Galactica Snap JSON-RPC API

This page documents the JSON-RPC API of the Galactica Snap. It follows the structure for snap methods provided by Metamask (see here).

To simplify the integration in front-end projects, we provide the NPM package @galactica-net/snap-api. It includes TypeScript methods, parameters and return types for the interaction.

Connection Methods

wallet_requestSnaps

Requests permission for a DApp to communicate with Metamask and the Galactica Snap.

Visit the Metamask Documentation for more details.

Example

const result = await ethereum.request({
  method: 'wallet_requestSnaps',
  params: {
    'npm:@galactica-net/snap': {},
  },
});

console.log(result);
// Will print something of the form:
// {
//   "npm:@galactica-net/snap": {
//     "blocked": false,
//     "enabled": true,
//     "id": "npm:@galactica-net/snap",
//     "initialPermissions": {
//       "endowment:rpc": {
//         "dapps": true,
//         "snaps": false
//       },
//       "endowment:ethereum-provider": {},
//       "endowment:long-running": {},
//       "snap_notify": {},
//       "snap_dialog": {},
//       "snap_manageState": {}
//     },
//     "permissionName": "wallet_snap_npm:@galactica-net/snap",
//     "version": "0.2.1"
//   }
// }

wallet_getSnaps

Description

This method returns the IDs of the caller's permitted snaps and some relevant metadata.

See the Metamask documentation for more details.

Galactica Specific Methods

All following methods are invoked through the wallet_invokeSnap method of the Metamask RPC-API.

These methods are restricted, meaning that you first need to aquire permission using the connection method.

getHolderCommitment

Description

Asks the Snap to return the holder commitment needed for issuing new zkCertificates. It is used to provide the guardian of a zkCert with the field that links the zkCert to the holder. This link is hidden in a commitment so that the guardian can not associate it with any on-chain address. This method also returns the public key for encrypting the zkCert. The private decryption key is secured inside the snap.

Parameters

None

Returns

• object

  • holderCommitment - The holder commitment as decimal string.

  • encryptionPubKey - Public encryption key string to encrypt the zkCert with.

Throws error if the user rejects the confirmation.

Example

genZkCertProof

Description

Sends a request for generating a ZK proof in the Snap. It is generic because you can request different kind of ZK proof depending on the parameters. It selects one ZkCert imported by the user and forwards its contents to the private proof inputs together with additional inputs provided in inputs.

Shows the user what is going to be proven and asks for confirmation.

Parameters

• object

  • input - An object, containing public ZKP input for the statements to be shown by the generated proof.

  • requirements - object

    • zkCertStandard: string for the standard of the zkCertificate that should be used for the proof.

    • registryAddress: string EVM address where the zkCertificate is registered.

  • prover - object containing

    • wasm - string base64 encoded wasm binary of the prover. The wasm can be generated using circom and encoded with the script in src/scripts/proofGenerationPrep.ts.

    • zkeyHeader - object of zkey headers used by snarkjs. The binary fields are base64 encoded.

    • zkeySections - array of base64 encoded zkey sections used by snarkjs.

  • userAddress - string with the account address the user is going to use to submit the proof.

  • description - string Description of what the proof if for. The user will see this as description when being asked for confirmation by the Snap.

  • publicInputDescriptions - string[] List of short descriptions what each field disclosed in the resulting proof input is needed for.

Returns

Generated proof on accepted confirmation and successful computation. Throws error otherwise.

• object

  • proof - object

    • pi_a - object holding proof verification data.

    • pi_b - object holding proof verification data.

    • pi_c - object holding proof verification data.

    • protocol - string Protocol used for ZKP, usually "groth16".

    • curve - string Curve used for ZKP, usually "bn128".

  • publicSignals: array List of public inputs for the proof as decimal strings.

Example

clearStorage

Description

Request for removing data stored in the Snap (holders and zkCertificates).

Asks the user for confirmation.

Parameters

None

Returns

• object

  • string - "zkCert storage cleared" on success. Returns an error otherwise.

Example

importZkCert

Description

Imports a zkCertificate from a file into the Snap. The file is created, signed and encrypted by the provider and given to the user for being imported in the wallet.

