From 9f4d6f6fea8a4bf0566a86d32c6dcc52e359111b Mon Sep 17 00:00:00 2001 From: Andriian Chestnykh Date: Thu, 12 Dec 2024 18:17:33 +0000 Subject: [PATCH] Initial verifier authentication --- contracts/interfaces/IRequestValidator.sol | 7 ++++ .../RequestValidatorAuthV2Stub.sol | 4 +++ .../test-helpers/RequestValidatorV2Stub.sol | 4 +++ .../test-helpers/RequestValidatorV3Stub.sol | 8 +++++ .../test-helpers/RequestValidatorV3_2Stub.sol | 8 +++++ contracts/validators/EthIdentityValidator.sol | 9 +++++ .../verifiers/UniversalVerifierMultiQuery.sol | 35 ++++++++++++++++--- .../universal-verifier-multi-query.test.ts | 27 +++++++++----- 8 files changed, 90 insertions(+), 12 deletions(-) diff --git a/contracts/interfaces/IRequestValidator.sol b/contracts/interfaces/IRequestValidator.sol index 5087ec31..4a1d15e1 100644 --- a/contracts/interfaces/IRequestValidator.sol +++ b/contracts/interfaces/IRequestValidator.sol @@ -51,4 +51,11 @@ interface IRequestValidator { * @return Hash of the group Id of the request query data. */ function getGroupFieldHash(bytes calldata params) external view returns (bytes32); + + /** + * @dev Get the verifier ID of the request query data. + * @param params Request query data of the credential to verify. + * @return Verifier ID encoded in the request query data. + */ + function getVerifierId(bytes calldata params) external view returns (uint256); } diff --git a/contracts/test-helpers/RequestValidatorAuthV2Stub.sol b/contracts/test-helpers/RequestValidatorAuthV2Stub.sol index 3f62e2a3..a0330020 100644 --- a/contracts/test-helpers/RequestValidatorAuthV2Stub.sol +++ b/contracts/test-helpers/RequestValidatorAuthV2Stub.sol @@ -40,4 +40,8 @@ contract RequestValidatorAuthV2Stub is IRequestValidator, ERC165 { function getGroupFieldHash(bytes calldata params) external pure override returns (bytes32) { revert("AuthV2 validator does not support groupId field"); } + + function getVerifierId(bytes calldata) external pure override returns (uint256) { + return 0; + } } diff --git a/contracts/test-helpers/RequestValidatorV2Stub.sol b/contracts/test-helpers/RequestValidatorV2Stub.sol index d765c61b..605307c4 100644 --- a/contracts/test-helpers/RequestValidatorV2Stub.sol +++ b/contracts/test-helpers/RequestValidatorV2Stub.sol @@ -42,4 +42,8 @@ contract RequestValidatorV2Stub is IRequestValidator, ERC165 { function getGroupFieldHash(bytes calldata params) external pure override returns (bytes32) { revert("V2 validator does not support groupId field"); } + + function getVerifierId(bytes calldata) external pure override returns (uint256) { + return 0; + } } diff --git a/contracts/test-helpers/RequestValidatorV3Stub.sol b/contracts/test-helpers/RequestValidatorV3Stub.sol index 1ae6e223..0d772810 100644 --- a/contracts/test-helpers/RequestValidatorV3Stub.sol +++ b/contracts/test-helpers/RequestValidatorV3Stub.sol @@ -65,4 +65,12 @@ contract RequestValidatorV3Stub is IRequestValidator, ERC165 { // TODO: Implement hash function return keccak256(params); } + + function getVerifierId(bytes calldata params) external pure override returns (uint256) { + CredentialAtomicQueryV3 memory credAtomicQuery = abi.decode( + params, + (CredentialAtomicQueryV3) + ); + return credAtomicQuery.verifierID; + } } diff --git a/contracts/test-helpers/RequestValidatorV3_2Stub.sol b/contracts/test-helpers/RequestValidatorV3_2Stub.sol index b77b845f..9236a43b 100644 --- a/contracts/test-helpers/RequestValidatorV3_2Stub.sol +++ b/contracts/test-helpers/RequestValidatorV3_2Stub.sol @@ -65,4 +65,12 @@ contract RequestValidatorV3_2Stub is IRequestValidator, ERC165 { // TODO: Implement hash function return keccak256(params); } + + function getVerifierId(bytes calldata params) external pure override returns (uint256) { + CredentialAtomicQueryV3 memory credAtomicQuery = abi.decode( + params, + (CredentialAtomicQueryV3) + ); + return credAtomicQuery.verifierID; + } } diff --git a/contracts/validators/EthIdentityValidator.sol b/contracts/validators/EthIdentityValidator.sol index b7d91646..f9761811 100644 --- a/contracts/validators/EthIdentityValidator.sol +++ b/contracts/validators/EthIdentityValidator.sol @@ -109,4 +109,13 @@ contract EthIdentityValidator is Ownable2StepUpgradeable, IRequestValidator, ERC // TODO: Implement hash function return keccak256(params); } + + /** + * @dev Get the verifier ID of the request query data. + * @param params Request query data of the credential to verify. + * @return Verifier ID encoded in the request query data. + */ + function getVerifierId(bytes calldata params) external view returns (uint256) { + return 0; + } } diff --git a/contracts/verifiers/UniversalVerifierMultiQuery.sol b/contracts/verifiers/UniversalVerifierMultiQuery.sol index 9f674e61..30550d97 100644 --- a/contracts/verifiers/UniversalVerifierMultiQuery.sol +++ b/contracts/verifiers/UniversalVerifierMultiQuery.sol @@ -41,6 +41,8 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable { string metadata; IRequestValidator validator; bytes