prevent blocking waiting times on publish (unless "wait" is set in the pool policy).

it seems everybody was including this by default before, but now webpack and others are not.

.eslintrc.json

@@ -1,4 +1,5 @@
 {
+  "root": true,
   "parserOptions": {
     "ecmaVersion": 9,
     "ecmaFeatures": {

README.md

@@ -67,4 +67,6 @@ pool.addRelay('<url>')
 // will automatically subscribe to the all the events called with .sub above
 ```
 
+All functions expect bytearrays as hex strings and output bytearrays as hex strings.
+
 For other utils please read the source (for now).

event.js

@@ -1,8 +1,7 @@
 import {Buffer} from 'buffer'
+import createHash from 'create-hash'
 import * as secp256k1 from '@noble/secp256k1'
 
-import {sha256} from './utils'
-
 export function getBlankEvent() {
   return {
     kind: 255,
@@ -19,25 +18,39 @@ export function serializeEvent(evt) {
     evt.pubkey,
     evt.created_at,
     evt.kind,
-    evt.tags || [],
+    evt.tags,
     evt.content
   ])
 }
 
-export async function getEventHash(event) {
-  let eventHash = await sha256(Buffer.from(serializeEvent(event)))
+export function getEventHash(event) {
+  let eventHash = createHash('sha256')
+    .update(Buffer.from(serializeEvent(event)))
+    .digest()
   return Buffer.from(eventHash).toString('hex')
 }
 
-export async function verifySignature(event) {
-  return await secp256k1.schnorr.verify(
-    event.sig,
-    await getEventHash(event),
-    event.pubkey
-  )
+export function validateEvent(event) {
+  if (event.id !== getEventHash(event)) return false
+  if (typeof event.content !== 'string') return false
+  if (typeof event.created_at !== 'number') return false
+
+  if (!Array.isArray(event.tags)) return false
+  for (let i = 0; i < event.tags.length; i++) {
+    let tag = event.tags[i]
+    if (!Array.isArray(tag)) return false
+    for (let j = 0; j < tag.length; j++) {
+      if (typeof tag[j] === 'object') return false
+    }
+  }
+
+  return true
+}
+
+export function verifySignature(event) {
+  return secp256k1.schnorr.verify(event.sig, event.id, event.pubkey)
 }
 
 export async function signEvent(event, key) {
-  let eventHash = await getEventHash(event)
-  return await secp256k1.schnorr.sign(eventHash, key)
+  return secp256k1.schnorr.sign(getEventHash(event), key)
 }

filter.js

@@ -0,0 +1,30 @@
+export function matchFilter(filter, event) {
+  if (filter.ids && filter.ids.indexOf(event.id) === -1) return false
+  if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) return false
+  if (filter.authors && filter.authors.indexOf(event.pubkey) === -1)
+    return false
+
+  for (let f in filter) {
+    if (f[0] === '#') {
+      if (
+        filter[f] &&
+        !event.tags.find(
+          ([t, v]) => t === f.slice(1) && filter[f].indexOf(v) !== -1
+        )
+      )
+        return false
+    }
+  }
+
+  if (filter.since && event.created_at < filter.since) return false
+  if (filter.until && event.created_at >= filter.until) return false
+
+  return true
+}
+
+export function matchFilters(filters, event) {
+  for (let i = 0; i < filters.length; i++) {
+    if (matchFilter(filters[i], event)) return true
+  }
+  return false
+}

index.js

@@ -1,23 +1,27 @@
+import {generatePrivateKey, getPublicKey} from './keys'
 import {relayConnect} from './relay'
 import {relayPool} from './pool'
 import {
   getBlankEvent,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash
 } from './event'
-import {makeRandom32, sha256, getPublicKey} from './utils'
+import {matchFilter, matchFilters} from './filter'
 
 export {
+  generatePrivateKey,
   relayConnect,
   relayPool,
   signEvent,
+  validateEvent,
   verifySignature,
   serializeEvent,
   getEventHash,
-  makeRandom32,
-  sha256,
   getPublicKey,
-  getBlankEvent
+  getBlankEvent,
+  matchFilter,
+  matchFilters
 }

keys.js

@@ -0,0 +1,9 @@
+import * as secp256k1 from '@noble/secp256k1'
+
+export function generatePrivateKey() {
+  return Buffer.from(secp256k1.utils.randomPrivateKey()).toString('hex')
+}
+
+export function getPublicKey(privateKey) {
