@konemono/nostr-login 1.7.48 → 1.7.50

package/dist/utils/nip44.d.ts

@@ -2,7 +2,7 @@ export declare function encryptNip44(plaintext: string, conversationKey: Uint8Ar
 export declare function decryptNip44(payload: string, conversationKey: Uint8Array): string;
 export declare class Nip44 {
     private cache;
-    createKey(privkey: string, pubkey: string): Uint8Array<ArrayBufferLike>;
+    createKey(privkey: string, pubkey: string): Uint8Array;
     private getKey;
     encrypt(privkey: string, pubkey: string, text: string): string;
     decrypt(privkey: string, pubkey: string, data: string): string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@konemono/nostr-login",
-  "version": "1.7.48",
+  "version": "1.7.50",
   "description": "",
   "main": "./dist/index.esm.js",
   "types": "./dist/index.d.ts",
@@ -11,17 +11,17 @@
   },
   "author": "a-fralou",
   "dependencies": {
-    "@nostr-dev-kit/ndk": "^2.18.1",
+    "@nostr-dev-kit/ndk": "^2.3.1",
     "nostr-tools": "^1.17.0",
-    "tseep": "^1.3.1"
+    "tseep": "^1.2.1"
   },
   "devDependencies": {
-    "@rollup/plugin-commonjs": "^25.0.8",
-    "@rollup/plugin-node-resolve": "^15.3.1",
+    "@rollup/plugin-commonjs": "^25.0.7",
+    "@rollup/plugin-node-resolve": "^15.2.3",
     "@rollup/plugin-terser": "^0.4.4",
     "nostr-login-components": "^1.0.3",
-    "prettier": "^3.7.4",
-    "rollup": "^4.53.5",
+    "prettier": "^3.2.2",
+    "rollup": "^4.9.6",
     "rollup-plugin-typescript2": "^0.36.0"
   },
   "license": "MIT"

package/src/modules/AuthNostrService.ts

@@ -1,19 +1,18 @@
-//AuthNostrService.ts
 import { localStorageAddAccount, bunkerUrlToInfo, isBunkerUrl, fetchProfile, getBunkerUrl, localStorageRemoveCurrentAccount, createProfile, getIcon } from '../utils';
 import { ConnectionString, Info } from 'nostr-login-components/dist/types/types';
 import { generatePrivateKey, getEventHash, getPublicKey, nip19 } from 'nostr-tools';
 import { NostrLoginAuthOptions, Response } from '../types';
-import NDK, { NDKEvent, NDKNip46Signer, NDKPrivateKeySigner, NDKRpcResponse, NDKUser, NostrEvent } from '@nostr-dev-kit/ndk';
+import NDK, { NDKEvent, NDKNip46Signer, NDKRpcResponse, NDKUser, NostrEvent } from '@nostr-dev-kit/ndk';
 import { NostrParams } from './';
 import { EventEmitter } from 'tseep';
 import { Signer } from './Nostr';
 import { Nip44 } from '../utils/nip44';
 import { IframeNostrRpc, Nip46Signer, ReadyListener } from './Nip46';
-//import { PrivateKeySigner } from './Signer';
+import { PrivateKeySigner } from './Signer';
 
 const OUTBOX_RELAYS = ['wss://user.kindpag.es', 'wss://purplepag.es', 'wss://relay.nos.social'];
 const DEFAULT_NOSTRCONNECT_RELAYS = ['wss://relay.nsec.app/', 'wss://ephemeral.snowflare.cc/'];
-const CONNECT_TIMEOUT = 20000;
+const CONNECT_TIMEOUT = 5000;
 const NOSTRCONNECT_APPS: ConnectionString[] = [
   {
     name: 'Nsec.app',
@@ -41,7 +40,7 @@ class AuthNostrService extends EventEmitter implements Signer {
   private ndk: NDK;
   private profileNdk: NDK;
   private signer: Nip46Signer | null = null;
-  private localSigner: NDKPrivateKeySigner | null = null;
+  private localSigner: PrivateKeySigner | null = null;
   private params: NostrParams;
   private signerPromise?: Promise<void>;
   private signerErrCallback?: (err: string) => void;
@@ -93,13 +92,13 @@ class AuthNostrService extends EventEmitter implements Signer {
     if (this.signerPromise) {
       try {
         await this.signerPromise;
-      } catch {}
+      } catch { }
     }
 
     if (this.readyPromise) {
       try {
         await this.readyPromise;
-      } catch {}
+      } catch { }
     }
   }
 
@@ -124,6 +123,7 @@ class AuthNostrService extends EventEmitter implements Signer {
   ) {
     relays = relays && relays.length > 0 ? relays : DEFAULT_NOSTRCONNECT_RELAYS;
 
+
     const info: Info = {
       authMethod: 'connect',
       pubkey: '', // unknown yet!
@@ -154,6 +154,13 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async createNostrConnect(relays?: string[]) {
+    /*const relayList = relays
+      ? relays
+        .split(",")
+        .map(r => r.trim().replace(/['"]/g, ""))
+        .filter(r => r.length > 0)
+      : [];*/
+
     this.nostrConnectKey = generatePrivateKey();
     this.nostrConnectSecret = Math.random().toString(36).substring(7);
 
@@ -165,16 +172,24 @@ class AuthNostrService extends EventEmitter implements Signer {
       perms: encodeURIComponent(this.params.optionsModal.perms || ''),
     };
 
-    // .join('') を追加
-    const relayParams = (relays || []).length > 0 ? (relays || []).map(r => `&relay=${encodeURIComponent(r)}`).join('') : '';
-
-    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${relayParams}`;
+    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${(relays || []).length > 0 ? (relays || []).map((r, i) => `&relay=${r}`) : ""}`;
   }
 
   public async getNostrConnectServices(): Promise<[string, ConnectionString[]]> {
-    const nostrconnect = await this.createNostrConnect(DEFAULT_NOSTRCONNECT_RELAYS);
+    const nostrconnect = await this.createNostrConnect();
 
+    // copy defaults
     const apps = NOSTRCONNECT_APPS.map(a => ({ ...a }));
+    // if (this.params.optionsModal.dev) {
+    //   apps.push({
+    //     name: 'Dev.Nsec.app',
+    //     domain: 'new.nsec.app',
+    //     canImport: true,
+    //     img: 'https://new.nsec.app/assets/favicon.ico',
+    //     link: 'https://dev.nsec.app/<nostrconnect>',
+    //     relay: 'wss://relay.nsec.app/',
+    //   });
+    // }
 
     for (const a of apps) {
       let relays: string[] = [...DEFAULT_NOSTRCONNECT_RELAYS];
@@ -196,12 +211,18 @@ class AuthNostrService extends EventEmitter implements Signer {
         }
       }
 
-      // nostrconnectから既存のリレーを削除して新しいリレーを追加
-      const baseUrl = nostrconnect.split('&relay=')[0];
-      const relayParams = relays.map(r => `&relay=${encodeURIComponent(r)}`).join('');
-      const nc = baseUrl + relayParams;
+      const relayParams = relays
+        .map(r => r.replace(/['"]/g, ''))
+        .map(r => `&relay=${encodeURIComponent(r)}`)
+        .join('');
 
-      a.link = a.iframeUrl ? nc : a.link.replace('<nostrconnect>', nc);
+      const nc = nostrconnect + relayParams;
+
+      if (a.iframeUrl) {
+        a.link = nc;
+      } else {
+        a.link = a.link.replace('<nostrconnect>', nc);
+      }
     }
 
     return [nostrconnect, apps];
@@ -223,7 +244,7 @@ class AuthNostrService extends EventEmitter implements Signer {
 
   public async setLocal(info: Info, signup?: boolean) {
     this.releaseSigner();
-    this.localSigner = new NDKPrivateKeySigner(info.sk!);
+    this.localSigner = new PrivateKeySigner(info.sk!);
 
     if (signup) await createProfile(info, this.profileNdk, this.localSigner, this.params.optionsModal.signupRelays, this.params.optionsModal.outboxRelays);
 
