@zkproofport-app/sdk 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/README.md +53 -26
  2. package/dist/ProofportSDK.d.ts +1 -0
  3. package/dist/constants.d.ts +28 -0
  4. package/dist/index.d.ts +4 -4
  5. package/dist/index.esm.js +100 -40
  6. package/dist/index.esm.js.map +1 -1
  7. package/dist/index.js +100 -39
  8. package/dist/index.js.map +1 -1
  9. package/dist/index.mjs +100 -40
  10. package/dist/index.mjs.map +1 -1
  11. package/dist/types.d.ts +18 -2
  12. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -72,6 +72,12 @@ const CIRCUIT_METADATA = {
72
72
  publicInputsCount: 14,
73
73
  publicInputNames: ['signal_hash', 'signer_list_merkle_root', 'country_list', 'country_list_length', 'is_included'],
74
74
  },
75
+ oidc_domain_attestation: {
76
+ name: 'OIDC Domain',
77
+ description: 'Prove email domain affiliation via OIDC JWT',
78
+ publicInputsCount: 420,
79
+ publicInputNames: ['pubkey_modulus_limbs', 'domain', 'scope', 'nullifier'],
80
+ },
75
81
  };
76
82
  /**
77
83
  * Standard verifier contract ABI shared across all Barretenberg-generated verifiers.
@@ -203,6 +209,34 @@ const COINBASE_COUNTRY_PUBLIC_INPUT_LAYOUT = {
203
209
  NULLIFIER_START: 118,
204
210
  NULLIFIER_END: 149,
205
211
  };
212
+ /**
213
+ * OIDC Domain Attestation circuit public input layout (byte offsets).
214
+ * Defines the byte positions of each field in the flattened public inputs array.
215
+ *
216
+ * Public inputs are packed as individual field elements (one byte per element):
217
+ * - pubkey_modulus_limbs: 18 x u128 = 18 x 16 bytes = 288 bytes → fields 0–287
218
+ * - domain (BoundedVec<u8, 64>): 4-byte length (u32) + 64-byte storage = 68 fields → fields 288–355
219
+ * - scope: 32 bytes → fields 356–387
220
+ * - nullifier: 32 bytes → fields 388–419
221
+ *
222
+ * @example
223
+ * ```typescript
224
+ * const scope = publicInputs.slice(
225
+ * OIDC_DOMAIN_ATTESTATION_PUBLIC_INPUT_LAYOUT.SCOPE_START,
226
+ * OIDC_DOMAIN_ATTESTATION_PUBLIC_INPUT_LAYOUT.SCOPE_END + 1
227
+ * );
228
+ * ```
229
+ */
230
+ const OIDC_DOMAIN_ATTESTATION_PUBLIC_INPUT_LAYOUT = {
231
+ PUBKEY_MODULUS_START: 0,
232
+ PUBKEY_MODULUS_END: 287,
233
+ DOMAIN_START: 288,
234
+ DOMAIN_END: 355,
235
+ SCOPE_START: 356,
236
+ SCOPE_END: 387,
237
+ NULLIFIER_START: 388,
238
+ NULLIFIER_END: 419,
239
+ };
206
240
 
207
241
  /**
208
242
  * Deep Link utilities for ZKProofport SDK
@@ -455,7 +489,7 @@ function validateProofRequest(request) {
455
489
  if (!request.circuit) {
456
490
  return { valid: false, error: 'Missing circuit type' };
457
491
  }
458
- if (!['coinbase_attestation', 'coinbase_country_attestation'].includes(request.circuit)) {
492
+ if (!['coinbase_attestation', 'coinbase_country_attestation', 'oidc_domain_attestation'].includes(request.circuit)) {
459
493
  return { valid: false, error: `Invalid circuit type: ${request.circuit}` };
460
494
  }
461
495
  if (!request.callbackUrl) {
@@ -485,6 +519,15 @@ function validateProofRequest(request) {
485
519
  return { valid: false, error: 'isIncluded is required and must be a boolean' };
486
520
  }
487
521
  }
522
+ else if (request.circuit === 'oidc_domain_attestation') {
523
+ const inputs = request.inputs;
524
+ if (!inputs.domain || typeof inputs.domain !== 'string' || inputs.domain.trim() === '') {
525
+ return { valid: false, error: 'domain is required and must be a non-empty string' };
526
+ }
527
+ if (!inputs.scope || typeof inputs.scope !== 'string' || inputs.scope.trim() === '') {
528
+ return { valid: false, error: 'scope is required and must be a non-empty string' };
529
+ }
530
+ }
488
531
  // Check expiry
489
532
  if (request.expiresAt && Date.now() > request.expiresAt) {
490
533
  return { valid: false, error: 'Request has expired' };
@@ -919,6 +962,10 @@ function extractScopeFromPublicInputs(publicInputsHex, circuit) {
919
962
  start = 86;
920
963
  end = 117;
921
964
  }
965
+ else if (circuit === 'oidc_domain_attestation') {
966
+ start = 356;
967
+ end = 387;
968
+ }
922
969
  else {
923
970
  start = 64;
924
971
  end = 95;
@@ -952,6 +999,10 @@ function extractNullifierFromPublicInputs(publicInputsHex, circuit) {
952
999
  start = 118;
953
1000
  end = 149;
954
1001
  }
1002
+ else if (circuit === 'oidc_domain_attestation') {
1003
+ start = 388;
1004
+ end = 419;
1005
+ }
955
1006
  else {
956
1007
  start = 96;
957
1008
  end = 127;
@@ -1843,53 +1894,26 @@ class ProofportSDK {
1843
1894
  }
1844
1895
  return await response.json();
1845
1896
  }
1846
- /**
1847
- * Creates a proof request through the relay server.
