gift: unwrap tries both decoupled and identity keys, wrap defaults to decoupled but accepts flags to change that.

git: add viewsource.win to list of possible web views.
use dekey by default on gift wrap and unwrap.
2026-02-01 14:55:51 +00:00 · 2025-12-30 15:28:06 -03:00 · 2025-12-29 19:53:07 -03:00 · 2025-12-28 12:49:53 -03:00
5 changed files with 229 additions and 58 deletions
--- a/dekey.go
+++ b/dekey.go
@@ -33,16 +33,16 @@ var dekey = &cli.Command{
 		},
 		&cli.BoolFlag{
 			Name:  "rotate",
-			Usage: "force the creation of a new encryption key, effectively invalidating any previous ones",
+			Usage: "force the creation of a new decoupled encryption key, effectively invalidating any previous ones",
 		},
 		&cli.BoolFlag{
 			Name:    "authorize-all",
 			Aliases: []string{"yolo"},
-			Usage:   "do not ask for confirmation, just automatically send the encryption key to all devices that exist",
+			Usage:   "do not ask for confirmation, just automatically send the decoupled encryption key to all devices that exist",
 		},
 		&cli.BoolFlag{
 			Name:  "reject-all",
-			Usage: "do not ask for confirmation, just not send the encryption key to any device",
+			Usage: "do not ask for confirmation, just not send the decoupled encryption key to any device",
 		},
 	),
 	Action: func(ctx context.Context, c *cli.Command) error {
@@ -93,7 +93,7 @@ var dekey = &cli.Command{
 		}
 		// check for kind:10044
-		log("- checking for user encryption key (kind:10044)\n")
+		log("- checking for decoupled encryption key (kind:10044)\n")
 		keyAnnouncementResult := sys.Pool.FetchManyReplaceable(ctx, relays, nostr.Filter{
 			Kinds:   []nostr.Kind{10044},
 			Authors: []nostr.PubKey{userPub},
@@ -104,7 +104,7 @@ var dekey = &cli.Command{
 		var generateNewEncryptionKey bool
 		keyAnnouncementEvent, ok := keyAnnouncementResult.Load(nostr.ReplaceableKey{PubKey: userPub, D: ""})
 		if !ok {
-			log("- no user encryption key found, generating new one\n")
+			log("- no decoupled encryption key found, generating new one\n")
 			generateNewEncryptionKey = true
 		} else {
 			// get the pub from the tag
@@ -118,7 +118,7 @@ var dekey = &cli.Command{
 				return fmt.Errorf("got invalid kind:10044 event, no 'n' tag")
 			}
-			log(". an encryption public key already exists: %s\n", color.CyanString(ePub.Hex()))
+			log(". a decoupled encryption public key already exists: %s\n", color.CyanString(ePub.Hex()))
 			if c.Bool("rotate") {
 				log(color.GreenString("rotating it by generating a new one\n"))
 				generateNewEncryptionKey = true
@@ -134,12 +134,12 @@ var dekey = &cli.Command{
 			eKeyPath := filepath.Join(configPath, "dekey", "p", userPub.Hex(), "e", ePub.Hex())
 			os.MkdirAll(filepath.Dir(eKeyPath), 0700)
 			if err := os.WriteFile(eKeyPath, []byte(eSec.Hex()), 0600); err != nil {
-				return fmt.Errorf("failed to write user encryption key: %w", err)
+				return fmt.Errorf("failed to write decoupled encryption key: %w", err)
 			}
-			log("user encryption key generated and stored, public key: %s\n", color.CyanString(ePub.Hex()))
+			log("decoupled encryption key generated and stored, public key: %s\n", color.CyanString(ePub.Hex()))
 			// publish kind:10044
-			log("publishing user encryption public key (kind:10044)\n")
+			log("publishing decoupled encryption public key (kind:10044)\n")
