npm - @zkpassport/sdk - Versions diffs - 0.3.0 → 0.3.2 - Mend

@zkpassport/sdk 0.3.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/cjs/assets/abi/ZKPassportVerifier.json +178 -31
package/dist/cjs/index.d.ts +21 -4
package/dist/cjs/index.js +154 -55
package/dist/esm/assets/abi/ZKPassportVerifier.json +178 -31
package/dist/esm/index.d.ts +21 -4
package/dist/esm/index.js +154 -55
package/package.json +3 -2
package/src/assets/abi/ZKPassportVerifier.json +178 -31
package/src/index.ts +215 -53

package/dist/esm/index.d.ts CHANGED Viewed

@@ -17,6 +17,7 @@ export type QueryResultErrors = {
         commitment?: QueryResultError<string>;
         date?: QueryResultError<string>;
         certificate?: QueryResultError<string>;
+        scope?: QueryResultError<string>;
     };
 };
 export type SolidityVerifierParameters = {
@@ -26,6 +27,9 @@ export type SolidityVerifierParameters = {
     committedInputs: string;
     committedInputCounts: number[];
     validityPeriodInDays: number;
+    scope: string;
+    subscope: string;
+    devMode: boolean;
 };
 export type EVMChain = "ethereum_sepolia" | "local_anvil";
 export type * from "@zkpassport/utils";
@@ -192,15 +196,17 @@ export declare class ZKPassport {
      * @param purpose To explain what you want to do with the user's data
      * @param scope Scope this request to a specific use case
      * @param validity How many days ago should have the ID been last scanned by the user?
+     * @param devMode Whether to enable dev mode. This will allow you to verify mock proofs (i.e. from ZKR)
      * @returns The query builder object.
      */
-    request({ name, logo, purpose, scope, mode, validity, topicOverride, keyPairOverride, }: {
+    request({ name, logo, purpose, scope, mode, validity, devMode, topicOverride, keyPairOverride, }: {
         name: string;
         logo: string;
         purpose: string;
         scope?: string;
         mode?: ProofMode;
         validity?: number;
+        devMode?: boolean;
         topicOverride?: string;
         keyPairOverride?: {
             privateKey: Uint8Array;
@@ -215,6 +221,8 @@ export declare class ZKPassport {
     private checkIssuingCountryExclusionPublicInputs;
     private checkNationalityInclusionPublicInputs;
     private checkIssuingCountryInclusionPublicInputs;
+    private checkScopeFromDisclosureProof;
+    private checkCertificateRegistryRoot;
     private checkPublicInputs;
     /**
      * @notice Verify the proofs received from the mobile app.
@@ -224,17 +232,20 @@ export declare class ZKPassport {
      * @returns An object containing the unique identifier associated to the user
      * and a boolean indicating whether the proofs were successfully verified.
      */
-    verify({ proofs, queryResult, validity, }: {
+    verify({ proofs, queryResult, validity, scope, devMode, }: {
         proofs: Array<ProofResult>;
         queryResult: QueryResult;
         validity?: number;
+        scope?: string;
+        devMode?: boolean;
     }): Promise<{
         uniqueIdentifier: string | undefined;
         verified: boolean;
         queryResultErrors?: QueryResultErrors;
     }>;
     getSolidityVerifierDetails(network: EVMChain): {
-        address: string;
+        address: `0x${string}`;
+        functionName: string;
         abi: {
             type: "function" | "event" | "constructor";
             name: string;
@@ -250,7 +261,13 @@ export declare class ZKPassport {
             }[];
         }[];
     };
-    getSolidityVerifierParameters(proof: ProofResult, validityPeriodInDays?: number): SolidityVerifierParameters;
+    getSolidityVerifierParameters({ proof, validityPeriodInDays, domain, scope, devMode, }: {
+        proof: ProofResult;
+        validityPeriodInDays?: number;
+        domain?: string;
+        scope?: string;
+        devMode?: boolean;
+    }): SolidityVerifierParameters;
     /**
      * @notice Returns the URL of the request.
