@waku/rln 0.1.4 → 0.1.5-6198efb.0

package/src/contract/test-setup.ts

@@ -0,0 +1,86 @@
+import { hexToBytes } from "@waku/utils/bytes";
+import { ethers } from "ethers";
+import sinon from "sinon";
+
+import { createRLN } from "../create.js";
+import type { IdentityCredential } from "../identity.js";
+
+import { DEFAULT_RATE_LIMIT, LINEA_CONTRACT } from "./constants.js";
+import { RLNContract } from "./rln_contract.js";
+
+export interface TestRLNInstance {
+  rlnInstance: any;
+  identity: IdentityCredential;
+  insertMemberSpy: sinon.SinonStub;
+}
+
+/**
+ * Creates a test RLN instance with basic setup
+ */
+export async function createTestRLNInstance(): Promise<TestRLNInstance> {
+  const rlnInstance = await createRLN();
+  const insertMemberSpy = sinon.stub();
+  rlnInstance.zerokit.insertMember = insertMemberSpy;
+
+  const mockSignature =
+    "0xdeb8a6b00a8e404deb1f52d3aa72ed7f60a2ff4484c737eedaef18a0aacb2dfb4d5d74ac39bb71fa358cf2eb390565a35b026cc6272f2010d4351e17670311c21c";
+  const identity =
+    rlnInstance.zerokit.generateSeededIdentityCredential(mockSignature);
+
+  return {
+    rlnInstance,
+    identity,
+    insertMemberSpy
+  };
+}
+
+/**
+ * Initializes an RLN contract with the given registry contract
+ */
+export async function initializeRLNContract(
+  rlnInstance: any,
+  mockedRegistryContract: ethers.Contract
+): Promise<RLNContract> {
+  const provider = new ethers.providers.JsonRpcProvider();
+  const voidSigner = new ethers.VoidSigner(LINEA_CONTRACT.address, provider);
+
+  const originalRegister = mockedRegistryContract.register;
+  (mockedRegistryContract as any).register = function (...args: any[]) {
+    const result = originalRegister.apply(this, args);
+
+    if (args[0] && rlnInstance.zerokit) {
+      const idCommitmentBigInt = args[0];
+      const idCommitmentHex =
+        "0x" + idCommitmentBigInt.toString(16).padStart(64, "0");
+      const idCommitment = ethers.utils.zeroPad(
+        hexToBytes(idCommitmentHex),
+        32
+      );
+      rlnInstance.zerokit.insertMember(idCommitment);
+    }
+
+    return result;
+  };
+
+  const contract = await RLNContract.init(rlnInstance, {
+    address: LINEA_CONTRACT.address,
+    signer: voidSigner,
+    rateLimit: DEFAULT_RATE_LIMIT,
+    contract: mockedRegistryContract
+  });
+
+  return contract;
+}
+
+/**
+ * Common test message data
+ */
+export const TEST_DATA = {
+  contentTopic: "/test/1/waku-message/utf8",
+  emptyPubsubTopic: "",
+  testMessage: Uint8Array.from(
+    "Hello World".split("").map((x) => x.charCodeAt(0))
+  ),
+  mockSignature:
+    "0xdeb8a6b00a8e404deb1f52d3aa72ed7f60a2ff4484c737eedaef18a0aacb2dfb4d5d74ac39bb71fa358cf2eb390565a35b026cc6272f2010d4351e17670311c21c"
+} as const;

