diff --git a/README.md b/README.md index 0191ffe..73c752c 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,7 @@ The following optional env variables can be passed: - `IDENTITY_DETAILS`: The runtime type definition of the identity details stored on the consumer chain, according to the DIP protocol. It defaults to `Option`, which represents a simple (optional) nonce value. - `ACCOUNT_ID`: The runtime type definition of account address on the consumer chain. It defaults to `AccountId32`, which is the default of most Substrate-based chains. Some chains might use `AccountId20`. - `INCLUDE_WEB3NAME`: Wether the web3name of the DID should be added to the DIP proof of not. Values can be anything that is truthy in JS terms. It defaults to `false`. **The proof generation will fail if this value is `true` but the DID does not have a web3name.** +- `DIP_PROOF_VERSION`: The version of the DIP proof to generate and use as part of the extrinsic. It defaults to `0`. As with DID creation, there is no strong requirement on what other variables must be set. Depending on the expected key to be used to sign the call, the right mnemonic or the right base mnemonic + derivation path must be provided. @@ -111,6 +112,7 @@ The following optional env variables can be passed: - `IDENTITY_DETAILS`: The runtime type definition of the identity details stored on the consumer chain, according to the DIP protocol. It defaults to `Option`, which represents a simple (optional) nonce value. - `ACCOUNT_ID`: The runtime type definition of account address on the consumer chain. It defaults to `AccountId32`, which is the default of most Substrate-based chains. Some chains might use `AccountId20`. - `INCLUDE_WEB3NAME`: Wether the web3name of the DID should be added to the DIP proof of not. Values can be anything that is truthy in JS terms. It defaults to `false`. **The proof generation will fail if this value is `true` but the DID does not have a web3name.** +- `DIP_PROOF_VERSION`: The version of the DIP proof to generate and use as part of the extrinsic. It defaults to `0`. As with DID creation, there is no strong requirement on what other variables must be set. Depending on the expected key to be used to sign the call, the right mnemonic or the right base mnemonic + derivation path must be provided. diff --git a/src/dip-parent-sign.ts b/src/dip-parent-sign.ts index 946bfff..344aede 100644 --- a/src/dip-parent-sign.ts +++ b/src/dip-parent-sign.ts @@ -66,6 +66,15 @@ async function main() { ) } + // eslint-disable-next-line max-len + const dipProofVersion = (() => { + if (process.env[utils.envNames.dipProofVersion] !== undefined) { + return parseInt(process.env[utils.envNames.dipProofVersion] as string) + } else { + return utils.defaults.dipProofVersion + } + })() + const providerApi = await ApiPromise.create({ provider: new WsProvider(providerWsAddress), runtime: dipProviderCalls, @@ -89,6 +98,7 @@ async function main() { didKeyId, verificationMethod, includeWeb3Name, + dipProofVersion, utils.getKeypairTxSigningCallback(requiredKey) ) diff --git a/src/dip-sibling-sign.ts b/src/dip-sibling-sign.ts index 4ce8a5c..8cfd545 100644 --- a/src/dip-sibling-sign.ts +++ b/src/dip-sibling-sign.ts @@ -73,6 +73,15 @@ async function main() { ) } + // eslint-disable-next-line max-len + const dipProofVersion = (() => { + if (process.env[utils.envNames.dipProofVersion] !== undefined) { + return parseInt(process.env[utils.envNames.dipProofVersion] as string) + } else { + return utils.defaults.dipProofVersion + } + })() + const providerApi = await ApiPromise.create({ provider: new WsProvider(providerWsAddress), runtime: dipProviderCalls, @@ -97,6 +106,7 @@ async function main() { didKeyId, verificationMethod, includeWeb3Name, + dipProofVersion, utils.getKeypairTxSigningCallback(requiredKey) ) diff --git a/src/utils.ts b/src/utils.ts index 97de1cb..5c55b7e 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -38,6 +38,7 @@ export const envNames = { accountIdType: 'ACCOUNT_ID', blockNumberType: 'BLOCK_NUMBER', includeWeb3Name: 