@zkpassport/sdk 0.4.0 → 0.4.2

package/src/index.ts

@@ -57,10 +57,15 @@ import {
   getScopeFromOuterProof,
   getSubscopeFromOuterProof,
   getServiceScopeHash,
+  BoundData,
+  BindCommittedInputs,
+  getBindEVMParameterCommitment,
+  getBindParameterCommitment,
+  formatBoundData,
+  Service,
 } from "@zkpassport/utils"
 import { bytesToHex } from "@noble/ciphers/utils"
 import { noLogger as logger } from "./logger"
-import { inflate } from "pako"
 import i18en from "i18n-iso-countries/langs/en.json"
 import { Buffer } from "buffer/"
 import { sha256 } from "@noble/hashes/sha2"
@@ -69,6 +74,8 @@ import ZKPassportVerifierAbi from "./assets/abi/ZKPassportVerifier.json"
 import { RegistryClient } from "@zkpassport/registry"
 import { Bridge, BridgeInterface } from "@obsidion/bridge"
 
+const VERSION = "0.4.2"
+
 const DEFAULT_DATE_VALUE = new Date(1111, 10, 11)
 
 // If Buffer is not defined, then we use the Buffer from the buffer package
@@ -92,7 +99,8 @@ export type QueryResultErrors = {
     | "sig_check_id_data"
     | "data_check_integrity"
     | "outer"
-    | "disclose"]: {
+    | "disclose"
+    | "bind"]: {
     disclose?: QueryResultError<string | number | Date>
     gte?: QueryResultError<number | Date>
     lte?: QueryResultError<number | Date>
@@ -346,6 +354,12 @@ export type QueryBuilder = {
    * @param key The attribute to disclose.
    */
   disclose: (key: DisclosableIDCredential) => QueryBuilder
+  /**
+   * Binds a value to the request.
+   * @param key The key of the value to bind.
+   * @param value The value to bind the request to.
+   */
+  bind: (key: keyof BoundData, value: BoundData[keyof BoundData]) => QueryBuilder
   /**
    * Builds the request.
    *
@@ -370,10 +384,7 @@ export class ZKPassport {
   private topicToPublicKey: Record<string, string> = {}
   private topicToBridge: Record<string, BridgeInterface> = {}
   private topicToRequestReceived: Record<string, boolean> = {}
-  private topicToService: Record<
-    string,
-    { name: string; logo: string; purpose: string; scope?: string; chainId?: number }
-  > = {}
+  private topicToService: Record<string, Service> = {}
   private topicToProofs: Record<string, Array<ProofResult>> = {}
   private topicToExpectedProofCount: Record<string, number> = {}
   private topicToFailedProofCount: Record<string, number> = {}
@@ -503,6 +514,9 @@ export class ZKPassport {
         }
       }
     }
+    if ((this.topicToConfig[topic] as Query).bind) {
+      neededCircuits.push("bind")
+    }
     // From the circuits needed, determine the expected proof count
     // There are at least 4 proofs, 3 base proofs and 1 disclosure proof minimum
     // Each separate needed circuit adds 1 disclosure proof
@@ -636,17 +650,17 @@ export class ZKPassport {
         }
         return this.getZkPassportRequest(topic)
       },
+      bind: (key: keyof BoundData, value: BoundData[keyof BoundData]) => {
+        this.topicToConfig[topic].bind = {
+          ...this.topicToConfig[topic].bind,
+          [key]: value,
+        }
+        return this.getZkPassportRequest(topic)
+      },
       done: () => {
-        const base64Config = Buffer.from(JSON.stringify(this.topicToConfig[topic])).toString(
-          "base64",
-        )
-        const base64Service = Buffer.from(JSON.stringify(this.topicToService[topic])).toString(
-          "base64",
-        )
-        const pubkey = this.topicToPublicKey[topic]
         this.setExpectedProofCount(topic)
         return {
-          url: `https://zkpassport.id/r?d=${this.domain}&t=${topic}&c=${base64Config}&s=${base64Service}&p=${pubkey}&m=${this.topicToLocalConfig[topic].mode}`,
+          url: this._getUrl(topic),
           requestId: topic,
           onRequestReceived: (callback: () => void) =>
             this.onRequestReceivedCallbacks[topic].push(callback),
@@ -696,6 +710,8 @@ export class ZKPassport {
     devMode,
     topicOverride,
     keyPairOverride,
+    cloudProverUrl,
+    bridgeUrl,
   }: {
     name: string
     logo: string
@@ -707,10 +723,13 @@ export class ZKPassport {
     devMode?: boolean
     topicOverride?: string
     keyPairOverride?: { privateKey: Uint8Array; publicKey: Uint8Array }
+    cloudProverUrl?: string
+    bridgeUrl?: string
   }): Promise<QueryBuilder> {
     const bridge = await Bridge.create({
       keyPair: keyPairOverride,
       bridgeId: topicOverride,
+      bridgeUrl,
     })
 
