@actagent/nostr 2026.6.2

package/src/nostr-profile-import.test.ts

@@ -0,0 +1,196 @@
+/**
+ * Tests for Nostr Profile Import
+ */
+
+import { MAX_TIMER_TIMEOUT_MS } from "actagent/plugin-sdk/number-runtime";
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import type { NostrProfile } from "./config-schema.js";
+import { importProfileFromRelays, mergeProfiles } from "./nostr-profile-import.js";
+
+const mockState = vi.hoisted(() => ({
+  subscribeMany: vi.fn(),
+}));
+
+vi.mock("nostr-tools", () => {
+  class MockSimplePool {
+    subscribeMany(
+      relays: string[],
+      filters: unknown,
+      handlers: {
+        onevent: (event: Record<string, unknown>) => void;
+        oneose?: () => void;
+        onclose?: () => void;
+      },
+    ) {
+      mockState.subscribeMany(relays, filters, handlers);
+      queueMicrotask(() => handlers.oneose?.());
+      return {
+        close: vi.fn(),
+      };
+    }
+
+    close = vi.fn();
+  }
+
+  return {
+    SimplePool: MockSimplePool,
+    verifyEvent: vi.fn(() => true),
+  };
+});
+
+// Mock SimplePool so importProfileFromRelays can assert the relay subscription shape.
+
+describe("nostr-profile-import", () => {
+  beforeEach(() => {
+    mockState.subscribeMany.mockClear();
+  });
+
+  describe("importProfileFromRelays", () => {
+    it("subscribes to profiles with a single Nostr filter object", async () => {
+      const pubkey = "a".repeat(64);
+
+      await importProfileFromRelays({
+        pubkey,
+        relays: ["wss://relay.example"],
+        timeoutMs: 1,
+      });
+
+      expect(mockState.subscribeMany).toHaveBeenCalledTimes(1);
+      const filters = mockState.subscribeMany.mock.calls[0]?.[1];
+      expect(Array.isArray(filters)).toBe(false);
+      expect(filters).toMatchObject({
+        kinds: [0],
+        authors: [pubkey],
+        limit: 1,
+      });
+    });
+
+    it("caps oversized relay timeouts and clears pending timeout handles", async () => {
+      vi.useFakeTimers();
+      try {
+        const timeoutSpy = vi.spyOn(globalThis, "setTimeout");
+        const clearSpy = vi.spyOn(globalThis, "clearTimeout");
+
+        await importProfileFromRelays({
+          pubkey: "a".repeat(64),
+          relays: ["wss://relay.example"],
+          timeoutMs: Number.MAX_SAFE_INTEGER,
+        });
+
+        expect(timeoutSpy).toHaveBeenCalledWith(expect.any(Function), MAX_TIMER_TIMEOUT_MS);
+        expect(timeoutSpy).toHaveBeenCalledTimes(2);
+        expect(clearSpy).toHaveBeenCalledTimes(2);
+      } finally {
+        vi.useRealTimers();
+        vi.restoreAllMocks();
+      }
+    });
+  });
+
+  describe("mergeProfiles", () => {
+    it("returns empty object when both are undefined", () => {
+      const result = mergeProfiles(undefined, undefined);
+      expect(result).toStrictEqual({});
+    });
+
+    it("returns imported when local is undefined", () => {
+      const imported: NostrProfile = {
+        name: "imported",
+        displayName: "Imported User",
+        about: "Bio from relay",
+      };
+      const result = mergeProfiles(undefined, imported);
+      expect(result).toEqual(imported);
+    });
+
+    it("returns local when imported is undefined", () => {
+      const local: NostrProfile = {
+        name: "local",
+        displayName: "Local User",
+      };
+      const result = mergeProfiles(local, undefined);
+      expect(result).toEqual(local);
+    });
+
+    it("prefers local values over imported", () => {
+      const local: NostrProfile = {
+        name: "localname",
+        about: "Local bio",
+      };
+      const imported: NostrProfile = {
+        name: "importedname",
+        displayName: "Imported Display",
+        about: "Imported bio",
+        picture: "https://example.com/pic.jpg",
+      };
+
+      const result = mergeProfiles(local, imported);
+
+      expect(result.name).toBe("localname"); // local wins
+      expect(result.displayName).toBe("Imported Display"); // imported fills gap
+      expect(result.about).toBe("Local bio"); // local wins
+      expect(result.picture).toBe("https://example.com/pic.jpg"); // imported fills gap
+    });
+
+    it("fills all missing fields from imported", () => {
+      const local: NostrProfile = {
+        name: "myname",
+      };
+      const imported: NostrProfile = {
+        name: "theirname",
+        displayName: "Their Name",
+        about: "Their bio",
+        picture: "https://example.com/pic.jpg",
+        banner: "https://example.com/banner.jpg",
+        website: "https://example.com",
+        nip05: "user@example.com",
+        lud16: "user@getalby.com",
+      };
+
+      const result = mergeProfiles(local, imported);
+
+      expect(result.name).toBe("myname");
+      expect(result.displayName).toBe("Their Name");
+      expect(result.about).toBe("Their bio");
+      expect(result.picture).toBe("https://example.com/pic.jpg");
+      expect(result.banner).toBe("https://example.com/banner.jpg");
+      expect(result.website).toBe("https://example.com");
+      expect(result.nip05).toBe("user@example.com");
+      expect(result.lud16).toBe("user@getalby.com");
+    });
+
+    it("handles empty strings as falsy (prefers imported)", () => {
+      const local: NostrProfile = {
+        name: "",
+        displayName: "",
+      };
+      const imported: NostrProfile = {
+        name: "imported",
+        displayName: "Imported",
+      };
+
+      const result = mergeProfiles(local, imported);
+
+      // Empty strings are still strings, so they "win" over imported
+      // This is JavaScript nullish coalescing behavior
+      expect(result.name).toBe("");
+      expect(result.displayName).toBe("");
+    });
+
+    it("handles null values in local (prefers imported)", () => {
+      const local: NostrProfile = {
+        name: undefined,
+        displayName: undefined,
+      };
+      const imported: NostrProfile = {
+        name: "imported",
+        displayName: "Imported",
+      };
+
+      const result = mergeProfiles(local, imported);
+
+      expect(result.name).toBe("imported");
+      expect(result.displayName).toBe("Imported");
+    });
+  });
+});

