mirror of
https://github.com/nbd-wtf/nostr-tools.git
synced 2025-12-08 16:28:49 +00:00
Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
ac212cb5c8 | ||
|
204ae0eff1 | ||
|
f17ab41d72 | ||
|
|
f6f5ee8223 | ||
|
a05506468d | ||
|
674ff66b6f | ||
|
731705047a | ||
|
|
94b382a49f | ||
|
|
199411a971 | ||
|
|
a1dc6f41b9 | ||
|
|
5b59b93d86 | ||
|
12acd7bdca | ||
|
|
3bdb68020d | ||
|
b0a58e2ca4 | ||
|
|
b063be76ae |
@@ -22,7 +22,6 @@
|
||||
|
||||
"globals": {
|
||||
"document": false,
|
||||
"BigInt": false,
|
||||
"navigator": false,
|
||||
"window": false,
|
||||
"crypto": false,
|
||||
|
||||
23
event.ts
23
event.ts
@@ -1,5 +1,6 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {schnorr} from '@noble/curves/secp256k1'
|
||||
import {sha256} from '@noble/hashes/sha256'
|
||||
import {bytesToHex} from '@noble/hashes/utils'
|
||||
|
||||
import {utf8Encoder} from './utils'
|
||||
import {getPublicKey} from './keys'
|
||||
@@ -13,7 +14,7 @@ export enum Kind {
|
||||
EncryptedDirectMessage = 4,
|
||||
EventDeletion = 5,
|
||||
Reaction = 7,
|
||||
StatelessRevocation = 13,
|
||||
BadgeAward = 8,
|
||||
ChannelCreation = 40,
|
||||
ChannelMetadata = 41,
|
||||
ChannelMessage = 42,
|
||||
@@ -24,6 +25,8 @@ export enum Kind {
|
||||
Zap = 9735,
|
||||
RelayList = 10002,
|
||||
ClientAuth = 22242,
|
||||
BadgeDefinition = 30008,
|
||||
ProfileBadge = 30009,
|
||||
Article = 30023
|
||||
}
|
||||
|
||||
@@ -76,11 +79,13 @@ export function serializeEvent(evt: UnsignedEvent): string {
|
||||
|
||||
export function getEventHash(event: UnsignedEvent): string {
|
||||
let eventHash = sha256(utf8Encoder.encode(serializeEvent(event)))
|
||||
return secp256k1.utils.bytesToHex(eventHash)
|
||||
return bytesToHex(eventHash)
|
||||
}
|
||||
|
||||
export function validateEvent(event: UnsignedEvent): boolean {
|
||||
if (typeof event !== 'object') return false
|
||||
const isRecord = (obj: unknown): obj is Record<string, unknown> => obj instanceof Object
|
||||
|
||||
export function validateEvent<T>(event: T): event is T & UnsignedEvent {
|
||||
if (!isRecord(event)) return false
|
||||
if (typeof event.kind !== 'number') return false
|
||||
if (typeof event.content !== 'string') return false
|
||||
if (typeof event.created_at !== 'number') return false
|
||||
@@ -99,8 +104,8 @@ export function validateEvent(event: UnsignedEvent): boolean {
|
||||
return true
|
||||
}
|
||||
|
||||
export function verifySignature(event: Event & {sig: string}): boolean {
|
||||
return secp256k1.schnorr.verifySync(
|
||||
export function verifySignature(event: Event): boolean {
|
||||
return schnorr.verify(
|
||||
event.sig,
|
||||
getEventHash(event),
|
||||
event.pubkey
|
||||
@@ -108,7 +113,7 @@ export function verifySignature(event: Event & {sig: string}): boolean {
|
||||
}
|
||||
|
||||
export function signEvent(event: UnsignedEvent, key: string): string {
|
||||
return secp256k1.utils.bytesToHex(
|
||||
secp256k1.schnorr.signSync(getEventHash(event), key)
|
||||
return bytesToHex(
|
||||
schnorr.sign(getEventHash(event), key)
|
||||
)
|
||||
}
|
||||
|
||||
@@ -37,6 +37,16 @@ describe('Filter', () => {
|
||||
expect(result).toEqual(false)
|
||||
})
|
||||
|
||||
it('should return true when the event id starts with a prefix', () => {
|
||||
const filter = {ids: ['22', '00']}
|
||||
|
||||
const event = {id: '001'}
|
||||
|
||||
const result = matchFilter(filter, event)
|
||||
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return false when the event kind is not in the filter', () => {
|
||||
const filter = {kinds: [1, 2, 3]}
|
||||
|
||||
@@ -132,6 +142,20 @@ describe('Filter', () => {
