Skip to content

Commit

Permalink
Initial verifier authentication (#323)
Browse files Browse the repository at this point in the history
Co-authored-by: daveroga <[email protected]>
  • Loading branch information
AndriianChestnykh and daveroga authored Dec 17, 2024
1 parent 24888ad commit 14ca44b
Show file tree
Hide file tree
Showing 8 changed files with 84 additions and 6 deletions.
7 changes: 7 additions & 0 deletions contracts/interfaces/IRequestValidator.sol
Original file line number Diff line number Diff line change
Expand Up @@ -51,4 +51,11 @@ interface IRequestValidator {
* @return Hash of the group Id of the request query data.
*/
function getGroupFieldHash(bytes calldata params) external view returns (bytes32);

/**
* @dev Get the verifier ID of the request query data.
* @param params Request query data of the credential to verify.
* @return Verifier ID encoded in the request query data.
*/
function getVerifierId(bytes calldata params) external view returns (uint256);
}
4 changes: 4 additions & 0 deletions contracts/test-helpers/RequestValidatorAuthV2Stub.sol
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,8 @@ contract RequestValidatorAuthV2Stub is IRequestValidator, ERC165 {
function getGroupFieldHash(bytes calldata params) external pure override returns (bytes32) {
revert("AuthV2 validator does not support groupId field");
}

function getVerifierId(bytes calldata) external pure override returns (uint256) {
return 0;
}
}
4 changes: 4 additions & 0 deletions contracts/test-helpers/RequestValidatorV2Stub.sol
Original file line number Diff line number Diff line change
Expand Up @@ -42,4 +42,8 @@ contract RequestValidatorV2Stub is IRequestValidator, ERC165 {
function getGroupFieldHash(bytes calldata params) external pure override returns (bytes32) {
revert("V2 validator does not support groupId field");
}

function getVerifierId(bytes calldata) external pure override returns (uint256) {
return 0;
}
}
8 changes: 8 additions & 0 deletions contracts/test-helpers/RequestValidatorV3Stub.sol
Original file line number Diff line number Diff line change
Expand Up @@ -65,4 +65,12 @@ contract RequestValidatorV3Stub is IRequestValidator, ERC165 {
// TODO: Implement hash function
return keccak256(params);
}

function getVerifierId(bytes calldata params) external pure override returns (uint256) {
CredentialAtomicQueryV3 memory credAtomicQuery = abi.decode(
params,
(CredentialAtomicQueryV3)
);
return credAtomicQuery.verifierID;
}
}
8 changes: 8 additions & 0 deletions contracts/test-helpers/RequestValidatorV3_2Stub.sol
Original file line number Diff line number Diff line change
Expand Up @@ -65,4 +65,12 @@ contract RequestValidatorV3_2Stub is IRequestValidator, ERC165 {
// TODO: Implement hash function
return keccak256(params);
}

function getVerifierId(bytes calldata params) external pure override returns (uint256) {
CredentialAtomicQueryV3 memory credAtomicQuery = abi.decode(
params,
(CredentialAtomicQueryV3)
);
return credAtomicQuery.verifierID;
}
}
9 changes: 9 additions & 0 deletions contracts/validators/EthIdentityValidator.sol
Original file line number Diff line number Diff line change
Expand Up @@ -109,4 +109,13 @@ contract EthIdentityValidator is Ownable2StepUpgradeable, IRequestValidator, ERC
// TODO: Implement hash function
return keccak256(params);
}

/**
* @dev Get the verifier ID of the request query data.
* @param params Request query data of the credential to verify.
* @return Verifier ID encoded in the request query data.
*/
function getVerifierId(bytes calldata params) external view returns (uint256) {
return 0;
}
}
35 changes: 31 additions & 4 deletions contracts/verifiers/UniversalVerifierMultiQuery.sol
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable {
string metadata;
IRequestValidator validator;
bytes params;
address creator;
uint256 verifierId;
}

struct Request {
Expand All @@ -50,6 +52,16 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable {
bytes params;
}

struct RequestInfo {
uint256 requestId;
string metadata;
IRequestValidator validator;
bytes params;
address creator;
uint256 verifierId;
bool isVerifierAuthenticated;
}

