fix .kind filter validator.

it seems everybody was including this by default before, but now webpack and others are not.

.eslintrc.json

@@ -1,4 +1,5 @@
 {
+  "root": true,
   "parserOptions": {
     "ecmaVersion": 9,
     "ecmaFeatures": {

README.md

@@ -67,4 +67,6 @@ pool.addRelay('<url>')
 // will automatically subscribe to the all the events called with .sub above
 ```
 
+All functions expect bytearrays as hex strings and output bytearrays as hex strings.
+
 For other utils please read the source (for now).

event.js

@@ -0,0 +1,56 @@
+import {Buffer} from 'buffer'
+import createHash from 'create-hash'
+import * as secp256k1 from '@noble/secp256k1'
+
+export function getBlankEvent() {
+  return {
+    kind: 255,
+    pubkey: null,
+    content: '',
+    tags: [],
+    created_at: 0
+  }
+}
+
+export function serializeEvent(evt) {
+  return JSON.stringify([
+    0,
+    evt.pubkey,
+    evt.created_at,
+    evt.kind,
+    evt.tags,
+    evt.content
+  ])
+}
+
+export function getEventHash(event) {
+  let eventHash = createHash('sha256')
+    .update(Buffer.from(serializeEvent(event)))
+    .digest()
+  return Buffer.from(eventHash).toString('hex')
+}
+
+export function validateEvent(event) {
+  if (event.id !== getEventHash(event)) return false
+  if (typeof event.content !== 'string') return false
+  if (typeof event.created_at !== 'number') return false
+
+  if (!Array.isArray(event.tags)) return false
+  for (let i = 0; i < event.tags.length; i++) {
+    let tag = event.tags[i]
+    if (!Array.isArray(tag)) return false
+    for (let j = 0; j < tag.length; j++) {
+      if (typeof tag[j] === 'object') return false
+    }
+  }
+
+  return true
+}
+
+export function verifySignature(event) {
+  return secp256k1.schnorr.verify(event.sig, event.id, event.pubkey)
+}
+
+export async function signEvent(event, key) {
+  return secp256k1.schnorr.sign(getEventHash(event), key)
+}

filter.js

@@ -0,0 +1,26 @@
+export function matchFilter(filter, event) {
+  if (filter.id && event.id !== filter.id) return false
+  if (typeof filter.kind === 'number' && event.kind !== filter.kind) return false
+  if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
+    return false
+  if (
+    filter['#e'] &&
+    !event.tags.find(([t, v]) => t === 'e' && v === filter['#e'])
+  )
+    return false
+  if (
+    filter['#p'] &&
+    !event.tags.find(([t, v]) => t === 'p' && v === filter['#p'])
+  )
+    return false
+  if (filter.since && event.created_at <= filter.since) return false
+
+  return true
+}
+
+export function matchFilters(filters, event) {
+  for (let i = 0; i < filters.length; i++) {
+    if (matchFilter(filters[i], event)) return true
+  }
+  return false
+}

index.js

@@ -1,25 +1,27 @@
+import {generatePrivateKey, getPublicKey} from './keys'
 import {relayConnect} from './relay'
 import {relayPool} from './pool'
 import {
   getBlankEvent,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash
 } from './event'
-import {makeRandom32, sha256, getPublicKey} from './utils'
+import {matchFilter, matchFilters} from './filter'
 
 export {
+  generatePrivateKey,
   relayConnect,
   relayPool,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash,
-  makeRandom32,
-  sha256,
   getPublicKey,
-  getBlankEvent
+  getBlankEvent,
+  matchFilter,
+  matchFilters
 }
-export * from './nip04'
-export * from './nip05'

keys.js

@@ -0,0 +1,9 @@
+import * as secp256k1 from '@noble/secp256k1'
+
+export function generatePrivateKey() {
+  return Buffer.from(secp256k1.utils.randomPrivateKey()).toString('hex')
+}
+
+export function getPublicKey(privateKey) {
+  return secp256k1.schnorr.getPublicKey(privateKey)
+}

nip04.js

@@ -1,12 +1,14 @@
-import Buffer from 'buffer'
+import aes from 'browserify-cipher'
+import {Buffer} from 'buffer'
+import randomBytes from 'randombytes'
