nostr 0.4.0 → 0.5.0

data/lib/nostr/bech32.rb

@@ -0,0 +1,203 @@
+# frozen_string_literal: true
+
+require 'bech32'
+require 'bech32/nostr'
+require 'bech32/nostr/entity'
+
+module Nostr
+  # Bech32 encoding and decoding
+  #
+  # @api public
+  #
+  module Bech32
+    # Decodes a bech32-encoded string
+    #
+    # @api public
+    #
+    # @example
+    #   bech32_value = 'npub10elfcs4fr0l0r8af98jlmgdh9c8tcxjvz9qkw038js35mp4dma8qzvjptg'
+    #   Nostr::Bech32.decode(bech32_value) # => ['npub', '7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d8...']
+    #
+    # @param [String] bech32_value The bech32-encoded string to decode
+    #
+    # @return [Array<String, String>] The human readable part and the data
+    #
+    def self.decode(bech32_value)
+      entity = ::Bech32::Nostr::NIP19.decode(bech32_value)
+
+      case entity
+      in ::Bech32::Nostr::BareEntity
+        [entity.hrp, entity.data]
+      in ::Bech32::Nostr::TLVEntity
+        [entity.hrp, entity.entries]
+      end
+    end
+
+    # Encodes data into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   Nostr::Bech32.encode(hrp: 'npub', data: '7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e')
+    #   # => 'npub10elfcs4fr0l0r8af98jlmgdh9c8tcxjvz9qkw038js35mp4dma8qzvjptg'
+    #
+    # @param [String] hrp The human readable part (npub, nsec, nprofile, nrelay, nevent, naddr, etc)
+    # @param [String] data The data to encode
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.encode(hrp:, data:)
+      ::Bech32::Nostr::BareEntity.new(hrp, data).encode
+    end
+
+    # Encodes a hex-encoded public key into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   Nostr::Bech32.npub_encode('7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e')
+    #   # => 'npub10elfcs4fr0l0r8af98jlmgdh9c8tcxjvz9qkw038js35mp4dma8qzvjptg'
+    #
+    # @param [String] npub The public key to encode
+    #
+    # @see Nostr::Bech32#encode
+    # @see Nostr::PublicKey#to_bech32
+    # @see Nostr::PrivateKey#to_bech32
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.npub_encode(npub)
+      encode(hrp: 'npub', data: npub)
+    end
+
+    # Encodes a hex-encoded private key into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   Nostr::Bech32.nsec_encode('7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e')
+    #   # => 'nsec10elfcs4fr0l0r8af98jlmgdh9c8tcxjvz9qkw038js35mp4dma8qzvjptg'
+    #
+    # @param [String] nsec The private key to encode
+    #
+    # @see Nostr::Bech32#encode
+    # @see Nostr::PrivateKey#to_bech32
+    # @see Nostr::PublicKey#to_bech32
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.nsec_encode(nsec)
+      encode(hrp: 'nsec', data: nsec)
+    end
+
+    # Encodes an address into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   naddr = Nostr::Bech32.naddr_encode(
+    #     pubkey: '7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e',
+    #     relays: ['wss://relay.damus.io', 'wss://nos.lol'],
+    #     kind: Nostr::EventKind::TEXT_NOTE,
+    #     identifier: 'damus'
+    #   )
+    #   naddr # => 'naddr1qgs8ul5ug253hlh3n75jne0a5xmjur4urfxpzst88cnegg6ds6ka7ns...'
+    #
+    # @param [PublicKey] pubkey The public key to encode
+    # @param [Array<String>] relays The relays to encode
+    # @param [String] kind The kind of address to encode
+    # @param [String] identifier The identifier of the address to encode
