highperfocused/go-nostr
1
0
Fork 0
mirror of https://github.com/nbd-wtf/go-nostr.git synced 2025-06-18 21:02:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

make libsecp256k1 available with a build tag.

Browse Source
This commit is contained in:
fiatjaf 2024-09-27 17:35:43 -03:00
parent 7503643e80
commit 47d493b7e8
11 changed files with 189 additions and 249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
README.md
View File

@ -126,6 +126,25 @@ nostr.InfoLogger = log.New(io.Discard, "", 0)
go run example/example.go go run example/example.go
``` ```
### Using [`libsecp256k1`](https://github.com/bitcoin-core/secp256k1)
[`libsecp256k1`](https://github.com/bitcoin-core/secp256k1) is very fast:
```
goos: linux
goarch: amd64
cpu: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
BenchmarkWithoutLibsecp256k1/sign-4 2794 434114 ns/op
BenchmarkWithoutLibsecp256k1/check-4 4352 297416 ns/op
BenchmarkWithLibsecp256k1/sign-4 12559 94607 ns/op
BenchmarkWithLibsecp256k1/check-4 13761 84595 ns/op
PASS
```
But to use it you need the host to have it installed as a shared library and CGO to be supported, so we don't compile against it by default.
To use it, use `-tags=libsecp256k1` whenever you're compiling your program that uses this library.
## Warning: risk of goroutine bloat (if used incorrectly) ## Warning: risk of goroutine bloat (if used incorrectly)
Remember to cancel subscriptions, either by calling `.Unsub()` on them or ensuring their `context.Context` will be canceled at some point. Remember to cancel subscriptions, either by calling `.Unsub()` on them or ensuring their `context.Context` will be canceled at some point.

59
event.go
View File

@ -5,8 +5,6 @@ import (
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"github.com/btcsuite/btcd/btcec/v2"
"github.com/btcsuite/btcd/btcec/v2/schnorr"
"github.com/mailru/easyjson" "github.com/mailru/easyjson"
) )
@ -85,63 +83,6 @@ func (evt *Event) Serialize() []byte {
return dst return dst
} }
// CheckSignature checks if the signature is valid for the id
// (which is a hash of the serialized event content).
// returns an error if the signature itself is invalid.
func (evt Event) CheckSignature() (bool, error) {
// read and check pubkey
pk, err := hex.DecodeString(evt.PubKey)
if err != nil {
return false, fmt.Errorf("event pubkey '%s' is invalid hex: %w", evt.PubKey, err)
}
pubkey, err := schnorr.ParsePubKey(pk)
if err != nil {
return false, fmt.Errorf("event has invalid pubkey '%s': %w", evt.PubKey, err)
}
// read signature
s, err := hex.DecodeString(evt.Sig)
if err != nil {
return false, fmt.Errorf("signature '%s' is invalid hex: %w", evt.Sig, err)
}
sig, err := schnorr.ParseSignature(s)
if err != nil {
return false, fmt.Errorf("failed to parse signature: %w", err)
}
// check signature
hash := sha256.Sum256(evt.Serialize())
return sig.Verify(hash[:], pubkey), nil
}
// Sign signs an event with a given privateKey.
func (evt *Event) Sign(privateKey string, signOpts ...schnorr.SignOption) error {
s, err := hex.DecodeString(privateKey)
if err != nil {
return fmt.Errorf("Sign called with invalid private key '%s': %w", privateKey, err)
}
if evt.Tags == nil {
evt.Tags = make(Tags, 0)
}
sk, pk := btcec.PrivKeyFromBytes(s)
pkBytes := pk.SerializeCompressed()
evt.PubKey = hex.EncodeToString(pkBytes[1:])
h := sha256.Sum256(evt.Serialize())
sig, err := schnorr.Sign(sk, h[:], signOpts...)
if err != nil {
return err
}
evt.ID = hex.EncodeToString(h[:])
evt.Sig = hex.EncodeToString(sig.Serialize())
return nil
}
// IsRegular checks if the given kind is in Regular range. // IsRegular checks if the given kind is in Regular range.
func (evt *Event) IsRegular() bool { func (evt *Event) IsRegular() bool {
return evt.Kind < 10000 && evt.Kind != 0 && evt.Kind != 3 return evt.Kind < 10000 && evt.Kind != 0 && evt.Kind != 3

33
libsecp256k1/README.md
View File

@ -1,33 +0,0 @@
This wraps [libsecp256k1](https://github.com/bitcoin-core/secp256k1) with `cgo`.