+  return secp256k1.schnorr.getPublicKey(privateKey)
+}

nip04.js

@@ -1,5 +1,6 @@
+import aes from 'browserify-cipher'
 import {Buffer} from 'buffer'
-import randomBytes from 'randombytes'
+import {randomBytes} from '@noble/hashes/utils'
 import * as secp256k1 from '@noble/secp256k1'
 
 export function encrypt(privkey, pubkey, text) {
@@ -7,7 +8,7 @@ export function encrypt(privkey, pubkey, text) {
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
   let iv = Uint8Array.from(randomBytes(16))
-  var cipher = crypto.createCipheriv(
+  var cipher = aes.createCipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     iv
@@ -22,7 +23,7 @@ export function decrypt(privkey, pubkey, ciphertext, iv) {
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   const normalizedKey = getOnlyXFromFullSharedSecret(key)
 
-  var decipher = crypto.createDecipheriv(
+  var decipher = aes.createDecipheriv(
     'aes-256-cbc',
     Buffer.from(normalizedKey, 'hex'),
     Buffer.from(iv, 'base64')

nip06.js

@@ -1,17 +1,26 @@
-import createHmac from 'create-hmac'
-import randomBytes from 'randombytes'
-import * as bip39 from 'bip39'
+import {wordlist} from 'micro-bip39/wordlists/english'
+import {
+  generateMnemonic,
+  mnemonicToSeedSync,
+  validateMnemonic
+} from 'micro-bip39'
+import {HDKey} from 'micro-bip32'
 
 export function privateKeyFromSeed(seed) {
-  let hmac = createHmac('sha512', Buffer.from('Nostr seed', 'utf8'))
-  hmac.update(seed)
-  return hmac.digest().slice(0, 32).toString('hex')
+  let root = HDKey.fromMasterSeed(Buffer.from(seed, 'hex'))
+  return Buffer.from(root.derive(`m/44'/1237'/0'/0/0`).privateKey).toString(
+    'hex'
+  )
 }
 
 export function seedFromWords(mnemonic) {
-  return bip39.mnemonicToSeedSync(mnemonic)
+  return Buffer.from(mnemonicToSeedSync(mnemonic)).toString('hex')
 }
 
 export function generateSeedWords() {
-  return bip39.entropyToMnemonic(randomBytes(16).toString('hex'))
+  return generateMnemonic(wordlist)
+}
+
+export function validateWords(words) {
+  return validateMnemonic(words, wordlist)
 }

package.json

@@ -1,18 +1,20 @@
 {
   "name": "nostr-tools",
-  "version": "0.9.0",
+  "version": "0.18.0",
   "description": "Tools for making a Nostr client.",
   "repository": {
     "type": "git",
     "url": "https://github.com/fiatjaf/nostr-tools.git"
   },
   "dependencies": {
+    "@noble/hashes": "^0.5.7",
     "@noble/secp256k1": "^1.3.0",
-    "bip39": "^3.0.4",
-    "buffer": "^6.0.3",
-    "create-hmac": "^1.1.7",
+    "browserify-cipher": ">=1",
+    "buffer": ">=5",
+    "create-hash": "^1.2.0",
     "dns-packet": "^5.2.4",
-    "randombytes": "^2.1.0",
+    "micro-bip32": "^0.1.0",
+    "micro-bip39": "^0.1.3",
     "websocket-polyfill": "^0.0.3"
   },
   "keywords": [
@@ -26,5 +28,9 @@
     "censorship",
     "censorship-resistance",
     "client"
-  ]
+  ],
+  "devDependencies": {
+    "eslint": "^8.5.0",
+    "eslint-plugin-babel": "^5.3.1"
+  }
 }

pool.js

@@ -1,9 +1,18 @@
 import {getEventHash, signEvent} from './event'
 import {relayConnect, normalizeRelayURL} from './relay'
 
-export function relayPool(globalPrivateKey) {
+export function relayPool() {
+  var globalPrivateKey
+  const poolPolicy = {
+    // setting this to a number will cause events to be published to a random
+    // set of relays only, instead of publishing to all relays all the time
+    randomChoice: null,
+
+    // setting this to true will cause .publish() calls to wait until the event has
+    // been published -- or at least attempted to be published -- to all relays
+    wait: false
+  }
   const relays = {}
-  const globalSub = []
   const noticeCallbacks = []
 
   function propagateNotice(notice, relayURL) {
@@ -21,36 +30,41 @@ export function relayPool(globalPrivateKey) {
         .filter(({policy}) => policy.read)
         .map(({relay}) => [
           relay.url,
-          relay.sub({filter, cb: event => cb(event, relay.url)})
+          relay.sub({filter, cb: event => cb(event, relay.url)}, id)
         ])
     )
 
     const activeCallback = cb
