@konemono/nostr-login 1.9.14 → 1.10.0

package/src/modules/AuthNostrService.ts

@@ -2,20 +2,16 @@ import { localStorageAddAccount, bunkerUrlToInfo, isBunkerUrl, fetchProfile, get
 import { ConnectionString, Info } from 'nostr-login-components/dist/types/types';
 import { generatePrivateKey, getEventHash, getPublicKey, nip19 } from 'nostr-tools';
 import { NostrLoginAuthOptions, Response } from '../types';
-
+import NDK, { NDKEvent, NDKNip46Signer, NDKRpcResponse, NDKUser, NostrEvent } from '@nostr-dev-kit/ndk';
 import { NostrParams } from './';
 import { EventEmitter } from 'tseep';
 import { Signer } from './Nostr';
 import { Nip44 } from '../utils/nip44';
-import { IframeNostrRpc, Nip46Signer, ReadyListener, RpcResponse } from './Nip46';
-import { Nip46Client } from './nip46/Nip46Client';
-import { Nip46Adapter } from './nip46/Nip46Adapter';
+import { IframeNostrRpc, Nip46Signer, ReadyListener } from './Nip46';
 import { PrivateKeySigner } from './Signer';
-import { AmberDirectSigner } from './AmberDirectSigner';
 
 const OUTBOX_RELAYS = ['wss://user.kindpag.es', 'wss://purplepag.es', 'wss://relay.nos.social'];
-const DEFAULT_NOSTRCONNECT_RELAYS = ['wss://relay.nsec.app/', 'wss://ephemeral.snowflare.cc/'];
-const CONNECT_TIMEOUT = 5000;
+const DEFAULT_NOSTRCONNECT_RELAY = 'wss://relay.nsec.app/';
 const NOSTRCONNECT_APPS: ConnectionString[] = [
   {
     name: 'Nsec.app',
@@ -23,29 +19,31 @@ const NOSTRCONNECT_APPS: ConnectionString[] = [
     canImport: true,
     img: 'https://nsec.app/assets/favicon.ico',
     link: 'https://use.nsec.app/<nostrconnect>',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    relay: 'wss://relay.nsec.app/',
   },
   {
     name: 'Amber',
     img: 'https://raw.githubusercontent.com/greenart7c3/Amber/refs/heads/master/assets/android-icon.svg',
-    link: 'amber',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    link: '<nostrconnect>',
+    relay: 'wss://relay.nsec.app/',
   },
   {
     name: 'Other key stores',
     img: '',
     link: '<nostrconnect>',
-    relays: DEFAULT_NOSTRCONNECT_RELAYS,
+    relay: 'wss://relay.nsec.app/',
   },
 ];
 
 class AuthNostrService extends EventEmitter implements Signer {
-  private signer: any = null;
-  private amberSigner: AmberDirectSigner | null = null;
+  private ndk: NDK;
+  private profileNdk: NDK;
+  private signer: Nip46Signer | null = null;
   private localSigner: PrivateKeySigner | null = null;
   private params: NostrParams;
   private signerPromise?: Promise<void>;
   private signerErrCallback?: (err: string) => void;
+  private signerAbortController?: AbortController;
   private readyPromise?: Promise<void>;
   private readyCallback?: () => void;
   private nip44Codec = new Nip44();
@@ -66,6 +64,15 @@ class AuthNostrService extends EventEmitter implements Signer {
   constructor(params: NostrParams) {
     super();
     this.params = params;
+    this.ndk = new NDK({
+      enableOutboxModel: false,
+    });
+
+    this.profileNdk = new NDK({
+      enableOutboxModel: true,
+      explicitRelayUrls: OUTBOX_RELAYS,
+    });
+    this.profileNdk.connect();
 