 import * as secp256k1 from '@noble/secp256k1'
 
 export function encrypt(privkey, pubkey, text) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
-  let iv = crypto.randomFillSync(new Uint8Array(16))
+  let iv = Uint8Array.from(randomBytes(16))
-  var cipher = crypto.createCipheriv(
+  var cipher = aes.createCipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     iv
@@ -21,7 +23,7 @@ export function decrypt(privkey, pubkey, ciphertext, iv) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
-  var decipher = crypto.createDecipheriv(
+  var decipher = aes.createDecipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     Buffer.from(iv, 'base64')

nip05.js

@@ -1,4 +1,4 @@
-import Buffer from 'buffer'
+import {Buffer} from 'buffer'
 import dnsPacket from 'dns-packet'
 
 const dohProviders = [

nip06.js

@@ -0,0 +1,26 @@
+import {wordlist} from 'micro-bip39/wordlists/english'
+import {
+  generateMnemonic,
+  mnemonicToSeedSync,
+  validateMnemonic
+} from 'micro-bip39'
+import {HDKey} from 'micro-bip32'
+
+export function privateKeyFromSeed(seed) {
+  let root = HDKey.fromMasterSeed(Buffer.from(seed, 'hex'))
+  return Buffer.from(root.derive(`m/44'/1237'/0'/0'`).privateKey).toString(
+    'hex'
+  )
+}
+
+export function seedFromWords(mnemonic) {
+  return Buffer.from(mnemonicToSeedSync(mnemonic, wordlist)).toString('hex')
+}
+
+export function generateSeedWords() {
+  return generateMnemonic(wordlist)
+}
+
+export function validateWords(words) {
+  return validateMnemonic(words, wordlist)
+}

package.json

@@ -1,18 +1,20 @@
 {
   "name": "nostr-tools",
-  "version": "0.6.1",
+  "version": "0.15.1",
   "description": "Tools for making a Nostr client.",
-  "main": "dist/nostr-tools.esm.min.js",
-  "module": "dist/nostr-tools.esm.min.js",
-  "browser": "dist/nostr-tools.umd.min.js",
   "repository": {
     "type": "git",
     "url": "https://github.com/fiatjaf/nostr-tools.git"
   },
   "dependencies": {
     "@noble/secp256k1": "^1.3.0",
-    "buffer": "^6.0.3",
+    "browserify-cipher": ">=1",
+    "buffer": ">=5",
+    "create-hash": "^1.2.0",
     "dns-packet": "^5.2.4",
+    "micro-bip32": "^0.1.0",
+    "micro-bip39": "^0.1.3",
+    "randombytes": ">=2",
     "websocket-polyfill": "^0.0.3"
   },
   "keywords": [
@@ -28,12 +30,7 @@
     "client"
   ],
   "devDependencies": {
-    "rollup": "^2.61.1"
+    "eslint": "^8.5.0",
-  },
+    "eslint-plugin-babel": "^5.3.1"
-  "files": [
-    "dist"
-  ],
-  "scripts": {
-    "prepublish": "rollup -c"
   }
 }

pool.js

@@ -0,0 +1,166 @@
+import {getEventHash, signEvent} from './event'
+import {relayConnect, normalizeRelayURL} from './relay'
+
+export function relayPool() {
+  var globalPrivateKey
+  const poolPolicy = {
+    // setting this to a number will cause events to be published to a random
+    // set of relays only, instead of publishing to all relays all the time
+    randomChoice: null
+  }
+  const relays = {}
+  const noticeCallbacks = []
+
+  function propagateNotice(notice, relayURL) {
+    for (let i = 0; i < noticeCallbacks.length; i++) {
+      let {relay} = relays[relayURL]
+      noticeCallbacks[i](notice, relay)
+    }
+  }
+
+  const activeSubscriptions = {}
+
+  const sub = ({cb, filter}, id = Math.random().toString().slice(2)) => {
+    const subControllers = Object.fromEntries(
+      Object.values(relays)
+        .filter(({policy}) => policy.read)
+        .map(({relay}) => [
+          relay.url,
+          relay.sub({filter, cb: event => cb(event, relay.url)}, id)
+        ])
+    )
+
+    const activeCallback = cb
+    const activeFilters = filter
+
+    const unsub = () => {
+      Object.values(subControllers).forEach(sub => sub.unsub())
+      delete activeSubscriptions[id]
+    }
+    const sub = ({cb = activeCallback, filter = activeFilters}) => {
+      Object.entries(subControllers).map(([relayURL, sub]) => [