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return true when at least one prefix matches the event', () => {
|
||||
const filters = [
|
||||
{ids: ['1'], kinds: [1], authors: ['a']},
|
||||
{ids: ['4'], kinds: [2], authors: ['d']},
|
||||
{ids: ['9'], kinds: [3], authors: ['g']}
|
||||
]
|
||||
|
||||
const event = {id: '987', kind: 3, pubkey: 'ghi'}
|
||||
|
||||
const result = matchFilters(filters, event)
|
||||
|
||||
expect(result).toEqual(true)
|
||||
})
|
||||
|
||||
it('should return true when event matches one or more filters and some have limit set', () => {
|
||||
const filters = [
|
||||
{ids: ['123'], limit: 1},
|
||||
|
||||
17
filter.ts
17
filter.ts
@@ -13,12 +13,19 @@ export type Filter = {
|
||||
|
||||
export function matchFilter(
|
||||
filter: Filter,
|
||||
event: Event & {id: string}
|
||||
event: Event
|
||||
): boolean {
|
||||
if (filter.ids && filter.ids.indexOf(event.id) === -1) return false
|
||||
if (filter.ids && filter.ids.indexOf(event.id) === -1) {
|
||||
if (!filter.ids.some(prefix => event.id.startsWith(prefix))) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) return false
|
||||
if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
|
||||
return false
|
||||
if (filter.authors && filter.authors.indexOf(event.pubkey) === -1) {
|
||||
if (!filter.authors.some(prefix => event.pubkey.startsWith(prefix))) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
for (let f in filter) {
|
||||
if (f[0] === '#') {
|
||||
@@ -42,7 +49,7 @@ export function matchFilter(
|
||||
|
||||
export function matchFilters(
|
||||
filters: Filter[],
|
||||
event: Event & {id: string}
|
||||
event: Event
|
||||
): boolean {
|
||||
for (let i = 0; i < filters.length; i++) {
|
||||
if (matchFilter(filters[i], event)) return true
|
||||
|
||||
11
index.ts
11
index.ts
@@ -9,20 +9,11 @@ export * as nip04 from './nip04'
|
||||
export * as nip05 from './nip05'
|
||||
export * as nip06 from './nip06'
|
||||
export * as nip10 from './nip10'
|
||||
export * as nip13 from './nip13'
|
||||
export * as nip19 from './nip19'
|
||||
export * as nip26 from './nip26'
|
||||
export * as nip39 from './nip39'
|
||||
export * as nip41 from './nip41'
|
||||
export * as nip57 from './nip57'
|
||||
|
||||
export * as fj from './fakejson'
|
||||
export * as utils from './utils'
|
||||
|
||||
// monkey patch secp256k1
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {hmac} from '@noble/hashes/hmac'
|
||||
import {sha256} from '@noble/hashes/sha256'
|
||||
secp256k1.utils.hmacSha256Sync = (key, ...msgs) =>
|
||||
hmac(sha256, key, secp256k1.utils.concatBytes(...msgs))
|
||||
secp256k1.utils.sha256Sync = (...msgs) =>
|
||||
sha256(secp256k1.utils.concatBytes(...msgs))
|
||||
|
||||
7
keys.ts
7
keys.ts
@@ -1,9 +1,10 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {schnorr} from '@noble/curves/secp256k1'
|
||||
import {bytesToHex} from '@noble/hashes/utils'
|
||||
|
||||
export function generatePrivateKey(): string {
|
||||
return secp256k1.utils.bytesToHex(secp256k1.utils.randomPrivateKey())
|
||||
return bytesToHex(schnorr.utils.randomPrivateKey())
|
||||
}
|
||||
|
||||
export function getPublicKey(privateKey: string): string {
|
||||
return secp256k1.utils.bytesToHex(secp256k1.schnorr.getPublicKey(privateKey))
|
||||
return bytesToHex(schnorr.getPublicKey(privateKey))
|
||||
}
|
||||
|
||||
2
nip04.ts
2
nip04.ts
@@ -1,5 +1,5 @@
|
||||
import {randomBytes} from '@noble/hashes/utils'
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {secp256k1} from '@noble/curves/secp256k1'
|
||||
import {base64} from '@scure/base'
|
||||
|
||||
import {utf8Decoder, utf8Encoder} from './utils'
|
||||
|
||||
@@ -17,4 +17,9 @@ test('fetch nip05 profiles', async () => {
