build esm module that can be imported from browsers.

closes https://github.com/fiatjaf/nostr-tools/issues/14

.gitignore

@@ -2,3 +2,4 @@ node_modules
 dist
 yarn.lock
 package-lock.json
+nostr.js

README.md

@@ -15,7 +15,7 @@ pool.addRelay('ws://some.relay.com', {read: true, write: true})
 pool.addRelay('ws://other.relay.cool', {read: true, write: true})
 
 // example callback function for a subscription
-function onEvent(event, relay) => {
+function onEvent(event, relay) {
   console.log(`got an event from ${relay.url} which is already validated.`, event)
 }
 
@@ -70,3 +70,20 @@ pool.addRelay('<url>')
 All functions expect bytearrays as hex strings and output bytearrays as hex strings.
 
 For other utils please read the source (for now).
+
+### Using from the browser (if you don't want to use a bundler)
+
+You can import nostr-tools as an ES module. Just add a script tag like this:
+
+```html
+<script type="module">
+  import {generatePrivateKey} from 'https://unpkg.com/nostr-tools/nostr.js'
+  console.log(generatePrivateKey())
+</script>
+```
+
+And import whatever function you would import from `"nostr-tools"` in a bundler.
+
+## License
+
+Public domain.

build.js

@@ -0,0 +1,25 @@
+#!/usr/bin/env node
+
+const esbuild = require('esbuild')
+const alias = require('esbuild-plugin-alias')
+const nodeGlobals = require('@esbuild-plugins/node-globals-polyfill').default
+
+const buildOptions = {
+  entryPoints: ['index.js'],
+  outfile: 'nostr.js',
+  bundle: true,
+  format: 'esm',
+  plugins: [
+    alias({
+      stream: require.resolve('readable-stream')
+    }),
+    nodeGlobals({buffer: true})
+  ],
+  define: {
+    window: 'self',
+    global: 'self'
+  },
+  loader: {'.js': 'jsx'}
+}
+
+esbuild.build(buildOptions).then(() => console.log('build success.'))

event.js

@@ -1,6 +1,6 @@
 import {Buffer} from 'buffer'
 import createHash from 'create-hash'
-import {signSchnorr, verifySchnorr} from 'tiny-secp256k1'
+import * as secp256k1 from '@noble/secp256k1'
 
 export function getBlankEvent() {
   return {
@@ -18,7 +18,7 @@ export function serializeEvent(evt) {
     evt.pubkey,
     evt.created_at,
     evt.kind,
-    evt.tags || [],
+    evt.tags,
     evt.content
   ])
 }
@@ -30,17 +30,29 @@ export function getEventHash(event) {
   return Buffer.from(eventHash).toString('hex')
 }
 
-export function verifySignature(event) {
+export function validateEvent(event) {
   if (event.id !== getEventHash(event)) return false
-  return verifySchnorr(
-    Buffer.from(event.id, 'hex'),
-    Buffer.from(event.pubkey, 'hex'),
-    Buffer.from(event.sig, 'hex')
-  )
+  if (typeof event.content !== 'string') return false
+  if (typeof event.created_at !== 'number') return false
+
+  if (!Array.isArray(event.tags)) return false
+  for (let i = 0; i < event.tags.length; i++) {
+    let tag = event.tags[i]
+    if (!Array.isArray(tag)) return false
+    for (let j = 0; j < tag.length; j++) {
+      if (typeof tag[j] === 'object') return false
+    }
+  }
+
+  return true
 }
 
-export function signEvent(event, key) {
-  let eventHash = Buffer.from(getEventHash(event), 'hex')
-  let keyB = Buffer.from(key, 'hex')
-  return Buffer.from(signSchnorr(eventHash, keyB)).toString('hex')
+export function verifySignature(event) {
+  return secp256k1.schnorr.verify(event.sig, event.id, event.pubkey)
+}
+
+export async function signEvent(event, key) {
+  return Buffer.from(
+    await secp256k1.schnorr.sign(getEventHash(event), key)
+  ).toString('hex')
 }

filter.js

@@ -1,20 +1,23 @@
 export function matchFilter(filter, event) {
-  if (filter.id && event.id !== filter.id) return false
-  if (filter.kind && event.kind !== filter.kind) return false
-  if (filter.author && event.pubkey !== filter.author) return false
+  if (filter.ids && filter.ids.indexOf(event.id) === -1) return false
+  if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) return false
   if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
     return false
-  if (
-    filter['#e'] &&
-    !event.tags.find(([t, v]) => t === 'e' && v === filter['#e'])
-  )
-    return false
-  if (
-    filter['#p'] &&
-    !event.tags.find(([t, v]) => t === 'p' && v === filter['#p'])
-  )
-    return false
-  if (filter.since && event.created_at <= filter.since) return false
+
+  for (let f in filter) {
+    if (f[0] === '#') {
+      if (
+        filter[f] &&
+        !event.tags.find(
+          ([t, v]) => t === f.slice(1) && filter[f].indexOf(v) !== -1
+        )
+      )
+        return false
+    }
+  }
+
+  if (filter.since && event.created_at < filter.since) return false
+  if (filter.until && event.created_at >= filter.until) return false
 
