npm - @waku/rln - Versions diffs - 0.1.4 → 0.1.5-053bb95.0 - Mend

@waku/rln 0.1.4 → 0.1.5-053bb95.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (154) hide show

package/src/contract/test-setup.ts ADDED Viewed

@@ -0,0 +1,86 @@
+import { hexToBytes } from "@waku/utils/bytes";
+import { ethers } from "ethers";
+import sinon from "sinon";
+import { createRLN } from "../create.js";
+import type { IdentityCredential } from "../identity.js";
+import { DEFAULT_RATE_LIMIT, LINEA_CONTRACT } from "./constants.js";
+import { RLNContract } from "./rln_contract.js";
+export interface TestRLNInstance {
+  rlnInstance: any;
+  identity: IdentityCredential;
+  insertMemberSpy: sinon.SinonStub;
+}
+/**
+ * Creates a test RLN instance with basic setup
+ */
+export async function createTestRLNInstance(): Promise<TestRLNInstance> {
+  const rlnInstance = await createRLN();
+  const insertMemberSpy = sinon.stub();
+  rlnInstance.zerokit.insertMember = insertMemberSpy;
+  const mockSignature =
+    "0xdeb8a6b00a8e404deb1f52d3aa72ed7f60a2ff4484c737eedaef18a0aacb2dfb4d5d74ac39bb71fa358cf2eb390565a35b026cc6272f2010d4351e17670311c21c";
+  const identity =
+    rlnInstance.zerokit.generateSeededIdentityCredential(mockSignature);
+  return {
+    rlnInstance,
+    identity,
+    insertMemberSpy
+  };
+}
+/**
+ * Initializes an RLN contract with the given registry contract
+ */
+export async function initializeRLNContract(
+  rlnInstance: any,
+  mockedRegistryContract: ethers.Contract
+): Promise<RLNContract> {
+  const provider = new ethers.providers.JsonRpcProvider();
+  const voidSigner = new ethers.VoidSigner(LINEA_CONTRACT.address, provider);
+  const originalRegister = mockedRegistryContract.register;
+  (mockedRegistryContract as any).register = function (...args: any[]) {
+    const result = originalRegister.apply(this, args);
+    if (args[0] && rlnInstance.zerokit) {
+      const idCommitmentBigInt = args[0];
+      const idCommitmentHex =
+        "0x" + idCommitmentBigInt.toString(16).padStart(64, "0");
+      const idCommitment = ethers.utils.zeroPad(
+        hexToBytes(idCommitmentHex),
+        32
+      );
+      rlnInstance.zerokit.insertMember(idCommitment);
+    }
+    return result;
+  };
+  const contract = await RLNContract.init(rlnInstance, {
+    address: LINEA_CONTRACT.address,
+    signer: voidSigner,
+    rateLimit: DEFAULT_RATE_LIMIT,
+    contract: mockedRegistryContract
+  });
+  return contract;
+}
+/**
+ * Common test message data
+ */
+export const TEST_DATA = {
+  contentTopic: "/test/1/waku-message/utf8",
+  emptyPubsubTopic: "",
+  testMessage: Uint8Array.from(
+    "Hello World".split("").map((x) => x.charCodeAt(0))
+  ),
+  mockSignature:
+    "0xdeb8a6b00a8e404deb1f52d3aa72ed7f60a2ff4484c737eedaef18a0aacb2dfb4d5d74ac39bb71fa358cf2eb390565a35b026cc6272f2010d4351e17670311c21c"
+} as const;

