@waku/rln 0.1.6-76fb1ea.0 → 0.1.6-86bbf5b.0

package/src/contract/rln_base_contract.ts

@@ -79,7 +79,8 @@ export class RLNBaseContract {
     const instance = new RLNBaseContract(options);
     const [min, max] = await Promise.all([
       instance.contract.minMembershipRateLimit(),
-      instance.contract.maxMembershipRateLimit()
+      instance.contract.maxMembershipRateLimit(),
+      instance.contract.Q()
     ]);
     instance.minRateLimit = ethers.BigNumber.from(min).toNumber();
     instance.maxRateLimit = ethers.BigNumber.from(max).toNumber();
@@ -490,7 +491,6 @@ export class RLNBaseContract {
       log.error(`Error in withdraw: ${(error as Error).message}`);
     }
   }
-
   public async registerWithIdentity(
     identity: IdentityCredential
   ): Promise<DecryptedCredentials | undefined> {
@@ -499,10 +499,12 @@ export class RLNBaseContract {
         `Registering identity with rate limit: ${this.rateLimit} messages/epoch`
       );
 
-      // Check if the ID commitment is already registered
-      const existingIndex = await this.getMemberIndex(
-        identity.IDCommitmentBigInt
+      const idCommitmentBigInt = IdentityCredential.getIdCommitmentBigInt(
+        identity.IDCommitment
       );
+
+      // Check if the ID commitment is already registered
+      const existingIndex = await this.getMemberIndex(idCommitmentBigInt);
       if (existingIndex) {
         throw new Error(
           `ID commitment is already registered with index ${existingIndex}`
@@ -518,19 +520,16 @@ export class RLNBaseContract {
       }
 
       const estimatedGas = await this.contract.estimateGas.register(
-        identity.IDCommitmentBigInt,
+        idCommitmentBigInt,
         this.rateLimit,
         []
       );
       const gasLimit = estimatedGas.add(10000);
 
       const txRegisterResponse: ethers.ContractTransaction =
-        await this.contract.register(
-          identity.IDCommitmentBigInt,
-          this.rateLimit,
-          [],
-          { gasLimit }
-        );
+        await this.contract.register(idCommitmentBigInt, this.rateLimit, [], {
+          gasLimit
+        });
 
       const txRegisterReceipt = await txRegisterResponse.wait();
 
@@ -626,7 +625,7 @@ export class RLNBaseContract {
           permit.v,
           permit.r,
           permit.s,
-          identity.IDCommitmentBigInt,
+          IdentityCredential.getIdCommitmentBigInt(identity.IDCommitment),
           this.rateLimit,
           idCommitmentsToErase.map((id) => ethers.BigNumber.from(id))
         );

package/src/credentials_manager.ts

@@ -1,5 +1,5 @@
 import { hmac } from "@noble/hashes/hmac";
-import { sha256 } from "@noble/hashes/sha256";
+import { sha256 } from "@noble/hashes/sha2";
 import { Logger } from "@waku/utils";
 import { ethers } from "ethers";
 
@@ -13,10 +13,7 @@ import type {
 } from "./keystore/index.js";
 import { KeystoreEntity, Password } from "./keystore/types.js";
 import { RegisterMembershipOptions, StartRLNOptions } from "./types.js";
-import {
-  buildBigIntFromUint8Array,
-  extractMetaMaskSigner
-} from "./utils/index.js";
+import { extractMetaMaskSigner, switchEndianness } from "./utils/index.js";
 import { Zerokit } from "./zerokit.js";
 
 const log = new Logger("waku:credentials");
@@ -116,7 +113,9 @@ export class RLNCredentialsManager {
         );
       } else {
         log.info("Using local implementation to generate identity");
-        identity = this.generateSeededIdentityCredential(options.signature);
+        identity = await this.generateSeededIdentityCredential(
+          options.signature
+        );
       }
     }
 
@@ -249,7 +248,9 @@ export class RLNCredentialsManager {
    * @param seed A string seed to generate the identity from
    * @returns IdentityCredential
    */
-  private generateSeededIdentityCredential(seed: string): IdentityCredential {
+  private async generateSeededIdentityCredential(
+    seed: string
+  ): Promise<IdentityCredential> {
     log.info("Generating seeded identity credential");
     // Convert the seed to bytes
     const encoder = new TextEncoder();
@@ -257,26 +258,31 @@ export class RLNCredentialsManager {
 
