Auth example without updating ID state for issued credentials

nedgar commented 1 year ago

The current "handle auth request" example updates the issuer's state to include the age credential, then publishes it to RHS and blockchain.

In the attached standalone example, it bumps the issuer state by adding an empty list of creds, then publishes that to both RHS and blockchain, th issues the age credential against that ID state. It runs ok, though I had to give an empty transaction ID (rather than null or undefined) to satisfy the type checking (how is the tx ID used anyway?):

  const credsWithIden3MTPProof = await identityWallet.generateIden3SparseMerkleTreeProof(
    issuerDID,
    res2.credentials,
    ""  // we have no transaction ID since we did not update ID state after issuing credential
  );

I understand that even publishing the genesis state should not be necessary, however I'm unable to adapt this example to demonstrate that. If I comment out the publishing to RHS and/or blockchain, it fails with Error: can't fetch revocation status.

e.g.

============== user handles auth request ==============
ERROR: Error: can't fetch revocation status
    at CredentialWallet.getRevocationStatus (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/credentials/credential-wallet.ts:295:15)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async CredentialWallet.getRevocationStatusFromCredential (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/credentials/credential-wallet.ts:254:12)
    at async CredentialWallet.findNonRevokedCredential (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/credentials/credential-wallet.ts:415:25)
    at async ProofService.getPreparedCredential (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/proof/proof-service.ts:249:7)
    at async ProofService.generateProof (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/proof/proof-service.ts:187:52)
    at async AuthHandler.handleAuthorizationRequestForGenesisDID (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/node_modules/@0xpolygonid/js-sdk/src/iden3comm/handlers/auth.ts:172:25)
    at async handleAuthRequest (/Users/nedgar/src/open-harbour/polygon-id-js-sdk-tutorial/src/handle-auth-no-publish-cred.ts:383:30)

It would be helpful for the examples to show:

publishing only the issuer's ID state and issuing credentials against that, using signature-based proofs to verify creds, even if publishing isn't necessary (like in the attached example)
same but with no publishing

Alternatively, could you update the attached example to show the no publishing scenario?

nedgar commented 1 year ago

With config.ts included: handle-auth-no-publish-cred.zip

vmidyllic commented 1 year ago

@Kolezhniuk please have a look and provide an example of auth handler requesting signature proof, without transitioning the issuer's state.

vmidyllic commented 1 year ago

meanwhile @nedgar you can check https://github.com/iden3/polygonid-js-sdk-examples/pull/2 it works fine.

Kolezhniuk commented 1 year ago

@nedgar Hello! The example that you've provided works for me. I don't have any issues. Also, I've checked the token validation here https://jwz.polygonid.me/ and the token is valid also. One thing I noticed is that you have missed calling await for the next lines of code

   await dataStorage.credential.saveCredential(credential);
and 
   await credentialWallet.saveAll(credsWithIden3MTPProof);

Please see the console output below from your example

=============== handle auth request ===============

=============== user did and auth credential===============
DID did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA
W3CCredential {
  "id": "http://wallet.com/38e44b76-9f55-42d1-98e8-10179bdbf0cc",
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/iden3credential-v2.json-ld",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/auth-v2.json-ld"
  ],
  "type": [
    "VerifiableCredential",
    "AuthBJJCredential"
  ],
  "issuanceDate": "2023-03-08T12:33:51.665Z",
  "credentialSubject": {
    "x": "10571746397287825748586785298116645295039918874040573668743229997189960831142",
    "y": "14685730841763434345582146127929774020407158434763740953500585061238653248826",
    "type": "AuthBJJCredential"
  },
  "issuer": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
  "credentialSchema": {
    "id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/auth-v1.json",
    "type": "JsonSchemaValidator2018"
  },
  "credentialStatus": {
    "id": "https://rhs-staging.polygonid.me",
    "revocationNonce": 0,
    "type": "Iden3ReverseSparseMerkleTreeProof"
  },
  "proof": [
    {
      "type": "Iden3SparseMerkleTreeProof",
      "mtp": {
        "existence": true,
        "siblings": []
      },
      "issuerData": {
        "id": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
        "state": {
          "rootOfRoots": "0000000000000000000000000000000000000000000000000000000000000000",
          "revocationTreeRoot": "0000000000000000000000000000000000000000000000000000000000000000",
          "claimsTreeRoot": "683ce0b99386c5e2444539435c45fcdca43f0a1b51ea466fb9e6916854662918",
          "value": "69530a630042e4af1de7ea3c72e4fb2dd3e5e5fb87a7bdaa11eb6788bc37101d"
        },
        "authCoreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a610b0a0e51e3466572afdb6c181015c30481012c07b6622464a709a7b655f173ae5b6d2be0235525aa99e25f599bd6a9e015d5eea009822b071f5a73fd477200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
        "credentialStatus": {
          "id": "https://rhs-staging.polygonid.me",
          "revocationNonce": 0,
          "type": "Iden3ReverseSparseMerkleTreeProof"
        },
        "mtp": {
          "existence": true,
          "siblings": []
        }
      },
      "coreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a610b0a0e51e3466572afdb6c181015c30481012c07b6622464a709a7b655f173ae5b6d2be0235525aa99e25f599bd6a9e015d5eea009822b071f5a73fd477200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
    }
  ]
}