@@ -297,7 +318,9 @@ class AuthNostrService extends EventEmitter implements Signer {
     const userPubkey = await this.signer!.createAccount2({ bunkerPubkey: info.signerPubkey!, name, domain, perms: this.params.optionsModal.perms });
 
     return {
-      bunkerUrl: `bunker://${userPubkey}?` + (info.relays ?? []).map((r: string) => `relay=${encodeURIComponent(r)}`).join('&'),
+      bunkerUrl:
+        `bunker://${userPubkey}?` +
+        (info.relays ?? []).map((r: string) => `relay=${encodeURIComponent(r)}`).join('&'),
       sk: info.sk,
     };
   }
@@ -348,7 +371,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     if (info && this.params.userInfo && (info.pubkey !== this.params.userInfo.pubkey || info.authMethod !== this.params.userInfo.authMethod)) {
       const event = new CustomEvent('nlAuth', { detail: { type: 'logout' } });
       console.log('nostr-login auth', event.detail);
-      document.dispatchEvent(event);
+      document.dispatchEvent(event)
     }
 
     this.setUserInfo(info);
@@ -485,7 +508,7 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async startAuth() {
-    console.log('startAuth');
+    console.log("startAuth");
     if (this.readyCallback) throw new Error('Already started');
 
     // start the new promise
@@ -529,100 +552,81 @@ class AuthNostrService extends EventEmitter implements Signer {
     if (this.signerPromise) {
       try {
         await this.signerPromise;
-      } catch {}
+      } catch { }
     }
 
+    // we remove support for iframe from nip05 and bunker-url methods,
+    // only nostrconnect flow will use it.
+    // info.iframeUrl = info.iframeUrl || (await this.getIframeUrl(info.domain));
     console.log('initSigner info', info);
 
+    // start listening for the ready signal
     const iframeOrigin = info.iframeUrl ? new URL(info.iframeUrl!).origin : undefined;
+    if (iframeOrigin) this.starterReady = new ReadyListener(['starterDone', 'starterError'], iframeOrigin);
 
-    if (iframeOrigin) {
-      this.starterReady = new ReadyListener(['starterDone', 'starterError'], iframeOrigin);
-    }
-
+    // notify modals so they could show the starter iframe,
+    // FIXME shouldn't this come from nostrconnect service list?
     this.emit('onIframeUrl', info.iframeUrl);
 
     this.signerPromise = new Promise<void>(async (ok, err) => {
       this.signerErrCallback = err;
-
       try {
-        console.log('NDK relays before connect:', Array.from(this.ndk.pool.relays.keys()));
-
+        // pre-connect if we're creating the connection (listen|connect) or
+        // not iframe mode
         if (info.relays && !info.iframeUrl) {
           for (const r of info.relays) {
             this.ndk.addExplicitRelay(r, undefined);
-            console.log('Added relay:', r);
           }
         }
 
-        console.log('NDK relays after add:', Array.from(this.ndk.pool.relays.keys()));
+        // wait until we connect, otherwise
+        // signer won't start properly
+        await this.ndk.connect(CONNECT_TIMEOUT);
 
