@konemono/nostr-login 1.9.13 → 1.10.0

package/dist/utils/index.d.ts

@@ -1,11 +1,12 @@
 import { Info, RecentType } from 'nostr-login-components/dist/types/types';
+import NDK, { NDKSigner } from '@nostr-dev-kit/ndk';
 import { NostrLoginOptions } from '../types';
 export declare const localStorageSetItem: (key: string, value: string) => void;
 export declare const localStorageGetItem: (key: string) => any;
 export declare const localStorageRemoveItem: (key: string) => void;
-export declare const fetchProfile: (info: Info, profileNdkOrRelays?: any) => Promise<any>;
+export declare const fetchProfile: (info: Info, profileNdk: NDK) => Promise<import("@nostr-dev-kit/ndk").NDKUserProfile | null>;
 export declare const prepareSignupRelays: (signupRelays?: string) => string[];
-export declare const createProfile: (info: Info, signer: any, signupRelays?: string, outboxRelays?: string[]) => Promise<void>;
+export declare const createProfile: (info: Info, profileNdk: NDK, signer: NDKSigner, signupRelays?: string, outboxRelays?: string[]) => Promise<void>;
 export declare const bunkerUrlToInfo: (bunkerUrl: string, sk?: string) => Info;
 export declare const isBunkerUrl: (value: string) => boolean;
 export declare const getBunkerUrl: (value: string, optionsModal: NostrLoginOptions) => Promise<string>;

package/package.json

@@ -1,18 +1,17 @@
 {
   "name": "@konemono/nostr-login",
-  "version": "1.9.13",
+  "version": "1.10.0",
   "description": "",
   "main": "./dist/index.esm.js",
   "types": "./dist/index.d.ts",
   "type": "module",
   "scripts": {
     "build": "rollup -c",
-    "format": "npx prettier --write src",
-    "test": "vitest run",
-    "test:watch": "vitest"
+    "format": "npx prettier --write src"
   },
   "author": "a-fralou",
   "dependencies": {
+    "@nostr-dev-kit/ndk": "^2.3.1",
     "nostr-tools": "^1.17.0",
     "tseep": "^1.2.1"
   },
@@ -23,9 +22,7 @@
     "nostr-login-components": "^1.0.3",
     "prettier": "^3.2.2",
     "rollup": "^4.9.6",
-    "rollup-plugin-typescript2": "^0.36.0",
-    "vitest": "^1.0.0",
-    "@types/node": "^18.0.0"
+    "rollup-plugin-typescript2": "^0.36.0"
   },
   "license": "MIT"
 }

package/src/const/index.ts

@@ -1 +1,8 @@
 export const CALL_TIMEOUT = 5000;
+
+// デフォルトのNip46リレー
+export const DEFAULT_NIP46_RELAYS = ['wss://relay.nsec.app/', 'wss://ephemeral.snowflare.cc/'];
+
+// Nip46タイムアウト設定
+export const NIP46_REQUEST_TIMEOUT = 30000; // 30秒
+export const NIP46_CONNECT_TIMEOUT = 60000; // 60秒

package/src/index.ts

@@ -148,11 +148,7 @@ export class NostrLoginInitializer {
   }
 
   private openPopup(url: string) {
-    if (url.startsWith('nostrsigner:')) {
-      window.open(url, '_blank', 'width=400,height=600');
-    } else {
-      this.popupManager.openPopup(url);
-    }
+    this.popupManager.openPopup(url);
   }
 
