mirror of
https://github.com/nbd-wtf/nostr-tools.git
synced 2025-12-09 00:28:51 +00:00
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
199411a971 | ||
|
|
a1dc6f41b9 | ||
|
5b59b93d86 | ||
|
12acd7bdca | ||
|
|
3bdb68020d | ||
|
b0a58e2ca4 | ||
|
|
b063be76ae |
@@ -22,7 +22,6 @@
|
||||
|
||||
"globals": {
|
||||
"document": false,
|
||||
"BigInt": false,
|
||||
"navigator": false,
|
||||
"window": false,
|
||||
"crypto": false,
|
||||
|
||||
5
event.ts
5
event.ts
@@ -13,7 +13,6 @@ export enum Kind {
|
||||
EncryptedDirectMessage = 4,
|
||||
EventDeletion = 5,
|
||||
Reaction = 7,
|
||||
StatelessRevocation = 13,
|
||||
ChannelCreation = 40,
|
||||
ChannelMetadata = 41,
|
||||
ChannelMessage = 42,
|
||||
@@ -79,7 +78,7 @@ export function getEventHash(event: UnsignedEvent): string {
|
||||
return secp256k1.utils.bytesToHex(eventHash)
|
||||
}
|
||||
|
||||
export function validateEvent(event: UnsignedEvent): boolean {
|
||||
export function validateEvent<T>(event: T): event is T & UnsignedEvent {
|
||||
if (typeof event !== 'object') return false
|
||||
if (typeof event.kind !== 'number') return false
|
||||
if (typeof event.content !== 'string') return false
|
||||
@@ -99,7 +98,7 @@ export function validateEvent(event: UnsignedEvent): boolean {
|
||||
return true
|
||||
}
|
||||
|
||||
export function verifySignature(event: Event & {sig: string}): boolean {
|
||||
export function verifySignature(event: Event): boolean {
|
||||
return secp256k1.schnorr.verifySync(
|
||||
event.sig,
|
||||
getEventHash(event),
|
||||
|
||||
@@ -37,6 +37,16 @@ describe('Filter', () => {
|
||||
expect(result).toEqual(false)
|
||||
})
|
||||
|
||||
it('should return true when the event id starts with a prefix', () => {
|
||||
const filter = {ids: ['22', '00']}
|
||||
|
||||
const event = {id: '001'}
|
||||
|
||||
const result = matchFilter(filter, event)
|
||||
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return false when the event kind is not in the filter', () => {
|
||||
const filter = {kinds: [1, 2, 3]}
|
||||
|
||||
@@ -132,6 +142,20 @@ describe('Filter', () => {
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return true when at least one prefix matches the event', () => {
|
||||
const filters = [
|
||||
{ids: ['1'], kinds: [1], authors: ['a']},
|
||||
{ids: ['4'], kinds: [2], authors: ['d']},
|
||||
{ids: ['9'], kinds: [3], authors: ['g']}
|
||||
]
|
||||
|
||||
const event = {id: '987', kind: 3, pubkey: 'ghi'}
|
||||
|
||||
const result = matchFilters(filters, event)
|
||||
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return true when event matches one or more filters and some have limit set', () => {
|
||||
const filters = [
|
||||
{ids: ['123'], limit: 1},
|
||||
|
||||
17
filter.ts
17
filter.ts
@@ -13,12 +13,19 @@ export type Filter = {
|
||||
|
||||
export function matchFilter(
|
||||
filter: Filter,
|
||||
event: Event & {id: string}
|
||||
event: Event
|
||||
): boolean {
|
||||
if (filter.ids && filter.ids.indexOf(event.id) === -1) return false
|
||||
if (filter.ids && filter.ids.indexOf(event.id) === -1) {
|
||||
if (!filter.ids.some(prefix => event.id.startsWith(prefix))) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) return false
|
||||
if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
|
||||
return false
|
||||
if (filter.authors && filter.authors.indexOf(event.pubkey) === -1) {
|
||||
if (!filter.authors.some(prefix => event.pubkey.startsWith(prefix))) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
