From a5c5f47488d8981f6653fa2eded28d8977dc061d Mon Sep 17 00:00:00 2001
From: Oleksandr Brezhniev <oleksandr.brezhniev@gmail.com>
Date: Mon, 11 Mar 2024 14:58:39 +0000
Subject: [PATCH] Verify id checksum is correct

---
 circuits/auth/authV2.circom         | 9 +++++++++
 circuits/lib/stateTransition.circom | 9 +++++++++
 circuits/lib/utils/idUtils.circom   | 1 -
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/circuits/auth/authV2.circom b/circuits/auth/authV2.circom
index 7fe9efb..205a716 100644
--- a/circuits/auth/authV2.circom
+++ b/circuits/auth/authV2.circom
@@ -143,6 +143,15 @@ template checkAuthV2(IdOwnershipLevels, onChainLevels) {
 
     signal isStateGenesis <== IsEqual()([cutId, cutState]);
 
+    component genesisIdParts = SplitID();
+    genesisIdParts.id <== genesisID;
+
+    signal calculatedChecksum <== CalculateIdChecksum()(genesisIdParts.typ, genesisIdParts.genesis);
+    ForceEqualIfEnabled()(
+        enabled,
+        [genesisIdParts.checksum, calculatedChecksum]
+    );
+
     signal genesisIDHash <== Poseidon(1)([genesisID]);
 
     SMTVerifier(onChainLevels)(
diff --git a/circuits/lib/stateTransition.circom b/circuits/lib/stateTransition.circom
index 7271fe2..b4a14ce 100644
--- a/circuits/lib/stateTransition.circom
+++ b/circuits/lib/stateTransition.circom
@@ -40,6 +40,15 @@ template StateTransition(IdOwnershipLevels) {
     // get safe one values to be used in ForceEqualIfEnabled
     signal {binary} one <== SafeOne()(userID);
 
+    component genesisIdParts = SplitID();
+    genesisIdParts.id <== userID;
+
+    signal calculatedChecksum <== CalculateIdChecksum()(genesisIdParts.typ, genesisIdParts.genesis);
+    ForceEqualIfEnabled()(
+        one,
+        [genesisIdParts.checksum, calculatedChecksum]
+    );
+
     signal cutId <== cutId()(userID);
 
     signal cutState <== cutState()(oldUserState);
diff --git a/circuits/lib/utils/idUtils.circom b/circuits/lib/utils/idUtils.circom
index 89065e2..15c6b81 100644
--- a/circuits/lib/utils/idUtils.circom
+++ b/circuits/lib/utils/idUtils.circom
@@ -3,7 +3,6 @@ pragma circom 2.1.1;
 include "../../../node_modules/circomlib/circuits/bitify.circom";
 include "../../../node_modules/circomlib/circuits/poseidon.circom";
 include "../../../node_modules/circomlib/circuits/mux1.circom";
-include "./safeOne.circom";
 
 template ProfileID(){
     signal input in;