feat: multiple pubkey per route

Cargo.toml

@@ -24,7 +24,8 @@ cw2 = "2.0.0"
 schemars = "0.8.16"
 serde = { version = "1.0.197", default-features = false, features = ["derive"] }
 thiserror = { version = "1.0.58" }
-sd-jwt-rs = { git = "https://github.com/nymlab/sd-jwt-rust", rev = "c05b255790a6b2f702e", default-features = false, features = ["no_rand"]}
+sd-jwt-rs = { git = "https://github.com/nymlab/sd-jwt-rust", rev = "de9ccce7858e6e86f6a6e2f4dd23bcb4dc534421", default-features = false, features = ["no_rand"]}
+
 jsonwebtoken = { git = "https://github.com/nymlab/jsonwebtoken", rev = "98763b38713c54f", default-features = false, features = ["no_rand"] }
 serde_json = {version = "1.0.116", default-features = false, features = ["alloc"]}
 cw-utils = "2.0.0"

contracts/avida_example/Cargo.toml

@@ -36,3 +36,4 @@ sd-jwt-rs = "0.7.0"
 jsonwebtoken = { version="9.3.0", features=["use_pem"]}
 avida-test-utils = { path = "../../packages/avida_test_utils/", features = ["sdjwt"]}
 cw-multi-test = {version = "2", features = ["staking", "stargate", "cosmwasm_2_1"]}
+serde = { workspace = true }

contracts/avida_example/schema/avida-example.json

@@ -111,7 +111,7 @@
         ],
         "properties": {
           "data_or_location": {
-            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
             "allOf": [
               {
                 "$ref": "#/definitions/Binary"
@@ -187,11 +187,10 @@
         "properties": {
           "issuer_source_or_data": {
             "description": "This defines where the source data for verification is",
-            "allOf": [
-              {
-                "$ref": "#/definitions/IssuerSourceOrData"
-              }
-            ]
+            "type": "array",
+            "items": {
+              "$ref": "#/definitions/IssuerSourceOrData"
+            }
           },
           "presentation_required": {
             "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",

contracts/avida_example/schema/raw/execute.json

@@ -93,7 +93,7 @@
       ],
       "properties": {
         "data_or_location": {
-          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
           "allOf": [
             {
               "$ref": "#/definitions/Binary"
@@ -169,11 +169,10 @@
       "properties": {
         "issuer_source_or_data": {
           "description": "This defines where the source data for verification is",
-          "allOf": [
-            {
-              "$ref": "#/definitions/IssuerSourceOrData"
-            }
-          ]
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IssuerSourceOrData"
+          }
         },
         "presentation_required": {
           "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",

contracts/avida_example/src/tests/exec_test.rs

@@ -1,8 +1,9 @@
-use cosmwasm_std::Addr;
+use cosmwasm_std::{from_json, to_json_binary, Addr};
 use cw_multi_test::{App, Executor};
 
-use avida_common::types::RouteVerificationRequirements;
+use avida_sdjwt_verifier::types::{JwkInfo, VerificationRequirements};
 use avida_test_utils::sdjwt::fixtures::{issuer_jwk, OWNER_ADDR};
+use josekit::jwk::Jwk;
 
 use crate::constants::GIVE_ME_DRINK_ROUTE_ID;
 use crate::msg::ExecuteMsg;
@@ -50,7 +51,7 @@ fn register_requirement() {
     assert_eq!(routes.first().unwrap(), &GIVE_ME_DRINK_ROUTE_ID);
 
     // Query registered requirements
-    let registered_req: RouteVerificationRequirements = app
+    let registered_req: VerificationRequirements = app
         .wrap()
         .query_wasm_smart(
             verifier_addr.clone(),
@@ -61,18 +62,36 @@ fn register_requirement() {
         )
         .unwrap();
 
-    assert_eq!(
-        registered_req.issuer_source_or_data,
-        fx_route_verification_req.issuer_source_or_data
-    );
+    let mut registered_pubkeys: Vec<JwkInfo> = registered_req
+        .issuer_pubkeys
+        .unwrap_or_default() // Handle the Option, default to empty HashMap if None
+        .into_iter()
+        .map(|(iss, key)| JwkInfo {
+            issuer: iss,
+            jwk: to_json_binary(&key).unwrap(),
+        })
+        .collect();
+
+    let mut expected_pub_keys: Vec<JwkInfo> = fx_route_verification_req
+        .issuer_source_or_data
+        .into_iter()
+        .map(|isd| from_json::<JwkInfo>(isd.data_or_location).unwrap()) // Consider error handling
+        .collect();
+
+    assert_eq!(expected_pub_keys.len(), registered_pubkeys.len());
+
+    // Pop and deserialize for comparison
+    let reg_jwk: Jwk = from_json(&registered_pubkeys.pop().unwrap().jwk).unwrap();
+    let exp_jwk: Jwk = from_json(&expected_pub_keys.pop().unwrap().jwk).unwrap();
+    assert_eq!(reg_jwk, exp_jwk);
 
     assert_eq!(
-        registered_req.presentation_required,
-        fx_route_verification_req.presentation_required
+        to_json_binary(&registered_req.presentation_required).unwrap(),
+        fx_route_verification_req.presentation_required.unwrap()
     );
 
