Skip to content

Commit

Permalink
Merge pull request #58 from 0xPolygonID/testing
Browse files Browse the repository at this point in the history 
Support of beta.1 version of circuit.
  • Loading branch information
@x1m3
x1m3 authored Mar 27, 2024
2 parents dff245e + 8ccec13 commit 5b433bb
Show file tree
Hide file tree
Showing 11 changed files with 922 additions and 775 deletions.
81 changes: 81 additions & 0 deletions .github/workflows/dev_deploy_new_account.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
name: Deploy verifier backend to Development AWS Environment new account

on:
workflow_run:
workflows: ["Checks"]
branches: ["develop"]
types:
- completed

env:
AWS_ACCOUNT_ID: ${{ secrets.DEV_AWS_ACCOUNT_ID_NEW }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
ENVIRONMENT: dev
ECR_REPOSITORY: verifier_backend
POLYGON_MUMBAI_CONTRACT_ADDRESS: "0x134B1BE34911E39A8397ec6289782989729807a4"
POLYGON_MAIN_CONTRACT_ADDRESS: "0x624ce98D2d27b20b8f8d521723Df8fC4db71D79D"

jobs:
build-backend:
name: Build and push latest image to AWS
permissions:
id-token: write
contents: write
if: ${{ github.event.workflow_run.conclusion == 'success' }}
runs-on: ubuntu-latest
environment: dev

steps:
- name: Checkout code
uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "1.20"
- uses: actions/cache@v3
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Build file with supported networks
run: |
echo -e "polygon:" > resolvers_settings.yaml
echo -e " mumbai:" >> resolvers_settings.yaml
echo -e " contractAddress: ${{ env.POLYGON_MUMBAI_CONTRACT_ADDRESS }}" >> resolvers_settings.yaml
echo -e " networkURL: ${{ secrets.POLYGON_NODE_URL }}" >> resolvers_settings.yaml
echo -e " main:" >> resolvers_settings.yaml
echo -e " contractAddress: ${{ env.POLYGON_MAIN_CONTRACT_ADDRESS }}" >> resolvers_settings.yaml
echo -e " networkURL: ${{ secrets.POLYGON_MAINET_NODE_URL }}" >> resolvers_settings.yaml
cat resolvers_settings.yaml
- run: make build/docker

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: ${{ env.AWS_DEFAULT_REGION }}
role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/PolygonIDActionsRole
role-session-name: GitHubActionsSession

- name: Login to Amazon ECR
uses: aws-actions/amazon-ecr-login@v1
id: login-ecr

- name: Get version
run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
id: version

- name: Tag and push image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
run: |
docker tag polygonid/verifier-backend:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
docker tag polygonid/verifier-backend:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
55 changes: 47 additions & 8 deletions api/api.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ paths:
- `credentialAtomicQueryMTPV2`: for MTP credentials verifications
V3 circuits:
- `credentialAtomicQueryV3-beta.0`: MTP and SIG credentials verifications
- `credentialAtomicQueryV3-beta.1`: MTP and SIG credentials verifications
#### On-chain
Expand All @@ -82,7 +82,7 @@ paths:
- `credentialAtomicQueryMTPV2OnChain`: for MTP credentials verifications
V3 circuits:
- `credentialAtomicQueryV3OnChain-beta.0`: MTP and SIG credentials verifications
- `credentialAtomicQueryV3OnChain-beta.1`: MTP and SIG credentials verifications
tags:
- Public
Expand Down Expand Up @@ -143,7 +143,7 @@ paths:
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3-beta.0",
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 1,
"query": {
"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
Expand All @@ -165,7 +165,7 @@ paths:
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3-beta.0",
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 1,
"params": {
"nullifierSessionID": "123443290439234342342423423423423"
Expand All @@ -190,7 +190,7 @@ paths:
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3-beta.0",
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 1,
"query": {
"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
Expand All @@ -204,7 +204,7 @@ paths:
}
},
{
"circuitID": "credentialAtomicQueryV3-beta.0",
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 2,
"query": {
"context": "ipfs://QmaBJzpoYT2CViDx5ShJiuYLKXizrPEfXo8JqzrXCvG6oc",
Expand All @@ -219,6 +219,45 @@ paths:
}
]
}
OffChain-SIG-V3-Linked-Proofs:
value:
{
"chainID": "80001",
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 1,
"query": {
"groupId": 1,
"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
"allowedIssuers": [ "*" ],
"type": "KYCAgeCredential",
"credentialSubject": {
"birthday": {
"$lt": 20201010
}
}
}
},
{
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 2,
"query": {
"groupId": 1,
"context": "ipfs://QmaBJzpoYT2CViDx5ShJiuYLKXizrPEfXo8JqzrXCvG6oc",
"allowedIssuers": [ "*" ],
"type": "TestInteger01",
"credentialSubject": {
"position": {
"$eq": 2
}
}
}
}
]
}