package/src/contract/test-utils.ts ADDED Viewed

@@ -0,0 +1,179 @@
+import { hexToBytes } from "@waku/utils/bytes";
+import { expect } from "chai";
+import * as ethers from "ethers";
+import sinon from "sinon";
+import type { IdentityCredential } from "../identity.js";
+import { DEFAULT_RATE_LIMIT, LINEA_CONTRACT } from "./constants.js";
+export const mockRateLimits = {
+  minRate: 20,
+  maxRate: 600,
+  maxTotalRate: 1200,
+  currentTotalRate: 500
+};
+type MockProvider = {
+  getLogs: () => never[];
+  getBlockNumber: () => Promise<number>;
+  getNetwork: () => Promise<{ chainId: number }>;
+};
+type MockFilters = {
+  MembershipRegistered: () => { address: string };
+  MembershipErased: () => { address: string };
+  MembershipExpired: () => { address: string };
+};
+export function createMockProvider(): MockProvider {
+  return {
+    getLogs: () => [],
+    getBlockNumber: () => Promise.resolve(1000),
+    getNetwork: () => Promise.resolve({ chainId: 11155111 })
+  };
+}
+export function createMockFilters(): MockFilters {
+  return {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+}
+type ContractOverrides = Partial<{
+  filters: Record<string, unknown>;
+  [key: string]: unknown;
+}>;
+export function createMockRegistryContract(
+  overrides: ContractOverrides = {}
+): ethers.Contract {
+  const filters = {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+  const baseContract = {
+    minMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.minRate)),
+    maxMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxRate)),
+    maxTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxTotalRate)),
+    currentTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.currentTotalRate)),
+    queryFilter: () => [],
+    provider: createMockProvider(),
+    filters,
+    on: () => ({}),
+    removeAllListeners: () => ({}),
+    register: () => ({
+      wait: () =>
+        Promise.resolve({
+          events: [mockRLNRegisteredEvent()]
+        })
+    }),
+    estimateGas: {
+      register: () => Promise.resolve(ethers.BigNumber.from(100000))
+    },
+    functions: {
+      register: () => Promise.resolve()
+    },
+    getMemberIndex: () => Promise.resolve(null),
+    interface: {
+      getEvent: (eventName: string) => ({
+        name: eventName,
+        format: () => {}
+      })
+    },
+    address: LINEA_CONTRACT.address
+  };
+  // Merge overrides while preserving filters
+  const merged = {
+    ...baseContract,
+    ...overrides,
+    filters: { ...filters, ...(overrides.filters || {}) }
+  };
+  return merged as unknown as ethers.Contract;
+}
+export function mockRLNRegisteredEvent(idCommitment?: string): ethers.Event {
+  return {
+    args: {
+      idCommitment:
+        idCommitment ||
+        "0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
+      membershipRateLimit: ethers.BigNumber.from(DEFAULT_RATE_LIMIT),
+      index: ethers.BigNumber.from(1)
+    },
+    event: "MembershipRegistered"
+  } as unknown as ethers.Event;
+}
+export function formatIdCommitment(idCommitmentBigInt: bigint): string {
+  return "0x" + idCommitmentBigInt.toString(16).padStart(64, "0");
+}
+export function createRegisterStub(
+  identity: IdentityCredential
+): sinon.SinonStub {
+  return sinon.stub().callsFake(() => ({
+    wait: () =>
+      Promise.resolve({
+        events: [
+          {
+            event: "MembershipRegistered",
+            args: {
+              idCommitment: formatIdCommitment(identity.IDCommitmentBigInt),
+              membershipRateLimit: ethers.BigNumber.from(DEFAULT_RATE_LIMIT),
+              index: ethers.BigNumber.from(1)
+            }
+          }
+        ]
+      })
+  }));
+}
+export function verifyRegistration(
+  decryptedCredentials: any,
+  identity: IdentityCredential,
+  registerStub: sinon.SinonStub,
+  insertMemberSpy: sinon.SinonStub
+): void {
+  if (!decryptedCredentials) {
+    throw new Error("Decrypted credentials should not be undefined");
+  }
+  // Verify registration call
+  expect(
+    registerStub.calledWith(
+      sinon.match.same(identity.IDCommitmentBigInt),
+      sinon.match.same(DEFAULT_RATE_LIMIT),
+      sinon.match.array,
+      sinon.match.object
+    )
+  ).to.be.true;
+  // Verify credential properties
+  expect(decryptedCredentials).to.have.property("identity");
+  expect(decryptedCredentials).to.have.property("membership");
+  expect(decryptedCredentials.membership).to.include({
+    address: LINEA_CONTRACT.address,
+    treeIndex: 1
+  });
+  // Verify member insertion
+  const expectedIdCommitment = ethers.utils.zeroPad(
+    hexToBytes(formatIdCommitment(identity.IDCommitmentBigInt)),
+    32
+  );
+  expect(insertMemberSpy.callCount).to.equal(1);
+  expect(insertMemberSpy.getCall(0).args[0]).to.deep.equal(
+    expectedIdCommitment
+  );
+}