      * @param requestId The request ID.

package/dist/esm/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { randomBytes } from "crypto";
 import { getAlpha3Code, registerLocale } from "i18n-iso-countries";
-import { getProofData, getCommitmentFromDSCProof, getCommitmentInFromIDDataProof, getCommitmentOutFromIDDataProof, getNullifierFromDisclosureProof, getCommitmentInFromIntegrityProof, getCommitmentOutFromIntegrityProof, getCommitmentInFromDisclosureProof, getMerkleRootFromDSCProof, getCurrentDateFromIntegrityProof, DisclosedData, formatName, getHostedPackagedCircuitByName, getNumberOfPublicInputs, getParameterCommitmentFromDisclosureProof, getCountryParameterCommitment, getDiscloseParameterCommitment, getDateParameterCommitment, getCertificateRegistryRootFromOuterProof, getParamCommitmentsFromOuterProof, getCurrentDateFromCommittedInputs, getMinAgeFromCommittedInputs, getMaxAgeFromCommittedInputs, getAgeParameterCommitment, getMinDateFromCommittedInputs, getMaxDateFromCommittedInputs, getCurrentDateFromOuterProof, getNullifierFromOuterProof, getAgeEVMParameterCommitment, getDateEVMParameterCommitment, getDiscloseEVMParameterCommitment, getCountryEVMParameterCommitment, rightPadArrayWithZeros, getCommittedInputCount, ProofType, } from "@zkpassport/utils";
+import { getProofData, getCommitmentFromDSCProof, getCommitmentInFromIDDataProof, getCommitmentOutFromIDDataProof, getNullifierFromDisclosureProof, getCommitmentInFromIntegrityProof, getCommitmentOutFromIntegrityProof, getCommitmentInFromDisclosureProof, getMerkleRootFromDSCProof, getCurrentDateFromIntegrityProof, DisclosedData, formatName, getHostedPackagedCircuitByName, getNumberOfPublicInputs, getParameterCommitmentFromDisclosureProof, getCountryParameterCommitment, getDiscloseParameterCommitment, getDateParameterCommitment, getCertificateRegistryRootFromOuterProof, getParamCommitmentsFromOuterProof, getCurrentDateFromCommittedInputs, getMinAgeFromCommittedInputs, getMaxAgeFromCommittedInputs, getAgeParameterCommitment, getMinDateFromCommittedInputs, getMaxDateFromCommittedInputs, getCurrentDateFromOuterProof, getNullifierFromOuterProof, getAgeEVMParameterCommitment, getDateEVMParameterCommitment, getDiscloseEVMParameterCommitment, getCountryEVMParameterCommitment, rightPadArrayWithZeros, getCommittedInputCount, ProofType, getScopeHash, getScopeFromOuterProof, getSubscopeFromOuterProof, } from "@zkpassport/utils";
 import { bytesToHex } from "@noble/ciphers/utils";
 import { getWebSocketClient } from "./websocket";
 import { createEncryptedJsonRpcRequest } from "./json-rpc";
@@ -9,9 +9,10 @@ import { noLogger as logger } from "./logger";
 import { inflate } from "pako";
 import i18en from "i18n-iso-countries/langs/en.json";
 import { Buffer } from "buffer/";
-import { sha256 } from "@noble/hashes/sha256";
+import { sha256 } from "@noble/hashes/sha2";
 import { hexToBytes } from "@noble/hashes/utils";
 import ZKPassportVerifierAbi from "./assets/abi/ZKPassportVerifier.json";
+import { RegistryClient } from "@zkpassport/registry";
 const DEFAULT_DATE_VALUE = new Date(1111, 10, 11);
 // If Buffer is not defined, then we use the Buffer from the buffer package
 if (typeof globalThis.Buffer === "undefined") {
@@ -36,9 +37,12 @@ function hasRequestedAccessToField(credentialsRequest, field) {
     return false;
 }
 function normalizeCountry(country) {
+    if (country === "Zero Knowledge Republic") {
+        return "ZKR";
+    }
     let normalizedCountry;
     const alpha3 = getAlpha3Code(country, "en");
-    normalizedCountry = alpha3 || country;
+    normalizedCountry = alpha3 || country || "ZKR";
     return normalizedCountry;
 }
 function numericalCompare(fnName, key, value, requestId, requestIdToConfig) {
@@ -95,6 +99,8 @@ export class ZKPassport {
             proofs: this.topicToProofs[topic],
             queryResult: result,
             validity: this.topicToLocalConfig[topic]?.validity,
+            scope: this.topicToService[topic]?.scope,
+            devMode: this.topicToLocalConfig[topic]?.devMode,
         });
         delete this.topicToProofs[topic];
         const hasFailedProofs = this.topicToFailedProofCount[topic] > 0;
@@ -341,9 +347,10 @@ export class ZKPassport {
      * @param purpose To explain what you want to do with the user's data
      * @param scope Scope this request to a specific use case
      * @param validity How many days ago should have the ID been last scanned by the user?
