chore: use describe block to group NostrTypeGuard tests

this way we don't need to repeat NostrTypeGuard in each tests description

.devcontainer/Dockerfile

@@ -0,0 +1,19 @@
+FROM node:20
+
+RUN npm install typescript eslint prettier -g
+
+# Install bun
+RUN curl -fsSL https://bun.sh/install | bash
+
+# Install just
+WORKDIR /usr/bin
+RUN wget https://github.com/casey/just/releases/download/1.26.0/just-1.26.0-x86_64-unknown-linux-musl.tar.gz
+RUN tar -xzf just-1.26.0-x86_64-unknown-linux-musl.tar.gz
+RUN chmod +x ./just
+RUN rm just-1.26.0-x86_64-unknown-linux-musl.tar.gz
+
+WORKDIR /nostr-tools
+ENV LANG C.UTF-8
+
+# The run the start script
+CMD [ "/bin/bash" ]

.devcontainer/devcontainer.json

@@ -0,0 +1,19 @@
+{
+  "name": "Nostr Tools",
+  "dockerComposeFile": [
+    "docker-compose.yml"
+  ],
+  "service": "nostr-tools-dev",
+  "workspaceFolder": "/nostr-tools",
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-vscode.vscode-typescript-next",
+        "eamodio.gitlens",
+        "dbaeumer.vscode-eslint",
+        "manishsencha.readme-preview",
+        "wix.vscode-import-cost"
+      ]
+    }
+  }
+}

.devcontainer/docker-compose.yml

@@ -0,0 +1,13 @@
+version: '3.9'
+
+services:
+  nostr-tools-dev:
+    image: nostr-tools-dev
+    container_name: nostr-tools-dev
+    build:
+      context: ../.
+      dockerfile: ./.devcontainer/Dockerfile
+    working_dir: /nostr-tools
+    volumes:
+      - ..:/nostr-tools:cached
+    tty: true

.eslintrc.json

@@ -116,7 +116,8 @@
     "no-unexpected-multiline": 2,
     "no-unneeded-ternary": [2, { "defaultAssignment": false }],
     "no-unreachable": 2,
-    "no-unused-vars": [2, { "vars": "local", "args": "none", "varsIgnorePattern": "^_" }],
+    "no-unused-vars": "off",
+    "@typescript-eslint/no-unused-vars": [2, { "vars": "local", "args": "none", "varsIgnorePattern": "^_" }],
     "no-useless-call": 2,
     "no-useless-constructor": 2,
     "no-with": 2,

README.md

@@ -4,7 +4,7 @@ Tools for developing [Nostr](https://github.com/fiatjaf/nostr) clients.
 
 Only depends on _@scure_ and _@noble_ packages.
 
-This package is only providing lower-level functionality. If you want an easy-to-use fully-fledged solution that abstracts the hard parts of Nostr and makes decisions on your behalf, take a look at [NDK](https://github.com/nostr-dev-kit/ndk) and [@snort/system](https://www.npmjs.com/package/@snort/system).
+This package is only providing lower-level functionality. If you want more higher-level features, take a look at [Nostrify](https://nostrify.dev), or if you want an easy-to-use fully-fledged solution that abstracts the hard parts of Nostr and makes decisions on your behalf, take a look at [NDK](https://github.com/nostr-dev-kit/ndk) and [@snort/system](https://www.npmjs.com/package/@snort/system).
 
 ## Installation
 
@@ -30,7 +30,7 @@ To get the secret key in hex format, use
 ```js
 import { bytesToHex, hexToBytes } from '@noble/hashes/utils' // already an installed dependency
 
-let skHex = bytesToHex(sk) 
+let skHex = bytesToHex(sk)
 let backToBytes = hexToBytes(skHex)
 ```
 
@@ -76,7 +76,7 @@ const sub = relay.subscribe([
 let sk = generateSecretKey()
 let pk = getPublicKey(sk)
 
-relay.sub([
+relay.subscribe([
   {
     kinds: [1],
     authors: [pk],
@@ -104,8 +104,11 @@ relay.close()
 To use this on Node.js you first must install `ws` and call something like this:
 
 ```js
-import { useWebSocketImplementation } from 'nostr-tools/relay'
-useWebSocketImplementation(require('ws'))
+import { useWebSocketImplementation } from 'nostr-tools/pool'
+// or import { useWebSocketImplementation } from 'nostr-tools/relay' if you're using the Relay directly
+
+import WebSocket from 'ws'
+useWebSocketImplementation(WebSocket)
 ```
 
 ### Interacting with multiple relays
@@ -183,6 +186,43 @@ import { useFetchImplementation } from 'nostr-tools/nip05'
 useFetchImplementation(require('node-fetch'))
 ```
 
+### Including NIP-07 types
+```js
+import type { WindowNostr } from 'nostr-tools/nip07'
+
+declare global {
+  interface Window {
+    nostr?: WindowNostr;
+  }
+}
+```
+
+
+### Generating NIP-06 keys
+```js
+import {
+  privateKeyFromSeedWords,
+  accountFromSeedWords,
+  extendedKeysFromSeedWords,
+  accountFromExtendedKey
+} from 'nostr-tools/nip06'
+
+const mnemonic = 'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo wrong'
+const passphrase = '123' // optional
+const accountIndex = 0
+const sk0 = privateKeyFromSeedWords(mnemonic, passphrase, accountIndex)
+
+const { privateKey: sk1, publicKey: pk1 } = accountFromSeedWords(mnemonic, passphrase, accountIndex)
+
+const extendedAccountIndex = 0
+
+const { privateExtendedKey, publicExtendedKey } = extendedKeysFromSeedWords(mnemonic, passphrase, extendedAccountIndex)
+
+const { privateKey: sk2, publicKey: pk2 } = accountFromExtendedKey(privateExtendedKey)
+
+const { publicKey: pk3 } = accountFromExtendedKey(publicExtendedKey)
+```
+
 ### Encoding and decoding NIP-19 codes
 
 ```js

abstract-pool.ts

@@ -1,4 +1,11 @@
-import { AbstractRelay as AbstractRelay, SubscriptionParams, Subscription } from './abstract-relay.ts'
+/* global WebSocket */
+
+import {
+  AbstractRelay as AbstractRelay,
+  SubscriptionParams,
+  Subscription,
+  type AbstractRelayConstructorOptions,
+} from './abstract-relay.ts'
 import { normalizeURL } from './utils.ts'
 
 import type { Event, Nostr } from './core.ts'
@@ -7,6 +14,8 @@ import { alwaysTrue } from './helpers.ts'
 
 export type SubCloser = { close: () => void }
 
+export type AbstractPoolConstructorOptions = AbstractRelayConstructorOptions & {}
+
 export type SubscribeManyParams = Omit<SubscriptionParams, 'onclose' | 'id'> & {
   maxWait?: number
   onclose?: (reasons: string[]) => void
@@ -14,15 +23,18 @@ export type SubscribeManyParams = Omit<SubscriptionParams, 'onclose' | 'id'> & {
 }
 
 export class AbstractSimplePool {
-  private relays = new Map<string, AbstractRelay>()
+  protected relays = new Map<string, AbstractRelay>()
   public seenOn: Map<string, Set<AbstractRelay>> = new Map()
   public trackRelays: boolean = false
 
   public verifyEvent: Nostr['verifyEvent']
   public trustedRelayURLs: Set<string> = new Set()
 
-  constructor(opts: { verifyEvent: Nostr['verifyEvent'] }) {
+  private _WebSocket?: typeof WebSocket
+
+  constructor(opts: AbstractPoolConstructorOptions) {
     this.verifyEvent = opts.verifyEvent
+    this._WebSocket = opts.websocketImplementation
   }
 
   async ensureRelay(url: string, params?: { connectionTimeout?: number }): Promise<AbstractRelay> {
@@ -32,6 +44,7 @@ export class AbstractSimplePool {
     if (!relay) {
       relay = new AbstractRelay(url, {
         verifyEvent: this.trustedRelayURLs.has(url) ? alwaysTrue : this.verifyEvent,
+        websocketImplementation: this._WebSocket,
       })
       if (params?.connectionTimeout) relay.connectionTimeout = params.connectionTimeout
       this.relays.set(url, relay)
@@ -192,7 +205,29 @@ export class AbstractSimplePool {
       }
 
       let r = await this.ensureRelay(url)
-      return r.publish(event)
+      return r.publish(event).then(reason => {
+        if (this.trackRelays) {
+          let set = this.seenOn.get(event.id)
+          if (!set) {
+            set = new Set()
+            this.seenOn.set(event.id, set)
+          }
+          set.add(r)
+        }
+        return reason
+      })
     })
   }
+
+  listConnectionStatus(): Map<string, boolean> {
+    const map = new Map<string, boolean>()
+    this.relays.forEach((relay, url) => map.set(url, relay.connected))
+
+    return map
+  }
+
+  destroy(): void {
+    this.relays.forEach(conn => conn.close())
+    this.relays = new Map()
+  }
 }

abstract-relay.ts

@@ -7,14 +7,9 @@ import { Queue, normalizeURL } from './utils.ts'
 import { makeAuthEvent } from './nip42.ts'
 import { yieldThread } from './helpers.ts'
 
-var _WebSocket: typeof WebSocket
-
-try {
-  _WebSocket = WebSocket
-} catch {}
-
-export function useWebSocketImplementation(websocketImplementation: any) {
-  _WebSocket = websocketImplementation
+export type AbstractRelayConstructorOptions = {
+  verifyEvent: Nostr['verifyEvent']
+  websocketImplementation?: typeof WebSocket
 }
 
 export class AbstractRelay {
@@ -42,12 +37,15 @@ export class AbstractRelay {
   private serial: number = 0
   private verifyEvent: Nostr['verifyEvent']
 
-  constructor(url: string, opts: { verifyEvent: Nostr['verifyEvent'] }) {
+  private _WebSocket: typeof WebSocket
+
+  constructor(url: string, opts: AbstractRelayConstructorOptions) {
     this.url = normalizeURL(url)
     this.verifyEvent = opts.verifyEvent
+    this._WebSocket = opts.websocketImplementation || WebSocket
   }
 
-  static async connect(url: string, opts: { verifyEvent: Nostr['verifyEvent'] }): Promise<AbstractRelay> {
+  static async connect(url: string, opts: AbstractRelayConstructorOptions): Promise<AbstractRelay> {
     const relay = new AbstractRelay(url, opts)
     await relay.connect()
     return relay
@@ -87,7 +85,7 @@ export class AbstractRelay {
       }, this.connectionTimeout)
 
       try {
-        this.ws = new _WebSocket(this.url)
+        this.ws = new this._WebSocket(this.url)
       } catch (err) {
         reject(err)
         return
@@ -100,7 +98,7 @@ export class AbstractRelay {
       }
 
       this.ws.onerror = ev => {
-        reject((ev as any).message)
+        reject((ev as any).message || 'websocket error')
         if (this._connected) {
           this._connected = false
           this.connectionPromise = undefined
@@ -259,7 +257,7 @@ export class AbstractRelay {
     const ret = new Promise<number>((resolve, reject) => {
       this.openCountRequests.set(id, { resolve, reject })
     })
-    this.send('["COUNT","' + id + '",' + JSON.stringify(filters) + ']')
+    this.send('["COUNT","' + id + '",' + JSON.stringify(filters).substring(1))
     return ret
   }
 

core.test.ts

@@ -1,5 +1,4 @@
 import { test, expect } from 'bun:test'
-
 import { sortEvents } from './core.ts'
 
 test('sortEvents', () => {

filter.test.ts

@@ -13,7 +13,6 @@ describe('Filter', () => {
         until: 200,
         '#tag': ['value'],
       }
-
       const event = buildEvent({
         id: '123',
         kind: 1,
@@ -21,39 +20,21 @@ describe('Filter', () => {
         created_at: 150,
         tags: [['tag', 'value']],
       })
-
       const result = matchFilter(filter, event)
-
       expect(result).toEqual(true)
     })
 
     test('should return false when the event id is not in the filter', () => {
       const filter = { ids: ['123', '456'] }
-
       const event = buildEvent({ id: '789' })
-
       const result = matchFilter(filter, event)
-
       expect(result).toEqual(false)
     })
 