for (let f in filter) {
|
||||
if (f[0] === '#') {
|
||||
@@ -42,7 +49,7 @@ export function matchFilter(
|
||||
|
||||
export function matchFilters(
|
||||
filters: Filter[],
|
||||
event: Event & {id: string}
|
||||
event: Event
|
||||
): boolean {
|
||||
for (let i = 0; i < filters.length; i++) {
|
||||
if (matchFilter(filters[i], event)) return true
|
||||
|
||||
1
index.ts
1
index.ts
@@ -12,7 +12,6 @@ export * as nip10 from './nip10'
|
||||
export * as nip19 from './nip19'
|
||||
export * as nip26 from './nip26'
|
||||
export * as nip39 from './nip39'
|
||||
export * as nip41 from './nip41'
|
||||
export * as nip57 from './nip57'
|
||||
|
||||
export * as fj from './fakejson'
|
||||
|
||||
154
nip41.test.js
154
nip41.test.js
@@ -1,154 +0,0 @@
|
||||
/* eslint-env jest */
|
||||
|
||||
const secp256k1 = require('@noble/secp256k1')
|
||||
const {
|
||||
getPublicKey,
|
||||
validateEvent,
|
||||
verifySignature,
|
||||
generatePrivateKey,
|
||||
nip41
|
||||
} = require('./lib/nostr.cjs')
|
||||
|
||||
test('sanity', () => {
|
||||
let sk = generatePrivateKey()
|
||||
|
||||
expect(getPublicKey(sk)).toEqual(secp256k1.Point.fromPrivateKey(sk).toHexX())
|
||||
})
|
||||
|
||||
test('key arithmetics', () => {
|
||||
expect(
|
||||
secp256k1.utils.mod(secp256k1.CURVE.n + 1n, secp256k1.CURVE.n)
|
||||
).toEqual(1n)
|
||||
|
||||
let veryHighPoint = secp256k1.Point.fromPrivateKey(
|
||||
(secp256k1.CURVE.n - 1n).toString(16).padStart(64, '0')
|
||||
)
|
||||
let pointAt2 = secp256k1.Point.fromPrivateKey(
|
||||
2n.toString(16).padStart(64, '0')
|
||||
)
|
||||
let pointAt1 = secp256k1.Point.fromPrivateKey(
|
||||
1n.toString(16).padStart(64, '0')
|
||||
)
|
||||
expect(veryHighPoint.add(pointAt2)).toEqual(pointAt1)
|
||||
|
||||
expect(
|
||||
secp256k1.getPublicKey(1n.toString(16).padStart(64, '0'), true)
|
||||
).toEqual(pointAt1.toRawBytes(true))
|
||||
})
|
||||
|
||||
test('testing getting child keys compatibility', () => {
|
||||
let sk = '2222222222222222222222222222222222222222222222222222222222222222'
|
||||
let pk = secp256k1.getPublicKey(sk, true)
|
||||
let hsk = '3333333333333333333333333333333333333333333333333333333333333333'
|
||||
let hpk = secp256k1.getPublicKey(hsk, true)
|
||||
|
||||
expect(secp256k1.utils.bytesToHex(nip41.getChildPublicKey(pk, hpk))).toEqual(
|
||||
secp256k1.utils.bytesToHex(
|
||||
secp256k1.getPublicKey(nip41.getChildPrivateKey(sk, hsk), true)
|
||||
)
|
||||
)
|
||||
})
|
||||
|
||||
test('more testing child key derivation', () => {
|
||||
;[
|
||||
{
|
||||
sk: '448aedc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '00ee15a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '02e3990b0eb40452a8ffbd9fe99037deb7beeb6ab26020e8c0e8284f3009a56d0c',
|
||||
hpk: '029e9cb07f3a3b8abcad629920d4a5460aefb6b7c08704b7f1ced8648b007ef65f'
|
||||
},
|
||||
{
|
||||
sk: '778aedc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '99ee15a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '020d09894e321f53a7ac8bc003cb1563a4857d57ea69c39ab7189e2cccedc17d1b',
|
||||
hpk: '0358fe19e14c78c4a8c0037a2b9d3e3a714717f2a2d8dd54a5e88d283440dcb28a'
|
||||
},
|
||||
{
|
||||
sk: '2eb5edc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '65d515a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '03dd651a07dc6c9a54b596f6492c9623a595cb48e31af04f8c322d4ce81accb2b0',
|
||||
hpk: '03b8c98d920141a1e168d21e9315cf933a601872ebf57751b30797fb98526c2f4f'
