@prosopo/provider 1.0.1 → 2.0.0

package/dist/cjs/tasks/imgCaptcha/imgCaptchaTasks.cjs

@@ -0,0 +1,277 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const util$1 = require("@polkadot/util");
+const utilCrypto = require("@polkadot/util-crypto");
+const common = require("@prosopo/common");
+const datasets = require("@prosopo/datasets");
+const types = require("@prosopo/types");
+const util$2 = require("@prosopo/util");
+const util = require("../../util.cjs");
+const imgCaptchaTasksUtils = require("./imgCaptchaTasksUtils.cjs");
+class ImgCaptchaManager {
+  constructor(db, pair, logger, captchaConfig) {
+    this.db = db;
+    this.pair = pair;
+    this.logger = logger;
+    this.captchaConfig = captchaConfig;
+  }
+  async getCaptchaWithProof(datasetId, solved, size) {
+    const captchaDocs = await this.db.getRandomCaptcha(solved, datasetId, size);
+    if (!captchaDocs) {
+      throw new common.ProsopoEnvError("DATABASE.CAPTCHA_GET_FAILED", {
+        context: {
+          failedFuncName: this.getCaptchaWithProof.name,
+          datasetId,
+          solved,
+          size
+        }
+      });
+    }
+    return captchaDocs;
+  }
+  async getRandomCaptchasAndRequestHash(datasetId, userAccount) {
+    const dataset = await this.db.getDatasetDetails(datasetId);
+    if (!dataset) {
+      throw new common.ProsopoEnvError("DATABASE.DATASET_GET_FAILED", {
+        context: {
+          failedFuncName: this.getRandomCaptchasAndRequestHash.name,
+          dataset,
+          datasetId
+        }
+      });
+    }
+    const unsolvedCount = Math.abs(
+      Math.trunc(this.captchaConfig.unsolved.count)
+    );
+    const solvedCount = Math.abs(
+      Math.trunc(this.captchaConfig.solved.count)
+    );
+    if (!solvedCount) {
+      throw new common.ProsopoEnvError("CONFIG.INVALID_CAPTCHA_NUMBER");
+    }
+    const solved = await this.getCaptchaWithProof(datasetId, true, solvedCount);
+    let unsolved = [];
+    if (unsolvedCount) {
+      unsolved = await this.getCaptchaWithProof(
+        datasetId,
+        false,
+        unsolvedCount
+      );
+    }
+    const captchas = util.shuffleArray([...solved, ...unsolved]);
+    const salt = utilCrypto.randomAsHex();
+    const requestHash = datasets.computePendingRequestHash(
+      captchas.map((c) => c.captchaId),
+      userAccount,
+      salt
+    );
+    const currentTime = Date.now();
+    const signedTimestamp = util$1.u8aToHex(
+      this.pair.sign(util$1.stringToHex(currentTime.toString()))
+    );
+    const timeLimit = captchas.map((captcha) => captcha.timeLimitMs || types.DEFAULT_IMAGE_CAPTCHA_TIMEOUT).reduce((a, b) => a + b, 0);
+    const deadlineTs = timeLimit + currentTime;
+    const currentBlockNumber = 0;
+    await this.db.storeDappUserPending(
+      userAccount,
+      requestHash,
+      salt,
+      deadlineTs,
+      currentBlockNumber
+    );
+    return {
+      captchas,
+      requestHash,
+      timestamp: currentTime,
+      signedTimestamp
+    };
+  }
+  /**
+   * Validate and store the text captcha solution(s) from the Dapp User in a web2 environment
+   * @param {string} userAccount
+   * @param {string} dappAccount
+   * @param {string} requestHash
+   * @param {JSON} captchas
+   * @param {string} requestHashSignature
+   * @param timestamp
+   * @param timestampSignature
+   * @return {Promise<DappUserSolutionResult>} result containing the contract event
+   */
+  async dappUserSolution(userAccount, dappAccount, requestHash, captchas, requestHashSignature, timestamp, timestampSignature) {
+    const verification = utilCrypto.signatureVerify(
+      util$1.stringToHex(requestHash),
+      requestHashSignature,
+      userAccount
+    );
+    if (!verification.isValid) {
+      this.logger.info("Invalid requestHash signature");
+      throw new common.ProsopoEnvError("GENERAL.INVALID_SIGNATURE", {
+        context: { failedFuncName: this.dappUserSolution.name, userAccount }
+      });
+    }
+    const timestampSigVerify = utilCrypto.signatureVerify(
+      util$1.stringToHex(timestamp.toString()),
+      timestampSignature,
+      this.pair.address
+    );
+    if (!timestampSigVerify.isValid) {
+      this.logger.info("Invalid timestamp signature");
+      throw new common.ProsopoEnvError("GENERAL.INVALID_SIGNATURE", {
+        context: {
+          failedFuncName: this.dappUserSolution.name,
+          userAccount,
+          error: "timestamp signature is invalid"
+        }
+      });
+    }
+    let response = {
+      captchas: [],
+      verified: false
+    };
+    const pendingRecord = await this.db.getDappUserPending(requestHash);
+    const unverifiedCaptchaIds = captchas.map((captcha) => captcha.captchaId);
+    const pendingRequest = await this.validateDappUserSolutionRequestIsPending(
+      requestHash,
+      pendingRecord,
+      userAccount,
+      unverifiedCaptchaIds
+    );
+    console.log("Pending request", pendingRequest);
+    if (pendingRequest) {
+      const { storedCaptchas, receivedCaptchas, captchaIds } = await this.validateReceivedCaptchasAgainstStoredCaptchas(captchas);
