api: add support for custom voter weight when using CSP

api/census_test.go

@@ -12,6 +12,7 @@ import (
 	"github.com/google/uuid"
 	"go.vocdoni.io/dvote/api/censusdb"
 	"go.vocdoni.io/dvote/util"
+	"google.golang.org/protobuf/proto"
 
 	"go.vocdoni.io/dvote/crypto/ethereum"
 	"go.vocdoni.io/dvote/data/ipfs"
@@ -26,6 +27,8 @@ import (
 	"go.vocdoni.io/proto/build/go/models"
 )
 
+const testParticipantWeight = int64(42)
+
 func TestCensus(t *testing.T) {
 	router := httprouter.HTTProuter{}
 	router.Init("127.0.0.1", 0)
@@ -156,7 +159,7 @@ func TestCensus(t *testing.T) {
 	qt.Assert(t, code, qt.Equals, 404)
 }
 
-func TestCensusProof(t *testing.T) {
+func TestCensusProofVerifierArbo(t *testing.T) {
 	router := httprouter.HTTProuter{}
 	router.Init("127.0.0.1", 0)
 	addr, err := url.Parse("http://" + path.Join(router.Address().String(), "censuses"))
@@ -200,7 +203,7 @@ func TestCensusProof(t *testing.T) {
 	qt.Assert(t, key.Generate(), qt.IsNil)
 	_, code = c.Request("POST", &CensusParticipants{Participants: []CensusParticipant{{
 		Key:    key.Address().Bytes(),
-		Weight: (*types.BigInt)(big.NewInt(1)),
+		Weight: (*types.BigInt)(big.NewInt(testParticipantWeight)),
 	}}}, id1, "participants")
 	qt.Assert(t, code, qt.Equals, 200)
 
@@ -213,7 +216,7 @@ func TestCensusProof(t *testing.T) {
 	resp, code = c.Request("GET", nil, root, "proof", key.Address().String())
 	qt.Assert(t, code, qt.Equals, 200)
 	qt.Assert(t, json.Unmarshal(resp, censusData), qt.IsNil)
-	qt.Assert(t, censusData.Weight.String(), qt.Equals, "1")
+	qt.Assert(t, censusData.Weight.MathBigInt().Int64(), qt.Equals, testParticipantWeight)
 
 	// verify the proof
 	electionID := rnd.RandomBytes(32)
@@ -241,7 +244,7 @@ func TestCensusProof(t *testing.T) {
 	)
 	qt.Assert(t, err, qt.IsNil)
 	qt.Assert(t, valid, qt.IsTrue)
-	qt.Assert(t, weight.Uint64(), qt.Equals, uint64(1))
+	qt.Assert(t, weight.Int64(), qt.Equals, testParticipantWeight)
 }
 
