Full Multi-query support onchain

.solhintignore

@@ -7,11 +7,6 @@
 **/lib/VerifierStateTransition.sol
 **/lib/VerifierV3.sol
 **/lib/VerifierV3Wrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierMTP.sol
-**/lib/groth16-verifiers/Groth16VerifierMTPWrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierSig.sol
-**/lib/groth16-verifiers/Groth16VerifierSigWrapper.sol
-**/lib/groth16-verifiers/Groth16VerifierStateTransition.sol
-**/lib/groth16-verifiers/Groth16VerifierV3.sol
-**/lib/groth16-verifiers/Groth16VerifierV3Wrapper.sol
+**/lib/groth16-verifiers
 **/node_modules
+

contracts/AlwaysRevert.sol

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
+error TheContractIsDisabled();
+
 /// @title This contract as a dummy implementation for Proxy contract if we need to revert all calls
 // This can be applied to disable all methods of a proxy contract with explicit error message
 contract AlwaysRevert {
     fallback() external payable {
-        revert("The contract is disabled");
+        revert TheContractIsDisabled();
     }
 }

contracts/Create2AddressAnchor.sol

@@ -1,4 +1,6 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
+/* solhint-disable no-empty-blocks */
 contract Create2AddressAnchor {}
+/* solhint-enable no-empty-blocks */

contracts/cross-chain/CrossChainProofValidator.sol

@@ -6,6 +6,13 @@ import {ICrossChainProofValidator} from "../interfaces/ICrossChainProofValidator
 import {IState} from "../interfaces/IState.sol";
 import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
 
+error IdentityStateProofInvalid();
+error GlobalStateProofInvalid();
+error GlobalStateProofSigningAddressInvalid(address recovered);
+error IdentityStateProofSigningAddressInvalid(address recovered);
+error OracleTimestampCannotBeInThePast();
+error OracleReplacedAtTimestampCannotBeInTheFuture();
+
 /**
  * @dev Contract which provides proof validation from identity state
  * and global state proofs from trusted oracle with signature from any network.
@@ -83,11 +90,12 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
             gsu.globalStateMsg,
             gsu.signature
         );
-        require(isValid, "Global state proof is not valid");
-        require(
-            recovered == _oracleSigningAddress,
-            "Global state proof signing address is not valid"
-        );
+        if (!isValid) {
+            revert GlobalStateProofInvalid();
+        }
+        if (recovered != _oracleSigningAddress) {
+            revert GlobalStateProofSigningAddressInvalid(recovered);
+        }
 
         return
             IState.GlobalStateProcessResult({
@@ -117,11 +125,12 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
             isu.idStateMsg,
             isu.signature
         );
-        require(isValid, "Identity state proof is not valid");
-        require(
-            recovered == _oracleSigningAddress,
-            "Identity state proof signing address is not valid"
-        );
+        if (!isValid) {
+            revert IdentityStateProofInvalid();
+        }
+        if (recovered != _oracleSigningAddress) {
+            revert IdentityStateProofSigningAddressInvalid(recovered);
+        }
 
         return
             IState.IdentityStateProcessResult({
@@ -213,13 +222,13 @@ contract CrossChainProofValidator is Ownable, EIP712, ICrossChainProofValidator
         uint256 replacedAtTimestamp
     ) internal view returns (uint256 replacedAt) {
         if (oracleTimestamp < block.timestamp - MAX_TIMESTAMP_LAG) {
-            revert("Oracle timestamp cannot be in the past");
+            revert OracleTimestampCannotBeInThePast();
         }
 
         replacedAt = replacedAtTimestamp == 0 ? oracleTimestamp : replacedAtTimestamp;
 
         if (replacedAt > block.timestamp + MAX_REPLACED_AT_AHEAD_OF_TIME) {
-            revert("Oracle replacedAtTimestamp or oracle timestamp cannot be in the future");
+            revert OracleReplacedAtTimestampCannotBeInTheFuture();
         }
 
         // this should never happen as block.timestamp is always greater than 0

contracts/identitytreestore/IdentityTreeStore.sol

@@ -8,6 +8,11 @@ import {IOnchainCredentialStatusResolver} from "../interfaces/IOnchainCredential
 import {IRHSStorage} from "../interfaces/IRHSStorage.sol";
 import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 
+error NodeNotFound();
+error InvalidStateNode();
+error InvalidNodeType();
+error UnsupportedLength();
+
 /**
  * @dev Contract which provides onchain Reverse Hash Service (RHS)
  * for checking revocation status of claims.
@@ -40,10 +45,12 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
 
     // keccak256(abi.encode(uint256(keccak256("iden3.storage.IdentityTreeStore.ReverseHashLibData")) - 1)) &
     //    ~bytes32(uint256(0xff));
+    // solhint-disable-next-line const-name-snakecase
     bytes32 private constant ReverseHashLibDataStorageLocation =
         0x0f7e3bdc6cc0e880d509aa1f6b8d1a88e5fcb7274e18dfba772424a36fe9b400;
 
     function _getReverseHashLibDataStorage() private pure returns (ReverseHashLib.Data storage $) {
+        // solhint-disable-next-line no-inline-assembly
         assembly {
             $.slot := ReverseHashLibDataStorageLocation
         }
@@ -55,6 +62,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
     }
 