     this.nip04 = {
       encrypt: this.encrypt04.bind(this),
@@ -75,96 +82,6 @@ class AuthNostrService extends EventEmitter implements Signer {
       encrypt: this.encrypt44.bind(this),
       decrypt: this.decrypt44.bind(this),
     };
-
-    setTimeout(() => this.checkAmberResponse(), 100);
-
-    const check = () => {
-      this.checkAmberResponse();
-    };
-
-    window.addEventListener('focus', check);
-    window.addEventListener('visibilitychange', () => {
-      if (document.visibilityState === 'visible') check();
-    });
-    window.addEventListener('popstate', check);
-    window.addEventListener('hashchange', check);
-
-    // Periodic check as a safety net
-    setInterval(check, 1000);
-
-    window.addEventListener('message', event => {
-      if (event.data && event.data.method === 'amberResponse') {
-        const { id, type, result } = event.data;
-        console.log('Amber response received via message', { id, type, result });
-        this.handleAmberResponse({ id, type, result });
-      }
-    });
-  }
-
-  private checkAmberResponse() {
-    const response = AmberDirectSigner.parseResponse();
-    if (response) {
-      // If we have an opener and it's not the same window, we are in a popup
-      if (window.opener && window.opener !== window) {
-        console.log('Amber response in popup, sending back to opener');
-        window.opener.postMessage({ method: 'amberResponse', ...response }, window.location.origin);
-        window.close();
-        return;
-      }
-
-      this.handleAmberResponse(response);
-    }
-  }
-
-  private handledAmberIds: Set<string> = new Set();
-
-  private handleAmberResponse(response: { id: string; type: string; result: string }) {
-    if (this.handledAmberIds.has(response.id)) return;
-    this.handledAmberIds.add(response.id);
-
-    console.log('Handling Amber response', response);
-
-    // Stop the "Connecting..." spinner
-    this.emit('onAuthUrl', { url: '' });
-
-    // Resolve pending promises if any (for non-reload cases)
-    const resolved = AmberDirectSigner.resolvePending(response.id, response.type, response.result);
-    if (resolved) {
-      console.log('Resolved pending Amber promise via resolvePending');
-    }
-
-    if (response.type === 'get_public_key' || response.type.includes('pub')) {
-      const info: Info = {
-        pubkey: response.result,
-        name: nip19.npubEncode(response.result),
-        authMethod: 'amber' as any,
-        relays: [],
-        signerPubkey: '',
-      };
-      console.log('Amber login success', info);
-      this.onAuth('login', info);
-    }
-
-    // URLクリーンアップをより徹底的に
-    const url = new URL(window.location.href);
-    let changed = false;
-    if (url.searchParams.has('event')) {
-      url.searchParams.delete('event');
-      changed = true;
-    }
-
-    // パス末尾が結果と一致する場合はパスもクリア
-    const pathParts = url.pathname.split('/');
-    if (pathParts.length > 0 && pathParts[pathParts.length - 1] === response.result) {
-      pathParts.pop();
-      url.pathname = pathParts.join('/') || '/';
-      changed = true;
-    }
-
-    if (changed) {
-      console.log('Cleaning up Amber response URL', url.toString());
-      window.history.replaceState({}, '', url.toString());
-    }
   }
 
   public isIframe() {
@@ -190,8 +107,20 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.resetAuth();
   }
 
+  public cancelSignerInit() {
+    if (this.signerAbortController) {
+      this.signerAbortController.abort();
+      this.signerAbortController = undefined;
+    }
+    if (this.signerErrCallback) {
+      this.signerErrCallback('Cancelled by user');
+      this.signerErrCallback = undefined;
+    }
+    this.emit('signerCancelled');
+  }
+
   public async nostrConnect(
-    relays?: string[],
+    relay?: string,
     {
       domain = '',
       link = '',
@@ -203,8 +132,8 @@ class AuthNostrService extends EventEmitter implements Signer {
       importConnect?: boolean;
       iframeUrl?: string;
     } = {},
-  ): Promise<Info> {
-    relays = relays && relays.length > 0 ? relays : DEFAULT_NOSTRCONNECT_RELAYS;
+  ) {
+    relay = relay || DEFAULT_NOSTRCONNECT_RELAY;
 
     const info: Info = {
       authMethod: 'connect',
@@ -212,51 +141,14 @@ class AuthNostrService extends EventEmitter implements Signer {
       signerPubkey: '', // unknown too!
       sk: this.nostrConnectKey,
       domain: domain,
-      relays: relays,
+      relays: [relay],
       iframeUrl,
     };
 
     console.log('nostrconnect info', info, link);
 