     const activeFilters = filter
 
-    activeSubscriptions[id] = {
-      sub: ({cb = activeCallback, filter = activeFilters}) => {
-        Object.entries(subControllers).map(([relayURL, sub]) => [
-          relayURL,
-          sub.sub({cb, filter}, id)
-        ])
-        return activeSubscriptions[id]
-      },
-      addRelay: relay => {
-        subControllers[relay.url] = relay.sub({cb, filter})
-        return activeSubscriptions[id]
-      },
-      removeRelay: relayURL => {
-        if (relayURL in subControllers) {
-          subControllers[relayURL].unsub()
-          if (Object.keys(subControllers).length === 0) unsub()
-        }
-        return activeSubscriptions[id]
-      },
-      unsub: () => {
-        Object.values(subControllers).forEach(sub => sub.unsub())
-        delete activeSubscriptions[id]
+    const unsub = () => {
+      Object.values(subControllers).forEach(sub => sub.unsub())
+      delete activeSubscriptions[id]
+    }
+    const sub = ({cb = activeCallback, filter = activeFilters}) => {
+      Object.entries(subControllers).map(([relayURL, sub]) => [
+        relayURL,
+        sub.sub({cb, filter}, id)
+      ])
+      return activeSubscriptions[id]
+    }
+    const addRelay = relay => {
+      subControllers[relay.url] = relay.sub({cb, filter}, id)
+      return activeSubscriptions[id]
+    }
+    const removeRelay = relayURL => {
+      if (relayURL in subControllers) {
+        subControllers[relayURL].unsub()
+        if (Object.keys(subControllers).length === 0) unsub()
       }
+      return activeSubscriptions[id]
+    }
+
+    activeSubscriptions[id] = {
+      sub,
+      unsub,
+      addRelay,
+      removeRelay
     }
 
     return activeSubscriptions[id]
@@ -62,25 +76,32 @@ export function relayPool(globalPrivateKey) {
     setPrivateKey(privateKey) {
       globalPrivateKey = privateKey
     },
-    async addRelay(url, policy = {read: true, write: true}) {
+    setPolicy(key, value) {
+      poolPolicy[key] = value
+    },
+    addRelay(url, policy = {read: true, write: true}) {
       let relayURL = normalizeRelayURL(url)
       if (relayURL in relays) return
 
-      let relay = await relayConnect(url, notice => {
+      let relay = relayConnect(url, notice => {
         propagateNotice(notice, relayURL)
       })
       relays[relayURL] = {relay, policy}
 
-      Object.values(activeSubscriptions).forEach(subscription =>
-        subscription.addRelay(relay)
-      )
+      if (policy.read) {
+        Object.values(activeSubscriptions).forEach(subscription =>
+          subscription.addRelay(relay)
+        )
+      }
 
       return relay
     },
     removeRelay(url) {
       let relayURL = normalizeRelayURL(url)
-      let {relay} = relays[relayURL]
-      if (!relay) return
+      let data = relays[relayURL]
+      if (!data) return
+
+      let {relay} = data
       Object.values(activeSubscriptions).forEach(subscription =>
         subscription.removeRelay(relay)
       )
@@ -94,12 +115,13 @@ export function relayPool(globalPrivateKey) {
       let index = noticeCallbacks.indexOf(cb)
       if (index !== -1) noticeCallbacks.splice(index, 1)
     },
-    async publish(event, statusCallback = (status, relayURL) => {}) {
+    async publish(event, statusCallback) {
+      event.id = getEventHash(event)
+
       if (!event.sig) {
         event.tags = event.tags || []
 
         if (globalPrivateKey) {
-          event.id = await getEventHash(event)
           event.sig = await signEvent(event, globalPrivateKey)
         } else {
           throw new Error(
@@ -108,17 +130,48 @@ export function relayPool(globalPrivateKey) {
         }
       }
 
-      Object.values(relays)
+      let writeable = Object.values(relays)
         .filter(({policy}) => policy.write)
-        .map(async ({relay}) => {
+        .sort(() => Math.random() - 0.5) // random
+
+      let maxTargets = poolPolicy.randomChoice
+        ? poolPolicy.randomChoice
+        : writeable.length
+
+      let successes = 0
+
+      if (poolPolicy.wait) {