 			evt10044 := nostr.Event{
 				Kind:      10044,
 				Content:   "",
@@ -164,10 +164,10 @@ var dekey = &cli.Command{
 					return fmt.Errorf("invalid main key: %w", err)
 				}
 				if eSec.Public() != ePub {
-					return fmt.Errorf("stored user encryption key is corrupted: %w", err)
+					return fmt.Errorf("stored decoupled encryption key is corrupted: %w", err)
 				}
 			} else {
-				log("- encryption key not found locally, attempting to fetch the key from other devices\n")
+				log("- decoupled encryption key not found locally, attempting to fetch the key from other devices\n")
 				// check if our kind:4454 is already published
 				log("- checking for existing device announcement (kind:4454)\n")
@@ -242,14 +242,14 @@ var dekey = &cli.Command{
 					}
 					// check if it matches mainPub
 					if eSec.Public() == ePub {
-						log(color.GreenString("successfully decrypted encryption key from another device\n"))
+						log(color.GreenString("successfully received decoupled encryption key from another device\n"))
 						// store it
 						os.MkdirAll(filepath.Dir(eKeyPath), 0700)
 						os.WriteFile(eKeyPath, []byte(eSecHex), 0600)
 						// delete our 4454 if we had one, since we received the key
 						if len(ourDeviceAnnouncementEvents) > 0 {
-							log("deleting our device announcement (kind:4454) since we received the encryption key\n")
+							log("deleting our device announcement (kind:4454) since we received the decoupled encryption key\n")
 							deletion4454 := nostr.Event{
 								CreatedAt: nostr.Now(),
 								Kind:      5,
@@ -290,11 +290,11 @@ var dekey = &cli.Command{
 		}
 		if eSec == [32]byte{} {
-			log("encryption secret key not available, must be sent from another device to %s first\n",
+			log("decoupled encryption secret key not available, must be sent from another device to %s first\n",
 				color.YellowString(deviceName))
 			return nil
 		}
-		log(color.GreenString("- encryption key ready\n"))
+		log(color.GreenString("- decoupled encryption key ready\n"))
 		// now we have mainSec, check for other kind:4454 events newer than the 10044
 		log("- checking for other devices and key messages so we can send the key\n")
@@ -359,7 +359,7 @@ var dekey = &cli.Command{
 				} else {
 					var proceed bool
 					if err := survey.AskOne(&survey.Confirm{
-						Message: fmt.Sprintf("share encryption key with %s"+colors.bold("?"),
+						Message: fmt.Sprintf("share decoupled encryption key with %s"+colors.bold("?"),
 							color.YellowString(deviceTag[1])),
 					}, &proceed); err != nil {
 						return err
@@ -398,7 +398,7 @@ var dekey = &cli.Command{
 					}
 				}
-				log("- sending encryption key to new device %s\n", color.YellowString(deviceTag[1]))
+				log("- sending decoupled encryption key to new device %s\n", color.YellowString(deviceTag[1]))
 				ss, err := nip44.GenerateConversationKey(theirDevice, deviceSec)
 				if err != nil {
 					continue
@@ -424,7 +424,7 @@ var dekey = &cli.Command{
 				if err := publishFlow(ctx, c, kr, evt4455, relayList); err != nil {
 					log(color.RedString("failed to publish key message: %v\n"), err)
 				} else {
-					log("  - encryption key sent to %s\n", color.GreenString(deviceTag[1]))
+					log("  - decoupled encryption key sent to %s\n", color.GreenString(deviceTag[1]))