   private async switchAccount(info: Info, signup = false) {
@@ -173,8 +169,6 @@ export class NostrLoginInitializer {
       await this.extensionService.trySetExtensionForPubkey(info.pubkey);
     } else if (info.authMethod === 'connect' && info.sk && info.relays && info.relays[0]) {
       this.authNostrService.setConnect(info);
-    } else if (info.authMethod === ('amber' as any)) {
-      this.authNostrService.setAmber(info);
     } else {
       throw new Error('Bad auth info');
     }
@@ -309,7 +303,7 @@ export class NostrLoginInitializer {
   public setAuth = async (o: NostrLoginAuthOptions) => {
     if (!o.type) throw new Error('Invalid auth event');
     if (o.type !== 'login' && o.type !== 'logout' && o.type !== 'signup') throw new Error('Invalid auth event');
-    if (o.method && o.method !== 'connect' && o.method !== 'extension' && o.method !== 'local' && o.method !== 'otp' && o.method !== 'readOnly' && o.method !== ('amber' as any))
+    if (o.method && o.method !== 'connect' && o.method !== 'extension' && o.method !== 'local' && o.method !== 'otp' && o.method !== 'readOnly')
       throw new Error('Invalid auth event');
 
     if (o.type === 'logout') return this.logout();

package/src/modules/AuthNostrService.ts

@@ -2,19 +2,16 @@ import { localStorageAddAccount, bunkerUrlToInfo, isBunkerUrl, fetchProfile, get
 import { ConnectionString, Info } from 'nostr-login-components/dist/types/types';
 import { generatePrivateKey, getEventHash, getPublicKey, nip19 } from 'nostr-tools';
 import { NostrLoginAuthOptions, Response } from '../types';
-
+import NDK, { NDKEvent, NDKNip46Signer, NDKRpcResponse, NDKUser, NostrEvent } from '@nostr-dev-kit/ndk';
 import { NostrParams } from './';
 import { EventEmitter } from 'tseep';
 import { Signer } from './Nostr';
 import { Nip44 } from '../utils/nip44';
-import { IframeNostrRpc, Nip46Signer, ReadyListener, RpcResponse } from './Nip46';
-import { Nip46Client } from './nip46/Nip46Client';
-import { Nip46Adapter } from './nip46/Nip46Adapter';
+import { IframeNostrRpc, Nip46Signer, ReadyListener } from './Nip46';
 import { PrivateKeySigner } from './Signer';
 
 const OUTBOX_RELAYS = ['wss://user.kindpag.es', 'wss://purplepag.es', 'wss://relay.nos.social'];
-const DEFAULT_NOSTRCONNECT_RELAYS = ['wss://relay.nsec.app/', 'wss://ephemeral.snowflare.cc/'];
-const CONNECT_TIMEOUT = 5000;
+const DEFAULT_NOSTRCONNECT_RELAY = 'wss://relay.nsec.app/';
 const NOSTRCONNECT_APPS: ConnectionString[] = [
   {
     name: 'Nsec.app',
@@ -22,28 +19,31 @@ const NOSTRCONNECT_APPS: ConnectionString[] = [
     canImport: true,
     img: 'https://nsec.app/assets/favicon.ico',
     link: 'https://use.nsec.app/<nostrconnect>',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    relay: 'wss://relay.nsec.app/',
   },
   {
     name: 'Amber',
     img: 'https://raw.githubusercontent.com/greenart7c3/Amber/refs/heads/master/assets/android-icon.svg',
     link: '<nostrconnect>',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    relay: 'wss://relay.nsec.app/',
   },
   {
     name: 'Other key stores',
     img: '',
     link: '<nostrconnect>',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    relay: 'wss://relay.nsec.app/',
   },
 ];
 
 class AuthNostrService extends EventEmitter implements Signer {
-  private signer: any = null;
+  private ndk: NDK;
+  private profileNdk: NDK;
+  private signer: Nip46Signer | null = null;
   private localSigner: PrivateKeySigner | null = null;
   private params: NostrParams;
   private signerPromise?: Promise<void>;
   private signerErrCallback?: (err: string) => void;
+  private signerAbortController?: AbortController;
   private readyPromise?: Promise<void>;
   private readyCallback?: () => void;
   private nip44Codec = new Nip44();
@@ -64,6 +64,15 @@ class AuthNostrService extends EventEmitter implements Signer {
   constructor(params: NostrParams) {
     super();
     this.params = params;
+    this.ndk = new NDK({
+      enableOutboxModel: false,
+    });
+
+    this.profileNdk = new NDK({
+      enableOutboxModel: true,
+      explicitRelayUrls: OUTBOX_RELAYS,
+    });
+    this.profileNdk.connect();
 
     this.nip04 = {
       encrypt: this.encrypt04.bind(this),
@@ -98,8 +107,20 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.resetAuth();
   }
 