params; + address creator; + uint256 verifierId; } struct Request { @@ -50,6 +52,16 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable { bytes params; } + struct RequestInfo { + uint256 requestId; + string metadata; + IRequestValidator validator; + bytes params; + address creator; + uint256 verifierId; + bool isVerifierAuthenticated; + } + struct GroupedRequests { uint256 groupId; Request[] requests; @@ -388,10 +400,14 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable { Request calldata request ) internal checkRequestExistence(request.requestId, false) { UniversalVerifierMultiQueryStorage storage s = _getUniversalVerifierMultiQueryStorage(); + uint256 verifierId = request.validator.getVerifierId(request.params); + s._requests[request.requestId] = RequestData({ metadata: request.metadata, validator: request.validator, - params: request.params + params: request.params, + creator: _msgSender(), + verifierId: verifierId }); s._requestIds.push(request.requestId); @@ -436,12 +452,23 @@ contract UniversalVerifierMultiQuery is Ownable2StepUpgradeable { /** * @dev Gets a specific request by ID * @param requestId The ID of the request - * @return request The request data + * @return request The request info */ function getRequest( uint256 requestId - ) public view checkRequestExistence(requestId, true) returns (RequestData memory request) { - return _getUniversalVerifierMultiQueryStorage()._requests[requestId]; + ) public view checkRequestExistence(requestId, true) returns (RequestInfo memory request) { + UniversalVerifierMultiQueryStorage storage $ = _getUniversalVerifierMultiQueryStorage(); + RequestData storage rd = $._requests[requestId]; + return + RequestInfo({ + requestId: requestId, + metadata: rd.metadata, + validator: rd.validator, + params: rd.params, + creator: rd.creator, + verifierId: rd.verifierId, + isVerifierAuthenticated: $._user_auth_timestamp[rd.verifierId][rd.creator] != 0 + }); } /** diff --git a/test/verifier/universal-verifier-multi-query.test.ts b/test/verifier/universal-verifier-multi-query.test.ts index f16b88aa..164a9b3c 100644 --- a/test/verifier/universal-verifier-multi-query.test.ts +++ b/test/verifier/universal-verifier-multi-query.test.ts @@ -48,7 +48,7 @@ describe("Universal Verifier Multi-query", function () { "20376033832371109177683048456014525905119173674985843915445634726167450989630"; const [merklized, isRevocationChecked, valueArrSize] = [1, 1, 1]; const nullifierSessionId = "0"; - const verifierId = "21929109382993718606847853573861987353620810345503358891473103689157378049"; + const verifierId = "1"; const queryHash = calculateQueryHashV3( value, schema, @@ -199,11 +199,14 @@ describe("Universal Verifier Multi-query", function () { ); await txSetRequests.wait(); - const requestStored = await verifier.getRequest(requestId); + let requestStored = await verifier.getRequest(requestId); // check if the request is stored correctly checking metadata and validator - expect(requestStored[0]).to.be.equal("metadata"); - expect(requestStored[1]).to.be.equal(await v3Validator.getAddress()); - expect(requestStored[2]).to.be.equal(params); + expect(requestStored.metadata).to.be.equal("metadata"); + expect(requestStored.validator).to.be.equal(await v3Validator.getAddress()); + expect(requestStored.params).to.be.equal(params); + expect(requestStored.creator).to.be.equal(await signer.getAddress()); + expect(requestStored.verifierId).to.be.equal(verifierId); + expect(requestStored.isVerifierAuthenticated).to.be.equal(false); await verifier.setAuthType({ authType: authType, @@ -285,6 +288,11 @@ describe("Universal Verifier Multi-query", function () { expect(status[0][0][1]).to.be.equal(true); // auth type isVerified expect(status[1][0][0]).to.be.equal(requestId); expect(status[1][0][1]).to.be.equal(true); // request isVerified + + requestStored = await verifier.getRequest(requestId); + // check if validator is authenticated + // TODO reorg the tests to decouple validator from user + expect(requestStored.isVerifierAuthenticated).to.be.equal(true); }); it("Test submit response multiquery with same groupID and linkID", async () => { @@ -325,9 +333,12 @@ describe("Universal Verifier Multi-query", function () { const requestStored = await verifier.getRequest(requestId2); // check if the request is stored correctly checking metadata and validator - expect(requestStored[0]).to.be.equal("metadata"); - expect(requestStored[1]).to.be.equal(await v3Validator.getAddress()); - expect(requestStored[2]).to.be.equal(paramsRequest2); + expect(requestStored.metadata).to.be.equal("metadata"); + expect(requestStored.validator).to.be.equal(await v3Validator.getAddress()); + expect(requestStored.params).to.be.equal(paramsRequest2); + expect(requestStored.creator).to.be.equal(await signer.getAddress()); + expect(requestStored.verifierId).to.be.equal(verifierId); + expect(requestStored.isVerifierAuthenticated).to.be.equal(false); await verifier.setAuthType({ authType: authType,