Skip to content

Add embeddedAuth method to Universal Verifier #388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Add embeddedAuth method to Universal Verifier #388

wants to merge 8 commits into from

Conversation

daveroga
Copy link
Contributor

@daveroga daveroga commented Jul 24, 2025
edited
Loading

Currently we check Auth in both authResponse with authV2 method (authV2 circuit) and all the responses for request validators (on-chain credential query validator circuits).

We will add a embeddedAuth auth method for the authResponse that won’t verify the auth proof because we already are verifying embedded auth in responses for on-chain circuits now.

This will allow:

  • Save some gas in submitResponse for verification
  • Verify in some networks like Aurora that have a maximum gas limit that we are exceeding now verifying both authResponse and responses proofs.

@daveroga daveroga requested a review from Copilot July 24, 2025 15:46
Copilot

This comment was marked as outdated.

Sign in to view

@daveroga daveroga marked this pull request as draft July 25, 2025 10:49
Copilot

This comment was marked as outdated.

Sign in to view

@daveroga daveroga changed the title Add noAuth method to Universal Verifier Add embeddedAuth method to Universal Verifier Jul 28, 2025
@coveralls
Copy link

coveralls commented Jul 29, 2025
edited
Loading

Pull Request Test Coverage Report for Build 16730527758

Details

  • 35 of 39 (89.74%) changed or added relevant lines in 4 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.03%) to 85.646%
Changes Missing Coverage Covered Lines Changed/Added Lines %
contracts/lib/VerifierLib.sol 10 12 83.33%
contracts/verifiers/Verifier.sol 22 24 91.67%
Totals Coverage Status
Change from base Build 16500450462: 0.03%
Covered Lines: 1396
Relevant Lines: 1529
💛 - Coveralls

@daveroga daveroga marked this pull request as ready for review July 29, 2025 15:01
@OBrezhniev OBrezhniev requested a review from Copilot August 4, 2025 16:26
Copilot
Copilot AI reviewed Aug 4, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces an embeddedAuth authentication method to the Universal Verifier system, which skips verification of the auth proof since embedded authentication is already verified within request validator circuits. This optimization reduces gas consumption and enables deployment on networks with strict gas limits like Aurora.

Key changes:

  • Added embeddedAuth authentication method that uses zero address as validator
  • Modified validators to include isEmbeddedAuthVerified response field
  • Updated verifier logic to handle embedded authentication validation
  • Added Aurora network configuration and testing infrastructure

Reviewed Changes

Copilot reviewed 23 out of 24 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
contracts/verifiers/Verifier.sol Core logic for handling embeddedAuth method and validating embedded auth in responses
contracts/validators/request/*.sol Added isEmbeddedAuthVerified response field to all request validators
contracts/lib/VerifierLib.sol Added utility functions for checking embedded auth verification
test/validators/*/index.ts Updated test expectations to account for additional response field
scripts/deploy/*.ts Added embeddedAuth method setup in deployment scripts
hardhat.config.ts Added Aurora network configuration
Comments suppressed due to low confidence (1)

package.json:15

  • The version constraint ^1.32.4 uses a caret which may include versions that don't exist yet. Consider using a more specific version range or verify this version exists.
    "@0xpolygonid/js-sdk": "^1.32.4",

contracts/verifiers/Verifier.sol Outdated
@@ -267,35 +271,21 @@ abstract contract Verifier is IVerifier, ContextUpgradeable {
// 1. Process crossChainProofs
$._state.processCrossChainProofs(crossChainProofs);

// 2. Authenticate user and get userID
uint256 userIDFromAuthResponse;
Copy link
Preview

Copilot AI Aug 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Variable userIDFromAuthResponse is declared but when embeddedAuth method is used, it remains uninitialized (0) until the first response is processed. This could cause issues if no responses are provided or if the first response doesn't contain a userID.

Copilot uses AI. Check for mistakes.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@daveroga please initialize it with 0 explicitly

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@OBrezhniev OBrezhniev Awaiting requested review from OBrezhniev

@vmidyllic vmidyllic Awaiting requested review from vmidyllic

@volodymyr-basiuk volodymyr-basiuk Awaiting requested review from volodymyr-basiuk

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@daveroga @coveralls @OBrezhniev