Merge branch 'v2' into schema_processor_slots

iden3 · Aug 29, 2023 · 778c6f4 · 778c6f4
2 parents 78ee6d3 + e44ad9e
commit 778c6f4
Show file tree

Hide file tree

Showing 7 changed files with 126 additions and 67 deletions.
diff --git a/auth.go b/auth.go
@@ -21,7 +21,7 @@ import (
 	"github.com/iden3/go-iden3-auth/v2/pubsignals"
 	"github.com/iden3/go-iden3-auth/v2/state"
 	"github.com/iden3/go-jwz/v2"
-	spLoaders "github.com/iden3/go-schema-processor/v2/loaders"
+	schemaloaders "github.com/iden3/go-schema-processor/v2/loaders"
 	"github.com/iden3/go-schema-processor/v2/merklize"
 	"github.com/iden3/go-schema-processor/v2/verifiable"
 	"github.com/iden3/iden3comm/v2"
@@ -482,5 +482,5 @@ func getDocumentLoader(docLoader ld.DocumentLoader, ipfsCli *shell.Shell,
 		return defaultSchemaLoader
 	}
 
-	return spLoaders.NewDocumentLoader(ipfsCli, ipfsGW)
+	return schemaloaders.NewDocumentLoader(ipfsCli, ipfsGW)
 }
diff --git a/auth_test.go b/auth_test.go
@@ -77,31 +77,29 @@ func (r *mockStateResolver) ResolveGlobalRoot(_ context.Context, _ *big.Int) (*s
 }
 
 func TestVerifyMessageWithSigProof_NonMerkalized(t *testing.T) {
-	// TODO(illia-korotia): for non merklized claim and schema don't know about xsd:types
-	t.Skip("skipping test")
 	verifierID := "did:polygonid:polygon:mumbai:2qEevY9VnKdNsVDdXRv3qSLHRqoMGMRRdE5Gmc6iA7"
 	callbackURL := "https://test.com/callback"
 	reason := "test"
 
 	var mtpProofRequest protocol.ZeroKnowledgeProofRequest
-	mtpProofRequest.ID = 23
+	mtpProofRequest.ID = 84239
 	mtpProofRequest.CircuitID = string(circuits.AtomicQuerySigV2CircuitID)
 	opt := true
 	mtpProofRequest.Optional = &opt
 	mtpProofRequest.Query = map[string]interface{}{
 		"allowedIssuers": []string{"*"},
 		"credentialSubject": map[string]interface{}{
 			"documentType": map[string]interface{}{
-				"$eq": 10,
+				"$eq": 99,
 			},
 		},
-		"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
+		"context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld",
 		"type":    "KYCAgeCredential",
 	}
 	request := CreateAuthorizationRequestWithMessage(reason, "message to sign", verifierID, callbackURL)
 	request.Body.Scope = append(request.Body.Scope, mtpProofRequest)
 
-	userID := "did:polygonid:polygon:mumbai:2qD8Nsp4FQcdk1N3yhziquEBZGMXdVkKtBhtLdGnix"
+	userID := "did:polygonid:polygon:mumbai:2qKzaaAewvBVv11iZjJZzjTxBQioZLEujPYTUJp7gQ"
 	responseUUID := uuid.New()
 