     // keccak256(abi.encode(uint256(keccak256("iden3.storage.IdentityTreeStore.Main")) - 1)) & ~bytes32(uint256(0xff));
+    // solhint-disable-next-line const-name-snakecase
     bytes32 private constant IdentityTreeStoreMainStorageLocation =
         0x95ca427007e091a13a7ccfcb233b8a2ed19d987330a248c445b1b483a35bb800;
 
@@ -64,6 +72,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         pure
         returns (IdentityTreeStoreMainStorage storage $)
     {
+        // solhint-disable-next-line no-inline-assembly
         assembly {
             $.slot := IdentityTreeStoreMainStorageLocation
         }
@@ -96,7 +105,9 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
      */
     function getNode(uint256 key) public view returns (uint256[] memory) {
         uint256[] memory preim = _getReverseHashLibDataStorage().getPreimage(key);
-        require(preim.length > 0, "Node not found");
+        if (preim.length == 0) {
+            revert NodeNotFound();
+        }
         return preim;
     }
 
@@ -122,6 +133,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
      * @return CredentialStatus
      */
     function getRevocationStatusByIdAndState(
+        // solhint-disable-next-line no-unused-vars
         uint256 id,
         uint256 state,
         uint64 nonce
@@ -134,7 +146,9 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         uint64 nonce
     ) internal view returns (CredentialStatus memory) {
         uint256[] memory roots = getNode(state);
-        require(_nodeType(roots) == NodeType.State, "Invalid state node");
+        if (_nodeType(roots) != NodeType.State) {
+            revert InvalidStateNode();
+        }
 
         CredentialStatus memory status = CredentialStatus({
             issuer: IdentityStateRoots({
@@ -200,7 +214,7 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
                     proof.siblings[i] = children[1];
                 }
             } else {
-                revert("Invalid node type");
+                revert InvalidNodeType();
             }
         }
 
@@ -234,6 +248,6 @@ contract IdentityTreeStore is Initializable, IOnchainCredentialStatusResolver, I
         if (preimage.length == 3) {
             return PoseidonUnit3L.poseidon([preimage[0], preimage[1], preimage[2]]);
         }
-        revert("Unsupported length");
+        revert UnsupportedLength();
     }
 }

contracts/imports.sol

@@ -1,7 +1,9 @@
-// SPDX-License-Identifier: UNLICENSED
+// SPDX-License-Identifier: GPL-3.0
 pragma solidity 0.8.27;
 
 // We import these here to force Hardhat to compile them.
 // This ensures that their artifacts are available for Hardhat Ignition to use.
+/* solhint-disable no-unused-import */
 import {ProxyAdmin} from "@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol";
 import {TransparentUpgradeableProxy} from "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
+/* solhint-enable no-unused-import */

contracts/interfaces/IAuthValidator.sol

@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: GPL-3.0
+pragma solidity 0.8.27;
+
+/**
+ * @dev IAuthValidator. Interface for verification of auth data.
+ */
+interface IAuthValidator {
+    /**
+     * @dev AuthResponseField. Information about response fields from verification. Used in verify function.
+     * @param name Name of the response field
+     * @param value Value of the response field
+     */
+    struct AuthResponseField {
+        string name;
+        uint256 value;
+    }
+
+    /**
+     * @dev Get version of the contract
+     */
+    function version() external view returns (string memory);
+
+    /**
+     * @dev Verify the proof with the supported method informed in the auth query data
+     * packed as bytes and that the proof was generated by the sender.
+     * @param sender Sender of the proof.
+     * @param proof Proof packed as bytes to verify.
+     * @param params Request query data of the credential to verify.
+     * @return userID User Id for the auth proof verified and response fields.
+     * @return authResponseFields Additional response fields.
+     */
+    function verify(
+        address sender,
+        bytes calldata proof,
+        bytes calldata params
+    ) external returns (uint256 userID, AuthResponseField[] memory authResponseFields);
+}

contracts/interfaces/IGroth16Verifier.sol

@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: GPL-3.0
+pragma solidity 0.8.27;
+
+/**
+ * @dev IGroth16Verifier. Interface for verification of groth16 proofs.
+ */
+interface IGroth16Verifier {
+    /**
+     * @dev Verify the circuit with the groth16 proof π=([πa]1,[πb]2,[πc]1).
+     * @param a πa element of the groth16 proof.
+     * @param b πb element of the groth16 proof.
+     * @param c πc element of the groth16 proof.
+     * @param signals Public inputs and outputs of the circuit.
+     * @return r true if the proof is verified.
+     */
+    function verify(
+        uint256[2] calldata a,
+        uint256[2][2] calldata b,
+        uint256[2] calldata c,
+        uint256[] calldata signals
+    ) external view returns (bool r);
+}