@waku/rln 0.1.6-f7c290d.0 → 0.1.6

package/src/contract/test-utils.ts

@@ -0,0 +1,179 @@
+import { hexToBytes } from "@waku/utils/bytes";
+import { expect } from "chai";
+import * as ethers from "ethers";
+import sinon from "sinon";
+
+import type { IdentityCredential } from "../identity.js";
+
+import { DEFAULT_RATE_LIMIT, LINEA_CONTRACT } from "./constants.js";
+
+export const mockRateLimits = {
+  minRate: 20,
+  maxRate: 600,
+  maxTotalRate: 1200,
+  currentTotalRate: 500
+};
+
+type MockProvider = {
+  getLogs: () => never[];
+  getBlockNumber: () => Promise<number>;
+  getNetwork: () => Promise<{ chainId: number }>;
+};
+
+type MockFilters = {
+  MembershipRegistered: () => { address: string };
+  MembershipErased: () => { address: string };
+  MembershipExpired: () => { address: string };
+};
+
+export function createMockProvider(): MockProvider {
+  return {
+    getLogs: () => [],
+    getBlockNumber: () => Promise.resolve(1000),
+    getNetwork: () => Promise.resolve({ chainId: 11155111 })
+  };
+}
+
+export function createMockFilters(): MockFilters {
+  return {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+}
+
+type ContractOverrides = Partial<{
+  filters: Record<string, unknown>;
+  [key: string]: unknown;
+}>;
+
+export function createMockRegistryContract(
+  overrides: ContractOverrides = {}
+): ethers.Contract {
+  const filters = {
+    MembershipRegistered: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipErased: () => ({ address: LINEA_CONTRACT.address }),
+    MembershipExpired: () => ({ address: LINEA_CONTRACT.address })
+  };
+
+  const baseContract = {
+    minMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.minRate)),
+    maxMembershipRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxRate)),
+    maxTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.maxTotalRate)),
+    currentTotalRateLimit: () =>
+      Promise.resolve(ethers.BigNumber.from(mockRateLimits.currentTotalRate)),
+    queryFilter: () => [],
+    provider: createMockProvider(),
+    filters,
+    on: () => ({}),
+    removeAllListeners: () => ({}),
+    register: () => ({
+      wait: () =>
+        Promise.resolve({
+          events: [mockRLNRegisteredEvent()]
+        })
+    }),
+    estimateGas: {
+      register: () => Promise.resolve(ethers.BigNumber.from(100000))
+    },
+    functions: {
+      register: () => Promise.resolve()
+    },
+    getMemberIndex: () => Promise.resolve(null),
+    interface: {
+      getEvent: (eventName: string) => ({
+        name: eventName,
+        format: () => {}
+      })
+    },
+    address: LINEA_CONTRACT.address
+  };
+
+  // Merge overrides while preserving filters
+  const merged = {
+    ...baseContract,
+    ...overrides,
+    filters: { ...filters, ...(overrides.filters || {}) }
+  };
+
+  return merged as unknown as ethers.Contract;
+}
+
+export function mockRLNRegisteredEvent(idCommitment?: string): ethers.Event {
+  return {
+    args: {
+      idCommitment:
+        idCommitment ||
+        "0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
+      membershipRateLimit: ethers.BigNumber.from(DEFAULT_RATE_LIMIT),
+      index: ethers.BigNumber.from(1)
+    },
+    event: "MembershipRegistered"
+  } as unknown as ethers.Event;
+}
+
+export function formatIdCommitment(idCommitmentBigInt: bigint): string {
+  return "0x" + idCommitmentBigInt.toString(16).padStart(64, "0");
+}
+
+export function createRegisterStub(
+  identity: IdentityCredential
+): sinon.SinonStub {
+  return sinon.stub().callsFake(() => ({
+    wait: () =>
+      Promise.resolve({
+        events: [
+          {
+            event: "MembershipRegistered",
+            args: {
+              idCommitment: formatIdCommitment(identity.IDCommitmentBigInt),
+              membershipRateLimit: ethers.BigNumber.from(DEFAULT_RATE_LIMIT),
+              index: ethers.BigNumber.from(1)
+            }
+          }
+        ]
+      })
+  }));
+}
+
+export function verifyRegistration(
+  decryptedCredentials: any,
+  identity: IdentityCredential,
+  registerStub: sinon.SinonStub,
+  insertMemberSpy: sinon.SinonStub
+): void {
+  if (!decryptedCredentials) {
+    throw new Error("Decrypted credentials should not be undefined");
+  }
+
+  // Verify registration call
+  expect(
+    registerStub.calledWith(
+      sinon.match.same(identity.IDCommitmentBigInt),
+      sinon.match.same(DEFAULT_RATE_LIMIT),
+      sinon.match.array,
+      sinon.match.object
+    )
+  ).to.be.true;
+
+  // Verify credential properties
+  expect(decryptedCredentials).to.have.property("identity");
+  expect(decryptedCredentials).to.have.property("membership");
+  expect(decryptedCredentials.membership).to.include({
+    address: LINEA_CONTRACT.address,
+    treeIndex: 1
+  });
+
+  // Verify member insertion
+  const expectedIdCommitment = ethers.utils.zeroPad(
+    hexToBytes(formatIdCommitment(identity.IDCommitmentBigInt)),
+    32
+  );
+  expect(insertMemberSpy.callCount).to.equal(1);
+  expect(insertMemberSpy.getCall(0).args[0]).to.deep.equal(
+    expectedIdCommitment
+  );
+}