|
||||
}
|
||||
].forEach(({pk, hpk, sk, hsk}) => {
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(secp256k1.getPublicKey(sk, true))
|
||||
).toEqual(pk)
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(secp256k1.getPublicKey(hsk, true))
|
||||
).toEqual(hpk)
|
||||
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes(pk),
|
||||
secp256k1.utils.hexToBytes(hpk)
|
||||
)
|
||||
)
|
||||
).toEqual(
|
||||
secp256k1.utils.bytesToHex(
|
||||
secp256k1.getPublicKey(nip41.getChildPrivateKey(sk, hsk), true)
|
||||
)
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
test('generating a revocation event and validating it', () => {
|
||||
const mnemonic =
|
||||
'air property excess weird rare rival fade intact brave office mirror wait'
|
||||
|
||||
const firstKey = nip41.getPrivateKeyAtIndex(mnemonic, 9)
|
||||
// expect(firstKey).toEqual(
|
||||
// '8495ba55f56485d378aa275604a45e76abbcae177e374fa06af5770c3b8e24af'
|
||||
// )
|
||||
const firstPubkey = getPublicKey(firstKey)
|
||||
// expect(firstPubkey).toEqual(
|
||||
// '35246813a0dd45e74ce22ecdf052cca8ed47759c8f8d412c281dc2755110956f'
|
||||
// )
|
||||
|
||||
// first key is compromised, revoke it
|
||||
let {parentPrivateKey, event} = nip41.buildRevocationEvent(
|
||||
mnemonic,
|
||||
firstPubkey
|
||||
)
|
||||
|
||||
const secondKey = nip41.getPrivateKeyAtIndex(mnemonic, 8)
|
||||
expect(parentPrivateKey).toEqual(secondKey)
|
||||
expect(secondKey).toEqual(
|
||||
'1b311655ef73bed3bbebc83d0cb3eef42c6aff45f944e3a0c263eb6fdf98c617'
|
||||
)
|
||||
|
||||
expect(event).toHaveProperty('kind', 13)
|
||||
expect(event.tags).toHaveLength(2)
|
||||
expect(event.tags[0]).toHaveLength(2)
|
||||
expect(event.tags[1]).toHaveLength(2)
|
||||
expect(event.tags[0][0]).toEqual('p')
|
||||
expect(event.tags[1][0]).toEqual('hidden-key')
|
||||
|
||||
let hiddenKey = secp256k1.utils.hexToBytes(event.tags[1][1])
|
||||
|
||||
let pubkeyAlt1 = secp256k1.utils
|
||||
.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes('02' + event.pubkey),
|
||||
hiddenKey
|
||||
)
|
||||
)
|
||||
.slice(2)
|
||||
let pubkeyAlt2 = secp256k1.utils
|
||||
.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes('03' + event.pubkey),
|
||||
hiddenKey
|
||||
)
|
||||
)
|
||||
.slice(2)
|
||||
|
||||
expect([pubkeyAlt1, pubkeyAlt2]).toContain(event.tags[0][1])
|
||||
|
||||
// receiver of revocation event can validate it
|
||||
let secondPubkey = getPublicKey(secondKey)
|
||||
expect(event.pubkey).toEqual(secondPubkey)
|
||||
expect(validateEvent(event)).toBeTruthy()
|
||||
expect(verifySignature(event)).toBeTruthy()
|
||||
expect(nip41.validateRevocation(event)).toBeTruthy()
|
||||
})
|
||||
160
nip41.ts
160
nip41.ts
@@ -1,160 +0,0 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {sha256} from '@noble/hashes/sha256'
|
||||
import {mnemonicToSeedSync} from '@scure/bip39'
|
||||
import {HARDENED_OFFSET, HDKey} from '@scure/bip32'
|
||||
|
||||
import {getPublicKey} from './keys'
|
||||
import {Event, getEventHash, Kind, signEvent, verifySignature} from './event'
|
||||
|
||||
const MaxKeys = 256
|
||||
|
||||
function getRootFromMnemonic(mnemonic: string): HDKey {
|
||||
return HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic)).derive(
|
||||
`m/44'/1237'/41'`
|
||||
)
|
||||
}
|
||||
|
||||
export function getPrivateKeyAtIndex(
|
||||
mnemonic: string,
|
||||
targetIdx: number
|
||||
): string {
|
||||
let root = getRootFromMnemonic(mnemonic)