|
||||
'32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245'
|
||||
)
|
||||
expect(p2.relays).toEqual(['wss://relay.damus.io'])
|
||||
|
||||
let p3 = await nip05.queryProfile('channel.ninja@channel.ninja')
|
||||
expect(p3.pubkey).toEqual(
|
||||
'36e65b503eba8a6b698e724a59137603101166a1cddb45ddc704247fc8aa0fce'
|
||||
)
|
||||
})
|
||||
|
||||
2
nip05.ts
2
nip05.ts
@@ -36,7 +36,7 @@ export async function queryProfile(
|
||||
name = '_'
|
||||
}
|
||||
|
||||
if (!name.match(/^[A-Za-z0-9-_]+$/)) return null
|
||||
if (!name.match(/^[A-Za-z0-9-_.]+$/)) return null
|
||||
if (!domain.includes('.')) return null
|
||||
|
||||
let res
|
||||
|
||||
4
nip06.ts
4
nip06.ts
@@ -1,4 +1,4 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {bytesToHex} from '@noble/hashes/utils'
|
||||
import {wordlist} from '@scure/bip39/wordlists/english.js'
|
||||
import {
|
||||
generateMnemonic,
|
||||
@@ -14,7 +14,7 @@ export function privateKeyFromSeedWords(
|
||||
let root = HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic, passphrase))
|
||||
let privateKey = root.derive(`m/44'/1237'/0'/0/0`).privateKey
|
||||
if (!privateKey) throw new Error('could not derive private key')
|
||||
return secp256k1.utils.bytesToHex(privateKey)
|
||||
return bytesToHex(privateKey)
|
||||
}
|
||||
|
||||
export function generateSeedWords(): string {
|
||||
|
||||
8
nip13.test.js
Normal file
8
nip13.test.js
Normal file
@@ -0,0 +1,8 @@
|
||||
/* eslint-env jest */
|
||||
const {nip13} = require('./lib/nostr.cjs')
|
||||
|
||||
test('identifies proof-of-work difficulty', async () => {
|
||||
const id = '000006d8c378af1779d2feebc7603a125d99eca0ccf1085959b307f64e5dd358'
|
||||
const difficulty = nip13.getPow(id)
|
||||
expect(difficulty).toEqual(21)
|
||||
})
|
||||
42
nip13.ts
Normal file
42
nip13.ts
Normal file
@@ -0,0 +1,42 @@
|
||||
import {hexToBytes} from '@noble/hashes/utils'
|
||||
|
||||
/** Get POW difficulty from a Nostr hex ID. */
|
||||
export function getPow(id: string): number {
|
||||
return getLeadingZeroBits(hexToBytes(id))
|
||||
}
|
||||
|
||||
/**
|
||||
* Get number of leading 0 bits. Adapted from nostream.
|
||||
* https://github.com/Cameri/nostream/blob/fb6948fd83ca87ce552f39f9b5eb780ea07e272e/src/utils/proof-of-work.ts
|
||||
*/
|
||||
function getLeadingZeroBits(hash: Uint8Array): number {
|
||||
let total: number, i: number, bits: number
|
||||
|
||||
for (i = 0, total = 0; i < hash.length; i++) {
|
||||
bits = msb(hash[i])
|
||||
total += bits
|
||||
if (bits !== 8) {
|
||||
break
|
||||
}
|
||||
}
|
||||
return total
|
||||
}
|
||||
|
||||
/**
|
||||
* Adapted from nostream.
|
||||
* https://github.com/Cameri/nostream/blob/fb6948fd83ca87ce552f39f9b5eb780ea07e272e/src/utils/proof-of-work.ts
|
||||
*/
|
||||
function msb(b: number) {
|
||||
let n = 0
|
||||
|
||||
if (b === 0) {
|
||||
return 8
|
||||
}
|
||||
|
||||
// eslint-disable-next-line no-cond-assign
|
||||
while (b >>= 1) {
|
||||
n++
|
||||
}
|
||||
|
||||
return 7 - n
|
||||
}
|
||||
@@ -100,3 +100,12 @@ test('decode naddr from go-nostr with different TLV ordering', () => {
|
||||
expect(data.kind).toEqual(30023)
|
||||
expect(data.identifier).toEqual('banana')
|
||||
})
|
||||
|
||||
test('encode and decode nrelay', () => {
|
||||
let url = "wss://relay.nostr.example"
|
||||
let nrelay = nip19.nrelayEncode(url)
|
||||
expect(nrelay).toMatch(/nrelay1\w+/)
|
||||
let {type, data} = nip19.decode(nrelay)
|
||||
expect(type).toEqual('nrelay')
|
||||
expect(data).toEqual(url)
|
||||
})
|
||||
|
||||
44
nip19.ts
44
nip19.ts
@@ -1,4 +1,4 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {bytesToHex, concatBytes, hexToBytes} from '@noble/hashes/utils'