package/src/contract/types.ts ADDED Viewed

@@ -0,0 +1,48 @@
+import { ethers } from "ethers";
+export interface CustomQueryOptions extends FetchMembersOptions {
+  membersFilter: ethers.EventFilter;
+}
+export type Member = {
+  idCommitment: string;
+  index: ethers.BigNumber;
+};
+export interface RLNContractOptions {
+  signer: ethers.Signer;
+  address: string;
+  rateLimit?: number;
+}
+export interface RLNContractInitOptions extends RLNContractOptions {
+  contract?: ethers.Contract;
+}
+export interface MembershipRegisteredEvent {
+  idCommitment: string;
+  membershipRateLimit: ethers.BigNumber;
+  index: ethers.BigNumber;
+}
+export type FetchMembersOptions = {
+  fromBlock?: number;
+  fetchRange?: number;
+  fetchChunks?: number;
+};
+export interface MembershipInfo {
+  index: ethers.BigNumber;
+  idCommitment: string;
+  rateLimit: number;
+  startBlock: number;
+  endBlock: number;
+  state: MembershipState;
+}
+export enum MembershipState {
+  Active = "Active",
+  GracePeriod = "GracePeriod",
+  Expired = "Expired",
+  ErasedAwaitsWithdrawal = "ErasedAwaitsWithdrawal"
+}

package/src/create.ts CHANGED Viewed

@@ -5,5 +5,5 @@ export async function createRLN(): Promise<RLNInstance> {
   // asynchronously. This file does the single async import, so
   // that no one else needs to worry about it again.
   const rlnModule = await import("./rln.js");
-  return rlnModule.create();
+  return rlnModule.RLNInstance.create();
 }