-    test('should return true when the event id starts with a prefix', () => {
-      const filter = { ids: ['22', '00'] }
-
-      const event = buildEvent({ id: '001' })
-
-      const result = matchFilter(filter, event)
-
-      expect(result).toEqual(true)
-    })
-
     test('should return false when the event kind is not in the filter', () => {
       const filter = { kinds: [1, 2, 3] }
-
       const event = buildEvent({ kind: 4 })
-
       const result = matchFilter(filter, event)
-
       expect(result).toEqual(false)
     })
 
@@ -154,25 +135,8 @@ describe('Filter', () => {
         { ids: ['456'], kinds: [2], authors: ['def'] },
         { ids: ['789'], kinds: [3], authors: ['ghi'] },
       ]
-
       const event = buildEvent({ id: '789', kind: 3, pubkey: 'ghi' })
-
       const result = matchFilters(filters, event)
-
-      expect(result).toEqual(true)
-    })
-
-    test('should return true when at least one prefix matches the event', () => {
-      const filters = [
-        { ids: ['1'], kinds: [1], authors: ['a'] },
-        { ids: ['4'], kinds: [2], authors: ['d'] },
-        { ids: ['9'], kinds: [3], authors: ['g'] },
-      ]
-
-      const event = buildEvent({ id: '987', kind: 3, pubkey: 'ghi' })
-
-      const result = matchFilters(filters, event)
-
       expect(result).toEqual(true)
     })
 
@@ -201,11 +165,8 @@ describe('Filter', () => {
         { ids: ['456'], kinds: [2], authors: ['def'] },
         { ids: ['789'], kinds: [3], authors: ['ghi'] },
       ]
-
       const event = buildEvent({ id: '100', kind: 4, pubkey: 'jkl' })
-
       const result = matchFilters(filters, event)
-
       expect(result).toEqual(false)
     })
 
@@ -221,9 +182,7 @@ describe('Filter', () => {
         pubkey: 'def',
         created_at: 200,
       })
-
       const result = matchFilters(filters, event)
-
       expect(result).toEqual(false)
     })
   })
@@ -256,6 +215,16 @@ describe('Filter', () => {
       expect(getFilterLimit({ kinds: [0, 3], authors: ['alex', 'fiatjaf'] })).toEqual(4)
     })
 
+    test('should handle parameterized replaceable events', () => {
+      expect(getFilterLimit({ kinds: [30078], authors: ['alex'] })).toEqual(Infinity)
+      expect(getFilterLimit({ kinds: [30078], authors: ['alex'], '#d': ['ditto'] })).toEqual(1)
+      expect(getFilterLimit({ kinds: [30078], authors: ['alex'], '#d': ['ditto', 'soapbox'] })).toEqual(2)
+      expect(getFilterLimit({ kinds: [30078], authors: ['alex', 'fiatjaf'], '#d': ['ditto', 'soapbox'] })).toEqual(4)
+      expect(
+        getFilterLimit({ kinds: [30000, 30078], authors: ['alex', 'fiatjaf'], '#d': ['ditto', 'soapbox'] }),
+      ).toEqual(8)
+    })
+
     test('should return Infinity for authors with regular kinds', () => {
       expect(getFilterLimit({ kinds: [1], authors: ['alex'] })).toEqual(Infinity)
     })
@@ -263,5 +232,9 @@ describe('Filter', () => {
     test('should return Infinity for empty filters', () => {
       expect(getFilterLimit({})).toEqual(Infinity)
     })
+
+    test('empty tags return 0', () => {
+      expect(getFilterLimit({ '#p': [] })).toEqual(0)
+    })
   })
 })

filter.ts

@@ -1,5 +1,5 @@
 import { Event } from './core.ts'
-import { isReplaceableKind } from './kinds.ts'
+import { isParameterizedReplaceableKind, isReplaceableKind } from './kinds.ts'
 
 export type Filter = {
   ids?: string[]
@@ -14,15 +14,13 @@ export type Filter = {
 
 export function matchFilter(filter: Filter, event: Event): boolean {
   if (filter.ids && filter.ids.indexOf(event.id) === -1) {
-    if (!filter.ids.some(prefix => event.id.startsWith(prefix))) {
-      return false
-    }
+    return false
+  }
+  if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) {
+    return false
   }
-  if (filter.kinds && filter.kinds.indexOf(event.kind) === -1) return false
   if (filter.authors && filter.authors.indexOf(event.pubkey) === -1) {
-    if (!filter.authors.some(prefix => event.pubkey.startsWith(prefix))) {
-      return false
-    }
+    return false
   }
 
   for (let f in filter) {
@@ -74,17 +72,34 @@ export function mergeFilters(...filters: Filter[]): Filter {
   return result
 }
 
-/** Calculate the intrinsic limit of a filter. This function may return `Infinity`. */
+/**
+ * Calculate the intrinsic limit of a filter.
+ * This function returns a positive integer, or `Infinity` if there is no intrinsic limit.
+ */
 export function getFilterLimit(filter: Filter): number {
   if (filter.ids && !filter.ids.length) return 0
   if (filter.kinds && !filter.kinds.length) return 0
   if (filter.authors && !filter.authors.length) return 0
 
+  for (const [key, value] of Object.entries(filter)) {
+    if (key[0] === '#' && Array.isArray(value) && !value.length) return 0
+  }
+
   return Math.min(
+    // The `limit` property creates an artificial limit.
     Math.max(0, filter.limit ?? Infinity),
+
+    // There can only be one event per `id`.
     filter.ids?.length ?? Infinity,
+
+    // Replaceable events are limited by the number of authors and kinds.
     filter.authors?.length && filter.kinds?.every(kind => isReplaceableKind(kind))
       ? filter.authors.length * filter.kinds.length
       : Infinity,
+
+    // Parameterized replaceable events are limited by the number of authors, kinds, and "d" tags.
+    filter.authors?.length && filter.kinds?.every(kind => isParameterizedReplaceableKind(kind)) && filter['#d']?.length
+      ? filter.authors.length * filter.kinds.length * filter['#d'].length
+      : Infinity,
   )
 }

index.ts

@@ -1,7 +1,7 @@
 export * from './pure.ts'
-export * from './relay.ts'
+export { Relay } from './relay.ts'
 export * from './filter.ts'
-export * from './pool.ts'
+export { SimplePool } from './pool.ts'
 export * from './references.ts'
 
 export * as nip04 from './nip04.ts'

jsr.json

@@ -16,6 +16,7 @@
     "./nip04": "./nip04.ts",
     "./nip05": "./nip05.ts",
     "./nip06": "./nip06.ts",
+    "./nip07": "./nip07.ts",
     "./nip10": "./nip10.ts",
     "./nip11": "./nip11.ts",
     "./nip13": "./nip13.ts",

kinds.ts

@@ -35,11 +35,12 @@ export const ShortTextNote = 1
 export const RecommendRelay = 2
 export const Contacts = 3
 export const EncryptedDirectMessage = 4
-export const EncryptedDirectMessages = 4
 export const EventDeletion = 5
 export const Repost = 6
 export const Reaction = 7
 export const BadgeAward = 8
+export const Seal = 13
+export const PrivateDirectMessage = 14
 export const GenericRepost = 16
 export const ChannelCreation = 40
 export const ChannelMetadata = 41
@@ -71,6 +72,8 @@ export const BlockedRelaysList = 10006
 export const SearchRelaysList = 10007
 export const InterestsList = 10015
 export const UserEmojiList = 10030
+export const DirectMessageRelaysList = 10050
+export const GiftWrap = 10059
 export const FileServerPreference = 10096
 export const NWCWalletInfo = 13194
 export const LightningPubRPC = 21000

nip05.test.ts

@@ -1,7 +1,7 @@
 import { test, expect } from 'bun:test'
 import fetch from 'node-fetch'
 
-import { useFetchImplementation, queryProfile } from './nip05.ts'
+import { useFetchImplementation, queryProfile, NIP05_REGEX, isNip05 } from './nip05.ts'
 
 test('fetch nip05 profiles', async () => {
   useFetchImplementation(fetch)
@@ -18,3 +18,15 @@ test('fetch nip05 profiles', async () => {
   expect(p3!.pubkey).toEqual('3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d')
   expect(p3!.relays).toEqual(['wss://pyramid.fiatjaf.com', 'wss://nos.lol'])
 })
+
+test('validate NIP05_REGEX', () => {
+  expect(NIP05_REGEX.test('_@bob.com.br')).toBeTrue()
+  expect(NIP05_REGEX.test('bob@bob.com.br')).toBeTrue()
+  expect(NIP05_REGEX.test('b&b@bob.com.br')).toBeFalse()
+
+  expect('b&b@bob.com.br'.match(NIP05_REGEX)).toBeNull()
+  expect(Array.from('bob@bob.com.br'.match(NIP05_REGEX) || [])).toEqual(['bob@bob.com.br', 'bob', 'bob.com.br', '.br'])
+
+  expect(isNip05('bob@bob.com.br')).toBeTrue()
+  expect(isNip05('b&b@bob.com.br')).toBeFalse()
+})

nip05.ts

@@ -1,5 +1,7 @@
 import { ProfilePointer } from './nip19.ts'
 
+export type Nip05 = `${string}@${string}`
+
 /**
  * NIP-05 regex. The localpart is optional, and should be assumed to be `_` otherwise.
  *
@@ -8,6 +10,7 @@ import { ProfilePointer } from './nip19.ts'
  * - 2: domain
  */
 export const NIP05_REGEX = /^(?:([\w.+-]+)@)?([\w_-]+(\.[\w_-]+)+)$/
+export const isNip05 = (value?: string | null): value is Nip05 => NIP05_REGEX.test(value || '')
 
 var _fetch: any
 
@@ -47,7 +50,7 @@ export async function queryProfile(fullname: string): Promise<ProfilePointer | n
   }
 }
 
