Documentation ¶
Index ¶
- Variables
- func CreateZKCert[T zkcertificate.Content](certificateContent T, holderCommitment zkcertificate.HolderCommitment, ...) (*zkcertificate.Certificate[T], error)
- func EncryptZKCert[T zkcertificate.Content](certificate zkcertificate.IssuedCertificate[T], ...) (zkcertificate.EncryptedCertificate, error)
- func GenerateEdDSAKeyPair(ethereumPrivateKey *ecdsa.PrivateKey) (babyjub.PrivateKey, error)
- func IssueZKCert[T zkcertificate.Content](ctx context.Context, cert zkcertificate.Certificate[T], ...) (*types.Transaction, zkcertificate.IssuedCertificate[T], error)
- func NewCmdCreateZKCert() *cobra.Command
- func NewCmdEncryptZKCert() *cobra.Command
- func NewCmdGenerateEdDSAKeyPair() *cobra.Command
- func NewCmdIssueZKCert() *cobra.Command
- func NewCmdPrintEdDSAPublicKey() *cobra.Command
- func NewCmdRenewZKCert() *cobra.Command
- func NewCmdRevokeZKCert() *cobra.Command
- func NewRootCmd() *cobra.Command
- func PrintEdDSAPublicKey(privateKey babyjub.PrivateKey, w io.Writer) error
- func RenewZKCert[T zkcertificate.Content](certificate zkcertificate.Certificate[T], providerKey babyjub.PrivateKey, ...) (*zkcertificate.Certificate[T], error)
- func RevokeZKCert[T zkcertificate.Content](ctx context.Context, certificate zkcertificate.IssuedCertificate[T], ...) (*types.Transaction, error)
- type EthereumIssueClient
- type EthereumRevokeClient
- type RecordRegistryAddressCaller
- type RecordRegistryCertificateRevoker
- type RecordRegistryQueue
Constants ¶
This section is empty.
Variables ¶
var ErrSaltIncompatible = errors.New("incompatible salt")
ErrSaltIncompatible means that for given human ID there is another zkcertificate.HolderCommitment in the registry. This is a way to make sure that within the same registry all certificates with the same zkcertificate.HolderCommitment belong to the same person, identified by human ID.
Functions ¶
func CreateZKCert ¶ added in v1.8.0
func CreateZKCert[T zkcertificate.Content]( certificateContent T, holderCommitment zkcertificate.HolderCommitment, providerKey babyjub.PrivateKey, expirationDate time.Time, ) (*zkcertificate.Certificate[T], error)
CreateZKCert generates a zero-knowledge certificate (ZKCert) based on the provided holder's commitment, certificate content, and the private key of the provider.
This function performs the following steps:
- Hashes the certificate content.
- Signs the certificate using the provider's private key and the hashed values.
- Generates a random salt within the range [1, MaxInt64].
- Constructs and returns the ZKCert.
Certificate standard is inferred from the certificateContent using method zkcertificate.Content.Standard.
func EncryptZKCert ¶ added in v1.8.0
func EncryptZKCert[T zkcertificate.Content]( certificate zkcertificate.IssuedCertificate[T], holderCommitment zkcertificate.HolderCommitment, ) (zkcertificate.EncryptedCertificate, error)
EncryptZKCert encrypts a zero-knowledge certificate using the holder's commitment encryption key.
func GenerateEdDSAKeyPair ¶ added in v1.8.0
func GenerateEdDSAKeyPair(ethereumPrivateKey *ecdsa.PrivateKey) (babyjub.PrivateKey, error)
GenerateEdDSAKeyPair generates an EdDSA key pair.
The function performs the following steps:
- If an Ethereum private key is provided, derives the EdDSA private key from it.
- If no Ethereum private key is provided, generates a random EdDSA private key.
func IssueZKCert ¶ added in v1.8.0
func IssueZKCert[T zkcertificate.Content]( ctx context.Context, cert zkcertificate.Certificate[T], ethRPC EthereumIssueClient, merkleProofClient merkle.EmptyLeafProver, registryAddress common.Address, providerKey *ecdsa.PrivateKey, ) (*types.Transaction, zkcertificate.IssuedCertificate[T], error)
IssueZKCert registers and issues a zero-knowledge certificate (ZKCert) on-chain.
The function performs the following steps:
- Verifies that the provider is authorized as a guardian.
- Finds an empty leaf in the Merkle tree for certificate registration.
- Registers the certificate and waits for the provider's turn to issue it.
- Constructs and sends the transaction to add the certificate on-chain.
func NewCmdCreateZKCert ¶
func NewCmdEncryptZKCert ¶
func NewCmdIssueZKCert ¶
func NewCmdPrintEdDSAPublicKey ¶ added in v1.7.0
func NewCmdRenewZKCert ¶
func NewCmdRevokeZKCert ¶
func NewRootCmd ¶
func PrintEdDSAPublicKey ¶ added in v1.7.0
func PrintEdDSAPublicKey(privateKey babyjub.PrivateKey, w io.Writer) error
PrintEdDSAPublicKey writes the EdDSA public key which corresponds to the given private key.
func RenewZKCert ¶ added in v1.8.0
func RenewZKCert[T zkcertificate.Content]( certificate zkcertificate.Certificate[T], providerKey babyjub.PrivateKey, expirationDate time.Time, ) (*zkcertificate.Certificate[T], error)
RenewZKCert renews an existing zero-knowledge certificate (ZKCert) by creating a new certificate with an updated expiration date.
func RevokeZKCert ¶ added in v1.8.0
func RevokeZKCert[T zkcertificate.Content]( ctx context.Context, certificate zkcertificate.IssuedCertificate[T], client EthereumRevokeClient, merkleProofClient merkle.Prover, providerKey *ecdsa.PrivateKey, ) (*types.Transaction, error)
RevokeZKCert revokes an issued zero-knowledge certificate (ZKCert) by removing it from the blockchain registry.
The function performs the following steps:
- Verifies that the provider is authorized as a guardian.
- Retrieves the Merkle proof for the certificate to be revoked.
- Registers the provider for revocation and waits for its turn.
- Constructs and sends the transaction to revoke the certificate.
Types ¶
type EthereumIssueClient ¶ added in v1.8.0
type EthereumIssueClient interface { bind.ContractBackend bind.DeployBackend ChainID(ctx context.Context) (*big.Int, error) }
type EthereumRevokeClient ¶ added in v1.8.0
type EthereumRevokeClient interface { bind.ContractBackend bind.DeployBackend ChainID(ctx context.Context) (*big.Int, error) }
type RecordRegistryAddressCaller ¶ added in v1.7.2
type RecordRegistryCertificateRevoker ¶ added in v1.7.2
type RecordRegistryCertificateRevoker interface { RevokeZkCertificate( opts *bind.TransactOpts, leafIndex *big.Int, zkCertificateHash [32]byte, merkleProof [][32]byte, ) (*types.Transaction, error) }