 func TestCensusZk(t *testing.T) {
@@ -355,3 +358,154 @@ func TestCensusZk(t *testing.T) {
 	qt.Assert(t, valid, qt.IsTrue)
 	qt.Assert(t, newWeight.Uint64(), qt.Equals, uint64(1))
 }
+
+func TestCensusProofVerifierCSP(t *testing.T) {
+	router := httprouter.HTTProuter{}
+	router.Init("127.0.0.1", 0)
+
+	api, err := NewAPI(&router, "/", t.TempDir(), db.TypePebble)
+	qt.Assert(t, err, qt.IsNil)
+	// Create local key value database
+	db, err := metadb.New(db.TypePebble, t.TempDir())
+	qt.Assert(t, err, qt.IsNil)
+	censusDB := censusdb.NewCensusDB(db)
+
+	app := vochain.TestBaseApplication(t)
+	api.Attach(app, nil, nil, nil, censusDB)
+	qt.Assert(t, api.EnableHandlers(CensusHandler), qt.IsNil)
+
+	csp := ethereum.SignKeys{}
+	err = csp.Generate()
+	qt.Assert(t, err, qt.IsNil)
+
+	pid := util.RandomBytes(types.ProcessIDsize)
+	process := &models.Process{
+		ProcessId:     pid,
+		StartBlock:    0,
+		EnvelopeType:  &models.EnvelopeType{EncryptedVotes: false},
+		Mode:          new(models.ProcessMode),
+		Status:        models.ProcessStatus_READY,
+		EntityId:      util.RandomBytes(types.EthereumAddressSize),
+		CensusRoot:    csp.PublicKey(),
+		CensusOrigin:  models.CensusOrigin_OFF_CHAIN_CA,
+		BlockCount:    1024,
+		MaxCensusSize: 1000,
+	}
+	t.Logf("adding process %x", process.ProcessId)
+	qt.Assert(t, app.State.AddProcess(process), qt.IsNil)
+
+	// Test valid vote
+	vp, err := state.NewVotePackage([]int{1, 2, 3, 4}).Encode()
+	qt.Assert(t, err, qt.IsNil)
+
+	k := ethereum.SignKeys{}
+	qt.Assert(t, k.Generate(), qt.IsNil)
+	bundle := &models.CAbundle{
+		ProcessId:  pid,
+		Address:    k.Address().Bytes(),
+		VoteWeight: big.NewInt(testParticipantWeight).Bytes(),
+	}
+	bundleBytes, err := proto.Marshal(bundle)
+	qt.Assert(t, err, qt.IsNil)
+
+	signature, err := csp.SignEthereum(bundleBytes)
+	qt.Assert(t, err, qt.IsNil)
+
+	// verify the proof
+	valid, weight, err := transaction.VerifyProof(
+		process,
+		&models.VoteEnvelope{
+			Nonce:     util.RandomBytes(32),
+			ProcessId: pid,
+			Proof: &models.Proof{
+				Payload: &models.Proof_Ca{
+					Ca: &models.ProofCA{
+						Bundle:    bundle,
+						Type:      models.ProofCA_ECDSA,
+						Signature: signature,
+					},
+				},
+			},
+			VotePackage: vp,
+		},
+		state.NewVoterID(state.VoterIDTypeECDSA, k.PublicKey()),
+	)
+	qt.Assert(t, err, qt.IsNil)
+	qt.Assert(t, valid, qt.IsTrue)
+	qt.Assert(t, weight.Int64(), qt.Equals, testParticipantWeight)
+}
+
+func TestCensusProofVerifierCSPLegacy(t *testing.T) {
+	router := httprouter.HTTProuter{}
+	router.Init("127.0.0.1", 0)
+
+	api, err := NewAPI(&router, "/", t.TempDir(), db.TypePebble)
+	qt.Assert(t, err, qt.IsNil)
+	// Create local key value database
+	db, err := metadb.New(db.TypePebble, t.TempDir())
+	qt.Assert(t, err, qt.IsNil)
+	censusDB := censusdb.NewCensusDB(db)
+
+	app := vochain.TestBaseApplication(t)
+	api.Attach(app, nil, nil, nil, censusDB)
+	qt.Assert(t, api.EnableHandlers(CensusHandler), qt.IsNil)
+
+	csp := ethereum.SignKeys{}
+	err = csp.Generate()
+	qt.Assert(t, err, qt.IsNil)
+
+	pid := util.RandomBytes(types.ProcessIDsize)
+	process := &models.Process{
+		ProcessId:     pid,
+		StartBlock:    0,
+		EnvelopeType:  &models.EnvelopeType{EncryptedVotes: false},
+		Mode:          new(models.ProcessMode),
+		Status:        models.ProcessStatus_READY,
+		EntityId:      util.RandomBytes(types.EthereumAddressSize),
+		CensusRoot:    csp.PublicKey(),
+		CensusOrigin:  models.CensusOrigin_OFF_CHAIN_CA,
+		BlockCount:    1024,
+		MaxCensusSize: 1000,
+	}
+	t.Logf("adding process %x", process.ProcessId)
+	qt.Assert(t, app.State.AddProcess(process), qt.IsNil)
+
+	// Test valid vote
+	vp, err := state.NewVotePackage([]int{1, 2, 3, 4}).Encode()
+	qt.Assert(t, err, qt.IsNil)
+
+	k := ethereum.SignKeys{}
+	qt.Assert(t, k.Generate(), qt.IsNil)
+	bundle := &models.CAbundle{
+		ProcessId: pid,
+		Address:   k.Address().Bytes(),
+	}
+	bundleBytes, err := proto.Marshal(bundle)
+	qt.Assert(t, err, qt.IsNil)
+
+	signature, err := csp.SignEthereum(bundleBytes)
+	qt.Assert(t, err, qt.IsNil)
+
+	// verify the proof
+	valid, weight, err := transaction.VerifyProof(
+		process,
+		&models.VoteEnvelope{
+			Nonce:     util.RandomBytes(32),
+			ProcessId: pid,
+			Proof: &models.Proof{
+				Payload: &models.Proof_Ca{
+					Ca: &models.ProofCA{
+						Bundle:    bundle,
+						Type:      models.ProofCA_ECDSA,
+						Signature: signature,
+					},
+				},
+			},
+			VotePackage: vp,
+		},
+		state.NewVoterID(state.VoterIDTypeECDSA, k.PublicKey()),
+	)
+	qt.Assert(t, err, qt.IsNil)
+	qt.Assert(t, valid, qt.IsTrue)
+	qt.Assert(t, weight.Int64(), qt.Equals, int64(1))
+}

