@zkpassport/sdk 0.2.5 → 0.2.7

package/README.md

@@ -4,7 +4,7 @@ Privacy-preserving identity verification using passports and ID cards.
 
 _⚠️ Warning ⚠️_
 
-_This version of the SDK is only compatible with the version 0.5 and above of ZKPassport mobile app._
+_This is experimental software that has not been audited yet. Use at your own risk._
 
 ## Installation
 
@@ -15,21 +15,21 @@ npm install @zkpassport/sdk
 ## How to use
 
 ```ts
-import { ZKPassport, EU_COUNTRIES } from '@zkpassport/sdk'
+import { ZKPassport, EU_COUNTRIES } from "@zkpassport/sdk"
 
 // Replace with your domain
-const zkPassport = new ZKPassport('demo.zkpassport.id')
+const zkPassport = new ZKPassport("demo.zkpassport.id")
 
 // Specify your app name, logo and the purpose of the request
 // you'll send to your visitors or users
 const queryBuilder = await zkPassport.request({
-  name: 'ZKPassport',
-  logo: 'https://zkpassport.id/logo.png',
-  purpose: 'Prove you are an adult from the EU but not from Scandinavia',
+  name: "ZKPassport",
+  logo: "https://zkpassport.id/logo.png",
+  purpose: "Prove you are an adult from the EU but not from Scandinavia",
   // The scope is optional and can be used to scope the unique identifier
   // of the request to a specific use case
   // By default, the request's unique identifier is scoped to your domain name only
-  scope: 'eu-adult-not-scandinavia',
+  scope: "eu-adult-not-scandinavia",
 })
 
 // Specify the data you want to disclose
@@ -47,10 +47,10 @@ const {
   onReject,
   onError,
 } = queryBuilder
-  .disclose('firstname')
-  .gte('age', 18)
-  .in('nationality', EU_COUNTRIES)
-  .out('nationality', ['Sweden', 'Denmark'])
+  .disclose("firstname")
+  .gte("age", 18)
+  .in("nationality", EU_COUNTRIES)
+  .out("nationality", ["Sweden", "Denmark"])
   .done()
 
 // Generate a QR Code with the url and let your user scan it
@@ -60,12 +60,12 @@ onRequestReceived(() => {
   // The user scanned the QR code or clicked the link to the request
   // Essentially, this means the request popup is now opened
   // on the user phone
-  console.log('Request received')
+  console.log("Request received")
 })
 
 onGeneratingProof(() => {
   // The user accepted the request and the proof is being generated
-  console.log('Generating proof')
+  console.log("Generating proof")
 })
 
 // You probably don't need to use this callback
@@ -75,10 +75,10 @@ onProofGenerated(({ proof, vkeyHash, version, name }: ProofResult) => {
   // Here, you can retrieve the proof manually and verify it
   // But note that the verification of the proofs is handled
   // automatically by the SDK
-  console.log('Proof generated', proof)
-  console.log('Verification key hash', vkeyHash)
-  console.log('Version', version)
-  console.log('Name', name)
+  console.log("Proof generated", proof)
+  console.log("Verification key hash", vkeyHash)
+  console.log("Version", version)
+  console.log("Name", name)
 })
 
 // That's the callback you're looking for
@@ -93,22 +93,22 @@ onResult(
     result: QueryResult
   }) => {
     // All the proofs have been generated and the final result is available
-    console.log('firstname', result.firstname.disclose.result)
-    console.log('age over 18', result.age.gte.result)
-    console.log('nationality in EU', result.nationality.in.result)
-    console.log('nationality not from Scandinavia', result.nationality.out.result)
+    console.log("firstname", result.firstname.disclose.result)
+    console.log("age over 18", result.age.gte.result)
+    console.log("nationality in EU", result.nationality.in.result)
+    console.log("nationality not from Scandinavia", result.nationality.out.result)
     // You can also retrieved what were the values originally requested
-    console.log('age over', result.age.gte.expected)
-    console.log('nationality in', result.nationality.in.expected)
-    console.log('nationality not in', result.nationality.out.expected)
+    console.log("age over", result.age.gte.expected)
+    console.log("nationality in", result.nationality.in.expected)
+    console.log("nationality not in", result.nationality.out.expected)
     // You can make sure the proof are valid by checking verified is set to true
-    console.log('proofs are valid', verified)
+    console.log("proofs are valid", verified)
     // You can also retrieve the unique identifier associated to this request
