From 4901fa0fd5a9808334791a4652595dd8f54d1b41 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Mon, 5 Jan 2026 16:57:52 +0000
Subject: [PATCH] refactor: reduce NIP-46 permissions to minimum required

- Only request get_public_key permission
- Only request signing for event kinds Grimoire actually uses:
  - Kind 5: Delete events
  - Kind 777: Spells
  - Kind 30777: Spellbooks
- Removed unnecessary encryption and other event kind permissions
- Follows principle of least privilege
- Improves user trust and security
---
 src/components/LoginDialog.tsx | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/src/components/LoginDialog.tsx b/src/components/LoginDialog.tsx
index 11c0d28..2c79663 100644
--- a/src/components/LoginDialog.tsx
+++ b/src/components/LoginDialog.tsx
@@ -59,19 +59,10 @@ export default function LoginDialog({ open, onOpenChange }: LoginDialogProps) {
             name: "Grimoire",
             url: window.location.origin,
             permissions: [
-              "sign_event:1",  // Short text notes
-              "sign_event:3",  // Contact list
-              "sign_event:6",  // Reposts
-              "sign_event:7",  // Reactions
-              "sign_event:1984", // Reporting
-              "sign_event:9734", // Zap requests
-              "sign_event:9735", // Zap receipts
-              "sign_event:10002", // Relay list
-              "sign_event:30023", // Long-form content
-              "nip04_encrypt",
-              "nip04_decrypt",
-              "nip44_encrypt",
-              "nip44_decrypt",
+              "get_public_key",
+              "sign_event:5",     // Delete events
+              "sign_event:777",   // Spells
+              "sign_event:30777", // Spellbooks
             ],
           });