From 75503cbfce8a868f16dba2e445d72c0b416af6ec Mon Sep 17 00:00:00 2001
From: Aurora Poppyseed <30662672+poppyseedDev@users.noreply.github.com>
Date: Fri, 13 Dec 2024 19:21:39 -0300
Subject: [PATCH] updated did

---
 hardhat/contracts/decIdentity/Diploma.sol    |  7 ++-----
 hardhat/contracts/decIdentity/IdMapping.sol  |  3 +--
 hardhat/contracts/decIdentity/PassportID.sol | 12 +++---------
 hardhat/test/decIdentity/diploma.ts          |  2 +-
 4 files changed, 7 insertions(+), 17 deletions(-)

diff --git a/hardhat/contracts/decIdentity/Diploma.sol b/hardhat/contracts/decIdentity/Diploma.sol
index a7fc29d..ff73b0c 100644
--- a/hardhat/contracts/decIdentity/Diploma.sol
+++ b/hardhat/contracts/decIdentity/Diploma.sol
@@ -30,7 +30,7 @@ contract Diploma is SepoliaZamaFHEVMConfig, AccessControl {
 
     /// @dev Structure to hold encrypted diploma data
     struct DiplomaData {
-        euint64 id; // Encrypted unique diploma ID
+        euint128 id; // Encrypted unique diploma ID
         ebytes64 university; // Encrypted university identifier
         euint16 degree; // Encrypted degree identifier
         ebytes64 grade; // Encrypted grade
@@ -119,7 +119,7 @@ contract Diploma is SepoliaZamaFHEVMConfig, AccessControl {
         if (registered[userId]) revert DiplomaAlreadyRegistered();
 
         // Generate a new encrypted diploma ID
-        euint64 newId = TFHE.randEuint64();
+        euint128 newId = TFHE.randEuint128();
 
         // Store the encrypted diploma data
         diplomaRecords[userId] = DiplomaData({
@@ -202,9 +202,6 @@ contract Diploma is SepoliaZamaFHEVMConfig, AccessControl {
         /// @dev Grant temporary access for graduate's data to be used in claim generation
         TFHE.allowTransient(diplomaRecords[userId].degree, claimAddress);
 
-        /// @dev Ensure the sender can access this graduate's data
-        if (!TFHE.isSenderAllowed(diplomaRecords[userId].degree)) revert AccessNotPermitted();
-
         /// @dev Attempt the external call and capture the result
         (bool success, bytes memory data) = claimAddress.call(abi.encodeWithSignature(claimFn, userId));
         if (!success) revert ClaimGenerationFailed(data);
diff --git a/hardhat/contracts/decIdentity/IdMapping.sol b/hardhat/contracts/decIdentity/IdMapping.sol
index 4d28ea4..d3935ae 100644
--- a/hardhat/contracts/decIdentity/IdMapping.sol
+++ b/hardhat/contracts/decIdentity/IdMapping.sol
@@ -57,7 +57,6 @@ contract IdMapping is SepoliaZamaFHEVMConfig, Ownable2Step {
      */
     function generateId() public returns (uint256) {
         if (addressToId[msg.sender] != 0) revert IdAlreadyGenerated();
-        if (msg.sender == address(0)) revert InvalidAddress();
 
         uint256 newId = nextId;
 