+  public cancelSignerInit() {
+    if (this.signerAbortController) {
+      this.signerAbortController.abort();
+      this.signerAbortController = undefined;
+    }
+    if (this.signerErrCallback) {
+      this.signerErrCallback('Cancelled by user');
+      this.signerErrCallback = undefined;
+    }
+    this.emit('signerCancelled');
+  }
+
   public async nostrConnect(
-    relays?: string[],
+    relay?: string,
     {
       domain = '',
       link = '',
@@ -111,8 +132,8 @@ class AuthNostrService extends EventEmitter implements Signer {
       importConnect?: boolean;
       iframeUrl?: string;
     } = {},
-  ): Promise<Info> {
-    relays = relays && relays.length > 0 ? relays : DEFAULT_NOSTRCONNECT_RELAYS;
+  ) {
+    relay = relay || DEFAULT_NOSTRCONNECT_RELAY;
 
     const info: Info = {
       authMethod: 'connect',
@@ -120,16 +141,14 @@ class AuthNostrService extends EventEmitter implements Signer {
       signerPubkey: '', // unknown too!
       sk: this.nostrConnectKey,
       domain: domain,
-      relays: relays,
+      relays: [relay],
       iframeUrl,
     };
 
     console.log('nostrconnect info', info, link);
 
     // non-iframe flow
-    if (link && !iframeUrl) {
-      window.open(link, '_blank', 'width=400,height=700');
-    }
+    if (link && !iframeUrl) window.open(link, '_blank', 'width=400,height=700');
 
     // init nip46 signer
     await this.initSigner(info, { listen: true });
@@ -137,7 +156,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     // signer learns the remote pubkey
     if (!info.pubkey || !info.signerPubkey) throw new Error('Bad remote pubkey');
 
-    info.bunkerUrl = `bunker://${info.signerPubkey}?${relays.map((r, i) => `${i !== 0 ? '&' : ''}relay=${r}`)}`;
+    info.bunkerUrl = `bunker://${info.signerPubkey}?relay=${relay}`;
 
     // callback
     if (!importConnect) this.onAuth('login', info);
@@ -145,14 +164,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     return info;
   }
 
-  public async createNostrConnect(relays?: string[]) {
-    /*const relayList = relays
-      ? relays
-        .split(",")
-        .map(r => r.trim().replace(/['"]/g, ""))
-        .filter(r => r.length > 0)
-      : [];*/
-
+  public async createNostrConnect(relay?: string) {
     this.nostrConnectKey = generatePrivateKey();
     this.nostrConnectSecret = Math.random().toString(36).substring(7);
 
@@ -164,7 +176,7 @@ class AuthNostrService extends EventEmitter implements Signer {
       perms: encodeURIComponent(this.params.optionsModal.perms || ''),
     };
 