package/src/credentials_manager.ts ADDED Viewed

@@ -0,0 +1,282 @@
+import { hmac } from "@noble/hashes/hmac";
+import { sha256 } from "@noble/hashes/sha256";
+import { Logger } from "@waku/utils";
+import { ethers } from "ethers";
+import { LINEA_CONTRACT } from "./contract/constants.js";
+import { RLNBaseContract } from "./contract/rln_base_contract.js";
+import { IdentityCredential } from "./identity.js";
+import { Keystore } from "./keystore/index.js";
+import type {
+  DecryptedCredentials,
+  EncryptedCredentials
+} from "./keystore/index.js";
+import { KeystoreEntity, Password } from "./keystore/types.js";
+import { RegisterMembershipOptions, StartRLNOptions } from "./types.js";
+import {
+  buildBigIntFromUint8Array,
+  extractMetaMaskSigner
+} from "./utils/index.js";
+import { Zerokit } from "./zerokit.js";
+const log = new Logger("waku:credentials");
+/**
+ * Manages credentials for RLN
+ * This is a lightweight implementation of the RLN contract that doesn't require Zerokit
+ * It is used to register membership and generate identity credentials
+ */
+export class RLNCredentialsManager {
+  protected started = false;
+  protected starting = false;
+  public contract: undefined | RLNBaseContract;
+  public signer: undefined | ethers.Signer;
+  protected keystore = Keystore.create();
+  public credentials: undefined | DecryptedCredentials;
+  public zerokit: undefined | Zerokit;
+  public constructor(zerokit?: Zerokit) {
+    log.info("RLNCredentialsManager initialized");
+    this.zerokit = zerokit;
+  }
+  public get provider(): undefined | ethers.providers.Provider {
+    return this.contract?.provider;
+  }
+  public async start(options: StartRLNOptions = {}): Promise<void> {
+    if (this.started || this.starting) {
+      log.info("RLNCredentialsManager already started or starting");
+      return;
+    }
+    log.info("Starting RLNCredentialsManager");
+    this.starting = true;
+    try {
+      const { credentials, keystore } =
+        await RLNCredentialsManager.decryptCredentialsIfNeeded(
+          options.credentials
+        );
+      if (credentials) {
+        log.info("Credentials successfully decrypted");
+      }
+      const { signer, address, rateLimit } = await this.determineStartOptions(
+        options,
+        credentials
+      );
+      log.info(`Using contract address: ${address}`);
+      if (keystore) {
+        this.keystore = keystore;
+        log.info("Using provided keystore");
+      }
+      this.credentials = credentials;
+      this.signer = signer!;
+      this.contract = new RLNBaseContract({
+        address: address!,
+        signer: signer!,
+        rateLimit: rateLimit ?? this.zerokit?.rateLimit
+      });
+      log.info("RLNCredentialsManager successfully started");
+      this.started = true;
+    } catch (error) {
+      log.error("Failed to start RLNCredentialsManager", error);
+      throw error;
+    } finally {
+      this.starting = false;
+    }
+  }
+  public async registerMembership(
+    options: RegisterMembershipOptions
+  ): Promise<undefined | DecryptedCredentials> {
+    if (!this.contract) {
+      log.error("RLN Contract is not initialized");
+      throw Error("RLN Contract is not initialized.");
+    }
+    log.info("Registering membership");
+    let identity = "identity" in options && options.identity;
+    if ("signature" in options) {
+      log.info("Generating identity from signature");
+      if (this.zerokit) {
+        log.info("Using Zerokit to generate identity");
+        identity = this.zerokit.generateSeededIdentityCredential(
+          options.signature
+        );
+      } else {
+        log.info("Using local implementation to generate identity");
+        identity = this.generateSeededIdentityCredential(options.signature);
+      }
+    }
+    if (!identity) {
+      log.error("Missing signature or identity to register membership");
+      throw Error("Missing signature or identity to register membership.");
+    }
+    log.info("Registering identity with contract");
+    return this.contract.registerWithIdentity(identity);
+  }
+  /**
+   * Changes credentials in use by relying on provided Keystore earlier in rln.start
+   * @param id: string, hash of credentials to select from Keystore
+   * @param password: string or bytes to use to decrypt credentials from Keystore
+   */
+  public async useCredentials(id: string, password: Password): Promise<void> {
+    log.info(`Attempting to use credentials with ID: ${id}`);
+    this.credentials = await this.keystore?.readCredential(id, password);
+    if (this.credentials) {
+      log.info("Successfully loaded credentials");
+    } else {
+      log.warn("Failed to load credentials");
+    }
+  }
+  protected async determineStartOptions(
+    options: StartRLNOptions,
+    credentials: KeystoreEntity | undefined
+  ): Promise<StartRLNOptions> {
+    let chainId = credentials?.membership.chainId;
+    const address =
+      credentials?.membership.address ||
+      options.address ||
+      LINEA_CONTRACT.address;
+    if (address === LINEA_CONTRACT.address) {
+      chainId = LINEA_CONTRACT.chainId;
+      log.info(`Using Linea contract with chainId: ${chainId}`);
+    }
+    const signer = options.signer || (await extractMetaMaskSigner());
+    const currentChainId = await signer.getChainId();
+    log.info(`Current chain ID: ${currentChainId}`);
+    if (chainId && chainId !== currentChainId.toString()) {
+      log.error(
+        `Chain ID mismatch: contract=${chainId}, current=${currentChainId}`
+      );
+      throw Error(
+        `Failed to start RLN contract, chain ID of contract is different from current one: contract-${chainId}, current network-${currentChainId}`
+      );
+    }
+    return {
+      signer,
+      address
+    };
+  }
+  protected static async decryptCredentialsIfNeeded(
+    credentials?: EncryptedCredentials | DecryptedCredentials
+  ): Promise<{ credentials?: DecryptedCredentials; keystore?: Keystore }> {
+    if (!credentials) {
+      log.info("No credentials provided");
+      return {};
+    }
+    if ("identity" in credentials) {
+      log.info("Using already decrypted credentials");
+      return { credentials };
+    }
+    log.info("Attempting to decrypt credentials");
+    const keystore = Keystore.fromString(credentials.keystore);
+    if (!keystore) {
+      log.warn("Failed to create keystore from string");
+      return {};
+    }
+    try {
+      const decryptedCredentials = await keystore.readCredential(
+        credentials.id,
+        credentials.password
+      );
+      log.info(`Successfully decrypted credentials with ID: ${credentials.id}`);
+      return {
+        keystore,
+        credentials: decryptedCredentials
+      };
+    } catch (error) {
+      log.error("Failed to decrypt credentials", error);
+      throw error;
+    }
+  }
+  protected async verifyCredentialsAgainstContract(
+    credentials: KeystoreEntity
+  ): Promise<void> {
+    if (!this.contract) {
+      throw Error(
+        "Failed to verify chain coordinates: no contract initialized."
+      );
+    }
+    const registryAddress = credentials.membership.address;
+    const currentRegistryAddress = this.contract.address;
+    if (registryAddress !== currentRegistryAddress) {
+      throw Error(
+        `Failed to verify chain coordinates: credentials contract address=${registryAddress} is not equal to registryContract address=${currentRegistryAddress}`
+      );
+    }
+    const chainId = credentials.membership.chainId;
+    const network = await this.contract.provider.getNetwork();
+    const currentChainId = network.chainId;
+    if (chainId !== currentChainId.toString()) {
+      throw Error(
+        `Failed to verify chain coordinates: credentials chainID=${chainId} is not equal to registryContract chainID=${currentChainId}`
+      );
+    }
+  }
+  /**
+   * Generates an identity credential from a seed string
+   * This is a pure implementation that doesn't rely on Zerokit
+   * @param seed A string seed to generate the identity from
+   * @returns IdentityCredential
+   */
+  private generateSeededIdentityCredential(seed: string): IdentityCredential {
+    log.info("Generating seeded identity credential");
+    // Convert the seed to bytes
+    const encoder = new TextEncoder();
+    const seedBytes = encoder.encode(seed);
+    // Generate deterministic values using HMAC-SHA256
+    // We use different context strings for each component to ensure they're different
+    const idTrapdoor = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
+    const idNullifier = hmac(sha256, seedBytes, encoder.encode("IDNullifier"));
+    // Generate IDSecretHash as a hash of IDTrapdoor and IDNullifier
+    const combinedBytes = new Uint8Array([...idTrapdoor, ...idNullifier]);
+    const idSecretHash = sha256(combinedBytes);
+    // Generate IDCommitment as a hash of IDSecretHash
+    const idCommitment = sha256(idSecretHash);
+    // Convert IDCommitment to BigInt
+    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment);
+    log.info("Successfully generated identity credential");
+    return new IdentityCredential(
+      idTrapdoor,
+      idNullifier,
+      idSecretHash,
+      idCommitment,
+      idCommitmentBigInt
+    );
+  }
+}