It doesn't embed the library or anything smart like that because I don't know how to do it, so you must have it installed in your system.
It is faster than the pure Go version:
```
goos: linux
goarch: amd64
pkg: github.com/nbd-wtf/go-nostr/libsecp256k1
cpu: AMD Ryzen 3 3200G with Radeon Vega Graphics
BenchmarkSignatureVerification/btcec-4 145 7873130 ns/op 127069 B/op 579 allocs/op
BenchmarkSignatureVerification/libsecp256k1-4 502 2314573 ns/op 112241 B/op 392 allocs/op
```
To use it manually, just import. To use it inside the automatic verification that happens for subscriptions, set it up with a `SimplePool`:
```go
pool := nostr.NewSimplePool()
pool.SignatureChecker = func (evt nostr.Event) bool {
ok, _ := libsecp256k1.CheckSignature(evt)
return ok
}
```
Or directly to the `Relay`:
```go
relay := nostr.RelayConnect(context.Background(), "wss://relay.nostr.com", nostr.WithSignatureChecker(func (evt nostr.Event) bool {
ok, _ := libsecp256k1.CheckSignature(evt)
return ok
}))
```

34
libsecp256k1/benchmark_test.go
View File

@ -1,34 +0,0 @@
package libsecp256k1
import (
"encoding/json"
"testing"
"github.com/nbd-wtf/go-nostr"
"github.com/nbd-wtf/go-nostr/test_common"
)
func BenchmarkSignatureVerification(b *testing.B) {
events := make([]*nostr.Event, len(test_common.NormalEvents))
for i, jevt := range test_common.NormalEvents {
evt := &nostr.Event{}
json.Unmarshal([]byte(jevt), evt)
events[i] = evt
}
b.Run("btcec", func(b *testing.B) {
for i := 0; i < b.N; i++ {
for _, evt := range events {
evt.CheckSignature()
}
}
})
b.Run("libsecp256k1", func(b *testing.B) {
for i := 0; i < b.N; i++ {
for _, evt := range events {
CheckSignature(evt)
}
}
})
}

51
libsecp256k1/bip340.go
View File

@ -1,51 +0,0 @@
package libsecp256k1
/*
#cgo LDFLAGS: -lsecp256k1
#include <secp256k1.h>
#include <secp256k1_schnorrsig.h>
#include <secp256k1_extrakeys.h>
*/
import "C"
import (
"crypto/rand"
"errors"
"unsafe"
)
var globalSecp256k1Context *C.secp256k1_context
func init() {
globalSecp256k1Context = C.secp256k1_context_create(C.SECP256K1_CONTEXT_SIGN | C.SECP256K1_CONTEXT_VERIFY)
if globalSecp256k1Context == nil {
panic("failed to create secp256k1 context")
}
}
func Sign(msg [32]byte, sk [32]byte) ([64]byte, error) {
var sig [64]byte
var keypair C.secp256k1_keypair
if C.secp256k1_keypair_create(globalSecp256k1Context, &keypair, (*C.uchar)(unsafe.Pointer(&sk[0]))) != 1 {
return sig, errors.New("failed to parse private key")
}
var random [32]byte
rand.Read(random[:])
if C.secp256k1_schnorrsig_sign32(globalSecp256k1Context, (*C.uchar)(unsafe.Pointer(&sig[0])), (*C.uchar)(unsafe.Pointer(&msg[0])), &keypair, (*C.uchar)(unsafe.Pointer(&random[0]))) != 1 {