=============== issuer did and auth credential ===============
DID did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi
W3CCredential {
  "id": "http://wallet.com/d41bb014-3ac4-496f-a1db-66d6c7033fad",
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/iden3credential-v2.json-ld",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/auth-v2.json-ld"
  ],
  "type": [
    "VerifiableCredential",
    "AuthBJJCredential"
  ],
  "issuanceDate": "2023-03-08T12:38:43.369Z",
  "credentialSubject": {
    "x": "13090682478546178437121398969741476665836063439244429284879630725052336506556",
    "y": "5631416302020247018723620940442665326311747037756866770815320849584297175560",
    "type": "AuthBJJCredential"
  },
  "issuer": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
  "credentialSchema": {
    "id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/auth-v1.json",
    "type": "JsonSchemaValidator2018"
  },
  "credentialStatus": {
    "id": "https://rhs-staging.polygonid.me",
    "revocationNonce": 0,
    "type": "Iden3ReverseSparseMerkleTreeProof"
  },
  "proof": [
    {
      "type": "Iden3SparseMerkleTreeProof",
      "mtp": {
        "existence": true,
        "siblings": []
      },
      "issuerData": {
        "id": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
        "state": {
          "rootOfRoots": "0000000000000000000000000000000000000000000000000000000000000000",
          "revocationTreeRoot": "0000000000000000000000000000000000000000000000000000000000000000",
          "claimsTreeRoot": "d57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120",
          "value": "9413502dacbbb279b9d6208676bbd44f69605b8bffe62ec5ed4c96b9a76dd90c"
        },
        "authCoreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc06514ea41ef99460ded139f5b5531b77e01d6d7bd95307951a44a94f10f11c086af9c04916ddf173d8ef60de29a2af0c32f9946c86c6950fcd68d8c744730c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
        "credentialStatus": {
          "id": "https://rhs-staging.polygonid.me",
          "revocationNonce": 0,
          "type": "Iden3ReverseSparseMerkleTreeProof"
        },
        "mtp": {
          "existence": true,
          "siblings": []
        }
      },
      "coreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc06514ea41ef99460ded139f5b5531b77e01d6d7bd95307951a44a94f10f11c086af9c04916ddf173d8ef60de29a2af0c32f9946c86c6950fcd68d8c744730c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
    }
  ]
}
================= transition for issuer genesis state =======================
old tree state (hashes): {
  claimsRoot: 'd57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120',
  revocationRoot: '0000000000000000000000000000000000000000000000000000000000000000',
  rootOfRoots: '0000000000000000000000000000000000000000000000000000000000000000',
  state: '9413502dacbbb279b9d6208676bbd44f69605b8bffe62ec5ed4c96b9a76dd90c'
}
new tree state (hashes): {
  claimsRoot: 'd57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120',
  revocationRoot: '0000000000000000000000000000000000000000000000000000000000000000',
  rootOfRoots: '648952a44830157fc18e023b6e61f1516529d3498a5338767d272cd2662fb02f',
  state: 'd1309ff3c13a26004f0adc76e85e6c6fd4b5a90334dec69d759f5cfa841a081c'
}
================= push updated issuer state to RHS (Reverse Hash Service) ===================
================= publish issuer state to blockchain, with state transition proof ===================
transaction ID: 0x51755ea15c088f17e8f12b273f53fa393a34f8d8de211a3e4538f2152b0ba081

