Ⓜ️ Add HumanID authentication process (#17) (#18)

Ⓜ️  Add HumanID authentication process (fixes #17)

Author: oemerfurkan

mina/examples/Airdrop.test.ts

@@ -1,13 +1,14 @@
 import {
   AccountUpdate,
+  Bool,
   Field,
   MerkleTree,
   Mina,
   PrivateKey,
   Signature,
   UInt64
 } from "o1js";
-import { HumanIDWitness, Signatures } from "../humanIDv1";
+import { HumanIDWitness, Signatures, authenticate } from "../humanIDv1";
 import { Airdrop } from "./Airdrop";
 
 describe('Example Airdrop zkApp', () => {
@@ -17,10 +18,25 @@ describe('Example Airdrop zkApp', () => {
   const sender = senderKey.toPublicKey();
   const appKey = PrivateKey.random();
   const appAddr = appKey.toPublicKey();
+  const id1 = Field(1);
+  const id2 = Field(2);
+  const privKey1 = PrivateKey.fromBigInt(1n);
+  const privKey2 = PrivateKey.fromBigInt(2n);
+  const privKey3 = PrivateKey.fromBigInt(3n);
   const sigs = new Signatures({
-    sig1: Signature.create(senderKey, [Field(1)]),
-    sig2: Signature.create(senderKey, [Field(2)]),
-    sig3: Signature.create(senderKey, [Field(3)])
+    sig1: Signature.create(privKey1, [Field(100), sender.x.add(sender.isOdd.toField())]),
+    sig2: Signature.create(privKey2, [Field(100), sender.x.add(sender.isOdd.toField())]),
+    sig3: Signature.create(privKey3, [Field(100), sender.x.add(sender.isOdd.toField())])
+  });
+  const sigs1 = new Signatures({
+    sig1: Signature.create(privKey1, [id1, sender.x.add(sender.isOdd.toField())]),
+    sig2: Signature.create(privKey2, [id1, sender.x.add(sender.isOdd.toField())]),
+    sig3: Signature.create(privKey3, [id1, sender.x.add(sender.isOdd.toField())])
+  });
+  const sigs2 = new Signatures({
+    sig1: Signature.create(privKey1, [id2, sender.x.add(sender.isOdd.toField())]),
+    sig2: Signature.create(privKey2, [id2, sender.x.add(sender.isOdd.toField())]),
+    sig3: Signature.create(privKey3, [id2, sender.x.add(sender.isOdd.toField())])
   });
   let tree: MerkleTree;
   let app: Airdrop;
@@ -49,6 +65,11 @@ describe('Example Airdrop zkApp', () => {
   }).then((txn) => txn.prove())
     .then((txn) => txn.sign([deployerKey, appKey]).send())
 
+  it('should verify signatures', () => {
+    authenticate(id1, sigs1, sender);
+    authenticate(id2, sigs2, sender);
+  })
+
   it('should deploy the app and fund it', async () => {
     await deploy();
     await fundZkApp();
@@ -71,9 +92,14 @@ describe('Example Airdrop zkApp', () => {
 
     const id1 = 123123123123123123123123123123n;
     const truncatedId1 = id1 & 0xFFFFFFFFn;
+    const sigsTest1 = new Signatures({
+      sig1: Signature.create(privKey1, [Field(id1), sender.x.add(sender.isOdd.toField())]),
+      sig2: Signature.create(privKey2, [Field(id1), sender.x.add(sender.isOdd.toField())]),
+      sig3: Signature.create(privKey3, [Field(id1), sender.x.add(sender.isOdd.toField())])
+    });
     await Mina.transaction(
       sender,
-      () => app.claimReward(Field(id1), sigs, new HumanIDWitness(tree.getWitness(truncatedId1)))
+      () => app.claimReward(Field(id1), sigsTest1, new HumanIDWitness(tree.getWitness(truncatedId1)))
     )
       .then((txn) => txn.prove())
       .then((txn) => txn.sign([senderKey]).send());
@@ -82,9 +108,14 @@ describe('Example Airdrop zkApp', () => {
 
     const id2 = 123123123123123123123123123124n;
     const truncatedId2 = id2 & 0xFFFFFFFFn;
+    const sigsTest2 = new Signatures({
+      sig1: Signature.create(privKey1, [Field(id2), sender.x.add(sender.isOdd.toField())]),
+      sig2: Signature.create(privKey2, [Field(id2), sender.x.add(sender.isOdd.toField())]),
+      sig3: Signature.create(privKey3, [Field(id2), sender.x.add(sender.isOdd.toField())])
+    });
     await Mina.transaction(
       sender,
-      () => app.claimReward(Field(id2), sigs, new HumanIDWitness(tree.getWitness(truncatedId2)))
+      () => app.claimReward(Field(id2), sigsTest2, new HumanIDWitness(tree.getWitness(truncatedId2)))
     )
       .then((txn) => txn.prove())
       .then((txn) => txn.sign([senderKey]).send());
@@ -94,9 +125,14 @@ describe('Example Airdrop zkApp', () => {
     await deploy();
     await fundZkApp();
 
