@mocanetwork/privado-js-sdk 1.0.0

package/src/proof/verifiers/query-hash.ts

@@ -0,0 +1,57 @@
+import { poseidon } from '@iden3/js-crypto';
+import { SchemaHash } from '@mocanetwork/moca-iden3';
+import { defaultValueArraySize, prepareCircuitArrayValues } from '../../circuits';
+
+export function calculateQueryHashV2(
+  values: bigint[],
+  schema: SchemaHash,
+  slotIndex: string | number,
+  operator: string | number,
+  claimPathKey: string | number,
+  claimPathNotExists: string | number
+): bigint {
+  const expValue = prepareCircuitArrayValues(values, 64);
+  const valueHash = poseidon.spongeHashX(expValue, 6);
+  return poseidon.hash([
+    schema.bigInt(),
+    BigInt(slotIndex),
+    BigInt(operator),
+    BigInt(claimPathKey),
+    BigInt(claimPathNotExists),
+    valueHash
+  ]);
+}
+
+export function calculateQueryHashV3(
+  values: bigint[],
+  schema: SchemaHash,
+  slotIndex: string | number,
+  operator: string | number,
+  claimPathKey: string | number,
+  valueArraySize: string | number,
+  merklized: string | number,
+  isRevocationChecked: string | number,
+  verifierID: string | number,
+  nullifierSessionID: string | number
+): bigint {
+  const expValue = prepareCircuitArrayValues(values, defaultValueArraySize);
+  const valueHash = poseidon.spongeHashX(expValue, 6);
+  const firstPartQueryHash = poseidon.hash([
+    schema.bigInt(),
+    BigInt(slotIndex),
+    BigInt(operator),
+    BigInt(claimPathKey),
+    BigInt(merklized),
+    valueHash
+  ]);
+
+  const queryHash = poseidon.hash([
+    firstPartQueryHash,
+    BigInt(valueArraySize),
+    BigInt(isRevocationChecked),
+    BigInt(verifierID),
+    BigInt(nullifierSessionID),
+    0n
+  ]);
+  return queryHash;
+}

package/src/proof/verifiers/query.ts

@@ -0,0 +1,340 @@
+import { DID, getDateFromUnixTimestamp, Id, SchemaHash } from '@mocanetwork/moca-iden3';
+import { DocumentLoader, Merklizer, MtValue, Path } from '@iden3/js-jsonld-merklization';
+import { Proof } from '@iden3/js-merkletree';
+import { byteEncoder } from '../../utils';
+import { getOperatorNameByValue, Operators, QueryOperators } from '../../circuits/comparer';
+import { CircuitId } from '../../circuits/models';
+import { calculateCoreSchemaHash, ProofQuery, VerifiableConstants } from '../../verifiable';
+import { QueryMetadata } from '../common';
+import { circuitValidator } from '../provers';
+import { JsonLd } from 'jsonld/jsonld-spec';
+import { VerifiablePresentation } from '../../iden3comm';
+import { ethers } from 'ethers';
+
+/**
+ * Options to verify state
+ */
+export type VerifyOpts = {
+  // acceptedStateTransitionDelay is the period of time in milliseconds that a revoked state remains valid.
+  acceptedStateTransitionDelay?: number;
+  // acceptedProofGenerationDelay is the period of time in milliseconds that a generated proof remains valid.