     // non-iframe flow
-    if (link && !iframeUrl) {
-      if (link === 'amber') {
-        const signer = new AmberDirectSigner();
-        this.amberSigner = signer;
-
-        const id = Math.random().toString(36).substring(7);
-        const url = signer.generateUrl('', 'get_public_key', id);
-
-        // Emit for the "Connecting..." spinner
-        this.emit('onAuthUrl', { url });
-
-        try {
-          const pubkey = await signer.getPublicKey(id);
-          const info: Info = {
-            pubkey,
-            name: nip19.npubEncode(pubkey),
-            authMethod: 'amber' as any,
-            relays: [],
-            signerPubkey: '',
-          };
-          this.onAuth('login', info);
-          return info;
-        } catch (e) {
-          console.log('Amber getPublicKey failed or was blocked', e);
-          // Fallback: wait for onAuth to be called (e.g. via user clicking Continue)
-          return new Promise(resolve => {
-            const handler = (info: Info | null) => {
-              if (info && info.authMethod === ('amber' as any)) {
-                this.off('onUserInfo', handler); // Use onUserInfo as a proxy for onAuth
-                resolve(info);
-              }
-            };
-            this.on('onUserInfo', handler);
-          });
-        }
-      }
-      window.open(link, '_blank', 'width=400,height=700');
-    }
+    if (link && !iframeUrl) window.open(link, '_blank', 'width=400,height=700');
 
     // init nip46 signer
     await this.initSigner(info, { listen: true });
@@ -264,7 +156,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     // signer learns the remote pubkey
     if (!info.pubkey || !info.signerPubkey) throw new Error('Bad remote pubkey');
 
-    info.bunkerUrl = `bunker://${info.signerPubkey}?${relays.map((r, i) => `${i !== 0 ? '&' : ''}relay=${r}`)}`;
+    info.bunkerUrl = `bunker://${info.signerPubkey}?relay=${relay}`;
 
     // callback
     if (!importConnect) this.onAuth('login', info);
@@ -272,14 +164,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     return info;
   }
 
-  public async createNostrConnect(relays?: string[]) {
-    /*const relayList = relays
-      ? relays
-        .split(",")
-        .map(r => r.trim().replace(/['"]/g, ""))
-        .filter(r => r.length > 0)
-      : [];*/
-
+  public async createNostrConnect(relay?: string) {
     this.nostrConnectKey = generatePrivateKey();
     this.nostrConnectSecret = Math.random().toString(36).substring(7);
 
@@ -291,7 +176,7 @@ class AuthNostrService extends EventEmitter implements Signer {
       perms: encodeURIComponent(this.params.optionsModal.perms || ''),
     };
 
-    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${(relays || []).length > 0 ? (relays || []).map((r, i) => `&relay=${r}`) : ''}`;
+    return `nostrconnect://${pubkey}?image=${meta.icon}&url=${meta.url}&name=${meta.name}&perms=${meta.perms}&secret=${this.nostrConnectSecret}${relay ? `&relay=${relay}` : ''}`;
   }
 
   public async getNostrConnectServices(): Promise<[string, ConnectionString[]]> {
@@ -311,35 +196,25 @@ class AuthNostrService extends EventEmitter implements Signer {
     // }
 