'INCLUDE_WEB3NAME', + dipProofVersion: 'DIP_PROOF_VERSION', } type Defaults = { @@ -49,6 +50,7 @@ type Defaults = { accountIdType: string blockNumberType: string includeWeb3Name: boolean + dipProofVersion: number } export const defaults: Defaults = { @@ -60,6 +62,7 @@ export const defaults: Defaults = { accountIdType: 'AccountId32', blockNumberType: 'u64', includeWeb3Name: false, + dipProofVersion: 0, } export function getKeypairSigningCallback( @@ -266,6 +269,7 @@ export async function generateSiblingDipTx( keyId: Kilt.DidVerificationKey['id'], didKeyRelationship: Kilt.VerificationKeyRelationship, includeWeb3Name: boolean, + version: number, sign: Kilt.SignExtrinsicCallback ): Promise { const signature = await generateDipTxSignature( @@ -318,13 +322,14 @@ export async function generateSiblingDipTx( const { proof: paraStateProof } = await providerApi.rpc.state.getReadProof( [ providerApi.query.dipProvider.identityCommitments.key( - Kilt.Did.toChain(did) + Kilt.Did.toChain(did), + version ), ], previousBlockHash ) console.log( - `DIP proof generated for the DID key ${keyId.substring( + `DIP proof v${version} generated for the DID key ${keyId.substring( 1 )} (${didKeyRelationship}).` ) @@ -333,6 +338,7 @@ export async function generateSiblingDipTx( ( (await providerApi.call.dipProvider.generateProof({ identifier: Kilt.Did.toChain(did), + version, keys: [keyId.substring(1)], accounts: [], shouldIncludeWeb3Name: includeWeb3Name, @@ -344,19 +350,21 @@ export async function generateSiblingDipTx( const extrinsic = consumerApi.tx.dipConsumer.dispatchAs( Kilt.Did.toChain(did), { - paraStateRoot: { - relayBlockHeight: relayParentBlockHeight, - proof: relayProof, - }, - dipIdentityCommitment: paraStateProof, - did: { - leaves: { - blinded: dipProof.proof.blinded, - revealed: dipProof.proof.revealed, + [`V${version}`]: { + paraStateRoot: { + relayBlockHeight: relayParentBlockHeight, + proof: relayProof, }, - signature: { - signature: signature[0], - blockNumber: signature[1], + dipIdentityCommitment: paraStateProof, + did: { + leaves: { + blinded: dipProof.proof.blinded, + revealed: dipProof.proof.revealed, + }, + signature: { + signature: signature[0], + blockNumber: signature[1], + }, }, }, }, @@ -375,6 +383,7 @@ export async function generateParentDipTx( keyId: Kilt.DidVerificationKey['id'], didKeyRelationship: Kilt.VerificationKeyRelationship, includeWeb3Name: boolean, + version: number, sign: Kilt.SignExtrinsicCallback ): Promise { const signature = await generateDipTxSignature( @@ -436,13 +445,14 @@ export async function generateParentDipTx( const { proof: paraStateProof } = await providerApi.rpc.state.getReadProof( [ providerApi.query.dipProvider.identityCommitments.key( - Kilt.Did.toChain(did) + Kilt.Did.toChain(did), + version ), ], previousBlockHash ) console.log( - `DIP proof generated for the DID key ${keyId.substring( + `DIP proof v${version} generated for the DID key ${keyId.substring( 1 )} (${didKeyRelationship}).` ) @@ -451,6 +461,7 @@ export async function generateParentDipTx( ( (await providerApi.call.dipProvider.generateProof({ identifier: Kilt.Did.toChain(did), + version, keys: [keyId.substring(1)], accounts: [], shouldIncludeWeb3Name: includeWeb3Name, @@ -462,22 +473,24 @@ export async function generateParentDipTx( const extrinsic = relayApi.tx.dipConsumer.dispatchAs( Kilt.Did.toChain(did), { - paraStateRoot: { - relayBlockHeight: relayParentBlockHeight, - proof: relayProof, - }, - header: { - ...header.toJSON(), - }, - dipIdentityCommitment: paraStateProof, - did: { - leaves: { - blinded: dipProof.proof.blinded, - revealed: dipProof.proof.revealed, + [`V${version}`]: { + paraStateRoot: { + relayBlockHeight: relayParentBlockHeight, + proof: relayProof, + }, + header: { + ...header.toJSON(), }, - signature: { - signature: signature[0], - blockNumber: signature[1], + dipIdentityCommitment: paraStateProof, + did: { + leaves: { + blinded: dipProof.proof.blinded, + revealed: dipProof.proof.revealed, + }, + signature: { + signature: signature[0], + blockNumber: signature[1], + }, }, }, },