Skip to main content

Step 3: Payload Validation

Now, let’s add payload validation logic to functions requiring KYC checks.

1. Add a bytes calldata _purefidata Parameter

In the function where KYC verification is needed, add a parameter to accept the payload. The payload is encoded and signed data from PureFi, provided by the user when calling the function.

function someRestrictedFunction(address _to, bytes calldata _purefidata) external {
    // Function logic
}

2. Validate the Payload with verifier.validatePayload

Call the validatePayload method from PureFiVerifier to verify the data. This method either succeeds or reverts if the payload is invalid.

function someRestrictedFunction(address _to, bytes calldata _purefidata) external {
    verifier.validatePayload(_purefidata);
    // Function logic after successful validation
}

The validatePayload method checks:

  • Signature validity.
  • Data freshness (timestamp).
  • Session uniqueness.
  • Issuer authorization.

If validation fails, the transaction reverts with an appropriate error.

3. (Optional) Extract Data from the Payload

If you need to retrieve data from the payload (e.g., the sender’s address), use PureFiDataLibrary. First, import the library:

import {PureFiDataLibrary} from "./PureFi/libraries/PureFiDataLibrary.sol";

Then extract data after validation:

function someRestrictedFunction(address _to, bytes calldata _purefidata) external {
    bytes memory package = verifier.validatePayload(_purefidata);
    address from = PureFiDataLibrary.getFrom(package);
    require(from == msg.sender, "Caller must match payload sender");
    // Function logic
}

Here, getFrom extracts the sender’s address from the payload, which can be useful for additional checks.