-        // 接続開始（失敗しても続行）
-        this.ndk.connect(CONNECT_TIMEOUT).then(value => {
-          console.log(value);
-        });
-
-        // 少なくとも1つ接続されるのを待つ（致命扱いしない）
-        await new Promise<void>(resolve => {
-          const start = Date.now();
-
-          const timer = setInterval(() => {
-            const connected = this.ndk.pool.connectedRelays();
-
-            if (connected.length > 0) {
-              clearInterval(timer);
-              resolve();
-              return;
-            }
-
-            if (Date.now() - start > CONNECT_TIMEOUT) {
-              // タイムアウトしても続行
-              clearInterval(timer);
-              resolve();
-            }
-          }, 5000);
-        });
-
-        console.log(
-          'NDK connected relays:',
-          this.ndk.pool.connectedRelays().map(r => r.url),
-        );
-
-        const localSigner = new NDKPrivateKeySigner(info.sk!);
+        // create and prepare the signer
+        const localSigner = new PrivateKeySigner(info.sk!);
         this.signer = new Nip46Signer(this.ndk, localSigner, info.signerPubkey!, iframeOrigin);
 
-        this.signer.on('iframeRestart', async () => {
+        // we should notify the banner the same way as
+        // the onAuthUrl does
+        this.signer.on(`iframeRestart`, async () => {
           const iframeUrl = info.iframeUrl + (info.iframeUrl!.includes('?') ? '&' : '?') + 'pubkey=' + info.pubkey + '&rebind=' + localSigner.pubkey;
-
-          this.emit('iframeRestart', {
-            pubkey: info.pubkey,
-            iframeUrl,
-          });
+          this.emit('iframeRestart', { pubkey: info.pubkey, iframeUrl });
         });
 
+        // OAuth flow
+        // if (!listen) {
         this.signer.on('authUrl', (url: string) => {
           console.log('nostr login auth url', url);
-          this.emit('onAuthUrl', {
-            url,
-            iframeUrl: info.iframeUrl,
-            eventToAddAccount,
-          });
+
+          // notify our UI
+          this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
         });
+        // }
 
         if (listen) {
+          // nostrconnect: flow
+          // wait for the incoming message from signer
           await this.listen(info);
         } else if (connect) {
+          // bunker: flow
+          // send 'connect' message to signer
           await this.connect(info, this.params.optionsModal.perms);
         } else {
-          await this.signer.initUserPubkey(info.pubkey);
+          // provide saved pubkey as a hint
+          await this.signer!.initUserPubkey(info.pubkey);
         }
 
-        info.pubkey = this.signer.userPubkey!;
-        info.signerPubkey = this.signer.remotePubkey;
+        // ensure, we're using it in callbacks above
+        // and expect info to be valid after this call
+        info.pubkey = this.signer!.userPubkey;
+        // learned after nostrconnect flow
+        info.signerPubkey = this.signer!.remotePubkey;
 
         ok();
       } catch (e) {
         console.log('initSigner failure', e);
+        // make sure signer isn't set
         this.signer = null;
         err(e);
       }

package/src/modules/Nip46.ts

@@ -1,27 +1,15 @@
-//Nip46.ts
-import NDK, {
-  NDKEvent,
-  NDKFilter,
-  NDKNip46Signer,
-  NDKNostrRpc,
-  NDKPrivateKeySigner,
-  NDKRpcRequest,
-  NDKRpcResponse,
-  NDKSubscription,
-  NDKSubscriptionCacheUsage,
-  NostrEvent,
-} from '@nostr-dev-kit/ndk';
+import NDK, { NDKEvent, NDKFilter, NDKNip46Signer, NDKNostrRpc, NDKRpcRequest, NDKRpcResponse, NDKSubscription, NDKSubscriptionCacheUsage, NostrEvent } from '@nostr-dev-kit/ndk';
 import { validateEvent, verifySignature } from 'nostr-tools';
-//import { PrivateKeySigner } from './Signer';
+import { PrivateKeySigner } from './Signer';
 
 class NostrRpc extends NDKNostrRpc {
   protected _ndk: NDK;
-  protected _signer: NDKPrivateKeySigner;
+  protected _signer: PrivateKeySigner;
   protected requests: Set<string> = new Set();
   private sub?: NDKSubscription;
   protected _useNip44: boolean = false;
 