-    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${(relays || []).length > 0 ? (relays || []).map((r, i) => `&relay=${r}`).join('') : ''}`;
+    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${relay ? `&relay=${relay}` : ''}`;
   }
 
   public async getNostrConnectServices(): Promise<[string, ConnectionString[]]> {
@@ -184,35 +196,25 @@ class AuthNostrService extends EventEmitter implements Signer {
     // }
 
     for (const a of apps) {
-      let relays: string[] = [...DEFAULT_NOSTRCONNECT_RELAYS];
-
+      let relay = DEFAULT_NOSTRCONNECT_RELAY;
       if (a.link.startsWith('https://')) {
-        const domain = a.domain || new URL(a.link).hostname;
+        let domain = a.domain || new URL(a.link).hostname;
         try {
           const info = await (await fetch(`https://${domain}/.well-known/nostr.json`)).json();
           const pubkey = info.names['_'];
-          const appRelays = info.nip46?.[pubkey] as string[] | undefined;
-
-          if (Array.isArray(appRelays) && appRelays.length > 0) {
-            relays = appRelays;
-          }
-
-          a.iframeUrl = info.nip46?.iframe_url || '';
+          const relays = info.nip46[pubkey] as string[];
+          if (relays && relays.length) relay = relays[0];
+          a.iframeUrl = info.nip46.iframe_url || '';
         } catch (e) {
           console.log('Bad app info', e, a);
         }
       }
-
-      const relayParams = relays
-        .map(r => r.replace(/['"]/g, ''))
-        .map(r => `&relay=${encodeURIComponent(r)}`)
-        .join('');
-
-      const nc = nostrconnect + relayParams;
-
+      const nc = nostrconnect + '&relay=' + relay;
       if (a.iframeUrl) {
+        // pass plain nc url for iframe-based flow
         a.link = nc;
       } else {
+        // we will open popup ourselves
         a.link = a.link.replace('<nostrconnect>', nc);
       }
     }
@@ -238,7 +240,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.releaseSigner();
     this.localSigner = new PrivateKeySigner(info.sk!);
 
-    if (signup) await createProfile(info, this.localSigner, this.params.optionsModal.signupRelays, this.params.optionsModal.outboxRelays);
+    if (signup) await createProfile(info, this.profileNdk, this.localSigner, this.params.optionsModal.signupRelays, this.params.optionsModal.outboxRelays);
 
     this.onAuth(signup ? 'signup' : 'login', info);
   }
@@ -253,18 +255,19 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async importAndConnect(cs: ConnectionString) {
-    const { relays, domain, link, iframeUrl } = cs;
+    const { relay, domain, link, iframeUrl } = cs;
     if (!domain) throw new Error('Domain required');
 
-    const info = await this.nostrConnect(relays, {
-      domain,
-      link,
-      importConnect: true,
-      iframeUrl,
-    });
+    const info = await this.nostrConnect(relay, { domain, link, importConnect: true, iframeUrl });
 
-    await this.logout(true);
+    // logout to remove local keys from storage
+    // but keep the connect signer
+    await this.logout(/*keepSigner*/ true);
+
+    // release local one
     this.localSigner = null;
+
+    // notify app that we've switched to 'connect' keys
     this.onAuth('login', info);
   }
 
@@ -291,15 +294,6 @@ class AuthNostrService extends EventEmitter implements Signer {
     await this.endAuth();
   }
 
-  public async setAmber(info: Info) {
-    // Amber now uses NIP-46 (nostrconnect) like other signers
-    this.releaseSigner();
-    await this.startAuth();
-    await this.initSigner(info);
-    this.onAuth('login', info);
-    await this.endAuth();
-  }
-
   public async createAccount(nip05: string) {
     const [name, domain] = nip05.split('@');
 
@@ -319,8 +313,8 @@ class AuthNostrService extends EventEmitter implements Signer {
     const userPubkey = await this.signer!.createAccount2({ bunkerPubkey: info.signerPubkey!, name, domain, perms: this.params.optionsModal.perms });
 
     return {
-      bunkerUrl: `bunker://${userPubkey}?` + (info.relays ?? []).map((r: string) => `relay=${encodeURIComponent(r)}`).join('&'),
-      sk: info.sk,
+      bunkerUrl: `bunker://${userPubkey}?relay=${info.relays?.[0]}`,
+      sk: info.sk, // reuse the same local key
     };
   }
 
