Merge pull request #7 from zkFold/5-zkpass-m4

zkPass server

Author: vlasin

.github/workflows/main-pull.yml

@@ -116,7 +116,7 @@ jobs:
         cabal build all --dry-run
 
     - name: Restore cached dependencies
-      uses: actions/cache/restore@v4.0.1
+      uses: actions/cache/restore@v4
       id: cache
       env:
         key: ${{ matrix.os }}-ghc-${{ matrix.ghc }}-cabal-${{ matrix.cabal }}
@@ -149,7 +149,7 @@ jobs:
 
     # Cache dependencies already here, so that we do not have to rebuild them should the subsequent steps fail.
     - name: Save cached dependencies
-      uses: actions/cache/save@v4.0.1
+      uses: actions/cache/save@v4
       # If we had an exact cache hit, trying to save the cache would error because of key clash.
       if: steps.cache.outputs.cache-hit != 'true'
       with:

.github/workflows/main-push.yml

@@ -99,7 +99,7 @@ jobs:
         cabal-version: '3.10.3.0'
 
     - name: Cache
-      uses: actions/cache@v4.0.1
+      uses: actions/cache@v4
       env:
         cache-name: cache-cabal
       with:

.gitignore

@@ -2,3 +2,5 @@ dist-*
 *~
 assets
 test-data
+log/
+maestro-config.json

README.md

@@ -2,4 +2,18 @@
 
 **zkPass** on Cardano is a smart contract that enables developers to post, verify, and utilize zkPass oracle attestations on the Cardano blockchain. It is a tool that makes new types of DApps possible on Cardano.
 
-This repository contains code to construct transactions for the zkPass smart contract.  (Relevant executables are described [here](https://github.com/zkFold/zkpass-cardano/blob/main/backends/README.md).)
+This repository contains the zkPass onchain code, as well as the server side of the zkPass prototype DApp.
+
+## zkPass server
+
+To run the zkPass server, execute:
+```shell
+cabal run zkpass-server -- config.json
+```
+where `config.json` contains your configuration for network and provider.  (File `config-template.json` provides a template configuration.)
+
+The zkPass server on this repository was written using the [Atlas](https://atlas-app.io) framework.
+
+## zkPass client
+
+The zkPass client can be found [here](https://github.com/zkFold/zkpass-client).

app/Main.hs

@@ -0,0 +1,43 @@
+{-# OPTIONS_GHC -Wno-unused-imports #-}
+
+module Main where
+
+import           GeniusYield.GYConfig      (coreConfigIO, withCfgProviders)
+import           Network.Wai.Handler.Warp
+import           Prelude
+import           System.Environment        (getArgs)
+import           Test.QuickCheck.Arbitrary (Arbitrary (..))
+import           Test.QuickCheck.Gen       (generate)
+
+import           ZkPass.Api                (app)
+import           ZkPass.Api.Context        (Ctx (..), SetupParams (..))
+import           ZkPass.Utils              (logSetupParams)
+
+
+-- | Getting path for our core configuration.
+parseArgs :: IO FilePath
+parseArgs = do
+  args <- getArgs
+  case args of
+    coreCfg: _       -> return coreCfg
+    _invalidArgument -> fail "Error: wrong arguments, needed a path to the CoreConfig JSON configuration file\n"
+
+main :: IO ()
+main = do
+  putStrLn "parsing Config ..."
+  coreCfgPath <- parseArgs
+  coreCfg     <- coreConfigIO coreCfgPath
+
+  x  <- generate arbitrary
+  ps <- generate arbitrary
+  let setupParams = SetupParams x ps
+
+  -- Uncomment to log setup parameters:
+  -- logSetupParams setupParams
+
+  putStrLn "Loading Providers ..."
+  withCfgProviders coreCfg "api-server" $ \providers -> do
+    let port = 8080
+        ctx  = Ctx coreCfg providers
+    putStrLn $ "Serving on http://localhost:" ++ show port
+    run port $ app ctx setupParams

