Skip to content

feat: add verifyWithSession verifier entry point for session-bound proofs#862

Open
kilianglas wants to merge 10 commits into
kilianglas/uniqueness-session-bindingfrom
kilianglas/uniqueness-session-binding-contracts
Open

feat: add verifyWithSession verifier entry point for session-bound proofs#862
kilianglas wants to merge 10 commits into
kilianglas/uniqueness-session-bindingfrom
kilianglas/uniqueness-session-binding-contracts

Conversation

@kilianglas

@kilianglas kilianglas commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Stacked on #855; contracts side of the session-binding feature (see docs/world-id-4-specs/README.md, "Binding Uniqueness Proofs to a Session").

Summary

Adds a dedicated verifier entry point for uniqueness proofs bound to an existing session. #855 makes the client emit uniqueness proofs whose session_id public signal carries the session's commitment; the existing verify() pins that signal to 0, so bound proofs need their own entry point — verification logic itself is unchanged (verifyProofAndSignals already takes sessionId).

  • New IWorldIDVerifierV2 is IWorldIDVerifier (the verifier was the only versioned core contract without a versioned interface: declares verifyWithSession(...), moves InvalidAction up from the V2 contract, and adds InvalidSessionId.
  • WorldIDVerifierV2 is IWorldIDVerifierV2, WorldIDVerifier implements verifyWithSession: enforces the uniqueness action prefix (MSB 0x00, InvalidAction) and sessionId != 0 then delegates to verifyProofAndSignals.
  • Base WorldIDVerifier, IWorldIDVerifier, and the existing verify()/verifySession() behavior untouched (V2's same-signature overrides now carry explicit override(IWorldIDVerifier, WorldIDVerifier) lists, as required by the added interface base).
  • The Rust test infra (RegistryTestContext) now deploys WorldIDVerifierV2 behind the proxy.

Fixtures & tests

  • generate-solidity-fixtures gains a bound-proof section: binds the uniqueness request to the session fixture's session id (cached r path), asserts the deterministic nullifier is unchanged, and verifies on-chain via verifyWithSession.
  • All fixture constants in both verifier test files are regenerated as one consistent set (they share the merkle root and mock pubkeys, so they can only be replaced together). The session fixture now reflects the current protocol shape: its own sessionNonce and a sessionNullifier tuple whose action carries the 0x02 session prefix (the previous committed fixture predated the prefix scheme). Generated with the tool fix from fix: generate session fixture via its own OPRF round #861 applied.
  • New tests (in WorldIDVerifierV2Test, where the entry point lives): verifyWithSession happy path, bound proof rejected by verify(), unbound proof rejected by verifyWithSession, wrong-session-id rejection, action-prefix checks (incl. fuzz), and zero-session-id rejection.
  • The Rust e2e (crates/core/tests/generate_proof.rs) now also positively verifies the bound proof on-chain via verifyWithSession, complementing the existing verify()-rejects assertion.

@kilianglas
kilianglas requested a review from a team as a code owner July 13, 2026 11:52
* requires the action's most significant byte to be `0x00`, `verifySession` requires `0x02`)
* and adds `verifyWithSession` for Uniqueness Proofs bound to an existing session.
*/
interface IWorldIDVerifierV2 is IWorldIDVerifier {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we're not including it in V2 imo we should do a V3 here. Since WorldIDVerifierV2 already exists - but there were not interface changes

uint64 constant credentialIssuerIdWrong = 2;

uint64 constant rpIdCorrect = 0x1a6ccf8f70e5de68;
uint64 constant rpIdCorrect = 0x387df34f862cd4e;

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants