Feat/zk dispatching (#7)

* added zk dispatchers

* fixed tests without zk

* update changelog

* useless fix

CHANGELOG.md

@@ -1,5 +1,51 @@
 # Changelog
 
+## [Unreleased 2.0]
+
+* Added `StateKeeper` contract that acts as a singleton state instance that registrations interact with.
+    * `StateKeeper` integrates with `PoseidonSMT` contracts and manages the way how "certificates" and "identity bonds" are assembled.
+    * The contract centralized the "passport <> identity" bond storage. `getPassportInfo()` method has been moved there.
+    * New `getCertificateInfo()` and `usedSignatures()` methods have been added.
+    * It is now possible to have multiple independent registrations that verify users' passports. The registrations can be added to the `StateKeeper` via `updateRegistrationSet()` method that requires Rarimo TSS. The ability to add new registrations opens the doors for the support of new passports at the extremisis.
+    * New methods `getRegistrations()`, `getRegistrationByKey()`, and `isRegistration()` have been implemented. Each registration can be associated with a `string` key with the meaning of that key delegated to the front end (mobile app).
+* Refactored `Registration` contract in order to be forward compatible as possible. The contract now has 3 types of dispatchers:
+    1. **Passport dispatchers**. The same ones as before, though the constants have changed.
+
+    ```solidity
+    P_NO_AA = keccak256("P_NO_AA")
+    P_RSA_SHA1_2688 = keccak256("P_RSA_SHA1_2688")
+    P_ECDSA_SHA1_2704 = keccak256("P_ECDSA_SHA1_2704")
+    ```
+
+    2. **Certificate dispatchers**. The new ones.
+
+    ```solidity
+    C_RSA_4096 = keccak256("C_RSA_4096")
+    C_RSA_2048 = keccak256("C_RSA_2048")
+    ```
+
+    3. **Passport verifiers**. The new ones.
+
+    ```solidity
+    Z_UNIVERSAL_4096 = keccak256("Z_UNIVERSAL_4096")
+    Z_UNIVERSAL_2048 = keccak256("Z_UNIVERSAL_2048")
+    ```
+
+    Check [types file](scripts/utils/types.ts) for more information.
+
+    Every category of dispatchers is completely independent from the other, which contributes to high flexibility and linear dependencies complexity growth. The front end now has to deduce the correct dispatcher type not for one category, but for three.
+
+    * `updateDispatcher()` method has been renamed to `updateDependency()` to broaden its meaning.
+    * Added `zkType` variable to `Passport` struct to resolve the correct passport verifier.
+    * Changed the interface of `registerCertificate()` method. Packed up variables in structs.
+    * Moved all the events from `Registration` to `StateKeeper` and renamed them.
+    * Moved `icaoMasterTreeMerkleRoot` and its update logic from `Registration` to `StateKeeper`.
+* Refactored upgradeability mechanics and encapsulated them in a new `TSSUpgradeable` abstract smart contract.
+* Integrated with the newest circuits that support passport without active authentication and have 5 public inputs (instead of 4).
+* Fixed all the tests except ZK.
+* Fixed migration scripts. Added config resolution based on deployment chain.
+* Updated natspec.
+
 ## [Unreleased]
 
 * Made the `PoseidonSMT` and `Registration` contracts upgradable via TSS.

contracts/interfaces/dispatchers/IPassportDispatcher.sol

@@ -13,11 +13,6 @@ interface IPassportDispatcher {
         bytes calldata passportPublicKey_
     ) external view returns (bool);
 
-    function verifyZKProof(
-        uint256[] calldata publicSignals,
-        VerifierHelper.ProofPoints calldata zkPoints_
-    ) external view returns (bool);
-
     function getPassportChallenge(
         uint256 identityKey_
     ) external pure returns (bytes memory challenge_);

contracts/mock/registration/RegistrationMock.sol

@@ -6,12 +6,16 @@ import {ERC1967Proxy} from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.s
 import {Registration} from "../../registration/Registration.sol";
 
 contract RegistrationMock is Registration {
+    function mockAddCertificateDispatcher(bytes32 dispatcherType_, address dispatcher_) external {
+        _addDependency(certificateDispatchers, dispatcherType_, dispatcher_);
+    }
+
     function mockAddPassportDispatcher(bytes32 dispatcherType_, address dispatcher_) external {
-        _addDispatcher(passportDispatchers, dispatcherType_, dispatcher_);
+        _addDependency(passportDispatchers, dispatcherType_, dispatcher_);
     }
 