+        relayURL,
+        sub.sub({cb, filter}, id)
+      ])
+      return activeSubscriptions[id]
+    }
+    const addRelay = relay => {
+      subControllers[relay.url] = relay.sub({cb, filter}, id)
+      return activeSubscriptions[id]
+    }
+    const removeRelay = relayURL => {
+      if (relayURL in subControllers) {
+        subControllers[relayURL].unsub()
+        if (Object.keys(subControllers).length === 0) unsub()
+      }
+      return activeSubscriptions[id]
+    }
+
+    activeSubscriptions[id] = {
+      sub,
+      unsub,
+      addRelay,
+      removeRelay
+    }
+
+    return activeSubscriptions[id]
+  }
+
+  return {
+    sub,
+    relays,
+    setPrivateKey(privateKey) {
+      globalPrivateKey = privateKey
+    },
+    setPolicy(key, value) {
+      poolPolicy[key] = value
+    },
+    addRelay(url, policy = {read: true, write: true}) {
+      let relayURL = normalizeRelayURL(url)
+      if (relayURL in relays) return
+
+      let relay = relayConnect(url, notice => {
+        propagateNotice(notice, relayURL)
+      })
+      relays[relayURL] = {relay, policy}
+
+      if (policy.read) {
+        Object.values(activeSubscriptions).forEach(subscription =>
+          subscription.addRelay(relay)
+        )
+      }
+
+      return relay
+    },
+    removeRelay(url) {
+      let relayURL = normalizeRelayURL(url)
+      let data = relays[relayURL]
+      if (!data) return
+
+      let {relay} = data
+      Object.values(activeSubscriptions).forEach(subscription =>
+        subscription.removeRelay(relay)
+      )
+      relay.close()
+      delete relays[relayURL]
+    },
+    onNotice(cb) {
+      noticeCallbacks.push(cb)
+    },
+    offNotice(cb) {
+      let index = noticeCallbacks.indexOf(cb)
+      if (index !== -1) noticeCallbacks.splice(index, 1)
+    },
+    async publish(event, statusCallback = (status, relayURL) => {}) {
+      event.id = getEventHash(event)
+
+      if (!event.sig) {
+        event.tags = event.tags || []
+
+        if (globalPrivateKey) {
+          event.sig = await signEvent(event, globalPrivateKey)
+        } else {
+          throw new Error(
+            "can't publish unsigned event. either sign this event beforehand or pass a private key while initializing this relay pool so it can be signed automatically."
+          )
+        }
+      }
+
+      let writeable = Object.values(relays)
+        .filter(({policy}) => policy.write)
+        .sort(() => Math.random() - 0.5) // random
+
+      let maxTargets = poolPolicy.randomChoice
+        ? poolPolicy.randomChoice
+        : writeable.length
+
+      let successes = 0
+
+      for (let i = 0; i < writeable.length; i++) {
+        let {relay} = writeable[i]
+
+        try {
+          await new Promise(async (resolve, reject) => {
+            try {
+              await relay.publish(event, status => {
+                statusCallback(status, relay.url)
+                resolve()
+              })
+            } catch (err) {
+              statusCallback(-1, relay.url)
+            }
+          })
+
+          successes++
+          if (successes >= maxTargets) {
+            break
+          }
+        } catch (err) {
+          /***/
+        }
+      }
+
+      return event
+    }
+  }
+}

relay.js

@@ -1,19 +1,22 @@
+/* global WebSocket */
+
 import 'websocket-polyfill'
 
-import {verifySignature} from './event'
+import {verifySignature, validateEvent} from './event'
+import {matchFilters} from './filter'
 
 export function normalizeRelayURL(url) {
-  let [host, ...qs] = url.split('?')
+  let [host, ...qs] = url.trim().split('?')
   if (host.slice(0, 4) === 'http') host = 'ws' + host.slice(4)
   if (host.slice(0, 2) !== 'ws') host = 'wss://' + host
   if (host.length && host[host.length - 1] === '/') host = host.slice(0, -1)
   return [host, ...qs].join('?')