|
||||
let rootPrivateKey = secp256k1.utils.bytesToHex(root.privateKey as Uint8Array)
|
||||
let currentPrivateKey = rootPrivateKey
|
||||
|
||||
for (let idx = 1; idx <= targetIdx; idx++) {
|
||||
let hiddenPrivateKey = secp256k1.utils.bytesToHex(
|
||||
root.deriveChild(idx + HARDENED_OFFSET).privateKey as Uint8Array
|
||||
)
|
||||
currentPrivateKey = getChildPrivateKey(currentPrivateKey, hiddenPrivateKey)
|
||||
}
|
||||
|
||||
return currentPrivateKey
|
||||
}
|
||||
|
||||
export function getPublicKeyAtIndex(
|
||||
root: HDKey,
|
||||
targetIdx: number
|
||||
): Uint8Array {
|
||||
let rootPublicKey = root.publicKey as Uint8Array
|
||||
|
||||
let currentPublicKey = rootPublicKey
|
||||
for (let idx = 1; idx <= targetIdx; idx++) {
|
||||
let hiddenPublicKey = root.deriveChild(idx + HARDENED_OFFSET)
|
||||
.publicKey as Uint8Array
|
||||
currentPublicKey = getChildPublicKey(currentPublicKey, hiddenPublicKey)
|
||||
}
|
||||
|
||||
return currentPublicKey
|
||||
}
|
||||
|
||||
function getIndexOfPublicKey(root: HDKey, publicKey: string): number {
|
||||
let rootPublicKey = root.publicKey as Uint8Array
|
||||
if (secp256k1.utils.bytesToHex(rootPublicKey).slice(2) === publicKey) return 0
|
||||
|
||||
let currentPublicKey = rootPublicKey
|
||||
for (let idx = 1; idx <= MaxKeys; idx++) {
|
||||
let hiddenPublicKey = root.deriveChild(idx + HARDENED_OFFSET)
|
||||
.publicKey as Uint8Array
|
||||
let pubkeyAtIndex = getChildPublicKey(currentPublicKey, hiddenPublicKey)
|
||||
if (secp256k1.utils.bytesToHex(pubkeyAtIndex).slice(2) === publicKey)
|
||||
return idx
|
||||
|
||||
currentPublicKey = pubkeyAtIndex
|
||||
}
|
||||
|
||||
throw new Error(
|
||||
`public key ${publicKey} not in the set of the first ${MaxKeys} public keys`
|
||||
)
|
||||
}
|
||||
|
||||
export function getChildPublicKey(
|
||||
parentPublicKey: Uint8Array,
|
||||
hiddenPublicKey: Uint8Array
|
||||
): Uint8Array {
|
||||
if (parentPublicKey.length !== 33 || hiddenPublicKey.length !== 33)
|
||||
throw new Error(
|
||||
'getChildPublicKey() requires public keys with the leading differentiator byte.'
|
||||
)
|
||||
|
||||
let hash = sha256(
|
||||
secp256k1.utils.concatBytes(hiddenPublicKey, parentPublicKey)
|
||||
)
|
||||
let hashPoint = secp256k1.Point.fromPrivateKey(hash)
|
||||
let point = secp256k1.Point.fromHex(hiddenPublicKey).add(hashPoint)
|
||||
return point.toRawBytes(true)
|
||||
}
|
||||
|
||||
export function getChildPrivateKey(
|
||||
parentPrivateKey: string,
|
||||
hiddenPrivateKey: string
|
||||
): string {
|
||||
let parentPublicKey = secp256k1.getPublicKey(parentPrivateKey, true)
|
||||
let hiddenPublicKey = secp256k1.getPublicKey(hiddenPrivateKey, true)
|
||||
let hash = sha256(
|
||||
secp256k1.utils.concatBytes(hiddenPublicKey, parentPublicKey)
|
||||
)
|
||||
let hashScalar = BigInt(`0x${secp256k1.utils.bytesToHex(hash)}`)
|
||||
let hiddenPrivateKeyScalar = BigInt(`0x${hiddenPrivateKey}`)
|
||||
let sumScalar = hiddenPrivateKeyScalar + hashScalar
|
||||
let modulo = secp256k1.utils.mod(sumScalar, secp256k1.CURVE.n)
|
||||
return modulo.toString(16).padStart(64, '0')
|
||||
}
|
||||
|
||||
export function buildRevocationEvent(
|
||||
mnemonic: string,
|
||||
compromisedKey: string,
|
||||
content = ''
|
||||
): {
|
||||
parentPrivateKey: string
|
||||
event: Event
|
||||
} {
|
||||
let root = getRootFromMnemonic(mnemonic)
|
||||
let idx = getIndexOfPublicKey(root, compromisedKey)
