Merge pull request #684 from 0xPolygonID/develop

Develop to main
0xPolygonID · Jul 3, 2024 · 8d5d45f · 8d5d45f
2 parents 7e0c661 + 36a50c4
commit 8d5d45f
Show file tree

Hide file tree

Showing 101 changed files with 1,852 additions and 1,978 deletions.
diff --git a/.env-issuer.sample b/.env-issuer.sample
@@ -24,6 +24,7 @@ ISSUER_ETHEREUM_CONFIRMATION_BLOCK_COUNT=5
 ISSUER_ETHEREUM_RECEIPT_TIMEOUT=600s
 ISSUER_ETHEREUM_MIN_GAS_PRICE=0
 ISSUER_ETHEREUM_MAX_GAS_PRICE=2500000
+ISSUER_ETHEREUM_GASLESS=false
 ISSUER_ETHEREUM_RPC_RESPONSE_TIMEOUT=5s
 ISSUER_ETHEREUM_WAIT_RECEIPT_CYCLE_TIME=30s
 ISSUER_ETHEREUM_WAIT_BLOCK_CYCLE_TIME=30s
@@ -45,4 +46,8 @@ ISSUER_CREDENTIAL_STATUS_ONCHAIN_TREE_STORE_SUPPORTED_CONTRACT=0x3d3763eC0a50CE1
 ISSUER_CREDENTIAL_STATUS_RHS_URL=http://localhost:3001
 ISSUER_CREDENTIAL_STATUS_PUBLISHING_KEY_PATH=pbkey
 ISSUER_CREDENTIAL_STATUS_RHS_MODE=None
-ISSUER_CREDENTIAL_STATUS_RHS_CHAIN_ID=<80002 | 80001 | 137>
+ISSUER_CREDENTIAL_STATUS_RHS_CHAIN_ID=<80002 | 80001 | 137>
+
+ISSUER_MEDIA_TYPE_MANAGER_ENABLED=true
+
+ISSUER_AUTO_PUBLISHING_TO_ON_CHAIN_RHS=true
diff --git a/.env-ui.sample b/.env-ui.sample
@@ -5,3 +5,4 @@ ISSUER_UI_BUILD_TAG=
 ISSUER_UI_WARNING_MESSAGE=
 ISSUER_UI_IPFS_GATEWAY_URL=https://ipfs.io
 ISSUER_UI_SCHEMA_EXPLORER_AND_BUILDER_URL=https://schema-builder.polygonid.me
+ISSUER_UI_INSECURE=false
diff --git a/.github/workflows/demo_deploy_backend.yml b/.github/workflows/demo_deploy_backend.yml
@@ -0,0 +1,70 @@
+name: Deploy Issuer Node Backend to Demo AWS Environment
+
+on:
+  workflow_run:
+    workflows: ["Checks"]
+    branches:  ["main"]
+    types:
+      - completed
+
+env:
+  AWS_ACCOUNT_ID: ${{ secrets.TEST_AWS_ACCOUNT_ID }}
+  AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
+  ECR_REPOSITORY: issuer_node_backend_demo
+
+jobs:
+  build-backend:
+    name: Build and push latest image to AWS Demo Environment
+    permissions:
+      id-token: write
+      contents: write
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.20"
+      - uses: actions/cache@v3
+        with:
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/go-build
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Create .env-api
+        run: |
+          touch .env-api
+
+      - run: make build/docker
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1-node16
+        with:
+          aws-region: ${{ env.AWS_DEFAULT_REGION }}
+          role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/PolygonIDActionsRole
+          role-session-name: GitHubActionsSession
+
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v1
+        id: login-ecr
+
+      - name: Get version
+        run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
+        id: version
+
+      - name: Tag and push image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
+          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
+        run: |
+          docker tag issuer/api:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+
+          docker tag issuer/api:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
+          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
diff --git a/.github/workflows/demo_deploy_ui.yml b/.github/workflows/demo_deploy_ui.yml
@@ -0,0 +1,61 @@
+name: Deploy Issuer Node UI to Demo AWS Environment
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  AWS_ACCOUNT_ID: ${{ secrets.TEST_AWS_ACCOUNT_ID }}
+  AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
+  ECR_REPOSITORY: issuer_node_ui_demo
+
+jobs:
+  deploy:
+    name: Build and Deploy UI to Demo AWS Environment
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 16
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1-node16
+        with:
+          aws-region: ${{ env.AWS_DEFAULT_REGION }}
+          role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/PolygonIDActionsRole
+          role-session-name: GitHubActionsSession
+
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v1
+        id: login-ecr
+
+      - name: Get version
+        run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
+        id: version
+
+      - name: build ui docker image
+        working-directory: ./ui
+        env:
+          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
+        run: |
+          docker build -t polygonid/issuernode_ui:${{ env.IMAGE_TAG }} .
+
+
+      - name: Tag and push image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
+          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
+        run: |
+          docker tag polygonid/issuernode_ui:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+
+          docker tag polygonid/issuernode_ui:${{ env.IMAGE_TAG }} ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
+          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
diff --git a/LICENSE-APACHE b/LICENSE-APACHE
@@ -1,4 +1,3 @@
-Copyright (C) 2023  ZKID Labs AG
                                   Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -199,4 +198,4 @@ Copyright (C) 2023  ZKID Labs AG
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.
diff --git a/Makefile b/Makefile
@@ -46,8 +46,7 @@ test-race:
 	$(GO) test -v --race ./...
 