|
||||
import {bech32} from '@scure/base'
|
||||
|
||||
import {utf8Decoder, utf8Encoder} from './utils'
|
||||
@@ -39,7 +39,7 @@ export function decode(nip19: string): {
|
||||
return {
|
||||
type: 'nprofile',
|
||||
data: {
|
||||
pubkey: secp256k1.utils.bytesToHex(tlv[0][0]),
|
||||
pubkey: bytesToHex(tlv[0][0]),
|
||||
relays: tlv[1] ? tlv[1].map(d => utf8Decoder.decode(d)) : []
|
||||
}
|
||||
}
|
||||
@@ -54,10 +54,10 @@ export function decode(nip19: string): {
|
||||
return {
|
||||
type: 'nevent',
|
||||
data: {
|
||||
id: secp256k1.utils.bytesToHex(tlv[0][0]),
|
||||
id: bytesToHex(tlv[0][0]),
|
||||
relays: tlv[1] ? tlv[1].map(d => utf8Decoder.decode(d)) : [],
|
||||
author: tlv[2]?.[0]
|
||||
? secp256k1.utils.bytesToHex(tlv[2][0])
|
||||
? bytesToHex(tlv[2][0])
|
||||
: undefined
|
||||
}
|
||||
}
|
||||
@@ -75,17 +75,27 @@ export function decode(nip19: string): {
|
||||
type: 'naddr',
|
||||
data: {
|
||||
identifier: utf8Decoder.decode(tlv[0][0]),
|
||||
pubkey: secp256k1.utils.bytesToHex(tlv[2][0]),
|
||||
kind: parseInt(secp256k1.utils.bytesToHex(tlv[3][0]), 16),
|
||||
pubkey: bytesToHex(tlv[2][0]),
|
||||
kind: parseInt(bytesToHex(tlv[3][0]), 16),
|
||||
relays: tlv[1] ? tlv[1].map(d => utf8Decoder.decode(d)) : []
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
case 'nrelay': {
|
||||
let tlv = parseTLV(data)
|
||||
if (!tlv[0]?.[0]) throw new Error('missing TLV 0 for nrelay')
|
||||
|
||||
return {
|
||||
type: 'nrelay',
|
||||
data: utf8Decoder.decode(tlv[0][0])
|
||||
}
|
||||
}
|
||||
|
||||
case 'nsec':
|
||||
case 'npub':
|
||||
case 'note':
|
||||
return {type: prefix, data: secp256k1.utils.bytesToHex(data)}
|
||||
return {type: prefix, data: bytesToHex(data)}
|
||||
|
||||
default:
|
||||
throw new Error(`unknown prefix ${prefix}`)
|
||||
@@ -122,14 +132,14 @@ export function noteEncode(hex: string): string {
|
||||
}
|
||||
|
||||
function encodeBytes(prefix: string, hex: string): string {
|
||||
let data = secp256k1.utils.hexToBytes(hex)
|
||||
let data = hexToBytes(hex)
|
||||
let words = bech32.toWords(data)
|
||||
return bech32.encode(prefix, words, Bech32MaxSize)
|
||||
}
|
||||
|
||||
export function nprofileEncode(profile: ProfilePointer): string {
|
||||
let data = encodeTLV({
|
||||
0: [secp256k1.utils.hexToBytes(profile.pubkey)],
|
||||
0: [hexToBytes(profile.pubkey)],
|
||||
1: (profile.relays || []).map(url => utf8Encoder.encode(url))
|
||||
})
|
||||
let words = bech32.toWords(data)
|
||||
@@ -138,9 +148,9 @@ export function nprofileEncode(profile: ProfilePointer): string {
|
||||
|
||||
export function neventEncode(event: EventPointer): string {
|
||||
let data = encodeTLV({
|
||||
0: [secp256k1.utils.hexToBytes(event.id)],
|
||||
0: [hexToBytes(event.id)],
|
||||
1: (event.relays || []).map(url => utf8Encoder.encode(url)),
|
||||
2: event.author ? [secp256k1.utils.hexToBytes(event.author)] : []
|
||||
2: event.author ? [hexToBytes(event.author)] : []
|
||||
})
|
||||
let words = bech32.toWords(data)
|
||||
return bech32.encode('nevent', words, Bech32MaxSize)
|
||||
@@ -153,13 +163,21 @@ export function naddrEncode(addr: AddressPointer): string {
|
||||
let data = encodeTLV({
|
||||
0: [utf8Encoder.encode(addr.identifier)],
|
||||
1: (addr.relays || []).map(url => utf8Encoder.encode(url)),
|
||||
2: [secp256k1.utils.hexToBytes(addr.pubkey)],
|
||||
2: [hexToBytes(addr.pubkey)],
|
||||
3: [new Uint8Array(kind)]
|
||||
})
|
||||
let words = bech32.toWords(data)
|
||||
return bech32.encode('naddr', words, Bech32MaxSize)
|
||||
}
|
||||
|
||||
export function nrelayEncode(url: string): string {
|
||||
let data = encodeTLV({