|
||||
let hiddenKey = secp256k1.utils.bytesToHex(
|
||||
root.deriveChild(idx + HARDENED_OFFSET).publicKey as Uint8Array
|
||||
)
|
||||
let parentPrivateKey = getPrivateKeyAtIndex(mnemonic, idx - 1)
|
||||
let parentPublicKey = getPublicKey(parentPrivateKey)
|
||||
|
||||
let event: Event = {
|
||||
kind: 13,
|
||||
tags: [
|
||||
['p', compromisedKey],
|
||||
['hidden-key', hiddenKey]
|
||||
],
|
||||
created_at: Math.round(Date.now() / 1000),
|
||||
content,
|
||||
pubkey: parentPublicKey
|
||||
}
|
||||
|
||||
event.sig = signEvent(event, parentPrivateKey)
|
||||
event.id = getEventHash(event)
|
||||
|
||||
return {parentPrivateKey, event}
|
||||
}
|
||||
|
||||
export function validateRevocation(event: Event): boolean {
|
||||
if (event.kind !== Kind.StatelessRevocation) return false
|
||||
if (!verifySignature(event)) return false
|
||||
|
||||
let invalidKeyTag = event.tags.find(([t, v]) => t === 'p' && v)
|
||||
if (!invalidKeyTag) return false
|
||||
let invalidKey = invalidKeyTag[1]
|
||||
|
||||
let hiddenKeyTag = event.tags.find(([t, v]) => t === 'hidden-key' && v)
|
||||
if (!hiddenKeyTag) return false
|
||||
let hiddenKey = secp256k1.utils.hexToBytes(hiddenKeyTag[1])
|
||||
if (hiddenKey.length !== 33) return false
|
||||
|
||||
let currentKeyAlt1 = secp256k1.utils.hexToBytes('02' + event.pubkey)
|
||||
let currentKeyAlt2 = secp256k1.utils.hexToBytes('03' + event.pubkey)
|
||||
let childKeyAlt1 = secp256k1.utils
|
||||
.bytesToHex(getChildPublicKey(currentKeyAlt1, hiddenKey))
|
||||
.slice(2)
|
||||
let childKeyAlt2 = secp256k1.utils
|
||||
.bytesToHex(getChildPublicKey(currentKeyAlt2, hiddenKey))
|
||||
.slice(2)
|
||||
|
||||
return childKeyAlt1 === invalidKey || childKeyAlt2 === invalidKey
|
||||
}
|
||||
19
package.json
19
package.json
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "nostr-tools",
|
||||
"version": "1.8.2",
|
||||
"version": "1.8.3",
|
||||
"description": "Tools for making a Nostr client.",
|
||||
"repository": {
|
||||
"type": "git",
|
||||
@@ -18,12 +18,11 @@
|
||||
},
|
||||
"license": "Public domain",
|
||||
"dependencies": {
|
||||
"@noble/hashes": "1.0.0",
|
||||
"@noble/secp256k1": "^1.7.1",
|
||||
"@scure/base": "^1.1.1",
|
||||
"@scure/bip32": "^1.1.5",
|
||||
"@scure/bip39": "^1.1.1",
|
||||
"prettier": "^2.8.4"
|
||||
"@noble/hashes": "1.2.0",
|
||||
"@noble/secp256k1": "1.7.0",
|
||||
"@scure/base": "1.1.1",
|
||||
"@scure/bip32": "1.1.4",
|
||||
"@scure/bip39": "1.1.1"
|
||||
},
|
||||
"keywords": [
|
||||
"decentralization",
|
||||
@@ -32,6 +31,11 @@
|
||||
"client",
|
||||
"nostr"
|
||||
],
|
||||
"scripts": {
|
||||
"build": "node build",
|
||||
"format": "prettier --plugin-search-dir . --write .",
|
||||
"test": "node build && jest"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/node": "^18.13.0",
|
||||
"@typescript-eslint/eslint-plugin": "^5.51.0",
|
||||
@@ -44,6 +48,7 @@
|
||||
"events": "^3.3.0",
|
||||
"jest": "^29.4.2",
|
||||
"node-fetch": "^2.6.9",
|
||||
"prettier": "^2.8.4",
|
||||
"ts-jest": "^29.0.5",
|
||||
"tsd": "^0.22.0",
|
||||
"typescript": "^4.9.5",
|
||||
|
||||
@@ -81,7 +81,7 @@ export function parseReferences(evt: Event): Reference[] {
|
||||
}
|
||||
case 'a': {
|
||||
try {
|
||||
let [kind, pubkey, identifier] = ref[1].split(':')
|
||||
let [kind, pubkey, identifier] = tag[1].split(':')
|
||||
references.push({
|
||||
text: ref[0],
|
||||
address: {
|
||||
|
||||
Reference in New Issue
Block a user