     // The assumption is that the unique identifier will be the same if coming
     // from the same ID for the same domain name and scope
     // So you can use it to identify if the user has already provided the proof
     // for this specific use case
-    console.log('unique identifier', uniqueIdentifier)
+    console.log("unique identifier", uniqueIdentifier)
   },
 )
 ```
@@ -122,17 +122,17 @@ You can integrate `@zkpassport/sdk` into a Next.js application by creating a bac
 **App Router:** `app/api/zkpassport/route.ts`
 
 ```typescript
-import { NextResponse } from 'next/server'
-import { ZKPassport } from '@zkpassport/sdk'
+import { NextResponse } from "next/server"
+import { ZKPassport } from "@zkpassport/sdk"
 
 export async function GET() {
-  const zkPassport = new ZKPassport('demo.zkpassport.id') // Replace with your domain
+  const zkPassport = new ZKPassport("demo.zkpassport.id") // Replace with your domain
   const queryBuilder = await zkPassport.request({
-    name: 'ZKPassport Demo',
-    logo: 'https://via.placeholder.com/150',
-    purpose: 'Verify user nationality and first name',
+    name: "ZKPassport Demo",
+    logo: "https://via.placeholder.com/150",
+    purpose: "Verify user nationality and first name",
   })
-  const { url } = queryBuilder.disclose('nationality').disclose('firstname').done()
+  const { url } = queryBuilder.disclose("nationality").disclose("firstname").done()
   return NextResponse.json({ url })
 }
 ```
@@ -142,14 +142,14 @@ export async function GET() {
 **App Router:** `app/page.tsx`
 
 ```tsx
-'use client'
-import { useEffect, useState } from 'react'
+"use client"
+import { useEffect, useState } from "react"
 
 export default function Home() {
   const [verificationUrl, setVerificationUrl] = useState<string | null>(null)
 
   useEffect(() => {
-    fetch('/api/zkpassport')
+    fetch("/api/zkpassport")
       .then((res) => res.json())
       .then((data) => setVerificationUrl(data.url))
       .catch(console.error)

package/dist/cjs/encryption.d.ts

@@ -1,7 +1,7 @@
 export declare function generateECDHKeyPair(): Promise<{
-    privateKey: Uint8Array;
-    publicKey: Uint8Array;
+    privateKey: import("@noble/secp256k1").Bytes;
+    publicKey: import("@noble/secp256k1").Bytes;
 }>;
-export declare function getSharedSecret(privateKey: string, publicKey: string): Promise<Uint8Array>;
-export declare function encrypt(message: string, sharedSecret: Uint8Array, topic: string): Promise<Uint8Array>;
+export declare function getSharedSecret(privateKey: string, publicKey: string): Promise<Uint8Array<ArrayBuffer>>;
+export declare function encrypt(message: string, sharedSecret: Uint8Array, topic: string): Promise<Uint8Array<ArrayBufferLike>>;
 export declare function decrypt(ciphertext: Uint8Array, sharedSecret: Uint8Array, topic: string): Promise<string>;

package/dist/cjs/encryption.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateECDHKeyPair = generateECDHKeyPair;
 exports.getSharedSecret = getSharedSecret;

package/dist/cjs/index.js

@@ -10,10 +10,18 @@ const websocket_1 = require("./websocket");
 const json_rpc_1 = require("./json-rpc");
 const encryption_1 = require("./encryption");
 const logger_1 = require("./logger");
-const node_gzip_1 = require("node-gzip");
+const pako_1 = require("pako");
 //import initNoirC from '@noir-lang/noirc_abi'
 //import initACVM from '@noir-lang/acvm_js'
 const en_json_1 = tslib_1.__importDefault(require("i18n-iso-countries/langs/en.json"));
+const buffer_1 = require("buffer/");
+// If Buffer is not defined, then we use the Buffer from the buffer package
+if (typeof globalThis.Buffer === "undefined") {
+    globalThis.Buffer = buffer_1.Buffer;
+    if (typeof window !== "undefined") {
+        window.Buffer = buffer_1.Buffer;
+    }
+}
 (0, i18n_iso_countries_1.registerLocale)(en_json_1.default);
 function hasRequestedAccessToField(credentialsRequest, field) {
     const fieldValue = credentialsRequest[field];
@@ -172,8 +180,8 @@ class ZKPassport {
         else if (request.method === "proof") {
             logger_1.noLogger.debug(`User generated proof`);
             // Uncompress the proof and convert it to a hex string
-            const bytesProof = Buffer.from(request.params.proof, "base64");
-            const uncompressedProof = await (0, node_gzip_1.ungzip)(bytesProof);
+            const bytesProof = buffer_1.Buffer.from(request.params.proof, "base64");