|
||||
0: [utf8Encoder.encode(url)]
|
||||
})
|
||||
let words = bech32.toWords(data)
|
||||
return bech32.encode('nrelay', words, Bech32MaxSize)
|
||||
}
|
||||
|
||||
function encodeTLV(tlv: TLV): Uint8Array {
|
||||
let entries: Uint8Array[] = []
|
||||
|
||||
@@ -173,5 +191,5 @@ function encodeTLV(tlv: TLV): Uint8Array {
|
||||
})
|
||||
})
|
||||
|
||||
return secp256k1.utils.concatBytes(...entries)
|
||||
return concatBytes(...entries)
|
||||
}
|
||||
|
||||
9
nip26.ts
9
nip26.ts
@@ -1,4 +1,5 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {schnorr} from '@noble/curves/secp256k1'
|
||||
import {bytesToHex} from '@noble/hashes/utils'
|
||||
import {sha256} from '@noble/hashes/sha256'
|
||||
|
||||
import {Event} from './event'
|
||||
@@ -36,8 +37,8 @@ export function createDelegation(
|
||||
utf8Encoder.encode(`nostr:delegation:${parameters.pubkey}:${cond}`)
|
||||
)
|
||||
|
||||
let sig = secp256k1.utils.bytesToHex(
|
||||
secp256k1.schnorr.signSync(sighash, privateKey)
|
||||
let sig = bytesToHex(
|
||||
schnorr.sign(sighash, privateKey)
|
||||
)
|
||||
|
||||
return {
|
||||
@@ -84,7 +85,7 @@ export function getDelegator(event: Event): string | null {
|
||||
let sighash = sha256(
|
||||
utf8Encoder.encode(`nostr:delegation:${event.pubkey}:${cond}`)
|
||||
)
|
||||
if (!secp256k1.schnorr.verifySync(sig, sighash, pubkey)) return null
|
||||
if (!schnorr.verify(sig, sighash, pubkey)) return null
|
||||
|
||||
return pubkey
|
||||
}
|
||||
|
||||
154
nip41.test.js
154
nip41.test.js
@@ -1,154 +0,0 @@
|
||||
/* eslint-env jest */
|
||||
|
||||
const secp256k1 = require('@noble/secp256k1')
|
||||
const {
|
||||
getPublicKey,
|
||||
validateEvent,
|
||||
verifySignature,
|
||||
generatePrivateKey,
|
||||
nip41
|
||||
} = require('./lib/nostr.cjs')
|
||||
|
||||
test('sanity', () => {
|
||||
let sk = generatePrivateKey()
|
||||
|
||||
expect(getPublicKey(sk)).toEqual(secp256k1.Point.fromPrivateKey(sk).toHexX())
|
||||
})
|
||||
|
||||
test('key arithmetics', () => {
|
||||
expect(
|
||||
secp256k1.utils.mod(secp256k1.CURVE.n + 1n, secp256k1.CURVE.n)
|
||||
).toEqual(1n)
|
||||
|
||||
let veryHighPoint = secp256k1.Point.fromPrivateKey(
|
||||
(secp256k1.CURVE.n - 1n).toString(16).padStart(64, '0')
|
||||
)
|
||||
let pointAt2 = secp256k1.Point.fromPrivateKey(
|
||||
2n.toString(16).padStart(64, '0')
|
||||
)
|
||||
let pointAt1 = secp256k1.Point.fromPrivateKey(
|
||||
1n.toString(16).padStart(64, '0')
|
||||
)
|
||||
expect(veryHighPoint.add(pointAt2)).toEqual(pointAt1)
|
||||
|
||||
expect(
|
||||
secp256k1.getPublicKey(1n.toString(16).padStart(64, '0'), true)
|
||||
).toEqual(pointAt1.toRawBytes(true))
|
||||
})
|
||||
|
||||
test('testing getting child keys compatibility', () => {
|
||||
let sk = '2222222222222222222222222222222222222222222222222222222222222222'
|
||||
let pk = secp256k1.getPublicKey(sk, true)
|
||||
let hsk = '3333333333333333333333333333333333333333333333333333333333333333'
|
||||
let hpk = secp256k1.getPublicKey(hsk, true)
|
||||
|
||||
expect(secp256k1.utils.bytesToHex(nip41.getChildPublicKey(pk, hpk))).toEqual(
|
||||
secp256k1.utils.bytesToHex(
|
||||
secp256k1.getPublicKey(nip41.getChildPrivateKey(sk, hsk), true)
|
||||
)
|
||||
)
|
||||
})
|
||||
|
||||
test('more testing child key derivation', () => {
|
||||
;[
|
||||
{
|
||||
sk: '448aedc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '00ee15a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '02e3990b0eb40452a8ffbd9fe99037deb7beeb6ab26020e8c0e8284f3009a56d0c',
|
||||
hpk: '029e9cb07f3a3b8abcad629920d4a5460aefb6b7c08704b7f1ced8648b007ef65f'
|
||||
},
|
||||
{
|
||||