package/src/credentials_manager.ts

@@ -1,9 +1,9 @@
 import { hmac } from "@noble/hashes/hmac";
-import { sha256 } from "@noble/hashes/sha2";
+import { sha256 } from "@noble/hashes/sha256";
 import { Logger } from "@waku/utils";
 import { ethers } from "ethers";
 
-import { DEFAULT_Q, LINEA_CONTRACT } from "./contract/constants.js";
+import { LINEA_CONTRACT } from "./contract/constants.js";
 import { RLNBaseContract } from "./contract/rln_base_contract.js";
 import { IdentityCredential } from "./identity.js";
 import { Keystore } from "./keystore/index.js";
@@ -13,8 +13,10 @@ import type {
 } from "./keystore/index.js";
 import { KeystoreEntity, Password } from "./keystore/types.js";
 import { RegisterMembershipOptions, StartRLNOptions } from "./types.js";
-import { BytesUtils } from "./utils/bytes.js";
-import { extractMetaMaskSigner } from "./utils/index.js";
+import {
+  buildBigIntFromUint8Array,
+  extractMetaMaskSigner
+} from "./utils/index.js";
 import { Zerokit } from "./zerokit.js";
 
 const log = new Logger("waku:credentials");
@@ -114,9 +116,7 @@ export class RLNCredentialsManager {
         );
       } else {
         log.info("Using local implementation to generate identity");
-        identity = await this.generateSeededIdentityCredential(
-          options.signature
-        );
+        identity = this.generateSeededIdentityCredential(options.signature);
       }
     }
 
@@ -249,9 +249,7 @@ export class RLNCredentialsManager {
    * @param seed A string seed to generate the identity from
    * @returns IdentityCredential
    */
-  private async generateSeededIdentityCredential(
-    seed: string
-  ): Promise<IdentityCredential> {
+  private generateSeededIdentityCredential(seed: string): IdentityCredential {
     log.info("Generating seeded identity credential");
     // Convert the seed to bytes
     const encoder = new TextEncoder();
@@ -259,46 +257,26 @@ export class RLNCredentialsManager {
 
     // Generate deterministic values using HMAC-SHA256
     // We use different context strings for each component to ensure they're different
-    const idTrapdoorBE = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
-    const idNullifierBE = hmac(
-      sha256,
-      seedBytes,
-      encoder.encode("IDNullifier")
-    );
+    const idTrapdoor = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
+    const idNullifier = hmac(sha256, seedBytes, encoder.encode("IDNullifier"));
 
