Fix/auth response in submit (#314)

* refactor usage of auth proofs

* fixes

* 1.29.2

* prettier

* simplification of redundant logic

* fixes in tests

* f

Author: vmidyllic

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "@0xpolygonid/js-sdk",
-  "version": "1.29.1",
+  "version": "1.29.2",
   "description": "SDK to work with Polygon ID",
   "main": "dist/node/cjs/index.js",
   "module": "dist/node/esm/index.js",

package.json

@@ -2,7 +2,7 @@ import { getRandomBytes, poseidon } from '@iden3/js-crypto';
 import {
   AcceptProfile,
   AuthMethod,
-  AuthProofResponse,
+  AuthProof,
   BasicMessage,
   JsonDocumentObject,
   JWSPackerParams,
@@ -11,14 +11,14 @@ import {
   ZeroKnowledgeProofRequest,
   ZeroKnowledgeProofResponse
 } from '../types';
-import { byteEncoder, bytesToHex, mergeObjects } from '../../utils';
+import { byteEncoder, mergeObjects } from '../../utils';
 import { RevocationStatus, W3CCredential } from '../../verifiable';
-import { BytesHelper, DID, getUnixTimestamp } from '@iden3/js-iden3-core';
+import { DID, getUnixTimestamp } from '@iden3/js-iden3-core';
 import { IProofService } from '../../proof';
 import { CircuitId } from '../../circuits';
 import { AcceptJwsAlgorithms, defaultAcceptProfile, MediaType } from '../constants';
 import { ethers, Signer } from 'ethers';
-import { packZkpProof, prepareZkpProof } from '../utils';
+import { packZkpProof, prepareZkpProof } from '../../storage/blockchain/common';
 
 /**
  * Groups the ZeroKnowledgeProofRequest objects based on their groupId.
@@ -155,17 +155,13 @@ export const processProofAuth = async (
   opts: {
     supportedCircuits: CircuitId[];
     acceptProfile?: AcceptProfile;
-    skipRevocation?: boolean;
-    sender: string;
+    senderAddress: string;
     zkpResponses: ZeroKnowledgeProofResponse[];
   }
-): Promise<{ authResponse: AuthProofResponse; authProof?: ZeroKnowledgeProofAuthResponse }> => {
+): Promise<{ authProof: AuthProof }> => {
   if (!opts.acceptProfile) {
     opts.acceptProfile = defaultAcceptProfile;
   }
-  if (!opts.skipRevocation) {
-    opts.skipRevocation = true;
-  }
 
   switch (opts.acceptProfile.env) {
     case MediaType.ZKPMessage:
@@ -177,52 +173,36 @@ export const processProofAuth = async (
         if (!opts.supportedCircuits.includes(circuitId as unknown as CircuitId)) {
           throw new Error(`Circuit ${circuitId} is not supported`);
         }
-        if (!opts.sender) {
+        if (!opts.senderAddress) {
           throw new Error('Sender address is not provided');
         }
         if (!opts.zkpResponses || opts.zkpResponses.length === 0) {
           throw new Error('ZKP responses are not provided');
         }
-        const challengeAuth = calcChallengeAuthV2(opts.sender, opts.zkpResponses);
+        const challengeAuth = calcChallengeAuthV2(opts.senderAddress, opts.zkpResponses);
 