+      const { tree, commitmentId } = imgCaptchaTasksUtils.buildTreeAndGetCommitmentId(receivedCaptchas);
+      const datasetId = util$2.at(storedCaptchas, 0).datasetId;
+      if (!datasetId) {
+        throw new common.ProsopoEnvError("CAPTCHA.ID_MISMATCH", {
+          context: { failedFuncName: this.dappUserSolution.name }
+        });
+      }
+      const userSignature = util$1.hexToU8a(requestHashSignature);
+      await this.db.updateDappUserPendingStatus(requestHash);
+      const commit = {
+        id: commitmentId,
+        userAccount,
+        dappContract: dappAccount,
+        providerAccount: this.pair.address,
+        datasetId,
+        status: types.CaptchaStatus.pending,
+        userSignature: Array.from(userSignature),
+        requestedAt: pendingRecord.requestedAtBlock,
+        // TODO is this correct or should it be block number?
+        completedAt: 0,
+        //temp
+        processed: false,
+        batched: false,
+        stored: false,
+        requestedAtTimestamp: timestamp
+      };
+      await this.db.storeDappUserSolution(receivedCaptchas, commit);
+      console.log(receivedCaptchas);
+      console.log(storedCaptchas);
+      if (datasets.compareCaptchaSolutions(receivedCaptchas, storedCaptchas)) {
+        response = {
+          captchas: captchaIds.map((id) => ({
+            captchaId: id,
+            proof: tree.proof(id)
+          })),
+          verified: true
+        };
+        await this.db.approveDappUserCommitment(commitmentId);
+      } else {
+        response = {
+          captchas: captchaIds.map((id) => ({
+            captchaId: id,
+            proof: [[]]
+          })),
+          verified: false
+        };
+      }
+    } else {
+      this.logger.info("Request hash not found");
+    }
+    return response;
+  }
+  /**
+   * Validate length of received captchas array matches length of captchas found in database
+   * Validate that the datasetId is the same for all captchas and is equal to the datasetId on the stored captchas
+   */
+  async validateReceivedCaptchasAgainstStoredCaptchas(captchas) {
+    const receivedCaptchas = datasets.parseAndSortCaptchaSolutions(captchas);
+    const captchaIds = receivedCaptchas.map((captcha) => captcha.captchaId);
+    const storedCaptchas = await this.db.getCaptchaById(captchaIds);
+    if (!storedCaptchas || receivedCaptchas.length !== storedCaptchas.length) {
+      throw new common.ProsopoEnvError("CAPTCHA.INVALID_CAPTCHA_ID", {
+        context: {
+          failedFuncName: this.validateReceivedCaptchasAgainstStoredCaptchas.name,
+          captchas
+        }
+      });
+    }
+    if (!storedCaptchas.every(
+      (captcha) => captcha.datasetId === util$2.at(storedCaptchas, 0).datasetId
+    )) {
+      throw new common.ProsopoEnvError("CAPTCHA.DIFFERENT_DATASET_IDS", {
+        context: {
+          failedFuncName: this.validateReceivedCaptchasAgainstStoredCaptchas.name,
+          captchas
+        }
+      });
+    }
+    return { storedCaptchas, receivedCaptchas, captchaIds };
+  }
+  /**
+   * Validate that a Dapp User is responding to their own pending captcha request
+   * @param {string} requestHash
+   * @param {PendingCaptchaRequest} pendingRecord
+   * @param {string} userAccount
+   * @param {string[]} captchaIds
+   */
+  async validateDappUserSolutionRequestIsPending(requestHash, pendingRecord, userAccount, captchaIds) {
+    const currentTime = Date.now();
+    if (!pendingRecord) {
+      this.logger.info("No pending record found");
+      return false;
+    }
+    if (pendingRecord.deadlineTimestamp < currentTime) {
+      this.logger.info("Deadline for responding to captcha has expired");
+      return false;
+    }
+    if (pendingRecord) {
+      const pendingHashComputed = datasets.computePendingRequestHash(
+        captchaIds,
+        userAccount,
+        pendingRecord.salt
+      );
+      return requestHash === pendingHashComputed;
+    }
+    return false;
+  }
+  /*
+   * Get dapp user solution from database
+   */
+  async getDappUserCommitmentById(commitmentId) {
+    const dappUserSolution = await this.db.getDappUserCommitmentById(commitmentId);
+    if (!dappUserSolution) {
+      throw new common.ProsopoEnvError("CAPTCHA.DAPP_USER_SOLUTION_NOT_FOUND", {
+        context: {
+          failedFuncName: this.getDappUserCommitmentById.name,
+          commitmentId
+        }
+      });
+    }
+    return dappUserSolution;
+  }
+  /* Check if dapp user has verified solution in cache */
+  async getDappUserCommitmentByAccount(userAccount) {
+    const dappUserSolutions = await this.db.getDappUserCommitmentByAccount(userAccount);
+    if (dappUserSolutions.length > 0) {
+      for (const dappUserSolution of dappUserSolutions) {
+        if (dappUserSolution.status === types.CaptchaStatus.approved) {
+          return dappUserSolution;
+        }
+      }
+    }
+    return void 0;
+  }
+}
+exports.ImgCaptchaManager = ImgCaptchaManager;

