v2.3.2

addresses https://github.com/nbd-wtf/nostr-tools/pull/387

.github/workflows/publish.yml

@@ -0,0 +1,18 @@
+name: Publish
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write # The OIDC ID token is used for authentication with JSR.    
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v1
+      - run: bun i
+      - run: npx jsr publish --allow-slow-types

README.md

@@ -266,4 +266,8 @@ This is free and unencumbered software released into the public domain. By submi
 
 ## Contributing to this repository
 
-Use NIP-34 to send your patches to `naddr1qq9kummnw3ez6ar0dak8xqg5waehxw309aex2mrp0yhxummnw3ezucn8qyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueqpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3q80cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsxpqqqpmejdv00jq`.
+Use NIP-34 to send your patches to:
+
+```
+naddr1qq9kummnw3ez6ar0dak8xqg5waehxw309aex2mrp0yhxummnw3ezucn8qyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueqpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3q80cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsxpqqqpmejdv00jq
+```

abstract-pool.ts

@@ -15,11 +15,11 @@ export type SubscribeManyParams = Omit<SubscriptionParams, 'onclose' | 'id'> & {
 
 export class AbstractSimplePool {
   private relays = new Map<string, AbstractRelay>()
-  public seenOn = new Map<string, Set<AbstractRelay>>()
+  public seenOn: Map<string, Set<AbstractRelay>> = new Map()
   public trackRelays: boolean = false
 
   public verifyEvent: Nostr['verifyEvent']
-  public trustedRelayURLs = new Set<string>()
+  public trustedRelayURLs: Set<string> = new Set()
 
   constructor(opts: { verifyEvent: Nostr['verifyEvent'] }) {
     this.verifyEvent = opts.verifyEvent

abstract-relay.ts

@@ -26,7 +26,7 @@ export class AbstractRelay {
 
   public baseEoseTimeout: number = 4400
   public connectionTimeout: number = 4400
-  public openSubs = new Map<string, Subscription>()
+  public openSubs: Map<string, Subscription> = new Map()
   private connectionTimeoutHandle: ReturnType<typeof setTimeout> | undefined
 
   private connectionPromise: Promise<void> | undefined
@@ -44,7 +44,7 @@ export class AbstractRelay {
     this.verifyEvent = opts.verifyEvent
   }
 
-  static async connect(url: string, opts: { verifyEvent: Nostr['verifyEvent'] }) {
+  static async connect(url: string, opts: { verifyEvent: Nostr['verifyEvent'] }): Promise<AbstractRelay> {
     const relay = new AbstractRelay(url, opts)
     await relay.connect()
     return relay
@@ -99,17 +99,20 @@ export class AbstractRelay {
       this.ws.onerror = ev => {
         reject((ev as any).message)
         if (this._connected) {
+          this._connected = false
+          this.connectionPromise = undefined
           this.onclose?.()
           this.closeAllSubscriptions('relay connection errored')
-          this._connected = false
         }
       }
 
       this.ws.onclose = async () => {
-        this.connectionPromise = undefined
+        if (this._connected) {
-        this.onclose?.()
+          this._connected = false
-        this.closeAllSubscriptions('relay connection closed')
+          this.connectionPromise = undefined
-        this._connected = false
+          this.onclose?.()
+          this.closeAllSubscriptions('relay connection closed')
+        }
       }
 
       this.ws.onmessage = this._onmessage.bind(this)
@@ -228,7 +231,7 @@ export class AbstractRelay {
     })
   }
 
-  public async auth(signAuthEvent: (evt: EventTemplate) => Promise<VerifiedEvent>) {
+  public async auth(signAuthEvent: (evt: EventTemplate) => Promise<VerifiedEvent>): Promise<string> {
     if (!this.challenge) throw new Error("can't perform auth, no challenge was received")
     const evt = await signAuthEvent(makeAuthEvent(this.url, this.challenge))
     const ret = new Promise<string>((resolve, reject) => {
@@ -338,7 +341,7 @@ export class Subscription {
   }
 
   public close(reason: string = 'closed by caller') {
-    if (!this.closed) {
+    if (!this.closed && this.relay.connected) {
       // if the connection was closed by the user calling .close() we will send a CLOSE message
       // otherwise this._open will be already set to false so we will skip this
       this.relay.send('["CLOSE",' + JSON.stringify(this.id) + ']')

jsr.json

@@ -0,0 +1,44 @@
+{
+  "name": "@nostr/tools",
+  "version": "2.3.1",
+  "exports": {
+    ".": "./index.ts",
+    "./core": "./core.ts",
+    "./pure": "./pure.ts",
+    "./wasm": "./wasm.ts",
+    "./kinds": "./kinds.ts",
+    "./filter": "./filter.ts",
+    "./abstract-relay": "./abstract-relay.ts",
+    "./relay": "./relay.ts",
+    "./abstract-pool": "./abstract-pool.ts",
+    "./pool": "./pool.ts",
+    "./references": "./references.ts",
+    "./nip04": "./nip04.ts",
+    "./nip05": "./nip05.ts",
+    "./nip06": "./nip06.ts",
+    "./nip10": "./nip10.ts",
+    "./nip11": "./nip11.ts",
+    "./nip13": "./nip13.ts",
+    "./nip18": "./nip18.ts",
+    "./nip19": "./nip19.ts",
+    "./nip21": "./nip21.ts",
+    "./nip25": "./nip25.ts",
+    "./nip27": "./nip27.ts",
+    "./nip28": "./nip28.ts",
+    "./nip29": "./nip29.ts",
+    "./nip30": "./nip30.ts",
+    "./nip39": "./nip39.ts",
+    "./nip42": "./nip42.ts",
+    "./nip44": "./nip44.ts",
+    "./nip46": "./nip46.ts",
+    "./nip49": "./nip49.ts",
+    "./nip57": "./nip57.ts",
+    "./nip75": "./nip75.ts",
+    "./nip94": "./nip94.ts",
+    "./nip96": "./nip96.ts",
+    "./nip98": "./nip98.ts",
+    "./nip99": "./nip99.ts",
+    "./fakejson": "./fakejson.ts",
+    "./utils": "./utils.ts"
+  }
+}

kinds.ts

@@ -1,20 +1,20 @@
 /** Events are **regular**, which means they're all expected to be stored by relays. */
-export function isRegularKind(kind: number) {
+export function isRegularKind(kind: number): boolean {
   return (1000 <= kind && kind < 10000) || [1, 2, 4, 5, 6, 7, 8, 16, 40, 41, 42, 43, 44].includes(kind)
 }
 
 /** Events are **replaceable**, which means that, for each combination of `pubkey` and `kind`, only the latest event is expected to (SHOULD) be stored by relays, older versions are expected to be discarded. */
-export function isReplaceableKind(kind: number) {
+export function isReplaceableKind(kind: number): boolean {
   return [0, 3].includes(kind) || (10000 <= kind && kind < 20000)
 }
 
 /** Events are **ephemeral**, which means they are not expected to be stored by relays. */
-export function isEphemeralKind(kind: number) {
+export function isEphemeralKind(kind: number): boolean {
   return 20000 <= kind && kind < 30000
 }
 
 /** Events are **parameterized replaceable**, which means that, for each combination of `pubkey`, `kind` and the `d` tag, only the latest event is expected to be stored by relays, older versions are expected to be discarded. */
-export function isParameterizedReplaceableKind(kind: number) {
+export function isParameterizedReplaceableKind(kind: number): boolean {
   return 30000 <= kind && kind < 40000
 }
 
@@ -78,7 +78,6 @@ export const ClientAuth = 22242
 export const NWCWalletRequest = 23194
 export const NWCWalletResponse = 23195
 export const NostrConnect = 24133
-export const NostrConnectAdmin = 24134
 export const HTTPAuth = 27235
 export const Followsets = 30000
 export const Genericlists = 30001

nip04.test.ts

@@ -1,18 +1,9 @@
 import { test, expect } from 'bun:test'
-import crypto from 'node:crypto'
 
 import { encrypt, decrypt } from './nip04.ts'
 import { getPublicKey, generateSecretKey } from './pure.ts'
 import { bytesToHex, hexToBytes } from '@noble/hashes/utils'
 
-try {
-  // @ts-ignore
-  // eslint-disable-next-line no-undef
-  globalThis.crypto = crypto
-} catch (err) {
-  /***/
-}
-
 test('encrypt and decrypt message', async () => {
   let sk1 = generateSecretKey()
   let sk2 = generateSecretKey()

nip04.ts

@@ -1,15 +1,10 @@
 import { bytesToHex, randomBytes } from '@noble/hashes/utils'
 import { secp256k1 } from '@noble/curves/secp256k1'
+import { cbc } from '@noble/ciphers/aes'
 import { base64 } from '@scure/base'
 
 import { utf8Decoder, utf8Encoder } from './utils.ts'
 
-// @ts-ignore
-if (typeof crypto !== 'undefined' && !crypto.subtle && crypto.webcrypto) {
-  // @ts-ignore
-  crypto.subtle = crypto.webcrypto.subtle
-}
-
 export async function encrypt(secretKey: string | Uint8Array, pubkey: string, text: string): Promise<string> {
   const privkey: string = secretKey instanceof Uint8Array ? bytesToHex(secretKey) : secretKey
   const key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
@@ -17,8 +12,9 @@ export async function encrypt(secretKey: string | Uint8Array, pubkey: string, te
 
   let iv = Uint8Array.from(randomBytes(16))
   let plaintext = utf8Encoder.encode(text)
-  let cryptoKey = await crypto.subtle.importKey('raw', normalizedKey, { name: 'AES-CBC' }, false, ['encrypt'])
+
-  let ciphertext = await crypto.subtle.encrypt({ name: 'AES-CBC', iv }, cryptoKey, plaintext)
+  let ciphertext = cbc(normalizedKey, iv).encrypt(plaintext)
+
   let ctb64 = base64.encode(new Uint8Array(ciphertext))
   let ivb64 = base64.encode(new Uint8Array(iv.buffer))
 
@@ -31,14 +27,12 @@ export async function decrypt(secretKey: string | Uint8Array, pubkey: string, da
   let key = secp256k1.getSharedSecret(privkey, '02' + pubkey)
   let normalizedKey = getNormalizedX(key)
 
-  let cryptoKey = await crypto.subtle.importKey('raw', normalizedKey, { name: 'AES-CBC' }, false, ['decrypt'])
-  let ciphertext = base64.decode(ctb64)
   let iv = base64.decode(ivb64)
+  let ciphertext = base64.decode(ctb64)
 
-  let plaintext = await crypto.subtle.decrypt({ name: 'AES-CBC', iv }, cryptoKey, ciphertext)
+  let plaintext = cbc(normalizedKey, iv).decrypt(ciphertext)
 
-  let text = utf8Decoder.decode(plaintext)
+  return utf8Decoder.decode(plaintext)
-  return text
 }
 
 function getNormalizedX(key: Uint8Array): Uint8Array {

nip11.test.ts

@@ -9,7 +9,7 @@ describe('requesting relay as for NIP11', () => {
   test('testing a relay', async () => {
     const info = await fetchRelayInformation('wss://atlas.nostr.land')
     expect(info.name).toEqual('nostr.land')
-    expect(info.description).toEqual('nostr.land family of relays (us-or-01)')
+    expect(info.description).toContain('nostr.land family')
     expect(info.fees).toBeTruthy()
     expect(info.supported_nips).toEqual([1, 2, 4, 9, 11, 12, 16, 20, 22, 28, 33, 40])
     expect(info.software).toEqual('custom')

nip11.ts

@@ -4,11 +4,11 @@ try {
   _fetch = fetch
 } catch {}
 
-export function useFetchImplementation(fetchImplementation: any) {
+export function useFetchImplementation(fetchImplementation: any): void {
   _fetch = fetchImplementation
 }
 
-export async function fetchRelayInformation(url: string) {
+export async function fetchRelayInformation(url: string): Promise<RelayInformation> {
   return (await (
     await fetch(url.replace('ws://', 'http://').replace('wss://', 'https://'), {
       headers: { Accept: 'application/nostr+json' },

nip21.ts

@@ -1,7 +1,7 @@
 import { BECH32_REGEX, decode, type DecodeResult } from './nip19.ts'
 
 /** Nostr URI regex, eg `nostr:npub1...` */
-export const NOSTR_URI_REGEX = new RegExp(`nostr:(${BECH32_REGEX.source})`)
+export const NOSTR_URI_REGEX: RegExp = new RegExp(`nostr:(${BECH32_REGEX.source})`)
 
 /** Test whether the value is a Nostr URI. */
 export function test(value: unknown): value is `nostr:${string}` {

nip27.ts

@@ -2,7 +2,7 @@ import { decode } from './nip19.ts'
 import { NOSTR_URI_REGEX, type NostrURI } from './nip21.ts'
 
 /** Regex to find NIP-21 URIs inside event content. */
-export const regex = () => new RegExp(`\\b${NOSTR_URI_REGEX.source}\\b`, 'g')
+export const regex = (): RegExp => new RegExp(`\\b${NOSTR_URI_REGEX.source}\\b`, 'g')
 
 /** Match result for a Nostr URI in event content. */
 export interface NostrURIMatch extends NostrURI {

nip30.ts

@@ -2,7 +2,7 @@
 export const EMOJI_SHORTCODE_REGEX = /:(\w+):/
 
 /** Regex to find emoji shortcodes in content. */
-export const regex = () => new RegExp(`\\B${EMOJI_SHORTCODE_REGEX.source}\\B`, 'g')
+export const regex = (): RegExp => new RegExp(`\\B${EMOJI_SHORTCODE_REGEX.source}\\B`, 'g')
 
 /** Represents a Nostr custom emoji. */
 export interface CustomEmoji {

nip44.ts

@@ -1,5 +1,5 @@
 import { chacha20 } from '@noble/ciphers/chacha'
-import { ensureBytes, equalBytes } from '@noble/ciphers/utils'
+import { equalBytes } from '@noble/ciphers/utils'
 import { secp256k1 } from '@noble/curves/secp256k1'
 import { extract as hkdf_extract, expand as hkdf_expand } from '@noble/hashes/hkdf'
 import { hmac } from '@noble/hashes/hmac'
@@ -8,56 +8,59 @@ import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'
 import { base64 } from '@scure/base'
 
 const decoder = new TextDecoder()
-const u = {
-  minPlaintextSize: 0x0001, // 1b msg => padded to 32b
-  maxPlaintextSize: 0xffff, // 65535 (64kb-1) => padded to 64kb
 
-  utf8Encode: utf8ToBytes,
+class u {
-  utf8Decode(bytes: Uint8Array) {
+  static minPlaintextSize = 0x0001 // 1b msg => padded to 32b
+  static maxPlaintextSize = 0xffff // 65535 (64kb-1) => padded to 64kb
+
+  static utf8Encode = utf8ToBytes
+
+  static utf8Decode(bytes: Uint8Array): string {
     return decoder.decode(bytes)
-  },
+  }
 
-  getConversationKey(privkeyA: string, pubkeyB: string): Uint8Array {
+  static getConversationKey(privkeyA: string, pubkeyB: string): Uint8Array {
     const sharedX = secp256k1.getSharedSecret(privkeyA, '02' + pubkeyB).subarray(1, 33)
     return hkdf_extract(sha256, sharedX, 'nip44-v2')
-  },
+  }
 
