use tiny-secp256k1, updated nip06 and other utils.

it seems everybody was including this by default before, but now webpack and others are not.

README.md

@@ -67,4 +67,6 @@ pool.addRelay('<url>')
 // will automatically subscribe to the all the events called with .sub above
 ```
 
+All functions expect bytearrays as hex strings and output bytearrays as hex strings.
+
 For other utils please read the source (for now).

event.js

@@ -1,7 +1,6 @@
 import {Buffer} from 'buffer'
-import * as secp256k1 from '@noble/secp256k1'
-
-import {sha256} from './utils'
+import createHash from 'create-hash'
+import {signSchnorr, verifySchnorr} from 'tiny-secp256k1'
 
 export function getBlankEvent() {
   return {
@@ -24,20 +23,24 @@ export function serializeEvent(evt) {
   ])
 }
 
-export async function getEventHash(event) {
-  let eventHash = await sha256(Buffer.from(serializeEvent(event)))
+export function getEventHash(event) {
+  let eventHash = createHash('sha256')
+    .update(Buffer.from(serializeEvent(event)))
+    .digest()
   return Buffer.from(eventHash).toString('hex')
 }
 
-export async function verifySignature(event) {
-  return await secp256k1.schnorr.verify(
-    event.sig,
-    await getEventHash(event),
-    event.pubkey
+export function verifySignature(event) {
+  if (event.id !== getEventHash(event)) return false
+  return verifySchnorr(
+    Buffer.from(event.id, 'hex'),
+    Buffer.from(event.pubkey, 'hex')
+    Buffer.from(event.sig, 'hex'),
   )
 }
 
-export async function signEvent(event, key) {
-  let eventHash = await getEventHash(event)
-  return await secp256k1.schnorr.sign(eventHash, key)
+export function signEvent(event, key) {
+  let eventHash = Buffer.from(getEventHash(event), 'hex')
+  let key = Buffer.from(key, 'hex')
+  return Buffer.from(signSchnorr(eventHash, key)).toString('hex')
 }

filter.js

@@ -0,0 +1,27 @@
+export function matchFilter(filter, event) {
+  if (filter.id && event.id !== filter.id) return false
+  if (filter.kind && event.kind !== filter.kind) return false
+  if (filter.author && event.pubkey !== filter.author) return false
+  if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
+    return false
+  if (
+    filter['#e'] &&
+    !event.tags.find(([t, v]) => t === 'e' && v === filter['#e'])
+  )
+    return false
+  if (
+    filter['#p'] &&
+    !event.tags.find(([t, v]) => t === 'p' && v === filter['#p'])
+  )
+    return false
+  if (filter.since && event.created_at <= filter.since) return false
+
+  return true
+}
+
+export function matchFilters(filters, event) {
+  for (let i = 0; i < filters.length; i++) {
+    if (matchFilter(filters[i], event)) return true
+  }
+  return false
+}

index.js

@@ -1,3 +1,4 @@
+import {generatePrivateKey, getPublicKey} from './keys'
 import {relayConnect} from './relay'
 import {relayPool} from './pool'
 import {
@@ -7,7 +8,7 @@ import {
   serializeEvent,
   getEventHash
 } from './event'
-import {makeRandom32, sha256, getPublicKey} from './utils'
+import {matchFilter, matchFilters} from './filter'
 
 export {
   relayConnect,
@@ -16,10 +17,8 @@ export {
   verifySignature,
   serializeEvent,
   getEventHash,
-  makeRandom32,
-  sha256,
   getPublicKey,
-  getBlankEvent
+  getBlankEvent,
+  matchFilter,
+  matchFilters
 }
-export * from './nip04'
-export * from './nip05'

keys.js

@@ -0,0 +1,19 @@
+import randomBytes from 'randombytes'
+import {isPrivate, pointFromScalar} from 'tiny-secp256k1'
+
+export function generatePrivateKey() {
+  let i = 8
+  while (i--) {
+    let r32 = Buffer.from(randomBytes(32))
+    if (isPrivate(r32)) return r32.toString('hex')
+  }
+  throw new Error(
+    'Valid private key was not found in 8 iterations. PRNG is broken'
+  )
+}
+
+export function getPublicKey(privateKey) {
+  return Buffer.from(
+    pointFromScalar(Buffer.from(privateKey, 'hex'), true)
+  ).toString('hex')
+}

nip04.js

@@ -1,12 +1,14 @@
+import aes from 'browserify-cipher'
 import {Buffer} from 'buffer'
+import randomBytes from 'randombytes'
 import * as secp256k1 from '@noble/secp256k1'
 
 export function encrypt(privkey, pubkey, text) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
-  let iv = crypto.randomFillSync(new Uint8Array(16))
-  var cipher = crypto.createCipheriv(
