Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: [SIW-1844] Add trustmark generation functions #156

Merged
merged 27 commits into from
Nov 19, 2024
Merged

feat: [SIW-1844] Add trustmark generation functions #156

merged 27 commits into from
Nov 19, 2024

Conversation

mastro993
Copy link
Contributor

@mastro993 mastro993 commented Nov 16, 2024
edited
Loading

List of Changes

  • Added getCredentialTrustmarkJwt function, which returns the credential's trustmark JWT
  • Updated the example app with the screens, store and functions to test the new trustmark functionality

Motivation and Context

This approach addresses vulnerabilities in the previous static QR code implementation.
This new TrustMark implementation binds the QR code to the specific credential being verified, preventing QR code swapping and ensuring unique, tamper-proof authentication. It uses a signed JWT with a short validity period for enhanced security.

The trustmark JWT can be obtained using the following function, exported from Credential.Trustmark:

function getCredentialTrustmark({
  walletInstanceAttestation: string,
  wiaCryptoContext: CryptoContext,
  credentialType: string,
  docNumber?: string,
  expirationTime?: number | string
}): Promise<{
  jwt: string,
  expirationTime: number
}>

How Has This Been Tested?

Tested the Trustmark generation using the example app

Screenshots (if appropriate):

ScreenRecording_11-16-2024.12-25-32_1.MP4

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

@mastro993 mastro993 changed the title [SIW-1844] Add trustmark generation functions feat: [SIW-1844] Add trustmark generation functions Nov 16, 2024
@github-actions github-actions bot added the feat label Nov 17, 2024
@mastro993 mastro993 self-assigned this Nov 18, 2024
@mastro993 mastro993 marked this pull request as ready for review November 18, 2024 10:51
@mastro993 mastro993 requested a review from a team as a code owner November 18, 2024 10:51
grausof
grausof requested changes Nov 18, 2024
View reviewed changes
example/src/screens/TrustmarkScreen.tsx Outdated Show resolved Hide resolved
example/src/screens/TrustmarkScreen.tsx Outdated Show resolved Hide resolved
src/credential/trustmark/get-credential-trustmark.ts Outdated Show resolved Hide resolved
grausof
grausof approved these changes Nov 18, 2024
View reviewed changes
Copy link
Contributor

@grausof grausof left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work 🎉

grausof
grausof approved these changes Nov 19, 2024
View reviewed changes
Copy link
Contributor

@grausof grausof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great 🔥

@grausof
Copy link
Contributor

grausof commented Nov 19, 2024

Remember to increase the minor version in package.json before release

grausof
grausof approved these changes Nov 19, 2024
View reviewed changes
Copy link
Contributor

@grausof grausof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now it's perfect!

@mastro993 mastro993 added this pull request to the merge queue Nov 19, 2024
Merged via the queue into master with commit 5899294 Nov 19, 2024
6 checks passed
@mastro993 mastro993 deleted the SIW-1844-add-trustmark-sign-functions branch November 19, 2024 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grausof grausof grausof approved these changes

@LazyAfternoons LazyAfternoons Awaiting requested review from LazyAfternoons LazyAfternoons is a code owner automatically assigned from pagopa/io-wallet

@hevelius hevelius Awaiting requested review from hevelius hevelius is a code owner automatically assigned from pagopa/io-wallet

Assignees

@mastro993 mastro993

Labels
example feat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mastro993 @grausof