You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: packages/trust-anchor-did-ethr/README.md
+28-40Lines changed: 28 additions & 40 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,6 +15,29 @@
15
15
4. only all trust anchor admins together can call the changeOwner function of their companys' did:ethr identifier (stage of feature: Implemented, Tested, Reviewed)
16
16
5. one trust anchor admin uses the deployed DIDMultisigController contract of its trust anchor to add a static pointer to a smart contract that enables company admins to change the CID of BFC of company's CRSet by calling the setAttribute function on the "service" section of the company's did:ethr identifier (stage of feature: Implemented, Tested, Reviewed)
17
17
18
+
## Desired feature for private digital asset publication
19
+
This feature of the DIDMultisigController smart contract enables a company admin to show a Zero-Knowledge Proof that authorizes the DIDMultisigController to act as a relayer and digital asset publisher without revealing the identity of the authorizing company admin.
20
+
21
+
### Set up and testing private digital asset publication
22
+
To unlock the feature for private digital asset publication, the Zero-Knowledge Proof generator must be added to this ``trust-anchor-did-ethr`` package, which can be done following the steps described in the ``README`` of the [ASCS circom-ecdsa fork](https://github.com/ASCS-eV/circom-ecdsa?tab=readme-ov-file#private-secure-on-chain-group-signature-verification-with-variable-group-size). After adding the Zero-Knowledge Proof generator to the folder `./circom-zkp-generator`, the feature for private digital asset publicaiton can be tested by running `npx hardhat test ./test/DIDMultisigController.privatePublish.test.ts` in the terminal while in the folder `./packages/trust-anchor-did-ethr`.
23
+
24
+
### Workflow of private digital asset publication
25
+
1.**Preparation**: The Trust Anchor admin uses the [ASCS circom-ecdsa fork](https://github.com/ASCS-eV/circom-ecdsa) to create ZKP-verifier smart contracts (see `./contracts/verifiers`) and ZKP generator (see `./circom-zkp-generator`) specific to different group sizes. To create both, follow the [instructions from above](#set-up-and-testing-private-digital-asset-publication).
26
+
2.**Registration**: The Trust Anchor deploys these verifier smart contracts and stores their addresses in the `verifiers` mapping within the `DIDMultisigController`.
27
+
3.**Generation**: Company admins (or a DApp) generate a ZKP off-chain using the ASCS toolset (see `./circom-zkp-generator`).
28
+
4.**Publication**: Admins call `privatelyPublishMarketplaceData` to publish digital data assets to the ASCS marketplace (simulated via `DigitalAssetMarketplaceStub`).
29
+
30
+
**Note:** see test script `./test/DIDMultisigController.privatePublish.test.ts` to understand the code behind the workflow steps of *registration*, *generation*, and *publication*.
31
+
32
+
### Improvements for future
33
+
The goal is to make verifier registration obsolete by making membership proofs independent of group size, as discussed in the [ASCS circom-ecdsa fork](https://github.com/ASCS-eV/circom-ecdsa) under "Membership Proof Is O(m)".
34
+
35
+
Alternatively, a **Fixed-Size Padding** model could be used:
36
+
***Simpler contract architecture**: Only one verifier contract (e.g., fixed at 100 slots) is maintained.
37
+
***Easier extensibility**: Smaller groups are padded with null-address placeholders.
38
+
***Reduced complexity**: Client-side logic remains consistent across all group sizes.
39
+
***Lower overhead**: Fewer artifacts (WASM, zkey) need to be managed.
40
+
18
41
## Desired security features for production
19
42
### ... for identity of trust anchor
20
43
1. trust anchor admins cannot administer company DID of other trust anchor
@@ -24,45 +47,10 @@
24
47
1. company admins cannot administer DID of trust anchor or other company
25
48
2. ...
26
49
27
-
## Usage of Hardhat
28
-
29
-
### Running Tests
30
-
31
-
To run all the tests in the project, execute the following command:
32
-
33
-
```shell
34
-
npx hardhat test
35
-
```
36
-
37
-
You can also selectively run the Solidity or `node:test` tests:
38
-
39
-
```shell
40
-
npx hardhat test solidity
41
-
npx hardhat test nodejs
42
-
```
43
-
44
-
### Make a deployment to Sepolia
45
-
46
-
This project includes an example Ignition module to deploy the contract. You can deploy this module to a locally simulated chain or to Sepolia.
To run the deployment to Sepolia, you need an account with funds to send the transaction. The provided Hardhat configuration includes a Configuration Variable called `SEPOLIA_PRIVATE_KEY`, which you can use to set the private key of the account you want to use.
55
-
56
-
You can set the `SEPOLIA_PRIVATE_KEY` variable using the `hardhat-keystore` plugin or by setting it as an environment variable.
57
-
58
-
To set the `SEPOLIA_PRIVATE_KEY` config variable using `hardhat-keystore`:
59
-
60
-
```shell
61
-
npx hardhat keystore set SEPOLIA_PRIVATE_KEY
62
-
```
50
+
## Acknowledgements
51
+
We extend our gratitude to **0xParc** for their pioneering work on [circom-ecdsa](https://github.com/0xPARC/circom-ecdsa). Their implementation served as the foundational building block for the ZKP-based private digital asset publication system featured in this repository.
63
52
64
-
After setting the variable, you can run the deployment with the Sepolia network:
53
+
To meet the specific requirements of the `trust-anchor-did-ethr` software system, we have adapted 0xParc's original code within our own [fork of circom-ecdsa](https://github.com/ASCS-eV/circom-ecdsa). This fork is instrumental in our workflow, specifically for:
0 commit comments