V3.0.0 (#342)

* new universal verifier multi-query

* Discussion results

* Discussion results 2

* update universal verifier multi query

* remove ZKP

* add auth validators

* Broader discussion results

* Add agreed universal verifier solution

* update universal verifier multi query with agreed design

* query status and submit response

* get request type from 30 byte of the requestId

* add EthIdentityValidator

* updates from review

* Discussion result

* updates from discussion

* check response field values from linked response fields

* fix some errors in compilation

* test universal verifier multi-query

* different validators for sig and authv2

* check specific storage values

* overrides solidity compiler optimizations for specific contract

* remove some methods

* fix solhint

* update from discussion

* set group of requests and check linkID

* fix solhint

* updates from review

* fix cyclomatic-complexity

* some fixes from review

* updates from tech spec

* add auth validator stub and fix test

* add changes for user authentication structs

* fix solhint

* reestructure link between userID and address and mapping for authentication timestamp

* auth proofs different structure

* add custom errors to UniversalVerifierMultiQuery

* add __gap in proofs storage for future updates and array of proofs for history

* param names in returned structs from solidity

* Initial verifier authentication (#323)

Co-authored-by: daveroga <[email protected]>

* updates for iteration 2

* fix test multi-query

* update verifiers tests

* fix validators tests and solhint

* partial changes review

* override _setRequest to avoid loops and fix solhint

* remove embedded zkp verifier

* update Query to MultiRequest

* update submitResponse

* fix solhint

* address centered model instead of userID and some fixes

* fix solhint and custom errors

* updates from review

* check grouped requests 2 requests at least

* fix error cyclomatic-complexity from solhint

* move _state in storage

* check link responses with bool

* fix solhint

* remove history in proofs from requests

* check nullifierSessionID on request creation

* fix cyclomatic-complexity in solhint

* check verifierID in requests for V3

* add test for authv2 validator

* Feature/pid 2720 implement linked multi query validator (#328)

* WIP

* WIP 2: LinkedMultiQueryValidator

* Fix compilation

* Fix compilation after merge

* First working test

* Fix after merge

* New Verifier tests

* fix ownable upgradeable like the other validator contracts

* fix solhint compiler version >=0.7.0 <0.9.0 does not satisfy the >=0.8.4 semver requirement

---------

Co-authored-by: daveroga <[email protected]>

* update tests with updated stub validator

* check requestId correctness

* add logic from skip tests in verifier test

* add auth validator stub set verify results method

* idType for verifier and some updates to verifier test

* fix enumerable and check existence in proof response fields

* fix requestId calculation

* remove specific multi-request test that now is included in verifier test

* add test wrappers and tests for RequestDisableable, RequestOwnership and validatorWhitelist

* increase coverage

* updates from review

* reorganize universal verifier tests

* test all the events from universal verifier

* add embedded verifier test

* some fixes and increase coverage

* increase coverage

* Integration tests (#332)

* LinkedMultiQuery small fixes

* Add more linked multi query tests

* Improve Linked Multi Query tests

* Scaffold verifier integration-test

* WIP

* Fix getValidatorVerification helpers method

* Fix lmk10 groth16 wrapper in constants

* Remove console from Verifier.sol

* Fix lmk tests

* update multi-request integration test

* check multi-request components exist

* small general updates

* fix solhint

* remove VerifierLib and move functionality to Verifier

* fix solhint

* update missing unified addresses for validators

* add test to calculate create2 proxy addresses

* update test script to check unified addresses for all the contracts

* fix create2Calldata statelib

* update unified address for some contracts

* remove ICircuitValidator references

* move getters for storage data back to the beginning

* resolve solhint warnings

* update from review comments

* update AuthV2Validator

* add function getResponseFields to verifier

* Remove unused tests and comments

* updates from review

* update requestId calculation

* fix solhint

* update RequestStatus for RequestProofStatus

* more updates from review

* more updates from review

* change AuthType to AuthMethod

* precalculate keccack256 of field names

* solve solhint warning explicit type

* fix solhint warnings

* fix solhint warnings for custom errors

* fix circuitId for linkedMultiQuery10-beta.1

* comment requestId calculation

* v3.0.0

* remove unused verifier contracts and some renaming in fields

* Remove obsolete TODO comment

* fix smtlib unified address and solhint warning

* Hotfix deployValidators.ts script

* Fix: Check V3 query in request group (#348)

* fix: patch hardhat ledger in general way + fix vulnerabilities (#344)

* patch hardhat ledger in general way + fix vulnerabilities

* control error in eth_accounts

* fix @openzeppelin/hardhat-upgrades to version 3.0.5

* update readme for patch fix

* fix upgrade safe error in universal verifier (#345)

* audit fix: payERC20Permit is vulnerable to DOS via frontrunning (#347)

