@waku/rln 0.1.5-9901863.0 → 0.1.5-a8ff776.0

package/src/create.ts

@@ -5,5 +5,5 @@ export async function createRLN(): Promise<RLNInstance> {
   // asynchronously. This file does the single async import, so
   // that no one else needs to worry about it again.
   const rlnModule = await import("./rln.js");
-  return rlnModule.RLNInstance.create();
+  return rlnModule.create();
 }

package/src/identity.ts

@@ -28,13 +28,4 @@ export class IdentityCredential {
       idCommitmentBigInt
     );
   }
-
-  public toJSON(): Record<string, number[]> {
-    return {
-      idTrapdoor: Array.from(this.IDTrapdoor),
-      idNullifier: Array.from(this.IDNullifier),
-      idSecretHash: Array.from(this.IDSecretHash),
-      idCommitment: Array.from(this.IDCommitment)
-    };
-  }
 }

package/src/index.ts

@@ -1,9 +1,7 @@
 import { RLNDecoder, RLNEncoder } from "./codec.js";
 import { RLN_ABI } from "./contract/abi.js";
 import { LINEA_CONTRACT, RLNContract } from "./contract/index.js";
-import { RLNBaseContract } from "./contract/rln_base_contract.js";
 import { createRLN } from "./create.js";
-import { RLNCredentialsManager } from "./credentials_manager.js";
 import { IdentityCredential } from "./identity.js";
 import { Keystore } from "./keystore/index.js";
 import { Proof } from "./proof.js";
@@ -12,8 +10,6 @@ import { MerkleRootTracker } from "./root_tracker.js";
 import { extractMetaMaskSigner } from "./utils/index.js";
 
 export {
-  RLNCredentialsManager,
-  RLNBaseContract,
   createRLN,
   Keystore,
   RLNInstance,

package/src/keystore/keystore.ts

@@ -14,7 +14,6 @@ import {
 import _ from "lodash";
 import { v4 as uuidV4 } from "uuid";
 
-import { IdentityCredential } from "../identity.js";
 import { buildBigIntFromUint8Array } from "../utils/bytes.js";
 
 import { decryptEipKeystore, keccak256Checksum } from "./cipher.js";
@@ -251,32 +250,32 @@ export class Keystore {
       const str = bytesToUtf8(bytes);
       const obj = JSON.parse(str);
 
-      // Get identity fields from named object
-      const { idTrapdoor, idNullifier, idSecretHash, idCommitment } = _.get(
-        obj,
-        "identityCredential",
-        {}
-      );
-
-      const idTrapdoorArray = new Uint8Array(idTrapdoor || []);
-      const idNullifierArray = new Uint8Array(idNullifier || []);
-      const idSecretHashArray = new Uint8Array(idSecretHash || []);
-      const idCommitmentArray = new Uint8Array(idCommitment || []);
-      const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitmentArray);
-
+      // TODO: add runtime validation of nwaku credentials
       return {
-        identity: new IdentityCredential(
-          idTrapdoorArray,
-          idNullifierArray,
-          idSecretHashArray,
-          idCommitmentArray,
-          idCommitmentBigInt
-        ),
+        identity: {
+          IDCommitment: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idCommitment", [])
+          ),
+          IDTrapdoor: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idTrapdoor", [])
+          ),
+          IDNullifier: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idNullifier", [])
+          ),
+          IDCommitmentBigInt: buildBigIntFromUint8Array(
+            Keystore.fromArraylikeToBytes(
+              _.get(obj, "identityCredential.idCommitment", [])
+            )
+          ),
+          IDSecretHash: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idSecretHash", [])
+          )
+        },
         membership: {
           treeIndex: _.get(obj, "treeIndex"),
           chainId: _.get(obj, "membershipContract.chainId"),
           address: _.get(obj, "membershipContract.address"),
-          rateLimit: _.get(obj, "userMessageLimit")
+          rateLimit: _.get(obj, "membershipContract.rateLimit")
         }
       };
     } catch (err) {
@@ -285,6 +284,23 @@ export class Keystore {
     }
   }
 