-export async function isValid(pubkey: string, nip05: string): Promise<boolean> {
+export async function isValid(pubkey: string, nip05: Nip05): Promise<boolean> {
   let res = await queryProfile(nip05)
   return res ? res.pubkey === pubkey : false
 }

nip06.test.ts

@@ -1,5 +1,10 @@
 import { test, expect } from 'bun:test'
-import { privateKeyFromSeedWords } from './nip06.ts'
+import {
+  privateKeyFromSeedWords,
+  accountFromSeedWords,
+  extendedKeysFromSeedWords,
+  accountFromExtendedKey,
+} from './nip06.ts'
 
 test('generate private key from a mnemonic', async () => {
   const mnemonic = 'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo wrong'
@@ -26,3 +31,46 @@ test('generate private key for account 1 from a mnemonic and passphrase', async
   const privateKey = privateKeyFromSeedWords(mnemonic, passphrase, 1)
   expect(privateKey).toEqual('2e0f7bd9e3c3ebcdff1a90fb49c913477e7c055eba1a415d571b6a8c714c7135')
 })
+
+test('generate private and public key for account 1 from a mnemonic and passphrase', async () => {
+  const mnemonic = 'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo wrong'
+  const passphrase = '123'
+  const { privateKey, publicKey } = accountFromSeedWords(mnemonic, passphrase, 1)
+  expect(privateKey).toEqual('2e0f7bd9e3c3ebcdff1a90fb49c913477e7c055eba1a415d571b6a8c714c7135')
+  expect(publicKey).toEqual('13f55f4f01576570ea342eb7d2b611f9dc78f8dc601aeb512011e4e73b90cf0a')
+})
+
+test('generate extended keys from mnemonic', () => {
+  const mnemonic = 'abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about'
+  const passphrase = ''
+  const extendedAccountIndex = 0
+  const { privateExtendedKey, publicExtendedKey } = extendedKeysFromSeedWords(
+    mnemonic,
+    passphrase,
+    extendedAccountIndex,
+  )
+
+  expect(privateExtendedKey).toBe(
+    'xprv9z78fizET65qsCaRr1MSutTSGk1fcKfSt1sBqmuWShtkjRJJ4WCKcSnha6EmgNzFSsyom3MWtydHyPtJtSLZQUtictVQtM2vkPcguh6TQCH',
+  )
+  expect(publicExtendedKey).toBe(
+    'xpub6D6V5EX8HTe95getx2tTH2QApmrA1nPJFEnneAK813RjcDdSc3WaAF7BRNpTF7o7zXjVm3DD3VMX66jhQ7wLaZ9sS6NzyfiwfzqDZbxvpDN',
+  )
+})
+
+test('generate account from extended private key', () => {
+  const xprv =
+    'xprv9z78fizET65qsCaRr1MSutTSGk1fcKfSt1sBqmuWShtkjRJJ4WCKcSnha6EmgNzFSsyom3MWtydHyPtJtSLZQUtictVQtM2vkPcguh6TQCH'
+  const { privateKey, publicKey } = accountFromExtendedKey(xprv)
+
+  expect(privateKey).toBe('5f29af3b9676180290e77a4efad265c4c2ff28a5302461f73597fda26bb25731')
+  expect(publicKey).toBe('e8bcf3823669444d0b49ad45d65088635d9fd8500a75b5f20b59abefa56a144f')
+})
+
+test('generate account from extended public key', () => {
+  const xpub =
+    'xpub6D6V5EX8HTe95getx2tTH2QApmrA1nPJFEnneAK813RjcDdSc3WaAF7BRNpTF7o7zXjVm3DD3VMX66jhQ7wLaZ9sS6NzyfiwfzqDZbxvpDN'
+  const { publicKey } = accountFromExtendedKey(xpub)
+
+  expect(publicKey).toBe('e8bcf3823669444d0b49ad45d65088635d9fd8500a75b5f20b59abefa56a144f')
+})

nip06.ts

@@ -3,13 +3,69 @@ import { wordlist } from '@scure/bip39/wordlists/english'
 import { generateMnemonic, mnemonicToSeedSync, validateMnemonic } from '@scure/bip39'
 import { HDKey } from '@scure/bip32'
 
+const DERIVATION_PATH = `m/44'/1237'`
+
 export function privateKeyFromSeedWords(mnemonic: string, passphrase?: string, accountIndex = 0): string {
   let root = HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic, passphrase))
-  let privateKey = root.derive(`m/44'/1237'/${accountIndex}'/0/0`).privateKey
+  let privateKey = root.derive(`${DERIVATION_PATH}/${accountIndex}'/0/0`).privateKey
   if (!privateKey) throw new Error('could not derive private key')
   return bytesToHex(privateKey)
 }
 
+export function accountFromSeedWords(
+  mnemonic: string,
+  passphrase?: string,
+  accountIndex = 0,
+): {
+  privateKey: string
+  publicKey: string
+} {
+  const root = HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic, passphrase))
+  const seed = root.derive(`${DERIVATION_PATH}/${accountIndex}'/0/0`)
+  const privateKey = bytesToHex(seed.privateKey!)
+  const publicKey = bytesToHex(seed.publicKey!.slice(1))
+  if (!privateKey && !publicKey) {
+    throw new Error('could not derive key pair')
+  }
+  return { privateKey, publicKey }
+}
+
+export function extendedKeysFromSeedWords(
+  mnemonic: string,
+  passphrase?: string,
+  extendedAccountIndex = 0,
+): {
+  privateExtendedKey: string
+  publicExtendedKey: string
+} {
+  let root = HDKey.fromMasterSeed(mnemonicToSeedSync(mnemonic, passphrase))
+  let seed = root.derive(`${DERIVATION_PATH}/${extendedAccountIndex}'`)
+  let privateExtendedKey = seed.privateExtendedKey
+  let publicExtendedKey = seed.publicExtendedKey
+  if (!privateExtendedKey && !publicExtendedKey) throw new Error('could not derive extended key pair')
+  return { privateExtendedKey, publicExtendedKey }
+}
+
+export function accountFromExtendedKey(
+  base58key: string,
+  accountIndex = 0,
+): {
+  privateKey?: string
+  publicKey: string
+} {
+  let extendedKey = HDKey.fromExtendedKey(base58key)
+  let version = base58key.slice(0, 4)
+  let child = extendedKey.deriveChild(0).deriveChild(accountIndex)
+  let publicKey = bytesToHex(child.publicKey!.slice(1))
+  if (!publicKey) throw new Error('could not derive public key')
+  if (version === 'xprv') {
+    let privateKey = bytesToHex(child.privateKey!)
+    if (!privateKey) throw new Error('could not derive private key')
+    return { privateKey, publicKey }
+  }
+  return { publicKey }
+}
+
 export function generateSeedWords(): string {
   return generateMnemonic(wordlist)
 }

nip07.ts

@@ -0,0 +1,16 @@
+import { EventTemplate, NostrEvent } from './core.ts'
+import { RelayRecord } from './relay.ts'
+
+export interface WindowNostr {
+  getPublicKey(): Promise<string>
+  signEvent(event: EventTemplate): Promise<NostrEvent>
+  getRelays(): Promise<RelayRecord>
+  nip04?: {
+    encrypt(pubkey: string, plaintext: string): Promise<string>
+    decrypt(pubkey: string, ciphertext: string): Promise<string>
+  }
+  nip44?: {
+    encrypt(pubkey: string, plaintext: string): Promise<string>
+    decrypt(pubkey: string, ciphertext: string): Promise<string>
+  }
+}

nip11.ts

@@ -68,7 +68,7 @@ export interface BasicRelayInformation {
  * from `[` to `]` and is after UTF-8 serialization (so some
  * unicode characters will cost 2-3 bytes). It is equal to
  * the maximum size of the WebSocket message frame.
- * @param max_subscription total number of subscriptions
+ * @param max_subscriptions total number of subscriptions
  * that may be active on a single websocket connection to
  * this relay. It's possible that authenticated clients with
  * a (paid) relationship to the relay may have higher limits.
@@ -101,12 +101,17 @@ export interface BasicRelayInformation {
  * authentication to happen before a new connection may
  * perform any other action. Even if set to False,
  * authentication may be required for specific actions.
+ * @param restricted_writes: this relay requires some kind
+ * of condition to be fulfilled in order to accept events
+ * (not necessarily, but including
  * @param payment_required this relay requires payment
  * before a new connection may perform any action.
+ * @param created_at_lower_limit: 'created_at' lower limit
+ * @param created_at_upper_limit: 'created_at' upper limit
  */
 export interface Limitations {
   max_message_length: number
-  max_subscription: number
+  max_subscriptions: number
   max_filters: number
   max_limit: number
   max_subid_length: number
@@ -116,6 +121,9 @@ export interface Limitations {
   min_pow_difficulty: number
   auth_required: boolean
   payment_required: boolean
+  created_at_lower_limit: number
+  created_at_upper_limit: number
+  restricted_writes: boolean
 }
 
 interface RetentionDetails {

nip19.test.ts

@@ -1,16 +1,16 @@
-import { test, expect } from 'bun:test'
+import { test, expect, describe } from 'bun:test'
 import { generateSecretKey, getPublicKey } from './pure.ts'
 import {
   decode,
   naddrEncode,
   nprofileEncode,
   npubEncode,
-  nrelayEncode,
   nsecEncode,
   neventEncode,
   type AddressPointer,
   type ProfilePointer,
   EventPointer,
+  NostrTypeGuard,
 } from './nip19.ts'
 
 test('encode and decode nsec', () => {
@@ -153,11 +153,154 @@ test('decode naddr from go-nostr with different TLV ordering', () => {
   expect(pointer.identifier).toEqual('banana')
 })
 
