feat(zkemail): role invitations via on-chain ZK Email proof verification#170
Open
hudsonhrh wants to merge 2 commits into
Open
feat(zkemail): role invitations via on-chain ZK Email proof verification#170hudsonhrh wants to merge 2 commits into
hudsonhrh wants to merge 2 commits into
Conversation
Add ZkEmailInvites, a per-org upgradeable module that lets an executor pre-authorize specific emails or whole domains to claim role hats by submitting a DKIM-backed ZK Email proof, verified on-chain at claim time. Claims are gasless via the existing PaymasterHub + PasskeyAccount flow (four claim selectors auto-whitelisted), and a combined register+claim path onboards first-time users in one sponsored UserOp. - src/ZkEmailInvites.sol + vendored zk-email surface (IVerifier, IDKIMRegistry, CommandUtils) under src/zkemail/ - Wire into OrgDeployer/ModulesFactory/ModuleTypes; conditional on the per-chain protocol infra (verifier + DKIM registry) being set - Beacon-existence gate so a missing ZkEmailInvites beacon degrades gracefully instead of bricking org deploys (TypeUnknown) - Register the beacon in canonical deploy helpers (DeployHelper, DeployInfrastructure) - 50 unit + 13 integration tests; full suite 1513 passing - Includes forge fmt reformat of UpgradeEligibilitySuperAdminLockdown.s.sol Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…llites Address review findings on PR #170: - _verifyProofCommon now rejects proofs with `isCodeExist == false` (new AccountCodeMissing error), checked after verifyEmailProof so it asserts the proven value. Without an embedded account code, accountSalt is not a real Poseidon(emailAddress, accountCode) commitment, which both email-rule lookups and per-domain claim idempotency depend on. - Register ZkEmailInvites in DeploySatelliteInfrastructure.s.sol (_deployImplementations + _registerContractTypes); satellites built with the standalone script previously left beaconRegistered() false, silently skipping the module even after infra was wired. - 3 new unit tests (domain/email/combined paths reject !isCodeExist and confirm no state mutation on revert). Full suite: 1516 passing. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds
ZkEmailInvites, a per-org upgradeable module that lets an executor pre-authorize specific emails or whole domains to claim role hats via a DKIM-backed ZK Email proof verified on-chain, sponsored gaslessly through the existing PaymasterHub + PasskeyAccount flow (four claim selectors auto-whitelisted, plus a combined register+claim onboarding path). It wires into OrgDeployer/ModulesFactory/ModuleTypes and only activates once per-chain infra (verifier + DKIM registry) is set via the newsetZkEmailInfrastructure; a beacon-existence gate makes a missing beacon degrade gracefully instead of revertingTypeUnknownand bricking org deploys. TheZkEmailInvitesbeacon is now registered in the canonical deploy helpers (DeployHelper, DeployInfrastructure). Also vendors the minimal zk-email interfaces (IVerifier,IDKIMRegistry,CommandUtils) undersrc/zkemail/and includes a forge-fmt-only reformat ofUpgradeEligibilitySuperAdminLockdown.s.sol. Adds 50 unit + 13 integration tests (full suite 1513 passing); deploying the actual Groth16 verifier + DKIM registry and enabling the feature on live chains is a follow-up PR.🤖 Generated with Claude Code