+  private static fromArraylikeToBytes(obj: {
+    [key: number]: number;
+  }): Uint8Array {
+    const bytes = [];
+
+    let index = 0;
+    let lastElement = obj[index];
+
+    while (lastElement !== undefined) {
+      bytes.push(lastElement);
+      index += 1;
+      lastElement = obj[index];
+    }
+
+    return new Uint8Array(bytes);
+  }
+
   // follows nwaku implementation
   // https://github.com/waku-org/nwaku/blob/f05528d4be3d3c876a8b07f9bb7dfaae8aa8ec6e/waku/waku_keystore/protocol_types.nim#L111
   private static computeMembershipHash(info: MembershipInfo): MembershipHash {
@@ -298,18 +314,17 @@ export class Keystore {
   private static fromIdentityToBytes(options: KeystoreEntity): Uint8Array {
     return utf8ToBytes(
       JSON.stringify({
-        membershipContract: {
-          chainId: options.membership.chainId,
-          address: options.membership.address
-        },
         treeIndex: options.membership.treeIndex,
         identityCredential: {
-          idTrapdoor: Array.from(options.identity.IDTrapdoor),
-          idNullifier: Array.from(options.identity.IDNullifier),
-          idSecretHash: Array.from(options.identity.IDSecretHash),
-          idCommitment: Array.from(options.identity.IDCommitment)
+          idCommitment: options.identity.IDCommitment,
+          idNullifier: options.identity.IDNullifier,
+          idSecretHash: options.identity.IDSecretHash,
+          idTrapdoor: options.identity.IDTrapdoor
         },
-        userMessageLimit: options.membership.rateLimit
+        membershipContract: {
+          chainId: options.membership.chainId,
+          address: options.membership.address
+        }
       })
     );
   }

package/src/keystore/types.ts

@@ -8,7 +8,7 @@ export type Password = string | Uint8Array;
 // see reference
 // https://github.com/waku-org/nwaku/blob/f05528d4be3d3c876a8b07f9bb7dfaae8aa8ec6e/waku/waku_keystore/protocol_types.nim#L111
 export type MembershipInfo = {
-  chainId: string;
+  chainId: number;
   address: string;
   treeIndex: number;
   rateLimit: number;

package/src/rln.ts

@@ -7,6 +7,7 @@ import type {
 import { Logger } from "@waku/utils";
 import init from "@waku/zerokit-rln-wasm";
 import * as zerokitRLN from "@waku/zerokit-rln-wasm";
+import { ethers } from "ethers";
 
 import {
   createRLNDecoder,
@@ -15,51 +16,258 @@ import {
   type RLNEncoder
 } from "./codec.js";
 import { DEFAULT_RATE_LIMIT } from "./contract/constants.js";
-import { RLNCredentialsManager } from "./credentials_manager.js";
+import { LINEA_CONTRACT, RLNContract } from "./contract/index.js";
+import { IdentityCredential } from "./identity.js";
+import { Keystore } from "./keystore/index.js";
 import type {
   DecryptedCredentials,
   EncryptedCredentials
 } from "./keystore/index.js";
+import { KeystoreEntity, Password } from "./keystore/types.js";
 import verificationKey from "./resources/verification_key";
 import * as wc from "./resources/witness_calculator";
 import { WitnessCalculator } from "./resources/witness_calculator";
+import { extractMetaMaskSigner } from "./utils/index.js";
 import { Zerokit } from "./zerokit.js";
 
 const log = new Logger("waku:rln");
 
+async function loadWitnessCalculator(): Promise<WitnessCalculator> {
+  try {
+    const url = new URL("./resources/rln.wasm", import.meta.url);
+    const response = await fetch(url);
+
+    if (!response.ok) {
+      throw new Error(
+        `Failed to fetch witness calculator: ${response.status} ${response.statusText}`
+      );
+    }
+
+    return await wc.builder(
+      new Uint8Array(await response.arrayBuffer()),
+      false
+    );
+  } catch (error) {
+    log.error("Error loading witness calculator:", error);
+    throw new Error(
+      `Failed to load witness calculator: ${error instanceof Error ? error.message : String(error)}`
+    );
+  }
+}
+
+async function loadZkey(): Promise<Uint8Array> {
+  try {
+    const url = new URL("./resources/rln_final.zkey", import.meta.url);
+    const response = await fetch(url);
+
+    if (!response.ok) {
+      throw new Error(
+        `Failed to fetch zkey: ${response.status} ${response.statusText}`
+      );
+    }
+
+    return new Uint8Array(await response.arrayBuffer());
+  } catch (error) {
+    log.error("Error loading zkey:", error);
+    throw new Error(
+      `Failed to load zkey: ${error instanceof Error ? error.message : String(error)}`
+    );
+  }
+}
+
+/**
+ * Create an instance of RLN
+ * @returns RLNInstance
+ */
+export async function create(): Promise<RLNInstance> {
+  try {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    await (init as any)?.();
+    zerokitRLN.init_panic_hook();
+
+    const witnessCalculator = await loadWitnessCalculator();
+    const zkey = await loadZkey();
+
+    const stringEncoder = new TextEncoder();
+    const vkey = stringEncoder.encode(JSON.stringify(verificationKey));
+
+    const DEPTH = 20;
+    const zkRLN = zerokitRLN.newRLN(DEPTH, zkey, vkey);
+    const zerokit = new Zerokit(zkRLN, witnessCalculator, DEFAULT_RATE_LIMIT);
+
+    return new RLNInstance(zerokit);
+  } catch (error) {
+    log.error("Failed to initialize RLN:", error);
+    throw error;
+  }
+}
+
+type StartRLNOptions = {
+  /**
+   * If not set - will extract MetaMask account and get signer from it.
+   */
+  signer?: ethers.Signer;
+  /**
+   * If not set - will use default LINEA_CONTRACT address.
+   */
+  address?: string;
+  /**
+   * Credentials to use for generating proofs and connecting to the contract and network.
+   * If provided used for validating the network chainId and connecting to registry contract.
+   */
+  credentials?: EncryptedCredentials | DecryptedCredentials;
+  /**
+   * Rate limit for the member.
+   */
+  rateLimit?: number;
+};
+
+type RegisterMembershipOptions =
+  | { signature: string }
+  | { identity: IdentityCredential };
+
 type WakuRLNEncoderOptions = WakuEncoderOptions & {
   credentials: EncryptedCredentials | DecryptedCredentials;
 };
 
-export class RLNInstance extends RLNCredentialsManager {
-  /**
-   * Create an instance of RLN
-   * @returns RLNInstance
-   */
-  public static async create(): Promise<RLNInstance> {
+export class RLNInstance {
+  private started = false;
+  private starting = false;
+
+  private _contract: undefined | RLNContract;
+  private _signer: undefined | ethers.Signer;
+
+  private keystore = Keystore.create();
+  private _credentials: undefined | DecryptedCredentials;
+
+  public constructor(public zerokit: Zerokit) {}
+
+  public get contract(): undefined | RLNContract {
+    return this._contract;
+  }
+
+  public get signer(): undefined | ethers.Signer {
+    return this._signer;
+  }
+
+  public async start(options: StartRLNOptions = {}): Promise<void> {
+    if (this.started || this.starting) {
+      return;
+    }
+
+    this.starting = true;
+
     try {
-      // eslint-disable-next-line @typescript-eslint/no-explicit-any
-      await (init as any)?.();
-      zerokitRLN.init_panic_hook();
+      const { credentials, keystore } =
+        await RLNInstance.decryptCredentialsIfNeeded(options.credentials);
+      const { signer, address } = await this.determineStartOptions(
+        options,
+        credentials
+      );
+
+      if (keystore) {
+        this.keystore = keystore;
+      }
 
-      const witnessCalculator = await RLNInstance.loadWitnessCalculator();
-      const zkey = await RLNInstance.loadZkey();
+      this._credentials = credentials;
+      this._signer = signer!;
+      this._contract = await RLNContract.init(this, {
+        address: address!,
+        signer: signer!,
+        rateLimit: options.rateLimit ?? this.zerokit.getRateLimit
+      });
+      this.started = true;
+    } finally {
+      this.starting = false;
+    }
+  }
 
-      const stringEncoder = new TextEncoder();
-      const vkey = stringEncoder.encode(JSON.stringify(verificationKey));
+  private async determineStartOptions(
+    options: StartRLNOptions,
+    credentials: KeystoreEntity | undefined
+  ): Promise<StartRLNOptions> {
+    let chainId = credentials?.membership.chainId;
+    const address =
+      credentials?.membership.address ||
+      options.address ||
+      LINEA_CONTRACT.address;
+
+    if (address === LINEA_CONTRACT.address) {
+      chainId = LINEA_CONTRACT.chainId;
+    }
 
-      const DEPTH = 20;
-      const zkRLN = zerokitRLN.newRLN(DEPTH, zkey, vkey);
-      const zerokit = new Zerokit(zkRLN, witnessCalculator, DEFAULT_RATE_LIMIT);
+    const signer = options.signer || (await extractMetaMaskSigner());
+    const currentChainId = await signer.getChainId();
 