-test('encode and decode nrelay', () => {
-  let url = 'wss://relay.nostr.example'
-  let nrelay = nrelayEncode(url)
-  expect(nrelay).toMatch(/nrelay1\w+/)
-  let { type, data } = decode(nrelay)
-  expect(type).toEqual('nrelay')
-  expect(data).toEqual(url)
+describe('NostrTypeGuard', () => {
+  test('isNProfile', () => {
+    const is = NostrTypeGuard.isNProfile('nprofile1qqsvc6ulagpn7kwrcwdqgp797xl7usumqa6s3kgcelwq6m75x8fe8yc5usxdg')
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNProfile invalid nprofile', () => {
+    const is = NostrTypeGuard.isNProfile('nprofile1qqsvc6ulagpn7kwrcwdqgp797xl7usumqa6s3kgcelwq6m75x8fe8yc5usxãg')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNProfile with invalid nprofile', () => {
+    const is = NostrTypeGuard.isNProfile('nsec1lqw6zqyanj9mz8gwhdam6tqge42vptz4zg93qsfej440xm5h5esqya0juv')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNRelay', () => {
+    const is = NostrTypeGuard.isNRelay('nrelay1qqt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueq4r295t')
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNRelay with invalid nrelay', () => {
+    const is = NostrTypeGuard.isNRelay('nrelay1qqt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueã4r295t')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNRelay with invalid nrelay', () => {
+    const is = NostrTypeGuard.isNRelay(
+      'nevent1qqst8cujky046negxgwwm5ynqwn53t8aqjr6afd8g59nfqwxpdhylpcpzamhxue69uhhyetvv9ujuetcv9khqmr99e3k7mg8arnc9',
+    )
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNEvent', () => {
+    const is = NostrTypeGuard.isNEvent(
+      'nevent1qqst8cujky046negxgwwm5ynqwn53t8aqjr6afd8g59nfqwxpdhylpcpzamhxue69uhhyetvv9ujuetcv9khqmr99e3k7mg8arnc9',
+    )
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNEvent with invalid nevent', () => {
+    const is = NostrTypeGuard.isNEvent(
+      'nevent1qqst8cujky046negxgwwm5ynqwn53t8aqjr6afd8g59nfqwxpdhylpcpzamhxue69uhhyetvv9ujuetcv9khqmr99e3k7mg8ãrnc9',
+    )
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNEvent with invalid nevent', () => {
+    const is = NostrTypeGuard.isNEvent('nprofile1qqsvc6ulagpn7kwrcwdqgp797xl7usumqa6s3kgcelwq6m75x8fe8yc5usxdg')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNAddr', () => {
+    const is = NostrTypeGuard.isNAddr(
+      'naddr1qqxnzdesxqmnxvpexqunzvpcqyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueqzypve7elhmamff3sr5mgxxms4a0rppkmhmn7504h96pfcdkpplvl2jqcyqqq823cnmhuld',
+    )
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNAddr with invalid nadress', () => {
+    const is = NostrTypeGuard.isNAddr('nsec1lqw6zqyanj9mz8gwhdam6tqge42vptz4zg93qsfej440xm5h5esqya0juv')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNSec', () => {
+    const is = NostrTypeGuard.isNSec('nsec1lqw6zqyanj9mz8gwhdam6tqge42vptz4zg93qsfej440xm5h5esqya0juv')
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNSec with invalid nsec', () => {
+    const is = NostrTypeGuard.isNSec('nsec1lqw6zqyanj9mz8gwhdam6tqge42vptz4zg93qsfej440xm5h5esqya0juã')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNSec with invalid nsec', () => {
+    const is = NostrTypeGuard.isNSec('nprofile1qqsvc6ulagpn7kwrcwdqgp797xl7usumqa6s3kgcelwq6m75x8fe8yc5usxdg')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNPub', () => {
+    const is = NostrTypeGuard.isNPub('npub1jz5mdljkmffmqjshpyjgqgrhdkuxd9ztzasv8xeh5q92fv33sjgqy4pats')
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNPub with invalid npub', () => {
+    const is = NostrTypeGuard.isNPub('npub1jz5mdljkmffmqjshpyjgqgrhdkuxd9ztzãsv8xeh5q92fv33sjgqy4pats')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNPub with invalid npub', () => {
+    const is = NostrTypeGuard.isNPub('nsec1lqw6zqyanj9mz8gwhdam6tqge42vptz4zg93qsfej440xm5h5esqya0juv')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNote', () => {
+    const is = NostrTypeGuard.isNote('note1gmtnz6q2m55epmlpe3semjdcq987av3jvx4emmjsa8g3s9x7tg4sclreky')
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNote with invalid note', () => {
+    const is = NostrTypeGuard.isNote('note1gmtnz6q2m55epmlpe3semjdcq987av3jvx4emmjsa8g3s9x7tg4sçlreky')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNote with invalid note', () => {
+    const is = NostrTypeGuard.isNote('npub1jz5mdljkmffmqjshpyjgqgrhdkuxd9ztzasv8xeh5q92fv33sjgqy4pats')
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNcryptsec', () => {
+    const is = NostrTypeGuard.isNcryptsec(
+      'ncryptsec1qgg9947rlpvqu76pj5ecreduf9jxhselq2nae2kghhvd5g7dgjtcxfqtd67p9m0w57lspw8gsq6yphnm8623nsl8xn9j4jdzz84zm3frztj3z7s35vpzmqf6ksu8r89qk5z2zxfmu5gv8th8wclt0h4p',
+    )
+
+    expect(is).toBeTrue()
+  })
+
+  test('isNcryptsec with invalid ncrytpsec', () => {
+    const is = NostrTypeGuard.isNcryptsec(
+      'ncryptsec1qgg9947rlpvqu76pj5ecreduf9jxhselq2nae2kghhvd5g7dgjtcxfqtd67p9m0w57lspw8gsq6yphnm8623nsã8xn9j4jdzz84zm3frztj3z7s35vpzmqf6ksu8r89qk5z2zxfmu5gv8th8wclt0h4p',
+    )
+
+    expect(is).toBeFalse()
+  })
+
+  test('isNcryptsec with invalid ncrytpsec', () => {
+    const is = NostrTypeGuard.isNcryptsec('note1gmtnz6q2m55epmlpe3semjdcq987av3jvx4emmjsa8g3s9x7tg4sçlreky')
+
+    expect(is).toBeFalse()
+  })
 })

nip19.ts

@@ -3,6 +3,26 @@ import { bech32 } from '@scure/base'
 
 import { utf8Decoder, utf8Encoder } from './utils.ts'
 
+export type NProfile = `nprofile1${string}`
+export type NRelay = `nrelay1${string}`
+export type NEvent = `nevent1${string}`
+export type NAddr = `naddr1${string}`
+export type NSec = `nsec1${string}`
+export type NPub = `npub1${string}`
+export type Note = `note1${string}`
+export type Ncryptsec = `ncryptsec1${string}`
+
+export const NostrTypeGuard = {
+  isNProfile: (value?: string | null): value is NProfile => /^nprofile1[a-z\d]+$/.test(value || ''),
+  isNRelay: (value?: string | null): value is NRelay => /^nrelay1[a-z\d]+$/.test(value || ''),
+  isNEvent: (value?: string | null): value is NEvent => /^nevent1[a-z\d]+$/.test(value || ''),
+  isNAddr: (value?: string | null): value is NAddr => /^naddr1[a-z\d]+$/.test(value || ''),
+  isNSec: (value?: string | null): value is NSec => /^nsec1[a-z\d]{58}$/.test(value || ''),
+  isNPub: (value?: string | null): value is NPub => /^npub1[a-z\d]{58}$/.test(value || ''),
+  isNote: (value?: string | null): value is Note => /^note1[a-z\d]+$/.test(value || ''),
+  isNcryptsec: (value?: string | null): value is Ncryptsec => /^ncryptsec1[a-z\d]+$/.test(value || ''),
+}
+
 export const Bech32MaxSize = 5000
 
 /**
@@ -45,7 +65,6 @@ export type AddressPointer = {
 
 type Prefixes = {
   nprofile: ProfilePointer
-  nrelay: string
   nevent: EventPointer
   naddr: AddressPointer
   nsec: Uint8Array
@@ -119,16 +138,6 @@ export function decode(nip19: string): DecodeResult {
       }
     }
 
-    case 'nrelay': {
-      let tlv = parseTLV(data)
-      if (!tlv[0]?.[0]) throw new Error('missing TLV 0 for nrelay')
-
-      return {
-        type: 'nrelay',
-        data: utf8Decoder.decode(tlv[0][0]),
-      }
-    }
-
     case 'nsec':
       return { type: prefix, data }
 
@@ -158,15 +167,15 @@ function parseTLV(data: Uint8Array): TLV {
   return result
 }
 
-export function nsecEncode(key: Uint8Array): `nsec1${string}` {
+export function nsecEncode(key: Uint8Array): NSec {
   return encodeBytes('nsec', key)
 }
 
-export function npubEncode(hex: string): `npub1${string}` {
+export function npubEncode(hex: string): NPub {
   return encodeBytes('npub', hexToBytes(hex))
 }
 
-export function noteEncode(hex: string): `note1${string}` {
+export function noteEncode(hex: string): Note {
   return encodeBytes('note', hexToBytes(hex))
 }
 
@@ -179,7 +188,7 @@ export function encodeBytes<Prefix extends string>(prefix: Prefix, bytes: Uint8A
   return encodeBech32(prefix, bytes)
 }
 
-export function nprofileEncode(profile: ProfilePointer): `nprofile1${string}` {
+export function nprofileEncode(profile: ProfilePointer): NProfile {
   let data = encodeTLV({
     0: [hexToBytes(profile.pubkey)],
     1: (profile.relays || []).map(url => utf8Encoder.encode(url)),
@@ -187,7 +196,7 @@ export function nprofileEncode(profile: ProfilePointer): `nprofile1${string}` {
   return encodeBech32('nprofile', data)
 }
 
-export function neventEncode(event: EventPointer): `nevent1${string}` {
+export function neventEncode(event: EventPointer): NEvent {
   let kindArray
   if (event.kind !== undefined) {
     kindArray = integerToUint8Array(event.kind)
@@ -203,7 +212,7 @@ export function neventEncode(event: EventPointer): `nevent1${string}` {
   return encodeBech32('nevent', data)
 }
 
-export function naddrEncode(addr: AddressPointer): `naddr1${string}` {
+export function naddrEncode(addr: AddressPointer): NAddr {
   let kind = new ArrayBuffer(4)
   new DataView(kind).setUint32(0, addr.kind, false)
 
@@ -216,13 +225,6 @@ export function naddrEncode(addr: AddressPointer): `naddr1${string}` {
   return encodeBech32('naddr', data)
 }
 
-export function nrelayEncode(url: string): `nrelay1${string}` {
-  let data = encodeTLV({
-    0: [utf8Encoder.encode(url)],
-  })
-  return encodeBech32('nrelay', data)
-}
-
 function encodeTLV(tlv: TLV): Uint8Array {
   let entries: Uint8Array[] = []
 

nip29.ts

@@ -1,80 +1,514 @@
 import { AbstractSimplePool } from './abstract-pool.ts'
 import { Subscription } from './abstract-relay.ts'
-import { decode } from './nip19.ts'
-import type { Event } from './core.ts'
-import { fetchRelayInformation } from './nip11.ts'
+import type { Event, EventTemplate } from './core.ts'
+import { fetchRelayInformation, RelayInformation } from './nip11.ts'
+import { AddressPointer, decode } from './nip19.ts'
 import { normalizeURL } from './utils.ts'
-import { AddressPointer } from './nip19.ts'
 
-export function subscribeRelayGroups(
-  pool: AbstractSimplePool,
-  url: string,
-  params: {
-    ongroups: (_: Group[]) => void
-    onerror: (_: Error) => void
-    onconnect?: () => void
-  },
-): () => void {
-  let normalized = normalizeURL(url)
-  let sub: Subscription
-  let groups: Group[] = []
-
-  fetchRelayInformation(normalized)
-    .then(async info => {
-      let rl = await pool.ensureRelay(normalized)
-      params.onconnect?.()
-      sub = rl.prepareSubscription(
-        [
-          {
-            kinds: [39000],
-            limit: 50,
-            authors: [info.pubkey],
-          },
-        ],
-        {
-          onevent(event: Event) {
-            groups.push(parseGroup(event, normalized))
-          },
-          oneose() {
-            params.ongroups(groups)
-            sub.onevent = (event: Event) => {
-              groups.push(parseGroup(event, normalized))
-              params.ongroups(groups)
-            }
-          },
-        },
-      )
-      sub.fire()
-    })
-    .catch(params.onerror)
-
-  return () => sub.close()
+/**
+ * Represents a NIP29 group.
+ */
+export type Group = {
+  relay: string
+  metadata: GroupMetadata
+  admins?: GroupAdmin[]
+  members?: GroupMember[]
+  reference: GroupReference
 }
 