     // Query route verification key
-    let route_verification_key: Option<String> = app
+    let route_verification_keys: Option<Vec<String>> = app
         .wrap()
         .query_wasm_smart(
             verifier_addr,
@@ -83,7 +102,8 @@ fn register_requirement() {
         )
         .unwrap();
 
-    let route_verification_jwk: josekit::jwk::Jwk =
-        serde_json::from_str(&route_verification_key.unwrap()).unwrap();
+    let rvk = route_verification_keys.unwrap().pop().unwrap();
+
+    let route_verification_jwk: josekit::jwk::Jwk = serde_json::from_str(&rvk).unwrap();
     assert_eq!(route_verification_jwk, issuer_jwk());
 }

contracts/avida_example/src/tests/fixtures.rs

@@ -4,7 +4,7 @@ use avida_sdjwt_verifier::types::{
 };
 use avida_test_utils::sdjwt::fixtures::{
     claims, get_default_block_info, make_presentation, make_route_verification_requirements,
-    PresentationVerificationType, RouteVerificationRequirementsType,
+    KeyType, PresentationVerificationType,
 };
 
 use crate::contract;
@@ -46,10 +46,7 @@ pub fn setup_requirement(order: &str) -> RouteVerificationRequirements {
         "food" => vec![],
         _ => vec![],
     };
-    make_route_verification_requirements(
-        presentation_req,
-        RouteVerificationRequirementsType::Supported,
-    )
+    make_route_verification_requirements(presentation_req, KeyType::Ed25519)
 }
 
 pub fn setup_requirement_with_expiration() -> RouteVerificationRequirements {
@@ -68,10 +65,7 @@ pub fn setup_requirement_with_expiration() -> RouteVerificationRequirements {
         },
     ];
 
-    make_route_verification_requirements(
-        presentation_req,
-        RouteVerificationRequirementsType::Supported,
-    )
+    make_route_verification_requirements(presentation_req, KeyType::Ed25519)
 }
 
 pub fn verifier_contract() -> Box<dyn Contract<Empty>> {

contracts/avida_example/src/tests/query_test.rs

@@ -4,11 +4,12 @@ use crate::msg::QueryMsg;
 use crate::tests::fixtures::setup_requirement;
 use crate::types::RegisterRequirement;
 use crate::{tests::fixtures::instantiate_contracts, types::GetVerifierResponse};
-use avida_common::types::RouteVerificationRequirements;
 use avida_sdjwt_verifier::msg::QueryMsg as VerifierQueryMsg;
+use avida_sdjwt_verifier::types::{JwkInfo, VerificationRequirements};
 use avida_test_utils::sdjwt::fixtures::OWNER_ADDR;
-use cosmwasm_std::Addr;
+use cosmwasm_std::{from_json, to_json_binary, Addr};
 use cw_multi_test::{App, Executor};
+use josekit::jwk::Jwk;
 #[test]
 fn get_verifier() {
     let mut app = App::default();
@@ -47,7 +48,7 @@ fn get_route_requirements() {
     .unwrap();
 
     // Query route requirements
-    let requirements: RouteVerificationRequirements = app
+    let requirements: VerificationRequirements = app
         .wrap()
         .query_wasm_smart(
             verifier_addr,
@@ -58,6 +59,26 @@ fn get_route_requirements() {
         )
         .unwrap();
 
-    // Verify the requirements match what we registered
-    assert_eq!(requirements, fx_route_verification_req);
+    let mut registered_pubkeys: Vec<JwkInfo> = requirements
+        .issuer_pubkeys
+        .unwrap_or_default() // Handle the Option, default to empty HashMap if None
+        .into_iter()
+        .map(|(iss, key)| JwkInfo {
+            issuer: iss,
+            jwk: to_json_binary(&key).unwrap(),
+        })
+        .collect();
+
+    let mut expected_pub_keys: Vec<JwkInfo> = fx_route_verification_req
+        .issuer_source_or_data
+        .into_iter()
+        .map(|isd| from_json::<JwkInfo>(isd.data_or_location).unwrap()) // Consider error handling
+        .collect();
+
+    assert_eq!(expected_pub_keys.len(), registered_pubkeys.len());
+
+    // Pop and deserialize for comparison
+    let reg_jwk: Jwk = from_json(&registered_pubkeys.pop().unwrap().jwk).unwrap();
+    let exp_jwk: Jwk = from_json(&expected_pub_keys.pop().unwrap().jwk).unwrap();
+    assert_eq!(reg_jwk, exp_jwk);
 }