 }
 
-export function relayConnect(url, onNotice) {
+export function relayConnect(url, onNotice = () => {}, onError = () => {}) {
   url = normalizeRelayURL(url)
 
-  var ws, resolveOpen, untilOpen
+  var ws, resolveOpen, untilOpen, wasClosed
   var openSubs = {}
   let attemptNumber = 1
   let nextAttemptSeconds = 1
@@ -34,19 +37,26 @@ export function relayConnect(url, onNotice) {
       resolveOpen()
 
       // restablish old subscriptions
-      for (let channel in openSubs) {
+      if (wasClosed) {
-        let filters = openSubs[channel]
+        wasClosed = false
-        let cb = channels[channel]
+        for (let channel in openSubs) {
-        sub({cb, filter: filters}, channel)
+          let filters = openSubs[channel]
+          let cb = channels[channel]
+          sub({cb, filter: filters}, channel)
+        }
       }
     }
-    ws.onerror = () => {
+    ws.onerror = err => {
       console.log('error connecting to relay', url)
+      onError(err)
     }
     ws.onclose = () => {
       resetOpenState()
       attemptNumber++
-      nextAttemptSeconds += attemptNumber
+      nextAttemptSeconds += attemptNumber ** 3
+      if (nextAttemptSeconds > 14400) {
+        nextAttemptSeconds = 14400 // 4 hours
+      }
       console.log(
         `relay ${url} connection closed. reconnecting in ${nextAttemptSeconds} seconds.`
       )
@@ -55,6 +65,8 @@ export function relayConnect(url, onNotice) {
           connect()
         } catch (err) {}
       }, nextAttemptSeconds * 1000)
+
+      wasClosed = true
     }
 
     ws.onmessage = async e => {
@@ -80,12 +92,13 @@ export function relayConnect(url, onNotice) {
           let channel = data[1]
           let event = data[2]
 
-          if (await verifySignature(event)) {
+          if (
-            if (channels[channel]) {
+            validateEvent(event) &&
-              channels[channel](event)
+            verifySignature(event) &&
-            }
+            channels[channel] &&
-          } else {
+            matchFilters(openSubs[channel], event)
-            console.warn('got event with invalid signature from ' + url, event)
+          ) {
+            channels[channel](event)
           }
           return
         }
@@ -135,19 +148,26 @@ export function relayConnect(url, onNotice) {
   return {
     url,
     sub,
-    async publish(event, statusCallback = status => {}) {
+    async publish(event, statusCallback) {
       try {
         await trySend(['EVENT', event])
-        statusCallback(0)
+        if (statusCallback) {
-        let {unsub} = relay.sub({
+          statusCallback(0)
-          cb: () => {
+          let {unsub} = sub(
-            statusCallback(1)
+            {
-          },
+              cb: () => {
-          filter: {id: event.id}
+                statusCallback(1)
-        })
+                unsub()
-        setTimeout(unsub, 5000)
+                clearTimeout(willUnsub)
+              },
+              filter: {id: event.id}
+            },
+            `monitor-${event.id.slice(0, 5)}`
+          )
+          let willUnsub = setTimeout(unsub, 5000)
+        }
       } catch (err) {
-        statusCallback(-1)
+        if (statusCallback) statusCallback(-1)
       }
     },
     close() {

rollup.config.js

@@ -1,16 +0,0 @@
-import pkg from './package.json'
-
-export default {
-  input: 'src/index.js',
-  output: [
-    {
-      name: 'nostrtools',
-      file: pkg.browser,
-      format: 'umd'
-    },
-    {
-      file: pkg.module,
-      format: 'es'
-    }
-  ]
-}

src/event.js

@@ -1,43 +0,0 @@
-import Buffer from 'buffer'
-import * as secp256k1 from '@noble/secp256k1'
-
-import {sha256} from './utils'
-
-export function getBlankEvent() {
-  return {
-    kind: 255,
-    pubkey: null,
-    content: '',
-    tags: [],
-    created_at: 0
-  }
-}
-
-export function serializeEvent(evt) {
-  return JSON.stringify([
-    0,
-    evt.pubkey,
-    evt.created_at,
-    evt.kind,
-    evt.tags || [],
-    evt.content
-  ])
-}
-
-export async function getEventHash(event) {
-  let eventHash = await sha256(Buffer.from(serializeEvent(event)))
-  return Buffer.from(eventHash).toString('hex')
-}
-