-  public constructor(ndk: NDK, signer: NDKPrivateKeySigner) {
+  public constructor(ndk: NDK, signer: PrivateKeySigner) {
     super(ndk, signer, ndk.debug.extend('nip46:signer:rpc'));
     this._ndk = ndk;
     this._signer = signer;
@@ -55,10 +43,8 @@ class NostrRpc extends NDKNostrRpc {
   public async parseEvent(event: NDKEvent): Promise<NDKRpcRequest | NDKRpcResponse> {
     const remoteUser = this._ndk.getUser({ pubkey: event.pubkey });
     remoteUser.ndk = this._ndk;
-    const decryptedContent = this.isNip04(event.content)
-      ? await this._signer.decrypt(remoteUser, event.content, 'nip04')
-      : await this._signer.decrypt(remoteUser, event.content, 'nip44');
-    //const decryptedContent = await decrypt.call(this._signer, remoteUser, event.content);
+    const decrypt = this.isNip04(event.content) ? this._signer.decrypt : this._signer.decryptNip44;
+    const decryptedContent = await decrypt.call(this._signer, remoteUser, event.content);
     const parsedContent = JSON.parse(decryptedContent);
     const { id, method, params, result, error } = parsedContent;
 
@@ -143,48 +129,45 @@ class NostrRpc extends NDKNostrRpc {
   public async sendRequest(remotePubkey: string, method: string, params: string[] = [], kind = 24133, cb?: (res: NDKRpcResponse) => void): Promise<NDKRpcResponse> {
     const id = this.getId();
 
-    // 1. Promiseを変数に格納
-    const responsePromise = this.setResponseHandler(id, cb);
+    // response handler will deduplicate auth urls and responses
+    this.setResponseHandler(id, cb);
 
+    // create and sign request
     const event = await this.createRequestEvent(id, remotePubkey, method, params, kind);
+    console.log("sendRequest", { event, method, remotePubkey, params });
 
-    // 2. 送信
+    // send to relays
     await event.publish();
 
-    // 3. undefined ではなく、レスポンスを待つ Promise を返す
-    return responsePromise;
+    // NOTE: ndk returns a promise that never resolves and
+    // in fact REQUIRES cb to be provided (otherwise no way
+    // to consume the result), we've already stepped on the bug
+    // of waiting for this unresolvable result, so now we return
+    // undefined to make sure waiters fail, not hang.
+    // @ts-ignore
+    return undefined as NDKRpcResponse;
   }
 
   protected setResponseHandler(id: string, cb?: (res: NDKRpcResponse) => void) {
-    const now = Date.now();
     let authUrlSent = false;
-
-    // 1. 外部から解決できるように Promise を作成
-    return new Promise<NDKRpcResponse>(resolve => {
+    const now = Date.now();
+    return new Promise<NDKRpcResponse>(() => {
       const responseHandler = (response: NDKRpcResponse) => {
-        console.log(`[NIP46] Received response for ID: ${response.id}`, response);
-
         if (response.result === 'auth_url') {
           this.once(`response-${id}`, responseHandler);
           if (!authUrlSent) {
             authUrlSent = true;
             this.emit('authUrl', response.error);
           }
-        } else {
-          // IDが一致しているか、リクエストリストに存在するか確認
+        } else if (cb) {
           if (this.requests.has(id)) {
             this.requests.delete(id);
             console.log('nostr-login processed nip46 request in', Date.now() - now, 'ms');
-
-            if (cb) cb(response); // 既存のコールバックを実行
-            resolve(response); // ★Promise を解決する（これで await が終わる）
-          } else {
-            console.warn(`[NIP46] Received response for unknown ID: ${id}`);
+            cb(response);
           }
         }
       };
 