Asks user for confirmation

Parameters

• object

  • encryptedZkCert - [EncryptedZkCert](https://github.com/Galactica-corp/galactica-monorepo/blob/20e3435e2b9e7deeb05dd5358687f7380ff8d25b/packages/galactica-types/src/zkCert.ts#L77) object, containing the zkCertificate encrypted using eth-sig-util and containing the holderCommitment to associate it.

  • listZkCerts - boolean, (optional) flag if the Snap should return an overview after the import, same as in the listZkCerts method.

Returns

• object

  • string "zkCert added to storage" on successful import. If listZkCerts is set to true, it returns the zkCert overview instead (same as in the listZkCerts method). Returns an error if the import fails.

Example

exportZkCert

Description

Exports a zkCertificate stored in the snap in encrypted form.

Asks the user for confirmation and selection of the zkCertificate to be exported

Parameters

• object

  • zkCertStandard - string identifying the standard of the zkCertificate to be deleted (optional).

  • expirationDate - number identifying the expiration date of the zkCertificate to be deleted (optional).

  • providerAx - string identifying the provider pubkey (Ax part only) of the zkCertificate to be deleted (optional).

Returns

• JSON object of the encrypted zkCertificate according to the standard.

Example

deleteZkCert

Description

Delete a zkCertificate stored in the snap.

You can provide some filter criteria which zkCert should be deleted based on the response from the listZkCerts method. It asks the user for confirmation and selection of the zkCertificate to be deleted if the filter is ambiguous.

Parameters

• object

  • zkCertStandard - string identifying the standard of the zkCertificate to be deleted (optional).

  • expirationDate - number identifying the expiration date of the zkCertificate to be deleted (optional).

  • providerAx - string identifying the provider pubkey (Ax part only) of the zkCertificate to be deleted (optional).

Returns

• object

  • string - "Deleted zkCert." on success. Throws error otherwise.

Example

listZkCerts

Description

Requests overview of zkCertificates held in the Snap for management

To not limit the privacy risks of the user, this overview only contains zkCertificate metadata that is usually not shown in a ZKP. This should prevent cross referencing multiple disclosures submitted from different addresses.

Asks the user for confirmation. As a website you only need to query this once and then you can cache and reuse this data until the hash from the getZkCertStorageHash changes.

Parameters

None

Returns

• object

  • [zkCertStandard: string]: JSON object holding zkCertificate metadata.

    • provider - JSON object including publickey of provider.

    • expirationDate - number Unix timestamp of expiration date.

Throws an error if the user rejected the confirmation.

Example

getZkCertStorageHashes

Description

You can use getZkCertStorageHash to detect changes in the zkCert storage of the snap. This can be done without requiring user interaction (besides the initial connect) and therefore does not dirsturb the user flow.

Parameters

None

Returns

• object

  • [zkCertStandard: string]: string for the storage hash of all zkCerts of this type held by the Snap.

Example

getZkCertHashes

Description

You can use getZkCertHash to query the leaf hashes of the zkCerts imported in the snap. This is needed for updating the Merkle proof. It is useful because it improves privacy by not using the same publicly trackable Merkle root.

However this function exposes the unique hash of zkCerts and should therefore only be on sites the user trusts to handle this ID confidentially.

Parameters

None

Returns

• object

  • [string] list of zkCert hashes of all zkCerts held by the Snap.

Example

updateMerkleProof

Description

This method updates the Merkle proof of a list of zkCerts. This is helpful to prevent tracking through the publicly disclosed merkle root.

You can create the Merkle proof with the scripts in the zkKYC repository.

Parameters

• object

  • proofs: [MerkleProof] list of MerkleProofs to update.

Each Merkle proof has the following form defined in the zkKYC repository.

Returns

• object

  • string - Success message.

Throws error on failure.

Example

updateMerkleProofURL

Description

This method updates the URL used to fetch Merkle proofs from. Regenerating the Merkle proof is needed if a zkCert registry with revocable entries changes it's root. With this method, the user can control the URL. It is only a fallback if the official URL is down during the testnet. Before mainnet, we want to upgrade to an decentralized solution that figures out the URL from which node to query the Merkle proof from automatically.

Parameters

• object

  • url: string URL to upgrade to.

Returns

• object

  • string - Success message.

Throws error on failure.