Add two claims standards, fix couple of bugs, proceed with happy path flow

Author: adamczykm

minauth-plugins/minauth-verified-zkdocument-plugin/src/claim.ts

@@ -1,7 +1,7 @@
 import { CircuitString, Field, Poseidon } from 'o1js';
 import { z } from 'zod';
 import { ClaimStruct, IClaimStruct } from './data/claims.js';
-import { FieldsSchema } from './data/simple';
+import { FieldsSchema } from './data/simple.js';
 
 export const ClaimStandardSchema = z.object({
   standardId: z.string().min(2),

minauth-plugins/minauth-verified-zkdocument-plugin/src/credential.test.ts

@@ -3,8 +3,8 @@ import {
   CredentialStandardSchema,
   CredentialStandard,
   CredentialSchema,
-  CredentialDataSchema,
-  checkCredentialStandardConformance
+  checkCredentialStandardConformance,
+  CredentialDataSchema
 } from './credential.js';
 
 describe('Credential creation and validation tests', () => {
@@ -31,7 +31,7 @@ describe('Credential creation and validation tests', () => {
     issuanceDate: { unixTimestamp: number };
     expirationDate: { unixTimestamp: number };
     subject: { pubkey: string };
-    credentialSchemaHash: string;
+    credentialStandardHash: string;
   };
 
   let Credential1Raw: {
@@ -58,7 +58,7 @@ describe('Credential creation and validation tests', () => {
     subject: {
       pubkey: string;
     };
-    credentialSchemaHash: string;
+    credentialStandardHash: string;
     signature: {
       signatureBase58: string;
     };
@@ -124,7 +124,7 @@ describe('Credential creation and validation tests', () => {
       subject: {
         pubkey: 'B62qnH2ZHFKinYSMEHCcmu7Z7ijeqRTa6KRHF5KUCXnfDvPkysg5TSL'
       },
-      credentialSchemaHash:
+      credentialStandardHash:
         '17162948422336679126313318026665558372573289127878826905197746632594425837153'
     };
 
@@ -311,7 +311,7 @@ describe('Credential creation and validation tests', () => {
         issuanceDate: any; // Use the actual expected type
         expirationDate: any; // Use the actual expected type
         subject: any; // Use the actual expected type
-        credentialSchemaHash: any; // Use the actual expected type
+        credentialStandardHash: any; // Use the actual expected type
       }
 
       let nonMatchingCredentialRaw: CredentialData = { ...CredentialDataRaw1 };

minauth-plugins/minauth-verified-zkdocument-plugin/src/credential.ts

@@ -1,66 +1,98 @@
-import { CircuitString, Field, Poseidon } from 'o1js';
+import { CircuitString, Field, Poseidon, PrivateKey } from 'o1js';
+import * as o1js from 'o1js';
 import { z } from 'zod';
 import {
   ClaimSchema,
-  ClaimStandard,
   ClaimStandardSchema,
   IClaim,
   claimStandardHash
 } from './claim.js';
 import {
+  CredSubjectId,
   CredSubjectIdSchema,
   IssuerIdSchema,
   VCredIdSchema
 } from './data/ids.js';
 import {
   FieldSchema,
+  SignatureB58,
   SignatureSchema,
   UnixTimestampSchema
 } from './data/simple.js';
 import { arraysAreEqual } from './helpers/utils.js';
+import { Issuer } from './issuer.js';
+import { VCredStruct, VCredStructUnsigned } from './data/vcred.js';
+import { Logger } from 'tslog';
+
+const log = new Logger({ name: 'credential.ts' });
+
+// =============== Credential Trasit Types ==================
+
+// ---------------- Credential Standard  ----------------
 
 export const CredentialStandardSchema = z.object({
   standardId: z.string().min(2),
   description: z.string().min(2),
-  schema: z.record(z.string().min(2), ClaimStandardSchema).refine(
-    (schema) => Object.keys(schema).length > 0,
-    { message: 'Must define at least one claim.' }
-  )
+  schema: z
+    .record(z.string().min(2), ClaimStandardSchema)
+    .refine((schema) => Object.keys(schema).length > 0, {
+      message: 'Must define at least one claim.'
+    })
 });
 
 export type CredentialStandard = z.infer<typeof CredentialStandardSchema>;
 