OnChain-SIG-V2:
value:
{
Expand Down Expand Up @@ -254,7 +293,7 @@ paths:
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3OnChain-beta.0",
"circuitID": "credentialAtomicQueryV3OnChain-beta.1",
"id": 1,
"query": {
"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
Expand Down Expand Up @@ -282,7 +321,7 @@ paths:
"skipClaimRevocationCheck": false,
"scope": [
{
"circuitID": "credentialAtomicQueryV3-beta.0",
"circuitID": "credentialAtomicQueryV3-beta.1",
"id": 2,
"query": {
"context": "ipfs://QmaBJzpoYT2CViDx5ShJiuYLKXizrPEfXo8JqzrXCvG6oc",
Expand Down
10 changes: 5 additions & 5 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,15 @@ go 1.20

require (
github.com/deepmap/oapi-codegen v1.16.2
github.com/ethereum/go-ethereum v1.13.10
github.com/go-chi/chi/v5 v5.0.11
github.com/go-chi/cors v1.2.1
github.com/golangci/golangci-lint v1.55.1
github.com/google/uuid v1.5.0
github.com/iden3/go-iden3-auth/v2 v2.1.0
github.com/iden3/go-schema-processor/v2 v2.2.0
github.com/iden3/go-circuits/v2 v2.1.0
github.com/iden3/go-iden3-auth/v2 v2.2.1
github.com/iden3/go-iden3-core/v2 v2.0.4
github.com/iden3/go-schema-processor/v2 v2.3.1
github.com/iden3/iden3comm/v2 v2.1.0
github.com/ipfs/go-ipfs-api v0.7.0
github.com/joho/godotenv v1.5.1
Expand Down Expand Up @@ -74,7 +77,6 @@ require (
github.com/dustinxie/ecc v0.0.0-20210511000915-959544187564 // indirect
github.com/esimonov/ifshort v1.0.4 // indirect
github.com/ethereum/c-kzg-4844 v0.4.0 // indirect
github.com/ethereum/go-ethereum v1.13.10 // indirect
github.com/ettle/strcase v0.1.1 // indirect
github.com/fatih/color v1.15.0 // indirect
github.com/fatih/structtag v1.2.0 // indirect
Expand Down Expand Up @@ -121,8 +123,6 @@ require (
github.com/hexops/gotextdiff v1.0.3 // indirect
github.com/holiman/uint256 v1.2.4 // indirect
github.com/iden3/contracts-abi/state/go/abi v1.0.1 // indirect
github.com/iden3/go-circuits/v2 v2.0.1 // indirect
github.com/iden3/go-iden3-core/v2 v2.0.3 // indirect
github.com/iden3/go-iden3-crypto v0.0.15 // indirect
github.com/iden3/go-jwz/v2 v2.0.1 // indirect
github.com/iden3/go-merkletree-sql/v2 v2.0.6 // indirect
Expand Down
16 changes: 8 additions & 8 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -395,12 +395,12 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/iden3/contracts-abi/state/go/abi v1.0.1 h1:FsaLJSy3NSyJl5k1yfDxc5DhUHRY7Z/UCj0/1YueMrY=
github.com/iden3/contracts-abi/state/go/abi v1.0.1/go.mod h1:TxgIrXCvxms3sbOdsy8kTvffUCIpEEifNy0fSXdkU4w=
github.com/iden3/go-circuits/v2 v2.0.1 h1:tcJtBE8aLJsf9qpBoTUKE143Mne025cunQnSExMXaKo=