     for (const a of apps) {
-      let relays: string[] = [...DEFAULT_NOSTRCONNECT_RELAYS];
-
+      let relay = DEFAULT_NOSTRCONNECT_RELAY;
       if (a.link.startsWith('https://')) {
-        const domain = a.domain || new URL(a.link).hostname;
+        let domain = a.domain || new URL(a.link).hostname;
         try {
           const info = await (await fetch(`https://${domain}/.well-known/nostr.json`)).json();
           const pubkey = info.names['_'];
-          const appRelays = info.nip46?.[pubkey] as string[] | undefined;
-
-          if (Array.isArray(appRelays) && appRelays.length > 0) {
-            relays = appRelays;
-          }
-
-          a.iframeUrl = info.nip46?.iframe_url || '';
+          const relays = info.nip46[pubkey] as string[];
+          if (relays && relays.length) relay = relays[0];
+          a.iframeUrl = info.nip46.iframe_url || '';
         } catch (e) {
           console.log('Bad app info', e, a);
         }
       }
-
-      const relayParams = relays
-        .map(r => r.replace(/['"]/g, ''))
-        .map(r => `&relay=${encodeURIComponent(r)}`)
-        .join('');
-
-      const nc = nostrconnect + relayParams;
-
+      const nc = nostrconnect + '&relay=' + relay;
       if (a.iframeUrl) {
+        // pass plain nc url for iframe-based flow
         a.link = nc;
       } else {
+        // we will open popup ourselves
         a.link = a.link.replace('<nostrconnect>', nc);
       }
     }
@@ -365,7 +240,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.releaseSigner();
     this.localSigner = new PrivateKeySigner(info.sk!);
 
-    if (signup) await createProfile(info, this.localSigner, this.params.optionsModal.signupRelays, this.params.optionsModal.outboxRelays);
+    if (signup) await createProfile(info, this.profileNdk, this.localSigner, this.params.optionsModal.signupRelays, this.params.optionsModal.outboxRelays);
 
     this.onAuth(signup ? 'signup' : 'login', info);
   }
@@ -380,18 +255,19 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async importAndConnect(cs: ConnectionString) {
-    const { relays, domain, link, iframeUrl } = cs;
+    const { relay, domain, link, iframeUrl } = cs;
     if (!domain) throw new Error('Domain required');
 
-    const info = await this.nostrConnect(relays, {
-      domain,
-      link,
-      importConnect: true,
-      iframeUrl,
-    });
+    const info = await this.nostrConnect(relay, { domain, link, importConnect: true, iframeUrl });
+
+    // logout to remove local keys from storage
+    // but keep the connect signer
+    await this.logout(/*keepSigner*/ true);
 
-    await this.logout(true);
+    // release local one
     this.localSigner = null;
+
+    // notify app that we've switched to 'connect' keys
     this.onAuth('login', info);
   }
 
@@ -418,12 +294,6 @@ class AuthNostrService extends EventEmitter implements Signer {
     await this.endAuth();
   }
 
-  public async setAmber(info: Info) {
-    this.releaseSigner();
-    this.amberSigner = new AmberDirectSigner(info.pubkey);
-    this.onAuth('login', info);
-  }
-
   public async createAccount(nip05: string) {
     const [name, domain] = nip05.split('@');
 
@@ -443,8 +313,8 @@ class AuthNostrService extends EventEmitter implements Signer {
     const userPubkey = await this.signer!.createAccount2({ bunkerPubkey: info.signerPubkey!, name, domain, perms: this.params.optionsModal.perms });
 
     return {
-      bunkerUrl: `bunker://${userPubkey}?` + (info.relays ?? []).map((r: string) => `relay=${encodeURIComponent(r)}`).join('&'),
-      sk: info.sk,
+      bunkerUrl: `bunker://${userPubkey}?relay=${info.relays?.[0]}`,
+      sk: info.sk, // reuse the same local key
     };
   }
 