-export async function verifySignature(event) {
-  return await secp256k1.schnorr.verify(
-    event.sig,
-    await getEventHash(event),
-    event.pubkey
-  )
-}
-
-export async function signEvent(event, key) {
-  let eventHash = await getEventHash(event)
-  return await secp256k1.schnorr.sign(eventHash, key)
-}

src/pool.js

@@ -1,122 +0,0 @@
-import {getEventHash, signEvent} from './event'
-import {relayConnect, normalizeRelayURL} from './relay'
-
-export function relayPool(globalPrivateKey) {
-  const relays = {}
-  const globalSub = []
-  const noticeCallbacks = []
-
-  function propagateNotice(notice, relayURL) {
-    for (let i = 0; i < noticeCallbacks.length; i++) {
-      let {relay} = relays[relayURL]
-      noticeCallbacks[i](notice, relay)
-    }
-  }
-
-  const activeSubscriptions = {}
-
-  const sub = ({cb, filter}, id = Math.random().toString().slice(2)) => {
-    const subControllers = Object.fromEntries(
-      Object.values(relays)
-        .filter(({policy}) => policy.read)
-        .map(({relay}) => [
-          relay.url,
-          relay.sub({filter, cb: event => cb(event, relay.url)})
-        ])
-    )
-
-    const activeCallback = cb
-    const activeFilters = filter
-
-    activeSubscriptions[id] = {
-      sub: ({cb = activeCallback, filter = activeFilters}) =>
-        Object.entries(subControllers).map(([relayURL, sub]) => [
-          relayURL,
-          sub.sub({cb, filter}, id)
-        ]),
-      addRelay: relay => {
-        subControllers[relay.url] = relay.sub({cb, filter})
-      },
-      removeRelay: relayURL => {
-        if (relayURL in subControllers) {
-          subControllers[relayURL].unsub()
-          if (Object.keys(subControllers).length === 0) unsub()
-        }
-      },
-      unsub: () => {
-        Object.values(subControllers).forEach(sub => sub.unsub())
-        delete activeSubscriptions[id]
-      }
-    }
-
-    return activeSubscriptions[id]
-  }
-
-  return {
-    sub,
-    relays,
-    setPrivateKey(privateKey) {
-      globalPrivateKey = privateKey
-    },
-    async addRelay(url, policy = {read: true, write: true}) {
-      let relayURL = normalizeRelayURL(url)
-      if (relayURL in relays) return
-
-      let relay = await relayConnect(url, notice => {
-        propagateNotice(notice, relayURL)
-      })
-      relays[relayURL] = {relay, policy}
-
-      Object.values(activeSubscriptions).forEach(subscription =>
-        subscription.addRelay(relay)
-      )
-
-      return relay
-    },
-    removeRelay(url) {
-      let relayURL = normalizeRelayURL(url)
-      let {relay} = relays[relayURL]
-      if (!relay) return
-      Object.values(activeSubscriptions).forEach(subscription =>
-        subscription.removeRelay(relay)
-      )
-      relay.close()
-      delete relays[relayURL]
-    },
-    onNotice(cb) {
-      noticeCallbacks.push(cb)
-    },
-    offNotice(cb) {
-      let index = noticeCallbacks.indexOf(cb)
-      if (index !== -1) noticeCallbacks.splice(index, 1)
-    },
-    async publish(event, statusCallback = (status, relayURL) => {}) {
-      if (!event.sig) {
-        event.tags = event.tags || []
-
-        if (globalPrivateKey) {
-          event.id = await getEventHash(event)
-          event.sig = await signEvent(event, globalPrivateKey)
-        } else {
-          throw new Error(
-            "can't publish unsigned event. either sign this event beforehand or pass a private key while initializing this relay pool so it can be signed automatically."
-          )
-        }
-      }
-
-      Object.values(relays)
-        .filter(({policy}) => policy.write)
-        .map(async ({relay}) => {
-          try {
-            await relay.publish(event, status =>
-              statusCallback(status, relay.url)
-            )
-          } catch (err) {
-            statusCallback(-1, relay.url)
-          }
-        })
-
-      return event
-    }
-  }
-}

src/utils.js

@@ -1,6 +0,0 @@
-import * as secp256k1 from '@noble/secp256k1'
-
-export const makeRandom32 = () => secp256k1.utils.randomPrivateKey()
-export const sha256 = m => secp256k1.utils.sha256(Uint8Array.from(m))
-export const getPublicKey = privateKey =>
-  secp256k1.schnorr.getPublicKey(privateKey)