app/ZkPass/Api.hs

@@ -0,0 +1,55 @@
+{-# LANGUAGE TypeOperators #-}
+
+module ZkPass.Api where
+
+import           Control.Exception           (try)
+import           Control.Monad.Trans.Except  (ExceptT (..))
+import qualified Network.HTTP.Types          as HttpTypes
+import           Network.Wai.Middleware.Cors
+import           Prelude
+import           Servant
+
+import           ZkPass.Api.Burn             (BurnInput, handleBurn)
+import           ZkPass.Api.Context          (Ctx (..), OwnAddress,
+                                              OwnAddresses, SetupParams,
+                                              UnsignedTxResponse, handleOwnAddr)
+import           ZkPass.Api.Mint             (MintInput, ZkPassResponse,
+                                              handleMint)
+import           ZkPass.Api.Setup            (SetupInput, SetupResponse,
+                                              handleSetup)
+import           ZkPass.Api.Transfer         (TransferInput, handleTransfer)
+import           ZkPass.Api.Tx               (AddWitAndSubmitParams,
+                                              SubmitTxResponse,
+                                              handleAddWitAndSubmitTx)
+
+
+-- | Type for our Servant API.
+type API = "setup" :> ReqBody '[JSON] SetupInput
+                   :> Post    '[JSON] SetupResponse
+      :<|> "transfer" :> ReqBody '[JSON] TransferInput
+                      :> Post    '[JSON] UnsignedTxResponse
+      :<|> "mint" :> ReqBody '[JSON] MintInput
+                  :> Post    '[JSON] ZkPassResponse
+      :<|> "burn" :> ReqBody '[JSON] BurnInput
+                  :> Post    '[JSON] UnsignedTxResponse
+      :<|> "add-wit-and-submit" :> ReqBody '[JSON] AddWitAndSubmitParams
+                                :> Post    '[JSON] SubmitTxResponse
+      :<|> "own-addr" :> ReqBody '[JSON] OwnAddresses
+                      :> Post    '[JSON] OwnAddress
+
+-- | Server Handler
+server :: Ctx -> SetupParams -> ServerT API IO
+server ctx sp = handleSetup ctx sp
+           :<|> handleTransfer ctx
+           :<|> handleMint ctx sp
+           :<|> handleBurn ctx sp
+           :<|> handleAddWitAndSubmitTx ctx
+           :<|> handleOwnAddr
+
+appApi :: Proxy API
+appApi = Proxy
+
+app :: Ctx -> SetupParams -> Application
+app ctx sp = cors (const $ Just simpleCorsResourcePolicy { corsRequestHeaders = [HttpTypes.hContentType] }) $
+  serve appApi $ hoistServer appApi (Handler . ExceptT . try) $
+  server ctx sp