+     * @param devMode Whether to enable dev mode. This will allow you to verify mock proofs (i.e. from ZKR)
      * @returns The query builder object.
      */
-    async request({ name, logo, purpose, scope, mode, validity, topicOverride, keyPairOverride, }) {
+    async request({ name, logo, purpose, scope, mode, validity, devMode, topicOverride, keyPairOverride, }) {
         const topic = topicOverride || randomBytes(16).toString("hex");
         const keyPair = keyPairOverride || (await generateECDHKeyPair());
         this.topicToKeyPair[topic] = {
@@ -358,6 +365,7 @@ export class ZKPassport {
             // Default to 6 months
             validity: validity || 6 * 30,
             mode: mode || "fast",
+            devMode: devMode || false,
         };
         this.onRequestReceivedCallbacks[topic] = [];
         this.onGeneratingProofCallbacks[topic] = [];
@@ -1234,16 +1242,61 @@ export class ZKPassport {
         }
         return { isCorrect, queryResultErrors };
     }
-    async checkPublicInputs(proofs, queryResult, validity) {
+    checkScopeFromDisclosureProof(proofData, queryResultErrors, key, scope) {
+        let isCorrect = true;
+        if (this.domain && getScopeHash(this.domain) !== BigInt(proofData.publicInputs[1])) {
+            console.warn("The proof comes from a different domain than the one expected");
+            isCorrect = false;
+            queryResultErrors[key].scope = {
+                expected: `Scope: ${getScopeHash(this.domain).toString()}`,
+                received: `Scope: ${BigInt(proofData.publicInputs[1]).toString()}`,
+                message: "The proof comes from a different domain than the one expected",
+            };
+        }
+        if (scope && getScopeHash(scope) !== BigInt(proofData.publicInputs[2])) {
+            console.warn("The proof uses a different scope than the one expected");
+            isCorrect = false;
+            queryResultErrors[key].scope = {
+                expected: `Scope: ${getScopeHash(scope).toString()}`,
+                received: `Scope: ${BigInt(proofData.publicInputs[2]).toString()}`,
+                message: "The proof uses a different scope than the one expected",
+            };
+        }
+        return { isCorrect, queryResultErrors };
+    }
+    async checkCertificateRegistryRoot(root, queryResultErrors, outer) {
+        let isCorrect = true;
+        try {
+            // Maintained certificate registry settled onchain
+            // Here we use Ethereum Sepolia
+            const registryClient = new RegistryClient({ chainId: 11155111 });
+            await registryClient.getCertificates(`0x${root}`);
+        }
+        catch (error) {
+            console.warn(error);
+            // Check the legacy static roots that were used before the registry was deployed onchain
+            const VALID_CERTIFICATE_REGISTRY_ROOT = [
+                BigInt("20192042006788880778219739574377003123593792072535937278552252195461520776494"),
+                BigInt("21301853597069384763054217328384418971999152625381818922211526730996340553696"),
+                BigInt("10839898448097753834842514286432152806152415606387598803678317315409344029817"),
+            ];
+            if (!VALID_CERTIFICATE_REGISTRY_ROOT.includes(BigInt(root))) {
+                console.warn("The ID was signed by an unrecognized root certificate");
+                isCorrect = false;
+                queryResultErrors[outer ? "outer" : "sig_check_dsc"].certificate = {
+                    expected: `A valid root from ZKPassport Registry`,
+                    received: `Got invalid certificate registry root: ${root}`,
+                    message: "The ID was signed by an unrecognized root certificate",
+                };
+            }
+        }
+        return { isCorrect, queryResultErrors };
+    }
+    async checkPublicInputs(proofs, queryResult, validity, scope) {
         let commitmentIn;
         let commitmentOut;
         let isCorrect = true;
         let uniqueIdentifier;
-        const VALID_CERTIFICATE_REGISTRY_ROOT = [
-            BigInt("20192042006788880778219739574377003123593792072535937278552252195461520776494"),
-            BigInt("21301853597069384763054217328384418971999152625381818922211526730996340553696"),