     // Generate deterministic values using HMAC-SHA256
     // We use different context strings for each component to ensure they're different
-    const idTrapdoor = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
-    const idNullifier = hmac(sha256, seedBytes, encoder.encode("IDNullifier"));
+    const idTrapdoorBE = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
+    const idNullifierBE = hmac(
+      sha256,
+      seedBytes,
+      encoder.encode("IDNullifier")
+    );
 
-    // Generate IDSecretHash as a hash of IDTrapdoor and IDNullifier
-    const combinedBytes = new Uint8Array([...idTrapdoor, ...idNullifier]);
-    const idSecretHash = sha256(combinedBytes);
+    const combinedBytes = new Uint8Array([...idTrapdoorBE, ...idNullifierBE]);
+    const idSecretHashBE = sha256(combinedBytes);
 
-    // Generate IDCommitment as a hash of IDSecretHash
-    const idCommitment = sha256(idSecretHash);
+    const idCommitmentBE = sha256(idSecretHashBE);
 
-    // Convert IDCommitment to BigInt
-    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment);
+    // All hashing functions return big-endian bytes
+    // We need to switch to little-endian for the identity credential
+    const idTrapdoorLE = switchEndianness(idTrapdoorBE);
+    const idNullifierLE = switchEndianness(idNullifierBE);
+    const idSecretHashLE = switchEndianness(idSecretHashBE);
+    const idCommitmentLE = switchEndianness(idCommitmentBE);
 
     log.info("Successfully generated identity credential");
     return new IdentityCredential(
-      idTrapdoor,
-      idNullifier,
-      idSecretHash,
-      idCommitment,
-      idCommitmentBigInt
+      idTrapdoorLE,
+      idNullifierLE,
+      idSecretHashLE,
+      idCommitmentLE
     );
   }
 }

package/src/identity.ts

@@ -1,12 +1,22 @@
-import { buildBigIntFromUint8Array } from "./utils/index.js";
+import { Logger } from "@waku/utils";
+
+import { DEFAULT_Q } from "./contract/constants.js";
+import {
+  buildBigIntFromUint8ArrayLE,
+  switchEndiannessBigInt
+} from "./utils/bytes.js";
+
+const log = new Logger("waku:rln:identity");
 
 export class IdentityCredential {
+  /**
+   * All variables are in little-endian format
+   */
   public constructor(
     public readonly IDTrapdoor: Uint8Array,
     public readonly IDNullifier: Uint8Array,
     public readonly IDSecretHash: Uint8Array,
-    public readonly IDCommitment: Uint8Array,
-    public readonly IDCommitmentBigInt: bigint
+    public readonly IDCommitment: Uint8Array
   ) {}
 
   public static fromBytes(memKeys: Uint8Array): IdentityCredential {
@@ -18,14 +28,39 @@ export class IdentityCredential {
     const idNullifier = memKeys.subarray(32, 64);
     const idSecretHash = memKeys.subarray(64, 96);
     const idCommitment = memKeys.subarray(96, 128);
-    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment, 32);
 
     return new IdentityCredential(
       idTrapdoor,
       idNullifier,
       idSecretHash,
-      idCommitment,
-      idCommitmentBigInt
+      idCommitment
     );
   }
+
+  /**
+   * Converts an ID commitment from bytes to a BigInt, normalizing it against a limit if needed
+   * @param bytes The ID commitment bytes to convert
+   * @param limit Optional limit to normalize against (Q value)
+   * @returns The ID commitment as a BigInt
+   */
+  public static getIdCommitmentBigInt(
+    idCommitment: Uint8Array,
+    returnType: "big-endian" | "little-endian" = "big-endian",
+    limit: bigint = DEFAULT_Q
+  ): bigint {
+    let idCommitmentBigIntLE = buildBigIntFromUint8ArrayLE(idCommitment);
+
+    if (limit && idCommitmentBigIntLE >= limit) {
+      log.warn(
+        `ID commitment is greater than Q, reducing it by Q: ${idCommitmentBigIntLE} % ${limit}`
+      );
+      idCommitmentBigIntLE = idCommitmentBigIntLE % limit;
+    }
+
+    if (returnType === "big-endian") {
+      return switchEndiannessBigInt(idCommitmentBigIntLE);
+    }
+
+    return idCommitmentBigIntLE;
+  }
 }

package/src/keystore/keystore.ts

@@ -14,8 +14,6 @@ import {
 import _ from "lodash";
 import { v4 as uuidV4 } from "uuid";
 