 	// response
@@ -116,50 +114,50 @@ func TestVerifyMessageWithSigProof_NonMerkalized(t *testing.T) {
 		Message: "message to sign",
 		Scope: []protocol.ZeroKnowledgeProofResponse{
 			{
-				ID:        23,
+				ID:        84239,
 				CircuitID: mtpProofRequest.CircuitID,
 				ZKProof: types.ZKProof{
 					Proof: &types.ProofData{
 						A: []string{
-							"9518940539414587245794003192532307790550936491078690484579527365586406369952",
-							"18310892073224615121155590891657868809375867436314025475318265897577698765429",
+							"14056228231956087288378518013493130710375131807243578639863710060510262038676",
+							"15685597096933930175890593905690244171450509041610585092210638200145586390285",
 							"1",
 						},
 						B: [][]string{
 							{
-								"7473471862476301137207221898428038544241157556635980264621324015685573123570",
-								"12749169234766877085006220937362504781288470732483056139299482729458259754028",
+								"6867891861795556838771075779522609255721689620651295420993290050538780283807",
+								"12803728874072821363624664338413776845757845422512289455246307343796729670516",
 							},
 							{
-								"3455578419807762064145715564295939767903330673624118421238034929096545128331",
-								"12484357578498567666992818368371681218686429789722992962435530253571008321433",
+								"1556511867067742689232747109877739227261867306751037654148240512509806309140",
+								"3417379743049361186708759271231315501277403869916476403120965486647240758779",
 							},
 							{
 								"1",
 								"0",
 							}},
 						C: []string{
-							"2620490929586137686238649209251762311479806943644120771227616021811240503743",
-							"5676385148800793701377781773804054339642731549886824415936348195774348094130",
+							"10569434133480072042978475540156042501239134571700053665222790798542811352807",
+							"16412506719218682682070660169432465369639644911994254460610287965570092298694",
 							"1",
 						},
 						Protocol: "groth16",
 					},
 					PubSignals: []string{
 						"0",
-						"23280069646923371456510050373677752848804011824981226331232885668622242306",
-						"2943483356559152311923412925436024635269538717812859789851139200242297094",
-						"23",
-						"22064883246134712298411652505170593669589088931416964593351226206090301954",
+						"23556362286864724741858679466282977995723542763829611007300550436288008706",
+						"6488011081960287964570775172930943914920953982696735236025195378048754598764",
+						"84239",
+						"21803003425107230045260507608510138502859759480520560654156359021447614978",
+						"1",
+						"6488011081960287964570775172930943914920953982696735236025195378048754598764",
+						"1693230616",
+						"198285726510688200335207273836123338699",
 						"1",
-						"2943483356559152311923412925436024635269538717812859789851139200242297094",
-						"1642074362",
-						"74977327600848231385663280181476307657",
-						"0",
 						"0",
-						"2",
+						"3",
 						"1",
-						"10",
+						"99",
 						"0",
 						"0",
 						"0",
@@ -231,7 +229,7 @@ func TestVerifyMessageWithSigProof_NonMerkalized(t *testing.T) {
 
 	schemaLoader := &mockJSONLDSchemaLoader{
 		schemas: map[string]string{
-			"https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v2.json-ld": loadSchema("kyc-v2.json-ld"),
+			"https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld": loadSchema("kyc-nonmerklized.jsonld"),
 		},
 	}
 	authInstance, err := NewVerifier(verificationKeyloader, stateResolvers,

diff --git a/go.mod b/go.mod
@@ -13,8 +13,8 @@ require (
 	github.com/iden3/go-jwz/v2 v2.0.0-20230519132540-75b6744028b1
 	github.com/iden3/go-rapidsnark/types v0.0.3
 	github.com/iden3/go-rapidsnark/verifier v0.0.5
-	github.com/iden3/go-schema-processor/v2 v2.0.0-20230815163555-a522c86691c2
-	github.com/iden3/iden3comm/v2 v2.0.0-20230815163928-2aa42446429f
+	github.com/iden3/go-schema-processor/v2 v2.0.0
+	github.com/iden3/iden3comm/v2 v2.0.0-20230615170418-d60ff7a4c7f3
 	github.com/ipfs/go-ipfs-api v0.6.0
 	github.com/piprate/json-gold v0.5.1-0.20230111113000-6ddbe6e6f19f
 	github.com/pkg/errors v0.9.1
@@ -69,6 +69,7 @@ require (
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/pquerna/cachecontrol v0.1.0 // indirect
 	github.com/segmentio/asm v1.2.0 // indirect
+	github.com/santhosh-tekuri/jsonschema/v5 v5.3.0 // indirect
 	github.com/shirou/gopsutil v3.21.11+incompatible // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/tklauser/go-sysconf v0.3.11 // indirect