+  acceptedProofGenerationDelay?: number;
+};
+
+const defaultProofGenerationDelayOpts = 24 * 60 * 60 * 1000; // 24 hours
+
+// ClaimOutputs fields that are used in proof generation
+export interface ClaimOutputs {
+  issuerId: Id;
+  schemaHash: SchemaHash;
+  slotIndex?: number;
+  operator: number;
+  operatorOutput?: bigint;
+  value: bigint[];
+  timestamp: number;
+  merklized: number;
+  claimPathKey?: bigint;
+  claimPathNotExists?: number;
+  valueArraySize: number;
+  isRevocationChecked: number;
+}
+
+export async function checkQueryRequest(
+  query: ProofQuery,
+  queriesMetadata: QueryMetadata[],
+  ldContext: JsonLd,
+  outputs: ClaimOutputs,
+  circuitId: CircuitId,
+  schemaLoader?: DocumentLoader,
+  opts?: VerifyOpts
+): Promise<void> {
+  // validate issuer
+  const userDID = DID.parseFromId(outputs.issuerId);
+  const issuerAllowed =
+    !query.allowedIssuers ||
+    query.allowedIssuers?.some((issuer) => issuer === '*' || issuer === userDID.string());
+  if (!issuerAllowed) {
+    throw new Error('issuer is not in allowed list');
+  }
+  if (!query.type) {
+    throw new Error('query type is missing');
+  }
+
+  const schemaId: string = await Path.getTypeIDFromContext(JSON.stringify(ldContext), query.type, {
+    documentLoader: schemaLoader
+  });
+  const schemaHash = calculateCoreSchemaHash(byteEncoder.encode(schemaId));
+
+  if (schemaHash.bigInt() !== outputs.schemaHash.bigInt()) {
+    throw new Error(`schema that was used is not equal to requested in query`);
+  }
+
+  if (!query.skipClaimRevocationCheck && outputs.isRevocationChecked === 0) {
+    throw new Error(`check revocation is required`);
+  }
+
+  checkCircuitQueriesLength(circuitId, queriesMetadata);
+
+  // verify timestamp
+  let acceptedProofGenerationDelay = defaultProofGenerationDelayOpts;
+  if (opts?.acceptedProofGenerationDelay) {
+    acceptedProofGenerationDelay = opts.acceptedProofGenerationDelay;
+  }
+
+  const timeDiff = Date.now() - getDateFromUnixTimestamp(Number(outputs.timestamp)).getTime();
+  if (timeDiff > acceptedProofGenerationDelay) {
+    throw new Error('generated proof is outdated');
+  }
+
+  return;
+}
+
+export function checkCircuitQueriesLength(circuitId: CircuitId, queriesMetadata: QueryMetadata[]) {
+  const circuitValidationData = circuitValidator[circuitId];
+
+  if (queriesMetadata.length > circuitValidationData.maxQueriesCount) {
+    throw new Error(
+      `circuit ${circuitId} supports only ${
+        circuitValidator[circuitId as CircuitId].maxQueriesCount
+      } queries`
+    );
+  }
+}
+
+export function checkCircuitOperator(circuitId: CircuitId, operator: number) {
+  const circuitValidationData = circuitValidator[circuitId];
+
+  if (!circuitValidationData.supportedOperations.includes(operator)) {
+    throw new Error(
+      `circuit ${circuitId} not support ${getOperatorNameByValue(operator)} operator`
+    );
+  }
+}
+
+export function verifyFieldValueInclusionV2(outputs: ClaimOutputs, metadata: QueryMetadata) {
+  if (outputs.operator == QueryOperators.$noop) {
+    return;
+  }
+  if (outputs.merklized === 1) {
+    if (outputs.claimPathNotExists === 1) {
+      throw new Error(`proof doesn't contains target query key`);
+    }
+
+    if (outputs.claimPathKey !== metadata.claimPathKey) {
+      throw new Error(`proof was generated for another path`);
+    }
+  } else {
+    if (outputs.slotIndex !== metadata.slotIndex) {
+      throw new Error(`wrong claim slot was used in claim`);
+    }
+  }
+}
+export function verifyFieldValueInclusionNativeExistsSupport(
+  outputs: ClaimOutputs,
+  metadata: QueryMetadata
+) {
+  if (outputs.operator == Operators.NOOP) {
+    return;
+  }
+  if (outputs.operator === Operators.EXISTS && !outputs.merklized) {