return sig, errors.New("failed to sign message")
}
return sig, nil
}
func Verify(msg [32]byte, sig [64]byte, pk [32]byte) bool {
var xonly C.secp256k1_xonly_pubkey
if C.secp256k1_xonly_pubkey_parse(globalSecp256k1Context, &xonly, (*C.uchar)(unsafe.Pointer(&pk[0]))) != 1 {
return false
}
return C.secp256k1_schnorrsig_verify(globalSecp256k1Context, (*C.uchar)(unsafe.Pointer(&sig[0])), (*C.uchar)(unsafe.Pointer(&msg[0])), 32, &xonly) == 1
}

20
libsecp256k1/signverify_test.go
View File

@ -1,20 +0,0 @@
package libsecp256k1
import (
"encoding/json"
"testing"
"github.com/nbd-wtf/go-nostr"
"github.com/nbd-wtf/go-nostr/test_common"
"github.com/stretchr/testify/assert"
)
func TestEventVerification(t *testing.T) {
for _, jevt := range test_common.NormalEvents {
evt := &nostr.Event{}
json.Unmarshal([]byte(jevt), evt)
ok, _ := CheckSignature(evt)
shouldBe, _ := evt.CheckSignature()
assert.Equal(t, ok, shouldBe, "%s signature must be %s", jevt, shouldBe)
}
}

26
libsecp256k1/verify.go
View File

@ -1,26 +0,0 @@
package libsecp256k1
import (
"crypto/sha256"
"encoding/hex"
"fmt"
"github.com/nbd-wtf/go-nostr"
)
func CheckSignature(evt *nostr.Event) (bool, error) {
var pk [32]byte
_, err := hex.Decode(pk[:], []byte(evt.PubKey))
if err != nil {
return false, fmt.Errorf("event pubkey '%s' is invalid hex: %w", evt.PubKey, err)
}
var sig [64]byte
_, err = hex.Decode(sig[:], []byte(evt.Sig))
if err != nil {
return false, fmt.Errorf("event signature '%s' is invalid hex: %w", evt.Sig, err)
}
msg := sha256.Sum256(evt.Serialize())
return Verify(msg, sig, pk), nil
}

14
pool.go
View File

@ -27,10 +27,9 @@ type SimplePool struct {
eventMiddleware []func(RelayEvent) eventMiddleware []func(RelayEvent)
// custom things not often used // custom things not often used
signatureChecker func(Event) bool penaltyBoxMu sync.Mutex
penaltyBoxMu sync.Mutex penaltyBox map[string][2]float64
penaltyBox map[string][2]float64 userAgent string
userAgent string
} }
type DirectedFilters struct { type DirectedFilters struct {
@ -161,12 +160,7 @@ func (pool *SimplePool) EnsureRelay(url string) (*Relay, error) {
ctx, cancel := context.WithTimeout(pool.Context, time.Second*15) ctx, cancel := context.WithTimeout(pool.Context, time.Second*15)
defer cancel() defer cancel()
opts := make([]RelayOption, 0, 1+len(pool.eventMiddleware)) relay = NewRelay(context.Background(), url)
if pool.signatureChecker != nil {
opts = append(opts, WithSignatureChecker(pool.signatureChecker))
}
relay = NewRelay(context.Background(), url, opts...)