   return true
 }

index.js

@@ -4,6 +4,7 @@ import {relayPool} from './pool'
 import {
   getBlankEvent,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash
@@ -15,6 +16,7 @@ export {
   relayConnect,
   relayPool,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash,

keys.js

@@ -1,19 +1,10 @@
-import randomBytes from 'randombytes'
-import {isPrivate, pointFromScalar} from 'tiny-secp256k1'
+import * as secp256k1 from '@noble/secp256k1'
+import {Buffer} from 'buffer'
 
 export function generatePrivateKey() {
-  let i = 8
-  while (i--) {
-    let r32 = Buffer.from(randomBytes(32))
-    if (isPrivate(r32)) return r32.toString('hex')
-  }
-  throw new Error(
-    'Valid private key was not found in 8 iterations. PRNG is broken'
-  )
+  return Buffer.from(secp256k1.utils.randomPrivateKey()).toString('hex')
 }
 
 export function getPublicKey(privateKey) {
-  return Buffer.from(pointFromScalar(Buffer.from(privateKey, 'hex'), true))
-    .toString('hex')
-    .slice(2)
+  return Buffer.from(secp256k1.schnorr.getPublicKey(privateKey)).toString('hex')
 }

nip04.js

@@ -1,11 +1,11 @@
 import aes from 'browserify-cipher'
 import {Buffer} from 'buffer'
-import randomBytes from 'randombytes'
+import {randomBytes} from '@noble/hashes/utils'
 import * as secp256k1 from '@noble/secp256k1'
 
 export function encrypt(privkey, pubkey, text) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
-  const normalizedKey = getOnlyXFromFullSharedSecret(key)
+  const normalizedKey = getNormalizedX(key)
 
   let iv = Uint8Array.from(randomBytes(16))
   var cipher = aes.createCipheriv(
@@ -16,24 +16,27 @@ export function encrypt(privkey, pubkey, text) {
   let encryptedMessage = cipher.update(text, 'utf8', 'base64')
   encryptedMessage += cipher.final('base64')
 
-  return [encryptedMessage, Buffer.from(iv.buffer).toString('base64')]
+  return `${encryptedMessage}?iv=${Buffer.from(iv.buffer).toString('base64')}`
 }
 
-export function decrypt(privkey, pubkey, ciphertext, iv) {
-  const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
-  const normalizedKey = getOnlyXFromFullSharedSecret(key)
+export function decrypt(privkey, pubkey, ciphertext) {
+  let [cip, iv] = ciphertext.split('?iv=')
+  let key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
+  let normalizedKey = getNormalizedX(key)
 
   var decipher = aes.createDecipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     Buffer.from(iv, 'base64')
   )
-  let decryptedMessage = decipher.update(ciphertext, 'base64')
+  let decryptedMessage = decipher.update(cip, 'base64')
   decryptedMessage += decipher.final('utf8')
 
   return decryptedMessage
 }
 
-function getOnlyXFromFullSharedSecret(fullSharedSecretCoordinates) {
-  return fullSharedSecretCoordinates.substr(2, 64)
+function getNormalizedX(key) {
+  return typeof key === 'string'
+    ? key.substr(2, 64)
+    : Buffer.from(key.slice(1, 33)).toString('hex')
 }

nip05.js

@@ -1,52 +1,28 @@
-import {Buffer} from 'buffer'
-import dnsPacket from 'dns-packet'
-
-const dohProviders = [
-  'cloudflare-dns.com',
-  'fi.doh.dns.snopyta.org',
-  'basic.bravedns.com',
-  'hydra.plan9-ns1.com',
-  'doh.pl.ahadns.net',
-  'dns.flatuslifir.is',
-  'doh.dns.sb',
-  'doh.li'
-]
-
-let counter = 0
-
-export async function keyFromDomain(domain) {
-  let host = dohProviders[counter % dohProviders.length]
-
-  let buf = dnsPacket.encode({
-    type: 'query',
-    id: Math.floor(Math.random() * 65534),
-    flags: dnsPacket.RECURSION_DESIRED,
-    questions: [
-      {
-        type: 'TXT',
-        name: `_nostrkey.${domain}`
-      }
-    ]
-  })
-
-  let fetching = fetch(`https://${host}/dns-query`, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/dns-message',
-      'Content-Length': Buffer.byteLength(buf)
-    },
-    body: buf
-  })
-
-  counter++
+import fetch from 'cross-fetch'
 