-export const credentialStandardHash = (standard: CredentialStandard): Field => {
-  const idHash = Poseidon.hash(
-    CircuitString.fromString(standard.standardId).toFields()
-  );
-  const schemaHash = Poseidon.hash(
-    Object.values(standard.schema).map(claimStandardHash)
-  );
-  return Poseidon.hash([idHash, schemaHash]);
-};
+// ---------------- Credential Data  ----------------
 
 export const CredentialDataSchema = z.object({
-  claims: z.record(z.string().min(1), ClaimSchema(z.unknown())).refine(
-    (claims) => Object.keys(claims).length > 0,
-    { message: 'Must define at least one claim.' }
-  ),
+  claims: z
+    .record(z.string().min(1), ClaimSchema(z.unknown()))
+    .refine((claims) => Object.keys(claims).length > 0, {
+      message: 'Must define at least one claim.'
+    }),
   id: VCredIdSchema,
   issuer: IssuerIdSchema,
   issuanceDate: UnixTimestampSchema,
   expirationDate: UnixTimestampSchema,
   subject: CredSubjectIdSchema,
-  credentialSchemaHash: FieldSchema,
+  credentialStandardHash: FieldSchema
 });
 
+export type CredentialData = z.infer<typeof CredentialDataSchema>;
+
+// ---------------- Credential  ----------------
+
 export const CredentialSchema = CredentialDataSchema.extend({
   signature: SignatureSchema
 });
 
-export type CredentialData = z.infer<typeof CredentialDataSchema>;
-
 export type Credential = z.infer<typeof CredentialSchema>;
 
+// =============== To fields-encoded types ===============
+
+export const mkStructCredentialUnsigned = (credential: CredentialData) => {
+  log.debug('Entering mkStructCredentialUnsigned...', credential);
+  return VCredStructUnsigned(
+    Object.values(credential.claims).map((claim) => claim.fieldsValue.length)
+  ).schema.parse({
+    ...credential,
+    claims: Object.values(credential.claims).map((claim) => ({
+      claimValue: claim.fieldsValue
+    }))
+  });
+};
+
+// signed version
+export const mkStructCredential = (credential: Credential) => {
+  return VCredStruct(
+    Object.values(credential.claims).map((claim) => claim.fieldsValue.length)
+  ).schema.parse({
+    ...credential,
+    claims: Object.values(credential.claims).map((claim) => ({
+      claimValue: claim.fieldsValue
+    }))
+  });
+};
 
 export const checkCredentialStandardConformance = (
   credential: Credential,
@@ -85,20 +117,68 @@ export const checkCredentialStandardConformance = (
   return true;
 };
 
+export const credentialStandardHash = (standard: CredentialStandard): Field => {
+  const idHash = Poseidon.hash(
+    CircuitString.fromString(standard.standardId).toFields()
+  );
+  const schemaHash = Poseidon.hash(
+    Object.values(standard.schema).map(claimStandardHash)
+  );
+  return Poseidon.hash([idHash, schemaHash]);
+};
 
+export const verifyAndIssueCredential =
+  (
+    standard: CredentialStandard,
+    credentialData: CredentialData,
+    subject: CredSubjectId,
+    issuer: Issuer
+  ) =>
+  (privateKey: PrivateKey) => {
+    // get fields for the signature
+    log.debug('Entering verifyAndIssueCredential...');
+
+    log.debug('Converting the credential data to o1js fields.');
+    const flds = mkStructCredentialUnsigned(credentialData).toFields();
+
+    log.debug('Creating signature for the fields data');
+    const signature: SignatureB58 = SignatureSchema.parse(
+      o1js.Signature.create(privateKey, flds).toBase58()
+    );
+
+    // create the credential
+
+    log.debug('Parsing the credential with the signature');
+    const credential = CredentialSchema.parse({
+      ...credentialData,
+      signature
+    });
+
+    // check if the credential conforms to the standard
+    log.debug('Checking credential standard conformance...');
+    const check = checkCredentialStandardConformance(credential, standard);
+    if (!check) {
+      throw new Error('Credential does not conform to standard');
+    }
 
-// ==========================================
-// inline tests
+    // additional assertions
+    // issuer pubkey matches the private key
+    if (!issuer.pubkey.equals(privateKey.toPublicKey())) {
+      throw new Error('Issuer pubkey does not match the private key');
+    }
 
-let asd = undefined as unknown as ClaimStandard;
+    // credential subject public key matches the given subject public key
+    if (!credential.subject.pubkey.equals(subject.pubkey)) {
+      throw new Error('Subject does not match the credential subject');
+    }
 
