Class: TruthID::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/truthid/client.rb

Constant Summary collapse

RPC_URLS = 
{
  "base-sepolia" => "https://sepolia.base.org",
  "base-mainnet" => "https://mainnet.base.org"
}.freeze

Instance Method Summary collapse

Constructor Details

#initialize(network: "base-mainnet", rpc_url: nil) ⇒ Client

Returns a new instance of Client.



15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/truthid/client.rb', line 15

def initialize(network: "base-mainnet", rpc_url: nil)
  url = rpc_url || RPC_URLS.fetch(network)
  @rpc = Eth::Client.create(url)
  @devices = Eth::Contract.from_abi(
    name: "DeviceRegistry",
    address: Contracts::DEVICE_REGISTRY_ADDRESSES.fetch(network),
    abi: Contracts::DEVICE_REGISTRY_ABI
  )
  @sessions = Eth::Contract.from_abi(
    name: "SessionRegistry",
    address: Contracts::SESSION_REGISTRY_ADDRESSES.fetch(network),
    abi: Contracts::SESSION_REGISTRY_ABI
  )
end

Instance Method Details

#check_device_status(device_pub_key) ⇒ Object 



103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'lib/truthid/client.rb', line 103

def check_device_status(device_pub_key)
  device = @rpc.call(@devices, "getDevice", device_pub_key)
  return DeviceStatus.new(exists: false, active: false) unless device[5] # exists

  DeviceStatus.new(
    exists:      true,
    active:      !device[4], # revoked → active é o inverso
    label:       device[2],
    identity_id: device[0],
    added_at:    Time.at(device[3]).utc
  )
end

#create_challenge(origin) ⇒ Object 



30
31
32
33
34
35
36
37
 
# File 'lib/truthid/client.rb', line 30

def create_challenge(origin)
  AuthChallenge.new(
    type:      "challenge",
    nonce:     SecureRandom.uuid,
    issued_at: (Time.now.to_f * 1000).to_i,
    origin:    origin
  )
end

#verify_auth_response(challenge, response, ttl_ms: 30_000) ⇒ Object 



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/truthid/client.rb', line 39

def verify_auth_response(challenge, response, ttl_ms: 30_000)
  # 1. Usuário recusou
  unless response.approved
    return VerifyAuthResult.new(valid: false, reason: "User rejected the login request")
  end

  # 2. TTL expirado
  now_ms = (Time.now.to_f * 1000).to_i
  if now_ms - challenge.issued_at > ttl_ms
    return VerifyAuthResult.new(valid: false, reason: "Challenge expired")
  end

  # 3. Nonce bate com o challenge original
  if challenge.nonce != response.nonce
    return VerifyAuthResult.new(valid: false, reason: "Nonce mismatch")
  end

  # 4. Verificar assinatura
  # JSON.generate já produz JSON compacto (sem espaços) — compatível com Dart e JS
  message = JSON.generate(challenge.to_h)
  begin
    signer = Eth::Signature.personal_recover(message, response.signature)
  rescue => e
    return VerifyAuthResult.new(valid: false, reason: "Invalid signature format")
  end

  if signer.downcase != response.device_address.downcase
    return VerifyAuthResult.new(valid: false, reason: "Signature does not match device address")
  end

  # 5. Device ativo na blockchain
  is_active = @rpc.call(@devices, "isDeviceActive", response.device_address)
  unless is_active
    return VerifyAuthResult.new(valid: false, reason: "Device is not active or has been revoked")
  end

  # 6. Buscar identityId do device
  device = @rpc.call(@devices, "getDevice", response.device_address)

  VerifyAuthResult.new(
    valid:          true,
    identity_id:    device[0],
    device_address: response.device_address
  )
end

#verify_session(session_hash) ⇒ Object 



85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'lib/truthid/client.rb', line 85

def verify_session(session_hash)
  # bytes32: converte hex string → 32 bytes binários
  hash_bytes = [session_hash.delete_prefix("0x")].pack("H*")

  session = @rpc.call(@sessions, "getSession", hash_bytes)
  return SessionInfo.new(exists: false, revoked: false) unless session[4] # exists

  revoked = @rpc.call(@sessions, "isSessionRevoked", hash_bytes)

  SessionInfo.new(
    exists:       true,
    revoked:      revoked,
    identity_id:  session[0],
    device_pub_key: session[1],
    created_at:   Time.at(session[2]).utc
  )
end