=============== credential request for issuer to sign ===============
{
  "credentialSchema": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCAgeCredential-v3.json",
  "type": "KYCAgeCredential",
  "credentialSubject": {
    "id": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
    "birthday": 19960424,
    "documentType": 99
  },
  "expiration": 12345678888
}

=============== issued credential, signed ===============
W3CCredential {
  "id": "http://wallet.com/b868a9ca-a4b0-49ea-994f-d4b04b78ae10",
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/iden3credential-v2.json-ld",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld"
  ],
  "type": [
    "VerifiableCredential",
    "KYCAgeCredential"
  ],
  "expirationDate": "2361-03-21T19:14:48.000Z",
  "issuanceDate": "2023-03-08T12:46:44.562Z",
  "credentialSubject": {
    "id": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
    "birthday": 19960424,
    "documentType": 99,
    "type": "KYCAgeCredential"
  },
  "issuer": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
  "credentialSchema": {
    "id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCAgeCredential-v3.json",
    "type": "JsonSchemaValidator2018"
  },
  "credentialStatus": {
    "id": "https://rhs-staging.polygonid.me",
    "revocationNonce": 9610,
    "type": "Iden3ReverseSparseMerkleTreeProof"
  },
  "proof": [
    {
      "type": "BJJSignature2021",
      "issuerData": {
        "id": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
        "state": {
          "rootOfRoots": "0000000000000000000000000000000000000000000000000000000000000000",
          "revocationTreeRoot": "0000000000000000000000000000000000000000000000000000000000000000",
          "claimsTreeRoot": "d57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120",
          "value": "9413502dacbbb279b9d6208676bbd44f69605b8bffe62ec5ed4c96b9a76dd90c"
        },
        "authCoreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc06514ea41ef99460ded139f5b5531b77e01d6d7bd95307951a44a94f10f11c086af9c04916ddf173d8ef60de29a2af0c32f9946c86c6950fcd68d8c744730c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
        "mtp": {
          "existence": true,
          "siblings": []
        },
        "credentialStatus": {
          "id": "https://rhs-staging.polygonid.me",
          "revocationNonce": 0,
          "type": "Iden3ReverseSparseMerkleTreeProof"
        }
      },
      "coreClaim": "c9b2370371b7fa8b3dab2a5ba81b68382a000000000000000000000000000000011242e4af1de7ea3c72e4fb2dd3e5e5fb87a7bdaa11eb6788bc37101dc80f00c3074857ade4a8ab289ce7aef1f847a7f8ba31738cf87c94f7b936bc92e2351900000000000000000000000000000000000000000000000000000000000000008a25000000000000281cdcdf0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
      "signature": "106ec5927fe4df4ee9fde1433e2d959db8e00919c26b34912c5c66f4b4219e2771dcb26d993c6766eb4d7decda05ffd9de6e8ae0bef64dc6bd2ade6088332101"
    }
  ]
}
================= add credential to issuer ID wallet claims tree =======================
old tree state (hashes): {
  claimsRoot: 'd57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120',
  revocationRoot: '0000000000000000000000000000000000000000000000000000000000000000',
  rootOfRoots: '648952a44830157fc18e023b6e61f1516529d3498a5338767d272cd2662fb02f',
  state: 'd1309ff3c13a26004f0adc76e85e6c6fd4b5a90334dec69d759f5cfa841a081c'
}
new tree state (hashes): {
  claimsRoot: '8aad02c548e397a4b6816238463739c357272ba6d93ba973605b263306f51711',
  revocationRoot: '0000000000000000000000000000000000000000000000000000000000000000',
  rootOfRoots: '1518af1b643741d918858df88bec549d07848c52b28228491e046842825c3318',
  state: 'bad8b48cee6a59c49ff214685edf46481f1efc60f53ee67039100ffbe9534924'
}
================= generate Iden3SparseMerkleTreeProof =======================
W3CCredential {
  "id": "http://wallet.com/b868a9ca-a4b0-49ea-994f-d4b04b78ae10",
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/iden3credential-v2.json-ld",
    "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld"
  ],
  "type": [
    "VerifiableCredential",
    "KYCAgeCredential"
  ],
  "expirationDate": "2361-03-21T19:14:48.000Z",
  "issuanceDate": "2023-03-08T12:46:44.562Z",
  "credentialSubject": {
    "id": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
    "birthday": 19960424,
    "documentType": 99,
    "type": "KYCAgeCredential"
  },
  "issuer": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
  "credentialSchema": {
    "id": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCAgeCredential-v3.json",
    "type": "JsonSchemaValidator2018"
  },
  "credentialStatus": {
    "id": "https://rhs-staging.polygonid.me",
    "revocationNonce": 9610,
    "type": "Iden3ReverseSparseMerkleTreeProof"
  },
  "proof": [
    {
      "type": "BJJSignature2021",
      "issuerData": {
        "id": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
        "state": {
          "rootOfRoots": "0000000000000000000000000000000000000000000000000000000000000000",
          "revocationTreeRoot": "0000000000000000000000000000000000000000000000000000000000000000",