go.mod

@@ -54,7 +54,7 @@ require (
 	github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d
 	github.com/vocdoni/storage-proofs-eth-go v0.1.6
 	go.mongodb.org/mongo-driver v1.12.1
-	go.vocdoni.io/proto v1.15.10-0.20240903073233-86144b1e2165
+	go.vocdoni.io/proto v1.15.12
 	golang.org/x/crypto v0.32.0
 	golang.org/x/net v0.34.0
 	google.golang.org/protobuf v1.36.4

go.sum

@@ -1602,8 +1602,8 @@ go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ=
 go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
-go.vocdoni.io/proto v1.15.10-0.20240903073233-86144b1e2165 h1:7r0RaKfYyGCVh1qeS2795jOk7WnpP9CI0IJOB/lxFVk=
-go.vocdoni.io/proto v1.15.10-0.20240903073233-86144b1e2165/go.mod h1:oi/WtiBFJ6QwNDv2aUQYwOnUKzYuS/fBqXF8xDNwcGo=
+go.vocdoni.io/proto v1.15.12 h1:mXFq+JL8SRwpdeXFjUR9IEmgU+ce+DtZfzoqhcprZsE=
+go.vocdoni.io/proto v1.15.12/go.mod h1:oi/WtiBFJ6QwNDv2aUQYwOnUKzYuS/fBqXF8xDNwcGo=
 go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
 go4.org v0.0.0-20200411211856-f5505b9728dd/go.mod h1:CIiUVy99QCPfoE13bO4EZaz5GZMZXMSBGhxRdsvzbkg=
 go4.org v0.0.0-20230225012048-214862532bf5 h1:nifaUDeh+rPaBCMPMQHZmvJf+QdpLFnuQPwx+LxVmtc=

vochain/transaction/proofs/cspproof/cspproof.go

@@ -9,14 +9,11 @@ import (
 	ethcrypto "github.com/ethereum/go-ethereum/crypto"
 	"go.vocdoni.io/dvote/crypto/ethereum"
 	"go.vocdoni.io/dvote/crypto/saltedkey"
-	"go.vocdoni.io/dvote/log"
 	"go.vocdoni.io/dvote/vochain/state"
 	"go.vocdoni.io/proto/build/go/models"
 	"google.golang.org/protobuf/proto"
 )
 
-var bigOne = big.NewInt(1)
-
 // ProofVerifierCSP defines the interface for CSP (Credential Service Provider) proof verification systems.
 type ProofVerifierCSP struct{}
 
@@ -92,16 +89,16 @@ func (*ProofVerifierCSP) Verify(process *models.Process, envelope *models.VoteEn
 			}
 		}
 		if !blind.Verify(new(big.Int).SetBytes(ethereum.HashRaw(cspBundle)), signature, rootPub) {
-			cspbundleDec := &models.CAbundle{}
-			if err := proto.Unmarshal(cspBundle, cspbundleDec); err != nil {
-				log.Warnf("cannot unmarshal CSP bundle: %v", err)
-			}
 			return false, nil, fmt.Errorf("blind CSP verification failed for "+
-				"pid %x with CSP key %x. CSP bundle {pid:%x, addr:%x}. CSP signature %x",
-				envelope.ProcessId, rootPub.Bytes(), cspbundleDec.ProcessId, cspbundleDec.Address, signature.Bytes())
+				"pid %x with CSP key %x. CSP bundle {pid:%x, addr:%x, weight:%x}. CSP signature %x",
+				envelope.ProcessId, rootPub.Bytes(), p.Bundle.ProcessId, p.Bundle.Address, p.Bundle.VoteWeight,
+				signature.Bytes())
 		}
 	default:
 		return false, nil, fmt.Errorf("CSP proof %s type not supported", p.Type)
 	}
-	return true, bigOne, nil
+	if p.Bundle.GetVoteWeight() == nil {
+		return true, big.NewInt(1), nil // since VoteWeight is optional, keep legacy behaviour if missing
+	}
+	return true, new(big.Int).SetBytes(p.Bundle.GetVoteWeight()), nil
 }