-      return new RLNInstance(zerokit);
-    } catch (error) {
-      log.error("Failed to initialize RLN:", error);
-      throw error;
+    if (chainId && chainId !== currentChainId) {
+      throw Error(
+        `Failed to start RLN contract, chain ID of contract is different from current one: contract-${chainId}, current network-${currentChainId}`
+      );
     }
+
+    return {
+      signer,
+      address
+    };
   }
-  private constructor(public zerokit: Zerokit) {
-    super(zerokit);
+
+  private static async decryptCredentialsIfNeeded(
+    credentials?: EncryptedCredentials | DecryptedCredentials
+  ): Promise<{ credentials?: DecryptedCredentials; keystore?: Keystore }> {
+    if (!credentials) {
+      return {};
+    }
+
+    if ("identity" in credentials) {
+      return { credentials };
+    }
+
+    const keystore = Keystore.fromString(credentials.keystore);
+
+    if (!keystore) {
+      return {};
+    }
+
+    const decryptedCredentials = await keystore.readCredential(
+      credentials.id,
+      credentials.password
+    );
+
+    return {
+      keystore,
+      credentials: decryptedCredentials
+    };
+  }
+
+  public async registerMembership(
+    options: RegisterMembershipOptions
+  ): Promise<undefined | DecryptedCredentials> {
+    if (!this.contract) {
+      throw Error("RLN Contract is not initialized.");
+    }
+
+    let identity = "identity" in options && options.identity;
+
+    if ("signature" in options) {
+      identity = this.zerokit.generateSeededIdentityCredential(
+        options.signature
+      );
+    }
+
+    if (!identity) {
+      throw Error("Missing signature or identity to register membership.");
+    }
+
+    return this.contract.registerWithIdentity(identity);
+  }
+
+  /**
+   * Changes credentials in use by relying on provided Keystore earlier in rln.start
+   * @param id: string, hash of credentials to select from Keystore
+   * @param password: string or bytes to use to decrypt credentials from Keystore
+   */
+  public async useCredentials(id: string, password: Password): Promise<void> {
+    this._credentials = await this.keystore?.readCredential(id, password);
   }
 
   public async createEncoder(
@@ -67,7 +275,7 @@ export class RLNInstance extends RLNCredentialsManager {
   ): Promise<RLNEncoder> {
     const { credentials: decryptedCredentials } =
       await RLNInstance.decryptCredentialsIfNeeded(options.credentials);
-    const credentials = decryptedCredentials || this.credentials;
+    const credentials = decryptedCredentials || this._credentials;
 
     if (!credentials) {
       throw Error(
@@ -85,6 +293,33 @@ export class RLNInstance extends RLNCredentialsManager {
     });
   }
 
+  private async verifyCredentialsAgainstContract(
+    credentials: KeystoreEntity
+  ): Promise<void> {
+    if (!this._contract) {
+      throw Error(
+        "Failed to verify chain coordinates: no contract initialized."
+      );
+    }
+
+    const registryAddress = credentials.membership.address;
+    const currentRegistryAddress = this._contract.address;
+    if (registryAddress !== currentRegistryAddress) {
+      throw Error(
+        `Failed to verify chain coordinates: credentials contract address=${registryAddress} is not equal to registryContract address=${currentRegistryAddress}`
+      );
+    }
+
+    const chainId = credentials.membership.chainId;
+    const network = await this._contract.provider.getNetwork();
+    const currentChainId = network.chainId;
+    if (chainId !== currentChainId) {
+      throw Error(
+        `Failed to verify chain coordinates: credentials chainID=${chainId} is not equal to registryContract chainID=${currentChainId}`
+      );
+    }
+  }
+
   public createDecoder(
     contentTopic: ContentTopic
   ): RLNDecoder<IDecodedMessage> {
@@ -93,47 +328,4 @@ export class RLNInstance extends RLNCredentialsManager {
       decoder: createDecoder(contentTopic)
     });
   }
-
-  public static async loadWitnessCalculator(): Promise<WitnessCalculator> {
-    try {
-      const url = new URL("./resources/rln.wasm", import.meta.url);
-      const response = await fetch(url);
-
-      if (!response.ok) {
-        throw new Error(
-          `Failed to fetch witness calculator: ${response.status} ${response.statusText}`
-        );
-      }
-
-      return await wc.builder(
-        new Uint8Array(await response.arrayBuffer()),
-        false
-      );
-    } catch (error) {
-      log.error("Error loading witness calculator:", error);
-      throw new Error(
-        `Failed to load witness calculator: ${error instanceof Error ? error.message : String(error)}`
-      );
-    }
-  }
-
-  public static async loadZkey(): Promise<Uint8Array> {
-    try {
-      const url = new URL("./resources/rln_final.zkey", import.meta.url);
-      const response = await fetch(url);
-
-      if (!response.ok) {
-        throw new Error(
-          `Failed to fetch zkey: ${response.status} ${response.statusText}`
-        );
-      }
-
-      return new Uint8Array(await response.arrayBuffer());
-    } catch (error) {
-      log.error("Error loading zkey:", error);
-      throw new Error(
-        `Failed to load zkey: ${error instanceof Error ? error.message : String(error)}`
-      );
-    }
-  }
 }