-let cred: CredentialStandard = {
-  standardId: 'personhood1',
-  description: 'Proves that subject is a person',
-  schema: {
-    name: asd
-  }
-};
+    return {
+      credential
+    };
+  };
+
+// ==========================================
+// inline tests
 
 const TypeCheckerTestSchema = ClaimSchema(z.number());
 type TypeCheckerTestType = z.infer<typeof TypeCheckerTestSchema>;

minauth-plugins/minauth-verified-zkdocument-plugin/src/data/simple.ts

@@ -2,6 +2,10 @@ import { Field, PublicKey, Struct, Signature } from 'o1js';
 import { Logger } from 'tslog';
 import { z } from 'zod';
 
+const hexViaFieldBigInt = (x: number | bigint | string) => {
+  return '0x' + (new Field(x)).toBigInt().toString(16);
+}
+
 export const FieldSchemaInt = z.number().int().transform((n) => new Field(BigInt(n)));
 export const FieldSchemaBigInt = z.bigint().transform(Field);
 export const FieldSchemaDec = z.string().regex(/^\d+$/).transform(Field);
@@ -22,6 +26,8 @@ export const SignatureSchema = z
   })
   .transform((o) => Signature.fromBase58(o.signatureBase58));
 
+export type SignatureB58 = z.infer<typeof SignatureSchema>;
+
 export class UnixTimestamp extends Struct({
   unixTimestamp: Field
 }) {

minauth-plugins/minauth-verified-zkdocument-plugin/src/data/vcred.test.ts

@@ -39,7 +39,7 @@ describe('VCredStruct tests', () => {
       }),
       subject: new CredSubjectId({ pubkey: pk2 }),
       claims: mkClaims([claim1, claim2]),
-      credentialSchemaHash: new Field(789)
+      credentialStandardHash: new Field(789)
     };
   };
 
@@ -61,7 +61,7 @@ describe('VCredStruct tests', () => {
         expirationDate: { unixTimestamp: '223123123' },
         subject: { pubkey: pk2s },
         claims: [claim1s, claim2s],
-        credentialSchemaHash: '789'
+        credentialStandardHash: '789'
       });
 
       if (!validation.success) {
@@ -85,7 +85,7 @@ describe('VCredStruct tests', () => {
         }),
         subject: new CredSubjectId({ pubkey: pk2 }),
         claims: mkClaims([claim1, claim2]),
-        credentialSchemaHash: new Field(789),
+        credentialStandardHash: new Field(789),
         signature: Signature.fromBase58('7mX64qh7mUUn5jnWUAAg1o39xwic6vvCq9uwuVSDqTJ7bLD69qtRzn3BzzLu95exgJWxTUUTexdsVv5MFu46RoxrPxF1ZpXE')
       };
     };
@@ -107,7 +107,7 @@ describe('VCredStruct tests', () => {
         expirationDate: { unixTimestamp: '223123123' },
         subject: { pubkey: pk2s },
         claims: [claim1s, claim2s],
-        credentialSchemaHash: '789',
+        credentialStandardHash: '789',
         signature: {signatureBase58: '7mX64qh7mUUn5jnWUAAg1o39xwic6vvCq9uwuVSDqTJ7bLD69qtRzn3BzzLu95exgJWxTUUTexdsVv5MFu46RoxrPxF1ZpXE'}
       });
       if(!validation.success){

minauth-plugins/minauth-verified-zkdocument-plugin/src/data/vcred.ts

@@ -19,21 +19,21 @@ export function VCredStructUnsigned(claimSizes: number[]) {
     expirationDate: UnixTimestamp,
     subject: CredSubjectId,
     claims: ClaimsType,
-    credentialSchemaHash: Field
+    credentialStandardHash: Field
   };
 
   class BaseVCredStruct_ extends Struct(Data) {
     static Fields = Data;
 
-    public toFields() {
+    public toFields(): Field[] {
       return [
-        this.id,
+        ...this.id.toFields(),
         ...this.issuer.toFields(),
-        this.issuanceDate,
-        this.expirationDate,
+        ...this.issuanceDate.toFields(),
+        ...this.expirationDate.toFields(),
         ...this.subject.toFields(),
         ...this.claims.toFields(),
-        this.credentialSchemaHash
+        ...this.credentialStandardHash.toFields()
       ];
     }
 
@@ -45,7 +45,7 @@ export function VCredStructUnsigned(claimSizes: number[]) {
         expirationDate: UnixTimestampSchema,
         subject: CredSubjectIdSchema,
         claims: ClaimsType.schema,
-        credentialSchemaHash: FieldSchema
+        credentialStandardHash: FieldSchema
       });
     }
 
@@ -85,7 +85,7 @@ export function VCredStruct(claimSizes: number[]) {
       return VCredStruct_.dataSchema.transform(
         (data) => new VCredStruct_(data)
       );
-    }
+   }
   }
 
   return VCredStruct_;