package/src/contract/test-utils.ts

@@ -0,0 +1,179 @@
+import { hexToBytes } from "@waku/utils/bytes";
+import { expect } from "chai";
+import * as ethers from "ethers";
+import sinon from "sinon";
+
+import type { IdentityCredential } from "../identity.js";
+
+import { DEFAULT_RATE_LIMIT, LINEA_CONTRACT } from "./constants.js";
+
+export const mockRateLimits = {
+  minRate: 20,
+  maxRate: 600,
+  maxTotalRate: 1200,
+  currentTotalRate: 500
+};
+
+type MockProvider = {
+  getLogs: () => never[];
+  getBlockNumber: () => Promise<number>;
+  getNetwork: () => Promise<{ chainId: number }>;
+};
+
+type MockFilters = {
+  MembershipRegistered: () => { address: string };
+  MembershipErased: () => { address: string };
+  MembershipExpired: () => { address: string };
+};
+
+export function createMockProvider(): MockProvider {
+  return {
+    getLogs: () => [],
+    getBlockNumber: () => Promise.resolve(1000),
+    getNetwork: () => Promise.resolve({ chainId: 11155111 })
+  };
+}
+
+export function createMockFilters(): MockFilters {
+  return {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+}
+
+type ContractOverrides = Partial<{
+  filters: Record<string, unknown>;
+  [key: string]: unknown;
+}>;
+
+export function createMockRegistryContract(
+  overrides: ContractOverrides = {}
+): ethers.Contract {
+  const filters = {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+
+  const baseContract = {
+    minMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.minRate)),
+    maxMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxRate)),
+    maxTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxTotalRate)),
+    currentTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.currentTotalRate)),
+    queryFilter: () => [],
+    provider: createMockProvider(),
+    filters,
+    on: () => ({}),
+    removeAllListeners: () => ({}),
+    register: () => ({
+      wait: () =>
+        Promise.resolve({
+          events: [mockRLNRegisteredEvent()]
+        })
+    }),
+    estimateGas: {
+      register: () => Promise.resolve(ethers.BigNumber.from(100000))
+    },
+    functions: {
+      register: () => Promise.resolve()
+    },
+    getMemberIndex: () => Promise.resolve(null),
+    interface: {
+      getEvent: (eventName: string) => ({
+        name: eventName,
+        format: () => {}
+      })
+    },
+    address: LINEA_CONTRACT.address
+  };
+
+  // Merge overrides while preserving filters
+  const merged = {
+    ...baseContract,
+    ...overrides,
+    filters: { ...filters, ...(overrides.filters || {}) }
+  };
+
+  return merged as unknown as ethers.Contract;
+}
+
+export function mockRLNRegisteredEvent(idCommitment?: string): ethers.Event {
+  return {
+    args: {
+      idCommitment:
+        idCommitment ||
+        "0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
+      membershipRateLimit: ethers.BigNumber.from(DEFAULT_RATE_LIMIT),
+      index: ethers.BigNumber.from(1)
+    },
+    event: "MembershipRegistered"
+  } as unknown as ethers.Event;
+}
+
+export function formatIdCommitment(idCommitmentBigInt: bigint): string {
+  return "0x" + idCommitmentBigInt.toString(16).padStart(64, "0");
+}
+
+export function createRegisterStub(
+  identity: IdentityCredential
+): sinon.SinonStub {
+  return sinon.stub().callsFake(() => ({
+    wait: () =>
+      Promise.resolve({
+        events: [
+          {
+            event: "MembershipRegistered",
+            args: {
+              idCommitment: formatIdCommitment(identity.IDCommitmentBigInt),
+              rateLimit: DEFAULT_RATE_LIMIT,
+              index: ethers.BigNumber.from(1)
+            }
+          }
+        ]
+      })
+  }));
+}
+
+export function verifyRegistration(
+  decryptedCredentials: any,
+  identity: IdentityCredential,
+  registerStub: sinon.SinonStub,
+  insertMemberSpy: sinon.SinonStub
+): void {
+  if (!decryptedCredentials) {
+    throw new Error("Decrypted credentials should not be undefined");
+  }
+
+  // Verify registration call
+  expect(
+    registerStub.calledWith(
+      sinon.match.same(identity.IDCommitmentBigInt),
+      sinon.match.same(DEFAULT_RATE_LIMIT),
+      sinon.match.array,
+      sinon.match.object
+    )
+  ).to.be.true;
+
+  // Verify credential properties
+  expect(decryptedCredentials).to.have.property("identity");
+  expect(decryptedCredentials).to.have.property("membership");
+  expect(decryptedCredentials.membership).to.include({
+    address: LINEA_CONTRACT.address,
+    treeIndex: 1
+  });
+
+  // Verify member insertion
+  const expectedIdCommitment = ethers.utils.zeroPad(
+    hexToBytes(formatIdCommitment(identity.IDCommitmentBigInt)),
+    32
+  );
+  expect(insertMemberSpy.callCount).to.equal(1);
+  expect(insertMemberSpy.getCall(0).args[0]).to.deep.equal(
+    expectedIdCommitment
+  );
+}

