Smart Contracts
CrowdProof deploys 5 core contracts to EVM-compatible chains. All contracts use Solidity 0.8.24, are built with Foundry, and follow the upgradeable proxy pattern.
Contract Overview
| Contract | Purpose | Key Roles |
|---|---|---|
DIDRegistry | Register and resolve DIDs | REGISTRAR_ROLE |
ReputationOracle | Store score commitments, verify ZK proofs | ORACLE_ROLE, GOVERNANCE_ROLE |
CredentialVerifier | Verify credentials on-chain | ISSUER_ROLE |
PaymentEscrow | Handle API access payments | ADMIN_ROLE |
GovernanceToken | DAO governance (ERC-20 + voting) | Token holders |
DIDRegistry
Manages the mapping between wallet addresses and Decentralized Identifiers.
interface IDIDRegistry {
function registerDID(string calldata did) external;
function resolveDID(address wallet) external view returns (string memory);
function updateDIDDocument(string calldata did, string calldata document) external;
function deactivateDID(string calldata did) external;
event DIDRegistered(address indexed wallet, string did);
event DIDUpdated(string indexed did, string document);
event DIDDeactivated(string indexed did);
}
ReputationOracle
Stores Merkle roots of score batches and verifies Groth16 ZK proofs.
interface IReputationOracle {
function commitScores(bytes32 merkleRoot, uint256 batchId) external;
function getLatestRoot() external view returns (bytes32);
function verifyProof(
bytes calldata proof,
uint256 threshold,
ScoreCategory category
) external view returns (bool);
event ScoresCommitted(bytes32 indexed merkleRoot, uint256 batchId, uint256 timestamp);
event ProofVerified(address indexed verifier, ScoreCategory category, bool result);
}
Score Categories (on-chain enum)
enum ScoreCategory {
DEFI_LENDING,
DEX_TRADING,
GOVERNANCE,
NFT,
SOCIAL,
CREDIT_HISTORY
}
CredentialVerifier
Validates Verifiable Credentials issued off-chain against on-chain records.
interface ICredentialVerifier {
function issueCredential(
string calldata did,
bytes32 credentialHash,
uint256 expirationDate
) external;
function verifyCredential(
string calldata did,
bytes32 credentialHash
) external view returns (bool valid, uint256 issuedAt, uint256 expiresAt);
function revokeCredential(string calldata did, bytes32 credentialHash) external;
event CredentialIssued(string indexed did, bytes32 credentialHash);
event CredentialRevoked(string indexed did, bytes32 credentialHash);
}
PaymentEscrow
Handles ETH/ERC-20 payments for premium API tier upgrades.
interface IPaymentEscrow {
function deposit(address token, uint256 amount) external payable;
function withdraw(address token, uint256 amount) external;
function getBalance(address user, address token) external view returns (uint256);
event Deposited(address indexed user, address token, uint256 amount);
event Withdrawn(address indexed user, address token, uint256 amount);
}
GovernanceToken
ERC-20 token with ERC-20Votes extension for on-chain governance.
interface IGovernanceToken {
// Standard ERC-20 + ERC-20Votes
function delegate(address delegatee) external;
function getVotes(address account) external view returns (uint256);
function getPastVotes(address account, uint256 timepoint) external view returns (uint256);
}
Governance controls:
- Scoring model parameter changes (decay rate, category weights)
- Fee structure modifications
- Dispute escalation resolution
- Contract upgrades (via proxy admin)
Access Control
All contracts use OpenZeppelin's AccessControl with the following roles:
| Role | Granted To | Permissions |
|---|---|---|
DEFAULT_ADMIN_ROLE | Deployer multisig | Grant/revoke roles, upgrade contracts |
ORACLE_ROLE | Backend service | Commit score Merkle roots |
REGISTRAR_ROLE | Backend service | Register DIDs on behalf of users |
ISSUER_ROLE | Authorized credential issuers | Issue on-chain credentials |
GOVERNANCE_ROLE | DAO (timelock) | Modify protocol parameters |
Build & Test
cd contracts/
forge build # Compile
forge test # Run tests
forge test -vvvv # Verbose test output with traces
Deployment
Contracts are deployed via Foundry scripts. See the deployment guide for chain-specific instructions.