github.com/iden3/go-circuits/v2 v2.0.1/go.mod h1:VIFIp51+IH0hOzjnKhb84bCeyq7hq76zX/C14ua6zh4=
github.com/iden3/go-iden3-auth/v2 v2.1.0 h1:e+oRhPyJ14dbwDjAnYrp1O+PvtzzzhOLxLqFnqkoekE=
github.com/iden3/go-iden3-auth/v2 v2.1.0/go.mod h1:KpKzSa5ANat+mSMTUzBZwQZ5NTI6w8Q4L0yVxQdnyVc=
github.com/iden3/go-iden3-core/v2 v2.0.3 h1:ce9Jbw10zDsinWXFc05SiK2Hof/wu4zV4/ai5gQy29k=
github.com/iden3/go-iden3-core/v2 v2.0.3/go.mod h1:L9PxhWPvoS9qTb3inEkZBm1RpjHBt+VTwvxssdzbAdw=
github.com/iden3/go-circuits/v2 v2.1.0 h1:Dk+noXGXOJYFjj2iWu3KLPd/KLoIhZ3eT6qYEfKyocc=
github.com/iden3/go-circuits/v2 v2.1.0/go.mod h1:VIFIp51+IH0hOzjnKhb84bCeyq7hq76zX/C14ua6zh4=
github.com/iden3/go-iden3-auth/v2 v2.2.1 h1:juCzwU6z+T6LseF8JcjkytWE6DxOGmIbLxWaQXWx/0c=
github.com/iden3/go-iden3-auth/v2 v2.2.1/go.mod h1:5+Nug6uN7yrru9Wc7CWAzo4HEshmM0+IeWv7zBxpDJo=
github.com/iden3/go-iden3-core/v2 v2.0.4 h1:ggzC2zgOWgJAAcuG9X8bQG1r4gAoHZWqY7aLV8b1qgc=
github.com/iden3/go-iden3-core/v2 v2.0.4/go.mod h1:L9PxhWPvoS9qTb3inEkZBm1RpjHBt+VTwvxssdzbAdw=
github.com/iden3/go-iden3-crypto v0.0.15 h1:4MJYlrot1l31Fzlo2sF56u7EVFeHHJkxGXXZCtESgK4=
github.com/iden3/go-iden3-crypto v0.0.15/go.mod h1:dLpM4vEPJ3nDHzhWFXDjzkn1qHoBeOT/3UEhXsEsP3E=
github.com/iden3/go-jwz/v2 v2.0.1 h1:y8HccYGaI5JULVTOfKRPsQ2pGRx8pfgkdCz0kQA8jQE=
Expand All @@ -417,8 +417,8 @@ github.com/iden3/go-rapidsnark/witness/v2 v2.0.0 h1:mkY6VDfwKVJc83QGKmwVXY2LYepi
github.com/iden3/go-rapidsnark/witness/v2 v2.0.0/go.mod h1:3JRjqUfW1hgI9hzLDO0v8z/DUkR0ZUehhYLlnIfRxnA=
github.com/iden3/go-rapidsnark/witness/wazero v0.0.0-20230524142950-0986cf057d4e h1:WeiFCrpj5pLRtSA4Mg03yTrSZhHHqN/k5b6bwxd9/tY=
github.com/iden3/go-rapidsnark/witness/wazero v0.0.0-20230524142950-0986cf057d4e/go.mod h1:UEBifEzw62T6VzIHJeHuUgeLg2U/J9ttf7hOwQEqnYk=
github.com/iden3/go-schema-processor/v2 v2.2.0 h1:sYPqLs72pEWXIfF0/MOv9AFm3+IGutRM3yClWRrjheg=
github.com/iden3/go-schema-processor/v2 v2.2.0/go.mod h1:Ovsrk0839NZgHtoW4hVLAmHoOsHAQZuVNUXd7sIOkLQ=
github.com/iden3/go-schema-processor/v2 v2.3.1 h1:cjsfUZNgyPoHQDEES4vuVod948QC9l35QkoEIat0ghc=
github.com/iden3/go-schema-processor/v2 v2.3.1/go.mod h1:BcHVDZyn8q8vUlL+XpOo7hpwXmEjxzO8ao1LkvFsM+k=
github.com/iden3/iden3comm/v2 v2.1.0 h1:op2X3y/H9khizcdoYKf3iRAQFt/l5dsip47sJu1kv7Q=
github.com/iden3/iden3comm/v2 v2.1.0/go.mod h1:G+ufR/M28O3PKMVrkUqCuoYfjiEkGFWvf8oF2BmFC6c=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
Expand Down
52 changes: 43 additions & 9 deletions internal/api/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,16 @@ import (
"strconv"
"time"

