Skip to content

Commit

Permalink
feat: add immutables in SismoConnect to allow proxy usage with it (#40)
Browse files Browse the repository at this point in the history
  • Loading branch information
@yum0e
yum0e committed Jul 3, 2023
1 parent d771f12 commit aaa2497
Show file tree
Hide file tree
Showing 3 changed files with 131 additions and 32 deletions.
73 changes: 41 additions & 32 deletions src/libs/sismo-connect/SismoConnectLib.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,18 +17,22 @@ contract SismoConnect {
IAddressesProvider public constant ADDRESSES_PROVIDER_V2 =
IAddressesProvider(0x3Cd5334eB64ebBd4003b72022CC25465f1BFcEe6);

ISismoConnectVerifier internal _sismoConnectVerifier;
ISismoConnectVerifier immutable _sismoConnectVerifier;

// external libraries
AuthRequestBuilder internal _authRequestBuilder;
ClaimRequestBuilder internal _claimRequestBuilder;
SignatureBuilder internal _signatureBuilder;
RequestBuilder internal _requestBuilder;
AuthRequestBuilder immutable _authRequestBuilder;
ClaimRequestBuilder immutable _claimRequestBuilder;
SignatureBuilder immutable _signatureBuilder;
RequestBuilder immutable _requestBuilder;

SismoConnectConfig public config;
// config
bytes16 public immutable APP_ID;
bool public immutable IS_IMPERSONATION_MODE;

constructor(SismoConnectConfig memory _config) {
config = _config;
APP_ID = _config.appId;
IS_IMPERSONATION_MODE = _config.vault.isImpersonationMode;

_sismoConnectVerifier = ISismoConnectVerifier(
ADDRESSES_PROVIDER_V2.get(string("sismoConnectVerifier-v1.1"))
);
Expand All @@ -45,6 +49,11 @@ contract SismoConnect {
_requestBuilder = RequestBuilder(ADDRESSES_PROVIDER_V2.get(string("requestBuilder-v1.1")));
}

// public function because it needs to be used by this contract and can be used by other contracts
function config() public view returns (SismoConnectConfig memory) {
return buildConfig(APP_ID, IS_IMPERSONATION_MODE);
}

function buildConfig(bytes16 appId) internal pure returns (SismoConnectConfig memory) {
return SismoConnectConfig({appId: appId, vault: buildVaultConfig()});
}
Expand Down Expand Up @@ -73,7 +82,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, claim, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -84,7 +93,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, claim, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -95,7 +104,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -106,7 +115,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claim, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -116,7 +125,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -126,7 +135,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claim, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -137,7 +146,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, claim, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -147,7 +156,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, claim);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -157,7 +166,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -167,7 +176,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claim, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -176,7 +185,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auth);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -185,15 +194,15 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claim);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
bytes memory responseBytes,
SismoConnectRequest memory request
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -205,7 +214,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, claims, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -216,7 +225,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, claims, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -227,7 +236,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -238,7 +247,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claims, signature, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -248,7 +257,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -258,7 +267,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claims, namespace);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -269,7 +278,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, claims, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -279,7 +288,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, claims);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -289,7 +298,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -299,7 +308,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claims, signature);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -308,7 +317,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(auths);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function verify(
Expand All @@ -317,7 +326,7 @@ contract SismoConnect {
) internal returns (SismoConnectVerifiedResult memory) {
SismoConnectResponse memory response = abi.decode(responseBytes, (SismoConnectResponse));
SismoConnectRequest memory request = buildRequest(claims);
return _sismoConnectVerifier.verify(response, request, config);
return _sismoConnectVerifier.verify(response, request, config());
}

function buildClaim(
Expand Down
44 changes: 44 additions & 0 deletions test/e2e/SismoConnectE2E.t.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ import {AuthBuilder} from "src/libs/utils/AuthBuilder.sol";
import {ClaimBuilder} from "src/libs/utils/ClaimBuilder.sol";
import {ResponseBuilder, ResponseWithoutProofs} from "test/utils/ResponseBuilderLib.sol";
import {BaseDeploymentConfig} from "script/BaseConfig.sol";
import {TransparentUpgradeableProxy} from "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
import {UpgradeableExample} from "test/misc/UpgradeableExample.sol";

// E2E tests for SismoConnect Solidity Library
// These tests are made with proofs generated from the Vault App
Expand Down Expand Up @@ -301,6 +303,48 @@ contract SismoConnectE2E is HydraS3BaseTest {
sismoConnect.exposed_verify({responseBytes: encodedResponse, request: request});
}

function test_withProxy() public {
SignatureRequest memory signatureRequest = sismoConnect.exposed_buildSignature({
message: abi.encode(user)
});

UpgradeableExample sismoConnectImplem = new UpgradeableExample(
DEFAULT_APP_ID,
DEFAULT_IS_IMPERSONATION_MODE,
0xe9ed316946d3d98dfcd829a53ec9822e
);

TransparentUpgradeableProxy proxy = new TransparentUpgradeableProxy(
address(sismoConnectImplem),
address(1),
abi.encodeWithSelector(
sismoConnectImplem.initialize.selector,
bytes16(0xe9ed316946d3d98dfcd829a53ec9822e)
)
);

UpgradeableExample upgradeable = UpgradeableExample(address(proxy));

(, bytes memory responseEncoded) = hydraS3Proofs.getResponseWithOneClaimAndSignature(
commitmentMapperRegistry
);

upgradeable.exposed_verify({responseBytes: responseEncoded, signature: signatureRequest});

// add an additional groupId in the contract
upgradeable.addGroupId({groupId: 0xff7653240feecd7448150005a95ac86b});

// verify again
// it should throw since the response is the same but another claim request is required
vm.expectRevert(
abi.encodeWithSignature(
"ClaimGroupIdNotFound(bytes16)",
bytes16(0xff7653240feecd7448150005a95ac86b)
)
);
upgradeable.exposed_verify({responseBytes: responseEncoded, signature: signatureRequest});
}

function test_RevertWithInvalidSismoIdentifier() public {
(SismoConnectResponse memory response, ) = hydraS3Proofs
.getResponseWithGitHubAuthWithoutSignature(commitmentMapperRegistry);
Expand Down
46 changes: 46 additions & 0 deletions test/misc/UpgradeableExample.sol
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.17;

import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import "src/libs/sismo-connect/SismoConnectLib.sol";

contract UpgradeableExample is SismoConnect, Initializable {
bytes16[] private _groupIds;

constructor(
bytes16 appId,
bool isImpersonationMode,
bytes16 groupId
) SismoConnect(buildConfig(appId, isImpersonationMode)) {
initialize(groupId);
}

function initialize(bytes16 groupId) public initializer {
_groupIds.push(groupId);
}

function addGroupId(bytes16 groupId) public {
_groupIds.push(groupId);
}

function getGroupIds() public view returns (bytes16[] memory) {
return _groupIds;
}

function exposed_buildSignature(
bytes memory message
) external view returns (SignatureRequest memory) {
return buildSignature(message);
}

function exposed_verify(
bytes memory responseBytes,
SignatureRequest memory signature
) external returns (SismoConnectVerifiedResult memory) {
ClaimRequest[] memory claims = new ClaimRequest[](_groupIds.length);
for (uint256 i = 0; i < _groupIds.length; i++) {
claims[i] = buildClaim(_groupIds[i]);
}
return verify({responseBytes: responseBytes, claims: claims, signature: signature});
}
}

0 comments on commit aaa2497

Please sign in to comment.