-    function mockAddCertificateDispatcher(bytes32 dispatcherType_, address dispatcher_) external {
-        _addDispatcher(certificateDispatchers, dispatcherType_, dispatcher_);
+    function mockAddPassportVerifier(bytes32 verifierType_, address verifier_) external {
+        _addDependency(passportVerifiers, verifierType_, verifier_);
     }
 
     function _authorizeUpgrade(address) internal pure virtual override {}

contracts/passport/dispatchers/PECDSASHA1Dispatcher.sol

@@ -3,25 +3,17 @@ pragma solidity 0.8.16;
 
 import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 
-import {VerifierHelper} from "@solarity/solidity-lib/libs/zkp/snarkjs/VerifierHelper.sol";
-
 import {IPassportDispatcher} from "../../interfaces/dispatchers/IPassportDispatcher.sol";
 import {PECDSASHA1Authenticator} from "../authenticators/PECDSASHA1Authenticator.sol";
 import {Bytes2Poseidon} from "../../utils/Bytes2Poseidon.sol";
 
 contract PECDSASHA1Dispatcher is IPassportDispatcher, Initializable {
     using Bytes2Poseidon for bytes;
-    using VerifierHelper for address;
 
     address public authenticator;
-    address public verifier;
 
-    function __PECDSASHA1Dispatcher_init(
-        address authenticator_,
-        address verifier_
-    ) external initializer {
+    function __PECDSASHA1Dispatcher_init(address authenticator_) external initializer {
         authenticator = authenticator_;
-        verifier = verifier_;
     }
 
     /**
@@ -48,16 +40,6 @@ contract PECDSASHA1Dispatcher is IPassportDispatcher, Initializable {
         return PECDSASHA1Authenticator(authenticator).authenticate(challenge_, r_, s_, x_, y_);
     }
 
-    /**
-     * @notice Verify passport validity ZK proof.
-     */
-    function verifyZKProof(
-        uint256[] memory pubSignals_,
-        VerifierHelper.ProofPoints memory zkPoints_
-    ) external view returns (bool) {
-        return verifier.verifyProof(pubSignals_, zkPoints_);
-    }
-
     /**
      * @notice Get the passport challenge to be used in active authentication. The challenge is the last 8 bytes
      * of the identity key.

contracts/passport/dispatchers/PNOAADispatcher.sol

@@ -0,0 +1,29 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.16;
+
+import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+
+import {IPassportDispatcher} from "../../interfaces/dispatchers/IPassportDispatcher.sol";
+
+contract PNOAADispatcher is IPassportDispatcher, Initializable {
+    function __PNOAADispatcher_init() external initializer {}
+
+    /**
+     * @notice Authenticate the passport without AA. Just return `true`
+     */
+    function authenticate(bytes memory, bytes memory, bytes memory) external pure returns (bool) {
+        return true;
+    }
+
+    /**
+     * @notice Passports without AA omit the challenge
+     */
+    function getPassportChallenge(uint256 identityKey_) external pure returns (bytes memory) {}
+
+    /**
+     * @notice Get the passport without AA hash
+     */
+    function getPassportKey(bytes memory passportHash_) external pure returns (uint256) {
+        return uint256(bytes32(passportHash_));
+    }
+}

contracts/passport/dispatchers/PRSASHA1Dispatcher.sol

@@ -3,25 +3,17 @@ pragma solidity 0.8.16;
 
 import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 
-import {VerifierHelper} from "@solarity/solidity-lib/libs/zkp/snarkjs/VerifierHelper.sol";
-
 import {IPassportDispatcher} from "../../interfaces/dispatchers/IPassportDispatcher.sol";
 import {PRSASHA1Authenticator} from "../authenticators/PRSASHA1Authenticator.sol";
 import {Bytes2Poseidon} from "../../utils/Bytes2Poseidon.sol";
 
 contract PRSASHA1Dispatcher is IPassportDispatcher, Initializable {
     using Bytes2Poseidon for bytes;
-    using VerifierHelper for address;
 
     address public authenticator;
-    address public verifier;
 
-    function __PRSASHA1Dispatcher_init(
-        address authenticator_,
-        address verifier_
-    ) external initializer {
+    function __PRSASHA1Dispatcher_init(address authenticator_) external initializer {
         authenticator = authenticator_;
-        verifier = verifier_;
     }
 
     /**
@@ -40,16 +32,6 @@ contract PRSASHA1Dispatcher is IPassportDispatcher, Initializable {
             );
     }
 
-    /**
-     * @notice Verify passport validity ZK proof.
-     */
-    function verifyZKProof(
-        uint256[] memory pubSignals_,
-        VerifierHelper.ProofPoints memory zkPoints_
-    ) external view returns (bool) {
-        return verifier.verifyProof(pubSignals_, zkPoints_);
-    }
-
     /**
      * @notice Get the passport challenge to be used in active authentication. The challenge is the last 8 bytes
      * of the identity key.