contracts/sdjwt-verifier/schema/avida-sdjwt-verifier.json

@@ -60,7 +60,7 @@
         ],
         "properties": {
           "data_or_location": {
-            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
             "allOf": [
               {
                 "$ref": "#/definitions/Binary"
@@ -109,11 +109,10 @@
         "properties": {
           "issuer_source_or_data": {
             "description": "This defines where the source data for verification is",
-            "allOf": [
-              {
-                "$ref": "#/definitions/IssuerSourceOrData"
-              }
-            ]
+            "type": "array",
+            "items": {
+              "$ref": "#/definitions/IssuerSourceOrData"
+            }
           },
           "presentation_required": {
             "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",
@@ -309,7 +308,7 @@
         ],
         "properties": {
           "data_or_location": {
-            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+            "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
             "allOf": [
               {
                 "$ref": "#/definitions/Binary"
@@ -358,11 +357,10 @@
         "properties": {
           "issuer_source_or_data": {
             "description": "This defines where the source data for verification is",
-            "allOf": [
-              {
-                "$ref": "#/definitions/IssuerSourceOrData"
-              }
-            ]
+            "type": "array",
+            "items": {
+              "$ref": "#/definitions/IssuerSourceOrData"
+            }
           },
           "presentation_required": {
             "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",
@@ -540,11 +538,10 @@
       "properties": {
         "issuer_source_or_data": {
           "description": "This defines where the source data for verification is",
-          "allOf": [
-            {
-              "$ref": "#/definitions/IssuerSourceOrData"
-            }
-          ]
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IssuerSourceOrData"
+          }
         },
         "presentation_required": {
           "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",
@@ -572,7 +569,7 @@
           ],
           "properties": {
             "data_or_location": {
-              "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+              "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
               "allOf": [
                 {
                   "$ref": "#/definitions/Binary"

contracts/sdjwt-verifier/schema/raw/execute.json

@@ -170,7 +170,7 @@
       ],
       "properties": {
         "data_or_location": {
-          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
           "allOf": [
             {
               "$ref": "#/definitions/Binary"
@@ -219,11 +219,10 @@
       "properties": {
         "issuer_source_or_data": {
           "description": "This defines where the source data for verification is",
-          "allOf": [
-            {
-              "$ref": "#/definitions/IssuerSourceOrData"
-            }
-          ]
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IssuerSourceOrData"
+          }
         },
         "presentation_required": {
           "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",

contracts/sdjwt-verifier/schema/raw/instantiate.json

@@ -56,7 +56,7 @@
       ],
       "properties": {
         "data_or_location": {
-          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
           "allOf": [
             {
               "$ref": "#/definitions/Binary"
@@ -105,11 +105,10 @@
       "properties": {
         "issuer_source_or_data": {
           "description": "This defines where the source data for verification is",
-          "allOf": [
-            {
-              "$ref": "#/definitions/IssuerSourceOrData"
-            }
-          ]
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IssuerSourceOrData"
+          }
         },
         "presentation_required": {
           "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",

contracts/sdjwt-verifier/schema/raw/response_to_get_route_requirements.json

@@ -9,11 +9,10 @@
   "properties": {
     "issuer_source_or_data": {
       "description": "This defines where the source data for verification is",
-      "allOf": [
-        {
-          "$ref": "#/definitions/IssuerSourceOrData"
-        }
-      ]
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/IssuerSourceOrData"
+      }
     },
     "presentation_required": {
       "description": "The presentation request is the criteria required for the presentation, for example required certains claims to be disclosed This value is stored as `VerificationRequirements.presentation_required` on sdjwtVerifier",
@@ -41,7 +40,7 @@
       ],
       "properties": {
         "data_or_location": {
-          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be jwk",
+          "description": "The data or location of the verification data at the trust registry For TrustRegistry::Cheqd, it is the `ResourceReqPacket` in avida-cheqd For data, the contracts should have the expected type In Sdjwt-Verifier, this is expected to be the JwkInfo struct",
           "allOf": [
             {
               "$ref": "#/definitions/Binary"

contracts/sdjwt-verifier/src/contract.rs

@@ -51,7 +51,7 @@ pub fn execute(
 ) -> Result<Response, SdjwtVerifierError> {
     match msg {
         AvidaVerifierExecuteMsg::UpdateRevocationList { app_addr, request } => {
-            handle_update_revocation_list(deps, app_addr, request)
+            handle_update_revocation_list(deps, info, app_addr, request)
         }
         AvidaVerifierExecuteMsg::Register { app_addr, requests } => {
             handle_register(deps, env, info, app_addr, requests)
@@ -83,7 +83,7 @@ pub fn execute(
 pub fn query(deps: Deps, _env: Env, msg: QueryMsg) -> StdResult<Binary> {
     match msg {
         QueryMsg::GetRouteVerificationKey { app_addr, route_id } => {
-            let route_verification_key = query_route_verification_key(deps, app_addr, route_id)?;
+            let route_verification_key = query_route_verification_keys(deps, app_addr, route_id)?;
             to_json_binary(&route_verification_key)
         }
         QueryMsg::GetAppAdmin { app_addr } => {