+    throw new Error('$exists operator is not supported for non-merklized credential');
+  }
+  if (outputs.merklized === 1) {
+    if (outputs.claimPathKey !== metadata.claimPathKey) {
+      throw new Error(`proof was generated for another path`);
+    }
+  } else {
+    if (outputs.slotIndex !== metadata.slotIndex) {
+      throw new Error(`wrong claim slot was used in claim`);
+    }
+  }
+}
+
+export async function validateEmptyCredentialSubjectV2Circuit(
+  cq: QueryMetadata,
+  outputs: ClaimOutputs
+) {
+  if (outputs.operator !== Operators.EQ) {
+    throw new Error('empty credentialSubject request available only for equal operation');
+  }
+  for (let index = 1; index < outputs.value.length; index++) {
+    if (outputs.value[index] !== 0n) {
+      throw new Error(`empty credentialSubject request not available for array of values`);
+    }
+  }
+  const path = Path.newPath([VerifiableConstants.CREDENTIAL_SUBJECT_PATH]);
+  const subjectEntry = await path.mtEntry();
+  if (outputs.claimPathKey !== subjectEntry) {
+    throw new Error(`proof doesn't contain credentialSubject in claimPathKey`);
+  }
+  return;
+}
+export async function validateOperators(cq: QueryMetadata, outputs: ClaimOutputs) {
+  if (outputs.operator !== cq.operator) {
+    throw new Error(`operator that was used is not equal to request`);
+  }
+  if (outputs.operator === Operators.NOOP) {
+    // for noop operator slot and value are not used in this case
+    return;
+  }
+
+  for (let index = 0; index < outputs.value.length; index++) {
+    if (outputs.value[index] !== cq.values[index]) {
+      if (outputs.value[index] === 0n && cq.values[index] === undefined) {
+        continue;
+      }
+      throw new Error(`comparison value that was used is not equal to requested in query`);
+    }
+  }
+}
+
+export async function validateDisclosureV2Circuit(
+  cq: QueryMetadata,
+  outputs: ClaimOutputs,
+  verifiablePresentation?: VerifiablePresentation,
+  ldLoader?: DocumentLoader
+) {
+  const bi = await fieldValueFromVerifiablePresentation(
+    cq.fieldName,
+    verifiablePresentation,
+    ldLoader
+  );
+  if (bi !== outputs.value[0]) {
+    throw new Error(`value that was used is not equal to requested in query`);
+  }
+
+  if (outputs.operator !== Operators.EQ) {
+    throw new Error(`operator for selective disclosure must be $eq`);
+  }
+
+  for (let index = 1; index < outputs.value.length; index++) {
+    if (outputs.value[index] !== 0n) {
+      throw new Error(`selective disclosure not available for array of values`);
+    }
+  }
+}
+
+export async function validateDisclosureNativeSDSupport(
+  cq: QueryMetadata,
+  outputs: ClaimOutputs,
+  verifiablePresentation?: VerifiablePresentation,
+  ldLoader?: DocumentLoader
+) {
+  const bi = await fieldValueFromVerifiablePresentation(
+    cq.fieldName,
+    verifiablePresentation,
+    ldLoader
+  );
+  if (bi !== outputs.operatorOutput) {
+    throw new Error(`operator output should be equal to disclosed value`);
+  }
+
+  if (outputs.operator !== Operators.SD) {
+    throw new Error(`operator for selective disclosure must be $sd`);
+  }
+
+  for (let index = 0; index < outputs.value.length; index++) {
+    if (outputs.value[index] !== 0n) {
+      throw new Error(`public signal values must be zero`);
+    }
+  }
+}
+export async function validateEmptyCredentialSubjectNoopNativeSupport(outputs: ClaimOutputs) {
+  if (outputs.operator !== Operators.NOOP) {
+    throw new Error('empty credentialSubject request available only for $noop operation');
+  }
+  for (let index = 1; index < outputs.value.length; index++) {
+    if (outputs.value[index] !== 0n) {
+      throw new Error(`empty credentialSubject request not available for array of values`);
+    }
+  }
+}
+
+export const fieldValueFromVerifiablePresentation = async (
