Fix audit anchor

soerenbf · soerenbf · commit 00840b4c4ad9 · 2025-10-17T15:42:15.000+02:00
diff --git a/packages/sdk/src/wasm/VerifiablePresentationV1/audit/private.ts b/packages/sdk/src/wasm/VerifiablePresentationV1/audit/private.ts
@@ -1,4 +1,5 @@
 import { Buffer } from 'buffer/index.js';
+import _JB from 'json-bigint';
 
 import { ConcordiumGRPCClient } from '../../../grpc/index.js';
 import { sha256 } from '../../../hash.js';
@@ -13,6 +14,8 @@ import {
 import { AccountAddress, DataBlob, TransactionExpiry, TransactionHash } from '../../../types/index.js';
 import { VerifiablePresentationRequestV1, VerifiablePresentationV1, VerificationAuditRecord } from '../index.js';
 
+const JSONBig = _JB({ alwaysParseAsBig: true, useNativeBigInt: true });
+
 class PrivateVerificationAuditRecord {
     public readonly type = 'ConcordiumVerificationAuditRecord';
     public readonly version = 1;
@@ -52,8 +55,8 @@ export function fromJSON(json: JSON): PrivateVerificationAuditRecord {
 }
 
 export function toPublic(record: PrivateVerificationAuditRecord, info?: string): VerificationAuditRecord.Type {
-    const message = Buffer.from(JSON.stringify(record)); // TODO: replace this with proper hashing.. properly from @concordium/rust-bindings
-    const hash = sha256([message]);
+    const message = Buffer.from(JSONBig.stringify(record)); // TODO: replace this with proper hashing.. properly from @concordium/rust-bindings
+    const hash = Uint8Array.from(sha256([message]));
     return VerificationAuditRecord.create(hash, info);
 }
 
@@ -72,8 +75,7 @@ export async function registerPublicRecord(
     };
 
     const publicRecord = toPublic(privateRecord, info);
-    const data = new DataBlob(publicRecord.toBytes());
-    const payload: RegisterDataPayload = { data };
+    const payload: RegisterDataPayload = { data: new DataBlob(VerificationAuditRecord.createAnchor(publicRecord)) };
     const accountTransaction: AccountTransaction = {
         header: header,
         payload,
diff --git a/packages/sdk/src/wasm/VerifiablePresentationV1/audit/public.ts b/packages/sdk/src/wasm/VerifiablePresentationV1/audit/public.ts
@@ -1,4 +1,7 @@
-import { HexString, cborEncode } from '../../../index.js';
+import { Buffer } from 'buffer/index.js';
+
+import { HexString } from '../../../types.js';
+import { cborDecode, cborEncode } from '../../../types/cbor.js';
 
 class VerificationAuditRecord {
     constructor(
@@ -11,10 +14,6 @@ class VerificationAuditRecord {
         if (this.info !== undefined) json.info = this.info;
         return json;
     }
-
-    public toBytes(): Uint8Array {
-        return cborEncode(this.toJSON());
-    }
 }
 
 export type Type = VerificationAuditRecord;
@@ -25,9 +24,41 @@ export type JSON = {
 };
 
 export function fromJSON(json: JSON): VerificationAuditRecord {
-    return new VerificationAuditRecord(Buffer.from(json.hash, 'hex'), json.info);
+    return new VerificationAuditRecord(Uint8Array.from(Buffer.from(json.hash, 'hex')), json.info);
 }
 
