add pub signals validation (#12)

* add pub signals validation

* change pubsignal nationality -> citizenship

internal/data/pg/verify_users.go

@@ -92,8 +92,10 @@ func (q *VerifyUsersQ) Update(VerifyUsers *data.VerifyUsers) error {
 	err := q.db.Exec(
 		sq.Update(verifyUsersTableName).
 			SetMap(map[string]interface{}{
-				"status": VerifyUsers.Status,
-				"proof":  VerifyUsers.Proof,
+				"status":      VerifyUsers.Status,
+				"proof":       VerifyUsers.Proof,
+				"sex":         VerifyUsers.Sex,
+				"nationality": VerifyUsers.Nationality,
 			}).
 			Where(sq.Eq{userIdColumnName: VerifyUsers.UserID}),
 	)

internal/service/handlers/helpers/proof_params.go

@@ -8,6 +8,7 @@ import (
 	zk "github.com/rarimo/zkverifier-kit"
 	"github.com/status-im/keycard-go/hexutils"
 	"math/big"
+	"strconv"
 	"time"
 )
 
@@ -63,6 +64,17 @@ func Utf8ToHex(input string) string {
 	return fmt.Sprintf("0x%s", hexString)
 }
 
+func DecimalToHexToUtf8(input string) (string, error) {
+	inputDecimal, err := strconv.Atoi(input)
+	if err != nil {
+		return "", fmt.Errorf("failde to convert input string to decimal: %w", err)
+
+	}
+	inputUtf8 := string(hexutils.HexToBytes(strconv.FormatInt(int64(inputDecimal), 16)))
+
+	return inputUtf8, nil
+}
+
 func CalculateBirthDateHex(ageLowerBound int) string {
 	allowedBirthDate := time.Now().UTC().AddDate(-ageLowerBound, 0, 0)
 	formattedDate := []byte(allowedBirthDate.Format(BirthDateFormat))

internal/service/handlers/verification_callback_light.go

@@ -2,13 +2,15 @@ package handlers
 
 import (
 	"encoding/hex"
+	"fmt"
 	"github.com/ethereum/go-ethereum/crypto/secp256k1"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/rarimo/verificator-svc/internal/service/handlers/helpers"
 	"github.com/rarimo/verificator-svc/internal/service/requests"
 	"github.com/rarimo/verificator-svc/internal/service/responses"
 	"gitlab.com/distributed_lab/ape"
 	"gitlab.com/distributed_lab/ape/problems"
+	"math/big"
 	"net/http"
 )
 
@@ -57,21 +59,46 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	//if pubSignals[10] != userIDHash {
-	//	Log(r).Error("failed to verify eventData")
-	//	ape.RenderErr(w, problems.NotFound())
-	//	return
-	//}
-	//if pubSignals[22] == "0" && pubSignals[22] != verifiedUser.Nationality {
-	//	Log(r).Error("failed to verify citizenship")
-	//	ape.RenderErr(w, problems.NotFound())
-	//	return
-	//}
-	//if verifiedUser.SexEnable && pubSignals[7] == "0" {
-	//	Log(r).Error("failed to verify sex")
-	//	ape.RenderErr(w, problems.NotFound())
-	//	return
-	//}
+	userIDHashDecimal, _ := new(big.Int).SetString(pubSignals[10], 10)
+	var eventDataBytes [32]byte
+	userIDHashDecimal.FillBytes(eventDataBytes[:])
+
+	eventData := fmt.Sprintf("0x%s", hex.EncodeToString(eventDataBytes[:]))
+	nationality, err := helpers.DecimalToHexToUtf8(pubSignals[6])
+	if err != nil {
+		Log(r).Error("failed to convert nationality from decimal to UTF8")
+		ape.RenderErr(w, problems.BadRequest(err)...)
+		return
+	}
+	sex, err := helpers.DecimalToHexToUtf8(pubSignals[7])
+	if err != nil {
+		Log(r).Error("failed to convert sex from decimal to UTF8")
+		ape.RenderErr(w, problems.BadRequest(err)...)
+		return
+	}
+
+	if verifiedUser.Nationality == "" && pubSignals[6] != "0" {
+		verifiedUser.Nationality = nationality
+	}
+	if verifiedUser.Sex == "" && pubSignals[7] != "0" {
+		verifiedUser.Sex = sex
+	}
+
+	if eventData != userIDHash {
+		Log(r).Error("failed to verify eventData")
+		ape.RenderErr(w, problems.BadRequest(err)...)
+		return
+	}
+	if verifiedUser.Nationality != nationality {
+		Log(r).Error("failed to verify citizenship")
+		ape.RenderErr(w, problems.BadRequest(err)...)
+		return
+	}
+	if verifiedUser.Sex != sex {
+		Log(r).Error("failed to verify sex")
+		ape.RenderErr(w, problems.BadRequest(err)...)
+		return
+	}
 
 	verificationStatus := secp256k1.VerifySignature(pubKey, pubSignalsHash, signature[:64])
 	if verificationStatus {