* audit fix: payERC20Permit is vulnerable to DOS via frontrunning

* bump version

* Fix: check claim existence when adding a new claim (#346)

* check claim existence when adding a new claim

* fix solhint

* update package version

* update according to conventions and param for custom error

* check userID in response fields

* fix identityLib

* fix bool

* check inputIndexOf for userID at least in 1 request

* fix cyclomatic-complexity in solhint

* private function following conventions

* check requests with and without group for userID input

* fix constants for userID

---------

Co-authored-by: volodymyr-basiuk <[email protected]>

* Fix linkID != 0 in grouped request proofs (#349)

* Fix linkID != 0 in grouped request proofs

* Fix linter errors

* Fix auth method enable check

* Reduce optimizer runs to shrink code size

* Check if auth method can be disabled by only owner

* Audit: Simplify getRequestParams + setRequests front-running protection (#350)

* simplify getRequestParams

* protect request creation from front-running

* add test InvalidRequestOwner

* fix comments

* check request owner in verifier and override it in universal verifier

* remove unnecessary deployment cross-chain verifier script for testing

* small updates

* fix solhint

* Adjust verification interfaces for future upgrades (#353)

* add rawValue to ResponseField and update verify params

* reorganize _checkRequestOwner internal method

* reduce memory variables in validators verify method

* Enforce groupID to be hash generated from its requestIds (#355)

* add rawValue to ResponseField and update verify params

* reorganize _checkRequestOwner internal method

* reduce memory variables in validators verify method

* calculate groupID as hash of requestIds

* helper functions and groupInfo struct

* Small renaming

* Fix comment

---------

Co-authored-by: Andriian Chestnykh <[email protected]>

* Refactor Validators (#354)

* Refactor Validators

* Additional checks in _setGroth16Verifier()

* Remove requestParamIndexOf() method

* Disable initializers in all upgradeable contracts

* Fix exports

* Constants renaming

* Renaming

* Rename verifer test

* Simplify _checkLinkID code

* Simplify _checkRequestOwner code

* Update check for groupID and linkID

* Fix check-unified-addresses.test.ts

* Hash based multiRequestId

* Fix tests

* Update Ignition modules for constant Proxy bytecode

* Bump validator versions and target deploy addresses (#360)

* Bump validator versions and target deploy addresses

* Fix contract version

* Fix naming

* Clean up deployUniversalVerifier.ts

* Add Eth Identity Validator deployment via ignition script

* Deployment to Billions Testnet (#361)

* deployment libraries to billions testnet

* add chainIdInfoMap for Billions

* Remove artifacts

* State Contract Deployment to billions-test artifacts

* State Contract Deployment to billions-test artifacts

* State Contract Deployment to billions-test artifacts

* update verification params for billions network

* update billions main chainid

---------

Co-authored-by: Andriian Chestnykh <[email protected]>
Co-authored-by: Oleksandr Brezhniev <[email protected]>

* Modify EthIdentityValidatorModule

* EthIdentityValidator test

* EthIdentityValidator to use GenesisUtils.getIdType

* Remove state link from EthIdentityValidator

* Get idType via GenesisUtils.getIdType(..) in V3 validator

* Rename lmk to lmq

* Fix linter

* Fix deploy scripts for validators

* Remove obsolete files after merge

* Put audit report into Readme

---------

Co-authored-by: Andriian Chestnykh <[email protected]>
Co-authored-by: Andriian Chestnykh <[email protected]>
Co-authored-by: volodymyr-basiuk <[email protected]>
Co-authored-by: Oleksandr Brezhniev <[email protected]>

Author: 4 people

.openzeppelin/unknown-6913.json

@@ -7,11 +7,6 @@
 **/lib/VerifierStateTransition.sol
 **/lib/VerifierV3.sol
 **/lib/VerifierV3Wrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierMTP.sol
-**/lib/groth16-verifiers/Groth16VerifierMTPWrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierSig.sol
-**/lib/groth16-verifiers/Groth16VerifierSigWrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierStateTransition.sol
-**/lib/groth16-verifiers/Groth16VerifierV3.sol
-**/lib/groth16-verifiers/Groth16VerifierV3Wrapper.sol
+**/lib/groth16-verifiers
 **/node_modules
+

.solhintignore

@@ -60,6 +60,9 @@ We have deployed contracts across the following mainnets and testnets so far (**
 2. [Nethermind](https://www.nethermind.io/smart-contract-audits) has performed a second security audit of our core smart contracts (State, IdentityBase, GenesisUtils, OnChainIdentity) and compiled a report on Sep 13, 2023:
    [NM0113-FINAL-POLYGONID.pdf](https://iden3-circuits-bucket.s3.eu-west-1.amazonaws.com/audit_reports/NM0113-FINAL-POLYGONID.pdf)
 
+3. [Nethermind](https://www.nethermind.io/smart-contract-audits) has performed a third security audit of our core smart contracts (all contracts in cross-chain/*, payment/*, verifiers/* and validators/* folders) and compiled a report on Apr 4, 2025:
+   [NM_0379_Final_PRIVADO_iD.pdf](https://iden3-circuits-bucket.s3.eu-west-1.amazonaws.com/audit_reports/NM_0379_Final_PRIVADO_iD.pdf)
+
 ## Deployment methodology with CREATE2 and ledger
 
 Note, that this methodology is not what expected to be used by the repository users as its purpose is mainly for our team to deploy and maintain the contracts across many networks in a unified way. However, it can be used as a reference for the deployment process.