relay.RequestHeader.Set("User-Agent", pool.userAgent) relay.RequestHeader.Set("User-Agent", pool.userAgent)
if err := relay.Connect(ctx); err != nil { if err := relay.Connect(ctx); err != nil {

18
relay.go
View File

@ -39,7 +39,6 @@ type Relay struct {
okCallbacks *xsync.MapOf[string, func(bool, string)] okCallbacks *xsync.MapOf[string, func(bool, string)]
writeQueue chan writeRequest writeQueue chan writeRequest
subscriptionChannelCloseQueue chan *Subscription subscriptionChannelCloseQueue chan *Subscription
signatureChecker func(Event) bool
// custom things that aren't often used // custom things that aren't often used
// //
@ -62,11 +61,7 @@ func NewRelay(ctx context.Context, url string, opts ...RelayOption) *Relay {
okCallbacks: xsync.NewMapOf[string, func(bool, string)](), okCallbacks: xsync.NewMapOf[string, func(bool, string)](),
writeQueue: make(chan writeRequest), writeQueue: make(chan writeRequest),
subscriptionChannelCloseQueue: make(chan *Subscription), subscriptionChannelCloseQueue: make(chan *Subscription),
signatureChecker: func(e Event) bool { RequestHeader: make(http.Header, 1),
ok, _ := e.CheckSignature()
return ok
},
RequestHeader: make(http.Header, 1),
} }
for _, opt := range opts { for _, opt := range opts {
@ -93,7 +88,6 @@ type RelayOption interface {
var ( var (
_ RelayOption = (WithNoticeHandler)(nil) _ RelayOption = (WithNoticeHandler)(nil)
_ RelayOption = (WithSignatureChecker)(nil)
_ RelayOption = (WithCustomHandler)(nil) _ RelayOption = (WithCustomHandler)(nil)
) )
@ -105,14 +99,6 @@ func (nh WithNoticeHandler) ApplyRelayOption(r *Relay) {
r.noticeHandler = nh r.noticeHandler = nh
} }
// WithSignatureChecker must be a function that checks the signature of an
// event and returns true or false.
type WithSignatureChecker func(Event) bool
func (sc WithSignatureChecker) ApplyRelayOption(r *Relay) {
r.signatureChecker = sc
}
// WithCustomHandler must be a function that handles any relay message that couldn't be // WithCustomHandler must be a function that handles any relay message that couldn't be
// parsed as a standard envelope. // parsed as a standard envelope.
type WithCustomHandler func(data []byte) type WithCustomHandler func(data []byte)
@ -267,7 +253,7 @@ func (r *Relay) ConnectWithTLS(ctx context.Context, tlsConfig *tls.Config) error
// check signature, ignore invalid, except from trusted (AssumeValid) relays // check signature, ignore invalid, except from trusted (AssumeValid) relays
if !r.AssumeValid { if !r.AssumeValid {
if ok := r.signatureChecker(env.Event); !ok { if ok, _ := env.Event.CheckSignature(); !ok {
InfoLogger.Printf("{%s} bad signature on %s\n", r.URL, env.Event.ID) InfoLogger.Printf("{%s} bad signature on %s\n", r.URL, env.Event.ID)
continue continue
} }

69
signature.go Normal file
View File

@ -0,0 +1,69 @@
//go:build !libsecp256k1
package nostr
import (
"crypto/sha256"
"encoding/hex"
"fmt"
"github.com/btcsuite/btcd/btcec/v2"
"github.com/btcsuite/btcd/btcec/v2/schnorr"
)
// CheckSignature checks if the signature is valid for the id
// (which is a hash of the serialized event content).
// returns an error if the signature itself is invalid.
func (evt Event) CheckSignature() (bool, error) {
// read and check pubkey
pk, err := hex.DecodeString(evt.PubKey)
if err != nil {
return false, fmt.Errorf("event pubkey '%s' is invalid hex: %w", evt.PubKey, err)
}
pubkey, err := schnorr.ParsePubKey(pk)
if err != nil {
return false, fmt.Errorf("event has invalid pubkey '%s': %w", evt.PubKey, err)
}
// read signature
s, err := hex.DecodeString(evt.Sig)
if err != nil {
return false, fmt.Errorf("signature '%s' is invalid hex: %w", evt.Sig, err)
}
sig, err := schnorr.ParseSignature(s)
if err != nil {
return false, fmt.Errorf("failed to parse signature: %w", err)
}
// check signature
hash := sha256.Sum256(evt.Serialize())
return sig.Verify(hash[:], pubkey), nil
}
// Sign signs an event with a given privateKey.
func (evt *Event) Sign(secretKey string, signOpts ...schnorr.SignOption) error {
s, err := hex.DecodeString(secretKey)
if err != nil {
return fmt.Errorf("Sign called with invalid secret key '%s': %w", secretKey, err)
}
if evt.Tags == nil {
evt.Tags = make(Tags, 0)
}
sk, pk := btcec.PrivKeyFromBytes(s)
pkBytes := pk.SerializeCompressed()
evt.PubKey = hex.EncodeToString(pkBytes[1:])
h := sha256.Sum256(evt.Serialize())
sig, err := schnorr.Sign(sk, h[:], signOpts...)
