fix(credential): audit changes credential (#250)

docs/README.md

@@ -1,3 +1,4 @@
+
 # Elesto
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/elesto-dao/elesto.svg)](https://pkg.go.dev/github.com/elesto-dao/elesto)

proto/credential/v1/credential.proto

@@ -7,10 +7,6 @@ import "gogoproto/gogo.proto";
 import "google/protobuf/timestamp.proto";
 import "google/protobuf/struct.proto";
 
-
-
-
-
 message CredentialDefinition {
   option (gogoproto.equal) = true;
   option (gogoproto.goproto_getters)  = false;

proto/credential/v1/genesis.proto

@@ -0,0 +1,12 @@
+syntax = "proto3";
+package elestodao.elesto.credential.v1;
+
+import "gogoproto/gogo.proto";
+import "credential/v1/credential.proto";
+
+option go_package = "github.com/elesto-dao/elesto/v3/x/credential";
+
+message GenesisState{
+    repeated CredentialDefinition credentialDefinitions = 1 [(gogoproto.nullable)=false];
+    repeated PublicVerifiableCredential publicVerifiableCredentials = 2 [(gogoproto.nullable)=false];
+}

proto/credential/v1/query.proto

@@ -58,26 +58,33 @@ message QueryPublicCredentialResponse {
 }
 
 
-message QueryPublicCredentialsRequest {}
+message QueryPublicCredentialsRequest {
+  cosmos.base.query.v1beta1.PageRequest pagination = 1;
+}
 
 message QueryPublicCredentialsResponse {
   repeated PublicVerifiableCredential credential = 1;
+  cosmos.base.query.v1beta1.PageResponse pagination = 2;
 }
 
 message QueryPublicCredentialsByHolderRequest {
   string did = 1; // holder DID
+  cosmos.base.query.v1beta1.PageRequest pagination = 2;
 }
 
 message QueryPublicCredentialsByHolderResponse {
   repeated PublicVerifiableCredential credential = 1;
+  cosmos.base.query.v1beta1.PageResponse pagination = 2;
 }
 
 message QueryPublicCredentialsByIssuerRequest {
   string did = 1; // issuer DID
+  cosmos.base.query.v1beta1.PageRequest pagination = 2;
 }
 
 message QueryPublicCredentialsByIssuerResponse {
   repeated PublicVerifiableCredential credential = 1;
+  cosmos.base.query.v1beta1.PageResponse pagination = 2;
 }
 
 message QueryCredentialDefinitionRequest {
@@ -99,10 +106,12 @@ message QueryCredentialDefinitionsResponse {
 
 message QueryCredentialDefinitionsByPublisherRequest {
   string did = 1; // DID of the publisher
+  cosmos.base.query.v1beta1.PageRequest pagination = 2;
 }
 
 message QueryCredentialDefinitionsByPublisherResponse {
   repeated CredentialDefinition definitions = 1;
+  cosmos.base.query.v1beta1.PageResponse pagination = 2;
 }
 
 

x/credential/credential.go

@@ -42,6 +42,7 @@ func NewCredentialDefinitionFromFile(id string, publisherDID did.DID,
 	return def, nil
 }
 
+// NewPublicVerifiableCredential creates a new Public Verifiable Credential
 func NewPublicVerifiableCredential(id string, opts ...PublicVerifiableCredentialOption) *PublicVerifiableCredential {
 	pvc := &PublicVerifiableCredential{
 		Context: []string{"https://www.w3.org/2018/credentials/v1"},

x/credential/credential_test.go

@@ -4,13 +4,14 @@ import (
 	_ "embed"
 	"encoding/base64"
 	"fmt"
+	"os"
+	"testing"
+	"time"
+
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/crypto/types"
 	sdk "github.com/cosmos/cosmos-sdk/types"
-	"os"
-	"testing"
-	"time"
 
 	"github.com/stretchr/testify/assert"
 
@@ -542,7 +543,6 @@ func TestWrappedCredential_Validate(t *testing.T) {
 				wc.Proof = NewProof(
 					pubKey.Type(),
 					date.Format(time.RFC3339),
-					// TODO: define proof purposes
 					did.AssertionMethod,
 					issuerDID.NewVerificationMethodID(ki.GetAddress().String()),
 					base64.StdEncoding.EncodeToString(signature),
@@ -552,6 +552,42 @@ func TestWrappedCredential_Validate(t *testing.T) {
 			},
 			assert.NoError,
 		},
+		{
+			"FAIL: invalid signature",
+			func() (*WrappedCredential, types.PubKey) {
+				// create the public key
+				kr := keyring.NewInMemory()
+				ki, err := kr.NewAccount(
+					"test1",
+					"coil animal waste sound canvas weekend struggle skirt donor boil around bounce grant right silent year subway boost banana unlock powder riot spawn nerve",
+					keyring.DefaultBIP39Passphrase, sdk.FullFundraiserPath, hd.Secp256k1,
+				)
+				assert.NoError(t, err)
+				// get the issuer
+				issuerDID := did.NewChainDID("test", ki.GetAddress().String())
+				// create the credential
+				wc, err := NewWrappedCredential(NewPublicVerifiableCredential("https://example.credential/01", WithType("SpecialCredential"), WithIssuerDID(issuerDID)))
+				wc.SetSubject(map[string]any{"id": "https://something.something"})
+				// sign the credential
+				data, err := wc.GetBytes()
+				assert.NoError(t, err)
+				_, pubKey, err := kr.SignByAddress(ki.GetAddress(), data)
+				assert.NoError(t, err)
+
+				// attach the proof
+				date := time.Date(2022, 02, 24, 0, 0, 0, 0, time.UTC)
+				wc.Proof = NewProof(
+					pubKey.Type(),
+					date.Format(time.RFC3339),
+					did.AssertionMethod,
+					issuerDID.NewVerificationMethodID(ki.GetAddress().String()),
+					base64.StdEncoding.EncodeToString([]byte("invalid signature")),
+				)
+				assert.NoError(t, err)
+				return wc, ki.GetPubKey()
+			},
+			assert.Error,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {