Skip to content

Commit

Permalink
did fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@poppyseedDev
poppyseedDev committed Dec 14, 2024
1 parent 4fc194e commit 7af8675
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 42 deletions.
24 changes: 21 additions & 3 deletions hardhat/contracts/decIdentity/Diploma.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ contract Diploma is SepoliaZamaFHEVMConfig, AccessControl {
/// @notice Thrown when claim generation fails, includes failure data
/// @param data The error data returned from the failed claim generation
error ClaimGenerationFailed(bytes data);
error InvalidField();

/// @dev Structure to hold encrypted diploma data
struct DiplomaData {
Expand Down Expand Up @@ -195,12 +196,29 @@ contract Diploma is SepoliaZamaFHEVMConfig, AccessControl {
* @param claimAddress Address of the claim contract
* @param claimFn Function signature to call on claim contract
*/
function generateClaim(address claimAddress, string memory claimFn) public {
function generateClaim(address claimAddress, string memory claimFn, string[] memory fields) public {
/// @dev Only the msg.sender that is registered under the user ID can make the claim
uint256 userId = idMapping.getId(msg.sender);

/// @dev Grant temporary access for graduate's data to be used in claim generation
TFHE.allowTransient(diplomaRecords[userId].degree, claimAddress);
ebytes128 test = TFHE.randEbytes128();
TFHE.isInitialized(test);

/// @dev Grant temporary access for each requested field
for (uint i = 0; i < fields.length; i++) {
if (bytes(fields[i]).length == 0) revert InvalidField();

if (keccak256(bytes(fields[i])) == keccak256(bytes("id"))) {
TFHE.allowTransient(diplomaRecords[userId].id, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("degree"))) {
TFHE.allowTransient(diplomaRecords[userId].degree, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("university"))) {
TFHE.allowTransient(diplomaRecords[userId].university, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("grade"))) {
TFHE.allowTransient(diplomaRecords[userId].grade, claimAddress);
} else {
revert InvalidField();
}
}

/// @dev Attempt the external call and capture the result
(bool success, bytes memory data) = claimAddress.call(abi.encodeWithSignature(claimFn, userId));
Expand Down
29 changes: 9 additions & 20 deletions hardhat/contracts/decIdentity/PassportID.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,26 +185,6 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
return citizenIdentities[userId].firstname;
}

/**
* @notice Generates a verification claim using the user's identity data
* @dev Temporarily grants claim contract access to required encrypted data
* @param claimAddress Contract address that will process the claim
* @param claimFn Function signature in the claim contract to call
* @custom:throws AccessNotPermitted if sender lacks permission to access data
* @custom:throws ClaimGenerationFailed if external claim call fails
*/
function generateClaim(address claimAddress, string memory claimFn) public {
/// @dev Only the msg.sender that is registered under the user ID can make the claim
uint256 userId = idMapping.getId(msg.sender);

/// @dev Grant temporary access for citizen's birthdate to be used in claim generation
TFHE.allowTransient(citizenIdentities[userId].birthdate, claimAddress);

/// @dev Attempt the external call and capture the result
(bool success, bytes memory data) = claimAddress.call(abi.encodeWithSignature(claimFn, userId));
if (!success) revert ClaimGenerationFailed(data);
}

/**
* @notice Generates a verification claim using the user's identity data
* @dev Temporarily grants claim contract access to required encrypted data
Expand All @@ -217,6 +197,9 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
/// @dev Only the msg.sender that is registered under the user ID can make the claim
uint256 userId = idMapping.getId(msg.sender);

ebytes128 test = TFHE.randEbytes128();
TFHE.isInitialized(test);