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.naddr_encode(pubkey:, relays: [], kind: nil, identifier: nil)
+      entry_relays = relays.map do |relay_url|
+        ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_RELAY, relay_url)
+      end
+
+      pubkey_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_AUTHOR, pubkey)
+      kind_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_KIND, kind)
+      identifier_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_SPECIAL, identifier)
+
+      entries = [pubkey_entry, *entry_relays, kind_entry, identifier_entry].compact
+      entity = ::Bech32::Nostr::TLVEntity.new(::Bech32::Nostr::NIP19::HRP_EVENT_COORDINATE, entries)
+      entity.encode
+    end
+
+    # Encodes an event into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   nevent = Nostr::Bech32.nevent_encode(
+    #     id: '0fdb90f8e234d3400edafdd26d493f12efc0d7de2c6f9f21f997847d33ad2ea3',
+    #     relays: ['wss://relay.damus.io', 'wss://nos.lol'],
+    #     kind: Nostr::EventKind::TEXT_NOTE,
+    #   )
+    #   nevent # => 'nevent1qgsqlkuslr3rf56qpmd0m5ndfyl39m7q6l0zcmuly8ue0pra...'
+    #
+    # @param [PublicKey] id The id the event to encode
+    # @param [Array<String>] relays The relays to encode
+    # @param [String] kind The kind of event to encode
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.nevent_encode(id:, relays: [], kind: nil)
+      entry_relays = relays.map do |relay_url|
+        ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_RELAY, relay_url)
+      end
+
+      id_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_AUTHOR, id)
+      kind_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_KIND, kind)
+
+      entries = [id_entry, *entry_relays, kind_entry].compact
+      entity = ::Bech32::Nostr::TLVEntity.new(::Bech32::Nostr::NIP19::HRP_EVENT, entries)
+      entity.encode
+    end
+
+    # Encodes a profile into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   nprofile = Nostr::Bech32.nprofile_encode(
+    #     pubkey: '7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e',
+    #     relays: ['wss://relay.damus.io', 'wss://nos.lol']
+    #   )
+    #
+    # @param [PublicKey] pubkey The public key to encode
+    # @param [Array<String>] relays The relays to encode
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.nprofile_encode(pubkey:, relays: [])
+      entry_relays = relays.map do |relay_url|
+        ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_RELAY, relay_url)
+      end
+
+      pubkey_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_SPECIAL, pubkey)
+      entries = [pubkey_entry, *entry_relays].compact
+      entity = ::Bech32::Nostr::TLVEntity.new(::Bech32::Nostr::NIP19::HRP_PROFILE, entries)
+      entity.encode
+    end
+
+    # Encodes a relay URL into a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   nrelay = Nostr::Bech32.nrelay_encode('wss://relay.damus.io')
+    #   nrelay # => 'nrelay1qq28wumn8ghj7un9d3shjtnyv9kh2uewd9hsc5zt2x'
+    #
+    # @param [String] relay_url The relay url to encode
+    #
+    # @return [String] The bech32-encoded string
+    #
+    def self.nrelay_encode(relay_url)
+      relay_entry = ::Bech32::Nostr::TLVEntry.new(::Bech32::Nostr::TLVEntity::TYPE_SPECIAL, relay_url)
+
+      entity = ::Bech32::Nostr::TLVEntity.new(::Bech32::Nostr::NIP19::HRP_RELAY, [relay_entry])
+      entity.encode
+    end
+  end
+end

data/lib/nostr/client.rb

@@ -74,7 +74,8 @@ module Nostr
     # @example Subscribing to all events created after a certain time
     #   subscription = client.subscribe(filter: Nostr::Filter.new(since: 1230981305))
     #
-    # @param subscription_id [String] The subscription id. A random string.
+    # @param subscription_id [String] The subscription id. An arbitrary, non-empty string of max length 64
+    #   chars used to represent a subscription.
     # @param filter [Filter] A set of attributes that represent the events that the client is interested in.
     #
     # @return [Subscription] The subscription object

data/lib/nostr/crypto.rb

@@ -30,8 +30,8 @@ module Nostr
     #   encrypted = crypto.encrypt_text(sender_private_key, recipient_public_key, 'Feedback appreciated. Now pay $8')
     #   encrypted # => "wrYQaHDfpOEvyJELSCg1vzsywmlJTz8NqH03eFW44s8iQs869jtSb26Lr4s23gmY?iv=v38vAJ3LlJAGZxbmWU4qAg=="
     #
-    # @param sender_private_key [String] 32-bytes hex-encoded private key of the creator.
-    # @param recipient_public_key [String] 32-bytes hex-encoded public key of the recipient.
+    # @param sender_private_key [PrivateKey] 32-bytes hex-encoded private key of the creator.
+    # @param recipient_public_key [PublicKey] 32-bytes hex-encoded public key of the recipient.
     # @param plain_text [String] The text to be encrypted
     #
     # @return [String] Encrypted text.
@@ -54,14 +54,18 @@ module Nostr
     #   encrypted # => "wrYQaHDfpOEvyJELSCg1vzsywmlJTz8NqH03eFW44s8iQs869jtSb26Lr4s23gmY?iv=v38vAJ3LlJAGZxbmWU4qAg=="
     #   decrypted = crypto.decrypt_text(recipient_private_key, sender_public_key, encrypted)
     #
-    # @param sender_public_key [String] 32-bytes hex-encoded public key of the message creator.
-    # @param recipient_private_key [String] 32-bytes hex-encoded public key of the recipient.
+    # @param sender_public_key [PublicKey] 32-bytes hex-encoded public key of the message creator.
+    # @param recipient_private_key [PrivateKey] 32-bytes hex-encoded public key of the recipient.
     # @param encrypted_text [String] The text to be decrypted
     #
     # @return [String] Decrypted text.
     #
     def decrypt_text(recipient_private_key, sender_public_key, encrypted_text)
       base64_encoded_text, iv = encrypted_text.split('?iv=')
+
+      # Ensure iv and base64_encoded_text are not nil
+      return '' unless iv && base64_encoded_text
+
       cipher = OpenSSL::Cipher.new(CIPHER_ALGORITHM).decrypt
       cipher.iv = Base64.decode64(iv)
       cipher.key = compute_shared_key(recipient_private_key, sender_public_key)
@@ -80,7 +84,7 @@ module Nostr
     #   event.sig # => a signature
     #
     # @param event [Event] The event to be signed
-    # @param private_key [String] 32-bytes hex-encoded private key.
+    # @param private_key [PrivateKey] 32-bytes hex-encoded private key.
     #
     # @return [Event] An unsigned event.
     #
@@ -103,8 +107,8 @@ module Nostr
     #
     # @api private
     #
-    # @param private_key [String] 32-bytes hex-encoded private key.
-    # @param public_key [String] 32-bytes hex-encoded public key.
+    # @param private_key [PrivateKey] 32-bytes hex-encoded private key.
+    # @param public_key [PublicKey] 32-bytes hex-encoded public key.
     #
     # @return [String] A shared key used in the event's content encryption and decryption.
     #

data/lib/nostr/errors/error.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Base error class
+  class Error < StandardError
+  end
+end

data/lib/nostr/errors/invalid_hrp_error.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Raised when the human readable part of a Bech32 string is invalid
+  #
+  # @api public
+  #
+  class InvalidHRPError < KeyValidationError
+    # Initializes the error
+    #
+    # @example
+    #   InvalidHRPError.new('example wrong hrp', 'nsec')
+    #
+    # @param given_hrp [String] The given human readable part of the Bech32 string
+    # @param allowed_hrp [String] The allowed human readable part of the Bech32 string
+    #
+    def initialize(given_hrp, allowed_hrp)
+      super("Invalid hrp: #{given_hrp}. The allowed hrp value for this kind of entity is '#{allowed_hrp}'.")
+    end
+  end
+end

data/lib/nostr/errors/invalid_key_format_error.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Raised when the private key is in an invalid format
+  #
+  # @api public
+  #
+  class InvalidKeyFormatError < KeyValidationError
+    # Initializes the error
+    #
+    # @example
+    #   InvalidKeyFormatError.new('private'')
+    #
+    # @param [String] key_kind The kind of key that is invalid (public or private)
+    #
+    def initialize(key_kind)
+      super("Only lowercase hexadecimal characters are allowed in #{key_kind} keys.")
+    end
+  end
+end

data/lib/nostr/errors/invalid_key_length_error.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Raised when the private key's length is not 64 characters
+  #
+  # @api public
+  #
+  class InvalidKeyLengthError < KeyValidationError
+    # Initializes the error
+    #
+    # @example
+    #   InvalidKeyLengthError.new('private'')
+    #
+    # @param [String] key_kind The kind of key that is invalid (public or private)
+    #
+    def initialize(key_kind)
+      super("Invalid #{key_kind} key length. It should have 64 characters.")
+    end
+  end
+end

data/lib/nostr/errors/invalid_key_type_error.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Raised when the private key is not a string
+  #
+  # @api public
+  #
+  class InvalidKeyTypeError < KeyValidationError
+    # Initializes the error
+    #
+    # @example
+    #   InvalidKeyTypeError.new('private'')
+    #
+    # @param [String] key_kind The kind of key that is invalid (public or private)
+    #
+    def initialize(key_kind) = super("Invalid #{key_kind} key type")
+  end
+end

data/lib/nostr/errors/key_validation_error.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Base class for all key validation errors
+  class KeyValidationError < Error; end
+end

data/lib/nostr/errors.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require_relative 'errors/error'
+require_relative 'errors/key_validation_error'
+require_relative 'errors/invalid_hrp_error'
+require_relative 'errors/invalid_key_type_error'
+require_relative 'errors/invalid_key_length_error'
+require_relative 'errors/invalid_key_format_error'

data/lib/nostr/event.rb

@@ -128,7 +128,6 @@ module Nostr
       id: nil,
       sig: nil
     )
-
       @id = id
       @sig = sig
       @pubkey = pubkey
@@ -160,11 +159,11 @@ module Nostr
     #   pubkey = '48df4af6e240ac5f7c5de89bf5941b249880be0e87d03685b178ccb1a315f52e'
     #   event.add_pubkey_reference(pubkey)
     #
-    # @param pubkey [String] 32-bytes hex-encoded public key.
+    # @param pubkey [PublicKey] 32-bytes hex-encoded public key.
     #
     # @return [Array<String>] The event's updated list of tags
     #
-    def add_pubkey_reference(pubkey) = tags.push(['p', pubkey])
+    def add_pubkey_reference(pubkey) = tags.push(['p', pubkey.to_s])
 
     # Signs an event with the user's private key
     #
@@ -173,7 +172,7 @@ module Nostr
     # @example Signing an event
     #   event.sign(private_key)
     #
-    # @param private_key [String] 32-bytes hex-encoded private key.
+    # @param private_key [PrivateKey] 32-bytes hex-encoded private key.
     #
     # @return [Event] A signed event.
     #

data/lib/nostr/events/encrypted_direct_message.rb

@@ -26,8 +26,9 @@ module Nostr
       # )
       #
       # @param plain_text [String] The +content+ of the encrypted message.
-      # @param sender_private_key [String] 32-bytes hex-encoded private key of the message's author.
-      # @param recipient_public_key [String] 32-bytes hex-encoded public key of the recipient of the encrypted message.
+      # @param sender_private_key [PrivateKey] 32-bytes hex-encoded private key of the message's author.
+      # @param recipient_public_key [PublicKey] 32-bytes hex-encoded public key of the recipient of the encrypted
+      #  message.
       # @param previous_direct_message [String] 32-bytes hex-encoded id identifying the previous message in a
       # conversation or a message we are explicitly replying to (such that contextual, more organized conversations
       # may happen
@@ -43,7 +44,7 @@ module Nostr
           pubkey: sender_public_key,
           kind: Nostr::EventKind::ENCRYPTED_DIRECT_MESSAGE,
           content: encrypted_content,
-          )
+        )
 
         add_pubkey_reference(recipient_public_key)
         add_event_reference(previous_direct_message) if previous_direct_message

data/lib/nostr/filter.rb

@@ -3,7 +3,7 @@
 module Nostr
   # A filter determines what events will be sent in a subscription.
   class Filter
-    # A list of event ids or prefixes
+    # A list of event ids
     #
     # @api public
     #
@@ -14,7 +14,7 @@ module Nostr
     #
     attr_reader :ids
 
-    # A list of pubkeys or prefixes, the pubkey of an event must be one of these
+    # A list of pubkeys, the pubkey of an event must be one of these
     #
     # @api public
     #
@@ -107,8 +107,8 @@ module Nostr
     #   )
     #
     # @param kwargs [Hash]
-    # @option kwargs [Array<String>, nil] ids A list of event ids or prefixes
-    # @option kwargs [Array<String>, nil] authors A list of pubkeys or prefixes, the pubkey of an event must be one
+    # @option kwargs [Array<String>, nil] ids A list of event ids
+    # @option kwargs [Array<String>, nil] authors A list of pubkeys, the pubkey of an event must be one
     # of these
     # @option kwargs [Array<Integer>, nil] kinds A list of a kind numbers
     # @option kwargs [Array<String>, nil] e A list of event ids that are referenced in an "e" tag

data/lib/nostr/key.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+module Nostr
+  # Abstract class for all keys
+  #
+  # @api private
+  #
+  class Key < String
+    # The regular expression for hexadecimal lowercase characters
+    #
+    # @return [Regexp] The regular expression for hexadecimal lowercase characters
+    #
+    FORMAT = /^[a-f0-9]+$/
+
+    # The length of the key in hex format
+    #
+    # @return [Integer] The length of the key in hex format
+    #
+    LENGTH = 64
+
+    # Instantiates a new key. Can't be used directly because this is an abstract class. Raises a +ValidationError+
+    #
+    # @see Nostr::PrivateKey
+    # @see Nostr::PublicKey
+    #
+    # @param [String] hex_value Hex-encoded value of the key
+    #
+    # @raise [ValidationError]
+    #
+    def initialize(hex_value)
+      validate_hex_value(hex_value)
+
+      super(hex_value)
+    end
+
+    # Instantiates a key from a bech32 string
+    #
+    # @api public
+    #
+    # @example
+    #   bech32_key = 'nsec1vl029mgpspedva04g90vltkh6fvh240zqtv9k0t9af8935ke9laqsnlfe5'
+    #   bech32_key.to_key # => #<Nostr::PublicKey:0x000000010601e3c8 @hex_value="...">
+    #
+    # @raise [Nostr::InvalidHRPError] if the bech32 string is invalid.
+    #
+    # @param [String] bech32_value The bech32 string representation of the key.
+    #
+    # @return [Key] the key.
+    #
+    def self.from_bech32(bech32_value)
+      type, data = Bech32.decode(bech32_value)
+
+      raise InvalidHRPError.new(type, hrp) unless type == hrp
+
+      new(data)
+    end
+
+    # Abstract method to be implemented by subclasses to provide the HRP (npub, nsec)
+    #
+    # @api private
+    #
+    # @return [String] The HRP
+    #
+    def self.hrp
+      raise 'Subclasses must implement this method'
+    end
+
+    # Converts the key to a bech32 string representation
+    #
+    # @api public
+    #
+    # @example Converting a private key to a bech32 string
+    #   public_key = Nostr::PrivateKey.new('67dea2ed018072d675f5415ecfaed7d2597555e202d85b3d65ea4e58d2d92ffa')
+    #   public_key.to_bech32 # => 'nsec1vl029mgpspedva04g90vltkh6fvh240zqtv9k0t9af8935ke9laqsnlfe5'
+    #
+    # @example Converting a public key to a bech32 string
+    #   public_key = Nostr::PublicKey.new('7e7e9c42a91bfef19fa929e5fda1b72e0ebc1a4c1141673e2794234d86addf4e')
+    #   public_key.to_bech32 # => 'npub10elfcs4fr0l0r8af98jlmgdh9c8tcxjvz9qkw038js35mp4dma8qzvjptg'
+    #
+    # @return [String] The bech32 string representation of the key
+    #
+    def to_bech32 = Bech32.encode(hrp: self.class.hrp, data: self)
+
+    protected
+
+    # Validates the hex value during initialization
+    #
+    # @api private
+    #
+    # @param [String] _hex_value The hex value of the key
+    #
+    # @raise [KeyValidationError] When the hex value is invalid
+    #
+    # @return [void]
+    #
+    def validate_hex_value(_hex_value)
+      raise 'Subclasses must implement this method'
+    end
+  end
+end

