Fix request anchor

soerenbf · soerenbf · commit 5b3ea256ca5a · 2025-10-17T14:37:43.000+02:00
diff --git a/packages/sdk/src/wasm/VerifiablePresentationV1/proof.ts b/packages/sdk/src/wasm/VerifiablePresentationV1/proof.ts
@@ -187,11 +187,15 @@ export async function createFromAnchor(
     ) {
         throw new Error('Unexpected transaction type found for anchor reference');
     }
-    const expectedAnchor = VerifiablePresentationRequestV1.computeAnchor(
+
+    const expectedAnchor = VerifiablePresentationRequestV1.computeAnchorHash(
         presentationRequest.requestContext,
         presentationRequest.credentialStatements
     );
-    if ((new DataBlob(expectedAnchor).toString(), summary.dataRegistered.data)) {
+    const transactionAnchor = VerifiablePresentationRequestV1.decodeAnchor(
+        Buffer.from(summary.dataRegistered.data, 'hex')
+    );
+    if (Buffer.from(expectedAnchor).toString('hex') !== Buffer.from(transactionAnchor.hash).toString('hex')) {
         throw new Error('presentation anchor verification failed.');
     }
 
diff --git a/packages/sdk/src/wasm/VerifiablePresentationV1/request.ts b/packages/sdk/src/wasm/VerifiablePresentationV1/request.ts
@@ -1,4 +1,5 @@
 import { Buffer } from 'buffer/index.js';
+import _JB from 'json-bigint';
 
 import { sha256 } from '../../hash.js';
 import {
@@ -10,13 +11,17 @@ import {
     ConcordiumGRPCClient,
     NextAccountNonce,
     RegisterDataPayload,
+    cborDecode,
+    cborEncode,
     signTransaction,
 } from '../../index.js';
-import { DataBlob, TransactionExpiry, TransactionHash } from '../../types/index.js';
-import { CredentialStatement } from '../../web3-id/types.js';
+import { ContractAddress, DataBlob, TransactionExpiry, TransactionHash } from '../../types/index.js';
+import { CredentialStatement, StatementProverQualifier } from '../../web3-id/types.js';
 import { GivenContextJSON, givenContextFromJSON, givenContextToJSON } from './internal.js';
 import { CredentialContextLabel, GivenContext } from './types.js';
 
+const JSONBig = _JB({ useNativeBigInt: true, alwaysParseAsBig: true });
+
 // NOTE: renamed from ContextInformation in ADR
 export type Context = {
     type: 'ConcordiumContextInformationV1';
@@ -39,12 +44,43 @@ export function createSimpleContext(nonce: Uint8Array, connectionId: string, con
     });
 }
 
-export function computeAnchor(context: Context, credentialStatements: CredentialStatement[]): Uint8Array {
+export type AnchorData = {
+    type: 'CCDVRA';
+    version: number;
+    hash: Uint8Array;
+    public?: string;
+};
+
+export function createAnchor(
+    context: Context,
+    credentialStatements: CredentialStatement[],
+    publicInfo?: string
+): Uint8Array {
+    const hash = computeAnchorHash(context, credentialStatements);
+    const data: AnchorData = { type: 'CCDVRA', version: 1, hash, public: publicInfo };
+    return cborEncode(data);
+}
+
+export function computeAnchorHash(context: Context, credentialStatements: CredentialStatement[]): Uint8Array {
     // TODO: this is a quick and dirty anchor implementation that needs to be replaced with
     // the one from concordium-base when available.
     const contextDigest = Buffer.from(JSON.stringify(context));
-    const statementsDigest = Buffer.from(JSON.stringify(credentialStatements));
-    return sha256([contextDigest, statementsDigest]);
+    const statementsDigest = Buffer.from(JSONBig.stringify(credentialStatements));
+    return Uint8Array.from(sha256([contextDigest, statementsDigest]));
+}
+
+export function decodeAnchor(cbor: Uint8Array): AnchorData {
+    const value = cborDecode(cbor);
+    if (typeof value !== 'object' || value === null) throw new Error('Expected a cbor encoded object');
+    // required fields
+    if (!('type' in value) || value.type !== 'CCDVRA') throw new Error('Expected "type" to be "CCDVRA"');
+    if (!('version' in value) || typeof value.version !== 'number')
+        throw new Error('Expected "version" to be a number');
+    if (!('hash' in value) || !(value.hash instanceof Uint8Array))
+        throw new Error('Expected "hash" to be a Uint8Array');
+    // optional fields
+    if ('public' in value && typeof value.public !== 'string') throw new Error('Expected "public" to be a string');
+    return value as AnchorData;
 }
 