 				}
 			}
 		}
--- a/gift.go
+++ b/gift.go
@@ -4,10 +4,14 @@ import (
 	"context"
 	"fmt"
 	"math/rand"
 	"os"
 	"path/filepath"
 	"time"
 	"fiatjaf.com/nostr"
 	"fiatjaf.com/nostr/keyer"
 	"fiatjaf.com/nostr/nip44"
 	"github.com/fatih/color"
 	"github.com/mailru/easyjson"
 	"github.com/urfave/cli/v3"
 )
@@ -16,19 +20,29 @@ var gift = &cli.Command{
 	Name:  "gift",
 	Usage: "gift-wraps (or unwraps) an event according to NIP-59",
 	Description: `example:
-  nak event | nak gift wrap --sec <sec-a> -p <sec-b> | nak gift unwrap --sec <sec-b> --from <pub-a>`,
+  nak event | nak gift wrap --sec <sec-a> -p <sec-b> | nak gift unwrap --sec <sec-b> --from <pub-a>
 a decoupled key (if it has been created or received with "nak dekey" previously) will be used by default.`,
 	DisableSliceFlagSeparator: true,
 	Flags:                     defaultKeyFlags,
 	Commands: []*cli.Command{
 		{
 			Name: "wrap",
-			Flags: append(
+			Flags: []cli.Flag{
 				defaultKeyFlags,
 				&PubKeyFlag{
 					Name:     "recipient-pubkey",
 					Aliases:  []string{"p", "tgt", "target", "pubkey", "to"},
 					Required: true,
 				},
-			),
+				&cli.BoolFlag{
 					Name:  "use-our-identity-key",
 					Usage: "Encrypt with the key given to --sec directly even when a decoupled key exists for the sender.",
 				},
 				&cli.BoolFlag{
 					Name:  "use-their-identity-key",
 					Usage: "Encrypt to the public key given as --recipient-pubkey directly even when a decoupled key exists for the receiver.",
 				},
 			},
 			Usage: "turns an event into a rumor (unsigned) then gift-wraps it to the recipient",
 			Description: `example:
  nak event -c 'hello' | nak gift wrap --sec <my-secret-key> -p <target-public-key>`,
@@ -38,14 +52,46 @@ var gift = &cli.Command{
 					return err
 				}
-				recipient := getPubKey(c, "recipient-pubkey")
+				// get sender pubkey (ourselves)
 				// get sender pubkey
 				sender, err := kr.GetPublicKey(ctx)
 				if err != nil {
 					return fmt.Errorf("failed to get sender pubkey: %w", err)
 				}
 				var using bool
 				var cipher nostr.Cipher = kr
 				// use decoupled key if it exists
 				using = false
 				if !c.Bool("use-our-identity-key") {
 					configPath := c.String("config-path")
 					eSec, has, err := getDecoupledEncryptionSecretKey(ctx, configPath, sender)
 					if has {
 						if err != nil {
 							return fmt.Errorf("our decoupled encryption key exists, but we failed to get it: %w; call `nak dekey` to attempt a fix or call this again with --encrypt-with-our-identity-key to bypass", err)
 						}
 						cipher = keyer.NewPlainKeySigner(eSec)
 						log("- using our decoupled encryption key %s\n", color.CyanString(eSec.Public().Hex()))
 						using = true
 					}
 				}
 				if !using {
 					log("- using our identity key %s\n", color.CyanString(sender.Hex()))
 				}
 				recipient := getPubKey(c, "recipient-pubkey")
 				using = false
 				if !c.Bool("use-their-identity-key") {
 					if theirEPub, exists := getDecoupledEncryptionPublicKey(ctx, recipient); exists {
 						recipient = theirEPub
 						using = true
 						log("- using their decoupled encryption public key %s\n", color.CyanString(theirEPub.Hex()))
 					}
 				}
 				if !using {
 					log("- using their identity public key %s\n", color.CyanString(recipient.Hex()))