package/src/nostr-profile-import.ts

@@ -0,0 +1,273 @@
+/**
+ * Nostr Profile Import
+ *
+ * Fetches and verifies kind:0 profile events from relays.
+ * Used to import existing profiles before editing.
+ */
+
+import { SimplePool, verifyEvent, type Event } from "nostr-tools";
+import { resolveTimerTimeoutMs } from "actagent/plugin-sdk/number-runtime";
+import type { NostrProfile } from "./config-schema.js";
+import { validateUrlSafety } from "./nostr-profile-url-safety.js";
+import { contentToProfile, type ProfileContent } from "./nostr-profile.js";
+
+// ============================================================================
+// Types
+// ============================================================================
+
+interface ProfileImportResult {
+  /** Whether the import was successful */
+  ok: boolean;
+  /** The imported profile (if found and valid) */
+  profile?: NostrProfile;
+  /** The raw event (for advanced users) */
+  event?: {
+    id: string;
+    pubkey: string;
+    created_at: number;
+  };
+  /** Error message if import failed */
+  error?: string;
+  /** Which relays responded */
+  relaysQueried: string[];
+  /** Which relay provided the winning event */
+  sourceRelay?: string;
+}
+
+interface ProfileImportOptions {
+  /** The public key to fetch profile for */
+  pubkey: string;
+  /** Relay URLs to query */
+  relays: string[];
+  /** Timeout per relay in milliseconds (default: 5000) */
+  timeoutMs?: number;
+}
+
+// ============================================================================
+// Constants
+// ============================================================================
+
+const DEFAULT_TIMEOUT_MS = 5000;
+
+// ============================================================================
+// Profile Import
+// ============================================================================
+
+/**
+ * Sanitize URLs in an imported profile to prevent SSRF attacks.
+ * Removes any URLs that don't pass SSRF validation.
+ */
+function sanitizeProfileUrls(profile: NostrProfile): NostrProfile {
+  const result = { ...profile };
+  const urlFields = ["picture", "banner", "website"] as const;
+
+  for (const field of urlFields) {
+    const value = result[field];
+    if (value && typeof value === "string") {
+      const validation = validateUrlSafety(value);
+      if (!validation.ok) {
+        // Remove unsafe URL
+        delete result[field];
+      }
+    }
+  }
+
+  return result;
+}
+
+/**
+ * Fetch the latest kind:0 profile event for a pubkey from relays.
+ *
+ * - Queries all relays in parallel
+ * - Takes the event with the highest created_at
+ * - Verifies the event signature
+ * - Parses and returns the profile
+ */
+export async function importProfileFromRelays(
+  opts: ProfileImportOptions,
+): Promise<ProfileImportResult> {
+  const { pubkey, relays } = opts;
+  const timeoutMs = resolveTimerTimeoutMs(opts.timeoutMs, DEFAULT_TIMEOUT_MS);
+
+  if (!pubkey || !/^[0-9a-fA-F]{64}$/.test(pubkey)) {
+    return {
+      ok: false,
+      error: "Invalid pubkey format (must be 64 hex characters)",
+      relaysQueried: [],
+    };
+  }
+
+  if (relays.length === 0) {
+    return {
+      ok: false,
+      error: "No relays configured",
+      relaysQueried: [],
+    };
+  }
+
+  const pool = new SimplePool();
+  const relaysQueried: string[] = [];
+  const timers: Array<ReturnType<typeof setTimeout>> = [];
+  const scheduleTimeout = (callback: () => void) => {
+    const timer = setTimeout(callback, timeoutMs);
+    timer.unref?.();
+    timers.push(timer);
+    return timer;
+  };
+
+  try {
+    // Query all relays for kind:0 events from this pubkey
+    const events: Array<{ event: Event; relay: string }> = [];
+
+    // Create timeout promise
+    const timeoutPromise = new Promise<void>((resolve) => {
+      scheduleTimeout(resolve);
+    });
+
+    // Create subscription promise
+    const subscriptionPromise = new Promise<void>((resolve) => {
+      let completed = 0;
+
+      for (const relay of relays) {
+        relaysQueried.push(relay);
+
+        const profileFilter = {
+          kinds: [0],
+          authors: [pubkey],
+          limit: 1,
+        } satisfies Parameters<typeof pool.subscribeMany>[1];
+
