Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add webauthn-pcd package #134

Merged
merged 15 commits into from
May 17, 2023
Merged

Conversation

rrrliu
Copy link
Collaborator

@rrrliu rrrliu commented Apr 5, 2023

Closes #114

Demo:

Screen.Recording.2023-04-23.at.11.51.38.PM.mov
  • WebAuthn logic
    • prove
    • verify
  • docs
  • tests (in progress)
  • consumer-client

Copy link
Contributor

@ichub ichub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it would also be great if you could pipe this all the way through consumer-client to show it working end-to-end!

packages/webauthn-pcd/README.md Outdated Show resolved Hide resolved
packages/webauthn-pcd/src/WebAuthnPCD.ts Outdated Show resolved Hide resolved
packages/webauthn-pcd/src/WebAuthnPCD.ts Outdated Show resolved Hide resolved
@ichub ichub marked this pull request as draft April 5, 2023 17:39
@rrrliu rrrliu force-pushed the rrrliu/webauthn-pcd branch 2 times, most recently from 45ea552 to d0fccda Compare April 26, 2023 07:26
@rrrliu rrrliu changed the title [wip] Add webauthn-pcd package Add webauthn-pcd package Apr 26, 2023
@rrrliu rrrliu marked this pull request as ready for review April 26, 2023 07:26
@rrrliu rrrliu requested a review from ichub April 26, 2023 07:26
Copy link
Contributor

@ichub ichub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

getting very close, I'm excited for this one!

README.md Outdated
@@ -123,6 +123,7 @@ Some of these packages are used to share development configuration between the d
- [`@pcd/semaphore-group-pcd`](packages/semaphore-group-pcd): a pcd which wraps the [Semaphore](https://semaphore.appliedzkp.org/docs/introduction) protocol, which allows PCD-consuming applications to consume and generate Semaphore proofs.
- [`@pcd/semaphore-identity-pcd`](packages/semaphore-identity-pcd): a 'self-evident' PCD, representing the public and private components of a Semaphore identity
- [`@pcd/semaphore-signature-pcd`](packages/semaphore-signature-pcd): like `@pcd/semaphore-group-pcd`, but with a more specific purpose of using the semaphore protocol to 'sign' a particular string message on behalf of a particular revealed commitment id.
- [`@pcd/webauthn-pcd`](packages/webauthn-pcd): a pcd that can be used to attest to a valid attestatinos from [WebAuthn](https://webauthn.guide/) hardware devices, such as facial scanners, fingerprints, Yubikeys, and more.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there's a typo here: attestatinos

also maybe a better description could be something like 'a pcd that can be used to make claims about WebAuthn attestations ...'

@@ -16,8 +16,11 @@
"@pcd/pcd-types": "0.4.2",
"@pcd/semaphore-group-pcd": "0.4.2",
"@pcd/semaphore-identity-pcd": "0.4.2",
"@pcd/webauthn-pcd": "*",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

change this to use the actual package version

@@ -149,3 +160,55 @@ async function addIdentityPCD() {

sendPassportRequest(url);
}

async function addWebAuthnPCD() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

verbosely commenting this function and each step may be nice

@@ -0,0 +1 @@
export default function Page() {}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

delete this file

@@ -19,6 +19,7 @@
"@pcd/pcd-types": "0.4.2",
"@pcd/semaphore-group-pcd": "0.4.2",
"@pcd/semaphore-identity-pcd": "0.4.2",
"@pcd/webauthn-pcd": "*",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use the correct package version

Comment on lines 23 to 26
"@types/expect": "^24.3.0",
"@types/json-bigint": "^1.0.1",
"@types/mocha": "^10.0.1",
"@types/sinon": "^10.0.14",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as a consequence of the problem described in the above comment, @types/ packages and typescript itself should be a dependency rather than a dev dependency.

Comment on lines +9 to +13
<p>
This PCD represents a signature proof in the context of a WebAuthn
credential. In other words, this is a ZK proof that a particular
credential keypair signed a particular challenge.
</p>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯

Comment on lines +45 to +48
/**
* The WebAuthn credential information associated with this PCD.
* Storing bytes as Base64 encoded string to ensure serializability.
*/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One thing to note is that in order for a PCD to be serializable, the claim an proof don't actually have to be trivially serializable - since serializing and deserializing them is taken care of the correspondingly named functions.

Comment on lines +156 to +162
name: WebAuthnPCDTypeName,
prove,
verify,
serialize,
deserialize,
renderCardBody: WebAuthnCardBody,
getDisplayOptions,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice 👍

@@ -0,0 +1,5 @@
{
"extends": "@pcd/tsconfig/server.json",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should extend @pcd/tsconfig/ts-library.json instead

@ichub
Copy link
Contributor

ichub commented Apr 27, 2023

Also, you should rebase to fix merge conflicts.

