From 5538f3921dcbf4a2bfe7a0f10f1bce777905ca97 Mon Sep 17 00:00:00 2001 From: chabanyknikita <92546152+chabanyknikita@users.noreply.github.com> Date: Mon, 30 Sep 2024 11:50:09 +0300 Subject: [PATCH] add pub signals validation (#12) * add pub signals validation * change pubsignal nationality -> citizenship --- internal/data/pg/verify_users.go | 6 +- .../service/handlers/helpers/proof_params.go | 12 ++++ .../handlers/verification_callback_light.go | 57 ++++++++++++++----- 3 files changed, 58 insertions(+), 17 deletions(-) diff --git a/internal/data/pg/verify_users.go b/internal/data/pg/verify_users.go index eeba41a..3080fad 100644 --- a/internal/data/pg/verify_users.go +++ b/internal/data/pg/verify_users.go @@ -92,8 +92,10 @@ func (q *VerifyUsersQ) Update(VerifyUsers *data.VerifyUsers) error { err := q.db.Exec( sq.Update(verifyUsersTableName). SetMap(map[string]interface{}{ - "status": VerifyUsers.Status, - "proof": VerifyUsers.Proof, + "status": VerifyUsers.Status, + "proof": VerifyUsers.Proof, + "sex": VerifyUsers.Sex, + "nationality": VerifyUsers.Nationality, }). Where(sq.Eq{userIdColumnName: VerifyUsers.UserID}), ) diff --git a/internal/service/handlers/helpers/proof_params.go b/internal/service/handlers/helpers/proof_params.go index bfe9d17..85bd224 100644 --- a/internal/service/handlers/helpers/proof_params.go +++ b/internal/service/handlers/helpers/proof_params.go @@ -8,6 +8,7 @@ import ( zk "github.com/rarimo/zkverifier-kit" "github.com/status-im/keycard-go/hexutils" "math/big" + "strconv" "time" ) @@ -63,6 +64,17 @@ func Utf8ToHex(input string) string { return fmt.Sprintf("0x%s", hexString) } +func DecimalToHexToUtf8(input string) (string, error) { + inputDecimal, err := strconv.Atoi(input) + if err != nil { + return "", fmt.Errorf("failde to convert input string to decimal: %w", err) + + } + inputUtf8 := string(hexutils.HexToBytes(strconv.FormatInt(int64(inputDecimal), 16))) + + return inputUtf8, nil +} + func CalculateBirthDateHex(ageLowerBound int) string { allowedBirthDate := time.Now().UTC().AddDate(-ageLowerBound, 0, 0) formattedDate := []byte(allowedBirthDate.Format(BirthDateFormat)) diff --git a/internal/service/handlers/verification_callback_light.go b/internal/service/handlers/verification_callback_light.go index bb213d6..077171f 100644 --- a/internal/service/handlers/verification_callback_light.go +++ b/internal/service/handlers/verification_callback_light.go @@ -2,6 +2,7 @@ package handlers import ( "encoding/hex" + "fmt" "github.com/ethereum/go-ethereum/crypto/secp256k1" "github.com/ethereum/go-ethereum/log" "github.com/rarimo/verificator-svc/internal/service/handlers/helpers" @@ -9,6 +10,7 @@ import ( "github.com/rarimo/verificator-svc/internal/service/responses" "gitlab.com/distributed_lab/ape" "gitlab.com/distributed_lab/ape/problems" + "math/big" "net/http" ) @@ -57,21 +59,46 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) { return } - //if pubSignals[10] != userIDHash { - // Log(r).Error("failed to verify eventData") - // ape.RenderErr(w, problems.NotFound()) - // return - //} - //if pubSignals[22] == "0" && pubSignals[22] != verifiedUser.Nationality { - // Log(r).Error("failed to verify citizenship") - // ape.RenderErr(w, problems.NotFound()) - // return - //} - //if verifiedUser.SexEnable && pubSignals[7] == "0" { - // Log(r).Error("failed to verify sex") - // ape.RenderErr(w, problems.NotFound()) - // return - //} + userIDHashDecimal, _ := new(big.Int).SetString(pubSignals[10], 10) + var eventDataBytes [32]byte + userIDHashDecimal.FillBytes(eventDataBytes[:]) + + eventData := fmt.Sprintf("0x%s", hex.EncodeToString(eventDataBytes[:])) + nationality, err := helpers.DecimalToHexToUtf8(pubSignals[6]) + if err != nil { + Log(r).Error("failed to convert nationality from decimal to UTF8") + ape.RenderErr(w, problems.BadRequest(err)...) + return + } + sex, err := helpers.DecimalToHexToUtf8(pubSignals[7]) + if err != nil { + Log(r).Error("failed to convert sex from decimal to UTF8") + ape.RenderErr(w, problems.BadRequest(err)...) + return + } + + if verifiedUser.Nationality == "" && pubSignals[6] != "0" { + verifiedUser.Nationality = nationality + } + if verifiedUser.Sex == "" && pubSignals[7] != "0" { + verifiedUser.Sex = sex + } + + if eventData != userIDHash { + Log(r).Error("failed to verify eventData") + ape.RenderErr(w, problems.BadRequest(err)...) + return + } + if verifiedUser.Nationality != nationality { + Log(r).Error("failed to verify citizenship") + ape.RenderErr(w, problems.BadRequest(err)...) + return + } + if verifiedUser.Sex != sex { + Log(r).Error("failed to verify sex") + ape.RenderErr(w, problems.BadRequest(err)...) + return + } verificationStatus := secp256k1.VerifySignature(pubKey, pubSignalsHash, signature[:64]) if verificationStatus {