keyring -> keyer, fix misunderstanding with NIP-59 and adjust api.

2025-08-27 14:22:20 +02:00 · 2024-09-11 11:43:49 -03:00
parent 9addd57db7
commit 5e2e0bf458
7 changed files with 74 additions and 73 deletions
--- a/keyring/bunker.go
+++ b/keyring/bunker.go
@@ -1,4 +1,4 @@
-package keyring
+package keyer

 import (
 	"context"
--- a/keyring/encrypted.go
+++ b/keyring/encrypted.go
@@ -1,4 +1,4 @@
-package keyring
+package keyer

 import (
 	"context"
--- a/keyring/lib.go
+++ b/keyring/lib.go
@@ -1,4 +1,4 @@
-package keyring
+package keyer

 import (
 	"context"
@@ -13,7 +13,7 @@ import (
 	"github.com/nbd-wtf/go-nostr/nip49"
 )

-type Keyring interface {
+type Keyer interface {
 	Signer
 	Cipher
 }
@@ -43,7 +43,7 @@ type SignerOptions struct {
 	Password string
 }

-func New(ctx context.Context, pool *nostr.SimplePool, input string, opts *SignerOptions) (Keyring, error) {
+func New(ctx context.Context, pool *nostr.SimplePool, input string, opts *SignerOptions) (Keyer, error) {
 	if opts == nil {
 		opts = &SignerOptions{}
 	}
--- a/keyring/manual.go
+++ b/keyring/manual.go
@@ -1,4 +1,4 @@
-package keyring
+package keyer

 import (
 	"context"
--- a/keyring/plain.go
+++ b/keyring/plain.go
@@ -1,4 +1,4 @@
-package keyring
+package keyer

 import (
 	"context"
--- a/nip17/nip17.go
+++ b/nip17/nip17.go
@@ -2,9 +2,9 @@ package nip17

 import (
 	"context"
-	"fmt"

 	"github.com/nbd-wtf/go-nostr"
+	"github.com/nbd-wtf/go-nostr/keyer"
 	"github.com/nbd-wtf/go-nostr/nip59"
 )

@@ -31,11 +31,10 @@ func GetDMRelays(ctx context.Context, pubkey string, pool *nostr.SimplePool, rel
 }

 func PrepareMessage(
+	ctx context.Context,
 	content string,
 	tags nostr.Tags,
-	ourPubkey string,
-	encrypt func(string) (string, error),
-	finalizeAndSign func(*nostr.Event) error,
+	kr keyer.Keyer,
 	recipientPubKey string,
 	modify func(*nostr.Event),
 ) (nostr.Event, error) {
@@ -44,55 +43,48 @@ func PrepareMessage(
 		Content:   content,
 		Tags:      tags,
 		CreatedAt: nostr.Now(),
-		PubKey:    ourPubkey,
+		PubKey:    kr.GetPublicKey(ctx),
 	}
 	rumor.ID = rumor.GetID()

-	seal, err := nip59.Seal(rumor, encrypt)
-	if err != nil {
-		return nostr.Event{}, fmt.Errorf("failed to seal: %w", err)
-	}
-
-	if err := finalizeAndSign(&seal); err != nil {
-		return nostr.Event{}, fmt.Errorf("finalizeAndSign failed: %w", err)
-	}
-
-	return nip59.GiftWrap(seal, recipientPubKey, modify)
+	return nip59.GiftWrap(
+		rumor,
+		recipientPubKey,
+		func(s string) (string, error) { return kr.Encrypt(ctx, s, recipientPubKey) },
+		func(e *nostr.Event) error { return kr.SignEvent(ctx, e) },
+		modify,
+	)
 }

 // ListenForMessages returns a channel with the rumors already decrypted and checked
 func ListenForMessages(
 	ctx context.Context,
 	pool *nostr.SimplePool,
-	relays []string,
-	ourPubkey string,
+	kr keyer.Keyer,
+	ourRelays []string,
 	since nostr.Timestamp,
-	decrypt func(string) (string, error),
 ) chan nostr.Event {
 	ch := make(chan nostr.Event)

 	go func() {
 		defer close(ch)

-		for ie := range pool.SubMany(ctx, relays, nostr.Filters{
+		for ie := range pool.SubMany(ctx, ourRelays, nostr.Filters{
 			{
 				Kinds: []int{1059},
-				Tags:  nostr.TagMap{"p": []string{ourPubkey}},
+				Tags:  nostr.TagMap{"p": []string{kr.GetPublicKey(ctx)}},
 				Since: &since,
 			},
 		}) {
-			seal, err := nip59.GiftUnwrap(*ie.Event, decrypt)
+			rumor, err := nip59.GiftUnwrap(
+				*ie.Event,
+				func(otherpubkey, ciphertext string) (string, error) { return kr.Decrypt(ctx, ciphertext, otherpubkey) },
+			)
 			if err != nil {
 				nostr.InfoLogger.Printf("[nip17] failed to unwrap received message: %s\n", err)
 				continue
 			}

