diff --git a/07.md b/07.md index 294acd38..8e7ad370 100644 --- a/07.md +++ b/07.md @@ -21,8 +21,11 @@ async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertex async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated) async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns ciphertext as specified in nip-44 async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes ciphertext as specified in nip-44 +async window.nostr.signString(message: string): { hash: string, sig: string, pubkey: string } // return SHA256 `hash` of `message`, Schnorr `sig` of `hash`, `pubkey` of signer ``` +To ensure signEvent() permission checks are not bypassed, the optional signString() function MUST NOT sign any message that is a valid stringified event. + ### Recommendation to Extension Authors To make sure that the `window.nostr` is available to nostr clients on page load, the authors who create Chromium and Firefox extensions should load their scripts by specifying `"run_at": "document_end"` in the extension's manifest. diff --git a/46.md b/46.md index 17019649..a73753a8 100644 --- a/46.md +++ b/46.md @@ -105,6 +105,7 @@ Each of the following are methods that the _client_ sends to the _remote-signer_ | `nip04_decrypt` | `[, ]` | `` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | +| `sign_string` | `[<message_string_to_sign>]` | `json_stringified({ hash: <sha256_of_message>, sig: <schnorr_of_hash>, pubkey: <pubkey> })` | ### Requested permissions