@@ -328,6 +322,11 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.signer = null;
     this.signerErrCallback?.('cancelled');
     this.localSigner = null;
+
+    // disconnect from signer relays
+    for (const r of this.ndk.pool.relays.keys()) {
+      this.ndk.pool.removeRelay(r);
+    }
   }
 
   public async logout(keepSigner = false) {
@@ -372,7 +371,7 @@ class AuthNostrService extends EventEmitter implements Signer {
 
     if (info) {
       // async profile fetch
-      fetchProfile(info, info.relays).then(p => {
+      fetchProfile(info, this.profileNdk).then(p => {
         if (this.params.userInfo !== info) return;
 
         const userInfo = {
@@ -501,7 +500,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     return !!this.readyCallback;
   }
 
-  public startAuth() {
+  public async startAuth() {
     console.log('startAuth');
     if (this.readyCallback) throw new Error('Already started');
 
@@ -562,71 +561,24 @@ class AuthNostrService extends EventEmitter implements Signer {
     // FIXME shouldn't this come from nostrconnect service list?
     this.emit('onIframeUrl', info.iframeUrl);
 
+    // AbortControllerでキャンセル可能にする
+    this.signerAbortController = new AbortController();
+    const abortPromise = new Promise<never>((_, reject) => {
+      this.signerAbortController!.signal.addEventListener('abort', () => {
+        reject(new Error('Cancelled by user'));
+      });
+    });
+
     this.signerPromise = new Promise<void>(async (ok, err) => {
       this.signerErrCallback = err;
       try {
-        // create and prepare the signer
-        const localSigner = new PrivateKeySigner(info.sk!);
-
-        if (info.iframeUrl) {
-          // use NDK-free iframe signer implementation (MessagePort + SimplePool)
-          this.signer = new Nip46Signer(localSigner, info.signerPubkey!, iframeOrigin, info.relays || []);
-
-          // we should notify the banner the same way as the onAuthUrl does
-          this.signer.on(`iframeRestart`, async () => {
-            const iframeUrl = info.iframeUrl + (info.iframeUrl!.includes('?') ? '&' : '?') + 'pubkey=' + info.pubkey + '&rebind=' + localSigner.pubkey;
-            this.emit('iframeRestart', { pubkey: info.pubkey, iframeUrl });
-          });
-
-          // OAuth flow
-          this.signer.on('authUrl', (url: string) => {
-            console.log('nostr login auth url', url);
-
-            // notify our UI
-            this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
-          });
-        } else {
-          // New SimplePool-based NIP-46 flow
-          const client = new Nip46Client({
-            localPrivateKey: info.sk!,
-            remotePubkey: info.signerPubkey!,
-            relays: info.relays || [],
-            timeoutMs: 30000,
-          });
-
-          const adapter = new Nip46Adapter(client, localSigner);
-          this.signer = adapter;
-
-          // OAuth flow: forward authUrl events
-          this.signer.on('authUrl', (url: string) => {
-            console.log('nostr login auth url', url);
-            this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
-          });
-        }
-        if (listen) {
-          // nostrconnect: flow
-          // wait for the incoming message from signer
-          await this.listen(info);
-        } else if (connect) {
-          // bunker: flow
-          // send 'connect' message to signer
-          await this.connect(info, this.params.optionsModal.perms);
-        } else {
-          // provide saved pubkey as a hint
-          await this.signer!.initUserPubkey(info.pubkey);
-        }
-
-        // ensure, we're using it in callbacks above
-        // and expect info to be valid after this call
-        info.pubkey = this.signer!.userPubkey;
-        // learned after nostrconnect flow
-        info.signerPubkey = this.signer!.remotePubkey;
-
-        ok();
+        // タイムアウトとキャンセルの両方に対応
+        await Promise.race([this.initSignerInternal(info, listen, connect, eventToAddAccount, ok), abortPromise]);
       } catch (e) {
         console.log('initSigner failure', e);
         // make sure signer isn't set
         this.signer = null;
+        this.signerAbortController = undefined;
         err(e);
       }
     });
@@ -634,9 +586,73 @@ class AuthNostrService extends EventEmitter implements Signer {
     return this.signerPromise;
   }
 