app/ZkPass/Api/Burn.hs

@@ -0,0 +1,83 @@
+module ZkPass.Api.Burn where
+
+import           Control.Exception                      (throwIO)
+import           Data.Aeson
+import           Data.String                            (fromString)
+import           GeniusYield.GYConfig                   (GYCoreConfig (..))
+import           GeniusYield.TxBuilder
+import           GeniusYield.Types
+import           GHC.Generics
+import           PlutusLedgerApi.V3                     (toBuiltinData)
+import           Prelude
+import qualified ZkFold.Cardano.OnChain.BLS12_381.F     as F
+import           ZkFold.Cardano.OnChain.Plonkup.Data    (ProofBytes (..))
+import           ZkPass.Cardano.Example.IdentityCircuit (identityCircuitVerificationBytes)
+
+import           ZkPass.Api.Context
+import           ZkPass.Cardano.UPLC.ZkPassToken        (forwardingMintCompiled,
+                                                         zkPassTokenCompiled)
+
+
+-- | Burning input parameters.
+data BurnInput = BurnInput
+  { biUsedAddrs       :: ![GYAddress]
+  , biChangeAddr      :: !GYAddress
+  , biTaskId          :: !Integer
+  , biZkPassToken     :: !String
+  , biScriptsTxOutRef :: !String
+  } deriving stock (Show, Generic)
+    deriving anyclass FromJSON
+
+handleBurn :: Ctx -> SetupParams -> BurnInput -> IO UnsignedTxResponse
+handleBurn Ctx{..} SetupParams{..} BurnInput{..} = do
+  let nid       = cfgNetworkId ctxCoreCfg
+      providers = ctxProviders
+
+  let forwardingMintValidator = validatorFromPlutus @PlutusV3 $ forwardingMintCompiled biTaskId
+      forwardingMintAddr      = addressFromValidator nid forwardingMintValidator
+
+  let zkpassAsset = fromString biZkPassToken :: GYAssetClass
+
+  case zkpassAsset of
+    GYToken zkpPolicy zkpTokenName -> do
+      let cs          = mintingPolicyIdToCurrencySymbol zkpPolicy
+          inlineDatum = GYOutDatumInline $ datumFromPlutusData cs
+
+      utxosAtFM <- runGYTxQueryMonadIO nid
+                                       providers
+                                       (utxosAtAddress forwardingMintAddr (Just GYLovelace))
+
+      let utxosAtFMList = utxosToList $ filterUTxOs (\u -> utxoOutDatum u == inlineDatum) utxosAtFM
+
+      case utxosAtFMList of
+        [utxoAtFM] -> do
+          let (setup, _, _)        = identityCircuitVerificationBytes spX spPS
+              zkPassTokenValidator = validatorFromPlutus @PlutusV3 $ zkPassTokenCompiled setup
+
+          let setupTxOutRef   = txOutRefFromTuple (fromString biScriptsTxOutRef, 0)
+              forwardTxOutRef = txOutRefFromTuple (fromString biScriptsTxOutRef, 1)
+
+          let setupRef   = GYBuildPlutusScriptReference @PlutusV3 setupTxOutRef zkPassTokenValidator
+              forwardRef = GYBuildPlutusScriptReference @PlutusV3 forwardTxOutRef forwardingMintValidator
+              forwardWit = GYTxInWitnessScript forwardRef Nothing unitRedeemer
+
+          let dummyRedeemer' = ProofBytes "" "" "" "" "" "" "" "" "" "" "" "" "" 0 0 0 0 0 0 0 0 0 0 0 0 (F.F 0)
+              dummyRedeemer  = redeemerFromPlutusData $ toBuiltinData dummyRedeemer'
+
+          let skeleton = mustHaveInput (GYTxIn @PlutusV3 (utxoRef utxoAtFM) forwardWit)
+                      <> mustMint (GYBuildPlutusScript setupRef) dummyRedeemer zkpTokenName (-1)
+
+          txBody <- runGYTxBuilderMonadIO nid
+                                          providers
+                                          biUsedAddrs
+                                          biChangeAddr
+                                          Nothing
+                                          $ do
+            ownAddrs <- ownAddresses
+            let skeleton' = skeleton <> mustHaveOutput (GYTxOut (head ownAddrs) (utxoValue utxoAtFM) Nothing Nothing)
+            buildTxBody skeleton'
+
+          return $ unSignedTxWithFee txBody
+
+        _ -> throwIO $ userError "No UTxO with expected datum found."
+    _ -> throwIO $ userError "Missing native token specification."

app/ZkPass/Api/Context.hs

@@ -0,0 +1,58 @@
+module ZkPass.Api.Context where
+
+import           Data.Aeson
+import qualified Data.Text                                   as T
+import           GeniusYield.GYConfig                        (GYCoreConfig (..))
+import           GeniusYield.Types
+import           GHC.Generics
+import           Prelude
+
+import           ZkFold.Base.Algebra.EllipticCurve.BLS12_381 (BLS12_381_G1, Fr)
+import           ZkFold.Base.Protocol.Plonkup.Prover.Secret  (PlonkupProverSecret)
+
+
+------------------------- :Context & Setup: -------------------------
+
+-- | Configuration context.
+data Ctx = Ctx
+  { ctxCoreCfg   :: !GYCoreConfig
+  , ctxProviders :: !GYProviders
+  }
+
+-- | Setup parameters.
+data SetupParams = SetupParams
+  { spX  :: !Fr
+  , spPS :: !(PlonkupProverSecret BLS12_381_G1)
+  } deriving stock (Show, Generic)
+    deriving anyclass (ToJSON, FromJSON)
+
+------------------------- :Unsigned response: -------------------------
+
+data UnsignedTxResponse = UnsignedTxResponse
+  { urspTxBodyHex :: !T.Text              -- ^ Unsigned transaction cbor.
+  , urspTxFee     :: !(Maybe Integer)     -- ^ Tx fees.
+  } deriving stock (Show, Generic)
+    deriving anyclass ToJSON
+
+-- | Construct `UnsignedTxResponse` return type for our endpoint given the transaction body.
+unSignedTxWithFee :: GYTxBody -> UnsignedTxResponse
+unSignedTxWithFee txBody = UnsignedTxResponse
+  { urspTxBodyHex  = T.pack . txToHex $ unsignedTx txBody
+  , urspTxFee      = Just $ txBodyFee txBody
+  }
+
+------------------------- :own address: -------------------------
+
+-- | Own addresses input.
+data OwnAddresses = OwnAddresses { oaUsedAddrs :: ![GYAddress] }
+  deriving stock (Show, Generic)
+  deriving anyclass FromJSON
+
+-- | Return own address as text.
+data OwnAddress = OwnAddress { oaOwnAddress :: !T.Text }
+  deriving stock (Show, Generic)
+  deriving anyclass ToJSON
+
+-- | Handle to get own address.
+handleOwnAddr :: OwnAddresses -> IO OwnAddress
+handleOwnAddr OwnAddresses{..} = pure . OwnAddress . addressToText $ head oaUsedAddrs