-    const combinedBytes = new Uint8Array([...idTrapdoorBE, ...idNullifierBE]);
-    const idSecretHashBE = sha256(combinedBytes);
+    // Generate IDSecretHash as a hash of IDTrapdoor and IDNullifier
+    const combinedBytes = new Uint8Array([...idTrapdoor, ...idNullifier]);
+    const idSecretHash = sha256(combinedBytes);
 
-    const idCommitmentRawBE = sha256(idSecretHashBE);
-    const idCommitmentBE = this.reduceIdCommitment(idCommitmentRawBE);
+    // Generate IDCommitment as a hash of IDSecretHash
+    const idCommitment = sha256(idSecretHash);
 
-    log.info(
-      "Successfully generated identity credential, storing in Big Endian format"
-    );
+    // Convert IDCommitment to BigInt
+    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment);
+
+    log.info("Successfully generated identity credential");
     return new IdentityCredential(
-      idTrapdoorBE,
-      idNullifierBE,
-      idSecretHashBE,
-      idCommitmentBE
+      idTrapdoor,
+      idNullifier,
+      idSecretHash,
+      idCommitment,
+      idCommitmentBigInt
     );
   }
-
-  /**
-   * Helper: take 32-byte BE, reduce mod Q, return 32-byte BE
-   */
-  private reduceIdCommitment(
-    bytesBE: Uint8Array,
-    limit: bigint = DEFAULT_Q
-  ): Uint8Array {
-    const nBE = BytesUtils.buildBigIntFromUint8ArrayBE(bytesBE);
-
-    if (nBE >= limit) {
-      log.warn(
-        `ID commitment is greater than Q, reducing it by Q: ${nBE} % ${limit}`
-      );
-      return BytesUtils.bigIntToUint8Array32BE(nBE % limit);
-    }
-
-    return bytesBE;
-  }
 }

package/src/identity.ts

@@ -1,19 +1,13 @@
-import { BytesUtils } from "./utils/bytes.js";
+import { buildBigIntFromUint8Array } from "./utils/index.js";
 
 export class IdentityCredential {
-  public IDCommitmentBigInt: bigint;
-  /**
-   * All variables are in little-endian format
-   */
   public constructor(
     public readonly IDTrapdoor: Uint8Array,
     public readonly IDNullifier: Uint8Array,
     public readonly IDSecretHash: Uint8Array,
-    public readonly IDCommitment: Uint8Array
-  ) {
-    this.IDCommitmentBigInt =
-      BytesUtils.buildBigIntFromUint8ArrayBE(IDCommitment);
-  }
+    public readonly IDCommitment: Uint8Array,
+    public readonly IDCommitmentBigInt: bigint
+  ) {}
 
   public static fromBytes(memKeys: Uint8Array): IdentityCredential {
     if (memKeys.length < 128) {
@@ -24,12 +18,14 @@ export class IdentityCredential {
     const idNullifier = memKeys.subarray(32, 64);
     const idSecretHash = memKeys.subarray(64, 96);
     const idCommitment = memKeys.subarray(96, 128);
+    const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment, 32);
 
     return new IdentityCredential(
       idTrapdoor,
       idNullifier,
       idSecretHash,
-      idCommitment
+      idCommitment,
+      idCommitmentBigInt
     );
   }
 }

package/src/keystore/keystore.ts

@@ -14,7 +14,7 @@ import {
 import _ from "lodash";
 import { v4 as uuidV4 } from "uuid";
 
-import { BytesUtils } from "../utils/bytes.js";
+import { buildBigIntFromUint8Array } from "../utils/bytes.js";
 
 import { decryptEipKeystore, keccak256Checksum } from "./cipher.js";
 import { isCredentialValid, isKeystoreValid } from "./schema_validator.js";
@@ -250,35 +250,26 @@ export class Keystore {
       const str = bytesToUtf8(bytes);
       const obj = JSON.parse(str);
 