         const zkpRes: ZeroKnowledgeProofAuthResponse = await proofService.generateAuthProof(
           circuitId as unknown as CircuitId,
           to,
-          { challenge: challengeAuth, skipRevocation: opts.skipRevocation }
+          { challenge: challengeAuth }
         );
-
-        switch (circuitId as unknown as CircuitId) {
-          case CircuitId.AuthV2: {
-            const preparedZkpProof = prepareZkpProof(zkpRes.proof);
-            const zkProofEncoded = packZkpProof(
-              zkpRes.pub_signals,
-              preparedZkpProof.a,
-              preparedZkpProof.b,
-              preparedZkpProof.c
-            );
-
-            return {
-              authResponse: {
-                authMethod: AuthMethod.AUTHV2,
-                proof: zkProofEncoded
-              },
-              authProof: zkpRes
-            };
+        return {
+          authProof: {
+            authMethod: AuthMethod.AUTHV2,
+            zkp: zkpRes
           }
-        }
+        };
       }
       throw new Error(`Auth method is not supported`);
     case MediaType.SignedMessage:
       if (!opts.acceptProfile.alg || opts.acceptProfile.alg.length === 0) {
         throw new Error('Algorithm not specified');
       }
       if (opts.acceptProfile.alg[0] === AcceptJwsAlgorithms.ES256KR) {
-        const ethIdProof = packEthIdentityProof(to);
-
         return {
-          authResponse: {
+          authProof: {
             authMethod: AuthMethod.ETH_IDENTITY,
-            proof: ethIdProof
+            userDid: to
           }
         };
       }
@@ -278,12 +258,12 @@ export const processProofResponse = (zkProof: ZeroKnowledgeProofResponse) => {
 
 /**
  * Calculates the challenge authentication V2 value.
- * @param sender - The address of the sender.
+ * @param senderAddress - The address of the sender.
  * @param zkpResponses - An array of ZeroKnowledgeProofResponse objects.
  * @returns A bigint representing the challenge authentication value.
  */
 export const calcChallengeAuthV2 = (
-  sender: string,
+  senderAddress: string,
   zkpResponses: ZeroKnowledgeProofResponse[]
 ): bigint => {
   const responses = zkpResponses.map((zkpResponse) => {
@@ -300,7 +280,7 @@ export const calcChallengeAuthV2 = (
       ethers.keccak256(
         new ethers.AbiCoder().encode(
           ['address', '(uint256 requestId,bytes proof,bytes metadata)[]'],
-          [sender, responses]
+          [senderAddress, responses]
         )
       )
     ) & BigInt('0x0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff')
@@ -331,12 +311,3 @@ export const verifyExpiresTime = (message: BasicMessage) => {
     throw new Error('Message expired');
   }
 };
-
-/**
- * Packs an Ethereum identity proof from a Decentralized Identifier (DID).
- * @param did - Decentralized Identifier (DID) to pack.
- * @returns A hexadecimal string representing the packed DID identity proof.
- */
-export const packEthIdentityProof = (did: DID): string => {
-  return `0x${bytesToHex(BytesHelper.intToBytes(DID.idFromDID(did).bigInt()))}`;
-};

src/iden3comm/handlers/common.ts

@@ -9,7 +9,7 @@ import {
   ZeroKnowledgeProofResponse
 } from '../types';
 import { ContractInvokeRequest, ContractInvokeResponse } from '../types/protocol/contract-request';
-import { DID, ChainIds, getUnixTimestamp } from '@iden3/js-iden3-core';
+import { DID, ChainIds, getUnixTimestamp, BytesHelper } from '@iden3/js-iden3-core';
 import { FunctionSignatures, IOnChainZKPVerifier } from '../../storage';
 import { Signer } from 'ethers';
 import { processProofAuth, processZeroKnowledgeProofRequests, verifyExpiresTime } from './common';
@@ -19,6 +19,7 @@ import {
   IProtocolMessageHandler
 } from './message-handler';
 import { parseAcceptProfile } from '../utils';
+import { hexToBytes } from '../../utils';
 
 /**
  * Interface that allows the processing of the contract request
@@ -149,7 +150,7 @@ export class ContractRequestHandler
       this._proofService,
       {
         ethSigner,
-        challenge,
+        challenge: challenge ?? BytesHelper.bytesToInt(hexToBytes(await ethSigner.getAddress())),
         supportedCircuits: this._supportedCircuits
       }
     );
@@ -199,18 +200,16 @@ export class ContractRequestHandler
 
         const identifier = DID.parse(message.to);
 