+    const sigsTest3 = new Signatures({
+      sig1: Signature.create(privKey1, [Field(123123123123123n), sender.x.add(sender.isOdd.toField())]),
+      sig2: Signature.create(privKey2, [Field(123123123123123n), sender.x.add(sender.isOdd.toField())]),
+      sig3: Signature.create(privKey3, [Field(123123123123123n), sender.x.add(sender.isOdd.toField())])
+    });
     await expect(() => Mina.transaction(
       sender,
-      () => app.claimReward(Field(123123123123123n), sigs, new HumanIDWitness(tree.getWitness(100n)))
+      () => app.claimReward(Field(123123123123123n), sigsTest3, new HumanIDWitness(tree.getWitness(100n)))
     )
       .then((txn) => txn.prove())
       .then((txn) => txn.sign([senderKey]).send())).rejects.toThrow(/does not match the witness/);

mina/examples/Airdrop.ts

@@ -31,7 +31,7 @@ class Airdrop extends SmartContract {
     sigs: Signatures,
     witness: HumanIDWitness,
   ) {
-    acceptHumanIDv1(humanIDv1, sigs, this.treeRoot, witness);
+    acceptHumanIDv1(humanIDv1, sigs, this.treeRoot, witness, this.sender.getAndRequireSignature());
     this.send({ to: this.sender.getUnconstrained(), amount: 10 * MINA });
   }
 }

mina/humanIDv1.ts

@@ -1,12 +1,27 @@
-import { Field, MerkleWitness, Signature, State, Struct } from "o1js";
+import {
+  Field,
+  MerkleWitness,
+  PrivateKey,
+  PublicKey,
+  Signature,
+  State,
+  Struct,
+} from "o1js";
 
 class Signatures extends Struct({
   sig1: Signature,
   sig2: Signature,
-  sig3: Signature
-}) { }
+  sig3: Signature,
+}) {}
 
-class HumanIDWitness extends MerkleWitness(33) { }
+const node1PrivKey = PrivateKey.fromBigInt(1n);
+const node1PublicKey = node1PrivKey.toPublicKey();
+const node2PrivKey = PrivateKey.fromBigInt(2n);
+const node2PublicKey = node2PrivKey.toPublicKey();
+const node3PrivKey = PrivateKey.fromBigInt(3n);
+const node3PublicKey = node3PrivKey.toPublicKey();
+
+class HumanIDWitness extends MerkleWitness(33) {}
 
 const addToMerkleTree = (treeRoot: State<Field>, witness: HumanIDWitness) => {
   const currentTreeRoot = treeRoot.getAndRequireEquals();
@@ -15,34 +30,45 @@ const addToMerkleTree = (treeRoot: State<Field>, witness: HumanIDWitness) => {
     "HumanID already exists in the set"
   );
   treeRoot.set(witness.calculateRoot(Field(1)));
-}
+};
 
-const authenticate = (humanIDv1: Field, sigs: Signatures) => {
-  // TODO(KimlikDAO-bot)
-  return true;
-}
+const authenticate = (
+  humanIDv1: Field,
+  sigs: Signatures,
+  claimant: PublicKey
+) => {
+    sigs.sig1.verify(node1PublicKey, [humanIDv1, claimant.x.add(claimant.isOdd.toField())]).assertTrue();
+    sigs.sig2.verify(node2PublicKey, [humanIDv1, claimant.x.add(claimant.isOdd.toField())]).assertTrue();
+    sigs.sig3.verify(node3PublicKey, [humanIDv1, claimant.x.add(claimant.isOdd.toField())]).assertTrue();
+};
 
-const EmptyRoot = Field(0x21afce36daa1a2d67391072035f4555a85aea7197e5830b128f121aa382770cdn);
+const EmptyRoot =
+  Field(0x21afce36daa1a2d67391072035f4555a85aea7197e5830b128f121aa382770cdn);
 
-const Inverse2Exp32 = Field(0x3fffffffc00000000000000000000000224698fbe706601f8fe037d166d2cf14n);
+const Inverse2Exp32 =
+  Field(0x3fffffffc00000000000000000000000224698fbe706601f8fe037d166d2cf14n);
 
 const requireConsistent = (humanIDv1: Field, truncatedHumanIDv1: Field) => {
-  humanIDv1.sub(truncatedHumanIDv1).mul(Inverse2Exp32).assertLessThan(
-    (1n << 222n) + 0x224698fc094cf91b992d30edn,
-    "HumanID does not match the witness"
-  );
-}
+  humanIDv1
+    .sub(truncatedHumanIDv1)
+    .mul(Inverse2Exp32)
+    .assertLessThan(
+      (1n << 222n) + 0x224698fc094cf91b992d30edn,
+      "HumanID does not match the witness"
+    );
+};
 
 const acceptHumanIDv1 = (
   humanIDv1: Field,
   sigs: Signatures,
   treeRoot: State<Field>,
-  witness: HumanIDWitness
+  witness: HumanIDWitness,
+  claimant: PublicKey
 ) => {
-  authenticate(humanIDv1, sigs);
+  authenticate(humanIDv1, sigs, claimant);
   requireConsistent(humanIDv1, witness.calculateIndex());
   addToMerkleTree(treeRoot, witness);
-}
+};
 
 export {
   EmptyRoot,
@@ -51,5 +77,5 @@ export {
   acceptHumanIDv1,
   addToMerkleTree,
   authenticate,
-  requireConsistent
+  requireConsistent,
 };