package/src/index.ts

@@ -1,15 +1,19 @@
 import { RLNDecoder, RLNEncoder } from "./codec.js";
 import { RLN_ABI } from "./contract/abi.js";
-import { RLNContract, SEPOLIA_CONTRACT } from "./contract/index.js";
+import { LINEA_CONTRACT, RLNContract } from "./contract/index.js";
+import { RLNLightContract } from "./contract/rln_light_contract.js";
 import { createRLN } from "./create.js";
 import { IdentityCredential } from "./identity.js";
 import { Keystore } from "./keystore/index.js";
 import { Proof } from "./proof.js";
 import { RLNInstance } from "./rln.js";
+import { RLNLightInstance } from "./rln_light.js";
 import { MerkleRootTracker } from "./root_tracker.js";
 import { extractMetaMaskSigner } from "./utils/index.js";
 
 export {
+  RLNLightInstance,
+  RLNLightContract,
   createRLN,
   Keystore,
   RLNInstance,
@@ -19,7 +23,18 @@ export {
   RLNDecoder,
   MerkleRootTracker,
   RLNContract,
-  SEPOLIA_CONTRACT,
+  LINEA_CONTRACT,
   extractMetaMaskSigner,
   RLN_ABI
 };
+
+export type {
+  DecryptedCredentials,
+  EncryptedCredentials,
+  Keccak256Hash,
+  KeystoreEntity,
+  MembershipHash,
+  MembershipInfo,
+  Password,
+  Sha256Hash
+} from "./keystore/types.js";

package/src/keystore/keystore.ts

@@ -274,7 +274,8 @@ export class Keystore {
         membership: {
           treeIndex: _.get(obj, "treeIndex"),
           chainId: _.get(obj, "membershipContract.chainId"),
-          address: _.get(obj, "membershipContract.address")
+          address: _.get(obj, "membershipContract.address"),
+          rateLimit: _.get(obj, "membershipContract.rateLimit")
         }
       };
     } catch (err) {

package/src/keystore/types.ts

@@ -11,6 +11,7 @@ export type MembershipInfo = {
   chainId: number;
   address: string;
   treeIndex: number;
+  rateLimit: number;
 };
 
 export type KeystoreEntity = {

package/src/rln.ts

@@ -16,7 +16,7 @@ import {
   type RLNEncoder
 } from "./codec.js";
 import { DEFAULT_RATE_LIMIT } from "./contract/constants.js";
-import { RLNContract, SEPOLIA_CONTRACT } from "./contract/index.js";
+import { LINEA_CONTRACT, RLNContract } from "./contract/index.js";
 import { IdentityCredential } from "./identity.js";
 import { Keystore } from "./keystore/index.js";
 import type {
@@ -108,7 +108,7 @@ type StartRLNOptions = {
    */
   signer?: ethers.Signer;
   /**
-   * If not set - will use default SEPOLIA_CONTRACT address.
+   * If not set - will use default LINEA_CONTRACT address.
    */
   address?: string;
   /**
@@ -160,7 +160,7 @@ export class RLNInstance {
     try {
       const { credentials, keystore } =
         await RLNInstance.decryptCredentialsIfNeeded(options.credentials);
-      const { signer, address } = await this.determineStartOptions(
+      const { signer, address, rateLimit } = await this.determineStartOptions(
         options,
         credentials
       );
@@ -174,7 +174,7 @@ export class RLNInstance {
       this._contract = await RLNContract.init(this, {
         address: address!,
         signer: signer!,
-        rateLimit: options.rateLimit ?? this.zerokit.getRateLimit
+        rateLimit: rateLimit ?? this.zerokit.getRateLimit
       });
       this.started = true;
     } finally {
@@ -190,10 +190,10 @@ export class RLNInstance {
     const address =
       credentials?.membership.address ||
       options.address ||
-      SEPOLIA_CONTRACT.address;
+      LINEA_CONTRACT.address;
 