package/src/identity.ts CHANGED Viewed

@@ -28,4 +28,13 @@ export class IdentityCredential {
       idCommitmentBigInt
     );
   }
+  public toJSON(): Record<string, number[]> {
+    return {
+      idTrapdoor: Array.from(this.IDTrapdoor),
+      idNullifier: Array.from(this.IDNullifier),
+      idSecretHash: Array.from(this.IDSecretHash),
+      idCommitment: Array.from(this.IDCommitment)
+    };
+  }
 }

package/src/index.ts CHANGED Viewed

@@ -1,7 +1,9 @@
 import { RLNDecoder, RLNEncoder } from "./codec.js";
 import { RLN_ABI } from "./contract/abi.js";
-import { RLNContract, SEPOLIA_CONTRACT } from "./contract/index.js";
+import { LINEA_CONTRACT, RLNContract } from "./contract/index.js";
+import { RLNBaseContract } from "./contract/rln_base_contract.js";
 import { createRLN } from "./create.js";
+import { RLNCredentialsManager } from "./credentials_manager.js";
 import { IdentityCredential } from "./identity.js";
 import { Keystore } from "./keystore/index.js";
 import { Proof } from "./proof.js";
@@ -10,6 +12,8 @@ import { MerkleRootTracker } from "./root_tracker.js";
 import { extractMetaMaskSigner } from "./utils/index.js";
 export {
+  RLNCredentialsManager,
+  RLNBaseContract,
   createRLN,
   Keystore,
   RLNInstance,
@@ -19,7 +23,18 @@ export {
   RLNDecoder,
   MerkleRootTracker,
   RLNContract,
-  SEPOLIA_CONTRACT,
+  LINEA_CONTRACT,
   extractMetaMaskSigner,
   RLN_ABI
 };
+export type {
+  DecryptedCredentials,
+  EncryptedCredentials,
+  Keccak256Hash,
+  KeystoreEntity,
+  MembershipHash,
+  MembershipInfo,
+  Password,
+  Sha256Hash
+} from "./keystore/types.js";