@zkpassport/sdk 0.4.3 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/assets/abi/ZKPassportVerifier.json +11 -11
- package/dist/cjs/index.d.ts +1 -0
- package/dist/cjs/index.js +58 -15
- package/dist/esm/assets/abi/ZKPassportVerifier.json +11 -11
- package/dist/esm/index.d.ts +1 -0
- package/dist/esm/index.js +59 -16
- package/package.json +3 -3
- package/src/assets/abi/ZKPassportVerifier.json +11 -11
- package/src/index.ts +65 -15
package/dist/cjs/index.js
CHANGED
|
@@ -13,7 +13,7 @@ const utils_3 = require("@noble/hashes/utils");
|
|
|
13
13
|
const ZKPassportVerifier_json_1 = tslib_1.__importDefault(require("./assets/abi/ZKPassportVerifier.json"));
|
|
14
14
|
const registry_1 = require("@zkpassport/registry");
|
|
15
15
|
const bridge_1 = require("@obsidion/bridge");
|
|
16
|
-
const VERSION = "0.
|
|
16
|
+
const VERSION = "0.5.0";
|
|
17
17
|
const DEFAULT_DATE_VALUE = new Date(1111, 10, 11);
|
|
18
18
|
// If Buffer is not defined, then we use the Buffer from the buffer package
|
|
19
19
|
if (typeof globalThis.Buffer === "undefined") {
|
|
@@ -292,6 +292,9 @@ class ZKPassport {
|
|
|
292
292
|
},
|
|
293
293
|
gte: (key, value) => {
|
|
294
294
|
numericalCompare("gte", key, value, topic, this.topicToConfig);
|
|
295
|
+
if (key === "age" && (value < 1 || value >= 100)) {
|
|
296
|
+
throw new Error("Age must be between 1 and 99 (inclusive)");
|
|
297
|
+
}
|
|
295
298
|
return this.getZkPassportRequest(topic);
|
|
296
299
|
},
|
|
297
300
|
/*gt: <T extends NumericalIDCredential>(key: T, value: IDCredentialValue<T>) => {
|
|
@@ -1268,17 +1271,8 @@ class ZKPassport {
|
|
|
1268
1271
|
// Maintained certificate registry settled onchain
|
|
1269
1272
|
// Here we use Ethereum Sepolia
|
|
1270
1273
|
const registryClient = new registry_1.RegistryClient({ chainId: 11155111 });
|
|
1271
|
-
await registryClient.
|
|
1272
|
-
|
|
1273
|
-
catch (error) {
|
|
1274
|
-
console.warn(error);
|
|
1275
|
-
// Check the legacy static roots that were used before the registry was deployed onchain
|
|
1276
|
-
const VALID_CERTIFICATE_REGISTRY_ROOT = [
|
|
1277
|
-
BigInt("20192042006788880778219739574377003123593792072535937278552252195461520776494"),
|
|
1278
|
-
BigInt("21301853597069384763054217328384418971999152625381818922211526730996340553696"),
|
|
1279
|
-
BigInt("10839898448097753834842514286432152806152415606387598803678317315409344029817"),
|
|
1280
|
-
];
|
|
1281
|
-
if (!VALID_CERTIFICATE_REGISTRY_ROOT.includes(BigInt(root))) {
|
|
1274
|
+
const isValid = await registryClient.isCertificateRootValid(root);
|
|
1275
|
+
if (!isValid) {
|
|
1282
1276
|
console.warn("The ID was signed by an unrecognized root certificate");
|
|
1283
1277
|
isCorrect = false;
|
|
1284
1278
|
queryResultErrors[outer ? "outer" : "sig_check_dsc"].certificate = {
|
|
@@ -1288,6 +1282,43 @@ class ZKPassport {
|
|
|
1288
1282
|
};
|
|
1289
1283
|
}
|
|
1290
1284
|
}
|
|
1285
|
+
catch (error) {
|
|
1286
|
+
console.warn(error);
|
|
1287
|
+
console.warn("The ID was signed by an unrecognized root certificate");
|
|
1288
|
+
isCorrect = false;
|
|
1289
|
+
queryResultErrors[outer ? "outer" : "sig_check_dsc"].certificate = {
|
|
1290
|
+
expected: `A valid root from ZKPassport Registry`,
|
|
1291
|
+
received: `Got invalid certificate registry root: ${root}`,
|
|
1292
|
+
message: "The ID was signed by an unrecognized root certificate",
|
|
1293
|
+
};
|
|
1294
|
+
}
|
|
1295
|
+
return { isCorrect, queryResultErrors };
|
|
1296
|
+
}
|
|
1297
|
+
async checkCircuitRegistryRoot(root, queryResultErrors) {
|
|
1298
|
+
let isCorrect = true;
|
|
1299
|
+
try {
|
|
1300
|
+
const registryClient = new registry_1.RegistryClient({ chainId: 11155111 });
|
|
1301
|
+
const isValid = await registryClient.isCircuitRootValid(root);
|
|
1302
|
+
if (!isValid) {
