@zkpassport/sdk 0.4.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/assets/abi/ZKPassportVerifier.json +11 -11
- package/dist/cjs/index.d.ts +1 -0
- package/dist/cjs/index.js +58 -15
- package/dist/esm/assets/abi/ZKPassportVerifier.json +11 -11
- package/dist/esm/index.d.ts +1 -0
- package/dist/esm/index.js +59 -16
- package/package.json +4 -4
- package/src/assets/abi/ZKPassportVerifier.json +11 -11
- package/src/index.ts +65 -15
package/src/index.ts
CHANGED
|
@@ -63,6 +63,8 @@ import {
|
|
|
63
63
|
getBindParameterCommitment,
|
|
64
64
|
formatBoundData,
|
|
65
65
|
Service,
|
|
66
|
+
CircuitManifest,
|
|
67
|
+
getCircuitRegistryRootFromOuterProof,
|
|
66
68
|
} from "@zkpassport/utils"
|
|
67
69
|
import { bytesToHex } from "@noble/ciphers/utils"
|
|
68
70
|
import { noLogger as logger } from "./logger"
|
|
@@ -74,7 +76,7 @@ import ZKPassportVerifierAbi from "./assets/abi/ZKPassportVerifier.json"
|
|
|
74
76
|
import { RegistryClient } from "@zkpassport/registry"
|
|
75
77
|
import { Bridge, BridgeInterface } from "@obsidion/bridge"
|
|
76
78
|
|
|
77
|
-
const VERSION = "0.
|
|
79
|
+
const VERSION = "0.5.0"
|
|
78
80
|
|
|
79
81
|
const DEFAULT_DATE_VALUE = new Date(1111, 10, 11)
|
|
80
82
|
|
|
@@ -611,6 +613,9 @@ export class ZKPassport {
|
|
|
611
613
|
},
|
|
612
614
|
gte: <T extends NumericalIDCredential>(key: T, value: IDCredentialValue<T>) => {
|
|
613
615
|
numericalCompare("gte", key, value, topic, this.topicToConfig)
|
|
616
|
+
if (key === "age" && ((value as number) < 1 || (value as number) >= 100)) {
|
|
617
|
+
throw new Error("Age must be between 1 and 99 (inclusive)")
|
|
618
|
+
}
|
|
614
619
|
return this.getZkPassportRequest(topic)
|
|
615
620
|
},
|
|
616
621
|
/*gt: <T extends NumericalIDCredential>(key: T, value: IDCredentialValue<T>) => {
|
|
@@ -1800,16 +1805,8 @@ export class ZKPassport {
|
|
|
1800
1805
|
// Maintained certificate registry settled onchain
|
|
1801
1806
|
// Here we use Ethereum Sepolia
|
|
1802
1807
|
const registryClient = new RegistryClient({ chainId: 11155111 })
|
|
1803
|
-
await registryClient.
|
|
1804
|
-
|
|
1805
|
-
console.warn(error)
|
|
1806
|
-
// Check the legacy static roots that were used before the registry was deployed onchain
|
|
1807
|
-
const VALID_CERTIFICATE_REGISTRY_ROOT = [
|
|
1808
|
-
BigInt("20192042006788880778219739574377003123593792072535937278552252195461520776494"),
|
|
1809
|
-
BigInt("21301853597069384763054217328384418971999152625381818922211526730996340553696"),
|
|
1810
|
-
BigInt("10839898448097753834842514286432152806152415606387598803678317315409344029817"),
|
|
1811
|
-
]
|
|
1812
|
-
if (!VALID_CERTIFICATE_REGISTRY_ROOT.includes(BigInt(root))) {
|
|
1808
|
+
const isValid = await registryClient.isCertificateRootValid(root)
|
|
1809
|
+
if (!isValid) {
|
|
1813
1810
|
console.warn("The ID was signed by an unrecognized root certificate")
|
|
1814
1811
|
isCorrect = false
|
|
1815
1812
|
queryResultErrors[outer ? "outer" : "sig_check_dsc"].certificate = {
|
|
@@ -1818,6 +1815,42 @@ export class ZKPassport {
|
|
|
1818
1815
|
message: "The ID was signed by an unrecognized root certificate",
|
|
1819
1816
|
}
|
|
1820
1817
|
}
|
|
1818
|
+
} catch (error) {
|
|
1819
|
+
console.warn(error)
|
|
1820
|
+
console.warn("The ID was signed by an unrecognized root certificate")
|
|
1821
|
+
isCorrect = false
|
|
1822
|
+
queryResultErrors[outer ? "outer" : "sig_check_dsc"].certificate = {
|
|
1823
|
+
expected: `A valid root from ZKPassport Registry`,
|
|
1824
|
+
received: `Got invalid certificate registry root: ${root}`,
|
|
1825
|
+
message: "The ID was signed by an unrecognized root certificate",
|
|
1826
|
+
}
|
|
1827
|
+
}
|
|
1828
|
+
return { isCorrect, queryResultErrors }
|
|
1829
|
+
}
|
|
1830
|
+
|
|
1831
|
+
private async checkCircuitRegistryRoot(root: string, queryResultErrors: any) {
|
|
1832
|
+
let isCorrect = true
|
|