-import { buildBigIntFromUint8Array } from "../utils/bytes.js";
-
 import { decryptEipKeystore, keccak256Checksum } from "./cipher.js";
 import { isCredentialValid, isKeystoreValid } from "./schema_validator.js";
 import type {
@@ -250,26 +248,25 @@ export class Keystore {
       const str = bytesToUtf8(bytes);
       const obj = JSON.parse(str);
 
-      // TODO: add runtime validation of nwaku credentials
+      const idCommitmentLE = Keystore.fromArraylikeToBytes(
+        _.get(obj, "identityCredential.idCommitment", [])
+      );
+      const idTrapdoorLE = Keystore.fromArraylikeToBytes(
+        _.get(obj, "identityCredential.idTrapdoor", [])
+      );
+      const idNullifierLE = Keystore.fromArraylikeToBytes(
+        _.get(obj, "identityCredential.idNullifier", [])
+      );
+      const idSecretHashLE = Keystore.fromArraylikeToBytes(
+        _.get(obj, "identityCredential.idSecretHash", [])
+      );
+
       return {
         identity: {
-          IDCommitment: Keystore.fromArraylikeToBytes(
-            _.get(obj, "identityCredential.idCommitment", [])
-          ),
-          IDTrapdoor: Keystore.fromArraylikeToBytes(
-            _.get(obj, "identityCredential.idTrapdoor", [])
-          ),
-          IDNullifier: Keystore.fromArraylikeToBytes(
-            _.get(obj, "identityCredential.idNullifier", [])
-          ),
-          IDCommitmentBigInt: buildBigIntFromUint8Array(
-            Keystore.fromArraylikeToBytes(
-              _.get(obj, "identityCredential.idCommitment", [])
-            )
-          ),
-          IDSecretHash: Keystore.fromArraylikeToBytes(
-            _.get(obj, "identityCredential.idSecretHash", [])
-          )
+          IDCommitment: idCommitmentLE,
+          IDTrapdoor: idTrapdoorLE,
+          IDNullifier: idNullifierLE,
+          IDSecretHash: idSecretHashLE
         },
         membership: {
           treeIndex: _.get(obj, "treeIndex"),
@@ -321,14 +318,21 @@ export class Keystore {
   // follows nwaku implementation
   // https://github.com/waku-org/nwaku/blob/f05528d4be3d3c876a8b07f9bb7dfaae8aa8ec6e/waku/waku_keystore/protocol_types.nim#L98
   private static fromIdentityToBytes(options: KeystoreEntity): Uint8Array {
+    function toLittleEndian(bytes: Uint8Array): Uint8Array {
+      return new Uint8Array(bytes).reverse();
+    }
     return utf8ToBytes(
       JSON.stringify({
         treeIndex: options.membership.treeIndex,
         identityCredential: {
-          idCommitment: Array.from(options.identity.IDCommitment),
-          idNullifier: Array.from(options.identity.IDNullifier),
-          idSecretHash: Array.from(options.identity.IDSecretHash),
-          idTrapdoor: Array.from(options.identity.IDTrapdoor)
+          idCommitment: Array.from(
+            toLittleEndian(options.identity.IDCommitment)
+          ),
+          idNullifier: Array.from(toLittleEndian(options.identity.IDNullifier)),
+          idSecretHash: Array.from(
+            toLittleEndian(options.identity.IDSecretHash)
+          ),
+          idTrapdoor: Array.from(toLittleEndian(options.identity.IDTrapdoor))
         },
         membershipContract: {
           chainId: options.membership.chainId,

package/src/utils/bytes.ts

@@ -17,18 +17,38 @@ export function concatenate(...input: Uint8Array[]): Uint8Array {
   return result;
 }
 
-// Adapted from https://github.com/feross/buffer
-function checkInt(
-  buf: Uint8Array,
-  value: number,
-  offset: number,
-  ext: number,
-  max: number,
-  min: number
-): void {
-  if (value > max || value < min)
-    throw new RangeError('"value" argument is out of bounds');
-  if (offset + ext > buf.length) throw new RangeError("Index out of range");
+export function switchEndianness(bytes: Uint8Array): Uint8Array {
+  return new Uint8Array(bytes.reverse());
+}
+
+/**
+ * Builds a BigInt from a little-endian Uint8Array
+ * @param bytes The little-endian bytes to convert
+ * @returns The resulting BigInt in little-endian format
+ */
+export function buildBigIntFromUint8ArrayLE(bytes: Uint8Array): bigint {
+  let result = 0n;
+  for (let i = bytes.length - 1; i >= 0; i--) {
+    result = (result << 8n) + BigInt(bytes[i]);
+  }
+  return result;
+}
+
+/**
+ * Switches endianness of a bigint value
+ * @param value The bigint value to switch endianness for
+ * @returns The bigint value with reversed endianness
+ */
+export function switchEndiannessBigInt(value: bigint): bigint {
+  // Convert bigint to byte array
+  const bytes = [];
+  while (value > 0n) {
+    bytes.push(Number(value & 0xffn));
+    value >>= 8n;
+  }
+
+  // Reverse bytes and convert back to bigint
+  return bytes.reverse().reduce((acc, byte) => (acc << 8n) + BigInt(byte), 0n);
 }
 