          "claimsTreeRoot": "d57df7392a4e1432a97db15ffb383d9d398f887fb55bf518a668d01ba4c5b120",
          "value": "9413502dacbbb279b9d6208676bbd44f69605b8bffe62ec5ed4c96b9a76dd90c"
        },
        "authCoreClaim": "cca3371a6cb1b715004407e325bd993c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc06514ea41ef99460ded139f5b5531b77e01d6d7bd95307951a44a94f10f11c086af9c04916ddf173d8ef60de29a2af0c32f9946c86c6950fcd68d8c744730c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
        "mtp": {
          "existence": true,
          "siblings": []
        },
        "credentialStatus": {
          "id": "https://rhs-staging.polygonid.me",
          "revocationNonce": 0,
          "type": "Iden3ReverseSparseMerkleTreeProof"
        }
      },
      "coreClaim": "c9b2370371b7fa8b3dab2a5ba81b68382a000000000000000000000000000000011242e4af1de7ea3c72e4fb2dd3e5e5fb87a7bdaa11eb6788bc37101dc80f00c3074857ade4a8ab289ce7aef1f847a7f8ba31738cf87c94f7b936bc92e2351900000000000000000000000000000000000000000000000000000000000000008a25000000000000281cdcdf0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
      "signature": "106ec5927fe4df4ee9fde1433e2d959db8e00919c26b34912c5c66f4b4219e2771dcb26d993c6766eb4d7decda05ffd9de6e8ae0bef64dc6bd2ade6088332101"
    },
    {
      "type": "Iden3SparseMerkleTreeProof",
      "mtp": {
        "existence": true,
        "siblings": [
          {
            "bytes": {
              "0": 213,
              "1": 125,
              "2": 247,
              "3": 57,
              "4": 42,
              "5": 78,
              "6": 20,
              "7": 50,
              "8": 169,
              "9": 125,
              "10": 177,
              "11": 95,
              "12": 251,
              "13": 56,
              "14": 61,
              "15": 157,
              "16": 57,
              "17": 143,
              "18": 136,
              "19": 127,
              "20": 181,
              "21": 91,
              "22": 245,
              "23": 24,
              "24": 166,
              "25": 104,
              "26": 208,
              "27": 27,
              "28": 164,
              "29": 197,
              "30": 177,
              "31": 32
            }
          }
        ]
      },
      "issuerData": {
        "id": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
        "state": {
          "claimsTreeRoot": "8aad02c548e397a4b6816238463739c357272ba6d93ba973605b263306f51711",
          "revocationTreeRoot": "0000000000000000000000000000000000000000000000000000000000000000",
          "rootOfRoots": "1518af1b643741d918858df88bec549d07848c52b28228491e046842825c3318",
          "value": "bad8b48cee6a59c49ff214685edf46481f1efc60f53ee67039100ffbe9534924",
          "txId": ""
        },
        "mtp": {
          "existence": true,
          "siblings": [
            {
              "bytes": {
                "0": 213,
                "1": 125,
                "2": 247,
                "3": 57,
                "4": 42,
                "5": 78,
                "6": 20,
                "7": 50,
                "8": 169,
                "9": 125,
                "10": 177,
                "11": 95,
                "12": 251,
                "13": 56,
                "14": 61,
                "15": 157,
                "16": 57,
                "17": 143,
                "18": 136,
                "19": 127,
                "20": 181,
                "21": 91,
                "22": 245,
                "23": 24,
                "24": 166,
                "25": 104,
                "26": 208,
                "27": 27,
                "28": 164,
                "29": 197,
                "30": 177,
                "31": 32
              }
            }
          ]
        }
      },
      "coreClaim": "c9b2370371b7fa8b3dab2a5ba81b68382a000000000000000000000000000000011242e4af1de7ea3c72e4fb2dd3e5e5fb87a7bdaa11eb6788bc37101dc80f00c3074857ade4a8ab289ce7aef1f847a7f8ba31738cf87c94f7b936bc92e2351900000000000000000000000000000000000000000000000000000000000000008a25000000000000281cdcdf0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
    }
  ]
}
================= generate credentialAtomicSigV2 proof request ===================
=================  credential auth request message ===================
{
  "id": "fe6354fe-3db2-48c2-a779-e39c2dda8d90",
  "thid": "fe6354fe-3db2-48c2-a779-e39c2dda8d90",
  "typ": "application/iden3comm-plain-json",
  "from": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
  "type": "https://iden3-communication.io/authorization/1.0/request",
  "body": {
    "callbackUrl": "http://testcallback.com",
    "message": "message to sign",
    "scope": [
      {
        "id": 1,
        "circuitId": "credentialAtomicQuerySigV2",
        "optional": false,
        "query": {
          "allowedIssuers": [
            "*"
          ],
          "type": "KYCAgeCredential",
          "context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
          "credentialSubject": {
            "birthday": {
              "$lt": 20020101
            }
          }
        }
      }
    ],
    "reason": "verify age"
  }
}