+        const sub = pool.subscribeMany([relay], profileFilter, {
+          onevent(event) {
+            events.push({ event, relay });
+          },
+          oneose() {
+            completed++;
+            if (completed >= relays.length) {
+              resolve();
+            }
+          },
+          onclose() {
+            completed++;
+            if (completed >= relays.length) {
+              resolve();
+            }
+          },
+        });
+
+        // Clean up subscription after timeout
+        scheduleTimeout(() => {
+          sub.close();
+        });
+      }
+    });
+
+    // Wait for either all relays to respond or timeout
+    await Promise.race([subscriptionPromise, timeoutPromise]);
+    for (const timer of timers.splice(0)) {
+      clearTimeout(timer);
+    }
+
+    // No events found
+    if (events.length === 0) {
+      return {
+        ok: false,
+        error: "No profile found on any relay",
+        relaysQueried,
+      };
+    }
+
+    // Find the event with the highest created_at (newest wins for replaceable events)
+    let bestEvent: { event: Event; relay: string } | null = null;
+    for (const item of events) {
+      if (!bestEvent || item.event.created_at > bestEvent.event.created_at) {
+        bestEvent = item;
+      }
+    }
+
+    if (!bestEvent) {
+      return {
+        ok: false,
+        error: "No valid profile event found",
+        relaysQueried,
+      };
+    }
+
+    // Verify the event signature
+    const isValid = verifyEvent(bestEvent.event);
+    if (!isValid) {
+      return {
+        ok: false,
+        error: "Profile event has invalid signature",
+        relaysQueried,
+        sourceRelay: bestEvent.relay,
+      };
+    }
+
+    // Parse the profile content
+    let content: ProfileContent;
+    try {
+      content = JSON.parse(bestEvent.event.content) as ProfileContent;
+    } catch {
+      return {
+        ok: false,
+        error: "Profile event has invalid JSON content",
+        relaysQueried,
+        sourceRelay: bestEvent.relay,
+      };
+    }
+
+    // Convert to our profile format
+    const profile = contentToProfile(content);
+
+    // Sanitize URLs from imported profile to prevent SSRF when auto-merging
+    const sanitizedProfile = sanitizeProfileUrls(profile);
+
+    return {
+      ok: true,
+      profile: sanitizedProfile,
+      event: {
+        id: bestEvent.event.id,
+        pubkey: bestEvent.event.pubkey,
+        created_at: bestEvent.event.created_at,
+      },
+      relaysQueried,
+      sourceRelay: bestEvent.relay,
+    };
+  } finally {
+    for (const timer of timers) {
+      clearTimeout(timer);
+    }
+    pool.close(relays);
+  }
+}
+
+/**
+ * Merge imported profile with local profile.
+ *
+ * Strategy:
+ * - For each field, prefer local if set, otherwise use imported
+ * - This preserves user customizations while filling in missing data
+ */
+export function mergeProfiles(
+  local: NostrProfile | undefined,
+  imported: NostrProfile | undefined,
+): NostrProfile {
+  if (!imported) {
+    return local ?? {};
+  }
+  if (!local) {
+    return imported;
+  }
+
+  return {
+    name: local.name ?? imported.name,
+    displayName: local.displayName ?? imported.displayName,
+    about: local.about ?? imported.about,
+    picture: local.picture ?? imported.picture,
+    banner: local.banner ?? imported.banner,
+    website: local.website ?? imported.website,
+    nip05: local.nip05 ?? imported.nip05,
+    lud16: local.lud16 ?? imported.lud16,
+  };
+}

package/src/nostr-profile-url-safety.ts

@@ -0,0 +1,22 @@
+// Nostr plugin module implements nostr profile url safety behavior.
+import { isBlockedHostnameOrIp } from "actagent/plugin-sdk/ssrf-runtime";
+
+export function validateUrlSafety(urlStr: string): { ok: true } | { ok: false; error: string } {
+  try {
+    const url = new URL(urlStr);
+
+    if (url.protocol !== "https:") {
+      return { ok: false, error: "URL must use https:// protocol" };
+    }
+
+    const hostname = url.hostname.trim().toLowerCase();
+
+    if (isBlockedHostnameOrIp(hostname)) {
+      return { ok: false, error: "URL must not point to private/internal addresses" };
+    }
+
+    return { ok: true };
+  } catch {
+    return { ok: false, error: "Invalid URL format" };
+  }
+}