data/lib/nostr/key_pair.rb

@@ -10,7 +10,7 @@ module Nostr
     # @example
     #   keypair.private_key # => '893c4cc8088924796b41dc788f7e2f746734497010b1a9f005c1faad7074b900'
     #
-    # @return [String]
+    # @return [PrivateKey]
     #
     attr_reader :private_key
 
@@ -21,7 +21,7 @@ module Nostr
     # @example
     #   keypair.public_key # => '2d7661527d573cc8e84f665fa971dd969ba51e2526df00c149ff8e40a58f9558'
     #
-    # @return [String]
+    # @return [PublicKey]
     #
     attr_reader :public_key
 
@@ -31,16 +31,40 @@ module Nostr
     #
     # @example
     #   keypair = Nostr::KeyPair.new(
-    #     private_key: '893c4cc8088924796b41dc788f7e2f746734497010b1a9f005c1faad7074b900',
-    #     public_key: '2d7661527d573cc8e84f665fa971dd969ba51e2526df00c149ff8e40a58f9558',
+    #     private_key: Nostr::PrivateKey.new('893c4cc8088924796b41dc788f7e2f746734497010b1a9f005c1faad7074b900'),
+    #     public_key: Nostr::PublicKey.new('2d7661527d573cc8e84f665fa971dd969ba51e2526df00c149ff8e40a58f9558'),
     #   )
     #
-    # @param private_key [String] 32-bytes hex-encoded private key.
-    # @param public_key [String] 32-bytes hex-encoded public key.
+    # @param private_key [PrivateKey] 32-bytes hex-encoded private key.
+    # @param public_key [PublicKey] 32-bytes hex-encoded public key.
+    #
+    # @raise ArgumentError when the private key is not a +PrivateKey+
+    # @raise ArgumentError when the public key is not a +PublicKey+
     #
     def initialize(private_key:, public_key:)
+      validate_keys(private_key, public_key)
+
       @private_key = private_key
       @public_key = public_key
     end
+
+    private
+
+    # Validates the keys
+    #
+    # @api private
+    #
+    # @param private_key [PrivateKey] 32-bytes hex-encoded private key.
+    # @param public_key [PublicKey] 32-bytes hex-encoded public key.
+    #
+    # @raise ArgumentError when the private key is not a +PrivateKey+
+    # @raise ArgumentError when the public key is not a +PublicKey+
+    #
+    # @return [void]
+    #
+    def validate_keys(private_key, public_key)
+      raise ArgumentError, 'private_key is not an instance of PrivateKey' unless private_key.is_a?(Nostr::PrivateKey)
+      raise ArgumentError, 'public_key is not an instance of PublicKey' unless public_key.is_a?(Nostr::PublicKey)
+    end
   end
 end