============== user handles auth request ==============
{
  "authRequest": {
    "id": "fe6354fe-3db2-48c2-a779-e39c2dda8d90",
    "thid": "fe6354fe-3db2-48c2-a779-e39c2dda8d90",
    "typ": "application/iden3comm-plain-json",
    "from": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi",
    "type": "https://iden3-communication.io/authorization/1.0/request",
    "body": {
      "callbackUrl": "http://testcallback.com",
      "message": "message to sign",
      "scope": [
        {
          "id": 1,
          "circuitId": "credentialAtomicQuerySigV2",
          "optional": false,
          "query": {
            "allowedIssuers": [
              "*"
            ],
            "type": "KYCAgeCredential",
            "context": "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v3.json-ld",
            "credentialSubject": {
              "birthday": {
                "$lt": 20020101
              }
            }
          }
        }
      ],
      "reason": "verify age"
    }
  },
  "authResponse": {
    "id": "018481f3-be42-4643-9c79-4bd8effaba45",
    "typ": "application/iden3-zkp-json",
    "type": "https://iden3-communication.io/authorization/1.0/response",
    "thid": "fe6354fe-3db2-48c2-a779-e39c2dda8d90",
    "body": {
      "message": "message to sign",
      "scope": [
        {
          "id": 1,
          "circuitId": "credentialAtomicQuerySigV2",
          "proof": {
            "pi_a": [
              "17871135223869671998984571254500499965902748590641326266880431426878060616074",
              "11514596717418678124863498017764982140465828305016585011909725125216810983631",
              "1"
            ],
            "pi_b": [
              [
                "9586337403457328519755251660428950990006366341885539386978217151064853867695",
                "19560081597114892129179099483667613552322948213522216428691624508233207574114"
              ],
              [
                "19907112272087332203590182394363584182027028780733221623589025856715556656196",
                "2475349532142251317639943206618745535945853547673019532751607191646931868955"
              ],
              [
                "1",
                "0"
              ]
            ],
            "pi_c": [
              "12055341381747379902908506327985270976050164873581384897042957721336946312908",
              "21792124219223380091504684182761772871718364871519359353110220706414283194913",