-            BigInt("10839898448097753834842514286432152806152415606387598803678317315409344029817"),
-        ];
         const currentTime = new Date();
         const today = new Date(currentTime.getFullYear(), currentTime.getMonth(), currentTime.getDate(), 0, 0, 0, 0);
         let queryResultErrors = {
@@ -1291,15 +1344,12 @@ export class ZKPassport {
             if (proof.name?.startsWith("outer")) {
                 const isForEVM = proof.name?.startsWith("outer_evm");
                 const certificateRegistryRoot = getCertificateRegistryRootFromOuterProof(proofData);
-                if (!VALID_CERTIFICATE_REGISTRY_ROOT.includes(certificateRegistryRoot)) {
-                    console.warn("The ID was signed by an unrecognized root certificate");
-                    isCorrect = false;
-                    queryResultErrors.outer.certificate = {
-                        expected: `Certificate registry root: ${VALID_CERTIFICATE_REGISTRY_ROOT.join(", ")}`,
-                        received: `Certificate registry root: ${certificateRegistryRoot.toString()}`,
-                        message: "The ID was signed by an unrecognized root certificate",
-                    };
-                }
+                const { isCorrect: isCorrectCertificateRegistryRoot, queryResultErrors: queryResultErrorsCertificateRegistryRoot, } = await this.checkCertificateRegistryRoot(certificateRegistryRoot.toString(16), queryResultErrors, true);
+                isCorrect = isCorrect && isCorrectCertificateRegistryRoot;
+                queryResultErrors = {
+                    ...queryResultErrors,
+                    ...queryResultErrorsCertificateRegistryRoot,
+                };
                 const currentDate = getCurrentDateFromOuterProof(proofData);
                 const todayToCurrentDate = today.getTime() - currentDate.getTime();
                 const differenceInDays = validity ?? 180;
@@ -1327,6 +1377,24 @@ export class ZKPassport {
                         message: "The proof does not verify all the requested conditions and information",
                     };
                 }
+                if (this.domain && getScopeHash(this.domain) !== getScopeFromOuterProof(proofData)) {
+                    console.warn("The proof comes from a different domain than the one expected");
+                    isCorrect = false;
+                    queryResultErrors.outer.scope = {
+                        expected: `Scope: ${getScopeHash(this.domain).toString()}`,
+                        received: `Scope: ${getScopeFromOuterProof(proofData).toString()}`,
+                        message: "The proof comes from a different domain than the one expected",
+                    };
+                }
+                if (scope && getScopeHash(scope) !== getSubscopeFromOuterProof(proofData)) {
+                    console.warn("The proof uses a different scope than the one expected");
+                    isCorrect = false;
+                    queryResultErrors.outer.scope = {
+                        expected: `Scope: ${getScopeHash(scope).toString()}`,
+                        received: `Scope: ${getSubscopeFromOuterProof(proofData).toString()}`,
+                        message: "The proof uses a different scope than the one expected",
+                    };
+                }
                 if (!!committedInputs?.compare_age) {
                     const ageCommittedInputs = committedInputs?.compare_age;
                     const ageParameterCommitment = isForEVM
@@ -1504,15 +1572,12 @@ export class ZKPassport {
             else if (proof.name?.startsWith("sig_check_dsc")) {
                 commitmentOut = getCommitmentFromDSCProof(proofData);
                 const merkleRoot = getMerkleRootFromDSCProof(proofData);
-                if (!VALID_CERTIFICATE_REGISTRY_ROOT.includes(merkleRoot)) {
-                    console.warn("The ID was signed by an unrecognized root certificate");
-                    isCorrect = false;
-                    queryResultErrors.sig_check_dsc.certificate = {
-                        expected: `Certificate registry root: ${VALID_CERTIFICATE_REGISTRY_ROOT.join(", ")}`,
-                        received: `Certificate registry root: ${merkleRoot.toString()}`,
-                        message: "The ID was signed by an unrecognized root certificate",
