Skip to content

Commit

Permalink
add anonymous_id and nullifier for uniqueness
Browse files Browse the repository at this point in the history
  • Loading branch information
@chabanyknikita
chabanyknikita committed Oct 14, 2024
1 parent 4f07c00 commit 6449f08
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 16 deletions.
6 changes: 6 additions & 0 deletions internal/assets/migrations/005_anonymousId.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
-- +migrate Up
ALTER TABLE verify_users ADD COLUMN anonymous_id TEXT UNIQUE;
ALTER TABLE verify_users ADD COLUMN nullifier TEXT UNIQUE;
-- +migrate Down
ALTER TABLE verify_users DROP COLUMN anonymous_id;
ALTER TABLE verify_users DROP COLUMN nullifier;
17 changes: 13 additions & 4 deletions internal/data/pg/verify_users.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,8 @@ func (q *VerifyUsersQ) Insert(VerifyUsers *data.VerifyUsers) error {
"sex": VerifyUsers.Sex,
"sex_enable": VerifyUsers.SexEnable,
"nationality_enable": VerifyUsers.NationalityEnable,
"anonymous_id": VerifyUsers.AnonymousID,
"nullifier": VerifyUsers.Nullifier,
})

if err = q.db.Exec(stmt); err != nil {
Expand All @@ -93,10 +95,12 @@ func (q *VerifyUsersQ) Update(VerifyUsers *data.VerifyUsers) error {
err := q.db.Exec(
sq.Update(verifyUsersTableName).
SetMap(map[string]interface{}{
"status": VerifyUsers.Status,
"proof": VerifyUsers.Proof,
"sex": VerifyUsers.Sex,
"nationality": VerifyUsers.Nationality,
"status": VerifyUsers.Status,
"proof": VerifyUsers.Proof,
"sex": VerifyUsers.Sex,
"nationality": VerifyUsers.Nationality,
"anonymous_id": VerifyUsers.AnonymousID,
"nullifier": VerifyUsers.Nullifier,
}).
Where(sq.Eq{userIdColumnName: VerifyUsers.UserID}),
)
Expand Down Expand Up @@ -144,3 +148,8 @@ func (q *VerifyUsersQ) WhereCreatedAtLt(createdAt time.Time) data.VerifyUsersQ {
q.del = q.del.Where(sq.Lt{createdAtColumnName: &createdAt})
return q
}

func (q *VerifyUsersQ) FilterByInternalAID(aid string) data.VerifyUsersQ {
q.sel = q.sel.Where(sq.Eq{"anonymous_id": aid})
return q
}
3 changes: 3 additions & 0 deletions internal/data/verify_users.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ type VerifyUsers struct {
Sex string `db:"sex"`
SexEnable bool `db:"sex_enable"`
NationalityEnable bool `db:"nationality_enable"`
AnonymousID string `db:"anonymous_id"`
Nullifier string `db:"nullifier"`
}

type VerifyUsersQ interface {
Expand All @@ -32,4 +34,5 @@ type VerifyUsersQ interface {
WhereID(userId string) VerifyUsersQ
WhereHashID(userId string) VerifyUsersQ
WhereCreatedAtLt(createdAt time.Time) VerifyUsersQ
FilterByInternalAID(aid string) VerifyUsersQ
}
58 changes: 46 additions & 12 deletions internal/service/handlers/verification_callback_light.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,18 +54,6 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
return
}

verifiedUser, err := VerifyUsersQ(r).WhereHashID(userIDHash).Get()
if err != nil {
Log(r).WithError(err).Errorf("failed to get user with userHashID [%s]", userIDHash)
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
if verifiedUser == nil {
Log(r).Error("user not found or eventData != userHashID")
ape.RenderErr(w, problems.NotFound())
return
}

userIDHashDecimal, ok := new(big.Int).SetString(pubSignals[10], 10)
if !ok {
Log(r).Error("failed to parse event data")
Expand All @@ -89,6 +77,45 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
return
}

nullifier, ok := new(big.Int).SetString(pubSignals[0], 10)
if !ok {
Log(r).Error("failed to parse nullifier")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
var nullifierBytes [32]byte
nullifier.FillBytes(nullifierBytes[:])
nullifierHex := hex.EncodeToString(nullifierBytes[:])

anonymousID, ok := new(big.Int).SetString(pubSignals[11], 10)
if !ok {
Log(r).Error("failed to parse anonymous_id")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
var anonymousIDBytes [32]byte
anonymousID.FillBytes(anonymousIDBytes[:])
anonymousIDHex := hex.EncodeToString(anonymousIDBytes[:])

byAnonymousID, err := VerifyUsersQ(r).FilterByInternalAID(anonymousIDHex).Get()
if err != nil {
Log(r).Error("Failed to get user by anonymous_id")
ape.RenderErr(w, problems.BadRequest(err)...)
return
}

verifiedUser, err := VerifyUsersQ(r).WhereHashID(userIDHash).Get()
if err != nil {
Log(r).WithError(err).Errorf("failed to get user with userHashID [%s]", userIDHash)
ape.RenderErr(w, problems.BadRequest(err)...)
return
}
if verifiedUser == nil {
Log(r).Error("user not found or eventData != userHashID")
ape.RenderErr(w, problems.NotFound())
return
}

if verifiedUser.Nationality == "" && pubSignals[6] != "0" {
verifiedUser.Nationality = nationality
}
Expand All @@ -97,6 +124,13 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
}

verifiedUser.Status = "verified"
if byAnonymousID != nil && byAnonymousID.UserIDHash != verifiedUser.UserIDHash {
Log(r).WithError(err).Errorf("User with anonymous_id [%s] but a different userIDHash already exists", anonymousIDHex)
verifiedUser.Status = "failed_verification"
} else {
verifiedUser.Nullifier = nullifierHex
verifiedUser.AnonymousID = anonymousIDHex
}
if eventData != userIDHash {
Log(r).WithError(err).Errorf("failed to verify user: EventData from pub-signals [%s] != userIdHash from db [%s]", eventData, userIDHash)
verifiedUser.Status = "failed_verification"
Expand Down

0 comments on commit 6449f08

Please sign in to comment.