+  let iv = Uint8Array.from(randomBytes(16))
+  var cipher = aes.createCipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     iv
@@ -21,7 +23,7 @@ export function decrypt(privkey, pubkey, ciphertext, iv) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
-  var decipher = crypto.createDecipheriv(
+  var decipher = aes.createDecipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     Buffer.from(iv, 'base64')

nip06.js

@@ -0,0 +1,28 @@
+import createHmac from 'create-hmac'
+import {wordlist} from 'micro-bip39/wordlists/english'
+import {
+  generateMnemonic,
+  mnemonicToSeedSync,
+  validateMnemonic
+} from 'micro-bip39'
+import BIP32Factory from 'bip32'
+import * as ecc from 'tiny-secp256k1'
+
+const bip32 = BIP32Factory(ecc)
+
+export function privateKeyFromSeed(seed) {
+  let root = bip32.fromSeed(Buffer.from(seed, 'hex'))
+  return root.derivePath(`m/44'/1237'/0'/0'`).privateKey.toString('hex')
+}
+
+export function seedFromWords(mnemonic) {
+  return Buffer.from(mnemonicToSeedSync(mnemonic, wordlist)).toString('hex')
+}
+
+export function generateSeedWords() {
+  return generateMnemonic(wordlist)
+}
+
+export function validateWords(words) {
+  return validateMnemonic(words, wordlist)
+}

package.json

@@ -1,18 +1,22 @@
 {
   "name": "nostr-tools",
-  "version": "0.6.4",
+  "version": "0.12.1",
   "description": "Tools for making a Nostr client.",
-  "main": "dist/nostr-tools.esm.min.js",
-  "module": "dist/nostr-tools.esm.min.js",
-  "browser": "dist/nostr-tools.umd.min.js",
   "repository": {
     "type": "git",
     "url": "https://github.com/fiatjaf/nostr-tools.git"
   },
   "dependencies": {
     "@noble/secp256k1": "^1.3.0",
-    "buffer": "^6.0.3",
+    "bip32": "^3.0.1",
+    "browserify-cipher": ">=1",
+    "buffer": ">=5",
+    "create-hash": "^1.2.0",
+    "create-hmac": ">=1",
     "dns-packet": "^5.2.4",
+    "micro-bip39": "^0.1.3",
+    "randombytes": ">=2",
+    "tiny-secp256k1": "^2.1.2",
     "websocket-polyfill": "^0.0.3"
   },
   "keywords": [
@@ -26,11 +30,5 @@
     "censorship",
     "censorship-resistance",
     "client"
-  ],
-  "devDependencies": {
-    "rollup": "^2.61.1"
-  },
-  "scripts": {
-    "prepublish": "rollup -c"
-  }
+  ]
 }

pool.js

@@ -21,7 +21,7 @@ export function relayPool(globalPrivateKey) {
         .filter(({policy}) => policy.read)
         .map(({relay}) => [
           relay.url,
-          relay.sub({filter, cb: event => cb(event, relay.url)})
+          relay.sub({filter, cb: event => cb(event, relay.url)}, id)
         ])
     )
 
@@ -29,19 +29,23 @@ export function relayPool(globalPrivateKey) {
     const activeFilters = filter
 
     activeSubscriptions[id] = {
-      sub: ({cb = activeCallback, filter = activeFilters}) =>
+      sub: ({cb = activeCallback, filter = activeFilters}) => {
         Object.entries(subControllers).map(([relayURL, sub]) => [
           relayURL,
           sub.sub({cb, filter}, id)
-        ]),
+        ])
+        return activeSubscriptions[id]
+      },
       addRelay: relay => {
-        subControllers[relay.url] = relay.sub({cb, filter})
+        subControllers[relay.url] = relay.sub({cb, filter}, id)
+        return activeSubscriptions[id]
       },
       removeRelay: relayURL => {
         if (relayURL in subControllers) {
           subControllers[relayURL].unsub()
           if (Object.keys(subControllers).length === 0) unsub()
         }
+        return activeSubscriptions[id]
       },
       unsub: () => {
         Object.values(subControllers).forEach(sub => sub.unsub())
@@ -91,11 +95,12 @@ export function relayPool(globalPrivateKey) {
       if (index !== -1) noticeCallbacks.splice(index, 1)
     },
     async publish(event, statusCallback = (status, relayURL) => {}) {
+      event.id = await getEventHash(event)
+
       if (!event.sig) {
         event.tags = event.tags || []
 
         if (globalPrivateKey) {
-          event.id = await getEventHash(event)
           event.sig = await signEvent(event, globalPrivateKey)
         } else {
           throw new Error(

relay.js

@@ -1,6 +1,7 @@
 import 'websocket-polyfill'
 
 import {verifySignature} from './event'
+import {matchFilters} from './filter'
 
 export function normalizeRelayURL(url) {
   let [host, ...qs] = url.split('?')
