Merge 9e6524c98b into b224b0ecb8

07.md

@@ -21,8 +21,11 @@ async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertex
 async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated)
 async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns ciphertext as specified in nip-44
 async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes ciphertext as specified in nip-44
+async window.nostr.signString(message: string): { hash: string, sig: string, pubkey: string } // return SHA256 `hash` of `message`, Schnorr `sig` of `hash`, `pubkey` of signer
 ```
 
+To ensure signEvent() permission checks are not bypassed, the optional signString() function MUST NOT sign any message that is a valid stringified event.
+
 ### Recommendation to Extension Authors
 To make sure that the `window.nostr` is available to nostr clients on page load, the authors who create Chromium and Firefox extensions should load their scripts by specifying `"run_at": "document_end"` in the extension's manifest.
 

46.md

@@ -105,6 +105,7 @@ Each of the following are methods that the _client_ sends to the _remote-signer_
 | `nip04_decrypt`          | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]`                       | `<plaintext>`                                                          |
 | `nip44_encrypt`          | `[<third_party_pubkey>, <plaintext_to_encrypt>]`                              | `<nip44_ciphertext>`                                                   |
 | `nip44_decrypt`          | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]`                       | `<plaintext>`                                                          |
+| `sign_string`           | `[<message_string_to_sign>]`                                                  | `json_stringified({ hash: <sha256_of_message>, sig: <schnorr_of_hash>, pubkey: <pubkey> })`               |
 
 ### Requested permissions