+            const uncompressedProof = (0, pako_1.inflate)(bytesProof);
             // The gzip lib in the app compress the proof as ASCII
             // and since the app passes the proof as a hex string, we can
             // just decode the bytes as hex characters using the TextDecoder
@@ -276,8 +284,8 @@ class ZKPassport {
               return this.getZkPassportRequest(topic)
             },*/
             done: () => {
-                const base64Config = Buffer.from(JSON.stringify(this.topicToConfig[topic])).toString("base64");
-                const base64Service = Buffer.from(JSON.stringify(this.topicToService[topic])).toString("base64");
+                const base64Config = buffer_1.Buffer.from(JSON.stringify(this.topicToConfig[topic])).toString("base64");
+                const base64Service = buffer_1.Buffer.from(JSON.stringify(this.topicToService[topic])).toString("base64");
                 const pubkey = (0, utils_2.bytesToHex)(this.topicToKeyPair[topic].publicKey);
                 this.setExpectedProofCount(topic);
                 return {
@@ -333,7 +341,7 @@ class ZKPassport {
                     logger_1.noLogger.debug("[frontend] Received handshake:", event.data);
                     this.topicToRequestReceived[topic] = true;
                     this.topicToSharedSecret[topic] = await (0, encryption_1.getSharedSecret)((0, utils_2.bytesToHex)(keyPair.privateKey), data.params.pubkey);
-                    logger_1.noLogger.debug("[frontend] Shared secret:", Buffer.from(this.topicToSharedSecret[topic]).toString("hex"));
+                    logger_1.noLogger.debug("[frontend] Shared secret:", buffer_1.Buffer.from(this.topicToSharedSecret[topic]).toString("hex"));
                     const encryptedMessage = await (0, json_rpc_1.createEncryptedJsonRpcRequest)("hello", null, this.topicToSharedSecret[topic], topic);
                     logger_1.noLogger.debug("[frontend] Sending encrypted message:", encryptedMessage);
                     wsClient.send(JSON.stringify(encryptedMessage));
@@ -928,7 +936,7 @@ class ZKPassport {
             for (const proof of proofsToVerify) {
                 const proofData = (0, utils_1.getProofData)(proof.proof, true);
                 const hostedPackagedCircuit = await (0, utils_1.getHostedPackagedCircuitByName)(proof.version, proof.name);
-                const vkeyBytes = Buffer.from(hostedPackagedCircuit.vkey, "base64");
+                const vkeyBytes = buffer_1.Buffer.from(hostedPackagedCircuit.vkey, "base64");
                 try {
                     verified = await verifier.verifyUltraHonkProof(proofData, new Uint8Array(vkeyBytes));
                 }
@@ -953,8 +961,8 @@ class ZKPassport {
      */
     getUrl(requestId) {
         const pubkey = (0, utils_2.bytesToHex)(this.topicToKeyPair[requestId].publicKey);
-        const base64Config = Buffer.from(JSON.stringify(this.topicToConfig[requestId])).toString("base64");
-        const base64Service = Buffer.from(JSON.stringify(this.topicToService[requestId])).toString("base64");
+        const base64Config = buffer_1.Buffer.from(JSON.stringify(this.topicToConfig[requestId])).toString("base64");
+        const base64Service = buffer_1.Buffer.from(JSON.stringify(this.topicToService[requestId])).toString("base64");
         return `https://zkpassport.id/r?d=${this.domain}&t=${requestId}&c=${base64Config}&s=${base64Service}&p=${pubkey}`;
     }
     /**

package/dist/esm/encryption.d.ts

@@ -1,7 +1,7 @@
 export declare function generateECDHKeyPair(): Promise<{
-    privateKey: Uint8Array;
-    publicKey: Uint8Array;
+    privateKey: import("@noble/secp256k1").Bytes;
+    publicKey: import("@noble/secp256k1").Bytes;
 }>;
-export declare function getSharedSecret(privateKey: string, publicKey: string): Promise<Uint8Array>;
-export declare function encrypt(message: string, sharedSecret: Uint8Array, topic: string): Promise<Uint8Array>;
+export declare function getSharedSecret(privateKey: string, publicKey: string): Promise<Uint8Array<ArrayBuffer>>;
+export declare function encrypt(message: string, sharedSecret: Uint8Array, topic: string): Promise<Uint8Array<ArrayBufferLike>>;
 export declare function decrypt(ciphertext: Uint8Array, sharedSecret: Uint8Array, topic: string): Promise<string>;

package/dist/esm/index.js