              "1"
            ],
            "protocol": "groth16",
            "curve": "bn128"
          },
          "pub_signals": [
            "1",
            "27883838787412540016096521630333663670416136030843855254384674996018614785",
            "5811916808263603644991159609508077569165425645854138777323988284530282730388",
            "1",
            "27455493384769683420575283141384721131198237206075430982574200223193305601",
            "1",
            "12679077567333838331028970265227503467470205999759801691171391734616403423441",
            "1678280248",
            "74977327600848231385663280181476307657",
            "0",
            "20376033832371109177683048456014525905119173674985843915445634726167450989630",
            "2",
            "2",
            "20020101",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0",
            "0"
          ]
        }
      ]
    },
    "from": "did:iden3:polygon:mumbai:wxNALoZxnWexpJKDvsb3grVCpU8QWgJfj9w78WiAA",
    "to": "did:iden3:polygon:mumbai:x3rEyMPHv5ERRcxYdCjJm69u49n5r9pVFuxhrQoYi"
  },
  "token": "eyJhbGciOiJncm90aDE2IiwiY2lyY3VpdElkIjoiYXV0aFYyIiwiY3JpdCI6WyJjaXJjdWl0SWQiXSwidHlwIjoiYXBwbGljYXRpb24vaWRlbjMtemtwLWpzb24ifQ.eyJpZCI6IjAxODQ4MWYzLWJlNDItNDY0My05Yzc5LTRiZDhlZmZhYmE0NSIsInR5cCI6ImFwcGxpY2F0aW9uL2lkZW4zLXprcC1qc29uIiwidHlwZSI6Imh0dHBzOi8vaWRlbjMtY29tbXVuaWNhdGlvbi5pby9hdXRob3JpemF0aW9uLzEuMC9yZXNwb25zZSIsInRoaWQiOiJmZTYzNTRmZS0zZGIyLTQ4YzItYTc3OS1lMzljMmRkYThkOTAiLCJib2R5Ijp7Im1lc3NhZ2UiOiJtZXNzYWdlIHRvIHNpZ24iLCJzY29wZSI6W3siaWQiOjEsImNpcmN1aXRJZCI6ImNyZWRlbnRpYWxBdG9taWNRdWVyeVNpZ1YyIiwicHJvb2YiOnsicGlfYSI6WyIxNzg3MTEzNTIyMzg2OTY3MTk5ODk4NDU3MTI1NDUwMDQ5OTk2NTkwMjc0ODU5MDY0MTMyNjI2Njg4MDQzMTQyNjg3ODA2MDYxNjA3NCIsIjExNTE0NTk2NzE3NDE4Njc4MTI0ODYzNDk4MDE3NzY0OTgyMTQwNDY1ODI4MzA1MDE2NTg1MDExOTA5NzI1MTI1MjE2ODEwOTgzNjMxIiwiMSJdLCJwaV9iIjpbWyI5NTg2MzM3NDAzNDU3MzI4NTE5NzU1MjUxNjYwNDI4OTUwOTkwMDA2MzY2MzQxODg1NTM5Mzg2OTc4MjE3MTUxMDY0ODUzODY3Njk1IiwiMTk1NjAwODE1OTcxMTQ4OTIxMjkxNzkwOTk0ODM2Njc2MTM1NTIzMjI5NDgyMTM1MjIyMTY0Mjg2OTE2MjQ1MDgyMzMyMDc1NzQxMTQiXSxbIjE5OTA3MTEyMjcyMDg3MzMyMjAzNTkwMTgyMzk0MzYzNTg0MTgyMDI3MDI4NzgwNzMzMjIxNjIzNTg5MDI1ODU2NzE1NTU2NjU2MTk2IiwiMjQ3NTM0OTUzMjE0MjI1MTMxNzYzOTk0MzIwNjYxODc0NTUzNTk0NTg1MzU0NzY3MzAxOTUzMjc1MTYwNzE5MTY0NjkzMTg2ODk1NSJdLFsiMSIsIjAiXV0sInBpX2MiOlsiMTIwNTUzNDEzODE3NDczNzk5MDI5MDg1MDYzMjc5ODUyNzA5NzYwNTAxNjQ4NzM1ODEzODQ4OTcwNDI5NTc3MjEzMzY5NDYzMTI