-export async function loadGroup(pool: AbstractSimplePool, gr: GroupReference): Promise<Group> {
-  let normalized = normalizeURL(gr.host)
-
-  let info = await fetchRelayInformation(normalized)
-  let event = await pool.get([normalized], {
-    kinds: [39000],
-    authors: [info.pubkey],
-    '#d': [gr.id],
-  })
-  if (!event) throw new Error(`group '${gr.id}' not found on ${gr.host}`)
-  return parseGroup(event, normalized)
-}
-
-export async function loadGroupFromCode(pool: AbstractSimplePool, code: string): Promise<Group> {
-  let gr = parseGroupCode(code)
-  if (!gr) throw new Error(`code "${code}" does not identify a group`)
-  return loadGroup(pool, gr)
+/**
+ * Represents the metadata for a NIP29 group.
+ */
+export type GroupMetadata = {
+  id: string
+  pubkey: string
+  name?: string
+  picture?: string
+  about?: string
+  isPublic?: boolean
+  isOpen?: boolean
 }
 
+/**
+ * Represents a NIP29 group reference.
+ */
 export type GroupReference = {
   id: string
   host: string
 }
 
+/**
+ * Represents a NIP29 group member.
+ */
+export type GroupMember = {
+  pubkey: string
+  label?: string
+}
+
+/**
+ * Represents a NIP29 group admin.
+ */
+export type GroupAdmin = {
+  pubkey: string
+  label?: string
+  permissions: GroupAdminPermission[]
+}
+
+/**
+ * Represents the permissions that a NIP29 group admin can have.
+ */
+export enum GroupAdminPermission {
+  AddUser = 'add-user',
+  EditMetadata = 'edit-metadata',
+  DeleteEvent = 'delete-event',
+  RemoveUser = 'remove-user',
+  AddPermission = 'add-permission',
+  RemovePermission = 'remove-permission',
+  EditGroupStatus = 'edit-group-status',
+}
+
+/**
+ * Generates a group metadata event template.
+ *
+ * @param group - The group object.
+ * @returns An event template with the generated group metadata that can be signed later.
+ */
+export function generateGroupMetadataEventTemplate(group: Group): EventTemplate {
+  const tags: string[][] = [['d', group.metadata.id]]
+  group.metadata.name && tags.push(['name', group.metadata.name])
+  group.metadata.picture && tags.push(['picture', group.metadata.picture])
+  group.metadata.about && tags.push(['about', group.metadata.about])
+  group.metadata.isPublic && tags.push(['public'])
+  group.metadata.isOpen && tags.push(['open'])
+
+  return {
+    content: '',
+    created_at: Math.floor(Date.now() / 1000),
+    kind: 39000,
+    tags,
+  }
+}
+
+/**
+ * Validates a group metadata event.
+ *
+ * @param event - The event to validate.
+ * @returns A boolean indicating whether the event is valid.
+ */
+export function validateGroupMetadataEvent(event: Event): boolean {
+  if (event.kind !== 39000) return false
+
+  if (!event.pubkey) return false
+
+  const requiredTags = ['d'] as const
+  for (const tag of requiredTags) {
+    if (!event.tags.find(([t]) => t == tag)) return false
+  }
+
+  return true
+}
+
+/**
+ * Generates an event template for group admins.
+ *
+ * @param group - The group object.
+ * @param admins - An array of group admins.
+ * @returns The generated event template with the group admins that can be signed later.
+ */
+export function generateGroupAdminsEventTemplate(group: Group, admins: GroupAdmin[]): EventTemplate {
+  const tags: string[][] = [['d', group.metadata.id]]
+  for (const admin of admins) {
+    tags.push(['p', admin.pubkey, admin.label || '', ...admin.permissions])
+  }
+
+  return {
+    content: '',
+    created_at: Math.floor(Date.now() / 1000),
+    kind: 39001,
+    tags,
+  }
+}
+
+/**
+ * Validates a group admins event.
+ *
+ * @param event - The event to validate.
+ * @returns True if the event is valid, false otherwise.
+ */
+export function validateGroupAdminsEvent(event: Event): boolean {
+  if (event.kind !== 39001) return false
+
+  const requiredTags = ['d'] as const
+  for (const tag of requiredTags) {
+    if (!event.tags.find(([t]) => t == tag)) return false
+  }
+
+  // validate permissions
+  for (const [tag, _value, _label, ...permissions] of event.tags) {
+    if (tag !== 'p') continue
+
+    for (let i = 0; i < permissions.length; i += 1) {
+      if (typeof permissions[i] !== 'string') return false
+
+      // validate permission name from the GroupAdminPermission enum
+      if (!Object.values(GroupAdminPermission).includes(permissions[i] as GroupAdminPermission)) return false
+    }
+  }
+
+  return true
+}
+
+/**
+ * Generates an event template for a group with its members.
+ *
+ * @param group - The group object.
+ * @param members - An array of group members.
+ * @returns The generated event template with the group members that can be signed later.
+ */
+export function generateGroupMembersEventTemplate(group: Group, members: GroupMember[]): EventTemplate {
+  const tags: string[][] = [['d', group.metadata.id]]
+  for (const member of members) {
+    tags.push(['p', member.pubkey, member.label || ''])
+  }
+
+  return {
+    content: '',
+    created_at: Math.floor(Date.now() / 1000),
+    kind: 39002,
+    tags,
+  }
+}
+
+/**
+ * Validates a group members event.
+ *
+ * @param event - The event to validate.
+ * @returns Returns `true` if the event is a valid group members event, `false` otherwise.
+ */
+export function validateGroupMembersEvent(event: Event): boolean {
+  if (event.kind !== 39002) return false
+
+  const requiredTags = ['d'] as const
+  for (const tag of requiredTags) {
+    if (!event.tags.find(([t]) => t == tag)) return false
+  }
+
+  return true
+}
+
+/**
+ * Returns the normalized relay URL based on the provided group reference.
+ *
+ * @param groupReference - The group reference object containing the host.
+ * @returns The normalized relay URL.
+ */
+export function getNormalizedRelayURLByGroupReference(groupReference: GroupReference): string {
+  return normalizeURL(groupReference.host)
+}
+
+/**
+ * Fetches relay information by group reference.
+ *
+ * @param groupReference The group reference.
+ * @returns A promise that resolves to the relay information.
+ */
+export async function fetchRelayInformationByGroupReference(groupReference: GroupReference): Promise<RelayInformation> {
+  const normalizedRelayURL = getNormalizedRelayURLByGroupReference(groupReference)
+
+  return fetchRelayInformation(normalizedRelayURL)
+}
+
+/**
+ * Fetches the group metadata event from the specified pool.
+ * If the normalizedRelayURL is not provided, it will be obtained using the groupReference.
+ * If the relayInformation is not provided, it will be fetched using the normalizedRelayURL.
+ *
+ * @param {Object} options - The options object.
+ * @param {AbstractSimplePool} options.pool - The pool to fetch the group metadata event from.
+ * @param {GroupReference} options.groupReference - The reference to the group.
+ * @param {string} [options.normalizedRelayURL] - The normalized URL of the relay.
+ * @param {RelayInformation} [options.relayInformation] - The relay information object.
+ * @returns {Promise<Event>} The group metadata event that can be parsed later to get the group metadata object.
+ * @throws {Error} If the group is not found on the specified relay.
+ */
+export async function fetchGroupMetadataEvent({
+  pool,
+  groupReference,
+  relayInformation,
+  normalizedRelayURL,
+}: {
+  pool: AbstractSimplePool
+  groupReference: GroupReference
+  normalizedRelayURL?: string
+  relayInformation?: RelayInformation
+}): Promise<Event> {
+  if (!normalizedRelayURL) {
+    normalizedRelayURL = getNormalizedRelayURLByGroupReference(groupReference)
+  }
+
+  if (!relayInformation) {
+    relayInformation = await fetchRelayInformation(normalizedRelayURL)
+  }
+
+  const groupMetadataEvent = await pool.get([normalizedRelayURL], {
+    kinds: [39000],
+    authors: [relayInformation.pubkey],
+    '#d': [groupReference.id],
+  })
+
+  if (!groupMetadataEvent) throw new Error(`group '${groupReference.id}' not found on ${normalizedRelayURL}`)
+
+  return groupMetadataEvent
+}
+
+/**
+ * Parses a group metadata event and returns the corresponding GroupMetadata object.
+ *
+ * @param event - The event to parse.
+ * @returns The parsed GroupMetadata object.
+ * @throws An error if the group metadata event is invalid.
+ */
+export function parseGroupMetadataEvent(event: Event): GroupMetadata {
+  if (!validateGroupMetadataEvent(event)) throw new Error('invalid group metadata event')
+
+  const metadata: GroupMetadata = {
+    id: '',
+    pubkey: event.pubkey,
+  }
+
+  for (const [tag, value] of event.tags) {
+    switch (tag) {
+      case 'd':
+        metadata.id = value
+        break
+      case 'name':
+        metadata.name = value
+        break
+      case 'picture':
+        metadata.picture = value
+        break
+      case 'about':
+        metadata.about = value
+        break
+      case 'public':
+        metadata.isPublic = true
+        break
+      case 'open':
+        metadata.isOpen = true
+        break
+    }
+  }
+
+  return metadata
+}
+
+/**
+ * Fetches the group admins event from the specified pool.
+ * If the normalizedRelayURL is not provided, it will be obtained from the groupReference.
+ * If the relayInformation is not provided, it will be fetched using the normalizedRelayURL.
+ *
+ * @param {Object} options - The options object.
+ * @param {AbstractSimplePool} options.pool - The pool to fetch the group admins event from.
+ * @param {GroupReference} options.groupReference - The reference to the group.
+ * @param {string} [options.normalizedRelayURL] - The normalized relay URL.
+ * @param {RelayInformation} [options.relayInformation] - The relay information.
+ * @returns {Promise<Event>} The group admins event that can be parsed later to get the group admins object.
+ * @throws {Error} If the group admins event is not found on the specified relay.
+ */
+export async function fetchGroupAdminsEvent({
+  pool,
+  groupReference,
+  relayInformation,
+  normalizedRelayURL,
+}: {
+  pool: AbstractSimplePool
+  groupReference: GroupReference
+  normalizedRelayURL?: string
+  relayInformation?: RelayInformation
+}): Promise<Event> {
+  if (!normalizedRelayURL) {
+    normalizedRelayURL = getNormalizedRelayURLByGroupReference(groupReference)
+  }
+
+  if (!relayInformation) {
+    relayInformation = await fetchRelayInformation(normalizedRelayURL)
+  }
+
+  const groupAdminsEvent = await pool.get([normalizedRelayURL], {
+    kinds: [39001],
+    authors: [relayInformation.pubkey],
+    '#d': [groupReference.id],
+  })
+
+  if (!groupAdminsEvent) throw new Error(`admins for group '${groupReference.id}' not found on ${normalizedRelayURL}`)
+
+  return groupAdminsEvent
+}
+
+/**
+ * Parses a group admins event and returns an array of GroupAdmin objects.
+ *
+ * @param event - The event to parse.
+ * @returns An array of GroupAdmin objects.
+ * @throws Throws an error if the group admins event is invalid.
+ */
+export function parseGroupAdminsEvent(event: Event): GroupAdmin[] {
+  if (!validateGroupAdminsEvent(event)) throw new Error('invalid group admins event')
+
+  const admins: GroupAdmin[] = []
+
+  for (const [tag, value, label, ...permissions] of event.tags) {
+    if (tag !== 'p') continue
+
+    admins.push({
+      pubkey: value,
+      label,
+      permissions: permissions as GroupAdminPermission[],
+    })
+  }
+
+  return admins
+}
+
+/**
+ * Fetches the group members event from the specified relay.
+ * If the normalizedRelayURL is not provided, it will be obtained using the groupReference.
+ * If the relayInformation is not provided, it will be fetched using the normalizedRelayURL.
+ *
+ * @param {Object} options - The options object.
+ * @param {AbstractSimplePool} options.pool - The pool object.
+ * @param {GroupReference} options.groupReference - The group reference object.
+ * @param {string} [options.normalizedRelayURL] - The normalized relay URL.
+ * @param {RelayInformation} [options.relayInformation] - The relay information object.
+ * @returns {Promise<Event>} The group members event that can be parsed later to get the group members object.
+ * @throws {Error} If the group members event is not found.
+ */
+export async function fetchGroupMembersEvent({
+  pool,
+  groupReference,
+  relayInformation,
+  normalizedRelayURL,
+}: {
+  pool: AbstractSimplePool
+  groupReference: GroupReference
+  normalizedRelayURL?: string
+  relayInformation?: RelayInformation
+}): Promise<Event> {
+  if (!normalizedRelayURL) {
+    normalizedRelayURL = getNormalizedRelayURLByGroupReference(groupReference)
+  }
+
+  if (!relayInformation) {
+    relayInformation = await fetchRelayInformation(normalizedRelayURL)
+  }
+
+  const groupMembersEvent = await pool.get([normalizedRelayURL], {
+    kinds: [39002],
+    authors: [relayInformation.pubkey],
+    '#d': [groupReference.id],
+  })
+
+  if (!groupMembersEvent) throw new Error(`members for group '${groupReference.id}' not found on ${normalizedRelayURL}`)
+
+  return groupMembersEvent
+}
+
+/**
+ * Parses a group members event and returns an array of GroupMember objects.
+ * @param event - The event to parse.
+ * @returns An array of GroupMember objects.
+ * @throws Throws an error if the group members event is invalid.
+ */
+export function parseGroupMembersEvent(event: Event): GroupMember[] {
+  if (!validateGroupMembersEvent(event)) throw new Error('invalid group members event')
+
+  const members: GroupMember[] = []
+
+  for (const [tag, value, label] of event.tags) {
+    if (tag !== 'p') continue
+
+    members.push({
+      pubkey: value,
+      label,
+    })
+  }
+
+  return members
+}
+
+/**
+ * Fetches and parses the group metadata event, group admins event, and group members event from the specified pool.
+ * If the normalized relay URL is not provided, it will be obtained using the group reference.
+ * If the relay information is not provided, it will be fetched using the normalized relay URL.
+ *
+ * @param {Object} options - The options for loading the group.
+ * @param {AbstractSimplePool} options.pool - The pool to load the group from.
+ * @param {GroupReference} options.groupReference - The reference of the group to load.
+ * @param {string} [options.normalizedRelayURL] - The normalized URL of the relay to use.
+ * @param {RelayInformation} [options.relayInformation] - The relay information to use.
+ * @returns {Promise<Group>} A promise that resolves to the loaded group.
+ */
+export async function loadGroup({
+  pool,
+  groupReference,
+  normalizedRelayURL,
+  relayInformation,
+}: {
+  pool: AbstractSimplePool
+  groupReference: GroupReference
+  normalizedRelayURL?: string
+  relayInformation?: RelayInformation
+}): Promise<Group> {
+  if (!normalizedRelayURL) {
+    normalizedRelayURL = getNormalizedRelayURLByGroupReference(groupReference)
+  }
+
+  if (!relayInformation) {
+    relayInformation = await fetchRelayInformation(normalizedRelayURL)
+  }
+
+  const metadataEvent = await fetchGroupMetadataEvent({ pool, groupReference, normalizedRelayURL, relayInformation })
+  const metadata = parseGroupMetadataEvent(metadataEvent)
+
+  const adminsEvent = await fetchGroupAdminsEvent({ pool, groupReference, normalizedRelayURL, relayInformation })
+  const admins = parseGroupAdminsEvent(adminsEvent)
+
+  const membersEvent = await fetchGroupMembersEvent({ pool, groupReference, normalizedRelayURL, relayInformation })
+  const members = parseGroupMembersEvent(membersEvent)
+
+  const group: Group = {
+    relay: normalizedRelayURL,
+    metadata,
+    admins,
+    members,
+    reference: groupReference,
+  }
+
+  return group
+}
+
+/**
+ * Loads a group from the specified pool using the provided group code.
+ *
+ * @param {AbstractSimplePool} pool - The pool to load the group from.
+ * @param {string} code - The code representing the group.
+ * @returns {Promise<Group>} - A promise that resolves to the loaded group.
+ * @throws {Error} - If the group code is invalid.
+ */
+export async function loadGroupFromCode(pool: AbstractSimplePool, code: string): Promise<Group> {
+  const groupReference = parseGroupCode(code)
+
+  if (!groupReference) throw new Error('invalid group code')
+
+  return loadGroup({ pool, groupReference })
+}
+
+/**
+ * Parses a group code and returns a GroupReference object.
+ *
+ * @param code The group code to parse.
+ * @returns A GroupReference object if the code is valid, otherwise null.
+ */
 export function parseGroupCode(code: string): null | GroupReference {
   if (code.startsWith('naddr1')) {
     try {
@@ -99,68 +533,74 @@ export function parseGroupCode(code: string): null | GroupReference {
   return null
 }
 