-  getMessageKeys(conversationKey: Uint8Array, nonce: Uint8Array) {
+  static getMessageKeys(
-    ensureBytes(conversationKey, 32)
+    conversationKey: Uint8Array,
-    ensureBytes(nonce, 32)
+    nonce: Uint8Array,
+  ): { chacha_key: Uint8Array; chacha_nonce: Uint8Array; hmac_key: Uint8Array } {
     const keys = hkdf_expand(sha256, conversationKey, nonce, 76)
     return {
       chacha_key: keys.subarray(0, 32),
       chacha_nonce: keys.subarray(32, 44),
       hmac_key: keys.subarray(44, 76),
     }
-  },
+  }
 
-  calcPaddedLen(len: number): number {
+  static calcPaddedLen(len: number): number {
     if (!Number.isSafeInteger(len) || len < 1) throw new Error('expected positive integer')
     if (len <= 32) return 32
     const nextPower = 1 << (Math.floor(Math.log2(len - 1)) + 1)
     const chunk = nextPower <= 256 ? 32 : nextPower / 8
     return chunk * (Math.floor((len - 1) / chunk) + 1)
-  },
+  }
 
-  writeU16BE(num: number) {
+  static writeU16BE(num: number): Uint8Array {
     if (!Number.isSafeInteger(num) || num < u.minPlaintextSize || num > u.maxPlaintextSize)
       throw new Error('invalid plaintext size: must be between 1 and 65535 bytes')
     const arr = new Uint8Array(2)
     new DataView(arr.buffer).setUint16(0, num, false)
     return arr
-  },
+  }
 
-  pad(plaintext: string): Uint8Array {
+  static pad(plaintext: string): Uint8Array {
     const unpadded = u.utf8Encode(plaintext)
     const unpaddedLen = unpadded.length
     const prefix = u.writeU16BE(unpaddedLen)
     const suffix = new Uint8Array(u.calcPaddedLen(unpaddedLen) - unpaddedLen)
     return concatBytes(prefix, unpadded, suffix)
-  },
+  }
 
-  unpad(padded: Uint8Array): string {
+  static unpad(padded: Uint8Array): string {
     const unpaddedLen = new DataView(padded.buffer).getUint16(0)
     const unpadded = padded.subarray(2, 2 + unpaddedLen)
     if (
@@ -68,13 +71,13 @@ const u = {
     )
       throw new Error('invalid padding')
     return u.utf8Decode(unpadded)
-  },
+  }
 
-  hmacAad(key: Uint8Array, message: Uint8Array, aad: Uint8Array) {
+  static hmacAad(key: Uint8Array, message: Uint8Array, aad: Uint8Array): Uint8Array {
     if (aad.length !== 32) throw new Error('AAD associated data must be 32 bytes')
     const combined = concatBytes(aad, message)
     return hmac(sha256, key, combined)
-  },
+  }
 
   // metadata: always 65b (version: 1b, nonce: 32b, max: 32b)
   // plaintext: 1b to 0xffff
@@ -82,7 +85,7 @@ const u = {
   // ciphertext: 32b+2 to 0xffff+2
   // raw payload: 99 (65+32+2) to 65603 (65+0xffff+2)
   // compressed payload (base64): 132b to 87472b
-  decodePayload(payload: string) {
+  static decodePayload(payload: string): { nonce: Uint8Array; ciphertext: Uint8Array; mac: Uint8Array } {
     if (typeof payload !== 'string') throw new Error('payload must be a valid string')
     const plen = payload.length
     if (plen < 132 || plen > 87472) throw new Error('invalid payload length: ' + plen)
@@ -102,30 +105,28 @@ const u = {
       ciphertext: data.subarray(33, -32),
       mac: data.subarray(-32),
     }
-  },
+  }
 }
 