-      // イベント登録
       this.once(`response-${id}`, responseHandler);
     });
   }
@@ -203,8 +186,8 @@ class NostrRpc extends NDKNostrRpc {
     } as NostrEvent);
 
     const useNip44 = this._useNip44 && method !== 'create_account';
-    event.content = useNip44 ? await this._signer.encrypt(remoteUser, event.content, 'nip44') : await this._signer.encrypt(remoteUser, event.content, 'nip04');
-    //event.content = await encrypt.call(this._signer, remoteUser, event.content);
+    const encrypt = useNip44 ? this._signer.encryptNip44 : this._signer.encrypt;
+    event.content = await encrypt.call(this._signer, remoteUser, event.content);
     await event.sign(this._signer);
 
     return event;
@@ -216,7 +199,7 @@ export class IframeNostrRpc extends NostrRpc {
   private iframePort?: MessagePort;
   private iframeRequests = new Map<string, { id: string; pubkey: string }>();
 
-  public constructor(ndk: NDK, localSigner: NDKPrivateKeySigner, iframePeerOrigin?: string) {
+  public constructor(ndk: NDK, localSigner: PrivateKeySigner, iframePeerOrigin?: string) {
     super(ndk, localSigner);
     this._ndk = ndk;
     this.peerOrigin = iframePeerOrigin;
@@ -355,54 +338,53 @@ export class ReadyListener {
 }
 
 export class Nip46Signer extends NDKNip46Signer {
+  private _userPubkey: string = '';
   private _rpc: IframeNostrRpc;
-  private _remotePubkey: string = '';
 
-  constructor(ndk: NDK, localSigner: NDKPrivateKeySigner, signerPubkey: string, iframeOrigin?: string) {
+  constructor(ndk: NDK, localSigner: PrivateKeySigner, signerPubkey: string, iframeOrigin?: string) {
     super(ndk, signerPubkey, localSigner);
-    this._remotePubkey = signerPubkey;
 
+    // override with our own rpc implementation
     this._rpc = new IframeNostrRpc(ndk, localSigner, iframeOrigin);
-    this._rpc.setUseNip44(true);
+    this._rpc.setUseNip44(true); // !!this.params.optionsModal.dev);
     this._rpc.on('authUrl', (url: string) => {
       this.emit('authUrl', url);
     });
-    this.rpc = this._rpc;
-  }
 
-  get remotePubkey(): string {
-    return this._remotePubkey;
+    this.rpc = this._rpc;
   }
 
-  set remotePubkey(value: string) {
-    this._remotePubkey = value;
+  get userPubkey() {
+    return this._userPubkey;
   }
 
-  // userPubkeyのgetterを削除し、親クラスのプロパティを直接使用
-
   private async setSignerPubkey(signerPubkey: string, sameAsUser: boolean = false) {
-    console.log('setSignerPubkey', signerPubkey);
+    console.log("setSignerPubkey", signerPubkey);
+
+    // ensure it's set
     this.remotePubkey = signerPubkey;
 
+    // when we're sure it's known
     this._rpc.on(`iframeRestart-${signerPubkey}`, () => {
       this.emit('iframeRestart');
     });
 
+    // now call getPublicKey and swap remotePubkey w/ that
     await this.initUserPubkey(sameAsUser ? signerPubkey : '');
   }
 
   public async initUserPubkey(hintPubkey?: string) {
-    // 親クラスのuserPubkeyプロパティを直接設定
-    if (this.userPubkey) throw new Error('Already called initUserPubkey');
+    if (this._userPubkey) throw new Error('Already called initUserPubkey');
 
     if (hintPubkey) {
-      this.userPubkey = hintPubkey;
+      this._userPubkey = hintPubkey;
       return;
     }
 