common2 "github.com/ethereum/go-ethereum/common"
"github.com/go-chi/chi/v5"
"github.com/google/uuid"
"github.com/iden3/go-circuits/v2"
auth "github.com/iden3/go-iden3-auth/v2"
"github.com/iden3/go-iden3-auth/v2/loaders"
"github.com/iden3/go-iden3-auth/v2/pubsignals"
"github.com/iden3/go-iden3-auth/v2/state"
core "github.com/iden3/go-iden3-core/v2"
"github.com/iden3/go-iden3-core/v2/w3c"
"github.com/iden3/iden3comm/v2/protocol"
"github.com/patrickmn/go-cache"
log "github.com/sirupsen/logrus"
Expand Down Expand Up @@ -166,8 +169,8 @@ func (s *Server) SignIn(_ context.Context, request SignInRequestObject) (SignInR
return SignIn400JSONResponse{N400JSONResponse{Message: "field scope is empty"}}, nil
}

switch request.Body.Scope[0].CircuitId {
case "credentialAtomicQuerySigV2", "credentialAtomicQueryMTPV2", "credentialAtomicQueryV3-beta.0":
switch circuits.CircuitID(request.Body.Scope[0].CircuitId) {
case circuits.AtomicQuerySigV2CircuitID, circuits.AtomicQueryMTPV2CircuitID, circuits.AtomicQueryV3CircuitID:
authReq, err := getAuthRequestOffChain(request, s.cfg, sessionID)
if err != nil {
log.Error(err)
Expand All @@ -183,7 +186,7 @@ func (s *Server) SignIn(_ context.Context, request SignInRequestObject) (SignInR
QrCode: fmt.Sprintf("iden3comm://?request_uri=%s%s?id=%s", s.cfg.Host, "/qr-store", qrID.String()),
SessionID: sessionID,
}, nil
case "credentialAtomicQuerySigV2OnChain", "credentialAtomicQueryMTPV2OnChain", "credentialAtomicQueryV3OnChain-beta.0":
case circuits.AtomicQuerySigV2OnChainCircuitID, circuits.AtomicQueryMTPV2OnChainCircuitID, circuits.AtomicQueryV3OnChainCircuitID:
invokeReq, err := getContractInvokeRequestOnChain(request, s.cfg)
if err != nil {
log.Error(err)
Expand Down Expand Up @@ -375,15 +378,16 @@ func validateRequestQuery(offChainRequest bool, scope []ScopeRequest) error {
return errors.New("field circuitId is empty")
}

