuitVerifier.RegisterCircuitProof memory registerCircuitProof
)
external
virtual
onlyProxy
{
verifyPassportRegisterProof(registerCircuitVerifierId, registerCircuitProof);
IIdentityRegistryV1(_registry).registerCommitment(
AttestationId.E_PASSPORT,
registerCircuitProof.pubSignals[CircuitConstants.REGISTER_NULLIFIER_INDEX],
registerCircuitProof.pubSignals[CircuitConstants.REGISTER_COMMITMENT_INDEX]
);
}

/**
* @notice Registers a DSC key commitment using a DSC circuit proof.
* @dev Verifies the DSC proof and then calls the Identity Registry to register the dsc key commitment.
* @param dscCircuitVerifierId The identifier for the DSC circuit verifier to use.
* @param dscCircuitProof The DSC circuit proof data.
*/
function registerDscKeyCommitment(
uint256 dscCircuitVerifierId,
IDscCircuitVerifier.DscCircuitProof memory dscCircuitProof
)
external
virtual
onlyProxy
{
verifyPassportDscProof(dscCircuitVerifierId, dscCircuitProof);
IIdentityRegistryV1(_registry).registerDscKeyCommitment(
dscCircuitProof.pubSignals[CircuitConstants.DSC_TREE_LEAF_INDEX]
);
}

// ====================================================
// Internal Functions
// ====================================================
Expand All @@ -540,7 +574,7 @@ contract IdentityVerificationHubImplV1 is
* @param proof The VcAndDiscloseHubProof containing the proof data.
* @return identityCommitmentRoot The verified identity commitment root from the proof.
*/
function verifyVcAndDiscloseProof(
function _verifyVcAndDiscloseProof(
VcAndDiscloseHubProof memory proof
)
internal
Expand All @@ -560,8 +594,8 @@ contract IdentityVerificationHubImplV1 is

uint currentTimestamp = Formatter.proofDateToUnixTimestamp(dateNum);
if(
currentTimestamp < getStartOfDayTimestamp() - 1 days + 1 ||
currentTimestamp > getStartOfDayTimestamp() + 1 days - 1
currentTimestamp < _getStartOfDayTimestamp() - 1 days + 1 ||
currentTimestamp > _getStartOfDayTimestamp() + 1 days - 1
) {
revert CURRENT_DATE_NOT_IN_VALID_RANGE();
}
Expand Down Expand Up @@ -604,7 +638,7 @@ contract IdentityVerificationHubImplV1 is
* @param registerCircuitVerifierId The identifier for the register circuit verifier.
* @param registerCircuitProof The register circuit proof data.
*/
function verifyPassportRegisterProof(
function _verifyPassportRegisterProof(
uint256 registerCircuitVerifierId,
IRegisterCircuitVerifier.RegisterCircuitProof memory registerCircuitProof
)
Expand Down Expand Up @@ -636,7 +670,7 @@ contract IdentityVerificationHubImplV1 is
* @param dscCircuitVerifierId The identifier for the DSC circuit verifier.
* @param dscCircuitProof The DSC circuit proof data.
*/
function verifyPassportDscProof(
function _verifyPassportDscProof(
uint256 dscCircuitVerifierId,
IDscCircuitVerifier.DscCircuitProof memory dscCircuitProof
)
Expand Down Expand Up @@ -667,7 +701,7 @@ contract IdentityVerificationHubImplV1 is
* @dev Calculated by subtracting the remainder of block.timestamp modulo 1 day.
* @return The Unix timestamp representing the start of the day.
*/
function getStartOfDayTimestamp() internal view returns (uint256) {
function _getStartOfDayTimestamp() internal view returns (uint256) {
return block.timestamp - (block.timestamp % 1 days);
}
}
9 changes: 5 additions & 4 deletions contracts/contracts/registry/IdentityRegistryImplV1.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -420,7 +420,7 @@ contract IdentityRegistryImplV1 is
}

// ====================================================
// External Functions - Registration & Updates
// External Functions - Registration
// ====================================================

/**
Expand Down Expand Up @@ -468,6 +468,10 @@ contract IdentityRegistryImplV1 is
emit DscKeyCommitmentRegistered(dscCommitment, block.timestamp, imt_root, index);
}

// ====================================================
// External Functions - Only Owner
// ====================================================

/**
* @notice Updates the hub address.
* @dev Callable only via a proxy and restricted to the contract owner.
Expand Down Expand Up @@ -516,9 +520,6 @@ contract IdentityRegistryImplV1 is
emit CscaRootUpdated(newCscaRoot);
}

// ====================================================
// External Functions - Development Only
// ====================================================

/**
* @notice (DEV) Force-adds an identity commitment.
Expand Down
Loading

0 comments on commit abc9a38

Please sign in to comment.