-function encrypt(plaintext: string, conversationKey: Uint8Array, nonce = randomBytes(32)): string {
+export class v2 {
-  const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
+  static utils = u
-  const padded = u.pad(plaintext)
-  const ciphertext = chacha20(chacha_key, chacha_nonce, padded)
-  const mac = u.hmacAad(hmac_key, ciphertext, nonce)
-  return base64.encode(concatBytes(new Uint8Array([2]), nonce, ciphertext, mac))
-}
 
-function decrypt(payload: string, conversationKey: Uint8Array): string {
+  static encrypt(plaintext: string, conversationKey: Uint8Array, nonce: Uint8Array = randomBytes(32)): string {
-  const { nonce, ciphertext, mac } = u.decodePayload(payload)
+    const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
-  const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
+    const padded = u.pad(plaintext)
-  const calculatedMac = u.hmacAad(hmac_key, ciphertext, nonce)
+    const ciphertext = chacha20(chacha_key, chacha_nonce, padded)
-  if (!equalBytes(calculatedMac, mac)) throw new Error('invalid MAC')
+    const mac = u.hmacAad(hmac_key, ciphertext, nonce)
-  const padded = chacha20(chacha_key, chacha_nonce, ciphertext)
+    return base64.encode(concatBytes(new Uint8Array([2]), nonce, ciphertext, mac))
-  return u.unpad(padded)
+  }
-}
 
-export const v2 = {
+  static decrypt(payload: string, conversationKey: Uint8Array): string {
-  utils: u,
+    const { nonce, ciphertext, mac } = u.decodePayload(payload)
-  encrypt,
+    const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
-  decrypt,
+    const calculatedMac = u.hmacAad(hmac_key, ciphertext, nonce)
+    if (!equalBytes(calculatedMac, mac)) throw new Error('invalid MAC')
+    const padded = chacha20(chacha_key, chacha_nonce, ciphertext)
+    return u.unpad(padded)
+  }
 }
 
 export default { v2 }

nip46.ts

@@ -4,7 +4,7 @@ import { AbstractSimplePool, SubCloser } from './abstract-pool.ts'
 import { decrypt, encrypt } from './nip04.ts'
 import { NIP05_REGEX } from './nip05.ts'
 import { SimplePool } from './pool.ts'
-import { Handlerinformation, NostrConnect, NostrConnectAdmin } from './kinds.ts'
+import { Handlerinformation, NostrConnect } from './kinds.ts'
 import { hexToBytes } from '@noble/hashes/utils'
 
 var _fetch: any
@@ -83,6 +83,7 @@ export class BunkerSigner {
       reject: (_: string) => void
     }
   }
+  private waitingForAuth: { [id: string]: boolean }
   private secretKey: Uint8Array
   public bp: BunkerPointer
 
@@ -104,17 +105,21 @@ export class BunkerSigner {
     this.idPrefix = Math.random().toString(36).substring(7)
     this.serial = 0
     this.listeners = {}
+    this.waitingForAuth = {}
 
     const listeners = this.listeners
+    const waitingForAuth = this.waitingForAuth
 
     this.subCloser = this.pool.subscribeMany(
       this.bp.relays,
-      [{ kinds: [NostrConnect, NostrConnectAdmin], '#p': [getPublicKey(this.secretKey)] }],
+      [{ kinds: [NostrConnect], '#p': [getPublicKey(this.secretKey)] }],
       {
         async onevent(event: NostrEvent) {
           const { id, result, error } = JSON.parse(await decrypt(clientSecretKey, event.pubkey, event.content))
 
