@waku/rln 0.0.2-3ab8023.0 → 0.0.2-6cb9c9c.0

package/src/rln_light.ts

@@ -0,0 +1,298 @@
+import { Logger } from "@waku/utils";
+import { ethers } from "ethers";
+
+import { RLNContract } from "./contract/index.js";
+import { IdentityCredential } from "./identity.js";
+import { IdentityGenerator } from "./identity_generator.js";
+import { Keystore } from "./keystore/index.js";
+import type {
+  DecryptedCredentials,
+  EncryptedCredentials
+} from "./keystore/index.js";
+import { KeystoreEntity, Password } from "./keystore/types.js";
+import { extractMetaMaskSigner } from "./utils/index.js";
+
+const log = new Logger("waku:rln-light");
+
+/**
+ * Options for starting the RLNLight instance
+ */
+type StartRLNLightOptions = {
+  /**
+   * If not set - will extract MetaMask account and get signer from it.
+   */
+  signer?: ethers.Signer;
+  /**
+   * If not set - will use default SEPOLIA_CONTRACT address.
+   */
+  address?: string;
+  /**
+   * Credentials to use for membership registration.
+   * If provided used for validating the network chainId and connecting to registry contract.
+   */
+  credentials?: EncryptedCredentials | DecryptedCredentials;
+  /**
+   * Rate limit for the member.
+   */
+  rateLimit?: number;
+};
+
+/**
+ * Options for registering membership
+ */
+type RegisterMembershipOptions =
+  | { signature: string }
+  | { identity: IdentityCredential };
+
+/**
+ * Lightweight RLN implementation without Zerokit
+ * Only supports Keystore and membership registration
+ */
+export class RLNLight {
+  private started = false;
+  private starting = false;
+
+  private _contract: undefined | RLNContract;
+  private _signer: undefined | ethers.Signer;
+
+  private keystore = Keystore.create();
+  private _credentials: undefined | DecryptedCredentials;
+  private identityGenerator = new IdentityGenerator();
+
+  public get contract(): undefined | RLNContract {
+    return this._contract;
+  }
+
+  public get signer(): undefined | ethers.Signer {
+    return this._signer;
+  }
+
+  /**
+   * Get the current credentials
+   */
+  public get credentials(): undefined | DecryptedCredentials {
+    return this._credentials;
+  }
+
+  /**
+   * Start the RLNLight instance
+   * @param options Configuration options
+   */
+  public async start(options: StartRLNLightOptions = {}): Promise<void> {
+    if (this.started || this.starting) {
+      log.warn("RLNLight already started or starting");
+      return;
+    }
+
+    this.starting = true;
+
+    try {
+      // Determine correct options based on credentials, if any
+      const keystoreCredentials = options.address
+        ? await this.findCredentialsByAddress(options.address)
+        : undefined;
+
+      const { address, signer, rateLimit } = await this.determineStartOptions(
+        options,
+        keystoreCredentials
+      );
+
+      // Set the signer
+      if (signer) {
+        this._signer = signer;
+      } else {
+        this._signer = await extractMetaMaskSigner();
+      }
+
+      const contractOptions = {
+        signer: this._signer,
+        address: address!,
+        rateLimit: rateLimit!