 				}
 				// read event from stdin
 				for eventJSON := range getJsonsOrBlank() {
 					if eventJSON == "{}" {
@@ -65,7 +111,7 @@ var gift = &cli.Command{
 					// create seal
 					rumorJSON, _ := easyjson.Marshal(rumor)
-					encryptedRumor, err := kr.Encrypt(ctx, string(rumorJSON), recipient)
+					encryptedRumor, err := cipher.Encrypt(ctx, string(rumorJSON), recipient)
 					if err != nil {
 						return fmt.Errorf("failed to encrypt rumor: %w", err)
 					}
@@ -114,22 +160,30 @@ var gift = &cli.Command{
 			Name:  "unwrap",
 			Usage: "decrypts a gift-wrap event sent by the sender to us and exposes its internal rumor (unsigned event).",
 			Description: `example:
-  nak req -p <my-public-key> -k 1059 dmrelay.com | nak gift unwrap --sec <my-secret-key> --from <sender-public-key>`,
+  nak req -p <my-public-key> -k 1059 dmrelay.com | nak gift unwrap --sec <my-secret-key>`,
 			Flags: append(
 				defaultKeyFlags,
 				&PubKeyFlag{
 					Name:     "sender-pubkey",
 					Aliases:  []string{"p", "src", "source", "pubkey", "from"},
 					Required: true,
 				},
 			),
 			Action: func(ctx context.Context, c *cli.Command) error {
 				kr, _, err := gatherKeyerFromArguments(ctx, c)
 				if err != nil {
 					return err
 				}
-				sender := getPubKey(c, "sender-pubkey")
+				// get receiver public key (ourselves)
 				receiver, err := kr.GetPublicKey(ctx)
 				if err != nil {
 					return err
 				}
 				ciphers := []nostr.Cipher{kr}
 				// use decoupled key if it exists
 				configPath := c.String("config-path")
 				eSec, has, err := getDecoupledEncryptionSecretKey(ctx, configPath, receiver)
 				if has {
 					if err != nil {
 						return fmt.Errorf("our decoupled encryption key exists, but we failed to get it: %w; call `nak dekey` to attempt a fix or call this again with --use-direct to bypass", err)
 					}
 					ciphers = append(ciphers, kr)
 					ciphers[0] = keyer.NewPlainKeySigner(eSec) // pub decoupled key first
 				}
 				// read gift-wrapped event from stdin
 				for wrapJSON := range getJsonsOrBlank() {
@@ -146,36 +200,79 @@ var gift = &cli.Command{
 						return fmt.Errorf("not a gift wrap event (kind %d)", wrap.Kind)
 					}
-					ephemeralPubkey := wrap.PubKey
+					// decrypt seal (in the process also find out if they encrypted it to our identity key or to our decoupled key)
-
+					var cipher nostr.Cipher
 					// decrypt seal
 					sealJSON, err := kr.Decrypt(ctx, wrap.Content, ephemeralPubkey)
 					if err != nil {
 						return fmt.Errorf("failed to decrypt seal: %w", err)
 					}
 					var seal nostr.Event
-					if err := easyjson.Unmarshal([]byte(sealJSON), &seal); err != nil {
+
-						return fmt.Errorf("invalid seal JSON: %w", err)
+					// try both the receiver identity key and decoupled key
 					err = nil
 					for c, potentialCipher := range ciphers {
 						switch c {
 						case 0:
 							log("- trying the receiver's decoupled encryption key %s\n", color.CyanString(eSec.Public().Hex()))
 						case 1:
 							log("- trying the receiver's identity key %s\n", color.CyanString(receiver.Hex()))
 						}
 						sealj, thisErr := potentialCipher.Decrypt(ctx, wrap.Content, wrap.PubKey)
 						if thisErr != nil {
 							err = thisErr
 							continue
 						}