if err != nil {
return err
}
evt.ID = hex.EncodeToString(h[:])
evt.Sig = hex.EncodeToString(sig.Serialize())
return nil
}

95
signature_libsecp256k1.go Normal file
View File

@ -0,0 +1,95 @@
//go:build libsecp256k1
package nostr
/*
#cgo LDFLAGS: -lsecp256k1
#include <secp256k1.h>
#include <secp256k1_schnorrsig.h>
#include <secp256k1_extrakeys.h>
*/
import "C"
import (
"crypto/rand"
"crypto/sha256"
"encoding/hex"
"errors"
"fmt"
"unsafe"
"github.com/btcsuite/btcd/btcec/v2/schnorr"
)
// CheckSignature checks if the signature is valid for the id
// (which is a hash of the serialized event content).
// returns an error if the signature itself is invalid.
func (evt Event) CheckSignature() (bool, error) {
var pk [32]byte
_, err := hex.Decode(pk[:], []byte(evt.PubKey))
if err != nil {
return false, fmt.Errorf("event pubkey '%s' is invalid hex: %w", evt.PubKey, err)
}
var sig [64]byte
_, err = hex.Decode(sig[:], []byte(evt.Sig))
if err != nil {
return false, fmt.Errorf("event signature '%s' is invalid hex: %w", evt.Sig, err)
}
msg := sha256.Sum256(evt.Serialize())
var xonly C.secp256k1_xonly_pubkey
if C.secp256k1_xonly_pubkey_parse(globalSecp256k1Context, &xonly, (*C.uchar)(unsafe.Pointer(&pk[0]))) != 1 {
return false, fmt.Errorf("failed to parse xonly pubkey")
}
res := C.secp256k1_schnorrsig_verify(globalSecp256k1Context, (*C.uchar)(unsafe.Pointer(&sig[0])), (*C.uchar)(unsafe.Pointer(&msg[0])), 32, &xonly)
return res == 1, nil
}
// Sign signs an event with a given privateKey.
func (evt *Event) Sign(secretKey string, signOpts ...schnorr.SignOption) error {
sk, err := hex.DecodeString(secretKey)
if err != nil {
return fmt.Errorf("Sign called with invalid secret key '%s': %w", secretKey, err)
}
if evt.Tags == nil {
evt.Tags = make(Tags, 0)
}
var keypair C.secp256k1_keypair
if C.secp256k1_keypair_create(globalSecp256k1Context, &keypair, (*C.uchar)(unsafe.Pointer(&sk[0]))) != 1 {
return errors.New("failed to parse private key")
}
var xonly C.secp256k1_xonly_pubkey
var pk [32]byte
C.secp256k1_keypair_xonly_pub(globalSecp256k1Context, &xonly, nil, &keypair)
C.secp256k1_xonly_pubkey_serialize(globalSecp256k1Context, (*C.uchar)(unsafe.Pointer(&pk[0])), &xonly)
evt.PubKey = hex.EncodeToString(pk[:])
h := sha256.Sum256(evt.Serialize())
var sig [64]byte
var random [32]byte
rand.Read(random[:])
if C.secp256k1_schnorrsig_sign32(globalSecp256k1Context, (*C.uchar)(unsafe.Pointer(&sig[0])), (*C.uchar)(unsafe.Pointer(&h[0])), &keypair, (*C.uchar)(unsafe.Pointer(&random[0]))) != 1 {
return errors.New("failed to sign message")
}
evt.ID = hex.EncodeToString(h[:])
evt.Sig = hex.EncodeToString(sig[:])
return nil
}
var globalSecp256k1Context *C.secp256k1_context
func init() {
globalSecp256k1Context = C.secp256k1_context_create(C.SECP256K1_CONTEXT_SIGN | C.SECP256K1_CONTEXT_VERIFY)
if globalSecp256k1Context == nil {
panic("failed to create secp256k1 context")
}
}