+      };
+
+      // We need to create a minimal compatible object with RLNInstance interface
+      // but we only need it for contract initialization
+      const compatibleRLN = {
+        zerokit: {
+          getMerkleRoot: () => new Uint8Array(32),
+          insertMember: (_idCommitment: Uint8Array) => {},
+          insertMembers: (
+            _index: number,
+            ..._idCommitments: Array<Uint8Array>
+          ) => {},
+          deleteMember: (_index: number) => {}
+        }
+      };
+
+      this._contract = await RLNContract.init(
+        // Type assertion needed for compatibility with RLNInstance interface
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        compatibleRLN as any,
+        contractOptions
+      );
+
+      this.started = true;
+    } catch (error) {
+      log.error("Failed to start RLNLight:", error);
+      throw error;
+    } finally {
+      this.starting = false;
+    }
+  }
+
+  /**
+   * Find credentials in the keystore by contract address
+   */
+  private async findCredentialsByAddress(
+    address: string
+  ): Promise<KeystoreEntity | undefined> {
+    // Since Keystore doesn't have a direct method to find by address,
+    // we need to iterate through all credentials
+    const hashes = this.keystore.keys();
+
+    for (const hash of hashes) {
+      try {
+        // Try with an empty password - this won't work but lets us check schema
+        const credential = await this.keystore.readCredential(
+          hash,
+          new Uint8Array(0)
+        );
+        if (credential?.membership.address === address) {
+          return credential;
+        }
+      } catch (e) {
+        // Ignore errors, just means we couldn't read this credential
+      }
+    }
+
+    return undefined;
+  }
+
+  /**
+   * Determine the correct options for starting RLNLight
+   */
+  private async determineStartOptions(
+    options: StartRLNLightOptions,
+    credentials: KeystoreEntity | undefined
+  ): Promise<StartRLNLightOptions> {
+    if (options.credentials) {
+      const { credentials: decrypted } =
+        await RLNLight.decryptCredentialsIfNeeded(options.credentials);
+
+      if (decrypted?.membership) {
+        this._credentials = decrypted;
+        return {
+          ...options,
+          address: decrypted.membership.address
+        };
+      }
+    } else if (credentials) {
+      return {
+        ...options,
+        address: credentials.membership.address
+      };
+    }
+
+    return options;
+  }
+
+  /**
+   * Decrypt credentials if they are encrypted
+   */
+  private static async decryptCredentialsIfNeeded(
+    credentials?: EncryptedCredentials | DecryptedCredentials
+  ): Promise<{ credentials?: DecryptedCredentials; keystore?: Keystore }> {
+    if (!credentials) {
+      return {};
+    }
+
+    if ("identity" in credentials) {
+      return { credentials };
+    } else {
+      const keystore = Keystore.create();
+      try {
+        const decrypted = await keystore.readCredential(
+          credentials.id,
+          credentials.password
+        );
+
+        if (!decrypted) {
+          return {};
+        }
+
+        return {
+          credentials: {
+            identity: decrypted.identity,
+            membership: decrypted.membership
+          },
+          keystore
+        };
+      } catch (e) {
+        log.error("Failed to decrypt credentials", e);
+        return {};
+      }
+    }
+  }
+
+  /**
+   * Register a membership using an identity or signature
+   * @param options Options including identity or signature
+   * @returns Decrypted credentials if successful
+   */
+  public async registerMembership(
+    options: RegisterMembershipOptions
+  ): Promise<undefined | DecryptedCredentials> {
+    if (!this.contract) {
+      throw Error("RLN Contract is not initialized.");
+    }
+
+    let identity = "identity" in options && options.identity;
+
+    if ("signature" in options) {
+      identity = this.identityGenerator.generateSeededIdentityCredential(
+        options.signature
+      );
+    }
+
+    if (!identity) {
+      throw Error("Missing signature or identity to register membership.");
+    }
+
+    return this.contract.registerWithIdentity(identity);
+  }
+
+  /**
+   * Changes credentials in use by relying on provided Keystore
+   * @param id Hash of credentials to select from Keystore
+   * @param password Password to decrypt credentials from Keystore
+   */
+  public async useCredentials(id: string, password: Password): Promise<void> {
+    const decrypted = await this.keystore.readCredential(id, password);
+
+    if (!decrypted) {
+      throw new Error("Credentials not found or incorrect password");
+    }
+
+    this._credentials = {
+      identity: decrypted.identity,
+      membership: decrypted.membership
+    };
+  }
+
+  /**
+   * Generate a new identity credential
+   * @returns New identity credential
+   */
+  public generateIdentityCredential(): IdentityCredential {
+    return this.identityGenerator.generateIdentityCredentials();
+  }
+
+  /**
+   * Generate a seeded identity credential
+   * @param seed Seed string to generate deterministic identity
+   * @returns Seeded identity credential
+   */
+  public generateSeededIdentityCredential(seed: string): IdentityCredential {
+    return this.identityGenerator.generateSeededIdentityCredential(seed);
+  }
+}