 $(BIN)/oapi-codegen: tools.go go.mod go.sum ## install code generator for API files.
-	go get github.com/deepmap/oapi-codegen/cmd/oapi-codegen
-	$(GO) install github.com/deepmap/oapi-codegen/v2/cmd/oapi-codegen
+	$(GO) install github.com/oapi-codegen/oapi-codegen/v2/cmd/oapi-codegen@latest
 
 .PHONY: api
 api: $(BIN)/oapi-codegen
@@ -142,6 +141,10 @@ db/migrate: $(BIN)/install-goose $(BIN)/godotenv $(BIN)/platformid-migrate ## In
 lint: $(BIN)/golangci-lint
 	  $(BIN)/golangci-lint run
 
+.PHONY: lint-fix
+lint-fix: $(BIN)/golangci-lint
+		  $(BIN)/golangci-lint run --fix
+
 # usage: make private_key=xxx add-private-key
 .PHONY: add-private-key
 add-private-key:

diff --git a/README.md b/README.md
@@ -1,9 +1,9 @@
-# Polygon ID Issuer Node
+# Privado ID Issuer Node
 
 [![Checks](https://github.com/0xPolygonID/sh-id-platform/actions/workflows/checks.yml/badge.svg)](https://github.com/0xPolygonID/sh-id-platform/actions/workflows/checks.yml)
 [![golangci-lint](https://github.com/0xPolygonID/sh-id-platform/actions/workflows/golangci-lint.yml/badge.svg)](https://github.com/0xPolygonID/sh-id-platform/actions/workflows/golangci-lint.yml)
 
-Streamline the **Verifiable Credentials issuance** process with the user-friendly API and UI of the Issuer Node within the Polygon ID ecosystem. The on-premise (self-hosted) Issuer Node, seamlessly integrated with a robust suite of tools including the mobile Wallet, Schema Builder, and Credential Marketplace, guarantees a frictionless experience for effortlessly issuing and verifying credentials.
+Streamline the **Verifiable Credentials issuance** process with the user-friendly API and UI of the Issuer Node within the Privado ID ecosystem. The on-premise (self-hosted) Issuer Node, seamlessly integrated with a robust suite of tools including the mobile Wallet, Schema Builder, and Credential Marketplace, guarantees a frictionless experience for effortlessly issuing and verifying credentials.
 
 ![Triagle-of-trust](docs/assets/img/triangle-of-trust.png)
 
@@ -20,15 +20,18 @@ Streamline the **Verifiable Credentials issuance** process with the user-friendl
 ---
 
 ## Table of Contents
-
-- [Quick Start Installation](#quick-start-installation)
-    - [Prerequisites](#Prerequisites)
-    - [Issuer Node Api](#issuer-node-api)
+- [Privado ID Issuer Node](#privado-id-issuer-node)
+  - [Table of Contents](#table-of-contents)
+  - [Quick Start Installation](#quick-start-installation)
+    - [Prerequisites](#prerequisites)
+    - [Issuer Node API](#issuer-node-api)
+      - [Deploy Issuer Node Infrastructure](#deploy-issuer-node-infrastructure)
+      - [Run Issuer Node API](#run-issuer-node-api)
     - [Issuer Node UI](#issuer-node-ui)
-- [Quick Start Demo](#quick-start-demo)
-- [Documentation](#documentation)
-- [Tools](#tools)
-- [License](#license)
+  - [Quick Start Demo](#quick-start-demo)
+  - [Documentation](#documentation)
+  - [Tools](#tools)
+  - [License](#license)
 
 ## Quick Start Installation
 > [!NOTE]
@@ -215,7 +218,7 @@ This [Quick Start Demo](https://devs.polygonid.com/docs/quick-start-demo/) will
 ## Documentation
 
 * [Issuer Node resources](https://devs.polygonid.com/docs/category/issuer/)
-* [Polygon ID core concepts](https://devs.polygonid.com/docs/introduction/)
+* [Privado ID core concepts](https://devs.polygonid.com/docs/introduction/)
 