+export async function searchDomain(domain, query = '') {
   try {
-    let response = Buffer.from(await (await fetching).arrayBuffer())
-    let {answers} = dnsPacket.decode(response)
-    if (answers.length === 0) return null
-    return Buffer.from(answers[0].data[0]).toString()
-  } catch (err) {
-    console.log(`error querying DNS for ${domain} on ${host}`, err)
+    let res = await (
+      await fetch(`https://${domain}/.well-known/nostr.json?name=${query}`)
+    ).json()
+
+    return res.names
+  } catch (_) {
+    return []
+  }
+}
+
+export async function queryName(fullname) {
+  try {
+    let [name, domain] = fullname.split('@')
+    if (!domain) return null
+
+    let res = await (
+      await fetch(`https://${domain}/.well-known/nostr.json?name=${name}`)
+    ).json()
+
+    return res.names && res.names[name]
+  } catch (_) {
     return null
   }
 }

nip06.js

@@ -4,18 +4,17 @@ import {
   mnemonicToSeedSync,
   validateMnemonic
 } from 'micro-bip39'
-import BIP32Factory from 'bip32'
-import * as ecc from 'tiny-secp256k1'
-
-const bip32 = BIP32Factory(ecc)
+import {HDKey} from 'micro-bip32'
 
 export function privateKeyFromSeed(seed) {
-  let root = bip32.fromSeed(Buffer.from(seed, 'hex'))
-  return root.derivePath(`m/44'/1237'/0'/0'`).privateKey.toString('hex')
+  let root = HDKey.fromMasterSeed(Buffer.from(seed, 'hex'))
+  return Buffer.from(root.derive(`m/44'/1237'/0'/0/0`).privateKey).toString(
+    'hex'
+  )
 }
 
 export function seedFromWords(mnemonic) {
-  return Buffer.from(mnemonicToSeedSync(mnemonic, wordlist)).toString('hex')
+  return Buffer.from(mnemonicToSeedSync(mnemonic)).toString('hex')
 }
 
 export function generateSeedWords() {

package.json

@@ -1,21 +1,20 @@
 {
   "name": "nostr-tools",
-  "version": "0.12.3",
+  "version": "0.23.1",
   "description": "Tools for making a Nostr client.",
   "repository": {
     "type": "git",
     "url": "https://github.com/fiatjaf/nostr-tools.git"
   },
   "dependencies": {
-    "@noble/secp256k1": "^1.3.0",
-    "bip32": "^3.0.1",
+    "@noble/hashes": "^0.5.7",
+    "@noble/secp256k1": "^1.5.2",
     "browserify-cipher": ">=1",
     "buffer": ">=5",
     "create-hash": "^1.2.0",
-    "dns-packet": "^5.2.4",
+    "cross-fetch": "^3.1.4",
+    "micro-bip32": "^0.1.0",
     "micro-bip39": "^0.1.3",
-    "randombytes": ">=2",
-    "tiny-secp256k1": "^2.1.2",
     "websocket-polyfill": "^0.0.3"
   },
   "keywords": [
@@ -31,7 +30,15 @@
     "client"
   ],
   "devDependencies": {
+    "@esbuild-plugins/node-globals-polyfill": "^0.1.1",
+    "esbuild": "^0.14.38",
+    "esbuild-plugin-alias": "^0.2.1",
     "eslint": "^8.5.0",
-    "eslint-plugin-babel": "^5.3.1"
+    "eslint-plugin-babel": "^5.3.1",
+    "events": "^3.3.0",
+    "readable-stream": "^3.6.0"
+  },
+  "scripts": {
+    "prepublish": "node build.js"
   }
 }

pool.js

@@ -1,7 +1,19 @@
-import {getEventHash, signEvent} from './event'
+import {getEventHash, verifySignature, signEvent} from './event'
 import {relayConnect, normalizeRelayURL} from './relay'
 
-export function relayPool(globalPrivateKey) {
+export function relayPool() {
+  var globalPrivateKey
+  var globalSigningFunction
+
+  const poolPolicy = {
+    // setting this to a number will cause events to be published to a random
+    // set of relays only, instead of publishing to all relays all the time
+    randomChoice: null,
+
+    // setting this to true will cause .publish() calls to wait until the event has
+    // been published -- or at least attempted to be published -- to all relays
+    wait: false
+  }
   const relays = {}
   const noticeCallbacks = []
 