 						if thisErr := easyjson.Unmarshal([]byte(sealj), &seal); thisErr != nil {
 							err = fmt.Errorf("invalid seal JSON: %w", thisErr)
 							continue
 						}
 						cipher = potentialCipher
 						break
 					}
 					if seal.ID == nostr.ZeroID {
 						// if both ciphers failed above we'll reach here
 						return fmt.Errorf("failed to decrypt seal: %w", err)
 					}
 					if seal.Kind != 13 {
 						return fmt.Errorf("not a seal event (kind %d)", seal.Kind)
 					}
-					// decrypt rumor
+					senderEncryptionPublicKeys := []nostr.PubKey{seal.PubKey}
-					rumorJSON, err := kr.Decrypt(ctx, seal.Content, sender)
+					if theirEPub, exists := getDecoupledEncryptionPublicKey(ctx, seal.PubKey); exists {
-					if err != nil {
+						senderEncryptionPublicKeys = append(senderEncryptionPublicKeys, seal.PubKey)
 						senderEncryptionPublicKeys[0] = theirEPub // put decoupled key first
 					}
 					// decrypt rumor (at this point we know what cipher is the one they encrypted to)
 					// (but we don't know if they have encrypted with their identity key or their decoupled key, so try both)
 					var rumor nostr.Event
 					err = nil
 					for s, senderEncryptionPublicKey := range senderEncryptionPublicKeys {
 						switch s {
 						case 0:
 							log("- trying the sender's decoupled encryption public key %s\n", color.CyanString(senderEncryptionPublicKey.Hex()))
 						case 1:
 							log("- trying the sender's identity public key %s\n", color.CyanString(senderEncryptionPublicKey.Hex()))
 						}
 						rumorj, thisErr := cipher.Decrypt(ctx, seal.Content, senderEncryptionPublicKey)
 						if thisErr != nil {
 							err = fmt.Errorf("failed to decrypt rumor: %w", thisErr)
 							continue
 						}
 						if thisErr := easyjson.Unmarshal([]byte(rumorj), &rumor); thisErr != nil {
 							err = fmt.Errorf("invalid rumor JSON: %w", thisErr)
 							continue
 						}
 						break
 					}
 					if rumor.ID == nostr.ZeroID {
 						return fmt.Errorf("failed to decrypt rumor: %w", err)
 					}
 					var rumor nostr.Event
 					if err := easyjson.Unmarshal([]byte(rumorJSON), &rumor); err != nil {
 						return fmt.Errorf("invalid rumor JSON: %w", err)
 					}
 					// output the unwrapped event (rumor)
-					stdout(rumorJSON)
+					stdout(rumor.String())
 				}
 				return nil
@@ -190,3 +287,73 @@ func randomNow() nostr.Timestamp {
 	randomOffset := rand.Int63n(twoDays)
 	return nostr.Timestamp(now - randomOffset)
 }
 func getDecoupledEncryptionSecretKey(ctx context.Context, configPath string, pubkey nostr.PubKey) (nostr.SecretKey, bool, error) {
 	relays := sys.FetchWriteRelays(ctx, pubkey)
 	keyAnnouncementResult := sys.Pool.FetchManyReplaceable(ctx, relays, nostr.Filter{
 		Kinds:   []nostr.Kind{10044},
 		Authors: []nostr.PubKey{pubkey},
 	}, nostr.SubscriptionOptions{Label: "nak-nip4e-gift"})
 	keyAnnouncementEvent, ok := keyAnnouncementResult.Load(nostr.ReplaceableKey{PubKey: pubkey, D: ""})
 	if ok {
 		var ePub nostr.PubKey
 		// get the pub from the tag
 		for _, tag := range keyAnnouncementEvent.Tags {
 			if len(tag) >= 2 && tag[0] == "n" {
 				ePub, _ = nostr.PubKeyFromHex(tag[1])
 				break
 			}
 		}
 		if ePub == nostr.ZeroPK {
 			return [32]byte{}, true, fmt.Errorf("got invalid kind:10044 event, no 'n' tag")
 		}
 		// check if we have the key
