🔐Using hPassport in Your dApps

Learn how to integrate Haven1's hPassport for secure, verified user interactions in your dApp. Enable identity verification, personalised user experiences, and enhanced security using hPassport NFTs

What is hPassport?

Direct link to sample applications that personalise UX based on hPassport

Overview

hPassport is a non-transferable Proof of Identity NFT that verifies user identity on Haven1. It ensures that all on-chain transactions are conducted by trusted and verified users. This system enhances dApp security, enables personalized user experiences, and helps developers create compliant and secure applications while protecting user privacy.

Key Benefits of Integrating hPassport

  • Verified Interactions: Ensure only verified users interact with your dApp, minimizing risks and preventing fraud.

  • Personalized Experiences: Tailor the user experience using anonymized data stored in the hPassport.

  • Security: hPassport enforces identity verification, making it easier to comply with KYC/AML requirements for regulated markets.

  • Easy Integration: You can verify identities and personalize experiences with minimal code, leveraging Haven1's built-in smart contract framework.


How to Integrate hPassport into Your dApp

1. Retrieve User Attributes from hPassport

When a user interacts with your dApp, you can retrieve various attributes from their hPassport to verify identity or personalize the experience.

Example: Retrieve the User's Primary Identity

solidityCopy code// Retrieve the user’s primary identity
(bool primaryID, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getPrimaryID(userAddress);

// Ensure the user is verified
require(primaryID, "User is not verified.");

Example: Retrieve the User's Country of Residence Code

solidityCopy code// Retrieve the user’s country code
(string memory countryCode, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getCountryCode(userAddress);

2. Enforcing Identity Verification in Smart Contracts

To ensure only verified users can interact with your contract, check their hPassport before executing any logic. Here's how you can implement this in your contract:

solidityCopy codepragma solidity ^0.8.0;

import { IProofOfIdentity } from "./IProofOfIdentity.sol";

contract VerifiedAuction {

    IProofOfIdentity proofOfIdentity;

    constructor(address _proofOfIdentity) {
        proofOfIdentity = IProofOfIdentity(_proofOfIdentity);
    }

    modifier onlyVerified(address user) {
        (bool primaryID,,) = proofOfIdentity.getPrimaryID(user);
        require(primaryID, "User is not verified.");
        _;
    }

    function placeBid() external onlyVerified(msg.sender) {
        // auction logic here
    }
}

3. Personalizing User Experiences Based on hPassport Attributes

You can personalize the experience for users based on the anonymized data available on their hPassport. For example, you can restrict certain features based on a user's county of residence, or other attributes.

Example: Regional Restriction

solidityCopy code// Retrieve the user’s country code
(string memory countryCode,,) = proofOfIdentity.getCountryCode(userAddress);

// Check if the user is from an allowed country
require(keccak256(abi.encodePacked(countryCode)) == keccak256(abi.encodePacked("US")), "Service not available in your country.");

4. Handling Suspended Users

To prevent suspended users from interacting with your dApp, you can check the suspension status of the user's hPassport:

solidityCopy code// Check if user account is suspended
bool isSuspended = proofOfIdentity.isSuspended(userAddress);
require(!isSuspended, "User account is suspended.");

5. Multiple Account Support

hPassport allows verified users to have multiple wallets, linking their identity to both a primary account and auxiliary accounts. You can retrieve the auxiliary accounts linked to a user’s hPassport as follows:

solidityCopy code// Retrieve auxiliary accounts linked to a principal account
address[] memory auxAccounts = proofOfIdentity.auxiliaryAccounts(principalAddress);

hPassport API Reference

Below are the key functions available in the hPassport contract:

Identity Verification Functions

  • getPrimaryID(address account): Returns a boolean indicating if the user is verified, along with the expiration and last update timestamp.

    solidityCopy code(bool primaryID, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getPrimaryID(userAddress);
  • getCountryCode(address account): Retrieves the user’s country code (stored as a string).

    solidityCopy code(string memory countryCode, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getCountryCode(userAddress);
  • getProofOfLiveliness(address account): Retrieves whether the user has passed proof of liveliness checks.

    solidityCopy code(bool liveliness, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getProofOfLiveliness(userAddress);
  • getUserType(address account): Retrieves the type of user (e.g., retail, institution).

    solidityCopy code(uint256 userType, uint256 expiry, uint256 updatedAt) = proofOfIdentity.getUserType(userAddress);
  • isSuspended(address account): Checks if the user’s hPassport is suspended.

    solidityCopy codebool suspended = proofOfIdentity.isSuspended(userAddress);

Auxiliary Account Functions

  • auxiliaryAccounts(address principal): Returns auxiliary accounts linked to the principal account.

    solidityCopy codeaddress[] memory auxAccounts = proofOfIdentity.auxiliaryAccounts(principalAddress);

Example Use Case: Auction with Verified Users

This example demonstrates how to build an auction application that only allows verified users to participate. The auction uses hPassport to ensure that only users with a verified identity can place bids.

solidityCopy codepragma solidity ^0.8.0;

import { IProofOfIdentity } from "./IProofOfIdentity.sol";
import "@openzeppelin/contracts-upgradeable/token/ERC721/IERC721Upgradeable.sol";
import "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";

contract VerifiedAuction is ReentrancyGuardUpgradeable {

    IProofOfIdentity proofOfIdentity;
    IERC721Upgradeable nft;
    address highestBidder;
    uint256 highestBid;
    uint256 auctionEndTime;

    constructor(address _proofOfIdentity, address _nft) {
        proofOfIdentity = IProofOfIdentity(_proofOfIdentity);
        nft = IERC721Upgradeable(_nft);
    }

    modifier onlyVerified(address user) {
        (bool primaryID,,) = proofOfIdentity.getPrimaryID(user);
        require(primaryID, "User is not verified.");
        _;
    }

    function placeBid() external payable onlyVerified(msg.sender) {
        require(msg.value > highestBid, "Bid too low.");
        require(block.timestamp < auctionEndTime, "Auction has ended.");

        // Refund the previous highest bidder
        if (highestBidder != address(0)) {
            payable(highestBidder).transfer(highestBid);
        }

        highestBid = msg.value;
        highestBidder = msg.sender;
    }

    function endAuction() external {
        require(block.timestamp >= auctionEndTime, "Auction not ended.");
        nft.transferFrom(address(this), highestBidder, 1);
    }
}

Additional Tools

hPassport Debugging and Testing Tools

Haven1 provides several tools for testing and debugging your integration with hPassport, including:

  • hPassport Testnet: A test environment for developers to simulate identity verification and NFT minting without using real assets.

  • Sample Applications: Explore sample applications like the Global Counter and NFT Auction to understand how hPassport can be integrated into various use cases.


Get Started with hPassport

To begin integrating hPassport into your dApp, follow the examples above and explore more API references in this document. You'll find code samples, smart contract functions, and tips for personalizing user journeys with hPassport

Last updated