@@ -14,27 +26,35 @@ export function relayPool(globalPrivateKey) {
 
   const activeSubscriptions = {}
 
-  const sub = ({cb, filter}, id = Math.random().toString().slice(2)) => {
+  const sub = (
+    {cb, filter, beforeSend},
+    id = Math.random().toString().slice(2)
+  ) => {
     const subControllers = Object.fromEntries(
       Object.values(relays)
         .filter(({policy}) => policy.read)
         .map(({relay}) => [
           relay.url,
-          relay.sub({filter, cb: event => cb(event, relay.url)}, id)
+          relay.sub({filter, cb: event => cb(event, relay.url), beforeSend}, id)
         ])
     )
 
     const activeCallback = cb
     const activeFilters = filter
+    const activeBeforeSend = beforeSend
 
     const unsub = () => {
       Object.values(subControllers).forEach(sub => sub.unsub())
       delete activeSubscriptions[id]
     }
-    const sub = ({cb = activeCallback, filter = activeFilters}) => {
+    const sub = ({
+      cb = activeCallback,
+      filter = activeFilters,
+      beforeSend = activeBeforeSend
+    }) => {
       Object.entries(subControllers).map(([relayURL, sub]) => [
         relayURL,
-        sub.sub({cb, filter}, id)
+        sub.sub({cb, filter, beforeSend}, id)
       ])
       return activeSubscriptions[id]
     }
@@ -66,25 +86,35 @@ export function relayPool(globalPrivateKey) {
     setPrivateKey(privateKey) {
       globalPrivateKey = privateKey
     },
-    async addRelay(url, policy = {read: true, write: true}) {
+    registerSigningFunction(fn) {
+      globalSigningFunction = fn
+    },
+    setPolicy(key, value) {
+      poolPolicy[key] = value
+    },
+    addRelay(url, policy = {read: true, write: true}) {
       let relayURL = normalizeRelayURL(url)
       if (relayURL in relays) return
 
-      let relay = await relayConnect(url, notice => {
+      let relay = relayConnect(url, notice => {
         propagateNotice(notice, relayURL)
       })
       relays[relayURL] = {relay, policy}
 
-      Object.values(activeSubscriptions).forEach(subscription =>
-        subscription.addRelay(relay)
-      )
+      if (policy.read) {
+        Object.values(activeSubscriptions).forEach(subscription =>
+          subscription.addRelay(relay)
+        )
+      }
 
       return relay
     },
     removeRelay(url) {
       let relayURL = normalizeRelayURL(url)
-      let {relay} = relays[relayURL]
-      if (!relay) return
+      let data = relays[relayURL]
+      if (!data) return
+
+      let {relay} = data
       Object.values(activeSubscriptions).forEach(subscription =>
         subscription.removeRelay(relay)
       )
@@ -98,32 +128,75 @@ export function relayPool(globalPrivateKey) {
       let index = noticeCallbacks.indexOf(cb)
       if (index !== -1) noticeCallbacks.splice(index, 1)
     },
-    async publish(event, statusCallback = (status, relayURL) => {}) {
-      event.id = await getEventHash(event)
+    async publish(event, statusCallback) {
+      event.id = getEventHash(event)
 
       if (!event.sig) {
         event.tags = event.tags || []
 
         if (globalPrivateKey) {
           event.sig = await signEvent(event, globalPrivateKey)
+        } else if (globalSigningFunction) {
+          event.sig = await globalSigningFunction(event)
+          if (!event.sig) {
+            // abort here
+            return
+          } else {
+            // check
+            if (!(await verifySignature(event)))
+              throw new Error(
+                'signature provided by custom signing function is invalid.'
+              )
+          }
         } else {
           throw new Error(
-            "can't publish unsigned event. either sign this event beforehand or pass a private key while initializing this relay pool so it can be signed automatically."
+            "can't publish unsigned event. either sign this event beforehand, provide a signing function or pass a private key while initializing this relay pool so it can be signed automatically."
           )
         }
       }
 