sk: '778aedc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '99ee15a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '020d09894e321f53a7ac8bc003cb1563a4857d57ea69c39ab7189e2cccedc17d1b',
|
||||
hpk: '0358fe19e14c78c4a8c0037a2b9d3e3a714717f2a2d8dd54a5e88d283440dcb28a'
|
||||
},
|
||||
{
|
||||
sk: '2eb5edc74f93b71af69ed7c6860d95f148d796355517779c7631fdb64a085b26',
|
||||
hsk: '65d515a0a117e818073b92d7f3360029f6e091035534348f713a23d440bd8f58',
|
||||
pk: '03dd651a07dc6c9a54b596f6492c9623a595cb48e31af04f8c322d4ce81accb2b0',
|
||||
hpk: '03b8c98d920141a1e168d21e9315cf933a601872ebf57751b30797fb98526c2f4f'
|
||||
}
|
||||
].forEach(({pk, hpk, sk, hsk}) => {
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(secp256k1.getPublicKey(sk, true))
|
||||
).toEqual(pk)
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(secp256k1.getPublicKey(hsk, true))
|
||||
).toEqual(hpk)
|
||||
|
||||
expect(
|
||||
secp256k1.utils.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes(pk),
|
||||
secp256k1.utils.hexToBytes(hpk)
|
||||
)
|
||||
)
|
||||
).toEqual(
|
||||
secp256k1.utils.bytesToHex(
|
||||
secp256k1.getPublicKey(nip41.getChildPrivateKey(sk, hsk), true)
|
||||
)
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
test('generating a revocation event and validating it', () => {
|
||||
const mnemonic =
|
||||
'air property excess weird rare rival fade intact brave office mirror wait'
|
||||
|
||||
const firstKey = nip41.getPrivateKeyAtIndex(mnemonic, 9)
|
||||
// expect(firstKey).toEqual(
|
||||
// '8495ba55f56485d378aa275604a45e76abbcae177e374fa06af5770c3b8e24af'
|
||||
// )
|
||||
const firstPubkey = getPublicKey(firstKey)
|
||||
// expect(firstPubkey).toEqual(
|
||||
// '35246813a0dd45e74ce22ecdf052cca8ed47759c8f8d412c281dc2755110956f'
|
||||
// )
|
||||
|
||||
// first key is compromised, revoke it
|
||||
let {parentPrivateKey, event} = nip41.buildRevocationEvent(
|
||||
mnemonic,
|
||||
firstPubkey
|
||||
)
|
||||
|
||||
const secondKey = nip41.getPrivateKeyAtIndex(mnemonic, 8)
|
||||
expect(parentPrivateKey).toEqual(secondKey)
|
||||
expect(secondKey).toEqual(
|
||||
'1b311655ef73bed3bbebc83d0cb3eef42c6aff45f944e3a0c263eb6fdf98c617'
|
||||
)
|
||||
|
||||
expect(event).toHaveProperty('kind', 13)
|
||||
expect(event.tags).toHaveLength(2)
|
||||
expect(event.tags[0]).toHaveLength(2)
|
||||
expect(event.tags[1]).toHaveLength(2)
|
||||
expect(event.tags[0][0]).toEqual('p')
|
||||
expect(event.tags[1][0]).toEqual('hidden-key')
|
||||
|
||||
let hiddenKey = secp256k1.utils.hexToBytes(event.tags[1][1])
|
||||
|
||||
let pubkeyAlt1 = secp256k1.utils
|
||||
.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes('02' + event.pubkey),
|
||||
hiddenKey
|
||||
)
|
||||
)
|
||||
.slice(2)
|
||||
let pubkeyAlt2 = secp256k1.utils
|
||||
.bytesToHex(
|
||||
nip41.getChildPublicKey(
|
||||
secp256k1.utils.hexToBytes('03' + event.pubkey),
|
||||
hiddenKey
|
||||
)
|
||||
)
|
||||
.slice(2)
|
||||
|
||||
expect([pubkeyAlt1, pubkeyAlt2]).toContain(event.tags[0][1])
|
||||
|
||||
// receiver of revocation event can validate it
|
||||
let secondPubkey = getPublicKey(secondKey)
|
||||
expect(event.pubkey).toEqual(secondPubkey)
|
||||
expect(validateEvent(event)).toBeTruthy()
|
||||
expect(verifySignature(event)).toBeTruthy()
|
||||
expect(nip41.validateRevocation(event)).toBeTruthy()
|
||||
})
|
||||
160
nip41.ts
160
nip41.ts
@@ -1,160 +0,0 @@
|
||||
import * as secp256k1 from '@noble/secp256k1'
|
||||
import {sha256} from '@noble/hashes/sha256'
|
||||
import {mnemonicToSeedSync} from '@scure/bip39'
|
||||
import {HARDENED_OFFSET, HDKey} from '@scure/bip32'
|
||||
|
||||
import {getPublicKey} from './keys'
|
||||