 		eKeyPath := filepath.Join(configPath, "dekey", "p", pubkey.Hex(), "e", ePub.Hex())
 		if data, err := os.ReadFile(eKeyPath); err == nil {
 			eSec, err := nostr.SecretKeyFromHex(string(data))
 			if err != nil {
 				return [32]byte{}, true, fmt.Errorf("invalid main key: %w", err)
 			}
 			if eSec.Public() != ePub {
 				return [32]byte{}, true, fmt.Errorf("stored decoupled encryption key is corrupted: %w", err)
 			}
 			return eSec, true, nil
 		}
 	}
 	return [32]byte{}, false, nil
 }
 func getDecoupledEncryptionPublicKey(ctx context.Context, pubkey nostr.PubKey) (nostr.PubKey, bool) {
 	relays := sys.FetchWriteRelays(ctx, pubkey)
 	keyAnnouncementResult := sys.Pool.FetchManyReplaceable(ctx, relays, nostr.Filter{
 		Kinds:   []nostr.Kind{10044},
 		Authors: []nostr.PubKey{pubkey},
 	}, nostr.SubscriptionOptions{Label: "nak-nip4e-gift"})
 	keyAnnouncementEvent, ok := keyAnnouncementResult.Load(nostr.ReplaceableKey{PubKey: pubkey, D: ""})
 	if ok {
 		var ePub nostr.PubKey
 		// get the pub from the tag
 		for _, tag := range keyAnnouncementEvent.Tags {
 			if len(tag) >= 2 && tag[0] == "n" {
 				ePub, _ = nostr.PubKeyFromHex(tag[1])
 				break
 			}
 		}
 		if ePub == nostr.ZeroPK {
 			return nostr.ZeroPK, false
 		}
 		return ePub, true
 	}
 	return nostr.ZeroPK, false
 }
--- a/git.go
+++ b/git.go
@@ -277,6 +277,10 @@ aside from those, there is also:
 					// prompt for web URLs
 					webURLs, err := promptForStringList("web URLs", config.Web, []string{
 						fmt.Sprintf("https://viewsource.win/%s/%s",
 							nip19.EncodeNpub(nostr.MustPubKeyFromHex(config.Owner)),
 							config.Identifier,
 						),
 						fmt.Sprintf("https://gitworkshop.dev/%s/%s",
 							nip19.EncodeNpub(nostr.MustPubKeyFromHex(config.Owner)),
 							config.Identifier,
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.25
 require (
 	fiatjaf.com/lib v0.3.1
-	fiatjaf.com/nostr v0.0.0-20251222025842-099569ea4feb
+	fiatjaf.com/nostr v0.0.0-20251230181913-e52ffa631bd6
 	github.com/AlecAivazis/survey/v2 v2.3.7
 	github.com/bep/debounce v1.2.1
 	github.com/btcsuite/btcd/btcec/v2 v2.3.6
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,7 @@
 fiatjaf.com/lib v0.3.1 h1:/oFQwNtFRfV+ukmOCxfBEAuayoLwXp4wu2/fz5iHpwA=
 fiatjaf.com/lib v0.3.1/go.mod h1:Ycqq3+mJ9jAWu7XjbQI1cVr+OFgnHn79dQR5oTII47g=
-fiatjaf.com/nostr v0.0.0-20251222025842-099569ea4feb h1:GuqPn1g0JRD/dGxFRxEwEFxvbcT3vyvMjP3OoeLIIh0=
+fiatjaf.com/nostr v0.0.0-20251230181913-e52ffa631bd6 h1:yH+cU9ZNgUdMCRa5eS3pmqTPP/QdZtSmQAIrN/U5nEc=
-fiatjaf.com/nostr v0.0.0-20251222025842-099569ea4feb/go.mod h1:ue7yw0zHfZj23Ml2kVSdBx0ENEaZiuvGxs/8VEN93FU=
+fiatjaf.com/nostr v0.0.0-20251230181913-e52ffa631bd6/go.mod h1:ue7yw0zHfZj23Ml2kVSdBx0ENEaZiuvGxs/8VEN93FU=
 github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
 github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
 github.com/FastFilter/xorfilter v0.2.1 h1:lbdeLG9BdpquK64ZsleBS8B4xO/QW1IM0gMzF7KaBKc=
Author	SHA1	Message	Date
fiatjaf	81524de04f	gift: unwrap tries both decoupled and identity keys, wrap defaults to decoupled but accepts flags to change that.	2025-12-30 15:28:06 -03:00
fiatjaf	8334474f96	git: add viewsource.win to list of possible web views.	2025-12-29 19:53:07 -03:00
fiatjaf	87f27e214e	use dekey by default on gift wrap and unwrap.	2025-12-28 12:49:53 -03:00