1833
|
+
try {
|
|
1834
|
+
const registryClient = new RegistryClient({ chainId: 11155111 })
|
|
1835
|
+
const isValid = await registryClient.isCircuitRootValid(root)
|
|
1836
|
+
if (!isValid) {
|
|
1837
|
+
console.warn("The proof uses unrecognized circuits")
|
|
1838
|
+
isCorrect = false
|
|
1839
|
+
queryResultErrors.outer.circuit = {
|
|
1840
|
+
expected: `A valid circuit from ZKPassport Registry`,
|
|
1841
|
+
received: `Got invalid circuit registry root: ${root}`,
|
|
1842
|
+
message: "The proof uses an unrecognized circuit",
|
|
1843
|
+
}
|
|
1844
|
+
}
|
|
1845
|
+
} catch (error) {
|
|
1846
|
+
console.warn(error)
|
|
1847
|
+
console.warn("The proof uses unrecognized circuits")
|
|
1848
|
+
isCorrect = false
|
|
1849
|
+
queryResultErrors.outer.circuit = {
|
|
1850
|
+
expected: `A valid circuit from ZKPassport Registry`,
|
|
1851
|
+
received: `Got invalid circuit registry root: ${root}`,
|
|
1852
|
+
message: "The proof uses an unrecognized circuit",
|
|
1853
|
+
}
|
|
1821
1854
|
}
|
|
1822
1855
|
return { isCorrect, queryResultErrors }
|
|
1823
1856
|
}
|
|
@@ -1956,6 +1989,18 @@ export class ZKPassport {
|
|
|
1956
1989
|
...queryResultErrors,
|
|
1957
1990
|
...queryResultErrorsCertificateRegistryRoot,
|
|
1958
1991
|
}
|
|
1992
|
+
|
|
1993
|
+
const circuitRegistryRoot = getCircuitRegistryRootFromOuterProof(proofData)
|
|
1994
|
+
const {
|
|
1995
|
+
isCorrect: isCorrectCircuitRegistryRoot,
|
|
1996
|
+
queryResultErrors: queryResultErrorsCircuitRegistryRoot,
|
|
1997
|
+
} = await this.checkCircuitRegistryRoot(circuitRegistryRoot.toString(16), queryResultErrors)
|
|
1998
|
+
isCorrect = isCorrect && isCorrectCircuitRegistryRoot
|
|
1999
|
+
queryResultErrors = {
|
|
2000
|
+
...queryResultErrors,
|
|
2001
|
+
...queryResultErrorsCircuitRegistryRoot,
|
|
2002
|
+
}
|
|
2003
|
+
|
|
1959
2004
|
const currentDate = getCurrentDateFromOuterProof(proofData)
|
|
1960
2005
|
const todayToCurrentDate = today.getTime() - currentDate.getTime()
|
|
1961
2006
|
const differenceInDays = validity ?? 180
|
|
@@ -2805,11 +2850,16 @@ export class ZKPassport {
|
|
|
2805
2850
|
}
|
|
2806
2851
|
// Only proceed with the proof verification if the public inputs are correct
|
|
2807
2852
|
if (verified) {
|
|
2853
|
+
const registryClient = new RegistryClient({ chainId: 11155111 })
|
|
2854
|
+
const circuitManifest = await registryClient.getCircuitManifest(undefined, {
|
|
2855
|
+
// We assume all proofs have the same version
|
|
2856
|
+
version: proofs[0].version,
|
|
2857
|
+
})
|
|
2808
2858
|
for (const proof of proofs) {
|
|
2809
2859
|
const proofData = getProofData(proof.proof as string, getNumberOfPublicInputs(proof.name!))
|
|
2810
|
-
const hostedPackagedCircuit = await
|
|
2811
|
-
proof.version as any,
|
|
2860
|
+
const hostedPackagedCircuit = await registryClient.getPackagedCircuit(
|
|
2812
2861
|
proof.name!,
|
|
2862
|
+
circuitManifest,
|
|
2813
2863
|
)
|
|
2814
2864
|
if (proof.name?.startsWith("outer_evm")) {
|
|
2815
2865
|
try {
|
|
@@ -2884,7 +2934,7 @@ export class ZKPassport {
|
|
|
2884
2934
|
if (network === "ethereum_sepolia") {
|
|
2885
2935
|
return {
|
|
2886
2936
|
...baseConfig,
|
|
2887
|
-
address: "
|
|
2937
|
+
address: "0xEE9F10f38319eAE2730dBa28fB09081dB806c5E5",
|
|
2888
2938
|
}
|
|
2889
2939
|
} else if (network === "local_anvil") {
|
|
2890
2940
|
return {
|
|
@@ -3007,7 +3057,7 @@ export class ZKPassport {
|
|
|
3007
3057
|
}
|
|
3008
3058
|
committedInputs.push({ circuitName, inputs: compressedCommittedInputs })
|
|
3009
3059
|
}
|
|
3010
|
-
const parameterCommitments = proofData.publicInputs.slice(
|
|
3060
|
+
const parameterCommitments = proofData.publicInputs.slice(12, proofData.publicInputs.length - 1)
|
|
3011
3061
|
let compressedCommittedInputs = ""
|
|
3012
3062
|
let committedInputCountsArray = []
|
|
3013
3063
|
for (const commitment of parameterCommitments) {
|