 ## Tools
 > [!WARNING]

diff --git a/api/api.yaml b/api/api.yaml
@@ -1,4 +1,4 @@
-openapi: 3.1.0
+openapi: 3.0.0
 info:
   title: Polygon ID - Issuer
   description: |
@@ -675,6 +675,13 @@ components:
           $ref: '#/components/schemas/RefreshService'
         displayMethod:
           $ref: '#/components/schemas/DisplayMethod'
+        proofs:
+          type: array
+          items:
+            type: string
+            x-omitempty: false
+            example: "BJJSignature2021"
+            enum: [ BJJSignature2021, Iden3SparseMerkleTreeProof]
       example:
         credentialSchema: "https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCAgeCredential-v3.json"
         type: "KYCAgeCredential"

diff --git a/api/spec.html b/api/spec.html
@@ -1,7 +1,7 @@
 <!doctype html>
 <html>
 <head>
-    <title>Polygon ID - Self Hosted Issuer</title>
+    <title>Privado ID - Self Hosted Issuer</title>
     <meta charset="utf-8">
     <link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet">
     <script type="module" src="https://unpkg.com/rapidoc/dist/rapidoc-min.js"></script>

diff --git a/api_ui/api.yaml b/api_ui/api.yaml
@@ -1,4 +1,4 @@
-openapi: 3.1.0
+openapi: 3.0.0
 info:
   title: Polygon ID - Issuer - UI API
   description: |

diff --git a/api_ui/spec.html b/api_ui/spec.html
@@ -1,7 +1,7 @@
 <!doctype html>
 <html>
 <head>
-    <title>Polygon ID - Self Hosted Issuer - UI API</title>
+    <title>Privado ID - Self Hosted Issuer - UI API</title>
     <meta charset="utf-8">
     <link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet">
     <script type="module" src="https://unpkg.com/rapidoc/dist/rapidoc-min.js"></script>

diff --git a/cmd/issuer_initializer/main.go b/cmd/issuer_initializer/main.go
@@ -12,7 +12,6 @@ import (
 	"github.com/ethereum/go-ethereum/ethclient"
 	vault "github.com/hashicorp/vault/api"
 	core "github.com/iden3/go-iden3-core/v2"
-	"github.com/iden3/go-schema-processor/v2/verifiable"
 
 	"github.com/polygonid/sh-id-platform/internal/buildinfo"
 	"github.com/polygonid/sh-id-platform/internal/config"
@@ -137,24 +136,25 @@ func main() {
 		ReceiptTimeout:         cfg.Ethereum.ReceiptTimeout,
 		MinGasPrice:            big.NewInt(int64(cfg.Ethereum.MinGasPrice)),
 		MaxGasPrice:            big.NewInt(int64(cfg.Ethereum.MaxGasPrice)),
+		GasLess:                cfg.Ethereum.GasLess,
 		RPCResponseTimeout:     cfg.Ethereum.RPCResponseTimeout,
 		WaitReceiptCycleTime:   cfg.Ethereum.WaitReceiptCycleTime,
 		WaitBlockCycleTime:     cfg.Ethereum.WaitBlockCycleTime,
 	}, keyStore)
 
+	// this is needed to create the did with the correct auth core claim revocation status URL
+	cfg.CredentialStatus.Iden3CommAgentStatus.URL = cfg.APIUI.ServerURL
 	rhsFactory := reverse_hash.NewFactory(cfg.CredentialStatus.RHS.GetURL(), ethConn, common.HexToAddress(cfg.CredentialStatus.OnchainTreeStore.SupportedTreeStoreContract), reverse_hash.DefaultRHSTimeOut)
 	revocationStatusResolver := revocation_status.NewRevocationStatusResolver(cfg.CredentialStatus)
 	cfg.CredentialStatus.SingleIssuer = true
-	// this is needed to create the did with the correct auth core claim revocation status URL
-	cfg.CredentialStatus.DirectStatus.URL = cfg.APIUI.ServerURL
 	identityService := services.NewIdentity(keyStore, identityRepository, mtRepository, identityStateRepository, mtService, nil, claimsRepository, nil, nil, storage, nil, nil, nil, cfg.CredentialStatus, rhsFactory, revocationStatusResolver)
 
 	didCreationOptions := &ports.DIDCreationOptions{
 		Method:                  core.DIDMethod(cfg.APIUI.IdentityMethod),
 		Network:                 core.NetworkID(cfg.APIUI.IdentityNetwork),
 		Blockchain:              core.Blockchain(cfg.APIUI.IdentityBlockchain),
 		KeyType:                 kms.KeyType(cfg.APIUI.KeyType),
-		AuthBJJCredentialStatus: verifiable.CredentialStatusType(cfg.CredentialStatus.CredentialStatusType),
+		AuthBJJCredentialStatus: cfg.CredentialStatus.CredentialStatusType,
 	}
 
 	identity, err := identityService.Create(ctx, cfg.APIUI.ServerURL, didCreationOptions)

diff --git a/cmd/migrate/main.go b/cmd/migrate/main.go
@@ -4,26 +4,33 @@ import (
 	"context"
 	"os"
 