1848
- *
1849
- * This is the recommended way to create proof requests. The relay server:
1850
- * - Issues a server-side requestId (validated by the mobile app)
1851
- * - Tracks request status in Redis
1852
- * - Builds the deep link with relay callback URL
1853
- * - Stores inputs hash for deep link integrity verification
1854
- *
1855
- * @param circuit - Circuit type identifier
1856
- * @param inputs - Circuit-specific inputs
1857
- * @param options - Request options (message, dappName, dappIcon, nonce)
1858
- * @returns Promise resolving to RelayProofRequest with requestId, deepLink, pollUrl
1859
- * @throws Error if signer not set or relay request fails
1860
- *
1861
- * @example
1862
- * ```typescript
1863
- * const sdk = ProofportSDK.create();
1864
- * sdk.setSigner(signer);
1865
- *
1866
- * const relay = await sdk.createRelayRequest('coinbase_attestation', {
1867
- * scope: 'myapp.com'
1868
- * }, { dappName: 'My DApp' });
1869
- *
1870
- * // Generate QR code from relay deep link
1871
- * const qr = await sdk.generateQRCode(relay.deepLink);
1872
- *
1873
- * // Wait for proof (WebSocket primary, polling fallback)
1874
- * const result = await sdk.waitForProof(relay.requestId);
1875
- * ```
1876
- */
1877
1897
  async createRelayRequest(circuit, inputs, options = {}) {
1878
- if (!this.signer) {
1879
- throw new Error('Signer not set. Call setSigner() first.');
1880
- }
1881
1898
  if (!this.relayUrl) {
1882
1899
  throw new Error('relayUrl is required. Set it in ProofportSDK config.');
1883
1900
  }
1884
- // Get challenge from relay and sign it
1885
- const { challenge } = await this.getChallenge();
1886
- const signature = await this.signer.signMessage(challenge);
1901
+ const needsSignature = ProofportSDK.WALLET_SIGNATURE_CIRCUITS.includes(circuit);
1902
+ if (needsSignature && !this.signer) {
1903
+ throw new Error('Signer not set. Call setSigner() first. Wallet signature is required for this circuit.');
1904
+ }
1905
+ // Get challenge + requestId from relay
1906
+ const { requestId, challenge } = await this.getChallenge();
1887
1907
  const body = {
1908
+ requestId,
1888
1909
  circuitId: circuit,
1889
1910
  inputs,
1890
1911
  challenge,
1891
- signature,
1892
1912
  };
1913
+ // Sign challenge for circuits that require wallet signature
1914
+ if (needsSignature && this.signer) {
1915
+ body.signature = await this.signer.signMessage(challenge);
1916
+ }
1893
1917
  if (options.message)
1894
1918
  body.message = options.message;
1895
1919
  if (options.dappName)
@@ -2166,9 +2190,46 @@ class ProofportSDK {
2166
2190
  return extractNullifierFromPublicInputs(publicInputs, circuit);
2167
2191
  }
2168
2192
  }
2193
+ /**
2194
+ * Creates a proof request through the relay server.
2195
+ *
2196
+ * This is the recommended way to create proof requests. The relay server:
2197
+ * - Issues a server-side requestId (validated by the mobile app)
2198
+ * - Tracks request status in Redis
2199
+ * - Builds the deep link with relay callback URL
2200
+ * - Stores inputs hash for deep link integrity verification
2201
+ *
2202
+ * @param circuit - Circuit type identifier
2203
+ * @param inputs - Circuit-specific inputs
2204
+ * @param options - Request options (message, dappName, dappIcon, nonce)
2205
+ * @returns Promise resolving to RelayProofRequest with requestId, deepLink, pollUrl
2206
+ * @throws Error if signer not set or relay request fails
2207
+ *
2208
+ * @example
2209
+ * ```typescript
2210
+ * const sdk = ProofportSDK.create();
2211
+ * sdk.setSigner(signer);
2212
+ *
2213
+ * const relay = await sdk.createRelayRequest('coinbase_attestation', {
2214
+ * scope: 'myapp.com'
2215
+ * }, { dappName: 'My DApp' });
2216
+ *
2217
+ * // Generate QR code from relay deep link
2218
+ * const qr = await sdk.generateQRCode(relay.deepLink);
2219
+ *
2220
+ * // Wait for proof (WebSocket primary, polling fallback)
2221
+ * const result = await sdk.waitForProof(relay.requestId);
2222
+ * ```
2223
+ */
2224
+ // Circuits that require wallet signature (used as circuit input)
2225
+ ProofportSDK.WALLET_SIGNATURE_CIRCUITS = [
2226
+ 'coinbase_attestation',
2227
+ 'coinbase_country_attestation',
2228
+ ];
2169
2229
 
2170
2230
  exports.COINBASE_ATTESTATION_PUBLIC_INPUT_LAYOUT = COINBASE_ATTESTATION_PUBLIC_INPUT_LAYOUT;
2171
2231
  exports.COINBASE_COUNTRY_PUBLIC_INPUT_LAYOUT = COINBASE_COUNTRY_PUBLIC_INPUT_LAYOUT;
2232
+ exports.OIDC_DOMAIN_ATTESTATION_PUBLIC_INPUT_LAYOUT = OIDC_DOMAIN_ATTESTATION_PUBLIC_INPUT_LAYOUT;
2172
2233
  exports.ProofportSDK = ProofportSDK;
2173
2234
  exports.default = ProofportSDK;
2174
2235
  exports.extractNullifierFromPublicInputs = extractNullifierFromPublicInputs;