5MDgiLCIyMTc5MjEyNDIxOTIyMzM4MDA5MTUwNDY4NDE4Mjc2MTc3Mjg3MTcxODM2NDg3MTUxOTM1OTM1MzExMDIyMDcwNjQxNDI4MzE5NDkxMyIsIjEiXSwicHJvdG9jb2wiOiJncm90aDE2IiwiY3VydmUiOiJibjEyOCJ9LCJwdWJfc2lnbmFscyI6WyIxIiwiMjc4ODM4Mzg3ODc0MTI1NDAwMTYwOTY1MjE2MzAzMzM2NjM2NzA0MTYxMzYwMzA4NDM4NTUyNTQzODQ2NzQ5OTYwMTg2MTQ3ODUiLCI1ODExOTE2ODA4MjYzNjAzNjQ0OTkxMTU5NjA5NTA4MDc3NTY5MTY1NDI1NjQ1ODU0MTM4Nzc3MzIzOTg4Mjg0NTMwMjgyNzMwMzg4IiwiMSIsIjI3NDU1NDkzMzg0NzY5NjgzNDIwNTc1MjgzMTQxMzg0NzIxMTMxMTk4MjM3MjA2MDc1NDMwOTgyNTc0MjAwMjIzMTkzMzA1NjAxIiwiMSIsIjEyNjc5MDc3NTY3MzMzODM4MzMxMDI4OTcwMjY1MjI3NTAzNDY3NDcwMjA1OTk5NzU5ODAxNjkxMTcxMzkxNzM0NjE2NDAzNDIzNDQxIiwiMTY3ODI4MDI0OCIsIjc0OTc3MzI3NjAwODQ4MjMxMzg1NjYzMjgwMTgxNDc2MzA3NjU3IiwiMCIsIjIwMzc2MDMzODMyMzcxMTA5MTc3NjgzMDQ4NDU2MDE0NTI1OTA1MTE5MTczNjc0OTg1ODQzOTE1NDQ1NjM0NzI2MTY3NDUwOTg5NjMwIiwiMiIsIjIiLCIyMDAyMDEwMSIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCJdfV19LCJmcm9tIjoiZGlkOmlkZW4zOnBvbHlnb246bXVtYmFpOnd4TkFMb1p4bldleHBKS0R2c2IzZ3JWQ3BVOFFXZ0pmajl3NzhXaUFBIiwidG8iOiJkaWQ6aWRlbjM6cG9seWdvbjptdW1iYWk6eDNyRXlNUEh2NUVSUmN4WWRDakptNjl1NDluNXI5cFZGdXhoclFvWWkifQ.eyJwcm9vZiI6eyJwaV9hIjpbIjIxNzM3NTQ1NzAyMzYyODkyMjQ4OTY4OTkyOTQyNTI0MTU5ODExODU3ODA2MTQ3NzIzNzcxMTI4ODAyOTM5OTg0NzEzNTc5NjIxNTE4IiwiMjA0ODU0MTc0OTA0ODg2MTIwNDE2ODE3Mzg1NDc0MjIwNTA2MjM0MTUwNDMxMzQwNzUxNzY3OTAwNjU0MDg0MjA2ODY2OTk1MDYwMyIsIjEiXSwicGlfYiI6W1siMTgxOTIxNTgxMjA4ODQ0MjY2MjQ2NzEyNDEzMjAyMTk2ODkxOTEzOTU3NjIwMDY3OTE5NTI2NDc2NTgxNjczNjU4NzQyNTQxNTQ2MTAiLCIxNjE1Mjc2Mzc2MDU0NzMwOTc5MDE0NjQzMTcwNTk2NTMzMzU1OTU5MDYxOTY1MzI2ODcyNzYxNTcyNDUxOTY3MDU2ODkwMzgwNDIwNyJdLFsiMTk1NjQ4OTM0MTY5MzU3NTYzNDc4MTY4ODM2MjQ1OTkzOTg2MjExMDM1ODIwNjU2ODY3ODMzODEwNDc5MjkyMTM3ODg1MDY0OTI4MjAiLCIxODYzODcyNDM2MTEyNzY2MTcxOTExNzE0MzMwOTIwNDYyMjg0NDY1MzUzODkzNTQ2MDczMDYyNjk4ODc5NTc1MjIxNjc4NDg2MDg4OCJdLFsiMSIsIjAiXV0sInBpX2MiOlsiNDkzOTY5NjA4MDgxODc5NzA5ODYxNDUyNzAxNzkwMjE0NDY3NDU1MzAwODM4NTUwMDUxNTU0MTI3MzI3MjQzNzQ0NTE3Njk5MzYyMCIsIjQ3NDE1MzgxNjc0MDgyOTc4MDQxMDIwNTc1OTU0MjExNzcwMzI0NDg2Nzk5NjE2MDEwNjE2MTAwNTI0NjA2NTAwODY3ODQ3OTAwNTIiLCIxIl0sInByb3RvY29sIjoiZ3JvdGgxNiIsImN1cnZlIjoiYm4xMjgifSwicHViX3NpZ25hbHMiOlsiMjc4ODM4Mzg3ODc0MTI1NDAwMTYwOTY1MjE2MzAzMzM2NjM2NzA0MTYxMzYwMzA4NDM4NTUyNTQzODQ2NzQ5OTYwMTg2MTQ3ODUiLCIxMDM1NDgzNDc2NDk4NjU4Nzc1MDQwNDQ4OTA2NzEwMzM2MDAzMzQ0NjM0Nzg4MTQxODg1NTIyMTI4NjU1MTkzNTY5OTQ1NDI0NjA4NyIsIjIwMTYwNTAwNjUzNzIxMTM0NDExMDU2NjkzNjE0Mzc3MzY2Mzg2OTMzMjk0MzU0MDI1MTM3NDgzMTcyMjgwMjIzOTc1NjMxNzIwOTQyIl19"
}