@@ -6,10 +6,18 @@ import { getWebSocketClient } from "./websocket";
 import { createEncryptedJsonRpcRequest } from "./json-rpc";
 import { decrypt, generateECDHKeyPair, getSharedSecret } from "./encryption";
 import { noLogger as logger } from "./logger";
-import { ungzip } from "node-gzip";
+import { inflate } from "pako";
 //import initNoirC from '@noir-lang/noirc_abi'
 //import initACVM from '@noir-lang/acvm_js'
 import i18en from "i18n-iso-countries/langs/en.json";
+import { Buffer } from "buffer/";
+// If Buffer is not defined, then we use the Buffer from the buffer package
+if (typeof globalThis.Buffer === "undefined") {
+    globalThis.Buffer = Buffer;
+    if (typeof window !== "undefined") {
+        window.Buffer = Buffer;
+    }
+}
 registerLocale(i18en);
 function hasRequestedAccessToField(credentialsRequest, field) {
     const fieldValue = credentialsRequest[field];
@@ -163,7 +171,7 @@ export class ZKPassport {
             logger.debug(`User generated proof`);
             // Uncompress the proof and convert it to a hex string
             const bytesProof = Buffer.from(request.params.proof, "base64");
-            const uncompressedProof = await ungzip(bytesProof);
+            const uncompressedProof = inflate(bytesProof);
             // The gzip lib in the app compress the proof as ASCII
             // and since the app passes the proof as a hex string, we can
             // just decode the bytes as hex characters using the TextDecoder

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zkpassport/sdk",
-  "version": "0.2.5",
+  "version": "0.2.7",
   "description": "Privacy-preserving identity verification using passports and ID cards",
   "main": "./dist/cjs/index.js",
   "module": "./dist/esm/index.js",
@@ -31,18 +31,20 @@
     "@jest/globals": "^29.7.0",
     "@types/jest": "^29.5.14",
     "@types/node": "^22.10.9",
-    "@types/node-gzip": "^1.1.3",
+    "@types/pako": "^2.0.3",
     "@types/ws": "^8.5.12",
     "jest": "^29.7.0",
+    "ts-node": "^10.9.2",
     "typescript": "^5.6.2"
   },
   "dependencies": {
     "@aztec/bb.js": "^0.67.0",
     "@noble/ciphers": "^1.2.1",
     "@noble/secp256k1": "^2.2.3",
-    "@zkpassport/utils": "^0.2.12",
+    "@zkpassport/utils": "^0.2.16",
+    "buffer": "^6.0.3",
     "i18n-iso-countries": "^7.12.0",
-    "node-gzip": "^1.1.2",
+    "pako": "^2.1.0",
     "ws": "^8.18.0"
   },
   "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"

package/src/index.ts

@@ -37,10 +37,19 @@ import { getWebSocketClient, WebSocketClient } from "./websocket"
 import { createEncryptedJsonRpcRequest } from "./json-rpc"
 import { decrypt, generateECDHKeyPair, getSharedSecret } from "./encryption"
 import { noLogger as logger } from "./logger"
-import { ungzip } from "node-gzip"
+import { inflate } from "pako"
 //import initNoirC from '@noir-lang/noirc_abi'
 //import initACVM from '@noir-lang/acvm_js'
 import i18en from "i18n-iso-countries/langs/en.json"
+import { Buffer } from "buffer/"
+
+// If Buffer is not defined, then we use the Buffer from the buffer package
+if (typeof globalThis.Buffer === "undefined") {
+  globalThis.Buffer = Buffer as any
+  if (typeof window !== "undefined") {
+    window.Buffer = Buffer as any
+  }
+}
 
 registerLocale(i18en)
 
@@ -389,7 +398,7 @@ export class ZKPassport {
       logger.debug(`User generated proof`)
       // Uncompress the proof and convert it to a hex string
       const bytesProof = Buffer.from(request.params.proof, "base64")
-      const uncompressedProof = await ungzip(bytesProof)
+      const uncompressedProof = inflate(bytesProof)
       // The gzip lib in the app compress the proof as ASCII
       // and since the app passes the proof as a hex string, we can
       // just decode the bytes as hex characters using the TextDecoder
@@ -554,7 +563,7 @@ export class ZKPassport {
     scope?: string
     topicOverride?: string
     keyPairOverride?: { privateKey: Uint8Array; publicKey: Uint8Array }
-  }) {
+  }): Promise<QueryBuilder> {
     const topic = topicOverride || randomBytes(16).toString("hex")
 
     const keyPair = keyPairOverride || (await generateECDHKeyPair())

package/tsconfig.json

@@ -12,8 +12,7 @@
     "rootDir": "./src",
     "baseUrl": ".",
     "paths": {
-      "@/*": ["./src/*"],
-      "@/types": ["src/types/index.ts"]
+      "@/*": ["./src/*"]
     },
     "declaration": true,
     "isolatedModules": true,