-    if (address === SEPOLIA_CONTRACT.address) {
-      chainId = SEPOLIA_CONTRACT.chainId;
+    if (address === LINEA_CONTRACT.address) {
+      chainId = LINEA_CONTRACT.chainId;
     }
 
     const signer = options.signer || (await extractMetaMaskSigner());

package/src/rln_light.ts

@@ -0,0 +1,235 @@
+import { hmac } from "@noble/hashes/hmac";
+import { sha256 } from "@noble/hashes/sha256";
+import { Logger } from "@waku/utils";
+import { ethers } from "ethers";
+
+import { LINEA_CONTRACT } from "./contract/constants.js";
+import { RLNLightContract } from "./contract/rln_light_contract.js";
+import { IdentityCredential } from "./identity.js";
+import { Keystore } from "./keystore/index.js";
+import type {
+  DecryptedCredentials,
+  EncryptedCredentials
+} from "./keystore/index.js";
+import { KeystoreEntity, Password } from "./keystore/types.js";
+import {
+  buildBigIntFromUint8Array,
+  extractMetaMaskSigner
+} from "./utils/index.js";
+
+const log = new Logger("waku:rln");
+
+/**
+ * Create an instance of RLN
+ * @returns RLNInstance
+ */
+export async function create(): Promise<RLNLightInstance> {
+  try {
+    return new RLNLightInstance();
+  } catch (error) {
+    log.error("Failed to initialize RLN:", error);
+    throw error;
+  }
+}
+
+type StartRLNOptions = {
+  /**
+   * If not set - will extract MetaMask account and get signer from it.
+   */
+  signer?: ethers.Signer;
+  /**
+   * If not set - will use default SEPOLIA_CONTRACT address.
+   */
+  address?: string;
+  /**
+   * Credentials to use for generating proofs and connecting to the contract and network.
+   * If provided used for validating the network chainId and connecting to registry contract.
+   */
+  credentials?: EncryptedCredentials | DecryptedCredentials;
+  /**
+   * Rate limit for the member.
+   */
+  rateLimit?: number;
+};
+
+type RegisterMembershipOptions =
+  | { signature: string }
+  | { identity: IdentityCredential };
+
+export class RLNLightInstance {
+  private started = false;
+  private starting = false;
+
+  private _contract: undefined | RLNLightContract;
+  private _signer: undefined | ethers.Signer;
+
+  private keystore = Keystore.create();
+  private _credentials: undefined | DecryptedCredentials;
+
+  public constructor() {}
+
+  public get contract(): undefined | RLNLightContract {
+    return this._contract;
+  }
+
+  public get signer(): undefined | ethers.Signer {
+    return this._signer;
+  }
+
+  public async start(options: StartRLNOptions = {}): Promise<void> {
+    if (this.started || this.starting) {
+      return;
+    }
+
+    this.starting = true;
+
+    try {
+      const { credentials, keystore } =
+        await RLNLightInstance.decryptCredentialsIfNeeded(options.credentials);
+      const { signer, address, rateLimit } = await this.determineStartOptions(
+        options,
+        credentials
+      );
+
+      if (keystore) {
+        this.keystore = keystore;
+      }
+
+      this._credentials = credentials;
+      this._signer = signer!;
+      this._contract = await RLNLightContract.init({
+        address: address!,
+        signer: signer!,
+        rateLimit: rateLimit
+      });
+      this.started = true;
+    } finally {
+      this.starting = false;
+    }
+  }
+
+  public get credentials(): DecryptedCredentials | undefined {
+    return this._credentials;
+  }
+
+  private async determineStartOptions(
+    options: StartRLNOptions,
+    credentials: KeystoreEntity | undefined
+  ): Promise<StartRLNOptions> {
+    let chainId = credentials?.membership.chainId;
+    const address =