I suppose we need to make txId parameter optional and most probably will do that in the next version of SDK cc @vmidyllic

nedgar commented 1 year ago

Thanks @vmidyllic and @Kolezhniuk, #2 answers my questions above. I guess the null transition (no new credentials) I have in example here still bumps the issuer ID out of genesis state, so publishing it is still necessary.

One thing I noticed is that you have missed calling await for the next lines of code

This was copied from the original example. I've commented in #2 to add the missing await there.

nedgar commented 1 year ago

Also, I've checked the token validation here https://jwz.polygonid.me/ and the token is valid also.

Nice tool! I was confused for a while about the JWZ token format because I tried deserializing its segments using the shell's base64 -d, but since the input is not padded it drops the last character (}).

e.g. for a JWZ token generated from running #2 just now: eyJhbGciOiJncm90aDE2IiwiY2lyY3VpdElkIjoiYXV0aFYyIiwiY3JpdCI6WyJjaXJjdWl0SWQiXSwidHlwIjoiYXBwbGljYXRpb24vaWRlbjMtemtwLWpzb24ifQ. ..., in shell: echo -n eyJhbGciOiJncm90aDE2IiwiY2lyY3VpdElkIjoiYXV0aFYyIiwiY3JpdCI6WyJjaXJjdWl0SWQiXSwidHlwIjoiYXBwbGljYXRpb24vaWRlbjMtemtwLWpzb24ifQ | base64 -d yields: {"alg":"groth16","circuitId":"authV2","crit":["circuitId"],"typ":"application/iden3-zkp-json" (missing closing brace). But I think that's just a limitation of the base64 command line expecting padded input. It decodes OK in @iden3/js-jwz's Token.parse.

nedgar commented 1 year ago

Given the example in #2, I'll close this. To accomodate various examples, I suggest splitting the index.ts into separate files for each example, even if there's some duplication. I found the progression in the tutorial to be quite clear, and (before learning about this repo), I used separate files -- starting simple and adding code as needed.

0xPolygonID / js-sdk-examples

Auth example without updating ID state for issued credentials #1