app/ZkPass/Api/Mint.hs

@@ -0,0 +1,80 @@
+module ZkPass.Api.Mint where
+
+import           Cardano.Api                            (AssetName (..),
+                                                         parseAddressAny)
+import           Control.Exception                      (throwIO)
+import           Data.Aeson
+import           Data.Coerce                            (coerce)
+import qualified Data.Map.Strict                        as Map
+import           Data.String                            (fromString)
+import           GeniusYield.GYConfig                   (GYCoreConfig (..))
+import           GeniusYield.TxBuilder
+import           GeniusYield.Types
+import           GHC.Generics
+import           PlutusLedgerApi.V3                     (fromBuiltin)
+import           Prelude
+import           Text.Parsec                            (parse)
+
+import           ZkFold.Cardano.OffChain.Utils          (byteStringAsHex)
+import qualified ZkFold.Cardano.OnChain.BLS12_381.F     as F
+import           ZkPass.Api.Context
+import           ZkPass.Cardano.Example.IdentityCircuit (zkPassResultVerificationBytes)
+import           ZkPass.Cardano.Example.ZkPassResult    (zkPassResult)
+import           ZkPass.Cardano.UPLC.ZkPassToken        (zkPassTokenCompiled)
+import           ZkPass.Utils                           (asTuple)
+
+
+-- | Minting input parameters.
+data MintInput = MintInput
+  { miUsedAddrs       :: ![GYAddress]
+  , miChangeAddr      :: !GYAddress
+  , miBeneficiaryAddr :: !String
+  , miScriptsTxOutRef :: !String
+  } deriving stock (Show, Generic)
+    deriving anyclass FromJSON
+
+-- | ZkPass response parameters.
+data ZkPassResponse = ZkPassResponse
+  { zkprResult   :: !String
+  , zkprPolicyId :: !String
+  , zkprTknName  :: !String
+  , zkprUnsigned :: !UnsignedTxResponse
+  } deriving stock (Show, Generic)
+    deriving anyclass ToJSON
+
+handleMint :: Ctx -> SetupParams -> MintInput -> IO ZkPassResponse
+handleMint Ctx{..} SetupParams{..} MintInput{..} = do
+  let nid       = cfgNetworkId ctxCoreCfg
+      providers = ctxProviders
+
+  case parse parseAddressAny "" miBeneficiaryAddr of
+    Right benAddr -> do
+      zkpr <- zkPassResult
+
+      let (setup, input, proof) = zkPassResultVerificationBytes spX spPS $ F.toInput zkpr
+          zkPassTokenValidator  = validatorFromPlutus @PlutusV3 $ zkPassTokenCompiled setup
+          zkPassPolicyId        = mintingPolicyId zkPassTokenValidator
+          zkPassTokenName       = coerce @AssetName @GYTokenName . AssetName . fromBuiltin $ F.fromInput input
+          zkPassToken           = GYToken zkPassPolicyId zkPassTokenName
+          zkPassToken'          = asTuple zkPassToken
+          tokens                = valueMake $ Map.singleton zkPassToken 1
+          redeemer              = redeemerFromPlutusData proof
+
+      let txOutRefSetup = txOutRefFromTuple (fromString miScriptsTxOutRef, 0)
+          refScript     = GYMintReference @PlutusV3 txOutRefSetup zkPassTokenValidator
+          skeleton      = mustHaveOutput (GYTxOut (addressFromApi benAddr) tokens Nothing Nothing)
+                       <> mustMint refScript redeemer zkPassTokenName 1
+
+      txBody <- runGYTxBuilderMonadIO nid
+                                      providers
+                                      miUsedAddrs
+                                      miChangeAddr
+                                      Nothing
+                                      (buildTxBody skeleton)
+
+      return $ ZkPassResponse (byteStringAsHex $ fromBuiltin zkpr)
+                              (fst zkPassToken')
+                              (snd zkPassToken')
+                              (unSignedTxWithFee txBody)
+
+    Left err -> throwIO . userError . show $ err