-          if (result === 'auth_url') {
+          if (result === 'auth_url' && waitingForAuth[id]) {
+            delete waitingForAuth[id]
+
             if (params.onauth) {
               params.onauth(error)
             } else {
@@ -155,7 +160,7 @@ export class BunkerSigner {
         // the request event
         const verifiedEvent: VerifiedEvent = finalizeEvent(
           {
-            kind: method === 'create_account' ? NostrConnectAdmin : NostrConnect,
+            kind: NostrConnect,
             tags: [['p', this.bp.pubkey]],
             content: encryptedContent,
             created_at: Math.floor(Date.now() / 1000),
@@ -165,6 +170,7 @@ export class BunkerSigner {
 
         // setup callback listener
         this.listeners[id] = { resolve, reject }
+        this.waitingForAuth[id] = true
 
         // publish the event
         await Promise.any(this.pool.publish(this.bp.relays, verifiedEvent))
@@ -273,22 +279,35 @@ export async function createAccount(
   return rpc
 }
 
+// @deprecated use fetchBunkerProviders instead
+export const fetchCustodialBunkers = fetchBunkerProviders
+
 /**
  * Fetches info on available providers that announce themselves using NIP-89 events.
  * @returns A promise that resolves to an array of available bunker objects.
  */
-export async function fetchCustodialBunkers(pool: AbstractSimplePool, relays: string[]): Promise<BunkerProfile[]> {
+export async function fetchBunkerProviders(pool: AbstractSimplePool, relays: string[]): Promise<BunkerProfile[]> {
   const events = await pool.querySync(relays, {
     kinds: [Handlerinformation],
     '#k': [NostrConnect.toString()],
   })
 
+  events.sort((a, b) => b.created_at - a.created_at)
+
   // validate bunkers by checking their NIP-05 and pubkey
   // map to a more useful object
   const validatedBunkers = await Promise.all(
-    events.map(async event => {
+    events.map(async (event, i) => {
       try {
         const content = JSON.parse(event.content)
+
+        // skip duplicates
+        try {
+          if (events.findIndex(ev => JSON.parse(ev.content).nip05 === content.nip05) !== i) return undefined
+        } catch (err) {
+          /***/
+        }
+
         const bp = await queryBunkerProfile(content.nip05)
         if (bp && bp.pubkey === event.pubkey && bp.relays.length) {
           return {

nip47.test.ts

@@ -1,14 +1,9 @@
-import crypto from 'node:crypto'
 import { describe, test, expect } from 'bun:test'
 import { hexToBytes } from '@noble/hashes/utils'
 import { makeNwcRequestEvent, parseConnectionString } from './nip47'
 import { decrypt } from './nip04.ts'
 import { NWCWalletRequest } from './kinds.ts'
 
-// @ts-ignore
-// eslint-disable-next-line no-undef
-globalThis.crypto = crypto
-
 describe('parseConnectionString', () => {
   test('returns pubkey, relay, and secret if connection string is valid', () => {
     const connectionString =

nip47.ts

@@ -1,8 +1,14 @@
-import { finalizeEvent } from './pure.ts'
+import { type VerifiedEvent, finalizeEvent } from './pure.ts'
 import { NWCWalletRequest } from './kinds.ts'
 import { encrypt } from './nip04.ts'
 
-export function parseConnectionString(connectionString: string) {
+interface NWCConnection {
+  pubkey: string
+  relay: string
+  secret: string
+}
+
+export function parseConnectionString(connectionString: string): NWCConnection {
   const { pathname, searchParams } = new URL(connectionString)
   const pubkey = pathname
   const relay = searchParams.get('relay')
@@ -15,7 +21,11 @@ export function parseConnectionString(connectionString: string) {
   return { pubkey, relay, secret }
 }
 
-export async function makeNwcRequestEvent(pubkey: string, secretKey: Uint8Array, invoice: string) {
+export async function makeNwcRequestEvent(
+  pubkey: string,
+  secretKey: Uint8Array,
+  invoice: string,
+): Promise<VerifiedEvent> {
   const content = {
     method: 'pay_invoice',
     params: {

nip96.ts

@@ -1,5 +1,7 @@
+import { sha256 } from '@noble/hashes/sha256'
 import { EventTemplate } from './core'
 import { FileServerPreference } from './kinds'
+import { bytesToHex } from '@noble/hashes/utils'
 