README.md

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
+error TheContractIsDisabled();
+
 /// @title This contract as a dummy implementation for Proxy contract if we need to revert all calls
 // This can be applied to disable all methods of a proxy contract with explicit error message
 contract AlwaysRevert {
     fallback() external payable {
-        revert("The contract is disabled");
+        revert TheContractIsDisabled();
     }
 }

contracts/AlwaysRevert.sol

@@ -1,4 +1,6 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
+/* solhint-disable no-empty-blocks */
 contract Create2AddressAnchor {}
+/* solhint-enable no-empty-blocks */

contracts/Create2AddressAnchor.sol

@@ -6,6 +6,13 @@ import {ICrossChainProofValidator} from "../interfaces/ICrossChainProofValidator
 import {IState} from "../interfaces/IState.sol";
 import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
 
+error IdentityStateProofInvalid();
+error GlobalStateProofInvalid();
+error GlobalStateProofSigningAddressInvalid(address recovered);
+error IdentityStateProofSigningAddressInvalid(address recovered);
+error OracleTimestampCannotBeInThePast();
+error OracleReplacedAtTimestampCannotBeInTheFuture();
+
 /**
  * @dev Contract which provides proof validation from identity state
  * and global state proofs from trusted oracle with signature from any network.
@@ -93,11 +100,12 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
             gsu.globalStateMsg,
             gsu.signature
         );
-        require(isValid, "Global state proof is not valid");
-        require(
-            recovered == _oracleSigningAddress,
-            "Global state proof signing address is not valid"
-        );
+        if (!isValid) {
+            revert GlobalStateProofInvalid();
+        }
+        if (recovered != _oracleSigningAddress) {
+            revert GlobalStateProofSigningAddressInvalid(recovered);
+        }
 
         return
             IState.GlobalStateProcessResult({
@@ -127,11 +135,12 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
             isu.idStateMsg,
             isu.signature
         );
-        require(isValid, "Identity state proof is not valid");
-        require(
-            recovered == _oracleSigningAddress,
-            "Identity state proof signing address is not valid"
-        );
+        if (!isValid) {
+            revert IdentityStateProofInvalid();
+        }
+        if (recovered != _oracleSigningAddress) {
+            revert IdentityStateProofSigningAddressInvalid(recovered);
+        }
 
         return
             IState.IdentityStateProcessResult({
@@ -223,13 +232,13 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
         uint256 replacedAtTimestamp
     ) internal view returns (uint256 replacedAt) {
         if (oracleTimestamp < block.timestamp - MAX_TIMESTAMP_LAG) {
-            revert("Oracle timestamp cannot be in the past");
+            revert OracleTimestampCannotBeInThePast();
         }
 
         replacedAt = replacedAtTimestamp == 0 ? oracleTimestamp : replacedAtTimestamp;
 
         if (replacedAt > block.timestamp + MAX_REPLACED_AT_AHEAD_OF_TIME) {
-            revert("Oracle replacedAtTimestamp or oracle timestamp cannot be in the future");
+            revert OracleReplacedAtTimestampCannotBeInTheFuture();
         }
 
         // this should never happen as block.timestamp is always greater than 0

contracts/cross-chain/CrossChainProofValidator.sol

@@ -8,6 +8,11 @@ import {IOnchainCredentialStatusResolver} from "../interfaces/IOnchainCredential
 import {IRHSStorage} from "../interfaces/IRHSStorage.sol";
 import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 
+error NodeNotFound();
+error InvalidStateNode();
+error InvalidNodeType();
+error UnsupportedLength();
+
 /**
  * @dev Contract which provides onchain Reverse Hash Service (RHS)
  * for checking revocation status of claims.
@@ -40,10 +45,12 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
 
     // keccak256(abi.encode(uint256(keccak256("iden3.storage.IdentityTreeStore.ReverseHashLibData")) - 1)) &
     //    ~bytes32(uint256(0xff));
+    // solhint-disable-next-line const-name-snakecase
     bytes32 private constant ReverseHashLibDataStorageLocation =
         0x0f7e3bdc6cc0e880d509aa1f6b8d1a88e5fcb7274e18dfba772424a36fe9b400;
 
     function _getReverseHashLibDataStorage() private pure returns (ReverseHashLib.Data storage $) {
+        // solhint-disable-next-line no-inline-assembly
         assembly {
             $.slot := ReverseHashLibDataStorageLocation
         }
@@ -55,6 +62,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
     }
 