+/**
+ * Encodes a group reference into a string.
+ *
+ * @param gr - The group reference to encode.
+ * @returns The encoded group reference as a string.
+ */
 export function encodeGroupReference(gr: GroupReference): string {
-  if (gr.host.startsWith('https://')) gr.host = gr.host.slice(8)
-  if (gr.host.startsWith('wss://')) gr.host = gr.host.slice(6)
-  return `${gr.host}'${gr.id}`
+  const { host, id } = gr
+  const normalizedHost = host.replace(/^(https?:\/\/|wss?:\/\/)/, '')
+
+  return `${normalizedHost}'${id}`
 }
 
-export type Group = {
-  id: string
-  relay: string
-  pubkey: string
-  name?: string
-  picture?: string
-  about?: string
-  public?: boolean
-  open?: boolean
-}
+/**
+ * Subscribes to relay groups metadata events and calls the provided event handler function
+ * when an event is received.
+ *
+ * @param {Object} options - The options for subscribing to relay groups metadata events.
+ * @param {AbstractSimplePool} options.pool - The pool to subscribe to.
+ * @param {string} options.relayURL - The URL of the relay.
+ * @param {Function} options.onError - The error handler function.
+ * @param {Function} options.onEvent - The event handler function.
+ * @param {Function} [options.onConnect] - The connect handler function.
+ * @returns {Function} - A function to close the subscription
+ */
+export function subscribeRelayGroupsMetadataEvents({
+  pool,
+  relayURL,
+  onError,
+  onEvent,
+  onConnect,
+}: {
+  pool: AbstractSimplePool
+  relayURL: string
+  onError: (err: Error) => void
+  onEvent: (event: Event) => void
+  onConnect?: () => void
+}): () => void {
+  let sub: Subscription
 
-export function parseGroup(event: Event, relay: string): Group {
-  const group: Partial<Group> = { relay, pubkey: event.pubkey }
-  for (let i = 0; i < event.tags.length; i++) {
-    const tag = event.tags[i]
-    switch (tag[0]) {
-      case 'd':
-        group.id = tag[1] || ''
-        break
-      case 'name':
-        group.name = tag[1] || ''
-        break
-      case 'about':
-        group.about = tag[1] || ''
-        break
-      case 'picture':
-        group.picture = tag[1] || ''
-        break
-      case 'open':
-        group.open = true
-        break
-      case 'public':
-        group.public = true
-        break
-    }
-  }
-  return group as Group
-}
+  const normalizedRelayURL = normalizeURL(relayURL)
 
-export type Member = {
-  pubkey: string
-  label?: string
-  permissions: string[]
-}
+  fetchRelayInformation(normalizedRelayURL)
+    .then(async info => {
+      const abstractedRelay = await pool.ensureRelay(normalizedRelayURL)
 
-export function parseMembers(event: Event): Member[] {
-  const members = []
-  for (let i = 0; i < event.tags.length; i++) {
-    const tag = event.tags[i]
-    if (tag.length < 2) continue
-    if (tag[0] !== 'p') continue
-    if (!tag[1].match(/^[0-9a-f]{64}$/)) continue
-    const member: Member = { pubkey: tag[1], permissions: [] }
-    if (tag.length > 2) member.label = tag[2]
-    if (tag.length > 3) member.permissions = tag.slice(3)
-    members.push(member)
-  }
-  return members
+      onConnect?.()
+
+      sub = abstractedRelay.prepareSubscription(
+        [
+          {
+            kinds: [39000],
+            limit: 50,
+            authors: [info.pubkey],
+          },
+        ],
+        {
+          onevent(event: Event) {
+            onEvent(event)
+          },
+        },
+      )
+    })
+    .catch(err => {
+      sub.close()
+
+      onError(err)
+    })
+
+  return () => sub.close()
 }

nip44.test.ts

@@ -7,7 +7,7 @@ const v2vec = vec.v2
 
 test('get_conversation_key', () => {
   for (const v of v2vec.valid.get_conversation_key) {
-    const key = v2.utils.getConversationKey(v.sec1, v.pub2)
+    const key = v2.utils.getConversationKey(hexToBytes(v.sec1), v.pub2)
     expect(bytesToHex(key)).toEqual(v.conversation_key)
   }
 })
@@ -15,7 +15,7 @@ test('get_conversation_key', () => {
 test('encrypt_decrypt', () => {
   for (const v of v2vec.valid.encrypt_decrypt) {
     const pub2 = bytesToHex(schnorr.getPublicKey(v.sec2))
-    const key = v2.utils.getConversationKey(v.sec1, pub2)
+    const key = v2.utils.getConversationKey(hexToBytes(v.sec1), pub2)
     expect(bytesToHex(key)).toEqual(v.conversation_key)
     const ciphertext = v2.encrypt(v.plaintext, key, hexToBytes(v.nonce))
     expect(ciphertext).toEqual(v.payload)
@@ -39,6 +39,8 @@ test('decrypt', async () => {
 
 test('get_conversation_key', async () => {
   for (const v of v2vec.invalid.get_conversation_key) {
-    expect(() => v2.utils.getConversationKey(v.sec1, v.pub2)).toThrow(/(Point is not on curve|Cannot find square root)/)
+    expect(() => v2.utils.getConversationKey(hexToBytes(v.sec1), v.pub2)).toThrow(
+      /(Point is not on curve|Cannot find square root)/,
+    )
   }
 })

nip44.ts

@@ -4,129 +4,124 @@ import { secp256k1 } from '@noble/curves/secp256k1'
 import { extract as hkdf_extract, expand as hkdf_expand } from '@noble/hashes/hkdf'
 import { hmac } from '@noble/hashes/hmac'
 import { sha256 } from '@noble/hashes/sha256'
-import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'
+import { concatBytes, randomBytes } from '@noble/hashes/utils'
 import { base64 } from '@scure/base'
 
-const decoder = new TextDecoder()
+import { utf8Decoder, utf8Encoder } from './utils.ts'
 