-	"github.com/polygonid/sh-id-platform/internal/config"
+	"github.com/joho/godotenv"
+
 	"github.com/polygonid/sh-id-platform/internal/db/schema"
 	"github.com/polygonid/sh-id-platform/internal/log"
 
 	_ "github.com/lib/pq"
 )
 
+// IssuerDatabaseUrl is the environment variable for the issuer database URL
+const IssuerDatabaseUrl = "ISSUER_DATABASE_URL"
+
 func main() {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 
-	cfg, err := config.Load("")
-	if err != nil {
-		log.Error(ctx, "cannot load config", "err", err)
+	if os.Getenv(IssuerDatabaseUrl) == "" {
+		err := godotenv.Load(".env-issuer")
+		if err != nil {
+			log.Error(ctx, "Error loading .env-issuer file")
+		}
 	}
 
-	log.Config(cfg.Log.Level, cfg.Log.Mode, os.Stdout)
-	log.Debug(ctx, "database", "url", cfg.Database.URL)
+	databaseUrl := os.Getenv(IssuerDatabaseUrl)
+	log.Config(log.LevelDebug, log.LevelDebug, os.Stdout)
+	log.Debug(ctx, "database", "url", databaseUrl)
 
-	if err := schema.Migrate(cfg.Database.URL); err != nil {
+	if err := schema.Migrate(databaseUrl); err != nil {
 		log.Error(ctx, "error migrating database", "err", err)
 		return
 	}

diff --git a/cmd/notifications/main.go b/cmd/notifications/main.go
@@ -12,6 +12,9 @@ import (
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/ethclient"
 	vault "github.com/hashicorp/vault/api"
+	"github.com/iden3/iden3comm/v2"
+	"github.com/iden3/iden3comm/v2/packers"
+	"github.com/iden3/iden3comm/v2/protocol"
 
 	"github.com/polygonid/sh-id-platform/internal/buildinfo"
 	"github.com/polygonid/sh-id-platform/internal/config"
@@ -165,6 +168,7 @@ func newCredentialsService(ctx context.Context, cfg *config.Configuration, stora
 		ReceiptTimeout:         cfg.Ethereum.ReceiptTimeout,
 		MinGasPrice:            big.NewInt(int64(cfg.Ethereum.MinGasPrice)),
 		MaxGasPrice:            big.NewInt(int64(cfg.Ethereum.MaxGasPrice)),
+		GasLess:                cfg.Ethereum.GasLess,
 		RPCResponseTimeout:     cfg.Ethereum.RPCResponseTimeout,
 		WaitReceiptCycleTime:   cfg.Ethereum.WaitReceiptCycleTime,
 		WaitBlockCycleTime:     cfg.Ethereum.WaitBlockCycleTime,
@@ -178,8 +182,16 @@ func newCredentialsService(ctx context.Context, cfg *config.Configuration, stora
 	mtService := services.NewIdentityMerkleTrees(mtRepository)
 	qrService := services.NewQrStoreService(cachex)
 
+	mediaTypeManager := services.NewMediaTypeManager(
+		map[iden3comm.ProtocolMessage][]string{
+			protocol.CredentialFetchRequestMessageType:  {string(packers.MediaTypeZKPMessage)},
+			protocol.RevocationStatusRequestMessageType: {"*"},
+		},
+		*cfg.MediaTypeManager.Enabled,
+	)
+
 	identityService := services.NewIdentity(keyStore, identityRepository, mtRepository, identityStateRepository, mtService, qrService, claimsRepository, revocationRepository, nil, storage, nil, nil, ps, cfg.CredentialStatus, rhsFactory, revocationStatusResolver)
-	claimsService := services.NewClaim(claimsRepository, identityService, qrService, mtService, identityStateRepository, schemaLoader, storage, cfg.APIUI.ServerURL, ps, cfg.IPFS.GatewayURL, revocationStatusResolver)
+	claimsService := services.NewClaim(claimsRepository, identityService, qrService, mtService, identityStateRepository, schemaLoader, storage, cfg.APIUI.ServerURL, ps, cfg.IPFS.GatewayURL, revocationStatusResolver, mediaTypeManager)
 
 	return claimsService, nil
 }