package/dist/cjs/tasks/imgCaptcha/imgCaptchaTasksUtils.cjs

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const common = require("@prosopo/common");
+const datasets = require("@prosopo/datasets");
+const buildTreeAndGetCommitmentId = (captchaSolutions) => {
+  const tree = new datasets.CaptchaMerkleTree();
+  const solutionsHashed = captchaSolutions.map(
+    (captcha) => datasets.computeCaptchaSolutionHash(captcha)
+  );
+  tree.build(solutionsHashed);
+  const commitmentId = tree.root?.hash;
+  if (!commitmentId) {
+    throw new common.ProsopoEnvError(
+      "CONTRACT.CAPTCHA_SOLUTION_COMMITMENT_DOES_NOT_EXIST",
+      {
+        context: {
+          failedFuncName: buildTreeAndGetCommitmentId.name,
+          commitmentId
+        }
+      }
+    );
+  }
+  return { tree, commitmentId };
+};
+exports.buildTreeAndGetCommitmentId = buildTreeAndGetCommitmentId;

package/dist/cjs/tasks/powCaptcha/powTasks.cjs

@@ -0,0 +1,107 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const util = require("@polkadot/util");
+const common = require("@prosopo/common");
+const types = require("@prosopo/types");
+const util$1 = require("@prosopo/util");
+const powTasksUtils = require("./powTasksUtils.cjs");
+class PowCaptchaManager {
+  constructor(pair, db) {
+    this.pair = pair;
+    this.db = db;
+    this.POW_SEPARATOR = types.POW_SEPARATOR;
+  }
+  /**
+   * @description Generates a PoW Captcha for a given user and dapp
+   *
+   * @param {string} userAccount - user that is solving the captcha
+   * @param {string} dappAccount - dapp that is requesting the captcha
+   * @param origin - not currently used
+   */
+  async getPowCaptchaChallenge(userAccount, dappAccount, origin) {
+    const difficulty = 4;
+    const timestamp = Date.now();
+    const challenge = `${timestamp}___${userAccount}___${dappAccount}`;
+    const challengeSignature = util.u8aToHex(this.pair.sign(util.stringToHex(challenge)));
+    const timestampSignature = util.u8aToHex(
+      this.pair.sign(util.stringToHex(timestamp.toString()))
+    );
+    return {
+      challenge,
+      difficulty,
+      signature: challengeSignature,
+      timestamp,
+      timestampSignature
+    };
+  }
+  /**
+   * @description Verifies a PoW Captcha for a given user and dapp
+   *
+   * @param {string} challenge - the starting string for the PoW challenge
+   * @param {string} difficulty - how many leading zeroes the solution must have
+   * @param {string} signature - proof that the Provider provided the challenge
+   * @param {string} nonce - the string that the user has found that satisfies the PoW challenge
+   * @param {number} timeout - the time in milliseconds since the Provider was selected to provide the PoW captcha
+   * @param timestampSignature
+   */
+  async verifyPowCaptchaSolution(challenge, difficulty, signature, nonce, timeout, timestampSignature) {
+    powTasksUtils.checkRecentPowSolution(challenge, timeout);
+    const challengeSplit = challenge.split(this.POW_SEPARATOR);
+    const timestamp = parseInt(util$1.at(challengeSplit, 0));
+    const userAccount = util$1.at(challengeSplit, 1);
+    const dappAccount = util$1.at(challengeSplit, 2);
+    powTasksUtils.checkPowSignature(
+      timestamp.toString(),
+      timestampSignature,
+      userAccount,
+      types.ApiParams.timestamp
+    );
+    powTasksUtils.checkPowSignature(
+      challenge,
+      signature,
+      this.pair.address,
+      types.ApiParams.challenge
+    );
+    powTasksUtils.checkPowSolution(nonce, challenge, difficulty);
+    await this.db.storePowCaptchaRecord(
+      challenge,
+      { timestamp, userAccount, dappAccount },
+      false
+    );
+    return true;
+  }