+  private async initSignerInternal(info: Info, listen: boolean, connect: boolean, eventToAddAccount: boolean, resolve: () => void) {
+    // pre-connect if we're creating the connection (listen|connect) or
+    // not iframe mode
+    if (info.relays && !info.iframeUrl) {
+      for (const r of info.relays) {
+        this.ndk.addExplicitRelay(r, undefined);
+      }
+    }
+
+    // wait until we connect, otherwise
+    // signer won't start properly
+    await this.ndk.connect();
+
+    // create and prepare the signer
+    const localSigner = new PrivateKeySigner(info.sk!);
+    this.signer = new Nip46Signer(this.ndk, localSigner, info.signerPubkey!, info.iframeUrl ? new URL(info.iframeUrl!).origin : undefined);
+
+    // we should notify the banner the same way as
+    // the onAuthUrl does
+    this.signer.on(`iframeRestart`, async () => {
+      const iframeUrl = info.iframeUrl + (info.iframeUrl!.includes('?') ? '&' : '?') + 'pubkey=' + info.pubkey + '&rebind=' + localSigner.pubkey;
+      this.emit('iframeRestart', { pubkey: info.pubkey, iframeUrl });
+    });
+
+    // OAuth flow
+    // if (!listen) {
+    this.signer.on('authUrl', (url: string) => {
+      console.log('nostr login auth url', url);
+
+      // notify our UI
+      this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
+    });
+    // }
+
+    if (listen) {
+      // nostrconnect: flow
+      // wait for the incoming message from signer
+      await this.listen(info);
+    } else if (connect) {
+      // bunker: flow
+      // send 'connect' message to signer
+      await this.connect(info, this.params.optionsModal.perms);
+    } else {
+      // provide saved pubkey as a hint
+      await this.signer!.initUserPubkey(info.pubkey);
+    }
+
+    // ensure, we're using it in callbacks above
+    // and expect info to be valid after this call
+    info.pubkey = this.signer!.userPubkey;
+    // learned after nostrconnect flow
+    info.signerPubkey = this.signer!.remotePubkey;
+
+    this.signerAbortController = undefined;
+    resolve();
+  }
+
   public async authNip46(
     type: 'login' | 'signup',
-    { name, bunkerUrl, sk = '', domain = '', iframeUrl = '' }: { name: string; bunkerUrl: string; sk?: string; domain?: string; iframeUrl?: string },
+    {
+      name,
+      bunkerUrl,
+      sk = '',
+      domain = '',
+      iframeUrl = '',
+      customRelays,
+    }: { name: string; bunkerUrl: string; sk?: string; domain?: string; iframeUrl?: string; customRelays?: string[] },
   ) {
     try {
       const info = bunkerUrlToInfo(bunkerUrl, sk);
@@ -648,8 +664,13 @@ class AuthNostrService extends EventEmitter implements Signer {
       if (domain) info.domain = domain;
       if (iframeUrl) info.iframeUrl = iframeUrl;
 
+      // カスタムリレーが指定されていれば使用する
+      if (customRelays && customRelays.length > 0) {
+        info.relays = customRelays;
+      }
+
       // console.log('nostr login auth info', info);
-      if (!info.signerPubkey || !info.sk || !info.relays || info.relays.length === 0) {
+      if (!info.signerPubkey || !info.sk || !info.relays?.[0]) {
         throw new Error(`Bad bunker url ${bunkerUrl}`);
       }
 