+        for (let i = 0; i < writeable.length; i++) {
+          let {relay} = writeable[i]
+
           try {
-            await relay.publish(event, status =>
-              statusCallback(status, relay.url)
-            )
+            await new Promise(async (resolve, reject) => {
+              try {
+                await relay.publish(event, status => {
+                  if (statusCallback) statusCallback(status, relay.url)
+                  resolve()
+                })
+              } catch (err) {
+                if (statusCallback) statusCallback(-1, relay.url)
+              }
+            })
+
+            successes++
+            if (successes >= maxTargets) {
+              break
+            }
           } catch (err) {
-            statusCallback(-1, relay.url)
+            /***/
           }
+        }
+      } else {
+        writeable.forEach(async ({relay}) => {
+          let callback = statusCallback
+            ? status => statusCallback(status, relay.url)
+            : null
+          relay.publish(event, callback)
         })
+      }
 
       return event
     }

relay.js

@@ -1,16 +1,19 @@
+/* global WebSocket */
+
 import 'websocket-polyfill'
 
-import {verifySignature} from './event'
+import {verifySignature, validateEvent} from './event'
+import {matchFilters} from './filter'
 
 export function normalizeRelayURL(url) {
-  let [host, ...qs] = url.split('?')
+  let [host, ...qs] = url.trim().split('?')
   if (host.slice(0, 4) === 'http') host = 'ws' + host.slice(4)
   if (host.slice(0, 2) !== 'ws') host = 'wss://' + host
   if (host.length && host[host.length - 1] === '/') host = host.slice(0, -1)
   return [host, ...qs].join('?')
 }
 
-export function relayConnect(url, onNotice) {
+export function relayConnect(url, onNotice = () => {}, onError = () => {}) {
   url = normalizeRelayURL(url)
 
   var ws, resolveOpen, untilOpen, wasClosed
@@ -43,8 +46,9 @@ export function relayConnect(url, onNotice) {
         }
       }
     }
-    ws.onerror = () => {
+    ws.onerror = err => {
       console.log('error connecting to relay', url)
+      onError(err)
     }
     ws.onclose = () => {
       resetOpenState()
@@ -88,10 +92,13 @@ export function relayConnect(url, onNotice) {
           let channel = data[1]
           let event = data[2]
 
-          if (await verifySignature(event)) {
-            if (channels[channel]) {
-              channels[channel](event)
-            }
+          if (
+            validateEvent(event) &&
+            verifySignature(event) &&
+            channels[channel] &&
+            matchFilters(openSubs[channel], event)
+          ) {
+            channels[channel](event)
           }
           return
         }
@@ -141,19 +148,26 @@ export function relayConnect(url, onNotice) {
   return {
     url,
     sub,
-    async publish(event, statusCallback = status => {}) {
+    async publish(event, statusCallback) {
       try {
         await trySend(['EVENT', event])
-        statusCallback(0)
-        let {unsub} = relay.sub({
-          cb: () => {
-            statusCallback(1)
-          },
-          filter: {id: event.id}
-        })
-        setTimeout(unsub, 5000)
+        if (statusCallback) {
+          statusCallback(0)
+          let {unsub} = sub(
+            {
+              cb: () => {
+                statusCallback(1)
+                unsub()
+                clearTimeout(willUnsub)
+              },
+              filter: {id: event.id}
+            },
+            `monitor-${event.id.slice(0, 5)}`
+          )
+          let willUnsub = setTimeout(unsub, 5000)
+        }
       } catch (err) {
-        statusCallback(-1)
+        if (statusCallback) statusCallback(-1)
       }
     },
     close() {

utils.js

@@ -1,6 +0,0 @@
-import * as secp256k1 from '@noble/secp256k1'
-
-export const makeRandom32 = () => secp256k1.utils.randomPrivateKey()
-export const sha256 = m => secp256k1.utils.sha256(Uint8Array.from(m))
-export const getPublicKey = privateKey =>
-  secp256k1.schnorr.getPublicKey(privateKey)