+  fieldName: string,
+  verifiablePresentation?: VerifiablePresentation,
+  ldLoader?: DocumentLoader
+): Promise<bigint> => {
+  if (!verifiablePresentation) {
+    throw new Error(`verifiablePresentation is required for selective disclosure request`);
+  }
+
+  let mz: Merklizer;
+  const strVerifiablePresentation: string = JSON.stringify(verifiablePresentation);
+  try {
+    mz = await Merklizer.merklizeJSONLD(strVerifiablePresentation, {
+      documentLoader: ldLoader
+    });
+  } catch (e) {
+    throw new Error(`can't merklize verifiablePresentation`);
+  }
+
+  let merklizedPath: Path;
+  try {
+    const p = `verifiableCredential.credentialSubject.${fieldName}`;
+    merklizedPath = await Path.fromDocument(null, strVerifiablePresentation, p, {
+      documentLoader: ldLoader
+    });
+  } catch (e) {
+    throw new Error(`can't build path to '${fieldName}' key`);
+  }
+
+  let proof: Proof;
+  let value: MtValue | undefined;
+  try {
+    ({ proof, value } = await mz.proof(merklizedPath));
+  } catch (e) {
+    throw new Error(`can't get value by path '${fieldName}'`);
+  }
+  if (!value) {
+    throw new Error(`can't get merkle value for field '${fieldName}'`);
+  }
+
+  if (!proof.existence) {
+    throw new Error(
+      `path [${merklizedPath.parts}] doesn't exist in verifiablePresentation document`
+    );
+  }
+
+  return await value.mtEntry();
+};
+
+export function calculateGroupId(requestIds: bigint[]): bigint {
+  const types = Array(requestIds.length).fill('uint256');
+
+  const groupID =
+    BigInt(ethers.keccak256(ethers.solidityPacked(types, requestIds))) &
+    // It should fit in a field number in the circuit (max 253 bits). With this we truncate to 252 bits for the group ID
+    BigInt('0x0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF');
+
+  return groupID;
+}
+
+export function calculateRequestId(requestParams: string, creatorAddress: string): bigint {
+  // 0x0000000000000000FFFF...FF. Reserved first 8 bytes for the request Id type and future use
+  // 0x00010000000000000000...00. First 2 bytes for the request Id type
+  //    - 0x0000... for old request Ids with uint64
+  //    - 0x0001... for new request Ids with uint256
+  const requestId =
+    (BigInt(
+      ethers.keccak256(ethers.solidityPacked(['bytes', 'address'], [requestParams, creatorAddress]))
+    ) &
+      BigInt('0x0000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF')) +
+    BigInt('0x0001000000000000000000000000000000000000000000000000000000000000');
+  return requestId;
+}
+
+export function calculateMultiRequestId(
+  requestIds: bigint[],
+  groupIds: bigint[],
+  creatorAddress: string
+): bigint {
+  return BigInt(
+    ethers.keccak256(
+      ethers.solidityPacked(
+        ['uint256[]', 'uint256[]', 'address'],
+        [requestIds, groupIds, creatorAddress]
+      )
+    )
+  );
+}

package/src/schema-processor/index.ts

@@ -0,0 +1,3 @@
+export * from './utils';
+export * from './json';
+export * from './jsonld';

package/src/schema-processor/json/index.ts

@@ -0,0 +1,2 @@
+export * from './parser';
+export * from './validator';

package/src/schema-processor/json/parser.ts

@@ -0,0 +1,256 @@
+import {
+  W3CCredential,
+  getSerializationAttrFromContext,
+  parseSerializationAttr,
+  getFieldSlotIndex,
+  findCredentialType,
+  CoreClaimCreationOptions,
+  CoreClaimParsedSlots,
+  CoreClaimSlotsPaths,
+  getSerializationAttrFromParsedContext,
+  parseCoreClaimSlots
+} from '../../verifiable';
+import { Claim as CoreClaim } from '@mocanetwork/moca-iden3';
+import { Merklizer, Options } from '@iden3/js-jsonld-merklization';
+import jsonld from 'jsonld';
+
+/**
+ *
+ * @deprecated The interface should not be used. Use CoreClaimParsingOptions from verifiable package instead.