-      Object.values(relays)
+      let writeable = Object.values(relays)
         .filter(({policy}) => policy.write)
-        .map(async ({relay}) => {
+        .sort(() => Math.random() - 0.5) // random
+
+      let maxTargets = poolPolicy.randomChoice
+        ? poolPolicy.randomChoice
+        : writeable.length
+
+      let successes = 0
+
+      if (poolPolicy.wait) {
+        for (let i = 0; i < writeable.length; i++) {
+          let {relay} = writeable[i]
+
           try {
-            await relay.publish(event, status =>
-              statusCallback(status, relay.url)
-            )
+            await new Promise(async (resolve, reject) => {
+              try {
+                await relay.publish(event, status => {
+                  if (statusCallback) statusCallback(status, relay.url)
+                  resolve()
+                })
+              } catch (err) {
+                if (statusCallback) statusCallback(-1, relay.url)
+              }
+            })
+
+            successes++
+            if (successes >= maxTargets) {
+              break
+            }
           } catch (err) {
-            statusCallback(-1, relay.url)
+            /***/
           }
+        }
+      } else {
+        writeable.forEach(async ({relay}) => {
+          let callback = statusCallback
+            ? status => statusCallback(status, relay.url)
+            : null
+          relay.publish(event, callback)
         })
+      }
 
       return event
     }

relay.js

@@ -2,18 +2,18 @@
 
 import 'websocket-polyfill'
 
-import {verifySignature} from './event'
+import {verifySignature, validateEvent} from './event'
 import {matchFilters} from './filter'
 
 export function normalizeRelayURL(url) {
-  let [host, ...qs] = url.split('?')
+  let [host, ...qs] = url.trim().split('?')
   if (host.slice(0, 4) === 'http') host = 'ws' + host.slice(4)
   if (host.slice(0, 2) !== 'ws') host = 'wss://' + host
   if (host.length && host[host.length - 1] === '/') host = host.slice(0, -1)
   return [host, ...qs].join('?')
 }
 
-export function relayConnect(url, onNotice) {
+export function relayConnect(url, onNotice = () => {}, onError = () => {}) {
   url = normalizeRelayURL(url)
 
   var ws, resolveOpen, untilOpen, wasClosed
@@ -46,8 +46,9 @@ export function relayConnect(url, onNotice) {
         }
       }
     }
-    ws.onerror = () => {
+    ws.onerror = err => {
       console.log('error connecting to relay', url)
+      onError(err)
     }
     ws.onclose = () => {
       resetOpenState()
@@ -92,7 +93,8 @@ export function relayConnect(url, onNotice) {
           let event = data[2]
 
           if (
-            (await verifySignature(event)) &&
+            validateEvent(event) &&
+            verifySignature(event) &&
             channels[channel] &&
             matchFilters(openSubs[channel], event)
           ) {
@@ -117,7 +119,10 @@ export function relayConnect(url, onNotice) {
     ws.send(msg)
   }
 
-  const sub = ({cb, filter}, channel = Math.random().toString().slice(2)) => {
+  const sub = (
+    {cb, filter, beforeSend},
+    channel = Math.random().toString().slice(2)
+  ) => {
     var filters = []
     if (Array.isArray(filter)) {
       filters = filter
@@ -125,16 +130,25 @@ export function relayConnect(url, onNotice) {
       filters.push(filter)
     }
 
+    if (beforeSend) {
+      const beforeSendResult = beforeSend({filter, relay: url, channel})
+      filters = beforeSendResult.filter
+    }
+
     trySend(['REQ', channel, ...filters])
     channels[channel] = cb
     openSubs[channel] = filters
 
     const activeCallback = cb
     const activeFilters = filters
+    const activeBeforeSend = beforeSend
 
     return {
-      sub: ({cb = activeCallback, filter = activeFilters}) =>
-        sub({cb, filter}, channel),
+      sub: ({
+        cb = activeCallback,
+        filter = activeFilters,
+        beforeSend = activeBeforeSend
+      }) => sub({cb, filter, beforeSend}, channel),
       unsub: () => {
         delete openSubs[channel]
         delete channels[channel]
@@ -146,22 +160,26 @@ export function relayConnect(url, onNotice) {
   return {
     url,
     sub,
-    async publish(event, statusCallback = status => {}) {
+    async publish(event, statusCallback) {
       try {
         await trySend(['EVENT', event])
-        statusCallback(0)
-        let {unsub} = sub(
-          {
-            cb: () => {
-              statusCallback(1)
+        if (statusCallback) {
+          statusCallback(0)
+          let {unsub} = sub(
+            {
+              cb: () => {
+                statusCallback(1)
+                unsub()
+                clearTimeout(willUnsub)
+              },
+              filter: {ids: [event.id]}
             },
-            filter: {id: event.id}
-          },
-          `monitor-${event.id.slice(0, 5)}`
-        )
-        setTimeout(unsub, 5000)
+            `monitor-${event.id.slice(0, 5)}`
+          )
+          let willUnsub = setTimeout(unsub, 5000)
+        }
       } catch (err) {
-        statusCallback(-1)
+        if (statusCallback) statusCallback(-1)
       }
     },
     close() {