 export function create(hash: Uint8Array, info?: string): VerificationAuditRecord {
     return new VerificationAuditRecord(hash, info);
 }
+
+export type AnchorData = {
+    type: 'CCDVAA';
+    version: number;
+    hash: Uint8Array;
+    public?: string;
+};
+
+export function createAnchor(value: VerificationAuditRecord, publicInfo?: string): Uint8Array {
+    const data: AnchorData = {
+        type: 'CCDVAA',
+        version: 1,
+        hash: value.hash,
+        public: publicInfo,
+    };
+    return cborEncode(data);
+}
+
+export function decodeAnchor(cbor: Uint8Array): AnchorData {
+    const value = cborDecode(cbor);
+    console.log(value);
+    if (typeof value !== 'object' || value === null) throw new Error('Expected a cbor encoded object');
+    // required fields
+    if (!('type' in value) || value.type !== 'CCDVAA') throw new Error('Expected "type" to be "CCDVAA"');
+    if (!('version' in value) || typeof value.version !== 'number')
+        throw new Error('Expected "version" to be a number');
+    if (!('hash' in value) || !(value.hash instanceof Uint8Array))
+        throw new Error('Expected "hash" to be a Uint8Array');
+    // optional fields
+    if ('public' in value && typeof value.public !== 'string') throw new Error('Expected "public" to be a string');
+    return value as AnchorData;
+}
diff --git a/packages/sdk/src/wasm/VerifiablePresentationV1/proof.ts b/packages/sdk/src/wasm/VerifiablePresentationV1/proof.ts
@@ -7,7 +7,6 @@ import {
     AttributeKey,
     ConcordiumGRPCClient,
     CryptographicParameters,
-    DataBlob,
     HexString,
     Network,
     TransactionKindString,
diff --git a/packages/sdk/test/ci/wasm/VerifiablePresentationV1.test.ts b/packages/sdk/test/ci/wasm/VerifiablePresentationV1.test.ts
diff --git a/packages/sdk/test/ci/wasm/VerificationAuditRecord.test.ts b/packages/sdk/test/ci/wasm/VerificationAuditRecord.test.ts
@@ -0,0 +1,117 @@
+import _JB from 'json-bigint';
+
+import {
+    PrivateVerificationAuditRecord,
+    VerifiablePresentationRequestV1,
+    VerifiablePresentationV1,
+    VerificationAuditRecord,
+} from '../../../src/index.ts';
+
+const JSONBig = _JB({ alwaysParseAsBig: true, useNativeBigInt: true });
+
+const PRESENTATION_REQUEST = VerifiablePresentationRequestV1.fromJSON({
+    requestContext: {
+        type: 'ConcordiumContextInformationV1',
+        given: [
+            { label: 'Nonce', context: '00010203' },
+            { label: 'ConnectionID', context: '0102010201020102010201020102010201020102010201020102010201020102' },
+            { label: 'ContextString', context: 'Wine payment' },
+        ],
+        requested: ['BlockHash', 'ResourceID'],
+    },
+    credentialStatements: [
+        {
+            idQualifier: {
+                type: 'sci',
+                issuers: [
+                    { index: 2101n, subindex: 0n },
+                    { index: 1337n, subindex: 42n },
+                ] as any,
+            },
+            statement: [
+                { type: 'AttributeInRange', attributeTag: 'b', lower: 80n, upper: 1237n } as any,
+                { type: 'AttributeInSet', attributeTag: 'c', set: ['aa', 'ff', 'zz'] },
+            ],
+        },
+        {
+            idQualifier: { type: 'id', issuers: [0, 1, 2] },
+            statement: [{ type: 'RevealAttribute', attributeTag: 'firstName' }],
+        },
+    ],
+    transactionRef: '0102030401020304010203040102030401020304010203040102030401020304',
+});
+
+const PRESENTATION = VerifiablePresentationV1.fromJSON({
+    presentationContext: {
+        type: 'ConcordiumContextInformationV1',
+        given: [
+            { label: 'Nonce', context: '00010203' },
+            { label: 'ConnectionID', context: '0102010201020102010201020102010201020102010201020102010201020102' },
+            { label: 'ContextString', context: 'Wine payment' },
+        ],
+        requested: [
+            { label: 'BlockHash', context: '0101010101010101010101010101010101010101010101010101010101010101' },
+            { label: 'ResourceID', context: 'https://compliant.shop' },
+        ],
+    },
+    verifiableCredential: [
+        {
+            type: ['VerifiableCredential', 'ConcordiumVerifiableCredentialV1', 'ConcordiumIDBasedCredential'],
+            proof: {
+                type: 'ConcordiumZKProofV4',
+                createdAt: '2025-10-17T13:14:14.292Z',
+                proofValue:
+                    '01020102010201020102010201020102010201020102010201020102010201020102010201020102010201020102010201020102010201020102010201020102',
+            },
+            issuer: 'ccd:testnet:idp:0',
+            credentialSubject: {
+                statement: [
+                    { attributeTag: 'dob', lower: '81', type: 'AttributeInRange', upper: '1231' },
+                    { attributeTag: 'firstName', type: 'RevealAttribute' },
+                ],
+                id: '123456123456123456123456123456123456123456123456',
+            },
+        },
+    ],
+    proof: { created: '2025-10-17T13:14:14.290Z', proofValue: [], type: 'ConcordiumWeakLinkingProofV1' },
+});
+
+const PRIVATE_RECORD = PrivateVerificationAuditRecord.create('VERY unique ID', PRESENTATION_REQUEST, PRESENTATION);
+const PUBLIC_RECORD = PrivateVerificationAuditRecord.toPublic(PRIVATE_RECORD, 'some public info?');
+
+describe('PrivateVerificationAuditRecord', () => {
+    it('completes JSON roundtrip', () => {
+        const json = JSONBig.stringify(PRIVATE_RECORD);
+        const roundtrip = PrivateVerificationAuditRecord.fromJSON(JSONBig.parse(json));
+        expect(roundtrip).toEqual(PRIVATE_RECORD);
+    });
+
+    it('creates expected public record', () => {
+        const publicAuditRecord = PrivateVerificationAuditRecord.toPublic(PRIVATE_RECORD, 'some public info?');
+        const expected: VerificationAuditRecord.Type = VerificationAuditRecord.fromJSON({
+            hash: 'fcce3a7222e09bc86f0b4e0186501ff360c5a0abce88b8d1df2aaf7aa3ef8d78',
+            info: 'some public info?',
+        });
+        expect(publicAuditRecord).toEqual(expected);
+    });
+});
+
+describe('VerificationAuditRecord', () => {
+    it('completes JSON roundtrip', () => {
+        const json = JSONBig.stringify(PUBLIC_RECORD);
+        const roundtrip = VerificationAuditRecord.fromJSON(JSONBig.parse(json));
+        expect(roundtrip).toEqual(PUBLIC_RECORD);
+    });
+
+    it('computes the anchor as expected', () => {
+        const anchor = VerificationAuditRecord.createAnchor(PUBLIC_RECORD, 'anchor info');
+        const decoded = VerificationAuditRecord.decodeAnchor(anchor);
+        const expected: VerificationAuditRecord.AnchorData = {
+            type: 'CCDVAA',
+            version: 1,
+            hash: PUBLIC_RECORD.hash,
+            public: 'anchor info',
+        };
+        expect(decoded).toEqual(expected);
+    });
+});
diff --git a/packages/sdk/test/ci/wasm/constants.ts b/packages/sdk/test/ci/wasm/constants.ts