-      // Little Endian
-      const idCommitmentLE = Keystore.fromArraylikeToBytes(
-        _.get(obj, "identityCredential.idCommitment", [])
-      );
-      const idTrapdoorLE = Keystore.fromArraylikeToBytes(
-        _.get(obj, "identityCredential.idTrapdoor", [])
-      );
-      const idNullifierLE = Keystore.fromArraylikeToBytes(
-        _.get(obj, "identityCredential.idNullifier", [])
-      );
-      const idSecretHashLE = Keystore.fromArraylikeToBytes(
-        _.get(obj, "identityCredential.idSecretHash", [])
-      );
-
-      // Big Endian
-      const idCommitmentBE = BytesUtils.switchEndianness(idCommitmentLE);
-      const idTrapdoorBE = BytesUtils.switchEndianness(idTrapdoorLE);
-      const idNullifierBE = BytesUtils.switchEndianness(idNullifierLE);
-      const idSecretHashBE = BytesUtils.switchEndianness(idSecretHashLE);
-      const idCommitmentBigInt =
-        BytesUtils.buildBigIntFromUint8ArrayBE(idCommitmentBE);
-
+      // TODO: add runtime validation of nwaku credentials
       return {
         identity: {
-          IDCommitment: idCommitmentBE,
-          IDTrapdoor: idTrapdoorBE,
-          IDNullifier: idNullifierBE,
-          IDSecretHash: idSecretHashBE,
-          IDCommitmentBigInt: idCommitmentBigInt
+          IDCommitment: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idCommitment", [])
+          ),
+          IDTrapdoor: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idTrapdoor", [])
+          ),
+          IDNullifier: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idNullifier", [])
+          ),
+          IDCommitmentBigInt: buildBigIntFromUint8Array(
+            Keystore.fromArraylikeToBytes(
+              _.get(obj, "identityCredential.idCommitment", [])
+            )
+          ),
+          IDSecretHash: Keystore.fromArraylikeToBytes(
+            _.get(obj, "identityCredential.idSecretHash", [])
+          )
         },
         membership: {
           treeIndex: _.get(obj, "treeIndex"),
@@ -329,21 +320,14 @@ export class Keystore {
 
   // follows nwaku implementation
   // https://github.com/waku-org/nwaku/blob/f05528d4be3d3c876a8b07f9bb7dfaae8aa8ec6e/waku/waku_keystore/protocol_types.nim#L98
-  // IdentityCredential is stored in Big Endian format => switch to Little Endian
   private static fromIdentityToBytes(options: KeystoreEntity): Uint8Array {
     return utf8ToBytes(
       JSON.stringify({
         treeIndex: options.membership.treeIndex,
         identityCredential: {
-          idCommitment: Array.from(
-            BytesUtils.switchEndianness(options.identity.IDCommitment)
-          ),
-          idNullifier: Array.from(
-            BytesUtils.switchEndianness(options.identity.IDNullifier)
-          ),
-          idSecretHash: Array.from(
-            BytesUtils.switchEndianness(options.identity.IDSecretHash)
-          ),
+          idCommitment: Array.from(options.identity.IDCommitment),
+          idNullifier: Array.from(options.identity.IDNullifier),
+          idSecretHash: Array.from(options.identity.IDSecretHash),
           idTrapdoor: Array.from(options.identity.IDTrapdoor)
         },
         membershipContract: {

package/src/proof.ts

@@ -1,6 +1,6 @@
 import type { IRateLimitProof } from "@waku/interfaces";
 
-import { BytesUtils, poseidonHash } from "./utils/index.js";
+import { concatenate, poseidonHash } from "./utils/index.js";
 
 const proofOffset = 128;
 const rootOffset = proofOffset + 32;
@@ -57,7 +57,7 @@ export class Proof implements IRateLimitProof {
 }
 
 export function proofToBytes(p: IRateLimitProof): Uint8Array {
-  return BytesUtils.concatenate(
+  return concatenate(
     p.proof,
     p.merkleRoot,
     p.epoch,