-    this.userPubkey = await new Promise((ok, err) => {
+    this._userPubkey = await new Promise<string>((ok, err) => {
       if (!this.remotePubkey) throw new Error('Signer pubkey not set');
-      console.log('get_public_key', this.remotePubkey);
+
+      console.log("get_public_key", this.remotePubkey);
       this._rpc.sendRequest(this.remotePubkey, 'get_public_key', [], 24133, (response: NDKRpcResponse) => {
         ok(response.result);
       });
@@ -426,7 +408,12 @@ export class Nip46Signer extends NDKNip46Signer {
   }
 
   public async createAccount2({ bunkerPubkey, name, domain, perms = '' }: { bunkerPubkey: string; name: string; domain: string; perms?: string }) {
-    const params = [name, domain, '', perms];
+    const params = [
+      name,
+      domain,
+      '', // email
+      perms,
+    ];
 
     const r = await new Promise<NDKRpcResponse>(ok => {
       this.rpc.sendRequest(bunkerPubkey, 'create_account', params, undefined, ok);
@@ -436,6 +423,7 @@ export class Nip46Signer extends NDKNip46Signer {
     if (r.result === 'error') {
       throw new Error(r.error);
     }
+
     return r.result;
   }
 }

package/src/modules/Signer.ts

@@ -1,4 +1,4 @@
-/* import { NDKPrivateKeySigner, NDKUser } from '@nostr-dev-kit/ndk';
+import { NDKPrivateKeySigner, NDKUser } from '@nostr-dev-kit/ndk';
 import { Nip44 } from '../utils/nip44';
 import { getPublicKey } from 'nostr-tools';
 
@@ -23,4 +23,3 @@ export class PrivateKeySigner extends NDKPrivateKeySigner {
     return Promise.resolve(this.nip44.decrypt(this.privateKey!, sender.pubkey, value));
   }
 }
- */

package/src/utils/index.ts

@@ -102,9 +102,7 @@ export const bunkerUrlToInfo = (bunkerUrl: string, sk = ''): Info => {
 export const isBunkerUrl = (value: string) => value.startsWith('bunker://');
 
 export const getBunkerUrl = async (value: string, optionsModal: NostrLoginOptions) => {
-  if (!value) {
-    return '';
-  }
+  if (!value) return '';
 
   if (isBunkerUrl(value)) {
     return value;
@@ -113,24 +111,28 @@ export const getBunkerUrl = async (value: string, optionsModal: NostrLoginOption
   if (value.includes('@')) {
     const [name, domain] = value.toLocaleLowerCase().split('@');
     const origin = optionsModal.devOverrideBunkerOrigin || `https://${domain}`;
+
     const bunkerUrl = `${origin}/.well-known/nostr.json?name=_`;
-    const userUrl = `${origin}/.well-known/nostr.json?name=${name}`;
-    const bunker = await fetch(bunkerUrl);
-    const bunkerData = await bunker.json();
+    const userUrl   = `${origin}/.well-known/nostr.json?name=${name}`;
+
+    const bunkerRes = await fetch(bunkerUrl);
+    const bunkerData = await bunkerRes.json();
     const bunkerPubkey = bunkerData.names['_'];
-    const bunkerRelays = bunkerData.nip46[bunkerPubkey];
-    const user = await fetch(userUrl);
-    const userData = await user.json();
+    const bunkerRelays: string[] = bunkerData.nip46[bunkerPubkey];
+
+    const userRes = await fetch(userUrl);
+    const userData = await userRes.json();
     const userPubkey = userData.names[name];
-    // console.log({
-    //     bunkerData, userData, bunkerPubkey, bunkerRelays, userPubkey,
-    //     name, domain, origin
-    // })
-    if (!bunkerRelays.length) {
+
+    if (!bunkerRelays || bunkerRelays.length === 0) {
       throw new Error('Bunker relay not provided');
     }
 
-    return `bunker://${userPubkey}?relay=${bunkerRelays[0]}`;
+    const relayParams = bunkerRelays
+      .map(r => `relay=${encodeURIComponent(r)}`)
+      .join('&');
+
+    return `bunker://${userPubkey}?${relayParams}`;
   }
 
   throw new Error('Invalid user name or bunker url');