Describe the bug
I see that this SDK has a verifyProof() method which is supposed to verify the validity of the proof:
|
verifyProof(zkp: ZKProof, circuitName: CircuitId): Promise<boolean>; |
This function takes as a parameter just the proof itself and the circuit id. However, I would like to not only verify the signature on the proof, but also that it's valid respective to the original request I sent to whomever produced that proof (otherwise , obviously, the credential holder could have sent me a proof for any other query and I wouldn't notice as the verifier)
The onchain verification contract seems to actually check that the proof's query matches the original proof request query hash: https://github.com/0xPolygonID/tutorial-examples/blob/6052cdff6ecdb9b0fe5a297bace7c81b1d03c95f/on-chain-verification/contracts/verifiers/ZKPVerifier.sol#L41 but I couldn't find anything similar in the JS SDK and its examples - is this actually possible with the JS SDK as of now? If so, could you please point me at the right call/example to do this verification against the original query?
Describe the bug
I see that this SDK has a
verifyProof()method which is supposed to verify the validity of the proof:js-sdk/src/proof/proof-service.ts
Line 95 in 9d19a79
This function takes as a parameter just the proof itself and the circuit id. However, I would like to not only verify the signature on the proof, but also that it's valid respective to the original request I sent to whomever produced that proof (otherwise , obviously, the credential holder could have sent me a proof for any other query and I wouldn't notice as the verifier)
The onchain verification contract seems to actually check that the proof's query matches the original proof request query hash: https://github.com/0xPolygonID/tutorial-examples/blob/6052cdff6ecdb9b0fe5a297bace7c81b1d03c95f/on-chain-verification/contracts/verifiers/ZKPVerifier.sol#L41 but I couldn't find anything similar in the JS SDK and its examples - is this actually possible with the JS SDK as of now? If so, could you please point me at the right call/example to do this verification against the original query?