+  /**
+   * @description Verifies a PoW Captcha for a given user and dapp. This is called by the server to verify the user's solution
+   * and update the record in the database to show that the user has solved the captcha
+   *
+   * @param {string} dappAccount - the dapp that is requesting the captcha
+   * @param {string} challenge - the starting string for the PoW challenge
+   * @param {number} timeout - the time in milliseconds since the Provider was selected to provide the PoW captcha
+   */
+  async serverVerifyPowCaptchaSolution(dappAccount, challenge, timeout) {
+    const challengeRecord = await this.db.getPowCaptchaRecordByChallenge(challenge);
+    if (!challengeRecord) {
+      throw new common.ProsopoEnvError("DATABASE.CAPTCHA_GET_FAILED", {
+        context: {
+          failedFuncName: this.serverVerifyPowCaptchaSolution.name,
+          challenge
+        }
+      });
+    }
+    if (challengeRecord.checked) return false;
+    const challengeDappAccount = challengeRecord.dappAccount;
+    if (dappAccount !== challengeDappAccount) {
+      throw new common.ProsopoEnvError("CAPTCHA.DAPP_USER_SOLUTION_NOT_FOUND", {
+        context: {
+          failedFuncName: this.serverVerifyPowCaptchaSolution.name,
+          dappAccount,
+          challengeDappAccount
+        }
+      });
+    }
+    powTasksUtils.checkRecentPowSolution(challenge, timeout);
+    await this.db.updatePowCaptchaRecord(challengeRecord.challenge, true);
+    return true;
+  }
+}
+exports.PowCaptchaManager = PowCaptchaManager;

package/dist/cjs/tasks/powCaptcha/powTasksUtils.cjs

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const sha256 = require("@noble/hashes/sha256");
+const util = require("@polkadot/util");
+const utilCrypto = require("@polkadot/util-crypto");
+const common = require("@prosopo/common");
+const contract = require("@prosopo/contract");
+const validateSolution = (nonce, challenge, difficulty) => Array.from(sha256.sha256(new TextEncoder().encode(nonce + challenge))).map((byte) => byte.toString(16).padStart(2, "0")).join("").startsWith("0".repeat(difficulty));
+const checkPowSolution = (nonce, challenge, difficulty) => {
+  const solutionValid = validateSolution(nonce, challenge, difficulty);
+  if (!solutionValid) {
+    throw new common.ProsopoContractError("API.CAPTCHA_FAILED", {
+      context: {
+        ERROR: "Captcha solution is invalid",
+        failedFuncName: checkPowSolution.name,
+        nonce,
+        challenge,
+        difficulty
+      }
+    });
+  }
+};
+const checkPowSignature = (challenge, signature, address, signatureType) => {
+  const signatureVerification = utilCrypto.signatureVerify(
+    util.stringToHex(challenge),
+    signature,
+    address
+  );
+  if (!signatureVerification.isValid) {
+    throw new common.ProsopoContractError("GENERAL.INVALID_SIGNATURE", {
+      context: {
+        ERROR: `Signature is invalid for this message: ${signatureType}`,
+        failedFuncName: checkPowSignature.name,
+        signature,
+        signatureType
+      }
+    });
+  }
+};
+const checkRecentPowSolution = (challenge, timeout) => {
+  const recent = contract.verifyRecency(challenge, timeout);
+  if (!recent) {
+    throw new common.ProsopoContractError("CONTRACT.INVALID_BLOCKHASH", {
+      context: {
+        ERROR: `Block in which the Provider was selected must be within the last ${timeout / 1e3} seconds`,
+        failedFuncName: checkRecentPowSolution.name,
+        challenge
+      }
+    });
+  }
+};
+exports.checkPowSignature = checkPowSignature;
+exports.checkPowSolution = checkPowSolution;
+exports.checkRecentPowSolution = checkRecentPowSolution;
+exports.validateSolution = validateSolution;