Skip to content

Commit

Permalink
keyring -> keyer, fix misunderstanding with NIP-59 and adjust api.
Browse files Browse the repository at this point in the history
  • Loading branch information
fiatjaf committed Sep 11, 2024
1 parent 9addd57 commit 5e2e0bf
Show file tree
Hide file tree
Showing 7 changed files with 65 additions and 64 deletions.
2 changes: 1 addition & 1 deletion keyring/bunker.go → keyer/bunker.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package keyring
package keyer

import (
"context"
Expand Down
2 changes: 1 addition & 1 deletion keyring/encrypted.go → keyer/encrypted.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package keyring
package keyer

import (
"context"
Expand Down
6 changes: 3 additions & 3 deletions keyring/lib.go → keyer/lib.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package keyring
package keyer

import (
"context"
Expand All @@ -13,7 +13,7 @@ import (
"github.com/nbd-wtf/go-nostr/nip49"
)

type Keyring interface {
type Keyer interface {
Signer
Cipher
}
Expand Down Expand Up @@ -43,7 +43,7 @@ type SignerOptions struct {
Password string
}

func New(ctx context.Context, pool *nostr.SimplePool, input string, opts *SignerOptions) (Keyring, error) {
func New(ctx context.Context, pool *nostr.SimplePool, input string, opts *SignerOptions) (Keyer, error) {
if opts == nil {
opts = &SignerOptions{}
}
Expand Down
2 changes: 1 addition & 1 deletion keyring/manual.go → keyer/manual.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package keyring
package keyer

import (
"context"
Expand Down
2 changes: 1 addition & 1 deletion keyring/plain.go → keyer/plain.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package keyring
package keyer

import (
"context"
Expand Down
46 changes: 19 additions & 27 deletions nip17/nip17.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ package nip17

import (
"context"
"fmt"

"github.com/nbd-wtf/go-nostr"
"github.com/nbd-wtf/go-nostr/keyer"
"github.com/nbd-wtf/go-nostr/nip59"
)

Expand All @@ -31,11 +31,10 @@ func GetDMRelays(ctx context.Context, pubkey string, pool *nostr.SimplePool, rel
}

func PrepareMessage(
ctx context.Context,
content string,
tags nostr.Tags,
ourPubkey string,
encrypt func(string) (string, error),
finalizeAndSign func(*nostr.Event) error,
kr keyer.Keyer,
recipientPubKey string,
modify func(*nostr.Event),
) (nostr.Event, error) {
Expand All @@ -44,55 +43,48 @@ func PrepareMessage(
Content: content,
Tags: tags,
CreatedAt: nostr.Now(),
PubKey: ourPubkey,
PubKey: kr.GetPublicKey(ctx),
}
rumor.ID = rumor.GetID()

seal, err := nip59.Seal(rumor, encrypt)
if err != nil {
return nostr.Event{}, fmt.Errorf("failed to seal: %w", err)
}

if err := finalizeAndSign(&seal); err != nil {
return nostr.Event{}, fmt.Errorf("finalizeAndSign failed: %w", err)
}

return nip59.GiftWrap(seal, recipientPubKey, modify)
return nip59.GiftWrap(
rumor,
recipientPubKey,
func(s string) (string, error) { return kr.Encrypt(ctx, s, recipientPubKey) },
func(e *nostr.Event) error { return kr.SignEvent(ctx, e) },
modify,
)
}

// ListenForMessages returns a channel with the rumors already decrypted and checked
func ListenForMessages(
ctx context.Context,
pool *nostr.SimplePool,
relays []string,
ourPubkey string,
kr keyer.Keyer,
ourRelays []string,
since nostr.Timestamp,
decrypt func(string) (string, error),
) chan nostr.Event {
ch := make(chan nostr.Event)

go func() {
defer close(ch)

for ie := range pool.SubMany(ctx, relays, nostr.Filters{
for ie := range pool.SubMany(ctx, ourRelays, nostr.Filters{
{
Kinds: []int{1059},
Tags: nostr.TagMap{"p": []string{ourPubkey}},
Tags: nostr.TagMap{"p": []string{kr.GetPublicKey(ctx)}},
Since: &since,
},
}) {
seal, err := nip59.GiftUnwrap(*ie.Event, decrypt)
rumor, err := nip59.GiftUnwrap(
*ie.Event,
func(otherpubkey, ciphertext string) (string, error) { return kr.Decrypt(ctx, ciphertext, otherpubkey) },
)
if err != nil {
nostr.InfoLogger.Printf("[nip17] failed to unwrap received message: %s\n", err)
continue
}

rumor, err := nip59.Unseal(seal, decrypt)
if err != nil {
nostr.InfoLogger.Printf("[nip17] failed to unseal received message: %s\n", err)
continue
}

ch <- rumor
}
}()
Expand Down
69 changes: 39 additions & 30 deletions nip59/nip59.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,83 +9,92 @@ import (
"github.com/nbd-wtf/go-nostr/nip44"
)

