Skip to content
Lambda functions for anti-sybill
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
diagrams
sample_events
src
.babelrc
.gitignore
LICENSE
README.md
SECRETS.md
codecov.yml
kms-secrets.develop.us-west-2.yml
kms-secrets.master.us-west-2.yml
lambda-test.md
package.json
serverless.yml
webpack.config.js
yarn.lock

README.md

lambda-nisaba

(Sumerian) Nisaba was the Sumerian goddess of writing, learning, and the harvest

Lambda functions for verifying phone numbers

CircleCI

codecov

Nisaba

Diagrams

Description

Nisaba provides user verification for the uPort ecosystem.

API

Request Fuel Token for New Device Key

A verified user can request a new fuel token for a new deviceKey.

Endpoint

POST /newDeviceKey

Headers

Authorization: Bearer <nisaba token/fuel token>

Body

{
  requestToken: <jwt signed by deviceKey>
}

The payload of the requestToken should be:

{
  newDeviceKey: <address of the new device key>
}

Response

Status Message
200 Ok Fuel Token
403 Forbidden JWT token missing or invalid
500 Internal Error Internal error

Token stored in code is deleted after JWT expiration date

{
  'status':  'success',
  'data': <fuel token for new deviceKey>
}

Sequence Diagram

newDeviceKey Seq

Request phone verification

Start Verification

Starts a verification for a deviceKey and a phoneNumber. Sends a code thru SMS or Call

Endpoint

POST /verify

Body

{
  deviceKey: <device key>,
  phoneNumber: <phone number>
}

Response

Status Message
200 Ok. Verificaition started
400 Bad request Bad or missing parameter
500 Internal Error Internal Error

Continue verification

Process continues by passing the deviceKey to the verification service.

Endpoint

GET /next/{device_key}

Response

Status Message
200 Ok. Verificaition started
400 Bad request Bad or missing parameter
500 Internal Error Internal Error

Verify and Request Token

With the code (which was sent thru SMS) the app can verify it and request the pseudo-attestation token

Endpoint

POST /check

Body

{
  deviceKey: <device key>,
  code: <code>
}

Response

Status Message
201 Ok JWT token
404 Not found Bad code
500 Internal Error Internal Error
{
  'status':  'success',
  'data': <jwt>
}

This is not a proper uPort Attestation because the sub is not a uportId is just the deviceKey

Token payload

{
  iss: "api.uport.me/nisaba",
  exp: <token expiration date>,
  iat: <token issued date>,
  sub: <device key>,
  aud: [
    "api.uport.me/nisaba",
    "api.uport.me/unnu",
    "api.uport.me/sensui"
  ],
  phoneNumber: <phone number>
}
You can’t perform that action at this time.