+      credentials?.membership.address ||
+      options.address ||
+      LINEA_CONTRACT.address;
+
+    if (address === LINEA_CONTRACT.address) {
+      chainId = LINEA_CONTRACT.chainId;
+    }
+
+    const signer = options.signer || (await extractMetaMaskSigner());
+    const currentChainId = await signer.getChainId();
+
+    if (chainId && chainId !== currentChainId) {
+      throw Error(
+        `Failed to start RLN contract, chain ID of contract is different from current one: contract-${chainId}, current network-${currentChainId}`
+      );
+    }
+
+    return {
+      signer,
+      address
+    };
+  }
+
+  private static async decryptCredentialsIfNeeded(
+    credentials?: EncryptedCredentials | DecryptedCredentials
+  ): Promise<{ credentials?: DecryptedCredentials; keystore?: Keystore }> {
+    if (!credentials) {
+      return {};
+    }
+
+    if ("identity" in credentials) {
+      return { credentials };
+    }
+
+    const keystore = Keystore.fromString(credentials.keystore);
+
+    if (!keystore) {
+      return {};
+    }
+
+    const decryptedCredentials = await keystore.readCredential(
+      credentials.id,
+      credentials.password
+    );
+
+    return {
+      keystore,
+      credentials: decryptedCredentials
+    };
+  }
+
+  /**
+   * Generates an identity credential from a seed string
+   * This is a pure implementation that doesn't rely on Zerokit
+   * @param seed A string seed to generate the identity from
+   * @returns IdentityCredential
+   */
+  private generateSeededIdentityCredential(seed: string): IdentityCredential {
+    // Convert the seed to bytes
+    const encoder = new TextEncoder();
+    const seedBytes = encoder.encode(seed);
+
+    // Generate deterministic values using HMAC-SHA256
+    // We use different context strings for each component to ensure they're different
+    const idTrapdoor = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
+    const idNullifier = hmac(sha256, seedBytes, encoder.encode("IDNullifier"));
+
+    // Generate IDSecretHash as a hash of IDTrapdoor and IDNullifier
+    const combinedBytes = new Uint8Array([...idTrapdoor, ...idNullifier]);
+    const idSecretHash = sha256(combinedBytes);
+
+    // Generate IDCommitment as a hash of IDSecretHash
+    const idCommitment = sha256(idSecretHash);
+
+    // Convert IDCommitment to BigInt
+    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment);
+
+    return new IdentityCredential(
+      idTrapdoor,
+      idNullifier,
+      idSecretHash,
+      idCommitment,
+      idCommitmentBigInt
+    );
+  }
+
+  public async registerMembership(
+    options: RegisterMembershipOptions
+  ): Promise<undefined | DecryptedCredentials> {
+    if (!this.contract) {
+      throw Error("RLN Contract is not initialized.");
+    }
+
+    let identity = "identity" in options && options.identity;
+
+    if ("signature" in options) {
+      identity = this.generateSeededIdentityCredential(options.signature);
+    }
+
+    if (!identity) {
+      throw Error("Missing signature or identity to register membership.");
+    }
+
+    return this.contract.registerWithIdentity(identity);
+  }
+
+  /**
+   * Changes credentials in use by relying on provided Keystore earlier in rln.start
+   * @param id: string, hash of credentials to select from Keystore
+   * @param password: string or bytes to use to decrypt credentials from Keystore
+   */
+  public async useCredentials(id: string, password: Password): Promise<void> {
+    this._credentials = await this.keystore?.readCredential(id, password);
+  }
+}