+ * CoreClaimOptions is params for core claim parsing
+ *
+ * @public
+ * @interface   CoreClaimOptions
+ */
+export type CoreClaimOptions = CoreClaimCreationOptions;
+
+/**
+ * @deprecated The interface should not be used. Use CoreClaimParsedSlots from verifiable package instead.
+ * Parsed slots of core.Claim
+ *
+ * @public
+ * @interface   ParsedSlots
+ */
+export type ParsedSlots = CoreClaimParsedSlots;
+
+/**
+ * @deprecated The interface should not be used. Use CoreClaimSlotsPaths from verifiable package instead.
+ */
+export type SlotsPaths = CoreClaimSlotsPaths;
+
+/**
+ * Serialization of data slots for the fields non-merklized claims
+ *
+ * @public
+ * @interface   SerializationSchema
+ */
+export interface SerializationSchema {
+  indexDataSlotA: string;
+  indexDataSlotB: string;
+  valueDataSlotA: string;
+  valueDataSlotB: string;
+}
+
+/**
+ * schema metadata in the json credential schema
+ *
+ * @public
+ * @interface   SchemaMetadata
+ */
+export interface SchemaMetadata {
+  uris: { [key: string]: string };
+  serialization?: SerializationSchema;
+}
+
+/**
+ * JSON credential Schema
+ *
+ * @public
+ * @interface   Schema
+ */
+export interface JSONSchema {
+  $metadata: SchemaMetadata;
+  $schema: string;
+  type: string;
+}
+
+/**
+ * Parser can parse claim and schema data according to specification
+ *
+ * @public
+ * @class Parser
+ */
+export class Parser {
+  /**
+   *  @deprecated The method should not be used. Use credential.toCoreClaim instead.
+   *  ParseClaim creates core.Claim object from W3CCredential
+   *
+   * @param {W3CCredential} credential - Verifiable Credential
+   * @param {CoreClaimOptions} [opts] - options to parse core claim
+   * @returns `Promise<CoreClaim>`
+   */
+  static async parseClaim(credential: W3CCredential, opts?: CoreClaimOptions): Promise<CoreClaim> {
+    return credential.toCoreClaim(opts);
+  }
+
+  /**
+   * @deprecated The method should not be used. Use findCredentialType from verifiable.
+   */
+  static findCredentialType(mz: Merklizer): string {
+    return findCredentialType(mz);
+  }
+
+  /**
+   *  @deprecated The method should not be used. Use credential.getSerializationAttr instead.
+   *
+   *  Get `iden3_serialization` attr definition from context document either using
+   *  type name like DeliverAddressMultiTestForked or by type id like
+   *  urn:uuid:ac2ede19-b3b9-454d-b1a9-a7b3d5763100.
+   *  */
+  static async getSerializationAttr(
+    credential: W3CCredential,
+    opts: Options,
+    tp: string
+  ): Promise<string> {
+    const ldCtx = await jsonld.processContext(
+      await jsonld.processContext(null, null, {}),
+      credential['@context'] as jsonld.JsonLdDocument,
+      opts
+    );
+
+    return getSerializationAttrFromParsedContext(
+      ldCtx as unknown as { mappings: Map<string, Record<string, unknown>> },
+      tp
+    );
+  }
+
+  /**
+   * @deprecated The method should not be used. Use getSerializationAttrFromContext from verifiable.
+   *
+   *  Get `iden3_serialization` attr definition from context document either using
+   *  type name like DeliverAddressMultiTestForked or by type id like
+   *  urn:uuid:ac2ede19-b3b9-454d-b1a9-a7b3d5763100.
+   *
+   */
+  static async getSerializationAttrFromContext(
+    context: object,
+    opts: Options,
+    tp: string
+  ): Promise<string> {
+    return getSerializationAttrFromContext(context, opts, tp);
+  }
+
+  /**
+   * @deprecated The method should not be used. Use getSerializationAttrFromParsedContext from verifiable.