circuitID := circuits.CircuitID(scope.CircuitId)
if offChainRequest {
if scope.CircuitId != "credentialAtomicQuerySigV2" && scope.CircuitId != "credentialAtomicQueryMTPV2" && scope.CircuitId != "credentialAtomicQueryV3-beta.0" {
return fmt.Errorf("field circuitId value is wrong, got %s, expected credentialAtomicQuerySigV2 or credentialAtomicQueryMTPV2 or credentialAtomicQueryV3-beta.0", scope.CircuitId)
if circuitID != circuits.AtomicQuerySigV2CircuitID && circuitID != circuits.AtomicQueryMTPV2CircuitID && circuitID != circuits.AtomicQueryV3CircuitID {
return fmt.Errorf("field circuitId value is wrong, got %s, expected %s or %s or %s", scope.CircuitId, circuits.AtomicQuerySigV2CircuitID, circuits.AtomicQueryMTPV2CircuitID, circuits.AtomicQueryV3CircuitID)
}
}

if !offChainRequest {
if scope.CircuitId != "credentialAtomicQuerySigV2OnChain" && scope.CircuitId != "credentialAtomicQueryMTPV2OnChain" && scope.CircuitId != "credentialAtomicQueryV3OnChain-beta.0" {
return fmt.Errorf("field circuitId value is wrong, got %s, expected credentialAtomicQuerySigV2OnChain or credentialAtomicQueryMTPV2OnChain or credentialAtomicQueryV3OnChain-beta.0", scope.CircuitId)
if circuitID != circuits.AtomicQuerySigV2OnChainCircuitID && circuitID != circuits.AtomicQueryMTPV2OnChainCircuitID && circuitID != circuits.AtomicQueryV3OnChainCircuitID {
return fmt.Errorf("field circuitId value is wrong, got %s, expected %s or %s or %s", scope.CircuitId, circuits.AtomicQuerySigV2OnChainCircuitID, circuits.AtomicQueryMTPV2OnChainCircuitID, circuits.AtomicQueryV3OnChainCircuitID)
}
}

Expand Down Expand Up @@ -501,13 +505,43 @@ func getContractInvokeRequestOnChain(req SignInRequestObject, cfg config.Config)
authReq.ID = id
authReq.ThreadID = id
authReq.To = ""

verifierDID, err := buildOnchainVerifierDID(transactionData)
if err != nil {
return protocol.ContractInvokeRequestMessage{}, err
}

authReq.From = verifierDID.String()
if req.Body.To != nil {
authReq.To = *req.Body.To
}

return authReq, nil
}

func buildOnchainVerifierDID(transactionData protocol.TransactionData) (*w3c.DID, error) {
address := common2.HexToAddress(transactionData.ContractAddress)
var ethAddr [20]byte
copy(ethAddr[:], address.Bytes())

currentState := core.GenesisFromEthAddress(ethAddr)

blockchain, network, err := core.NetworkByChainID(core.ChainID(transactionData.ChainID))
if err != nil {
return nil, err
}
didType, err := core.BuildDIDType(core.DIDMethodPolygonID, blockchain, network)
if err != nil {
return nil, err
}

did, err := core.NewDID(didType, currentState)
if err != nil {
return nil, err
}
return did, nil
}

func getParams(params ScopeParams) (map[string]interface{}, error) {
val, ok := params["nullifierSessionID"]
if !ok {
Expand Down Expand Up @@ -545,14 +579,14 @@ func getVerificationResponseScopes(scopes []protocol.ZeroKnowledgeProofResponse)
return nil, errors.New("scopes are empty")
}

if scopes[0].CircuitID != "credentialAtomicQueryV3-beta.0" {
if scopes[0].CircuitID != string(circuits.AtomicQueryV3CircuitID) {
return []models.VerificationResponseScope{}, nil
}

resp := make([]models.VerificationResponseScope, 0, len(scopes))
for _, scope := range scopes {
ps := circuits.AtomicQueryV3PubSignals{}
if scope.CircuitID != "credentialAtomicQueryV3-beta.0" {
if scope.CircuitID != string(circuits.AtomicQueryV3CircuitID) {
return []models.VerificationResponseScope{}, nil
}

Expand Down
Loading

0 comments on commit 5b433bb

Please sign in to comment.