Merge pull request #84 from onchain-id/features/factory-multiple-keys

✨(IdFactory) Add method to deploy OID with management keys

Author: Joachim-Lebrun

CHANGELOG.md

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.1]
+
+### Added
+- added method createIdentityWithManagementKeys() that allows the factory to issue identities with multiple
+  management keys.
+- tests for the createIdentityWithManagementKeys() method
+
 ## [2.0.0]
 
 Version 2.0.0 Audited by Hacken, more details [here](https://tokeny.com/wp-content/uploads/2023/04/Tokeny_ONCHAINID_SC-Audit_Report.pdf)

contracts/factory/IIdFactory.sol

@@ -39,6 +39,24 @@ interface IIdFactory {
      */
     function createIdentity(address _wallet, string memory _salt) external returns (address);
 
+    /**
+     *  @dev function used to create a new Identity proxy from the factory, setting the wallet and listed keys as
+     * MANAGEMENT keys.
+     *  @param _wallet the wallet address of the primary owner of this ONCHAINID contract
+     *  @param _salt the salt used by create2 to issue the contract
+     *  @param _managementKeys A list of keys hash (keccak256(abiEncoded())) to add as MANAGEMENT keys.
+     *  requires a new salt for each deployment
+     *  _wallet cannot be linked to another ONCHAINID
+     *  only Owner can call => Owner is supposed to be a smart contract, managing the accessibility
+     *  of the function, including calls to oracles for multichain
+     *  deployment security (avoid identity theft), defining payment requirements, etc.
+     */
+    function createIdentityWithManagementKeys(
+        address _wallet,
+        string memory _salt,
+        bytes32[] memory _managementKeys
+    ) external returns (address);
+
     /**
      *  @dev function used to create a new Token Identity proxy from the factory
      *  @param _token the address of the token contract

contracts/factory/IdFactory.sol

@@ -3,6 +3,7 @@ pragma solidity 0.8.17;
 
 import "../proxy/IdentityProxy.sol";
 import "./IIdFactory.sol";
+import "../interface/IERC734.sol";
 import "@openzeppelin/contracts/access/Ownable.sol";
 
 contract IdFactory is IIdFactory, Ownable {
@@ -75,6 +76,47 @@ contract IdFactory is IIdFactory, Ownable {
         return identity;
     }
 
+    /**
+     *  @dev See {IdFactory-createIdentityWithManagementKeys}.
+     */
+    function createIdentityWithManagementKeys(
+        address _wallet,
+        string memory _salt,
+        bytes32[] memory _managementKeys
+    ) external onlyOwner override returns (address) {
+        require(_wallet != address(0), "invalid argument - zero address");
+        require(keccak256(abi.encode(_salt)) != keccak256(abi.encode("")), "invalid argument - empty string");
+        string memory oidSalt = string.concat("OID",_salt);
+        require (!_saltTaken[oidSalt], "salt already taken");
+        require (_userIdentity[_wallet] == address(0), "wallet already linked to an identity");
+        require(_managementKeys.length > 0, "invalid argument - empty list of keys");
+
+        address identity = _deployIdentity(oidSalt, _implementationAuthority, address(this));
+
+        for (uint i = 0; i < _managementKeys.length; i++) {
+            require(
+                _managementKeys[i] != keccak256(abi.encode(_wallet))
+                , "invalid argument - wallet is also listed in management keys");
+            IERC734(identity).addKey(
+                _managementKeys[i],
+                1,
+                1
+            );
+        }
+
+        IERC734(identity).removeKey(
+            keccak256(abi.encode(address(this))),
+            1
+        );
+
+        _saltTaken[oidSalt] = true;
+        _userIdentity[_wallet] = identity;
+        _wallets[identity].push(_wallet);
+        emit WalletLinked(_wallet, identity);
+
+        return identity;
+    }
+
     /**
      *  @dev See {IdFactory-createTokenIdentity}.
      */

contracts/version/Version.sol

@@ -10,7 +10,7 @@ contract Version {
      * @dev Returns the string of the current version.
      */
     function version() external pure returns (string memory) {
-        // version 2.0.0
-        return "2.0.0";
+        // version 2.0.1
+        return "2.0.1";
     }
 }

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "@onchain-id/solidity",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "EVM solidity smart contracts for Blockchain OnchainID identities.",
   "files": [
     "artifacts",

package.json

@@ -110,4 +110,52 @@ describe('IdFactory', () => {
       });
     });
   });
+
+  describe('createIdentityWithManagementKeys()', () => {
+    describe('when no management keys are provided', () => {
+      it('should revert', async () => {
+        const {identityFactory, deployerWallet, davidWallet} = await loadFixture(deployIdentityFixture);
+
+        await expect(identityFactory.connect(deployerWallet).createIdentityWithManagementKeys(davidWallet.address, 'salt1', [])).to.be.revertedWith('invalid argument - empty list of keys');
+      });
+    });
+
+    describe('when the wallet is included in the management keys listed', () => {
+      it('should revert', async () => {
+        const {identityFactory, deployerWallet, aliceWallet, davidWallet} = await loadFixture(deployIdentityFixture);
+
+        await expect(identityFactory.connect(deployerWallet).createIdentityWithManagementKeys(davidWallet.address, 'salt1', [
+          ethers.utils.keccak256(ethers.utils.defaultAbiCoder.encode(['address'], [aliceWallet.address])),
+          ethers.utils.keccak256(ethers.utils.defaultAbiCoder.encode(['address'], [davidWallet.address])),
+        ])).to.be.revertedWith('invalid argument - wallet is also listed in management keys');
+      });
+    });
+
+    describe('when other management keys are specified', () => {
+      it('should deploy the identity proxy, set keys and wallet as management, and link wallet to identity', async () => {
+        const {identityFactory, deployerWallet, aliceWallet, davidWallet} = await loadFixture(deployIdentityFixture);
+
+        const tx = await identityFactory.connect(deployerWallet).createIdentityWithManagementKeys(davidWallet.address, 'salt1', [ethers.utils.keccak256(ethers.utils.defaultAbiCoder.encode(['address'], [aliceWallet.address]))]);
+
+        await expect(tx).to.emit(identityFactory, 'WalletLinked');
+        await expect(tx).to.emit(identityFactory, 'Deployed');
+
+        const identity = await ethers.getContractAt('Identity', await identityFactory.getIdentity(davidWallet.address));
+
+        await expect(tx).to.emit(identity, 'KeyAdded').withArgs(ethers.utils.keccak256(ethers.utils.defaultAbiCoder.encode(['address'], [aliceWallet.address])), 1, 1);
+        await expect(identity.keyHasPurpose(
+          ethers.utils.defaultAbiCoder.encode(['address'], [identityFactory.address]),
+          1
+        )).to.eventually.be.false;
+        await expect(identity.keyHasPurpose(
+          ethers.utils.defaultAbiCoder.encode(['address'], [davidWallet.address]),
+          1
+        )).to.eventually.be.false;
+        await expect(identity.keyHasPurpose(
+          ethers.utils.defaultAbiCoder.encode(['address'], [aliceWallet.address]),
+          1
+        )).to.eventually.be.false;
+      });
+    });
+  });
 });

test/factory/factory.test.ts

@@ -36,6 +36,6 @@ describe('Identity', () => {
   it('should return the version of the implementation', async () => {
     const {identityImplementation} = await loadFixture(deployIdentityFixture);
 
-    expect(await identityImplementation.version()).to.equal('2.0.0');
+    expect(await identityImplementation.version()).to.equal('2.0.1');
   });
 });