import {Event, getEventHash, Kind, signEvent, verifySignature} from './event'
|
||||
|
||||
const MaxKeys = 256
|
||||
|
||||
function getRootFromMnemonic(mnemonic: string): HDKey {
|
||||
return HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic)).derive(
|
||||
`m/44'/1237'/41'`
|
||||
)
|
||||
}
|
||||
|
||||
export function getPrivateKeyAtIndex(
|
||||
mnemonic: string,
|
||||
targetIdx: number
|
||||
): string {
|
||||
let root = getRootFromMnemonic(mnemonic)
|
||||
let rootPrivateKey = secp256k1.utils.bytesToHex(root.privateKey as Uint8Array)
|
||||
let currentPrivateKey = rootPrivateKey
|
||||
|
||||
for (let idx = 1; idx <= targetIdx; idx++) {
|
||||
let hiddenPrivateKey = secp256k1.utils.bytesToHex(
|
||||
root.deriveChild(idx + HARDENED_OFFSET).privateKey as Uint8Array
|
||||
)
|
||||
currentPrivateKey = getChildPrivateKey(currentPrivateKey, hiddenPrivateKey)
|
||||
}
|
||||
|
||||
return currentPrivateKey
|
||||
}
|
||||
|
||||
export function getPublicKeyAtIndex(
|
||||
root: HDKey,
|
||||
targetIdx: number
|
||||
): Uint8Array {
|
||||
let rootPublicKey = root.publicKey as Uint8Array
|
||||
|
||||
let currentPublicKey = rootPublicKey
|
||||
for (let idx = 1; idx <= targetIdx; idx++) {
|
||||
let hiddenPublicKey = root.deriveChild(idx + HARDENED_OFFSET)
|
||||
.publicKey as Uint8Array
|
||||
currentPublicKey = getChildPublicKey(currentPublicKey, hiddenPublicKey)
|
||||
}
|
||||
|
||||
return currentPublicKey
|
||||
}
|
||||
|
||||
function getIndexOfPublicKey(root: HDKey, publicKey: string): number {
|
||||
let rootPublicKey = root.publicKey as Uint8Array
|
||||
if (secp256k1.utils.bytesToHex(rootPublicKey).slice(2) === publicKey) return 0
|
||||
|
||||
let currentPublicKey = rootPublicKey
|
||||
for (let idx = 1; idx <= MaxKeys; idx++) {
|
||||
let hiddenPublicKey = root.deriveChild(idx + HARDENED_OFFSET)
|
||||
.publicKey as Uint8Array
|
||||
let pubkeyAtIndex = getChildPublicKey(currentPublicKey, hiddenPublicKey)
|
||||
if (secp256k1.utils.bytesToHex(pubkeyAtIndex).slice(2) === publicKey)
|
||||
return idx
|
||||
|
||||
currentPublicKey = pubkeyAtIndex
|
||||
}
|
||||
|
||||
throw new Error(
|
||||
`public key ${publicKey} not in the set of the first ${MaxKeys} public keys`
|
||||
)
|
||||
}
|
||||
|
||||
export function getChildPublicKey(
|
||||
parentPublicKey: Uint8Array,
|
||||
hiddenPublicKey: Uint8Array
|
||||
): Uint8Array {
|
||||
if (parentPublicKey.length !== 33 || hiddenPublicKey.length !== 33)
|
||||
throw new Error(
|
||||
'getChildPublicKey() requires public keys with the leading differentiator byte.'
|
||||
)
|
||||
|
||||
let hash = sha256(
|
||||
secp256k1.utils.concatBytes(hiddenPublicKey, parentPublicKey)
|
||||
)
|
||||
let hashPoint = secp256k1.Point.fromPrivateKey(hash)
|
||||
let point = secp256k1.Point.fromHex(hiddenPublicKey).add(hashPoint)
|
||||
return point.toRawBytes(true)
|
||||
}
|
||||
|
||||
export function getChildPrivateKey(
|
||||
parentPrivateKey: string,
|
||||
hiddenPrivateKey: string
|
||||
): string {
|
||||
let parentPublicKey = secp256k1.getPublicKey(parentPrivateKey, true)
|
||||
let hiddenPublicKey = secp256k1.getPublicKey(hiddenPrivateKey, true)
|
||||
let hash = sha256(
|
||||
secp256k1.utils.concatBytes(hiddenPublicKey, parentPublicKey)
|
||||
)
|
||||
let hashScalar = BigInt(`0x${secp256k1.utils.bytesToHex(hash)}`)
|
||||
let hiddenPrivateKeyScalar = BigInt(`0x${hiddenPrivateKey}`)
|
||||
let sumScalar = hiddenPrivateKeyScalar + hashScalar
|
||||
let modulo = secp256k1.utils.mod(sumScalar, secp256k1.CURVE.n)
|
||||
return modulo.toString(16).padStart(64, '0')
|
||||
}
|
||||
|
||||
export function buildRevocationEvent(
|
||||
mnemonic: string,
|
||||
