Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add nip44 v2 #326

Merged
merged 1 commit into from
Dec 21, 2023
Merged

Add nip44 v2 #326

merged 1 commit into from
Dec 21, 2023

Conversation

staab
Copy link
Contributor

@staab staab commented Dec 18, 2023

No description provided.

@staab staab mentioned this pull request Dec 18, 2023
Merged
@staab
Copy link
Contributor Author

staab commented Dec 18, 2023

@paulmillr I ported everything from your repo to nostr-tools, just want to double check that it's ready for primetime. Ok to merge this?

@paulmillr
Copy link
Contributor

wait until branch gets into main and it'll be good to go.

@staab staab mentioned this pull request Dec 20, 2023
Merged
@staab staab marked this pull request as ready for review December 20, 2023 22:41
@staab
Copy link
Contributor Author

staab commented Dec 20, 2023

This is up to date with @paulmillr's library and ready to merge

@paulmillr
Copy link
Contributor

perhaps we should later publish nip44 pkg separately? thoughts?

@staab
Copy link
Contributor Author

staab commented Dec 20, 2023

perhaps we should later publish nip44 pkg separately

I think this would be ideal for people who want small dependencies. nostr-tools is a good place to start, and could later include the standalone as a dependency

@paulmillr
Copy link
Contributor

@staab offtopic, with regards to mac stuff: it wasn’t mentioned in audits, so there was nothing to fix. it’s just something i’ve mentioned in spec - we should keep the notice there for now.

@staab
Copy link
Contributor Author

staab commented Dec 20, 2023

NOS-01-009 says:

In other words, not authenticating the nonce in the Encrypt-then-MAC scheme does not produce an authenticated encryption scheme, since the MAC tag is easily forgeable. While the NIP44 specification suffers from this vulnerability, the overall NOSTR protocol manages to prevent forgeries.

This seems to be fixed based on Encryption step 6, but the spec says:

Encrypt-then-mac-then-sign instead of encrypt-then-sign-then-mac: only events wrapped in NIP-01 signed envelope are currently accepted by nostr.

Just trying to understand here, which signature is this talking about? Is encrypt-then-sign-then-mac the standard because it authenticates the signature? Are nostr event signature self-authenticating?

@fiatjaf fiatjaf merged commit bf3818e into nbd-wtf:master Dec 21, 2023
1 of 2 checks passed
@fiatjaf
Copy link
Collaborator

fiatjaf commented Dec 21, 2023

This package can be imported as import { v2 } from 'nostr-tools/nip44 without including any of the other things in the library.

@paulmillr
Copy link
Contributor

paulmillr commented Dec 21, 2023
edited
Loading

@staab MAC should be the last step (after signature) because calculating and verifying mac is fast. If the message has been tampered with, it would be shown immediately.

We can't use MAC as last step, because then the whole thing would need to be a bunch of bytes instead of nicely formatted JSON. MAC is calculated over ciphertext, so we'll need to encrypt full event, and we can't do that - relays won't accept it.

Also there is no standard way. Everybody cooks something for their own goal. Our current way is good enough.

@staab staab deleted the nip44 branch December 21, 2023 20:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@staab @paulmillr @fiatjaf