 export function writeUIntLE(
@@ -56,19 +76,6 @@ export function writeUIntLE(
   return buf;
 }
 
-/**
- * Transforms Uint8Array into BigInt
- * @param array: Uint8Array
- * @returns BigInt
- */
-export function buildBigIntFromUint8Array(
-  array: Uint8Array,
-  byteOffset: number = 0
-): bigint {
-  const dataView = new DataView(array.buffer);
-  return dataView.getBigUint64(byteOffset, true);
-}
-
 /**
  * Fills with zeros to set length
  * @param array little endian Uint8Array
@@ -82,3 +89,17 @@ export function zeroPadLE(array: Uint8Array, length: number): Uint8Array {
   }
   return result;
 }
+
+// Adapted from https://github.com/feross/buffer
+function checkInt(
+  buf: Uint8Array,
+  value: number,
+  offset: number,
+  ext: number,
+  max: number,
+  min: number
+): void {
+  if (value > max || value < min)
+    throw new RangeError('"value" argument is out of bounds');
+  if (offset + ext > buf.length) throw new RangeError("Index out of range");
+}

package/src/utils/index.ts

@@ -2,7 +2,7 @@ export { extractMetaMaskSigner } from "./metamask.js";
 export {
   concatenate,
   writeUIntLE,
-  buildBigIntFromUint8Array,
+  switchEndianness,
   zeroPadLE
 } from "./bytes.js";
 export { sha256, poseidonHash } from "./hash.js";

package/bundle/packages/core/dist/lib/light_push/light_push_v3.js

@@ -1,31 +0,0 @@
-import '../../../../interfaces/dist/light_push_v3.js';
-import '../../../../interfaces/dist/protocols.js';
-import '../../../../interfaces/dist/connection_manager.js';
-import '../../../../interfaces/dist/health_indicator.js';
-import '../../../../proto/dist/generated/message.js';
-import '../../../../proto/dist/generated/filter.js';
-import '../../../../proto/dist/generated/topic_only_message.js';
-import '../../../../proto/dist/generated/filter_v2.js';
-import '../../../../proto/dist/generated/light_push.js';
-import '../../../../proto/dist/generated/light_push_v2.js';
-import '../../../../proto/dist/generated/light_push_v3.js';
-import '../../../../proto/dist/generated/store_v3.js';
-import '../../../../proto/dist/generated/peer_exchange.js';
-import '../../../../proto/dist/generated/metadata.js';
-import '../../../../proto/dist/generated/sds_message.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base10.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base16.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base2.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base256emoji.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base32.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base36.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base58.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base64.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/base8.js';
-import '../../../../../node_modules/multiformats/dist/src/bases/identity.js';
-import '../../../../../node_modules/multiformats/dist/src/codecs/json.js';
-import { Logger } from '../../../../utils/dist/logger/index.js';
-import '../../../../../node_modules/it-length-prefixed/dist/src/decode.js';
-import './status_codes_v3.js';
-
-new Logger("light-push-v3");