 // TODO: Should match the w3c spec for a verifiable presentation request and the corresponding
@@ -77,9 +113,30 @@ export type Type = VerifiablePresentationRequestV1;
 
 export function fromJSON(json: JSON): VerifiablePresentationRequestV1 {
     const requestContext = { ...json.requestContext, given: json.requestContext.given.map(givenContextFromJSON) };
+    const statements: CredentialStatement[] = json.credentialStatements.map(({ statement, idQualifier }) => {
+        let mappedQualifier: StatementProverQualifier;
+        switch (idQualifier.type) {
+            case 'id':
+                mappedQualifier = { type: 'id', issuers: idQualifier.issuers.map(Number) };
+                break;
+            case 'cred':
+                mappedQualifier = { type: 'cred', issuers: idQualifier.issuers.map(Number) };
+                break;
+            case 'sci':
+                mappedQualifier = {
+                    type: 'sci',
+                    issuers: idQualifier.issuers.map((c) => ContractAddress.create(c.index, c.subindex)),
+                };
+                break;
+            default:
+                mappedQualifier = idQualifier;
+        }
+        return { statement, idQualifier: mappedQualifier } as CredentialStatement;
+    });
+
     return new VerifiablePresentationRequestV1(
         requestContext,
-        json.credentialStatements,
+        statements,
         TransactionHash.fromJSON(json.transactionRef)
     );
 }
@@ -89,10 +146,11 @@ export async function createAndAchor(
     sender: AccountAddress.Type,
     signer: AccountSigner,
     context: Omit<Context, 'type'>,
-    credentialStatements: CredentialStatement[]
+    credentialStatements: CredentialStatement[],
+    anchorPublicInfo?: string
 ): Promise<VerifiablePresentationRequestV1> {
     const requestContext = createContext(context);
-    const anchor = computeAnchor(requestContext, credentialStatements);
+    const anchor = createAnchor(requestContext, credentialStatements, anchorPublicInfo);
 
     const nextNonce: NextAccountNonce = await grpc.getNextAccountNonce(sender);
     const header: AccountTransactionHeader = {
diff --git a/packages/sdk/test/ci/wasm/VerifiablePresentationRequestV1.test.ts b/packages/sdk/test/ci/wasm/VerifiablePresentationRequestV1.test.ts
@@ -0,0 +1,58 @@
+import _JB from 'json-bigint';
+
+import { AttributeKeyString, ContractAddress, TransactionHash } from '../../../src/pub/types.ts';
+import { VerifiablePresentationRequestV1 } from '../../../src/pub/wasm.ts';
+import { CredentialStatementBuilder } from '../../../src/pub/web3-id.ts';
+
+const JSONBig = _JB({ alwaysParseAsBig: true, useNativeBigInt: true });
+
+describe('VerifiablePresentationRequestV1', () => {
+    it('should perform successful JSON roundtrip', () => {
+        const context = VerifiablePresentationRequestV1.createSimpleContext(
+            Uint8Array.from([0, 1, 2, 3]),
+            '0102'.repeat(16),
+            'Wine payment'
+        );
+        const builder = new CredentialStatementBuilder();
+        const statement = builder
+            .forWeb3IdCredentials([ContractAddress.create(2101), ContractAddress.create(1337, 42)], (b) =>
+                b.addRange('b', 80n, 1237n).addMembership('c', ['aa', 'ff', 'zz'])
+            )
+            .forIdentityCredentials([0, 1, 2], (b) => b.revealAttribute(AttributeKeyString.firstName))
+            .getStatements();
+        const transactionRef = TransactionHash.fromHexString('01020304'.repeat(8));
+        const presentationRequest = VerifiablePresentationRequestV1.create(context, statement, transactionRef);
+
+        const json = JSONBig.stringify(presentationRequest);
+        const roundtrip = VerifiablePresentationRequestV1.fromJSON(JSONBig.parse(json));
+        expect(presentationRequest).toEqual(roundtrip);
+    });
+
+    it('should compute the correct anchor', () => {
+        const context = VerifiablePresentationRequestV1.createSimpleContext(
+            Uint8Array.from([0, 1, 2, 3]),
+            '0102'.repeat(16),
+            'Wine payment'
+        );
+        const builder = new CredentialStatementBuilder();
+        const statement = builder
+            .forWeb3IdCredentials([ContractAddress.create(2101), ContractAddress.create(1337, 42)], (b) =>
+                b.addRange('b', 80n, 1237n).addMembership('c', ['aa', 'ff', 'zz'])
+            )
+            .forIdentityCredentials([0, 1, 2], (b) => b.revealAttribute(AttributeKeyString.firstName))
+            .getStatements();
+        const anchor = VerifiablePresentationRequestV1.createAnchor(context, statement, 'public info');
+        const expectedAnchor =
+            'a4646861736858206a6f644b6d22e1647196c4fae44ffef5be554dc0edcac30518ef9624ab44de4f647479706566434344565241667075626c69636b7075626c696320696e666f6776657273696f6e01';
+        expect(Buffer.from(anchor).toString('hex')).toEqual(expectedAnchor);
+
+        const roundtrip = VerifiablePresentationRequestV1.decodeAnchor(anchor);
+        const expectedData: VerifiablePresentationRequestV1.AnchorData = {
+            type: 'CCDVRA',
+            version: 1,
+            hash: VerifiablePresentationRequestV1.computeAnchorHash(context, statement),
+            public: 'public info',
+        };
+        expect(roundtrip).toEqual(expectedData);
+    });
+});