-class u {
-  static minPlaintextSize = 0x0001 // 1b msg => padded to 32b
-  static maxPlaintextSize = 0xffff // 65535 (64kb-1) => padded to 64kb
+const minPlaintextSize = 0x0001 // 1b msg => padded to 32b
+const maxPlaintextSize = 0xffff // 65535 (64kb-1) => padded to 64kb
 
-  static utf8Encode = utf8ToBytes
+export function getConversationKey(privkeyA: Uint8Array, pubkeyB: string): Uint8Array {
+  const sharedX = secp256k1.getSharedSecret(privkeyA, '02' + pubkeyB).subarray(1, 33)
+  return hkdf_extract(sha256, sharedX, 'nip44-v2')
+}
 
-  static utf8Decode(bytes: Uint8Array): string {
-    return decoder.decode(bytes)
-  }
-
-  static getConversationKey(privkeyA: string, pubkeyB: string): Uint8Array {
-    const sharedX = secp256k1.getSharedSecret(privkeyA, '02' + pubkeyB).subarray(1, 33)
-    return hkdf_extract(sha256, sharedX, 'nip44-v2')
-  }
-
-  static getMessageKeys(
-    conversationKey: Uint8Array,
-    nonce: Uint8Array,
-  ): { chacha_key: Uint8Array; chacha_nonce: Uint8Array; hmac_key: Uint8Array } {
-    const keys = hkdf_expand(sha256, conversationKey, nonce, 76)
-    return {
-      chacha_key: keys.subarray(0, 32),
-      chacha_nonce: keys.subarray(32, 44),
-      hmac_key: keys.subarray(44, 76),
-    }
-  }
-
-  static calcPaddedLen(len: number): number {
-    if (!Number.isSafeInteger(len) || len < 1) throw new Error('expected positive integer')
-    if (len <= 32) return 32
-    const nextPower = 1 << (Math.floor(Math.log2(len - 1)) + 1)
-    const chunk = nextPower <= 256 ? 32 : nextPower / 8
-    return chunk * (Math.floor((len - 1) / chunk) + 1)
-  }
-
-  static writeU16BE(num: number): Uint8Array {
-    if (!Number.isSafeInteger(num) || num < u.minPlaintextSize || num > u.maxPlaintextSize)
-      throw new Error('invalid plaintext size: must be between 1 and 65535 bytes')
-    const arr = new Uint8Array(2)
-    new DataView(arr.buffer).setUint16(0, num, false)
-    return arr
-  }
-
-  static pad(plaintext: string): Uint8Array {
-    const unpadded = u.utf8Encode(plaintext)
-    const unpaddedLen = unpadded.length
-    const prefix = u.writeU16BE(unpaddedLen)
-    const suffix = new Uint8Array(u.calcPaddedLen(unpaddedLen) - unpaddedLen)
-    return concatBytes(prefix, unpadded, suffix)
-  }
-
-  static unpad(padded: Uint8Array): string {
-    const unpaddedLen = new DataView(padded.buffer).getUint16(0)
-    const unpadded = padded.subarray(2, 2 + unpaddedLen)
-    if (
-      unpaddedLen < u.minPlaintextSize ||
-      unpaddedLen > u.maxPlaintextSize ||
-      unpadded.length !== unpaddedLen ||
-      padded.length !== 2 + u.calcPaddedLen(unpaddedLen)
-    )
-      throw new Error('invalid padding')
-    return u.utf8Decode(unpadded)
-  }
-
-  static hmacAad(key: Uint8Array, message: Uint8Array, aad: Uint8Array): Uint8Array {
-    if (aad.length !== 32) throw new Error('AAD associated data must be 32 bytes')
-    const combined = concatBytes(aad, message)
-    return hmac(sha256, key, combined)
-  }
-
-  // metadata: always 65b (version: 1b, nonce: 32b, max: 32b)
-  // plaintext: 1b to 0xffff
-  // padded plaintext: 32b to 0xffff
-  // ciphertext: 32b+2 to 0xffff+2
-  // raw payload: 99 (65+32+2) to 65603 (65+0xffff+2)
-  // compressed payload (base64): 132b to 87472b
-  static decodePayload(payload: string): { nonce: Uint8Array; ciphertext: Uint8Array; mac: Uint8Array } {
-    if (typeof payload !== 'string') throw new Error('payload must be a valid string')
-    const plen = payload.length
-    if (plen < 132 || plen > 87472) throw new Error('invalid payload length: ' + plen)
-    if (payload[0] === '#') throw new Error('unknown encryption version')
-    let data: Uint8Array
-    try {
-      data = base64.decode(payload)
-    } catch (error) {
-      throw new Error('invalid base64: ' + (error as any).message)
-    }
-    const dlen = data.length
-    if (dlen < 99 || dlen > 65603) throw new Error('invalid data length: ' + dlen)
-    const vers = data[0]
-    if (vers !== 2) throw new Error('unknown encryption version ' + vers)
-    return {
-      nonce: data.subarray(1, 33),
-      ciphertext: data.subarray(33, -32),
-      mac: data.subarray(-32),
-    }
+function getMessageKeys(
+  conversationKey: Uint8Array,
+  nonce: Uint8Array,
+): { chacha_key: Uint8Array; chacha_nonce: Uint8Array; hmac_key: Uint8Array } {
+  const keys = hkdf_expand(sha256, conversationKey, nonce, 76)
+  return {
+    chacha_key: keys.subarray(0, 32),
+    chacha_nonce: keys.subarray(32, 44),
+    hmac_key: keys.subarray(44, 76),
   }
 }
 
-export class v2 {
-  static utils = u
+function calcPaddedLen(len: number): number {
+  if (!Number.isSafeInteger(len) || len < 1) throw new Error('expected positive integer')
+  if (len <= 32) return 32
+  const nextPower = 1 << (Math.floor(Math.log2(len - 1)) + 1)
+  const chunk = nextPower <= 256 ? 32 : nextPower / 8
+  return chunk * (Math.floor((len - 1) / chunk) + 1)
+}
 
-  static encrypt(plaintext: string, conversationKey: Uint8Array, nonce: Uint8Array = randomBytes(32)): string {
-    const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
-    const padded = u.pad(plaintext)
-    const ciphertext = chacha20(chacha_key, chacha_nonce, padded)
-    const mac = u.hmacAad(hmac_key, ciphertext, nonce)
-    return base64.encode(concatBytes(new Uint8Array([2]), nonce, ciphertext, mac))
+function writeU16BE(num: number): Uint8Array {
+  if (!Number.isSafeInteger(num) || num < minPlaintextSize || num > maxPlaintextSize)
+    throw new Error('invalid plaintext size: must be between 1 and 65535 bytes')
+  const arr = new Uint8Array(2)
+  new DataView(arr.buffer).setUint16(0, num, false)
+  return arr
+}
+
+function pad(plaintext: string): Uint8Array {
+  const unpadded = utf8Encoder.encode(plaintext)
+  const unpaddedLen = unpadded.length
+  const prefix = writeU16BE(unpaddedLen)
+  const suffix = new Uint8Array(calcPaddedLen(unpaddedLen) - unpaddedLen)
+  return concatBytes(prefix, unpadded, suffix)
+}
+
+function unpad(padded: Uint8Array): string {
+  const unpaddedLen = new DataView(padded.buffer).getUint16(0)
+  const unpadded = padded.subarray(2, 2 + unpaddedLen)
+  if (
+    unpaddedLen < minPlaintextSize ||
+    unpaddedLen > maxPlaintextSize ||
+    unpadded.length !== unpaddedLen ||
+    padded.length !== 2 + calcPaddedLen(unpaddedLen)
+  )
+    throw new Error('invalid padding')
+  return utf8Decoder.decode(unpadded)
+}
+
+function hmacAad(key: Uint8Array, message: Uint8Array, aad: Uint8Array): Uint8Array {
+  if (aad.length !== 32) throw new Error('AAD associated data must be 32 bytes')
+  const combined = concatBytes(aad, message)
+  return hmac(sha256, key, combined)
+}
+
+// metadata: always 65b (version: 1b, nonce: 32b, max: 32b)
+// plaintext: 1b to 0xffff
+// padded plaintext: 32b to 0xffff
+// ciphertext: 32b+2 to 0xffff+2
+// raw payload: 99 (65+32+2) to 65603 (65+0xffff+2)
+// compressed payload (base64): 132b to 87472b
+function decodePayload(payload: string): { nonce: Uint8Array; ciphertext: Uint8Array; mac: Uint8Array } {
+  if (typeof payload !== 'string') throw new Error('payload must be a valid string')
+  const plen = payload.length
+  if (plen < 132 || plen > 87472) throw new Error('invalid payload length: ' + plen)
+  if (payload[0] === '#') throw new Error('unknown encryption version')
+  let data: Uint8Array
+  try {
+    data = base64.decode(payload)
+  } catch (error) {
+    throw new Error('invalid base64: ' + (error as any).message)
   }
-
-  static decrypt(payload: string, conversationKey: Uint8Array): string {
-    const { nonce, ciphertext, mac } = u.decodePayload(payload)
-    const { chacha_key, chacha_nonce, hmac_key } = u.getMessageKeys(conversationKey, nonce)
-    const calculatedMac = u.hmacAad(hmac_key, ciphertext, nonce)
-    if (!equalBytes(calculatedMac, mac)) throw new Error('invalid MAC')
-    const padded = chacha20(chacha_key, chacha_nonce, ciphertext)
-    return u.unpad(padded)
+  const dlen = data.length
+  if (dlen < 99 || dlen > 65603) throw new Error('invalid data length: ' + dlen)
+  const vers = data[0]
+  if (vers !== 2) throw new Error('unknown encryption version ' + vers)
+  return {
+    nonce: data.subarray(1, 33),
+    ciphertext: data.subarray(33, -32),
+    mac: data.subarray(-32),
   }
 }
 