diff --git a/go.sum b/go.sum
@@ -125,10 +125,10 @@ github.com/iden3/go-rapidsnark/verifier v0.0.5 h1:J7y0ovrEjDQoWtZmlrp4tgGng1A9fa
 github.com/iden3/go-rapidsnark/verifier v0.0.5/go.mod h1:KgL3Yr9NehlFDI4EIWVLE3UDUi8ulyjbp7HcXSBfiGI=
 github.com/iden3/go-rapidsnark/witness v0.0.6 h1:p+6QBymSV3XWm1kB2PL2vlXxKXJN8GyWuqNJv/0PGGU=
 github.com/iden3/go-rapidsnark/witness v0.0.6/go.mod h1:57IHQpnvx0CeS6cAT07oN/lqwT5LRc4zicYoZ1cnAPE=
-github.com/iden3/go-schema-processor/v2 v2.0.0-20230815163555-a522c86691c2 h1:6uq3Hpt/kf+QpNTnKAdvkzfImyPQP0J3X1UD/laTxAY=
-github.com/iden3/go-schema-processor/v2 v2.0.0-20230815163555-a522c86691c2/go.mod h1:fuC9+rNfhMtgK9HoFXFt1xvsd6mCdAm8psUJIz80o6o=
-github.com/iden3/iden3comm/v2 v2.0.0-20230815163928-2aa42446429f h1:B9hw1kg2payF1/vvvlYa7CVwG9NI1e05jWqvCgNtPLQ=
-github.com/iden3/iden3comm/v2 v2.0.0-20230815163928-2aa42446429f/go.mod h1:mUpiJahdnGxr73G9IJWKq82hbbcWXF8kxwr2WMsGG1U=
+github.com/iden3/go-schema-processor/v2 v2.0.0 h1:izbC5+rd7rV1np+tjCqDe016qlOKu6JF7r8LQvdObWM=
+github.com/iden3/go-schema-processor/v2 v2.0.0/go.mod h1:eWRQDbxixZ/9k/uPlciKIy6TUYlKX/6hdqyTuAQi3wE=
+github.com/iden3/iden3comm/v2 v2.0.0-20230615170418-d60ff7a4c7f3 h1:IV86LrOi8XtQWre60W0H9Z/Qu+z0JM5RYCt2MYE1dZM=
+github.com/iden3/iden3comm/v2 v2.0.0-20230615170418-d60ff7a4c7f3/go.mod h1:WS/rgjgZkXKR3pzjSmx8McR512Wr93kTsIV+zuR8sl0=
 github.com/iden3/wasmer-go v0.0.1 h1:TZKh8Se8B/73PvWrcu+FTU9L1k5XYAmtFbioj7l0Uog=
 github.com/iden3/wasmer-go v0.0.1/go.mod h1:ZnZBAO012M7o+Q1INXLRIxKQgEcH2FuwL0Iga8A4ufg=
 github.com/ipfs/boxo v0.8.0 h1:UdjAJmHzQHo/j3g3b1bAcAXCj/GM6iTwvSlBDvPBNBs=
@@ -223,6 +223,8 @@ github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
 github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
+github.com/santhosh-tekuri/jsonschema/v5 v5.3.0 h1:uIkTLo0AGRc8l7h5l9r+GcYi9qfVPt6lD4/bhmzfiKo=
+github.com/santhosh-tekuri/jsonschema/v5 v5.3.0/go.mod h1:FKdcjfQW6rpZSnxxUvEA5H/cDPdvJ/SZJQLWWXWGrZ0=
 github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
 github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
 github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=

diff --git a/pubsignals/query.go b/pubsignals/query.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/iden3/go-circuits/v2"
 	core "github.com/iden3/go-iden3-core/v2"
+	parser "github.com/iden3/go-schema-processor/v2/json"
 	"github.com/iden3/go-schema-processor/v2/merklize"
 	"github.com/iden3/go-schema-processor/v2/utils"
 	"github.com/piprate/json-gold/ld"
@@ -26,13 +27,14 @@ var allOperations = map[int]struct{}{
 	circuits.NE:  {},
 }
 
-var availabelTypesOperations = map[string]map[int]struct{}{
+var availableTypesOperations = map[string]map[int]struct{}{
 	ld.XSDBoolean:                        {circuits.EQ: {}, circuits.NE: {}},
 	ld.XSDInteger:                        allOperations,
 	ld.XSDInteger + "nonNegativeInteger": allOperations,
 	ld.XSDInteger + "positiveInteger":    allOperations,
 	ld.XSDString:                         {circuits.EQ: {}, circuits.NE: {}, circuits.IN: {}, circuits.NIN: {}},
 	ld.XSDNS + "dateTime":                allOperations,
+	ld.XSDDouble:                         {circuits.EQ: {}, circuits.NE: {}, circuits.IN: {}, circuits.NIN: {}},
 }
 
 // PathToSubjectType path to description of subject type.
@@ -165,7 +167,13 @@ func (q Query) verifyClaim(schemaBytes []byte, pubSig *CircuitOutputs,
 			return errors.New("proof doesn't contains target query key")
 		}
 	} else {
-		return errors.New("non-merklized credentials are not supported")
+		slotIndex, err := parser.Parser{}.GetFieldSlotIndex(fieldName, q.Type, schemaBytes)
+		if err != nil {
+			return errors.Errorf("failed to get field slot: %v", err)
+		}
+		if slotIndex != pubSig.SlotIndex {
+			return errors.New("proof was generated for another slot")
+		}
 	}
 
 	return nil
@@ -454,10 +462,10 @@ func isValidOperation(typ string, op int) bool {
 		return true
 	}
 