@@ -13,7 +14,7 @@ export function normalizeRelayURL(url) {
 export function relayConnect(url, onNotice) {
   url = normalizeRelayURL(url)
 
-  var ws, resolveOpen, untilOpen
+  var ws, resolveOpen, untilOpen, wasClosed
   var openSubs = {}
   let attemptNumber = 1
   let nextAttemptSeconds = 1
@@ -34,19 +35,25 @@ export function relayConnect(url, onNotice) {
       resolveOpen()
 
       // restablish old subscriptions
+      if (wasClosed) {
+        wasClosed = false
         for (let channel in openSubs) {
           let filters = openSubs[channel]
           let cb = channels[channel]
           sub({cb, filter: filters}, channel)
         }
       }
+    }
     ws.onerror = () => {
       console.log('error connecting to relay', url)
     }
     ws.onclose = () => {
       resetOpenState()
       attemptNumber++
-      nextAttemptSeconds += attemptNumber
+      nextAttemptSeconds += attemptNumber ** 3
+      if (nextAttemptSeconds > 14400) {
+        nextAttemptSeconds = 14400 // 4 hours
+      }
       console.log(
         `relay ${url} connection closed. reconnecting in ${nextAttemptSeconds} seconds.`
       )
@@ -55,6 +62,8 @@ export function relayConnect(url, onNotice) {
           connect()
         } catch (err) {}
       }, nextAttemptSeconds * 1000)
+
+      wasClosed = true
     }
 
     ws.onmessage = async e => {
@@ -80,13 +89,13 @@ export function relayConnect(url, onNotice) {
           let channel = data[1]
           let event = data[2]
 
-          if (await verifySignature(event)) {
-            if (channels[channel]) {
+          if (
+            (await verifySignature(event)) &&
+            channels[channel] &&
+            matchFilters(openSubs[channel], event)
+          ) {
             channels[channel](event)
           }
-          } else {
-            console.warn('got event with invalid signature from ' + url, event)
-          }
           return
         }
       }
@@ -139,12 +148,15 @@ export function relayConnect(url, onNotice) {
       try {
         await trySend(['EVENT', event])
         statusCallback(0)
-        let {unsub} = relay.sub({
+        let {unsub} = relay.sub(
+          {
             cb: () => {
               statusCallback(1)
             },
             filter: {id: event.id}
-        })
+          },
+          `monitor-${event.id.slice(0, 5)}`
+        )
         setTimeout(unsub, 5000)
       } catch (err) {
         statusCallback(-1)

rollup.config.js

@@ -1,16 +0,0 @@
-import pkg from './package.json'
-
-export default {
-  input: 'index.js',
-  output: [
-    {
-      name: 'nostrtools',
-      file: pkg.browser,
-      format: 'umd'
-    },
-    {
-      file: pkg.module,
-      format: 'es'
-    }
-  ]
-}

utils.js

@@ -1,6 +0,0 @@
-import * as secp256k1 from '@noble/secp256k1'
-
-export const makeRandom32 = () => secp256k1.utils.randomPrivateKey()
-export const sha256 = m => secp256k1.utils.sha256(Uint8Array.from(m))
-export const getPublicKey = privateKey =>
-  secp256k1.schnorr.getPublicKey(privateKey)