package/src/utils/bytes.ts

@@ -1,130 +1,84 @@
-export class BytesUtils {
-  /**
-   * Switches endianness of a byte array
-   */
-  public static switchEndianness(bytes: Uint8Array): Uint8Array {
-    return new Uint8Array(bytes.reverse());
+/**
+ * Concatenate Uint8Arrays
+ * @param input
+ * @returns concatenation of all Uint8Array received as input
+ */
+export function concatenate(...input: Uint8Array[]): Uint8Array {
+  let totalLength = 0;
+  for (const arr of input) {
+    totalLength += arr.length;
   }
-
-  /**
-   * Builds a BigInt from a big-endian Uint8Array
-   * @param bytes The big-endian bytes to convert
-   * @returns The resulting BigInt in big-endian format
-   */
-  public static buildBigIntFromUint8ArrayBE(bytes: Uint8Array): bigint {
-    let result = 0n;
-    for (let i = 0; i < bytes.length; i++) {
-      result = (result << 8n) + BigInt(bytes[i]);
-    }
-    return result;
+  const result = new Uint8Array(totalLength);
+  let offset = 0;
+  for (const arr of input) {
+    result.set(arr, offset);
+    offset += arr.length;
   }
+  return result;
+}
 
-  /**
-   * Switches endianness of a bigint value
-   * @param value The bigint value to switch endianness for
-   * @returns The bigint value with reversed endianness
-   */
-  public static switchEndiannessBigInt(value: bigint): bigint {
-    // Convert bigint to byte array
-    const bytes = [];
-    let tempValue = value;
-    while (tempValue > 0n) {
-      bytes.push(Number(tempValue & 0xffn));
-      tempValue >>= 8n;
-    }
+// Adapted from https://github.com/feross/buffer
+function checkInt(
+  buf: Uint8Array,
+  value: number,
+  offset: number,
+  ext: number,
+  max: number,
+  min: number
+): void {
+  if (value > max || value < min)
+    throw new RangeError('"value" argument is out of bounds');
+  if (offset + ext > buf.length) throw new RangeError("Index out of range");
+}
 
-    // Reverse bytes and convert back to bigint
-    return bytes
-      .reverse()
-      .reduce((acc, byte) => (acc << 8n) + BigInt(byte), 0n);
+export function writeUIntLE(
+  buf: Uint8Array,
+  value: number,
+  offset: number,
+  byteLength: number,
+  noAssert?: boolean
+): Uint8Array {
+  value = +value;
+  offset = offset >>> 0;
+  byteLength = byteLength >>> 0;
+  if (!noAssert) {
+    const maxBytes = Math.pow(2, 8 * byteLength) - 1;
+    checkInt(buf, value, offset, byteLength, maxBytes, 0);
   }
 
-  /**
-   * Converts a big-endian bigint to a 32-byte big-endian Uint8Array
-   * @param value The big-endian bigint to convert
-   * @returns A 32-byte big-endian Uint8Array
-   */
-  public static bigIntToUint8Array32BE(value: bigint): Uint8Array {
-    const bytes = new Uint8Array(32);
-    for (let i = 31; i >= 0; i--) {
-      bytes[i] = Number(value & 0xffn);
-      value >>= 8n;
-    }
-    return bytes;
+  let mul = 1;
+  let i = 0;
+  buf[offset] = value & 0xff;
+  while (++i < byteLength && (mul *= 0x100)) {
+    buf[offset + i] = (value / mul) & 0xff;
   }
 
-  /**
-   * Writes an unsigned integer to a buffer in little-endian format
-   */
-  public static writeUIntLE(
-    buf: Uint8Array,
-    value: number,
-    offset: number,
-    byteLength: number,
-    noAssert?: boolean
-  ): Uint8Array {
-    value = +value;
-    offset = offset >>> 0;
-    byteLength = byteLength >>> 0;
-    if (!noAssert) {
-      const maxBytes = Math.pow(2, 8 * byteLength) - 1;
-      BytesUtils.checkInt(buf, value, offset, byteLength, maxBytes, 0);
-    }
-
-    let mul = 1;
-    let i = 0;
-    buf[offset] = value & 0xff;
-    while (++i < byteLength && (mul *= 0x100)) {
-      buf[offset + i] = (value / mul) & 0xff;
-    }
-
-    return buf;
-  }
-
-  /**
-   * Fills with zeros to set length
-   * @param array little endian Uint8Array
-   * @param length amount to pad
-   * @returns little endian Uint8Array padded with zeros to set length
-   */
-  public static zeroPadLE(array: Uint8Array, length: number): Uint8Array {
-    const result = new Uint8Array(length);
-    for (let i = 0; i < length; i++) {
-      result[i] = array[i] || 0;
-    }
-    return result;
-  }
+  return buf;
+}
 