-			rumor, err := nip59.Unseal(seal, decrypt)
-			if err != nil {
-				nostr.InfoLogger.Printf("[nip17] failed to unseal received message: %s\n", err)
-				continue
-			}
-
 			ch <- rumor
 		}
 	}()
--- a/nip59/nip59.go
+++ b/nip59/nip59.go
@@ -9,83 +9,92 @@ import (
 	"github.com/nbd-wtf/go-nostr/nip44"
 )

-// Seal takes a rumor, encrypts it and returns an unsigned 'seal' event, the 'seal' must be signed
-// afterwards.
-func Seal(rumor nostr.Event, encrypt func(string) (string, error)) (nostr.Event, error) {
+// Seal takes a 'rumor', encrypts it with our own key, making a 'seal', then encrypts that with a nonce key and
+// signs that (after potentially applying a modify function, which can be nil otherwise), yielding a 'gift-wrap'.
+func GiftWrap(
+	rumor nostr.Event,
+	recipientPublicKey string,
+	encrypt func(plaintext string) (string, error),
+	sign func(*nostr.Event) error,
+	modify func(*nostr.Event),
+) (nostr.Event, error) {
 	rumor.Sig = ""
-	ciphertext, err := encrypt(rumor.String())
+	rumorCiphertext, err := encrypt(rumor.String())
+	if err != nil {
+		return nostr.Event{}, err
+	}

-	return nostr.Event{
+	seal := nostr.Event{
 		Kind:      13,
-		Content:   ciphertext,
+		Content:   rumorCiphertext,
 		CreatedAt: nostr.Now() - nostr.Timestamp(60*rand.Int63n(600) /* up to 6 hours in the past */),
 		Tags:      make(nostr.Tags, 0),
-	}, err
-}
+	}
+	if err := sign(&seal); err != nil {
+		return nostr.Event{}, err
+	}

-// Takes a signed 'seal' and gift-wraps it using a random key, returns it signed.
-//
-// modify is a function that takes the gift-wrap before signing, can be used to apply
-// NIP-13 PoW or other things, otherwise can be nil.
-func GiftWrap(seal nostr.Event, recipientPublicKey string, modify func(*nostr.Event)) (nostr.Event, error) {
 	nonceKey := nostr.GeneratePrivateKey()
 	temporaryConversationKey, err := nip44.GenerateConversationKey(recipientPublicKey, nonceKey)
 	if err != nil {
 		return nostr.Event{}, err
 	}
-
-	ciphertext, err := nip44.Encrypt(seal.String(), temporaryConversationKey, nil)
+	sealCiphertext, err := nip44.Encrypt(seal.String(), temporaryConversationKey, nil)
 	if err != nil {
 		return nostr.Event{}, err
 	}

 	gw := nostr.Event{
 		Kind:      1059,
-		Content:   ciphertext,
+		Content:   sealCiphertext,
 		CreatedAt: nostr.Now() - nostr.Timestamp(60*rand.Int63n(600) /* up to 6 hours in the past */),
 		Tags: nostr.Tags{
 			nostr.Tag{"p", recipientPublicKey},
 		},
 	}

-	// apply POW if necessary
 	if modify != nil {
 		modify(&gw)
 	}

-	err = gw.Sign(nonceKey)
+	if err := seal.Sign(nonceKey); err != nil {
+		return seal, err
+	}
+
 	return gw, nil
 }

-func GiftUnwrap(gw nostr.Event, decrypt func(string) (string, error)) (seal nostr.Event, err error) {
-	jevt, err := decrypt(gw.Content)
-	if err != nil {
-		return seal, err
-	}
-
-	err = easyjson.Unmarshal([]byte(jevt), &seal)
-	if err != nil {
-		return seal, err
-	}
-
-	if ok, _ := seal.CheckSignature(); !ok {
-		return seal, fmt.Errorf("seal signature is invalid")
-	}
-
-	return seal, nil
-}
-
-func Unseal(seal nostr.Event, decrypt func(string) (string, error)) (rumor nostr.Event, err error) {
-	jevt, err := decrypt(seal.Content)
+func GiftUnwrap(
+	gw nostr.Event,
+	decrypt func(otherpubkey, ciphertext string) (string, error),
+) (rumor nostr.Event, err error) {
+	jseal, err := decrypt(gw.PubKey, gw.Content)
 	if err != nil {
 		return rumor, err
 	}

-	err = easyjson.Unmarshal([]byte(jevt), &rumor)
+	var seal nostr.Event
+	err = easyjson.Unmarshal([]byte(jseal), &seal)
+	if err != nil {
+		return rumor, err
+	}
+
+	if ok, _ := seal.CheckSignature(); !ok {
+		return rumor, fmt.Errorf("seal signature is invalid")
+	}
+
+	jrumor, err := decrypt(seal.PubKey, seal.Content)
+	if err != nil {
+		return rumor, err
+	}
+
+	err = easyjson.Unmarshal([]byte(jrumor), &rumor)
 	if err != nil {
 		return rumor, err
 	}

 	rumor.PubKey = seal.PubKey
+	rumor.ID = rumor.GetID()
+
 	return rumor, nil
 }