supportSdOperator param (not opts)

iden3 · Dec 19, 2023 · c54f437 · c54f437
1 parent 644b1b0
commit c54f437
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 20 deletions.
diff --git a/pubsignals/atomicMtpV2.go b/pubsignals/atomicMtpV2.go
@@ -40,7 +40,7 @@ func (c *AtomicQueryMTPV2) VerifyQuery(
 		ClaimPathNotExists:  c.ClaimPathNotExists,
 		ValueArraySize:      c.ValueArraySize,
 		IsRevocationChecked: c.IsRevocationChecked,
-	}, verifiablePresentation, opts...)
+	}, verifiablePresentation, false, opts...)
 }
 
 // VerifyStates verifies user state and issuer claim issuance state in the smart contract.

diff --git a/pubsignals/atomicSigV2.go b/pubsignals/atomicSigV2.go
@@ -40,7 +40,7 @@ func (c *AtomicQuerySigV2) VerifyQuery(
 		ClaimPathNotExists:  c.ClaimPathNotExists,
 		ValueArraySize:      c.ValueArraySize,
 		IsRevocationChecked: c.IsRevocationChecked,
-	}, verifiablePresentation, opts...)
+	}, verifiablePresentation, false, opts...)
 	if err != nil {
 		return err
 	}

diff --git a/pubsignals/atomicV3.go b/pubsignals/atomicV3.go
@@ -29,7 +29,6 @@ func (c *AtomicQueryV3) VerifyQuery(
 	params map[string]interface{},
 	opts ...VerifyOpt,
 ) error {
-	opts = append(opts, WithSupportSdOperator(true))
 	err := query.Check(ctx, schemaLoader, &CircuitOutputs{
 		IssuerID:            c.IssuerID,
 		ClaimSchema:         c.ClaimSchema,
@@ -49,7 +48,7 @@ func (c *AtomicQueryV3) VerifyQuery(
 		OperatorOutput:     c.OperatorOutput,
 		Nullifier:          c.Nullifier,
 		ProofType:          c.ProofType,
-	}, verifiablePresentation, opts...)
+	}, verifiablePresentation, true, opts...)
 	if err != nil {
 		return err
 	}

diff --git a/pubsignals/query.go b/pubsignals/query.go
@@ -102,6 +102,7 @@ func (q Query) Check(
 	loader ld.DocumentLoader,
 	pubSig *CircuitOutputs,
 	verifiablePresentation json.RawMessage,
+	supportSdOperator bool,
 	opts ...VerifyOpt,
 ) error {
 	if err := q.verifyIssuer(pubSig); err != nil {
@@ -128,7 +129,7 @@ func (q Query) Check(
 	}
 
 	if err := q.verifyCredentialSubject(pubSig, verifiablePresentation,
-		schemaBytes, loader, cfg.SupportSdOperator); err != nil {
+		schemaBytes, loader, supportSdOperator); err != nil {
 		return err
 	}
 
@@ -306,8 +307,14 @@ func (q Query) validateDisclosure(ctx context.Context, pubSig *CircuitOutputs,
 				return errors.New("selective disclosure not available for array of values")
 			}
 		}
-	} else if pubSig.Operator != circuits.SD {
-		return errors.New("invalid pub signal operator for selective disclosure")
+	} else {
+		if pubSig.Operator != circuits.SD {
+			return errors.New("invalid pub signal operator for selective disclosure")
+		}
+
+		if pubSig.OperatorOutput == nil || pubSig.OperatorOutput == big.NewInt(0) {
+			return errors.New("operator output should be not null or empty")
+		}
 	}
 
 	mz, err := merklize.MerklizeJSONLD(ctx,

diff --git a/pubsignals/query_test.go b/pubsignals/query_test.go
@@ -289,7 +289,7 @@ func TestCheckRequest_Success(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, tt.vp)
+			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, tt.vp, false)
 			require.NoError(t, err)
 			tt.loader.assert(t)
 		})
@@ -501,7 +501,7 @@ func TestCheckRequest_SelectiveDisclosure_Error(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, tt.vp)
+			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, tt.vp, false)
 			require.EqualError(t, err, tt.expErr.Error())
 			tt.loader.assert(t)
 		})
@@ -791,7 +791,7 @@ func TestCheckRequest_Error(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, nil)
+			err := tt.query.Check(context.Background(), tt.loader, tt.pubSig, nil, false)
 			require.EqualError(t, err, tt.expErr.Error())
 			tt.loader.assert(t)
 		})

diff --git a/pubsignals/verifyopts.go b/pubsignals/verifyopts.go
@@ -5,9 +5,9 @@ import (
 )
 
 var (
-	defaultAuthVerifyOpts  = VerifyConfig{AcceptedStateTransitionDelay: time.Minute * 5, SupportSdOperator: false}
+	defaultAuthVerifyOpts  = VerifyConfig{AcceptedStateTransitionDelay: time.Minute * 5}
 	defaultProofVerifyOpts = VerifyConfig{AcceptedStateTransitionDelay: time.Hour,
-		AcceptedProofGenerationDelay: time.Hour * 24, SupportSdOperator: false}
+		AcceptedProofGenerationDelay: time.Hour * 24}
 )
 
 // WithAcceptedStateTransitionDelay sets the delay of the revoked state.
@@ -24,13 +24,6 @@ func WithAcceptedProofGenerationDelay(duration time.Duration) VerifyOpt {
 	}
 }
 
-// WithSupportSdOperator sets the flag of supporting SD operator (v3) or replacing it to EQ (v2).
-func WithSupportSdOperator(supportSdOperator bool) VerifyOpt {
-	return func(v *VerifyConfig) {
-		v.SupportSdOperator = supportSdOperator
-	}
-}
-
 // VerifyOpt sets options.
 type VerifyOpt func(v *VerifyConfig)
 
@@ -39,7 +32,6 @@ type VerifyConfig struct {
 	// is the period of time that a revoked state remains valid.
 	AcceptedStateTransitionDelay time.Duration
 	AcceptedProofGenerationDelay time.Duration
-	SupportSdOperator            bool
 }
 
 // ParamNameVerifierDID is a verifier did - specific  circuit param for V3, but can be utilized by other circuits