-  // Adapted from https://github.com/feross/buffer
-  public static checkInt(
-    buf: Uint8Array,
-    value: number,
-    offset: number,
-    ext: number,
-    max: number,
-    min: number
-  ): void {
-    if (value > max || value < min)
-      throw new RangeError('"value" argument is out of bounds');
-    if (offset + ext > buf.length) throw new RangeError("Index out of range");
-  }
+/**
+ * Transforms Uint8Array into BigInt
+ * @param array: Uint8Array
+ * @returns BigInt
+ */
+export function buildBigIntFromUint8Array(
+  array: Uint8Array,
+  byteOffset: number = 0
+): bigint {
+  const dataView = new DataView(array.buffer);
+  return dataView.getBigUint64(byteOffset, true);
+}
 
-  /**
-   * Concatenate Uint8Arrays
-   * @param input
-   * @returns concatenation of all Uint8Array received as input
-   */
-  public static concatenate(...input: Uint8Array[]): Uint8Array {
-    let totalLength = 0;
-    for (const arr of input) {
-      totalLength += arr.length;
-    }
-    const result = new Uint8Array(totalLength);
-    let offset = 0;
-    for (const arr of input) {
-      result.set(arr, offset);
-      offset += arr.length;
-    }
-    return result;
+/**
+ * Fills with zeros to set length
+ * @param array little endian Uint8Array
+ * @param length amount to pad
+ * @returns little endian Uint8Array padded with zeros to set length
+ */
+export function zeroPadLE(array: Uint8Array, length: number): Uint8Array {
+  const result = new Uint8Array(length);
+  for (let i = 0; i < length; i++) {
+    result[i] = array[i] || 0;
   }
+  return result;
 }

package/src/utils/hash.ts

@@ -1,25 +1,15 @@
 import * as zerokitRLN from "@waku/zerokit-rln-wasm";
 
-import { BytesUtils } from "./bytes.js";
+import { concatenate, writeUIntLE } from "./bytes.js";
 
 export function poseidonHash(...input: Array<Uint8Array>): Uint8Array {
-  const inputLen = BytesUtils.writeUIntLE(
-    new Uint8Array(8),
-    input.length,
-    0,
-    8
-  );
-  const lenPrefixedData = BytesUtils.concatenate(inputLen, ...input);
+  const inputLen = writeUIntLE(new Uint8Array(8), input.length, 0, 8);
+  const lenPrefixedData = concatenate(inputLen, ...input);
   return zerokitRLN.poseidonHash(lenPrefixedData);
 }
 
 export function sha256(input: Uint8Array): Uint8Array {
-  const inputLen = BytesUtils.writeUIntLE(
-    new Uint8Array(8),
-    input.length,
-    0,
-    8
-  );
-  const lenPrefixedData = BytesUtils.concatenate(inputLen, input);
+  const inputLen = writeUIntLE(new Uint8Array(8), input.length, 0, 8);
+  const lenPrefixedData = concatenate(inputLen, input);
   return zerokitRLN.hash(lenPrefixedData);
 }

package/src/utils/index.ts

@@ -1,4 +1,9 @@
 export { extractMetaMaskSigner } from "./metamask.js";
-export { BytesUtils } from "./bytes.js";
+export {
+  concatenate,
+  writeUIntLE,
+  buildBigIntFromUint8Array,
+  zeroPadLE
+} from "./bytes.js";
 export { sha256, poseidonHash } from "./hash.js";
 export { dateToEpoch, epochIntToBytes, epochBytesToInt } from "./epoch.js";