compromisedKey: string,
|
||||
content = ''
|
||||
): {
|
||||
parentPrivateKey: string
|
||||
event: Event
|
||||
} {
|
||||
let root = getRootFromMnemonic(mnemonic)
|
||||
let idx = getIndexOfPublicKey(root, compromisedKey)
|
||||
let hiddenKey = secp256k1.utils.bytesToHex(
|
||||
root.deriveChild(idx + HARDENED_OFFSET).publicKey as Uint8Array
|
||||
)
|
||||
let parentPrivateKey = getPrivateKeyAtIndex(mnemonic, idx - 1)
|
||||
let parentPublicKey = getPublicKey(parentPrivateKey)
|
||||
|
||||
let event: Event = {
|
||||
kind: 13,
|
||||
tags: [
|
||||
['p', compromisedKey],
|
||||
['hidden-key', hiddenKey]
|
||||
],
|
||||
created_at: Math.round(Date.now() / 1000),
|
||||
content,
|
||||
pubkey: parentPublicKey
|
||||
}
|
||||
|
||||
event.sig = signEvent(event, parentPrivateKey)
|
||||
event.id = getEventHash(event)
|
||||
|
||||
return {parentPrivateKey, event}
|
||||
}
|
||||
|
||||
export function validateRevocation(event: Event): boolean {
|
||||
if (event.kind !== Kind.StatelessRevocation) return false
|
||||
if (!verifySignature(event)) return false
|
||||
|
||||
let invalidKeyTag = event.tags.find(([t, v]) => t === 'p' && v)
|
||||
if (!invalidKeyTag) return false
|
||||
let invalidKey = invalidKeyTag[1]
|
||||
|
||||
let hiddenKeyTag = event.tags.find(([t, v]) => t === 'hidden-key' && v)
|
||||
if (!hiddenKeyTag) return false
|
||||
let hiddenKey = secp256k1.utils.hexToBytes(hiddenKeyTag[1])
|
||||
if (hiddenKey.length !== 33) return false
|
||||
|
||||
let currentKeyAlt1 = secp256k1.utils.hexToBytes('02' + event.pubkey)
|
||||
let currentKeyAlt2 = secp256k1.utils.hexToBytes('03' + event.pubkey)
|
||||
let childKeyAlt1 = secp256k1.utils
|
||||
.bytesToHex(getChildPublicKey(currentKeyAlt1, hiddenKey))
|
||||
.slice(2)
|
||||
let childKeyAlt2 = secp256k1.utils
|
||||
.bytesToHex(getChildPublicKey(currentKeyAlt2, hiddenKey))
|
||||
.slice(2)
|
||||
|
||||
return childKeyAlt1 === invalidKey || childKeyAlt2 === invalidKey
|
||||
}
|
||||
19
package.json
19
package.json
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "nostr-tools",
|
||||
"version": "1.8.2",
|
||||
"version": "1.9.0",
|
||||
"description": "Tools for making a Nostr client.",
|
||||
"repository": {
|
||||
"type": "git",
|
||||
@@ -18,12 +18,11 @@
|
||||
},
|
||||
"license": "Public domain",
|
||||
"dependencies": {
|
||||
"@noble/hashes": "1.0.0",
|
||||
"@noble/secp256k1": "^1.7.1",
|
||||
"@scure/base": "^1.1.1",
|
||||
"@scure/bip32": "^1.1.5",
|
||||
"@scure/bip39": "^1.1.1",
|
||||
"prettier": "^2.8.4"
|
||||
"@noble/curves": "1.0.0",
|
||||
"@noble/hashes": "1.3.0",
|
||||
"@scure/base": "1.1.1",
|
||||
"@scure/bip32": "1.3.0",
|
||||
"@scure/bip39": "1.2.0"
|
||||
},
|
||||
"keywords": [
|
||||
"decentralization",
|
||||
@@ -32,6 +31,11 @@
|
||||
"client",
|
||||
"nostr"
|
||||
],
|
||||
"scripts": {
|
||||
"build": "node build",
|
||||
"format": "prettier --plugin-search-dir . --write .",
|
||||
"test": "node build && jest"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/node": "^18.13.0",
|
||||
"@typescript-eslint/eslint-plugin": "^5.51.0",
|
||||
@@ -44,6 +48,7 @@
|
||||
"events": "^3.3.0",
|
||||
"jest": "^29.4.2",
|
||||
"node-fetch": "^2.6.9",
|
||||
"prettier": "^2.8.4",
|
||||
"ts-jest": "^29.0.5",
|
||||
"tsd": "^0.22.0",
|
||||
"typescript": "^4.9.5",
|
||||
|
||||
@@ -81,7 +81,7 @@ export function parseReferences(evt: Event): Reference[] {
|
||||
}
|
||||
case 'a': {
|
||||
try {
|
||||
let [kind, pubkey, identifier] = ref[1].split(':')
|
||||
let [kind, pubkey, identifier] = tag[1].split(':')
|
||||
references.push({
|
||||
text: ref[0],
|
||||
address: {
|
||||
|
||||
Reference in New Issue
Block a user