 /**
  * Represents the configuration for a server compliant with NIP-96.
@@ -576,15 +578,5 @@ export function generateFSPEventTemplate(serverUrls: string[]): EventTemplate {
  * @returns A promise that resolves to the SHA-256 hash of the file.
  */
 export async function calculateFileHash(file: Blob): Promise<string> {
-  // Read the file as an ArrayBuffer
+  return bytesToHex(sha256(new Uint8Array(await file.arrayBuffer())))
-  const buffer = await file.arrayBuffer()
-
-  // Calculate the SHA-256 hash of the file
-  const hashBuffer = await crypto.subtle.digest('SHA-256', buffer)
-
-  // Convert the hash to a hexadecimal string
-  const hashArray = Array.from(new Uint8Array(hashBuffer))
-  const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('')
-
-  return hashHex
 }

package.json

@@ -1,7 +1,7 @@
 {
   "type": "module",
   "name": "nostr-tools",
-  "version": "2.2.0",
+  "version": "2.3.2",
   "description": "Tools for making a Nostr client.",
   "repository": {
     "type": "git",
@@ -208,7 +208,7 @@
   },
   "license": "Unlicense",
   "dependencies": {
-    "@noble/ciphers": "0.2.0",
+    "@noble/ciphers": "^0.5.1",
     "@noble/curves": "1.2.0",
     "@noble/hashes": "1.3.1",
     "@scure/base": "1.1.1",

pure.ts

@@ -50,7 +50,7 @@ export function getEventHash(event: UnsignedEvent): string {
   return bytesToHex(eventHash)
 }
 
-const i = new JS()
+const i: JS = new JS()
 
 export const generateSecretKey = i.generateSecretKey
 export const getPublicKey = i.getPublicKey

relay.ts

@@ -13,7 +13,7 @@ export class Relay extends AbstractRelay {
     super(url, { verifyEvent })
   }
 
-  static async connect(url: string) {
+  static async connect(url: string): Promise<Relay> {
     const relay = new Relay(url)
     await relay.connect()
     return relay

tsconfig.json

@@ -5,7 +5,7 @@
     "lib": ["dom", "dom.iterable", "esnext"],
     "declaration": true,
     "strict": true,
-    "moduleResolution": "node",
+    "moduleResolution": "Bundler",
     "skipLibCheck": true,
     "esModuleInterop": true,
     "emitDeclarationOnly": true,

utils.ts

@@ -1,7 +1,7 @@
 import type { Event } from './core.ts'
 
-export const utf8Decoder = new TextDecoder('utf-8')
+export const utf8Decoder: TextDecoder = new TextDecoder('utf-8')
-export const utf8Encoder = new TextEncoder()
+export const utf8Encoder: TextEncoder = new TextEncoder()
 
 export function normalizeURL(url: string): string {
   if (url.indexOf('://') === -1) url = 'wss://' + url
@@ -14,7 +14,7 @@ export function normalizeURL(url: string): string {
   return p.toString()
 }
 
-export function insertEventIntoDescendingList(sortedArray: Event[], event: Event) {
+export function insertEventIntoDescendingList(sortedArray: Event[], event: Event): Event[] {
   const [idx, found] = binarySearch(sortedArray, b => {
     if (event.id === b.id) return 0
     if (event.created_at === b.created_at) return -1
@@ -26,7 +26,7 @@ export function insertEventIntoDescendingList(sortedArray: Event[], event: Event
   return sortedArray
 }
 
-export function insertEventIntoAscendingList(sortedArray: Event[], event: Event) {
+export function insertEventIntoAscendingList(sortedArray: Event[], event: Event): Event[] {
   const [idx, found] = binarySearch(sortedArray, b => {
     if (event.id === b.id) return 0
     if (event.created_at === b.created_at) return -1