-	ops, ok := availabelTypesOperations[typ]
+	ops, ok := availableTypesOperations[typ]
 	if !ok {
 		// by default all unknown types will be considered as string
-		ops = availabelTypesOperations[ld.XSDString]
+		ops = availableTypesOperations[ld.XSDString]
 		_, ok = ops[op]
 		return ok
 	}

diff --git a/pubsignals/query_test.go b/pubsignals/query_test.go
@@ -257,6 +257,34 @@ func TestCheckRequest_Success(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "Non merklized claim",
+			query: Query{
+				AllowedIssuers: []string{"*"},
+				CredentialSubject: map[string]interface{}{
+					"birthday": map[string]interface{}{
+						"$eq": "19960424",
+					},
+				},
+				Context: "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld",
+				Type:    "KYCAgeCredential",
+			},
+			pubSig: &CircuitOutputs{
+				IssuerID:            &issuerID,
+				ClaimSchema:         utils.CreateSchemaHash([]byte("https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld#KYCAgeCredential")),
+				Operator:            1,
+				Value:               []*big.Int{big.NewInt(19960424)},
+				Merklized:           0,
+				SlotIndex:           2,
+				IsRevocationChecked: 1,
+				Timestamp:           now,
+			},
+			loader: &mockJSONLDSchemaLoader{
+				schemas: map[string]string{
+					"https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld": loadSchema("kyc-nonmerklized.jsonld"),
+				},
+			},
+		},
 	}
 
 	for _, tt := range tests {
@@ -669,35 +697,6 @@ func TestCheckRequest_Error(t *testing.T) {
 				},
 			},
 		},
-		{
-			name: "non-merklized credentials are not supported",
-			query: Query{
-				AllowedIssuers: []string{issuerDID},
-				Context:        "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
-				Type:           "KYCCountryOfResidenceCredential",
-				CredentialSubject: map[string]interface{}{
-					"countryCode": map[string]interface{}{
-						"$nin": []interface{}{float64(20)},
-					},
-				},
-			},
-			pubSig: &CircuitOutputs{
-				IssuerID:            &issuerID,
-				ClaimSchema:         utils.CreateSchemaHash([]byte("https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld#KYCCountryOfResidenceCredential")),
-				Operator:            5,
-				Value:               []*big.Int{big.NewInt(20)},
-				Merklized:           0,
-				SlotIndex:           0,
-				IsRevocationChecked: 1,
-				Timestamp:           now,
-			},
-			expErr: errors.New("non-merklized credentials are not supported"),
-			loader: &mockJSONLDSchemaLoader{
-				schemas: map[string]string{
-					"https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld": loadSchema("kyc-v3.json-ld"),
-				},
-			},
-		},
 		{
 			name: "Check revocation is required",
 			query: Query{

diff --git a/testdata/kyc-nonmerklized.jsonld b/testdata/kyc-nonmerklized.jsonld
@@ -0,0 +1,51 @@
+{
+    "@context": [
+      {
+        "@version": 1.1,
+        "@protected": true,
+        "id": "@id",
+        "type": "@type",
+        "KYCAgeCredential": {
+          "@id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld#KYCAgeCredential",
+          "@context": {
+            "@version": 1.1,
+            "@protected": true,
+            "id": "@id",
+            "type": "@type",
+            "iden3_serialization": "iden3:v1:slotIndexA=birthday&slotIndexB=documentType",
+            "kyc-vocab": "https://github.com/iden3/claim-schema-vocab/blob/main/credentials/kyc.md#",
+            "xsd": "http://www.w3.org/2001/XMLSchema#",
+            "birthday": {
+              "@id": "kyc-vocab:birthday",
+              "@type": "xsd:integer"
+            },
+            "documentType": {
+              "@id": "kyc-vocab:documentType",
+              "@type": "xsd:integer"
+            }
+          }
+        },
+        "KYCCountryOfResidenceCredential": {
+          "@id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld#KYCCountryOfResidenceCredential",
+          "@context": {
+            "@version": 1.1,
+            "@protected": true,
+            "id": "@id",
+            "type": "@type",
+            "kyc-vocab": "https://github.com/iden3/claim-schema-vocab/blob/main/credentials/kyc.md#",
+            "iden3_serialization": "iden3:v1:slotIndexA=birthday&slotIndexB=documentType",
+            "xsd": "http://www.w3.org/2001/XMLSchema#",
+            "countryCode": {
+              "@id": "kyc-vocab:countryCode",
+              "@type": "xsd:integer"
+            },
+            "documentType": {
+              "@id": "kyc-vocab:documentType",
+              "@type": "xsd:integer"
+            }
+          }
+        }
+      }
+    ]
+  }
+