-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
8 changed files
with
2,188 additions
and
263 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
// SPDX-License-Identifier: GPL-3.0 | ||
pragma solidity 0.8.17; | ||
|
||
import "./interface/IClaimIssuer.sol"; | ||
import "./Identity.sol"; | ||
|
||
import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; | ||
|
||
contract ClaimIssuerUpgradeable is IClaimIssuer, Identity, UUPSUpgradeable { | ||
mapping (bytes => bool) public revokedClaims; | ||
|
||
// solhint-disable-next-line no-empty-blocks | ||
constructor(address initialManagementKey, bool _isLibrary) Identity(initialManagementKey, _isLibrary) { } | ||
|
||
/** | ||
* @dev See {IClaimIssuer-revokeClaimBySignature}. | ||
*/ | ||
function revokeClaimBySignature(bytes calldata signature) external override delegatedOnly onlyManager { | ||
require(!revokedClaims[signature], "Conflict: Claim already revoked"); | ||
|
||
revokedClaims[signature] = true; | ||
|
||
emit ClaimRevoked(signature); | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-revokeClaim}. | ||
*/ | ||
function revokeClaim(bytes32 _claimId, address _identity) external override delegatedOnly onlyManager returns(bool) { | ||
uint256 foundClaimTopic; | ||
uint256 scheme; | ||
address issuer; | ||
bytes memory sig; | ||
bytes memory data; | ||
|
||
( foundClaimTopic, scheme, issuer, sig, data, ) = Identity(_identity).getClaim(_claimId); | ||
|
||
require(!revokedClaims[sig], "Conflict: Claim already revoked"); | ||
|
||
revokedClaims[sig] = true; | ||
emit ClaimRevoked(sig); | ||
return true; | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-isClaimValid}. | ||
*/ | ||
function isClaimValid( | ||
IIdentity _identity, | ||
uint256 claimTopic, | ||
bytes memory sig, | ||
bytes memory data) | ||
public override(Identity, IClaimIssuer) view returns (bool claimValid) | ||
{ | ||
bytes32 dataHash = keccak256(abi.encode(_identity, claimTopic, data)); | ||
// Use abi.encodePacked to concatenate the message prefix and the message to sign. | ||
bytes32 prefixedHash = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", dataHash)); | ||
|
||
// Recover address of data signer | ||
address recovered = getRecoveredAddress(sig, prefixedHash); | ||
|
||
// Take hash of recovered address | ||
bytes32 hashedAddr = keccak256(abi.encode(recovered)); | ||
|
||
// Does the trusted identifier have they key which signed the user's claim? | ||
// && (isClaimRevoked(_claimId) == false) | ||
if (keyHasPurpose(hashedAddr, 3) && (isClaimRevoked(sig) == false)) { | ||
return true; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-isClaimRevoked}. | ||
*/ | ||
function isClaimRevoked(bytes memory _sig) public override view returns (bool) { | ||
if (revokedClaims[_sig]) { | ||
return true; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
// solhint-disable-next-line no-empty-blocks | ||
function _authorizeUpgrade(address /*newImplementation*/) internal override virtual { | ||
require(keyHasPurpose(keccak256(abi.encode(msg.sender)), 42), "Caller is not authorized to upgrade"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
// SPDX-License-Identifier: GPL-3.0 | ||
pragma solidity 0.8.17; | ||
|
||
import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; | ||
import "../Identity.sol"; | ||
import "../interface/IClaimIssuer.sol"; | ||
|
||
contract TestUpgradedClaimIssuer is IClaimIssuer, Identity, UUPSUpgradeable { | ||
mapping (bytes => bool) public revokedClaims; | ||
|
||
uint256 public newField; | ||
|
||
// solhint-disable-next-line no-empty-blocks | ||
constructor(address initialManagementKey, bool _isLibrary) Identity(initialManagementKey, _isLibrary) { } | ||
|
||
function setNewField(uint256 _newField) external onlyManager { | ||
newField = _newField; | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-revokeClaimBySignature}. | ||
*/ | ||
function revokeClaimBySignature(bytes calldata signature) external override delegatedOnly onlyManager { | ||
require(!revokedClaims[signature], "Conflict: Claim already revoked"); | ||
|
||
revokedClaims[signature] = true; | ||
|
||
emit ClaimRevoked(signature); | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-revokeClaim}. | ||
*/ | ||
function revokeClaim(bytes32 _claimId, address _identity) external override delegatedOnly onlyManager returns(bool) { | ||
uint256 foundClaimTopic; | ||
uint256 scheme; | ||
address issuer; | ||
bytes memory sig; | ||
bytes memory data; | ||
|
||
( foundClaimTopic, scheme, issuer, sig, data, ) = Identity(_identity).getClaim(_claimId); | ||
|
||
require(!revokedClaims[sig], "Conflict: Claim already revoked"); | ||
|
||
revokedClaims[sig] = true; | ||
emit ClaimRevoked(sig); | ||
return true; | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-isClaimValid}. | ||
*/ | ||
function isClaimValid( | ||
IIdentity _identity, | ||
uint256 claimTopic, | ||
bytes memory sig, | ||
bytes memory data) | ||
public override(Identity, IClaimIssuer) view returns (bool claimValid) | ||
{ | ||
bytes32 dataHash = keccak256(abi.encode(_identity, claimTopic, data)); | ||
// Use abi.encodePacked to concatenate the message prefix and the message to sign. | ||
bytes32 prefixedHash = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", dataHash)); | ||
|
||
// Recover address of data signer | ||
address recovered = getRecoveredAddress(sig, prefixedHash); | ||
|
||
// Take hash of recovered address | ||
bytes32 hashedAddr = keccak256(abi.encode(recovered)); | ||
|
||
// Does the trusted identifier have they key which signed the user's claim? | ||
// && (isClaimRevoked(_claimId) == false) | ||
if (keyHasPurpose(hashedAddr, 3) && (isClaimRevoked(sig) == false)) { | ||
return true; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
/** | ||
* @dev See {IClaimIssuer-isClaimRevoked}. | ||
*/ | ||
function isClaimRevoked(bytes memory _sig) public override view returns (bool) { | ||
if (revokedClaims[_sig]) { | ||
return true; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
// solhint-disable-next-line no-empty-blocks | ||
function _authorizeUpgrade(address /*newImplementation*/) internal override virtual { | ||
require(keyHasPurpose(keccak256(abi.encode(msg.sender)), 42), "Caller is not authorized to upgrade"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
// SPDX-License-Identifier: GPL-3.0 | ||
|
||
pragma solidity 0.8.17; | ||
import "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol"; | ||
|
||
contract ClaimIssuerProxy is ERC1967Proxy { | ||
// solhint-disable-next-line no-empty-blocks | ||
constructor(address implementation, bytes memory _data) ERC1967Proxy(implementation, _data) { } | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.