Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add anonymous_id and nullifier for uniqueness #15

Merged
merged 2 commits into from
Oct 14, 2024
Merged

add anonymous_id and nullifier for uniqueness #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6449f08
add anonymous_id and nullifier for uniqueness
chabanyknikita Oct 14, 2024
bb135b2
use unique index for: aid and nullifier instead of using unique field…
chabanyknikita Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,6 @@ signature_verification:
pub_key: "04e29323ad356ab524fa5dbe3e490244e741b4d445ac7d2ee5f321556b3fda616bb9d2f2216fc27e099ab3019103cca872679e130629b2b90ea16cedb2b2136371"

poseidonsmt_root_verifier:
rpc: rpc_url
contract: contract_address
rpc: "https://rpc.evm.mainnet.rarimo.com"
contract: "0xA25a197d26Cad659A8fFf7F268cA4F9e0283de03"
request_timeout: 10s
12 changes: 12 additions & 0 deletions internal/assets/migrations/005_anonymousId.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-- +migrate Up
ALTER TABLE verify_users ADD COLUMN anonymous_id TEXT DEFAULT '';
ALTER TABLE verify_users ADD COLUMN nullifier TEXT DEFAULT '';

CREATE UNIQUE INDEX verify_users_anonymous_id_unique ON verify_users(anonymous_id) WHERE anonymous_id != '';
CREATE UNIQUE INDEX verify_users_nullifier_unique ON verify_users(nullifier) WHERE nullifier != '';
-- +migrate Down
ALTER TABLE verify_users DROP COLUMN anonymous_id;
ALTER TABLE verify_users DROP COLUMN nullifier;

DROP INDEX verify_users_anonymous_id_unique;
DROP INDEX verify_users_nullifier_unique;
17 changes: 13 additions & 4 deletions internal/data/pg/verify_users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,8 @@ func (q *VerifyUsersQ) Insert(VerifyUsers *data.VerifyUsers) error {
"sex": VerifyUsers.Sex,
"sex_enable": VerifyUsers.SexEnable,
"nationality_enable": VerifyUsers.NationalityEnable,
"anonymous_id": VerifyUsers.AnonymousID,
"nullifier": VerifyUsers.Nullifier,
})

if err = q.db.Exec(stmt); err != nil {
Expand All @@ -93,10 +95,12 @@ func (q *VerifyUsersQ) Update(VerifyUsers *data.VerifyUsers) error {
err := q.db.Exec(
sq.Update(verifyUsersTableName).
SetMap(map[string]interface{}{
"status": VerifyUsers.Status,
"proof": VerifyUsers.Proof,
"sex": VerifyUsers.Sex,
"nationality": VerifyUsers.Nationality,
"status": VerifyUsers.Status,
"proof": VerifyUsers.Proof,
"sex": VerifyUsers.Sex,
"nationality": VerifyUsers.Nationality,
"anonymous_id": VerifyUsers.AnonymousID,
"nullifier": VerifyUsers.Nullifier,
}).
Where(sq.Eq{userIdColumnName: VerifyUsers.UserID}),
)
Expand Down Expand Up @@ -144,3 +148,8 @@ func (q *VerifyUsersQ) WhereCreatedAtLt(createdAt time.Time) data.VerifyUsersQ {
q.del = q.del.Where(sq.Lt{createdAtColumnName: &createdAt})
return q
}

func (q *VerifyUsersQ) FilterByInternalAID(aid string) data.VerifyUsersQ {
q.sel = q.sel.Where(sq.Eq{"anonymous_id": aid})
return q
}
3 changes: 3 additions & 0 deletions internal/data/verify_users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ type VerifyUsers struct {
Sex string `db:"sex"`
SexEnable bool `db:"sex_enable"`
NationalityEnable bool `db:"nationality_enable"`
AnonymousID string `db:"anonymous_id"`
Nullifier string `db:"nullifier"`
}

type VerifyUsersQ interface {
Expand All @@ -32,4 +34,5 @@ type VerifyUsersQ interface {
WhereID(userId string) VerifyUsersQ
WhereHashID(userId string) VerifyUsersQ
WhereCreatedAtLt(createdAt time.Time) VerifyUsersQ
FilterByInternalAID(aid string) VerifyUsersQ
}
58 changes: 46 additions & 12 deletions internal/service/handlers/verification_callback_light.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,18 +54,6 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
return
}

verifiedUser, err := VerifyUsersQ(r).WhereHashID(userIDHash).Get()
if err != nil {
Log(r).WithError(err).Errorf("failed to get user with userHashID [%s]", userIDHash)
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
if verifiedUser == nil {
Log(r).Error("user not found or eventData != userHashID")
ape.RenderErr(w, problems.NotFound())
return
}

userIDHashDecimal, ok := new(big.Int).SetString(pubSignals[10], 10)
if !ok {
Log(r).Error("failed to parse event data")
Expand All @@ -89,6 +77,45 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
return
}

nullifier, ok := new(big.Int).SetString(pubSignals[0], 10)
if !ok {
Log(r).Error("failed to parse nullifier")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
var nullifierBytes [32]byte
nullifier.FillBytes(nullifierBytes[:])
nullifierHex := hex.EncodeToString(nullifierBytes[:])

anonymousID, ok := new(big.Int).SetString(pubSignals[11], 10)
if !ok {
Log(r).Error("failed to parse anonymous_id")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
var anonymousIDBytes [32]byte
anonymousID.FillBytes(anonymousIDBytes[:])
anonymousIDHex := hex.EncodeToString(anonymousIDBytes[:])

byAnonymousID, err := VerifyUsersQ(r).FilterByInternalAID(anonymousIDHex).Get()
if err != nil {
Log(r).Error("Failed to get user by anonymous_id")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}

verifiedUser, err := VerifyUsersQ(r).WhereHashID(userIDHash).Get()
if err != nil {
Log(r).WithError(err).Errorf("failed to get user with userHashID [%s]", userIDHash)
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
if verifiedUser == nil {
Log(r).Error("user not found or eventData != userHashID")
ape.RenderErr(w, problems.NotFound())
return
}

if verifiedUser.Nationality == "" && pubSignals[6] != "0" {
verifiedUser.Nationality = nationality
}
Expand All @@ -97,6 +124,13 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
}

verifiedUser.Status = "verified"
if byAnonymousID != nil && byAnonymousID.UserIDHash != verifiedUser.UserIDHash {
Log(r).WithError(err).Errorf("User with anonymous_id [%s] but a different userIDHash already exists", anonymousIDHex)
verifiedUser.Status = "failed_verification"
} else {
verifiedUser.Nullifier = nullifierHex
verifiedUser.AnonymousID = anonymousIDHex
}
if eventData != userIDHash {
Log(r).WithError(err).Errorf("failed to verify user: EventData from pub-signals [%s] != userIdHash from db [%s]", eventData, userIDHash)
verifiedUser.Status = "failed_verification"
Expand Down
Loading