|
|
1303
|
+
console.warn("The proof uses unrecognized circuits");
|
|
1304
|
+
isCorrect = false;
|
|
1305
|
+
queryResultErrors.outer.circuit = {
|
|
1306
|
+
expected: `A valid circuit from ZKPassport Registry`,
|
|
1307
|
+
received: `Got invalid circuit registry root: ${root}`,
|
|
1308
|
+
message: "The proof uses an unrecognized circuit",
|
|
1309
|
+
};
|
|
1310
|
+
}
|
|
1311
|
+
}
|
|
1312
|
+
catch (error) {
|
|
1313
|
+
console.warn(error);
|
|
1314
|
+
console.warn("The proof uses unrecognized circuits");
|
|
1315
|
+
isCorrect = false;
|
|
1316
|
+
queryResultErrors.outer.circuit = {
|
|
1317
|
+
expected: `A valid circuit from ZKPassport Registry`,
|
|
1318
|
+
received: `Got invalid circuit registry root: ${root}`,
|
|
1319
|
+
message: "The proof uses an unrecognized circuit",
|
|
1320
|
+
};
|
|
1321
|
+
}
|
|
1291
1322
|
return { isCorrect, queryResultErrors };
|
|
1292
1323
|
}
|
|
1293
1324
|
checkBindPublicInputs(queryResult, boundData) {
|
|
@@ -1395,6 +1426,13 @@ class ZKPassport {
|
|
|
1395
1426
|
...queryResultErrors,
|
|
1396
1427
|
...queryResultErrorsCertificateRegistryRoot,
|
|
1397
1428
|
};
|
|
1429
|
+
const circuitRegistryRoot = (0, utils_1.getCircuitRegistryRootFromOuterProof)(proofData);
|
|
1430
|
+
const { isCorrect: isCorrectCircuitRegistryRoot, queryResultErrors: queryResultErrorsCircuitRegistryRoot, } = await this.checkCircuitRegistryRoot(circuitRegistryRoot.toString(16), queryResultErrors);
|
|
1431
|
+
isCorrect = isCorrect && isCorrectCircuitRegistryRoot;
|
|
1432
|
+
queryResultErrors = {
|
|
1433
|
+
...queryResultErrors,
|
|
1434
|
+
...queryResultErrorsCircuitRegistryRoot,
|
|
1435
|
+
};
|
|
1398
1436
|
const currentDate = (0, utils_1.getCurrentDateFromOuterProof)(proofData);
|
|
1399
1437
|
const todayToCurrentDate = today.getTime() - currentDate.getTime();
|
|
1400
1438
|
const differenceInDays = validity ?? 180;
|
|
@@ -2026,9 +2064,14 @@ class ZKPassport {
|
|
|
2026
2064
|
}
|
|
2027
2065
|
// Only proceed with the proof verification if the public inputs are correct
|
|
2028
2066
|
if (verified) {
|
|
2067
|
+
const registryClient = new registry_1.RegistryClient({ chainId: 11155111 });
|
|
2068
|
+
const circuitManifest = await registryClient.getCircuitManifest(undefined, {
|
|
2069
|
+
// We assume all proofs have the same version
|
|
2070
|
+
version: proofs[0].version,
|
|
2071
|
+
});
|
|
2029
2072
|
for (const proof of proofs) {
|
|
2030
2073
|
const proofData = (0, utils_1.getProofData)(proof.proof, (0, utils_1.getNumberOfPublicInputs)(proof.name));
|
|
2031
|
-
const hostedPackagedCircuit = await
|
|
2074
|
+
const hostedPackagedCircuit = await registryClient.getPackagedCircuit(proof.name, circuitManifest);
|
|
2032
2075
|
if (proof.name?.startsWith("outer_evm")) {
|
|
2033
2076
|
try {
|
|
2034
2077
|
const { createPublicClient, http } = await Promise.resolve().then(() => tslib_1.__importStar(require("viem")));
|
|
@@ -2091,7 +2134,7 @@ class ZKPassport {
|
|
|
2091
2134
|
if (network === "ethereum_sepolia") {
|
|
2092
2135
|
return {
|
|
2093
2136
|
...baseConfig,
|
|
2094
|
-
address: "
|
|
2137
|
+
address: "0xEE9F10f38319eAE2730dBa28fB09081dB806c5E5",
|
|
2095
2138
|
};
|
|
2096
2139
|
}
|
|
2097
2140
|
else if (network === "local_anvil") {
|
|
@@ -2197,7 +2240,7 @@ class ZKPassport {
|
|
|
2197
2240
|
}
|
|
2198
2241
|
committedInputs.push({ circuitName, inputs: compressedCommittedInputs });
|
|
2199
2242
|
}
|
|
2200
|
-
const parameterCommitments = proofData.publicInputs.slice(
|
|
2243
|
+
const parameterCommitments = proofData.publicInputs.slice(12, proofData.publicInputs.length - 1);
|
|
2201
2244
|
let compressedCommittedInputs = "";
|
|
2202
2245
|
let committedInputCountsArray = [];
|
|
2203
2246
|
for (const commitment of parameterCommitments) {
|