-                    };
-                }
+                const { isCorrect: isCorrectCertificateRegistryRoot, queryResultErrors: queryResultErrorsCertificateRegistryRoot, } = await this.checkCertificateRegistryRoot(merkleRoot.toString(16), queryResultErrors, false);
+                isCorrect = isCorrect && isCorrectCertificateRegistryRoot;
+                queryResultErrors = {
+                    ...queryResultErrors,
+                    ...queryResultErrorsCertificateRegistryRoot,
+                };
             }
             else if (proof.name?.startsWith("sig_check_id_data")) {
                 commitmentIn = getCommitmentInFromIDDataProof(proofData);
@@ -1577,11 +1642,18 @@ export class ZKPassport {
                         message: "The disclosed data does not match the data committed by the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "disclose", scope);
+                isCorrect = isCorrect && isCorrectScope;
+                queryResultErrors = {
+                    ...queryResultErrors,
+                    ...queryResultErrorsScope,
+                };
                 const { isCorrect: isCorrectDisclose, queryResultErrors: queryResultErrorsDisclose } = this.checkDiscloseBytesPublicInputs(proof, queryResult);
-                isCorrect = isCorrect && isCorrectDisclose;
+                isCorrect = isCorrect && isCorrectDisclose && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsDisclose,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1608,11 +1680,13 @@ export class ZKPassport {
                         message: "The conditions for the age check do not match the conditions checked by the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "age", scope);
                 const { isCorrect: isCorrectAge, queryResultErrors: queryResultErrorsAge } = this.checkAgePublicInputs(proof, queryResult);
-                isCorrect = isCorrect && isCorrectAge;
+                isCorrect = isCorrect && isCorrectAge && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsAge,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1639,11 +1713,13 @@ export class ZKPassport {
                         message: "The conditions for the birthdate check do not match the conditions checked by the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "birthdate", scope);
                 const { isCorrect: isCorrectBirthdate, queryResultErrors: queryResultErrorsBirthdate } = this.checkBirthdatePublicInputs(proof, queryResult);
-                isCorrect = isCorrect && isCorrectBirthdate;
+                isCorrect = isCorrect && isCorrectBirthdate && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsBirthdate,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1670,11 +1746,13 @@ export class ZKPassport {
                         message: "The conditions for the expiry date check do not match the conditions checked by the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "expiry_date", scope);
                 const { isCorrect: isCorrectExpiryDate, queryResultErrors: queryResultErrorsExpiryDate } = this.checkExpiryDatePublicInputs(proof, queryResult);
-                isCorrect = isCorrect && isCorrectExpiryDate;
+                isCorrect = isCorrect && isCorrectExpiryDate && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsExpiryDate,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1701,11 +1779,13 @@ export class ZKPassport {
                         message: "The committed country list for the exclusion check does not match the one from the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "nationality", scope);
                 const { isCorrect: isCorrectNationalityExclusion, queryResultErrors: queryResultErrorsNationalityExclusion, } = this.checkNationalityExclusionPublicInputs(queryResult, countryList);
-                isCorrect = isCorrect && isCorrectNationalityExclusion;
+                isCorrect = isCorrect && isCorrectNationalityExclusion && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsNationalityExclusion,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1732,11 +1812,13 @@ export class ZKPassport {
                         message: "The committed country list for the issuing country exclusion check does not match the one from the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "nationality", scope);