// Seal takes a rumor, encrypts it and returns an unsigned 'seal' event, the 'seal' must be signed
// afterwards.
func Seal(rumor nostr.Event, encrypt func(string) (string, error)) (nostr.Event, error) {
// Seal takes a 'rumor', encrypts it with our own key, making a 'seal', then encrypts that with a nonce key and
// signs that (after potentially applying a modify function, which can be nil otherwise), yielding a 'gift-wrap'.
func GiftWrap(
rumor nostr.Event,
recipientPublicKey string,
encrypt func(plaintext string) (string, error),
sign func(*nostr.Event) error,
modify func(*nostr.Event),
) (nostr.Event, error) {
rumor.Sig = ""
ciphertext, err := encrypt(rumor.String())
rumorCiphertext, err := encrypt(rumor.String())
if err != nil {
return nostr.Event{}, err
}

return nostr.Event{
seal := nostr.Event{
Kind: 13,
Content: ciphertext,
Content: rumorCiphertext,
CreatedAt: nostr.Now() - nostr.Timestamp(60*rand.Int63n(600) /* up to 6 hours in the past */),
Tags: make(nostr.Tags, 0),
}, err
}
}
if err := sign(&seal); err != nil {
return nostr.Event{}, err
}

// Takes a signed 'seal' and gift-wraps it using a random key, returns it signed.
//
// modify is a function that takes the gift-wrap before signing, can be used to apply
// NIP-13 PoW or other things, otherwise can be nil.
func GiftWrap(seal nostr.Event, recipientPublicKey string, modify func(*nostr.Event)) (nostr.Event, error) {
nonceKey := nostr.GeneratePrivateKey()
temporaryConversationKey, err := nip44.GenerateConversationKey(recipientPublicKey, nonceKey)
if err != nil {
return nostr.Event{}, err
}

ciphertext, err := nip44.Encrypt(seal.String(), temporaryConversationKey, nil)
sealCiphertext, err := nip44.Encrypt(seal.String(), temporaryConversationKey, nil)
if err != nil {
return nostr.Event{}, err
}

gw := nostr.Event{
Kind: 1059,
Content: ciphertext,
Content: sealCiphertext,
CreatedAt: nostr.Now() - nostr.Timestamp(60*rand.Int63n(600) /* up to 6 hours in the past */),
Tags: nostr.Tags{
nostr.Tag{"p", recipientPublicKey},
},
}

// apply POW if necessary
if modify != nil {
modify(&gw)
}

err = gw.Sign(nonceKey)
if err := seal.Sign(nonceKey); err != nil {
return seal, err
}

return gw, nil
}

func GiftUnwrap(gw nostr.Event, decrypt func(string) (string, error)) (seal nostr.Event, err error) {
jevt, err := decrypt(gw.Content)
func GiftUnwrap(
gw nostr.Event,
decrypt func(otherpubkey, ciphertext string) (string, error),
) (rumor nostr.Event, err error) {
jseal, err := decrypt(gw.PubKey, gw.Content)
if err != nil {
return seal, err
return rumor, err
}

err = easyjson.Unmarshal([]byte(jevt), &seal)
var seal nostr.Event
err = easyjson.Unmarshal([]byte(jseal), &seal)
if err != nil {
return seal, err
return rumor, err
}

if ok, _ := seal.CheckSignature(); !ok {
return seal, fmt.Errorf("seal signature is invalid")
return rumor, fmt.Errorf("seal signature is invalid")
}

return seal, nil
}

func Unseal(seal nostr.Event, decrypt func(string) (string, error)) (rumor nostr.Event, err error) {
jevt, err := decrypt(seal.Content)
jrumor, err := decrypt(seal.PubKey, seal.Content)
if err != nil {
return rumor, err
}

err = easyjson.Unmarshal([]byte(jevt), &rumor)
err = easyjson.Unmarshal([]byte(jrumor), &rumor)
if err != nil {
return rumor, err
}

rumor.PubKey = seal.PubKey
rumor.ID = rumor.GetID()

return rumor, nil
}

0 comments on commit 5e2e0bf

Please sign in to comment.