@@ -670,33 +691,22 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async signEvent(event: any) {
-    const timeoutMs = 20000;
-
-    const signPromise = (async () => {
-      if (this.localSigner) {
-        event.pubkey = getPublicKey(this.localSigner.privateKey!);
-        event.id = getEventHash(event);
-        event.sig = await this.localSigner.sign(event);
-      } else {
-        event.pubkey = this.signer?.remotePubkey;
-        event.id = getEventHash(event);
-        event.sig = await this.signer?.sign(event);
-      }
-      return event;
-    })();
-
-    const timeoutPromise = new Promise((_, reject) => {
-      setTimeout(() => reject(new Error('Sign timeout')), timeoutMs);
-    });
-
-    const result = await Promise.race([signPromise, timeoutPromise]);
-    console.log('signed', { event: result });
-    return result;
+    if (this.localSigner) {
+      event.pubkey = getPublicKey(this.localSigner.privateKey!);
+      event.id = getEventHash(event);
+      event.sig = await this.localSigner.sign(event);
+    } else {
+      event.pubkey = this.signer?.remotePubkey;
+      event.id = getEventHash(event);
+      event.sig = await this.signer?.sign(event);
+    }
+    console.log('signed', { event });
+    return event;
   }
 
   private async codec_call(method: string, pubkey: string, param: string) {
     return new Promise<string>((resolve, reject) => {
-      this.signer!.rpc.sendRequest(this.signer!.remotePubkey!, method, [pubkey, param], 24133, (response: RpcResponse) => {
+      this.signer!.rpc.sendRequest(this.signer!.remotePubkey!, method, [pubkey, param], 24133, (response: NDKRpcResponse) => {
         if (!response.error) {
           resolve(response.result);
         } else {
@@ -708,27 +718,20 @@ class AuthNostrService extends EventEmitter implements Signer {
 
   public async encrypt04(pubkey: string, plaintext: string) {
     if (this.localSigner) {
-      return this.localSigner.encrypt(pubkey, plaintext);
+      return this.localSigner.encrypt(new NDKUser({ pubkey }), plaintext);
     } else {
-      // adapter supports encrypt(pubkey, plaintext)
-      if (this.signer && typeof this.signer.encrypt === 'function') {
-        return this.signer.encrypt(pubkey, plaintext);
-      }
-      // fallback to remote codec via signer RPC
-      return this.codec_call('nip04_encrypt', pubkey, plaintext);
+      return this.signer!.encrypt(new NDKUser({ pubkey }), plaintext);
     }
   }
 
   public async decrypt04(pubkey: string, ciphertext: string) {
     if (this.localSigner) {
-      return this.localSigner.decrypt(pubkey, ciphertext);
+      return this.localSigner.decrypt(new NDKUser({ pubkey }), ciphertext);
     } else {
-      // If signer supports direct decrypt(pubkey, ciphertext), use it
-      if (this.signer && typeof this.signer.decrypt === 'function') {
-        return this.signer.decrypt(pubkey, ciphertext);
-      }
+      // decrypt is broken in ndk v2.3.1, and latest
+      // ndk v2.8.1 doesn't allow to override connect easily,
+      // so we reimplement and fix decrypt here as a temporary fix
 
-      // fallback to remote codec via signer RPC
       return this.codec_call('nip04_decrypt', pubkey, ciphertext);
     }
   }
@@ -737,7 +740,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     if (this.localSigner) {
       return this.nip44Codec.encrypt(this.localSigner.privateKey!, pubkey, plaintext);
     } else {
-      // no support of nip44 in legacy signer implementation
+      // no support of nip44 in ndk yet
       return this.codec_call('nip44_encrypt', pubkey, plaintext);
     }
   }
@@ -746,7 +749,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     if (this.localSigner) {
       return this.nip44Codec.decrypt(this.localSigner.privateKey!, pubkey, ciphertext);
     } else {
-      // no support of nip44 in legacy signer implementation
+      // no support of nip44 in ndk yet
       return this.codec_call('nip44_decrypt', pubkey, ciphertext);
     }
   }