                 const { isCorrect: isCorrectIssuingCountryExclusion, queryResultErrors: queryResultErrorsIssuingCountryExclusion, } = this.checkIssuingCountryExclusionPublicInputs(queryResult, countryList);
-                isCorrect = isCorrect && isCorrectIssuingCountryExclusion;
+                isCorrect = isCorrect && isCorrectIssuingCountryExclusion && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsIssuingCountryExclusion,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1763,11 +1845,13 @@ export class ZKPassport {
                         message: "The committed country list for the nationality inclusion check does not match the one from the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "nationality", scope);
                 const { isCorrect: isCorrectNationalityInclusion, queryResultErrors: queryResultErrorsNationalityInclusion, } = this.checkNationalityInclusionPublicInputs(queryResult, countryList);
-                isCorrect = isCorrect && isCorrectNationalityInclusion;
+                isCorrect = isCorrect && isCorrectNationalityInclusion && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsNationalityInclusion,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1794,11 +1878,13 @@ export class ZKPassport {
                         message: "The committed country list for the issuing country inclusion check does not match the one from the proof",
                     };
                 }
+                const { isCorrect: isCorrectScope, queryResultErrors: queryResultErrorsScope } = this.checkScopeFromDisclosureProof(proofData, queryResultErrors, "nationality", scope);
                 const { isCorrect: isCorrectIssuingCountryInclusion, queryResultErrors: queryResultErrorsIssuingCountryInclusion, } = this.checkIssuingCountryInclusionPublicInputs(queryResult, countryList);
-                isCorrect = isCorrect && isCorrectIssuingCountryInclusion;
+                isCorrect = isCorrect && isCorrectIssuingCountryInclusion && isCorrectScope;
                 queryResultErrors = {
                     ...queryResultErrors,
                     ...queryResultErrorsIssuingCountryInclusion,
+                    ...queryResultErrorsScope,
                 };
                 uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10);
             }
@@ -1813,7 +1899,7 @@ export class ZKPassport {
      * @returns An object containing the unique identifier associated to the user
      * and a boolean indicating whether the proofs were successfully verified.
      */
-    async verify({ proofs, queryResult, validity, }) {
+    async verify({ proofs, queryResult, validity, scope, devMode = false, }) {
         const formattedResult = queryResult;
         // Make sure to reconvert the dates to Date objects
         if (formattedResult.birthdate && formattedResult.birthdate.disclose) {
@@ -1827,10 +1913,17 @@ export class ZKPassport {
         let verified = true;
         let uniqueIdentifier;
         let queryResultErrors;
-        const { isCorrect, uniqueIdentifier: uniqueIdentifierFromPublicInputs, queryResultErrors: queryResultErrorsFromPublicInputs, } = await this.checkPublicInputs(proofs, formattedResult, validity);
+        const { isCorrect, uniqueIdentifier: uniqueIdentifierFromPublicInputs, queryResultErrors: queryResultErrorsFromPublicInputs, } = await this.checkPublicInputs(proofs, formattedResult, validity, scope);
         uniqueIdentifier = uniqueIdentifierFromPublicInputs;
         verified = isCorrect;
         queryResultErrors = isCorrect ? undefined : queryResultErrorsFromPublicInputs;
+        if (uniqueIdentifier && BigInt(uniqueIdentifier) === BigInt(0) && !devMode) {
+            // If the unique identifier is 0 and it is not in dev mode,
+            // the proofs are considered invalid as these are mock proofs only meant
+            // for testing purposes
+            verified = false;
+            console.warn("You are trying to verify a mock proof. This is only allowed in dev mode. To enable dev mode, set the `devMode` parameter to `true` in the request function parameters.");
+        }
         // Only proceed with the proof verification if the public inputs are correct
         if (verified) {