+   *
+   * */
+  static async getSerializationAttrFromParsedContext(
+    ldCtx: { mappings: Map<string, Record<string, unknown>> },
+    tp: string
+  ): Promise<string> {
+    return getSerializationAttrFromParsedContext(ldCtx, tp);
+  }
+
+  /**
+   * @deprecated The method should not be used. Use parseSerializationAttr from verifiable.
+   *
+   */
+  static parseSerializationAttr(serAttr: string): SlotsPaths {
+    return parseSerializationAttr(serAttr);
+  }
+
+  /**
+   *
+   * @deprecated The method should not be used. Use credential.parseSlots instead.
+   * ParseSlots converts payload to claim slots using provided schema
+   *
+   * @param {Merklizer} mz - Merklizer
+   * @param {W3CCredential} credential - Verifiable Credential
+   * @param {string} credentialType - credential type
+   * @returns `ParsedSlots`
+   */
+  static async parseSlots(
+    mz: Merklizer,
+    credential: W3CCredential,
+    credentialType: string
+  ): Promise<{ slots: ParsedSlots; nonMerklized: boolean }> {
+    const ldCtx = await jsonld.processContext(
+      await jsonld.processContext(null, null, {}),
+      credential['@context'] as jsonld.JsonLdDocument,
+      mz.options
+    );
+
+    return parseCoreClaimSlots(
+      ldCtx as unknown as { mappings: Map<string, Record<string, unknown>> },
+      mz,
+      credentialType
+    );
+  }
+
+  /**
+   * @deprecated The method should not be used. Use getFieldSlotIndex from verifiable.
+   *
+   * GetFieldSlotIndex return index of slot from 0 to 7 (each claim has by default 8 slots) for non-merklized claims
+   *
+   * @param {string} field - field name
+   * @param {Uint8Array} schemaBytes -json schema bytes
+   * @returns `number`
+   */
+  static async getFieldSlotIndex(
+    field: string,
+    typeName: string,
+    schemaBytes: Uint8Array
+  ): Promise<number> {
+    return getFieldSlotIndex(field, typeName, schemaBytes);
+  }
+
+  /**
+   * ExtractCredentialSubjectProperties return credential subject types from JSON schema
+   *
+   * @param {string | JSON} schema - JSON schema
+   * @returns `Promise<Array<string>>`
+   */
+  static async extractCredentialSubjectProperties(schema: string): Promise<Array<string>> {
+    const parsedSchema = typeof schema === 'string' ? JSON.parse(schema) : schema;
+    const props = parsedSchema.properties?.credentialSubject?.properties;
+    if (!props) {
+      throw new Error('properties.credentialSubject.properties is not set');
+    }
+    // drop @id field
+    delete props['id'];
+    return Object.keys(props);
+  }
+
+  // /**
+  //  * GetLdPrefixesByJSONSchema return possible credential types for JSON schema
+  //  *
+  //  * @param {string} schema  - JSON schema
+  //  * @returns `Promise<Map<string, string>>`
+  //  */
+  // public static async getLdPrefixesByJSONSchema(schema: string): Promise<Map<string, string>> {
+  //   const metadata = Parser.extractMetadata(schema);
+  //   const ldURL = metadata.uris['jsonLdContext'];
+  //   if (!ldURL) {
+  //     throw new Error('jsonLdContext is not set');
+  //   }
+
+  //   const props = await Parser.extractCredentialSubjectProperties(schema);
+
+  //   let jsonLdContext;
+  //   try {
+  //     const response = await fetch(ldURL);
+  //     jsonLdContext = await response.json();
+  //   } catch (e) {
+  //     throw new Error(`failed to fetch jsonLdContext ${e}`);
+  //   }
+
+  //   let prefixes;
+  //   try {
+  //     prefixes = await LDParser.getPrefixes(jsonLdContext, false, props);
+  //   } catch (e) {
+  //     throw new Error(`failed to extract terms from jsonLdContext ${e}`);
+  //   }
+
+  //   return prefixes;
+  // }
+}