     // keccak256(abi.encode(uint256(keccak256("iden3.storage.IdentityTreeStore.Main")) - 1)) & ~bytes32(uint256(0xff));
+    // solhint-disable-next-line const-name-snakecase
     bytes32 private constant IdentityTreeStoreMainStorageLocation =
         0x95ca427007e091a13a7ccfcb233b8a2ed19d987330a248c445b1b483a35bb800;
 
@@ -64,6 +72,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         pure
         returns (IdentityTreeStoreMainStorage storage $)
     {
+        // solhint-disable-next-line no-inline-assembly
         assembly {
             $.slot := IdentityTreeStoreMainStorageLocation
         }
@@ -96,7 +105,9 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
      */
     function getNode(uint256 key) public view returns (uint256[] memory) {
         uint256[] memory preim = _getReverseHashLibDataStorage().getPreimage(key);
-        require(preim.length > 0, "Node not found");
+        if (preim.length == 0) {
+            revert NodeNotFound();
+        }
         return preim;
     }
 
@@ -122,6 +133,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
      * @return CredentialStatus
      */
     function getRevocationStatusByIdAndState(
+        // solhint-disable-next-line no-unused-vars
         uint256 id,
         uint256 state,
         uint64 nonce
@@ -134,7 +146,9 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         uint64 nonce
     ) internal view returns (CredentialStatus memory) {
         uint256[] memory roots = getNode(state);
-        require(_nodeType(roots) == NodeType.State, "Invalid state node");
+        if (_nodeType(roots) != NodeType.State) {
+            revert InvalidStateNode();
+        }
 
         CredentialStatus memory status = CredentialStatus({
             issuer: IdentityStateRoots({
@@ -200,7 +214,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
                     proof.siblings[i] = children[1];
                 }
             } else {
-                revert("Invalid node type");
+                revert InvalidNodeType();
             }
         }
 
@@ -234,6 +248,6 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         if (preimage.length == 3) {
             return PoseidonUnit3L.poseidon([preimage[0], preimage[1], preimage[2]]);
         }
-        revert("Unsupported length");
+        revert UnsupportedLength();
     }
 }

contracts/identitytreestore/IdentityTreeStore.sol

@@ -1,7 +1,9 @@
-// SPDX-License-Identifier: UNLICENSED
+// SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
 // We import these here to force Hardhat to compile them.
 // This ensures that their artifacts are available for Hardhat Ignition to use.
+/* solhint-disable no-unused-import */
 import {ProxyAdmin} from "@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol";
 import {TransparentUpgradeableProxy} from "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
+/* solhint-enable no-unused-import */

contracts/imports.sol

@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: GPL-3.0
+pragma solidity 0.8.27;
+
+/**
+ * @dev IAuthValidator. Interface for verification of auth data.
+ */
+interface IAuthValidator {
+    /**
+     * @dev AuthResponseField. Information about response fields from verification. Used in verify function.
+     * @param name Name of the response field
+     * @param value Value of the response field
+     */
+    struct AuthResponseField {
+        string name;
+        uint256 value;
+    }
+
+    /**
+     * @dev Get version of the contract
+     */
+    function version() external view returns (string memory);
+
+    /**
+     * @dev Verify the proof with the supported method informed in the auth query data
+     * packed as bytes and that the proof was generated by the sender.
+     * @param sender Sender of the proof.
+     * @param proof Proof packed as bytes to verify.
+     * @param params Request query data of the credential to verify.
+     * @return userID User Id for the auth proof verified and response fields.
+     * @return authResponseFields Additional response fields.
+     */
+    function verify(
+        address sender,
+        bytes calldata proof,
+        bytes calldata params
+    ) external returns (uint256 userID, AuthResponseField[] memory authResponseFields);
+}

contracts/interfaces/IAuthValidator.sol

@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: GPL-3.0
+pragma solidity 0.8.27;
+
+/**
+ * @dev IGroth16Verifier. Interface for verification of groth16 proofs.
+ */
+interface IGroth16Verifier {
+    /**
+     * @dev Verify the circuit with the groth16 proof π=([πa]1,[πb]2,[πc]1).
+     * @param a πa element of the groth16 proof.
+     * @param b πb element of the groth16 proof.
+     * @param c πc element of the groth16 proof.
+     * @param signals Public inputs and outputs of the circuit.
+     * @return r true if the proof is verified.
+     */
+    function verify(
+        uint256[2] calldata a,
+        uint256[2][2] calldata b,
+        uint256[2] calldata c,
+        uint256[] calldata signals
+    ) external view returns (bool r);
+}