feat: DIP versioning (#20)

Companion of KILTprotocol/kilt-node#573.
KILTprotocol · Oct 31, 2023 · 4bc1ec5 · 4bc1ec5
2 parents 73cdbba + 67ad1a7
commit 4bc1ec5
Show file tree

Hide file tree

Showing 6 changed files with 144 additions and 109 deletions.
diff --git a/README.md b/README.md
@@ -81,6 +81,7 @@ The following optional env variables can be passed:
 - `IDENTITY_DETAILS`: The runtime type definition of the identity details stored on the consumer chain, according to the DIP protocol. It defaults to `Option<u128>`, which represents a simple (optional) nonce value.
 - `ACCOUNT_ID`: The runtime type definition of account address on the consumer chain. It defaults to `AccountId32`, which is the default of most Substrate-based chains. Some chains might use `AccountId20`.
 - `INCLUDE_WEB3NAME`: Wether the web3name of the DID should be added to the DIP proof of not. Values can be anything that is truthy in JS terms. It defaults to `false`. **The proof generation will fail if this value is `true` but the DID does not have a web3name.**
+- `DIP_PROOF_VERSION`: The version of the DIP proof to generate and use as part of the extrinsic. It defaults to `0`.
 
 As with DID creation, there is no strong requirement on what other variables must be set.
 Depending on the expected key to be used to sign the call, the right mnemonic or the right base mnemonic + derivation path must be provided.
@@ -111,6 +112,7 @@ The following optional env variables can be passed:
 - `IDENTITY_DETAILS`: The runtime type definition of the identity details stored on the consumer chain, according to the DIP protocol. It defaults to `Option<u128>`, which represents a simple (optional) nonce value.
 - `ACCOUNT_ID`: The runtime type definition of account address on the consumer chain. It defaults to `AccountId32`, which is the default of most Substrate-based chains. Some chains might use `AccountId20`.
 - `INCLUDE_WEB3NAME`: Wether the web3name of the DID should be added to the DIP proof of not. Values can be anything that is truthy in JS terms. It defaults to `false`. **The proof generation will fail if this value is `true` but the DID does not have a web3name.**
+- `DIP_PROOF_VERSION`: The version of the DIP proof to generate and use as part of the extrinsic. It defaults to `0`.
 
 As with DID creation, there is no strong requirement on what other variables must be set.
 Depending on the expected key to be used to sign the call, the right mnemonic or the right base mnemonic + derivation path must be provided.

diff --git a/package.json b/package.json
@@ -17,7 +17,7 @@
     "fix": "yarn lint:fix && yarn style:fix"
   },
   "dependencies": {
-    "@kiltprotocol/sdk-js": "0.33.2-dip-0",
+    "@kiltprotocol/sdk-js": "0.33.2-dip-2",
     "dotenv": "^16.0.1"
   },
   "devDependencies": {
@@ -31,4 +31,4 @@
     "typescript": "^4.7.4"
   },
   "packageManager": "[email protected]"
-}
+}
diff --git a/src/dip-parent-sign.ts b/src/dip-parent-sign.ts
@@ -66,6 +66,15 @@ async function main() {
     )
   }
 
+  // eslint-disable-next-line max-len
+  const dipProofVersion = (() => {
+    if (process.env[utils.envNames.dipProofVersion] !== undefined) {
+      return parseInt(process.env[utils.envNames.dipProofVersion] as string)
+    } else {
+      return utils.defaults.dipProofVersion
+    }
+  })()
+
   const providerApi = await ApiPromise.create({
     provider: new WsProvider(providerWsAddress),
     runtime: dipProviderCalls,
@@ -89,6 +98,7 @@ async function main() {
     didKeyId,
     verificationMethod,
     includeWeb3Name,
+    dipProofVersion,
     utils.getKeypairTxSigningCallback(requiredKey)
   )
 

diff --git a/src/dip-sibling-sign.ts b/src/dip-sibling-sign.ts
@@ -73,6 +73,15 @@ async function main() {
     )
   }
 
+  // eslint-disable-next-line max-len
+  const dipProofVersion = (() => {
+    if (process.env[utils.envNames.dipProofVersion] !== undefined) {
+      return parseInt(process.env[utils.envNames.dipProofVersion] as string)
+    } else {
+      return utils.defaults.dipProofVersion
+    }
+  })()
+
   const providerApi = await ApiPromise.create({
     provider: new WsProvider(providerWsAddress),
     runtime: dipProviderCalls,
@@ -97,6 +106,7 @@ async function main() {
     didKeyId,
     verificationMethod,
     includeWeb3Name,
+    dipProofVersion,
     utils.getKeypairTxSigningCallback(requiredKey)
   )
 

diff --git a/src/utils.ts b/src/utils.ts
@@ -38,6 +38,7 @@ export const envNames = {
   accountIdType: 'ACCOUNT_ID',
   blockNumberType: 'BLOCK_NUMBER',
   includeWeb3Name: 'INCLUDE_WEB3NAME',
+  dipProofVersion: 'DIP_PROOF_VERSION',
 }
 
 type Defaults = {
@@ -49,6 +50,7 @@ type Defaults = {
   accountIdType: string
   blockNumberType: string
   includeWeb3Name: boolean
+  dipProofVersion: number
 }
 
 export const defaults: Defaults = {
@@ -60,6 +62,7 @@ export const defaults: Defaults = {
   accountIdType: 'AccountId32',
   blockNumberType: 'u64',
   includeWeb3Name: false,
+  dipProofVersion: 0,
 }
 
 export function getKeypairSigningCallback(
@@ -266,6 +269,7 @@ export async function generateSiblingDipTx(
   keyId: Kilt.DidVerificationKey['id'],
   didKeyRelationship: Kilt.VerificationKeyRelationship,
   includeWeb3Name: boolean,
+  version: number,
   sign: Kilt.SignExtrinsicCallback
 ): Promise<Kilt.SubmittableExtrinsic> {
   const signature = await generateDipTxSignature(
@@ -318,13 +322,14 @@ export async function generateSiblingDipTx(
   const { proof: paraStateProof } = await providerApi.rpc.state.getReadProof(
     [
       providerApi.query.dipProvider.identityCommitments.key(
-        Kilt.Did.toChain(did)
+        Kilt.Did.toChain(did),
+        version
       ),
     ],
     previousBlockHash
   )
   console.log(
-    `DIP proof generated for the DID key ${keyId.substring(
+    `DIP proof v${version} generated for the DID key ${keyId.substring(
       1
     )} (${didKeyRelationship}).`
   )
@@ -333,6 +338,7 @@ export async function generateSiblingDipTx(
     (
       (await providerApi.call.dipProvider.generateProof({
         identifier: Kilt.Did.toChain(did),
+        version,
         keys: [keyId.substring(1)],
         accounts: [],
         shouldIncludeWeb3Name: includeWeb3Name,
@@ -344,19 +350,21 @@ export async function generateSiblingDipTx(
   const extrinsic = consumerApi.tx.dipConsumer.dispatchAs(
     Kilt.Did.toChain(did),
     {
-      paraStateRoot: {
-        relayBlockHeight: relayParentBlockHeight,
-        proof: relayProof,
-      },
-      dipIdentityCommitment: paraStateProof,
-      did: {
-        leaves: {
-          blinded: dipProof.proof.blinded,
-          revealed: dipProof.proof.revealed,
+      [`V${version}`]: {
+        paraStateRoot: {
+          relayBlockHeight: relayParentBlockHeight,
+          proof: relayProof,
         },
-        signature: {
-          signature: signature[0],
-          blockNumber: signature[1],
+        dipIdentityCommitment: paraStateProof,
+        did: {
+          leaves: {
+            blinded: dipProof.proof.blinded,
+            revealed: dipProof.proof.revealed,
+          },
+          signature: {
+            signature: signature[0],
+            blockNumber: signature[1],
+          },
         },
       },
     },
@@ -375,6 +383,7 @@ export async function generateParentDipTx(
   keyId: Kilt.DidVerificationKey['id'],
   didKeyRelationship: Kilt.VerificationKeyRelationship,
   includeWeb3Name: boolean,
+  version: number,
   sign: Kilt.SignExtrinsicCallback
 ): Promise<Kilt.SubmittableExtrinsic> {
   const signature = await generateDipTxSignature(
@@ -436,13 +445,14 @@ export async function generateParentDipTx(
   const { proof: paraStateProof } = await providerApi.rpc.state.getReadProof(
     [
       providerApi.query.dipProvider.identityCommitments.key(
-        Kilt.Did.toChain(did)
+        Kilt.Did.toChain(did),
+        version
       ),
     ],
     previousBlockHash
   )
   console.log(
-    `DIP proof generated for the DID key ${keyId.substring(
+    `DIP proof v${version} generated for the DID key ${keyId.substring(
       1
     )} (${didKeyRelationship}).`
   )
@@ -451,6 +461,7 @@ export async function generateParentDipTx(
     (
       (await providerApi.call.dipProvider.generateProof({
         identifier: Kilt.Did.toChain(did),
+        version,
         keys: [keyId.substring(1)],
         accounts: [],
         shouldIncludeWeb3Name: includeWeb3Name,
@@ -462,22 +473,24 @@ export async function generateParentDipTx(
   const extrinsic = relayApi.tx.dipConsumer.dispatchAs(
     Kilt.Did.toChain(did),
     {
-      paraStateRoot: {
-        relayBlockHeight: relayParentBlockHeight,
-        proof: relayProof,
-      },
-      header: {
-        ...header.toJSON(),
-      },
-      dipIdentityCommitment: paraStateProof,
-      did: {
-        leaves: {
-          blinded: dipProof.proof.blinded,
-          revealed: dipProof.proof.revealed,
+      [`V${version}`]: {
+        paraStateRoot: {
+          relayBlockHeight: relayParentBlockHeight,
+          proof: relayProof,
+        },
+        header: {
+          ...header.toJSON(),
         },
-        signature: {
-          signature: signature[0],
-          blockNumber: signature[1],
+        dipIdentityCommitment: paraStateProof,
+        did: {
+          leaves: {
+            blinded: dipProof.proof.blinded,
+            revealed: dipProof.proof.revealed,
+          },
+          signature: {
+            signature: signature[0],
+            blockNumber: signature[1],
+          },
         },
       },
     },