@rrrliu rrrliu force-pushed the rrrliu/webauthn-pcd branch from 059ab37 to a3f4db4 Compare April 30, 2023 23:48
@rrrliu rrrliu requested a review from ichub May 4, 2023 16:20
@ichub
Copy link
Contributor

ichub commented May 5, 2023

I'm getting a test failure on this PR. Please make sure to run all three of

yarn build
yarn lint
yarn test

Before submitting a PR

@pcd/webauthn-pcd:test: cache bypass, force executing 89243b224146e66d
@pcd/webauthn-pcd:test: $ ts-mocha --exit test/**/*.spec.ts
@pcd/webauthn-pcd:test: (node:64099) ExperimentalWarning: Custom ESM Loaders is an experimental feature and might change at any time
@pcd/webauthn-pcd:test: (Use `node --trace-warnings ...` to show where the warning was created)
@pcd/webauthn-pcd:test:
@pcd/webauthn-pcd:test: Error [ERR_REQUIRE_ESM]: require() of ES Module /Users/ivanchub/Projects/zupass/node_modules/@simplewebauthn/browser/dist/bundle/index.js from /Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts not supported.
@pcd/webauthn-pcd:test: Instead change the require of index.js in /Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts to a dynamic import() which is available in all CommonJS modules.
@pcd/webauthn-pcd:test:     at require.extensions.<computed> [as .js] (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:851:20)
@pcd/webauthn-pcd:test:     at Object.<anonymous> (/Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts:54:36)
@pcd/webauthn-pcd:test:     at m._compile (/Users/ivanchub/Projects/zupass/node_modules/ts-mocha/node_modules/ts-node/dist/index.js:327:29)
@pcd/webauthn-pcd:test:     at m._compile (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:857:29)
@pcd/webauthn-pcd:test:     at require.extensions.<computed> (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:859:16)
@pcd/webauthn-pcd:test:     at require.extensions.<computed> [as .ts] (/Users/ivanchub/Projects/zupass/node_modules/ts-mocha/node_modules/ts-node/dist/index.js:329:16)
@pcd/webauthn-pcd:test: error Command failed with exit code 1.

@rrrliu rrrliu force-pushed the rrrliu/webauthn-pcd branch from ef09b6e to 51ece36 Compare May 9, 2023 09:02
@rrrliu
Copy link
Collaborator Author

rrrliu commented May 11, 2023

I'm getting a test failure on this PR. Please make sure to run all three of

yarn build
yarn lint
yarn test

Before submitting a PR

@pcd/webauthn-pcd:test: cache bypass, force executing 89243b224146e66d
@pcd/webauthn-pcd:test: $ ts-mocha --exit test/**/*.spec.ts
@pcd/webauthn-pcd:test: (node:64099) ExperimentalWarning: Custom ESM Loaders is an experimental feature and might change at any time
@pcd/webauthn-pcd:test: (Use `node --trace-warnings ...` to show where the warning was created)
@pcd/webauthn-pcd:test:
@pcd/webauthn-pcd:test: Error [ERR_REQUIRE_ESM]: require() of ES Module /Users/ivanchub/Projects/zupass/node_modules/@simplewebauthn/browser/dist/bundle/index.js from /Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts not supported.
@pcd/webauthn-pcd:test: Instead change the require of index.js in /Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts to a dynamic import() which is available in all CommonJS modules.
@pcd/webauthn-pcd:test:     at require.extensions.<computed> [as .js] (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:851:20)
@pcd/webauthn-pcd:test:     at Object.<anonymous> (/Users/ivanchub/Projects/zupass/packages/webauthn-pcd/test/WebAuthnPCD.spec.ts:54:36)
@pcd/webauthn-pcd:test:     at m._compile (/Users/ivanchub/Projects/zupass/node_modules/ts-mocha/node_modules/ts-node/dist/index.js:327:29)
@pcd/webauthn-pcd:test:     at m._compile (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:857:29)
@pcd/webauthn-pcd:test:     at require.extensions.<computed> (/Users/ivanchub/Projects/zupass/node_modules/ts-node/dist/index.js:859:16)
@pcd/webauthn-pcd:test:     at require.extensions.<computed> [as .ts] (/Users/ivanchub/Projects/zupass/node_modules/ts-mocha/node_modules/ts-node/dist/index.js:329:16)
@pcd/webauthn-pcd:test: error Command failed with exit code 1.

Sorry should be fixed now! Ended up using jest over mocha because mocha had issues with using / mocking ESM libraries (e.g. @simplewebauthn/browser) -- hope that's all good. Build and lint also pass.

Copy link
Contributor

@ichub ichub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is good now!!! Finally :D

@ichub ichub merged commit 5d8b398 into proofcarryingdata:main May 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

integrate zk webauthn
2 participants