             for (const proof of proofs) {
@@ -1840,24 +1933,23 @@ export class ZKPassport {
                     try {
                         const { createPublicClient, http } = await import("viem");
                         const { sepolia } = await import("viem/chains");
-                        const verifierDetails = this.getSolidityVerifierDetails("ethereum_sepolia");
+                        const { address, abi, functionName } = this.getSolidityVerifierDetails("ethereum_sepolia");
                         const client = createPublicClient({
                             chain: sepolia,
                             transport: http("https://ethereum-sepolia-rpc.publicnode.com"),
                         });
-                        const params = this.getSolidityVerifierParameters(proof);
+                        const params = this.getSolidityVerifierParameters({
+                            proof,
+                            validityPeriodInDays: validity,
+                            domain: this.domain,
+                            scope,
+                            devMode,
+                        });
                         const result = await client.readContract({
-                            address: verifierDetails.address,
-                            abi: verifierDetails.abi,
-                            functionName: "verifyProof",
-                            args: [
-                                params.vkeyHash,
-                                params.proof,
-                                params.publicInputs,
-                                params.committedInputs,
-                                params.committedInputCounts,
-                                params.validityPeriodInDays,
-                            ],
+                            address,
+                            abi,
+                            functionName,
+                            args: [params],
                         });
                         const isVerified = Array.isArray(result) ? Boolean(result[0]) : false;
                         verified = isVerified;
@@ -1892,21 +1984,25 @@ export class ZKPassport {
         return { uniqueIdentifier, verified, queryResultErrors };
     }
     getSolidityVerifierDetails(network) {
+        const baseConfig = {
+            functionName: "verifyProof",
+            abi: ZKPassportVerifierAbi.abi,
+        };
         if (network === "ethereum_sepolia") {
             return {
-                address: "0xca644D3424c2ee577FaaF2b56C0f9D1937E8e87C",
-                abi: ZKPassportVerifierAbi.abi,
+                ...baseConfig,
+                address: "0x8c6982D77f7a8f60aE3133cA9b2FAA6f3e78c394",
             };
         }
         else if (network === "local_anvil") {
             return {
+                ...baseConfig,
                 address: "0x0",
-                abi: ZKPassportVerifierAbi.abi,
             };
         }
         throw new Error(`Unsupported network: ${network}`);
     }
-    getSolidityVerifierParameters(proof, validityPeriodInDays = 7) {
+    getSolidityVerifierParameters({ proof, validityPeriodInDays = 7, domain, scope, devMode = false, }) {
         if (!proof.name?.startsWith("outer_evm")) {
             throw new Error("This proof cannot be verified on an EVM chain. Please make sure to use the `compressed-evm` mode.");
         }
@@ -2032,6 +2128,9 @@ export class ZKPassport {
             committedInputs: `0x${compressedCommittedInputs}`,
             committedInputCounts: committedInputCountsArray,
             validityPeriodInDays,
+            scope: domain ?? this.domain,
+            subscope: scope ?? "",
+            devMode,
         };
         return params;
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@zkpassport/sdk",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Privacy-preserving identity verification using passports and ID cards",
   "main": "./dist/cjs/index.js",
   "module": "./dist/esm/index.js",
@@ -42,7 +42,8 @@
     "@noble/ciphers": "^1.2.1",
     "@noble/hashes": "^1.7.2",
     "@noble/secp256k1": "^2.2.3",
-    "@zkpassport/utils": "^0.4.7",
+    "@zkpassport/registry": "^0.1.8",
+    "@zkpassport/utils": "^0.7.3",
     "buffer": "^6.0.3",
     "i18n-iso-countries": "^7.12.0",
     "pako": "^2.1.0",