-        const { authResponse, authProof } = await processProofAuth(identifier, this._proofService, {
+        const { authProof } = await processProofAuth(identifier, this._proofService, {
           supportedCircuits: this._supportedCircuits,
           acceptProfile,
-          skipRevocation: true,
-          sender: await ethSigner.getAddress(),
+          senderAddress: await ethSigner.getAddress(),
           zkpResponses: zkpResponses
         });
 
         return this._zkpVerifier.submitResponse(
           ethSigner,
           message.body.transaction_data,
-          authResponse,
           zkpResponses,
           authProof
         );
@@ -298,8 +297,8 @@ export class ContractRequestHandler
       }
       contractInvokeResponse.body = {
         ...contractInvokeResponse.body,
-        crossChainProofs: zkpResponses.crossChainProofs ?? [],
-        authProofs: zkpResponses.authProofs ?? []
+        crossChainProof: zkpResponses.crossChainProof,
+        authProof: zkpResponses.authProof
       };
     }
     return contractInvokeResponse;

src/iden3comm/handlers/contract-request.ts

@@ -8,7 +8,7 @@ import {
   VerificationMethod as DidResolverVerificationMethod
 } from 'did-resolver';
 import { RootInfo, StateInfo } from '../../../storage';
-import { AuthProofResponse } from './contract-request';
+import { AuthProof, CrossChainProof } from './contract-request';
 
 /** AuthorizationResponseMessage is struct the represents iden3message authorization response */
 export type AuthorizationResponseMessage = BasicMessage & {
@@ -66,8 +66,8 @@ export type ZeroKnowledgeProofQuery = {
 
 export type ZeroKnowledgeInvokeResponse = {
   responses: ZeroKnowledgeProofResponse[];
-  crossChainProofs?: string[];
-  authProofs?: AuthProofResponse[];
+  crossChainProof?: CrossChainProof;
+  authProof?: AuthProof;
 };
 
 /** ZeroKnowledgeProofResponse represents structure of zkp response */

src/iden3comm/types/protocol/auth.ts

@@ -1,6 +1,13 @@
+import { GlobalStateUpdate, IdentityStateUpdate } from '../../../storage/entities/state';
 import { PROTOCOL_MESSAGE_TYPE } from '../../constants';
 import { BasicMessage } from '../packer';
-import { DIDDocument, ZeroKnowledgeProofRequest, ZeroKnowledgeProofResponse } from './auth';
+import {
+  DIDDocument,
+  ZeroKnowledgeProofAuthResponse,
+  ZeroKnowledgeProofRequest,
+  ZeroKnowledgeProofResponse
+} from './auth';
+import { DID } from '@iden3/js-iden3-core';
 
 /** ContractInvokeRequest represents structure of contract invoke request object */
 export type ContractInvokeRequest = BasicMessage & {
@@ -28,8 +35,8 @@ export type ContractInvokeResponseBody = {
   scope: Array<OnChainZeroKnowledgeProofResponse>;
   transaction_data: ContractInvokeTransactionData;
   did_doc?: DIDDocument;
-  crossChainProofs?: string[];
-  authProofs?: AuthProofResponse[];
+  crossChainProof?: CrossChainProof;
+  authProof?: AuthProof;
 };
 
 /** OnChainZeroKnowledgeProofResponse represents structure of onchain zero knowledge proof response */
@@ -45,10 +52,21 @@ export type ContractInvokeTransactionData = {
   network?: string;
 };
 
+export type AuthProofEthIdentity = {
+  userDid: DID;
+};
+export type AuthProofZKP = {
+  zkp: ZeroKnowledgeProofAuthResponse;
+};
+
 /** AuthProofResponse represents structure of zkp response */
-export type AuthProofResponse = {
+export type AuthProof = {
   authMethod: AuthMethod;
-  proof: string;
+} & (AuthProofEthIdentity | AuthProofZKP);
+
+export type CrossChainProof = {
+  globalStateProofs: GlobalStateUpdate[];
+  identityStateProofs: IdentityStateUpdate[];
 };
 
 export enum AuthMethod {

src/iden3comm/types/protocol/contract-request.ts

@@ -1,5 +1,4 @@
 export * from './envelope';
 export * from './message';
 export * from './did';
-export * from './contract-request.utils';
 export * from './accept-profile';