/// @dev Grant temporary access for each requested field
for (uint i = 0; i < fields.length; i++) {
if (bytes(fields[i]).length == 0) revert InvalidField();
Expand All @@ -225,6 +208,12 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
TFHE.allowTransient(citizenIdentities[userId].id, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("birthdate"))) {
TFHE.allowTransient(citizenIdentities[userId].birthdate, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("biodata"))) {
TFHE.allowTransient(citizenIdentities[userId].biodata, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("firstname"))) {
TFHE.allowTransient(citizenIdentities[userId].firstname, claimAddress);
} else if (keccak256(bytes(fields[i])) == keccak256(bytes("lastname"))) {
TFHE.allowTransient(citizenIdentities[userId].lastname, claimAddress);
} else {
revert InvalidField();
}
Expand Down
2 changes: 1 addition & 1 deletion hardhat/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"ethers": "^6.8.0",
"express": "^4.21.2",
"extra-bigint": "^1.1.18",
"fhevm": "^0.6.1",
"fhevm": "^0.6.2",
"fhevm-contracts": "^0.2.1",
"fhevm-core-contracts": "^0.6.1",
"fhevmjs": "^0.6.1",
Expand Down
22 changes: 15 additions & 7 deletions hardhat/test/decIdentity/diploma.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ describe("Diploma", function () {

const tx = await diplomaID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)");
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)", ["degree"]);

await expect(tx).to.emit(employerClaim, "DegreeClaimGenerated");

Expand Down Expand Up @@ -206,7 +206,7 @@ describe("Diploma", function () {

const degreeTx = await diplomaID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)");
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)", ["degree"]);

await expect(degreeTx).to.emit(employerClaim, "DegreeClaimGenerated");

Expand All @@ -217,7 +217,7 @@ describe("Diploma", function () {

const adultTx = await passportID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)");
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)", ["birthdate"]);

await expect(adultTx).to.emit(employerClaim, "AdultClaimGenerated");

Expand Down Expand Up @@ -257,12 +257,16 @@ describe("Diploma", function () {
it("should not allow generating claims without a registered ID", async function () {
// Try to generate degree claim without registering ID first
await expect(
diplomaID.connect(this.signers.alice).generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)"),
diplomaID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)", ["degree"]),
).to.be.revertedWithCustomError(idMapping, "NoIdGenerated");

// Try to generate adult claim without registering ID first
await expect(
passportID.connect(this.signers.alice).generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)"),
passportID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)", ["birthdate"]),
).to.be.revertedWithCustomError(idMapping, "NoIdGenerated");
});

Expand All @@ -273,12 +277,16 @@ describe("Diploma", function () {

// Try to generate degree claim without registering diploma
await expect(
diplomaID.connect(this.signers.alice).generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)"),
diplomaID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateDegreeClaim(uint256)", ["degree"]),
).to.be.revertedWith("sender isn't allowed");

// Try to generate adult claim without registering identity
await expect(
passportID.connect(this.signers.alice).generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)"),
passportID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)", ["birthdate"]),
).to.be.revertedWith("sender isn't allowed");
});

Expand Down
13 changes: 2 additions & 11 deletions hardhat/test/decIdentity/passportID.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,15 +75,6 @@ describe("PassportID", function () {
);
}

// Helper function to setup reencryption
async function setupReencryption(instance: FhevmInstance, signer: HardhatEthersSigner, contractAddress: string) {
const { publicKey, privateKey } = instance.generateKeypair();
const eip712 = instance.createEIP712(publicKey, contractAddress);
const signature = await signer.signTypedData(eip712.domain, { Reencrypt: eip712.types.Reencrypt }, eip712.message);

return { publicKey, privateKey, signature: signature.replace("0x", "") };
}

// Test case: Register an identity successfully
it("should register an identity successfully", async function () {
await idMapping.connect(this.signers.alice).generateId();
Expand All @@ -107,7 +98,7 @@ describe("PassportID", function () {
});

// Test case: Retrieve the registered identity
it("should retrieve the registered identity", async function () {
it.only("should retrieve the registered identity", async function () {
await idMapping.connect(this.signers.alice).generateId();
const userId = await idMapping.getId(this.signers.alice);

Expand All @@ -134,7 +125,7 @@ describe("PassportID", function () {

const tx = await passportID
.connect(this.signers.alice)
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)");
.generateClaim(this.employerClaimAddress, "generateAdultClaim(uint256)", ["birthdate"]);

await expect(tx).to.emit(employerClaim, "AdultClaimGenerated");

Expand Down

0 comments on commit 7af8675

Please sign in to comment.