@@ -92,7 +91,7 @@ contract IdMapping is SepoliaZamaFHEVMConfig, Ownable2Step {
      * @custom:throws NoAddressFound if no address is associated with the ID
      */
     function getAddr(uint256 _id) public view returns (address) {
-        if (_id <= 0 || _id >= nextId) revert InvalidId();
+        if (_id == 0 || _id >= nextId) revert InvalidId();
         address addr = idToAddress[_id];
         if (addr == address(0)) revert NoAddressFound();
         return addr;
diff --git a/hardhat/contracts/decIdentity/PassportID.sol b/hardhat/contracts/decIdentity/PassportID.sol
index a717e85..fd2a37a 100644
--- a/hardhat/contracts/decIdentity/PassportID.sol
+++ b/hardhat/contracts/decIdentity/PassportID.sol
@@ -38,7 +38,7 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
      * @param birthdate Encrypted date of birth in unix timestamp format
      */
     struct Identity {
-        euint64 id; /// @dev Encrypted unique ID
+        euint128 id; /// @dev Encrypted unique ID
         ebytes64 biodata; /// @dev Encrypted biodata (e.g., biometric data or hashed identity data)
         ebytes64 firstname; /// @dev Encrypted first name
         ebytes64 lastname; /// @dev Encrypted last name
@@ -108,7 +108,7 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
         if (registered[userId]) revert AlreadyRegistered();
 
         /// @dev Generate a new encrypted unique ID
-        euint64 newId = TFHE.randEuint64();
+        euint128 newId = TFHE.randEuint128();
 
         /// @dev Store the encrypted identity data
         citizenIdentities[userId] = Identity({
@@ -150,7 +150,7 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
      * @return Tuple containing (id, biodata, firstname, lastname, birthdate)
      * @custom:throws IdentityNotRegistered if no identity exists for userId
      */
-    function getIdentity(uint256 userId) public view virtual returns (euint64, ebytes64, ebytes64, ebytes64, euint64) {
+    function getIdentity(uint256 userId) public view virtual returns (euint128, ebytes64, ebytes64, ebytes64, euint64) {
         if (!registered[userId]) revert IdentityNotRegistered();
         return (
             citizenIdentities[userId].id,
@@ -200,9 +200,6 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
         /// @dev Grant temporary access for citizen's birthdate to be used in claim generation
         TFHE.allowTransient(citizenIdentities[userId].birthdate, claimAddress);
 
-        /// @dev Ensure the sender can access this citizen's birthdate
-        if (!TFHE.isSenderAllowed(citizenIdentities[userId].birthdate)) revert AccessNotPermitted();
-
         /// @dev Attempt the external call and capture the result
         (bool success, bytes memory data) = claimAddress.call(abi.encodeWithSignature(claimFn, userId));
         if (!success) revert ClaimGenerationFailed(data);
@@ -226,11 +223,8 @@ contract PassportID is SepoliaZamaFHEVMConfig, AccessControl {
 
             if (keccak256(bytes(fields[i])) == keccak256(bytes("id"))) {
                 TFHE.allowTransient(citizenIdentities[userId].id, claimAddress);
-                /// @dev Ensure the sender can access this citizen's university
-                if (!TFHE.isSenderAllowed(citizenIdentities[userId].id)) revert AccessNotPermitted();
             } else if (keccak256(bytes(fields[i])) == keccak256(bytes("birthdate"))) {
                 TFHE.allowTransient(citizenIdentities[userId].birthdate, claimAddress);
-                if (!TFHE.isSenderAllowed(citizenIdentities[userId].birthdate)) revert AccessNotPermitted();
             } else {
                 revert InvalidField();
             }
diff --git a/hardhat/test/decIdentity/diploma.ts b/hardhat/test/decIdentity/diploma.ts
index ec087d8..2228c10 100644
--- a/hardhat/test/decIdentity/diploma.ts
+++ b/hardhat/test/decIdentity/diploma.ts
@@ -5,7 +5,7 @@ import type { FhevmInstance } from "fhevmjs";
 
 import type { Diploma, EmployerClaim, IdMapping, PassportID } from "../../types";
 import { createInstance } from "../instance";
-import { reencryptEbool, reencryptEbytes64, reencryptEuint8, reencryptEuint16 } from "../reencrypt";
+import { reencryptEbool, reencryptEbytes64 } from "../reencrypt";
 import { getSigners, initSigners } from "../signers";
 import { bigIntToBytes64 } from "../utils";
 import { deployEmployerClaimFixture } from "./fixture/EmployerClaim.fixture";