     const topic = bridge.connection.getBridgeId()
@@ -722,6 +741,8 @@ export class ZKPassport {
       purpose,
       scope,
       chainId: evmChain ? getChainIdFromEVMChain(evmChain) : undefined,
+      cloudProverUrl,
+      bridgeUrl,
     }
     this.topicToProofs[topic] = []
     this.topicToExpectedProofCount[topic] = 0
@@ -777,6 +798,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     // We can't be certain that the disclosed data is for a passport or an ID card
@@ -1138,6 +1160,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     const currentTime = new Date()
@@ -1271,6 +1294,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     const currentTime = new Date()
@@ -1399,6 +1423,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     const currentTime = new Date()
@@ -1527,6 +1552,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     if (
@@ -1591,6 +1617,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
 
@@ -1653,6 +1680,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
     if (
@@ -1700,6 +1728,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
     let isCorrect = true
 
@@ -1793,6 +1822,57 @@ export class ZKPassport {
     return { isCorrect, queryResultErrors }
   }
 
+  private checkBindPublicInputs(queryResult: QueryResult, boundData: BoundData) {
+    const queryResultErrors: QueryResultErrors = {
+      sig_check_dsc: {},
+      sig_check_id_data: {},
+      data_check_integrity: {},
+      disclose: {},
+      age: {},
+      birthdate: {},
+      expiry_date: {},
+      document_type: {},
+      issuing_country: {},
+      gender: {},
+      nationality: {},
+      firstname: {},
+      lastname: {},
+      fullname: {},
+      document_number: {},
+      outer: {},
+      bind: {},
+    }
+    let isCorrect = true
+
+    if (queryResult.bind) {
+      if (
+        queryResult.bind.user_address?.toLowerCase().replace("0x", "") !==
+        boundData.user_address?.toLowerCase().replace("0x", "")
+      ) {
+        console.warn("Bound user address does not match the one from the query results")
+        isCorrect = false
+        queryResultErrors.bind.eq = {
+          expected: queryResult.bind.user_address,
+          received: boundData.user_address,
+          message: "Bound user address does not match the one from the query results",
+        }
+      }
+      if (
+        queryResult.bind.custom_data?.trim().toLowerCase() !==
+        boundData.custom_data?.trim().toLowerCase()
+      ) {
+        console.warn("Bound custom data does not match the one from the query results")
+        isCorrect = false
+        queryResultErrors.bind.eq = {
+          expected: queryResult.bind.custom_data,
+          received: boundData.custom_data,
+          message: "Bound custom data does not match the one from the query results",
+        }
+      }
+    }
+    return { isCorrect, queryResultErrors }
+  }
+
   private async checkPublicInputs(
     proofs: Array<ProofResult>,
     queryResult: QueryResult,
@@ -1831,6 +1911,7 @@ export class ZKPassport {
       fullname: {},
       document_number: {},
       outer: {},
+      bind: {},
     }
 
