use multiprocess service for verification

apps/passport-server/src/services.ts

@@ -39,7 +39,10 @@ export async function startServices(
     rollbarService,
     discordService
   );
-  const credentialSubservice = await startCredentialSubservice(context.dbPool);
+  const credentialSubservice = await startCredentialSubservice(
+    context.dbPool,
+    multiprocessService
+  );
   const provingService = await startProvingService(rollbarService);
   const emailService = startEmailService(context, apis.emailAPI);
   const emailTokenService = startEmailTokenService();

apps/passport-server/src/services/generic-issuance/subservices/CredentialSubservice.ts

@@ -9,6 +9,7 @@ import {
 import { LRUCache } from "lru-cache";
 import { Pool } from "postgres-pool";
 import { loadZupassEdDSAPublicKey } from "../../issuanceService";
+import { MultiProcessService } from "../../multiProcessService";
 import { traced } from "../../telemetryService";
 
 /**
@@ -22,11 +23,17 @@ export class CredentialSubservice {
   private verificationCache: LRUCache<string, Promise<VerifiedCredential>>;
   private zupassPublicKey: EdDSAPublicKey;
   private dbPool: Pool | undefined;
+  private multiProcessService: MultiProcessService;
 
-  public constructor(zupassPublicKey: EdDSAPublicKey, dbPool?: Pool) {
+  public constructor(
+    zupassPublicKey: EdDSAPublicKey,
+    multiProcessService: MultiProcessService,
+    dbPool?: Pool
+  ) {
     this.verificationCache = new LRUCache({ max: 20000 });
     this.zupassPublicKey = zupassPublicKey;
     this.dbPool = dbPool;
+    this.multiProcessService = multiProcessService;
   }
 
   public tryVerify(
@@ -46,7 +53,10 @@ export class CredentialSubservice {
     if (cached) {
       return cached;
     }
-    const promise = verifyCredential(credential).catch((err) => {
+    const promise = verifyCredential(
+      credential,
+      this.multiProcessService.verifySignaturePCD
+    ).catch((err) => {
       this.verificationCache.delete(key);
       throw err;
     });
@@ -105,13 +115,18 @@ export class CredentialSubservice {
 }
 
 export async function startCredentialSubservice(
-  dbPool: Pool
+  dbPool: Pool,
+  multiProcessService: MultiProcessService
 ): Promise<CredentialSubservice> {
   const zupassEddsaPublicKey = await loadZupassEdDSAPublicKey();
 
   if (!zupassEddsaPublicKey) {
     throw new Error("Missing generic issuance zupass public key");
   }
 
-  return new CredentialSubservice(zupassEddsaPublicKey, dbPool);
+  return new CredentialSubservice(
+    zupassEddsaPublicKey,
+    multiProcessService,
+    dbPool
+  );
 }

packages/lib/passport-interface/src/Credential.ts

@@ -105,15 +105,26 @@ export class VerificationError extends Error {}
  * application code has access to but library code such as this does not).
  */
 export async function verifyCredential(
-  credential: Credential
+  credential: Credential,
+  verifySignature?: (
+    signature: SerializedPCD<SemaphoreSignaturePCD>
+  ) => Promise<boolean>
 ): Promise<VerifiedCredential> {
   if (credential.type !== SemaphoreSignaturePCDPackage.name) {
     throw new VerificationError(`Credential is not a Semaphore Signature PCD`);
   }
-  // Ensure that the signature part of the credential verifies.
+
   const pcd = await SemaphoreSignaturePCDPackage.deserialize(credential.pcd);
-  if (!(await SemaphoreSignaturePCDPackage.verify(pcd))) {
-    throw new VerificationError(`Could not verify signature PCD`);
+
+  // Ensure that the signature part of the credential verifies.
+  if (verifySignature) {
+    if (!(await verifySignature(credential))) {
+      throw new VerificationError(`Could not verify signature PCD`);
+    }
+  } else {
+    if (!(await SemaphoreSignaturePCDPackage.verify(pcd))) {
+      throw new VerificationError(`Could not verify signature PCD`);
+    }
   }
 
   // Parse data from the Semaphore Signature claim. Will throw if the message