-export default { v2 }
+export function encrypt(plaintext: string, conversationKey: Uint8Array, nonce: Uint8Array = randomBytes(32)): string {
+  const { chacha_key, chacha_nonce, hmac_key } = getMessageKeys(conversationKey, nonce)
+  const padded = pad(plaintext)
+  const ciphertext = chacha20(chacha_key, chacha_nonce, padded)
+  const mac = hmacAad(hmac_key, ciphertext, nonce)
+  return base64.encode(concatBytes(new Uint8Array([2]), nonce, ciphertext, mac))
+}
+
+export function decrypt(payload: string, conversationKey: Uint8Array): string {
+  const { nonce, ciphertext, mac } = decodePayload(payload)
+  const { chacha_key, chacha_nonce, hmac_key } = getMessageKeys(conversationKey, nonce)
+  const calculatedMac = hmacAad(hmac_key, ciphertext, nonce)
+  if (!equalBytes(calculatedMac, mac)) throw new Error('invalid MAC')
+  const padded = chacha20(chacha_key, chacha_nonce, ciphertext)
+  return unpad(padded)
+}
+
+export const v2 = {
+  utils: {
+    getConversationKey,
+    calcPaddedLen,
+  },
+  encrypt,
+  decrypt,
+}

nip46.ts

@@ -1,11 +1,13 @@
+import { hexToBytes } from '@noble/hashes/utils'
 import { NostrEvent, UnsignedEvent, VerifiedEvent } from './core.ts'
 import { generateSecretKey, finalizeEvent, getPublicKey, verifyEvent } from './pure.ts'
 import { AbstractSimplePool, SubCloser } from './abstract-pool.ts'
 import { decrypt, encrypt } from './nip04.ts'
+import { getConversationKey, decrypt as nip44decrypt } from './nip44.ts'
 import { NIP05_REGEX } from './nip05.ts'
 import { SimplePool } from './pool.ts'
 import { Handlerinformation, NostrConnect } from './kinds.ts'
-import { hexToBytes } from '@noble/hashes/utils'
+import type { RelayRecord } from './relay.ts'
 
 var _fetch: any
 
@@ -109,13 +111,21 @@ export class BunkerSigner {
 
     const listeners = this.listeners
     const waitingForAuth = this.waitingForAuth
+    const skBytes = this.secretKey
 
     this.subCloser = this.pool.subscribeMany(
       this.bp.relays,
       [{ kinds: [NostrConnect], '#p': [getPublicKey(this.secretKey)] }],
       {
         async onevent(event: NostrEvent) {
-          const { id, result, error } = JSON.parse(await decrypt(clientSecretKey, event.pubkey, event.content))
+          let o
+          try {
+            o = JSON.parse(await decrypt(clientSecretKey, event.pubkey, event.content))
+          } catch (err) {
+            o = JSON.parse(nip44decrypt(event.content, getConversationKey(skBytes, event.pubkey)))
+          }
+
+          const { id, result, error } = o
 
           if (result === 'auth_url' && waitingForAuth[id]) {
             delete waitingForAuth[id]
@@ -207,7 +217,7 @@ export class BunkerSigner {
   /**
    * Calls the "get_relays" method on the bunker.
    */
-  async getRelays(): Promise<{ [relay: string]: { read: boolean; write: boolean } }> {
+  async getRelays(): Promise<RelayRecord> {
     return JSON.parse(await this.sendRequest('get_relays', []))
   }
 
@@ -244,7 +254,7 @@ export class BunkerSigner {
   }
 
   async nip44Decrypt(thirdPartyPubkey: string, ciphertext: string): Promise<string> {
-    return await this.sendRequest('nip44_encrypt', [thirdPartyPubkey, ciphertext])
+    return await this.sendRequest('nip44_decrypt', [thirdPartyPubkey, ciphertext])
   }
 }
 
@@ -265,7 +275,7 @@ export async function createAccount(
   username: string,
   domain: string,
   email?: string,
-  localSecretKey: Uint8Array = generateSecretKey()
+  localSecretKey: Uint8Array = generateSecretKey(),
 ): Promise<BunkerSigner> {
   if (email && !EMAIL_REGEX.test(email)) throw new Error('Invalid email')
 

nip49.ts

@@ -1,10 +1,15 @@
 import { scrypt } from '@noble/hashes/scrypt'
 import { xchacha20poly1305 } from '@noble/ciphers/chacha'
 import { concatBytes, randomBytes } from '@noble/hashes/utils'
-import { Bech32MaxSize, encodeBytes } from './nip19.ts'
+import { Bech32MaxSize, Ncryptsec, encodeBytes } from './nip19.ts'
 import { bech32 } from '@scure/base'
 
-export function encrypt(sec: Uint8Array, password: string, logn: number = 16, ksb: 0x00 | 0x01 | 0x02 = 0x02): string {
+export function encrypt(
+  sec: Uint8Array,
+  password: string,
+  logn: number = 16,
+  ksb: 0x00 | 0x01 | 0x02 = 0x02,
+): Ncryptsec {
   let salt = randomBytes(16)
   let n = 2 ** logn
   let key = scrypt(password.normalize('NFKC'), salt, { N: n, r: 8, p: 1, dkLen: 32 })

nip94.test.ts

@@ -21,6 +21,7 @@ describe('generateEventTemplate', () => {
       image: 'https://example.com/image.jpg',
       summary: 'Lorem ipsum',
       alt: 'Image alt text',
+      fallback: ['https://fallback1.example.com/image.jpg', 'https://fallback2.example.com/image.jpg'],
     }
 
     const expectedEventTemplate: EventTemplate = {
@@ -40,6 +41,8 @@ describe('generateEventTemplate', () => {
         ['image', 'https://example.com/image.jpg'],
         ['summary', 'Lorem ipsum'],
         ['alt', 'Image alt text'],
+        ['fallback', 'https://fallback1.example.com/image.jpg'],
+        ['fallback', 'https://fallback2.example.com/image.jpg'],
       ],
     }
 
@@ -71,6 +74,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -100,6 +104,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -129,6 +134,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -158,6 +164,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -181,6 +188,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -204,6 +212,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -227,6 +236,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -259,6 +269,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -288,6 +299,7 @@ describe('validateEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,
@@ -319,6 +331,8 @@ describe('parseEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback1.example.com/image.jpg'],
+          ['fallback', 'https://fallback2.example.com/image.jpg'],
         ],
       },
       sk,
@@ -340,6 +354,7 @@ describe('parseEvent', () => {
       image: 'https://example.com/image.jpg',
       summary: 'Lorem ipsum',
       alt: 'Image alt text',
+      fallback: ['https://fallback1.example.com/image.jpg', 'https://fallback2.example.com/image.jpg'],
     })
   })
 
@@ -364,6 +379,7 @@ describe('parseEvent', () => {
           ['image', 'https://example.com/image.jpg'],
           ['summary', 'Lorem ipsum'],
           ['alt', 'Image alt text'],
+          ['fallback', 'https://fallback.example.com/image.jpg'],
         ],
       },
       sk,

nip94.ts

@@ -75,6 +75,11 @@ export type FileMetadataObject = {
    * Optional: A description for accessibility, providing context or a brief description of the file.
    */
   alt?: string
+
+  /**
+   * Optional: fallback URLs in case url fails.
+   */
+  fallback?: string[]
 }
 
 /**
@@ -104,6 +109,7 @@ export function generateEventTemplate(fileMetadata: FileMetadataObject): EventTe
   if (fileMetadata.image) eventTemplate.tags.push(['image', fileMetadata.image])
   if (fileMetadata.summary) eventTemplate.tags.push(['summary', fileMetadata.summary])
   if (fileMetadata.alt) eventTemplate.tags.push(['alt', fileMetadata.alt])
+  if (fileMetadata.fallback) fileMetadata.fallback.forEach(url => eventTemplate.tags.push(['fallback', url]))
 
   return eventTemplate
 }
@@ -194,6 +200,10 @@ export function parseEvent(event: Event): FileMetadataObject {
       case 'alt':
         fileMetadata.alt = value
         break
+      case 'fallback':
+        fileMetadata.fallback ??= []
+        fileMetadata.fallback.push(value)
+        break
     }
   }
 

nip96.ts

@@ -340,9 +340,6 @@ export async function uploadFile(
   // Create FormData object
   const formData = new FormData()
 
-  // Append the authorization header to HTML Form Data
-  formData.append('Authorization', nip98AuthorizationHeader)
-
   // Append optional fields to FormData
   optionalFormDataFields &&
     Object.entries(optionalFormDataFields).forEach(([key, value]) => {
@@ -359,7 +356,6 @@ export async function uploadFile(
     method: 'POST',
     headers: {
       Authorization: nip98AuthorizationHeader,
-      'Content-Type': 'multipart/form-data',
     },
     body: formData,
   })

package.json

@@ -1,7 +1,7 @@
 {
   "type": "module",
   "name": "nostr-tools",
-  "version": "2.5.1",
+  "version": "2.8.0",
   "description": "Tools for making a Nostr client.",
   "repository": {
     "type": "git",
@@ -85,6 +85,9 @@
       "require": "./lib/cjs/nip06.js",
       "types": "./lib/types/nip06.d.ts"
     },
+    "./nip07": {
+      "types": "./lib/types/nip07.d.ts"
+    },
     "./nip10": {
       "import": "./lib/esm/nip10.js",
       "require": "./lib/cjs/nip10.js",

pool.test.ts

@@ -1,8 +1,7 @@
 import { afterEach, beforeEach, expect, test } from 'bun:test'
 
-import { SimplePool } from './pool.ts'
+import { SimplePool, useWebSocketImplementation } from './pool.ts'
 import { finalizeEvent, generateSecretKey, getPublicKey, type Event } from './pure.ts'
-import { useWebSocketImplementation } from './relay.ts'
 import { MockRelay, MockWebSocketClient } from './test-helpers.ts'
 import { hexToBytes } from '@noble/hashes/utils'
 
@@ -206,3 +205,33 @@ test('get()', async () => {
   expect(event).not.toBeNull()
   expect(event).toHaveProperty('id', ids[0])
 })
+
+test('track relays when publishing', async () => {
+  let event1 = finalizeEvent(
+    {
+      kind: 1,
+      created_at: Math.floor(Date.now() / 1000),
+      tags: [],
+      content: 'hello',
+    },
+    generateSecretKey(),
+  )
+  let event2 = finalizeEvent(
+    {
+      kind: 1,
+      created_at: Math.floor(Date.now() / 1000),
+      tags: [],
+      content: 'hello',
+    },
+    generateSecretKey(),
+  )
+
+  pool.trackRelays = true
+  await Promise.all(pool.publish(relayURLs, event1))
+  expect(pool.seenOn.get(event1.id)).toBeDefined()
+  expect(Array.from(pool.seenOn.get(event1.id)!).map(r => r.url)).toEqual(expect.arrayContaining(relayURLs))
+
+  pool.trackRelays = false
+  await Promise.all(pool.publish(relayURLs, event2))
+  expect(pool.seenOn.get(event2.id)).toBeUndefined()
+})

pool.ts

@@ -1,9 +1,21 @@
+/* global WebSocket */
+
 import { verifyEvent } from './pure.ts'
 import { AbstractSimplePool } from './abstract-pool.ts'
 
+var _WebSocket: typeof WebSocket
+
+try {
+  _WebSocket = WebSocket
+} catch {}
+
+export function useWebSocketImplementation(websocketImplementation: any) {
+  _WebSocket = websocketImplementation
+}
+
 export class SimplePool extends AbstractSimplePool {
   constructor() {
-    super({ verifyEvent })
+    super({ verifyEvent, websocketImplementation: _WebSocket })
   }
 }
 

relay.ts

@@ -1,3 +1,5 @@
+/* global WebSocket */
+
 import { verifyEvent } from './pure.ts'
 import { AbstractRelay } from './abstract-relay.ts'
 
@@ -8,9 +10,19 @@ export function relayConnect(url: string): Promise<Relay> {
   return Relay.connect(url)
 }
 
+var _WebSocket: typeof WebSocket
+
+try {
+  _WebSocket = WebSocket
+} catch {}
+
+export function useWebSocketImplementation(websocketImplementation: any) {
+  _WebSocket = websocketImplementation
+}
+
 export class Relay extends AbstractRelay {
   constructor(url: string) {
-    super(url, { verifyEvent })
+    super(url, { verifyEvent, websocketImplementation: _WebSocket })
   }
 
   static async connect(url: string): Promise<Relay> {
@@ -20,4 +32,6 @@ export class Relay extends AbstractRelay {
   }
 }
 
+export type RelayRecord = Record<string, { read: boolean; write: boolean }>
+
 export * from './abstract-relay.ts'