UNPKG

@zkp2p/reclaim-witness-sdk

Version:

<div> <div> <img src="https://raw.githubusercontent.com/reclaimprotocol/.github/main/assets/banners/Attestor-Core.png" /> </div> </div>

github.com/reclaimprotocol/attestor-core

151 lines (150 loc) 5.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
import type { TLSConnectionOptions } from '@reclaimprotocol/tls'; import type { AttestorVersion, ProviderClaimData } from '../proto/api'; import type { ArraySlice, Logger, RedactedOrHashedArraySlice } from '../types/general'; import type { ProvidersConfig } from '../types/providers.gen'; import type { Transcript } from '../types/tunnel'; export type AttestorData = { id: string; url: string; }; type CreateRequestResult = { /** * Raw request to be sent * If a string, it is assumed to be an * ASCII encoded string. If it contains * non-ASCII characters, the redactions * may not work as expected */ data: Uint8Array | string; redactions: ArraySlice[]; }; export type ProviderName = keyof ProvidersConfig; export type ProviderParams<T extends ProviderName> = ProvidersConfig[T]['parameters']; export type ProviderSecretParams<T extends ProviderName> = ProvidersConfig[T]['secretParameters']; export type RedactionMode = 'key-update' | 'zk'; export type ProviderField<Params, SecretParams, T> = T | ((params: Params, secretParams?: SecretParams) => T); export type ProviderCtx = { version: AttestorVersion; }; type GetResponseRedactionsOpts<P> = { response: Uint8Array; params: P; logger: Logger; ctx: ProviderCtx; }; type AssertValidProviderReceipt<P> = { receipt: Transcript<Uint8Array>; params: P; logger: Logger; ctx: ProviderCtx; }; /** * Generic interface for a provider that can be used to verify * claims on a TLS receipt * * @notice "Params" are the parameters you want to claim against. * These would typically be found in the response body * * @notice "SecretParams" are the parameters that are used to make the API request. * These must be redacted in the request construction in "createRequest" & cannot be viewed by anyone */ export interface Provider<N extends ProviderName, Params = ProviderParams<N>, SecretParams = ProviderSecretParams<N>> { /** * host:port to connect to for this provider; * the protocol establishes a connection to the first one * when a request is received from a user. * * Run on attestor side when creating a new session * * Eg. "www.google.com:443", (p) => p.url.host * */ hostPort: ProviderField<Params, SecretParams, string>; /** * Which geo location to send the request from * Provide 2 letter country code, or a function * that returns the country code * @example "US", "IN" */ geoLocation?: ProviderField<Params, SecretParams, string | undefined>; /** extra options to pass to the client like root CA certificates */ additionalClientOptions?: ProviderField<Params, SecretParams, TLSConnectionOptions | undefined>; /** * default redaction mode to use. If not specified, * the default is 'key-update'. * * It's switched to 'zk' for TLS1.2 requests as TLS1.2 * don't support key updates * * @default 'key-update' */ writeRedactionMode?: ProviderField<Params, SecretParams, RedactionMode | undefined>; /** generate the raw request to be sent to through the TLS receipt */ createRequest(secretParams: SecretParams, params: Params, logger: Logger): CreateRequestResult; /** * Return the slices of the response to redact * Eg. if the response is "hello my secret is xyz", * and you want to redact "xyz", you would return * [{start: 17, end: 20}] * * This is run on the client side, to selct which portions of * the server response to send to the attestor * */ getResponseRedactions?(opts: GetResponseRedactionsOpts<Params>): RedactedOrHashedArraySlice[]; /** * verify a generated TLS receipt against given parameters * to ensure the receipt does contain the claims the * user is claiming to have * * This is run on the attestor side. * @param receipt application data messages exchanged in the TLS session * @param params the parameters to verify the receipt against. * Eg. `{"email": "abcd@gmail.com"}` * @returns sucessful verification or throws an error message. * Optionally return parameters extracted from the receipt * that will then be included in the claim context * */ assertValidProviderReceipt(opts: AssertValidProviderReceipt<Params>): void | Promise<void> | { extractedParameters: { [key: string]: string; }; }; } export type ProofGenerationStep = { name: 'connecting'; } | { name: 'sending-request-data'; } | { name: 'waiting-for-response'; } | { name: 'generating-zk-proofs'; proofsDone: number; proofsTotal: number; /** * approximate time left in seconds. * Only computed after the first block * is done * */ approxTimeLeftS?: number; } | { name: 'waiting-for-verification'; }; type StepData = { timestampS: number; epoch: number; attestors: AttestorData[]; }; export type CreateStep = ({ name: 'creating'; } & StepData) | ({ name: 'attestor-progress'; currentAttestor: AttestorData; step: ProofGenerationStep; } & StepData) | { name: 'attestor-done'; timestampS: number; epoch: number; attestorsLeft: AttestorData[]; claimData: ProviderClaimData; signaturesDone: string[]; }; export {};