struct GroupedRequests {
uint256 groupId;
Request[] requests;
Expand Down Expand Up @@ -388,10 +400,14 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable {
Request calldata request
) internal checkRequestExistence(request.requestId, false) {
UniversalVerifierMultiQueryStorage storage s = _getUniversalVerifierMultiQueryStorage();
uint256 verifierId = request.validator.getVerifierId(request.params);

s._requests[request.requestId] = RequestData({
metadata: request.metadata,
validator: request.validator,
params: request.params
params: request.params,
creator: _msgSender(),
verifierId: verifierId
});
s._requestIds.push(request.requestId);

Expand Down Expand Up @@ -436,12 +452,23 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable {
/**
* @dev Gets a specific request by ID
* @param requestId The ID of the request
* @return request The request data
* @return request The request info
*/
function getRequest(
uint256 requestId
) public view checkRequestExistence(requestId, true) returns (RequestData memory request) {
return _getUniversalVerifierMultiQueryStorage()._requests[requestId];
) public view checkRequestExistence(requestId, true) returns (RequestInfo memory request) {
UniversalVerifierMultiQueryStorage storage $ = _getUniversalVerifierMultiQueryStorage();
RequestData storage rd = $._requests[requestId];
return
RequestInfo({
requestId: requestId,
metadata: rd.metadata,
validator: rd.validator,
params: rd.params,
creator: rd.creator,
verifierId: rd.verifierId,
isVerifierAuthenticated: $._user_auth_timestamp[rd.verifierId][rd.creator] != 0
});
}

/**
Expand Down
15 changes: 13 additions & 2 deletions test/verifier/universal-verifier-multi-query.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ describe("Universal Verifier Multi-query", function () {
"20376033832371109177683048456014525905119173674985843915445634726167450989630";
const [merklized, isRevocationChecked, valueArrSize] = [1, 1, 1];
const nullifierSessionId = "0";
const verifierId = "21929109382993718606847853573861987353620810345503358891473103689157378049";
const verifierId = "1";
const queryHash = calculateQueryHashV3(
value,
schema,
Expand Down Expand Up @@ -199,11 +199,14 @@ describe("Universal Verifier Multi-query", function () {
);
await txSetRequests.wait();

const requestStored = await verifier.getRequest(requestId);
let requestStored = await verifier.getRequest(requestId);
// check if the request is stored correctly checking metadata and validator
expect(requestStored.metadata).to.be.equal("metadata");
expect(requestStored.validator).to.be.equal(await v3Validator.getAddress());
expect(requestStored.params).to.be.equal(params);
expect(requestStored.creator).to.be.equal(await signer.getAddress());
expect(requestStored.verifierId).to.be.equal(verifierId);
expect(requestStored.isVerifierAuthenticated).to.be.equal(false);

await verifier.setAuthType({
authType: authType,
Expand Down Expand Up @@ -285,6 +288,11 @@ describe("Universal Verifier Multi-query", function () {
expect(status[0][0].isVerified).to.be.equal(true); // auth type isVerified
expect(status[1][0].requestId).to.be.equal(requestId);
expect(status[1][0].isVerified).to.be.equal(true); // request isVerified

requestStored = await verifier.getRequest(requestId);
// check if validator is authenticated
// TODO reorg the tests to decouple validator from user
expect(requestStored.isVerifierAuthenticated).to.be.equal(true);
});

it("Test submit response multiquery with same groupID and linkID", async () => {
Expand Down Expand Up @@ -328,6 +336,9 @@ describe("Universal Verifier Multi-query", function () {
expect(requestStored.metadata).to.be.equal("metadata");
expect(requestStored.validator).to.be.equal(await v3Validator.getAddress());
expect(requestStored.params).to.be.equal(paramsRequest2);
expect(requestStored.creator).to.be.equal(await signer.getAddress());
expect(requestStored.verifierId).to.be.equal(verifierId);
expect(requestStored.isVerifierAuthenticated).to.be.equal(false);

await verifier.setAuthType({
authType: authType,
Expand Down

0 comments on commit 14ca44b

Please sign in to comment.