     // Since the order is important for the commitments, we need to sort the proofs
@@ -1848,6 +1929,7 @@ export class ZKPassport {
         "inclusion_check_nationality",
         "exclusion_check_issuing_country",
         "inclusion_check_issuing_country",
+        "bind",
       ]
       const getIndex = (proof: ProofResult) => {
         const name = proof.name || ""
@@ -2167,6 +2249,27 @@ export class ZKPassport {
             ...queryResultErrors,
             ...queryResultErrorsIssuingCountryExclusion,
           }
+        } else if (!!committedInputs?.bind) {
+          const bindCommittedInputs = committedInputs?.bind as BindCommittedInputs
+          const bindParameterCommitment = isForEVM
+            ? await getBindEVMParameterCommitment(formatBoundData(bindCommittedInputs.data))
+            : await getBindParameterCommitment(formatBoundData(bindCommittedInputs.data))
+          if (!paramCommitments.includes(bindParameterCommitment)) {
+            console.warn("This proof does not verify the bound data")
+            isCorrect = false
+            queryResultErrors.bind.commitment = {
+              expected: `Bind parameter commitment: ${bindParameterCommitment.toString()}`,
+              received: `Parameter commitments included: ${paramCommitments.join(", ")}`,
+              message: "This proof does not verify the bound data",
+            }
+          }
+          const { isCorrect: isCorrectBind, queryResultErrors: queryResultErrorsBind } =
+            this.checkBindPublicInputs(queryResult, bindCommittedInputs.data)
+          isCorrect = isCorrect && isCorrectBind
+          queryResultErrors = {
+            ...queryResultErrors,
+            ...queryResultErrorsBind,
+          }
         }
         uniqueIdentifier = getNullifierFromOuterProof(proofData).toString(10)
       } else if (proof.name?.startsWith("sig_check_dsc")) {
@@ -2598,6 +2701,29 @@ export class ZKPassport {
           ...queryResultErrorsScope,
         }
         uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10)
+      } else if (proof.name === "bind") {
+        const bindCommittedInputs = proof.committedInputs?.bind as BindCommittedInputs
+        const paramCommittment = getParameterCommitmentFromDisclosureProof(proofData)
+        const calculatedParamCommitment = await getBindParameterCommitment(
+          formatBoundData(bindCommittedInputs.data),
+        )
+        if (paramCommittment !== calculatedParamCommitment) {
+          console.warn("The bound data does not match the one from the proof")
+          isCorrect = false
+          queryResultErrors.bind.commitment = {
+            expected: `Commitment: ${calculatedParamCommitment}`,
+            received: `Commitment: ${paramCommittment}`,
+            message: "The bound data does not match the one from the proof",
+          }
+        }
+        const { isCorrect: isCorrectBind, queryResultErrors: queryResultErrorsBind } =
+          this.checkBindPublicInputs(queryResult, bindCommittedInputs.data)
+        isCorrect = isCorrect && isCorrectBind
+        queryResultErrors = {
+          ...queryResultErrors,
+          ...queryResultErrorsBind,
+        }
+        uniqueIdentifier = getNullifierFromDisclosureProof(proofData).toString(10)
       }
     }
     return { isCorrect, uniqueIdentifier, queryResultErrors }
@@ -2758,7 +2884,7 @@ export class ZKPassport {
     if (network === "ethereum_sepolia") {
       return {
         ...baseConfig,
-        address: "0xDfE02DFd5c208854884B58bFf6522De5c42F73E3",
+        address: "0x5e4B11F7B7995F5Cee0134692a422b045091112F",
       }
     } else if (network === "local_anvil") {
       return {
@@ -2869,6 +2995,13 @@ export class ZKPassport {
           ProofType.DISCLOSE.toString(16).padStart(2, "0") +
           value.discloseMask.map((x) => x.toString(16).padStart(2, "0")).join("") +
           value.disclosedBytes.map((x) => x.toString(16).padStart(2, "0")).join("")
+      } else if (circuitName === "bind_evm") {
+        const value = proof.committedInputs[circuitName] as BindCommittedInputs
+        compressedCommittedInputs =
+          ProofType.BIND.toString(16).padStart(2, "0") +
+          rightPadArrayWithZeros(formatBoundData(value.data), 500)
+            .map((x) => x.toString(16).padStart(2, "0"))
+            .join("")
       } else {
         throw new Error(`Unsupported circuit for EVM verification: ${circuitName}`)
       }
@@ -2921,20 +3054,24 @@ export class ZKPassport {
     return params
   }
 
-  /**
-   * @notice Returns the URL of the request.
-   * @param requestId The request ID.
-   * @returns The URL of the request.
-   */
-  public getUrl(requestId: string) {
-    const pubkey = this.topicToPublicKey[requestId]
+  private _getUrl(requestId: string) {
     const base64Config = Buffer.from(JSON.stringify(this.topicToConfig[requestId])).toString(
       "base64",
     )
     const base64Service = Buffer.from(JSON.stringify(this.topicToService[requestId])).toString(
       "base64",
     )
-    return `https://zkpassport.id/r?d=${this.domain}&t=${requestId}&c=${base64Config}&s=${base64Service}&p=${pubkey}&m=${this.topicToLocalConfig[requestId].mode}`
+    const pubkey = this.topicToPublicKey[requestId]
+    return `https://zkpassport.id/r?d=${this.domain}&t=${requestId}&c=${base64Config}&s=${base64Service}&p=${pubkey}&m=${this.topicToLocalConfig[requestId].mode}&v=${VERSION}`
+  }
+
+  /**
+   * @notice Returns the URL of the request.
+   * @param requestId The request ID.
+   * @returns The URL of the request.
+   */
+  public getUrl(requestId: string) {
+    return this._getUrl(requestId)
   }
 
   /**