package/bundle/packages/core/dist/lib/light_push/status_codes.js

@@ -1,26 +0,0 @@
-import '../../../../interfaces/dist/light_push_v3.js';
-import '../../../../interfaces/dist/protocols.js';
-import '../../../../interfaces/dist/connection_manager.js';
-import '../../../../interfaces/dist/health_indicator.js';
-
-var LightPushStatusCode;
-(function (LightPushStatusCode) {
-    LightPushStatusCode[LightPushStatusCode["SUCCESS"] = 200] = "SUCCESS";
-    LightPushStatusCode[LightPushStatusCode["BAD_REQUEST"] = 400] = "BAD_REQUEST";
-    LightPushStatusCode[LightPushStatusCode["UNSUPPORTED_PUBSUB_TOPIC"] = 404] = "UNSUPPORTED_PUBSUB_TOPIC";
-    LightPushStatusCode[LightPushStatusCode["REQUEST_TOO_LARGE"] = 413] = "REQUEST_TOO_LARGE";
-    LightPushStatusCode[LightPushStatusCode["TOO_MANY_REQUESTS"] = 429] = "TOO_MANY_REQUESTS";
-    LightPushStatusCode[LightPushStatusCode["INTERNAL_SERVER_ERROR"] = 500] = "INTERNAL_SERVER_ERROR";
-    LightPushStatusCode[LightPushStatusCode["NO_PEERS_TO_RELAY"] = 503] = "NO_PEERS_TO_RELAY";
-})(LightPushStatusCode || (LightPushStatusCode = {}));
-({
-    [LightPushStatusCode.SUCCESS]: "Message pushed successfully",
-    [LightPushStatusCode.BAD_REQUEST]: "Invalid request format or missing required fields",
-    [LightPushStatusCode.UNSUPPORTED_PUBSUB_TOPIC]: "The specified pubsub topic is not supported",
-    [LightPushStatusCode.REQUEST_TOO_LARGE]: "Message size exceeds maximum allowed size",
-    [LightPushStatusCode.TOO_MANY_REQUESTS]: "Rate limit exceeded, too many requests",
-    [LightPushStatusCode.INTERNAL_SERVER_ERROR]: "Internal server error occurred",
-    [LightPushStatusCode.NO_PEERS_TO_RELAY]: "No relay peers available to forward the message"
-});
-
-export { LightPushStatusCode };

package/bundle/packages/core/dist/lib/light_push/status_codes_v3.js

@@ -1,17 +0,0 @@
-import { LightPushStatusCodeV3 } from '../../../../interfaces/dist/light_push_v3.js';
-import '../../../../interfaces/dist/protocols.js';
-import '../../../../interfaces/dist/connection_manager.js';
-import '../../../../interfaces/dist/health_indicator.js';
-
-({
-    [LightPushStatusCodeV3.SUCCESS]: "Message sent successfully",
-    [LightPushStatusCodeV3.BAD_REQUEST]: "Bad request format",
-    [LightPushStatusCodeV3.PAYLOAD_TOO_LARGE]: "Message payload exceeds maximum size",
-    [LightPushStatusCodeV3.INVALID_MESSAGE_ERROR]: "Message validation failed",
-    [LightPushStatusCodeV3.UNSUPPORTED_PUBSUB_TOPIC]: "Unsupported pubsub topic",
-    [LightPushStatusCodeV3.TOO_MANY_REQUESTS]: "Rate limit exceeded",
-    [LightPushStatusCodeV3.INTERNAL_SERVER_ERROR]: "Internal server error",
-    [LightPushStatusCodeV3.SERVICE_NOT_AVAILABLE]: "Service temporarily unavailable",
-    [LightPushStatusCodeV3.OUT_OF_RLN_PROOF]: "RLN proof generation failed",
-    [LightPushStatusCodeV3.NO_PEERS_TO_RELAY]: "No relay peers available"
-});

package/bundle/packages/interfaces/dist/light_push_v3.js

@@ -1,16 +0,0 @@
-// Light Push V3 Protocol Types and Constants
-var LightPushStatusCodeV3;
-(function (LightPushStatusCodeV3) {
-    LightPushStatusCodeV3[LightPushStatusCodeV3["SUCCESS"] = 200] = "SUCCESS";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["BAD_REQUEST"] = 400] = "BAD_REQUEST";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["PAYLOAD_TOO_LARGE"] = 413] = "PAYLOAD_TOO_LARGE";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["INVALID_MESSAGE_ERROR"] = 420] = "INVALID_MESSAGE_ERROR";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["UNSUPPORTED_PUBSUB_TOPIC"] = 421] = "UNSUPPORTED_PUBSUB_TOPIC";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["TOO_MANY_REQUESTS"] = 429] = "TOO_MANY_REQUESTS";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["INTERNAL_SERVER_ERROR"] = 500] = "INTERNAL_SERVER_ERROR";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["SERVICE_NOT_AVAILABLE"] = 503] = "SERVICE_NOT_AVAILABLE";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["OUT_OF_RLN_PROOF"] = 504] = "OUT_OF_RLN_PROOF";
-    LightPushStatusCodeV3[LightPushStatusCodeV3["NO_PEERS_TO_RELAY"] = 505] = "NO_PEERS_TO_RELAY";
-})(LightPushStatusCodeV3 || (LightPushStatusCodeV3 = {}));
-
-export { LightPushStatusCodeV3 };