@@ -452,7 +322,11 @@ class AuthNostrService extends EventEmitter implements Signer {
     this.signer = null;
     this.signerErrCallback?.('cancelled');
     this.localSigner = null;
-    this.amberSigner = null;
+
+    // disconnect from signer relays
+    for (const r of this.ndk.pool.relays.keys()) {
+      this.ndk.pool.removeRelay(r);
+    }
   }
 
   public async logout(keepSigner = false) {
@@ -497,7 +371,7 @@ class AuthNostrService extends EventEmitter implements Signer {
 
     if (info) {
       // async profile fetch
-      fetchProfile(info, info.relays).then(p => {
+      fetchProfile(info, this.profileNdk).then(p => {
         if (this.params.userInfo !== info) return;
 
         const userInfo = {
@@ -626,7 +500,7 @@ class AuthNostrService extends EventEmitter implements Signer {
     return !!this.readyCallback;
   }
 
-  public startAuth() {
+  public async startAuth() {
     console.log('startAuth');
     if (this.readyCallback) throw new Error('Already started');
 
@@ -687,71 +561,24 @@ class AuthNostrService extends EventEmitter implements Signer {
     // FIXME shouldn't this come from nostrconnect service list?
     this.emit('onIframeUrl', info.iframeUrl);
 
+    // AbortControllerでキャンセル可能にする
+    this.signerAbortController = new AbortController();
+    const abortPromise = new Promise<never>((_, reject) => {
+      this.signerAbortController!.signal.addEventListener('abort', () => {
+        reject(new Error('Cancelled by user'));
+      });
+    });
+
     this.signerPromise = new Promise<void>(async (ok, err) => {
       this.signerErrCallback = err;
       try {
-        // create and prepare the signer
-        const localSigner = new PrivateKeySigner(info.sk!);
-
-        if (info.iframeUrl) {
-          // use NDK-free iframe signer implementation (MessagePort + SimplePool)
-          this.signer = new Nip46Signer(localSigner, info.signerPubkey!, iframeOrigin, info.relays || []);
-
-          // we should notify the banner the same way as the onAuthUrl does
-          this.signer.on(`iframeRestart`, async () => {
-            const iframeUrl = info.iframeUrl + (info.iframeUrl!.includes('?') ? '&' : '?') + 'pubkey=' + info.pubkey + '&rebind=' + localSigner.pubkey;
-            this.emit('iframeRestart', { pubkey: info.pubkey, iframeUrl });
-          });
-
-          // OAuth flow
-          this.signer.on('authUrl', (url: string) => {
-            console.log('nostr login auth url', url);
-
-            // notify our UI
-            this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
-          });
-        } else {
-          // New SimplePool-based NIP-46 flow
-          const client = new Nip46Client({
-            localPrivateKey: info.sk!,
-            remotePubkey: info.signerPubkey!,
-            relays: info.relays || [],
-            timeoutMs: 30000,
-          });
-
-          const adapter = new Nip46Adapter(client, localSigner);
-          this.signer = adapter;
-
-          // OAuth flow: forward authUrl events
-          this.signer.on('authUrl', (url: string) => {
-            console.log('nostr login auth url', url);
-            this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
-          });
-        }
-        if (listen) {
-          // nostrconnect: flow
-          // wait for the incoming message from signer
-          await this.listen(info);
-        } else if (connect) {
-          // bunker: flow
-          // send 'connect' message to signer
-          await this.connect(info, this.params.optionsModal.perms);
-        } else {
-          // provide saved pubkey as a hint
-          await this.signer!.initUserPubkey(info.pubkey);
-        }
-
-        // ensure, we're using it in callbacks above
-        // and expect info to be valid after this call
-        info.pubkey = this.signer!.userPubkey;
-        // learned after nostrconnect flow
-        info.signerPubkey = this.signer!.remotePubkey;
-
-        ok();
+        // タイムアウトとキャンセルの両方に対応
+        await Promise.race([this.initSignerInternal(info, listen, connect, eventToAddAccount, ok), abortPromise]);
       } catch (e) {
         console.log('initSigner failure', e);
         // make sure signer isn't set
         this.signer = null;
+        this.signerAbortController = undefined;
         err(e);
       }
     });
@@ -759,9 +586,73 @@ class AuthNostrService extends EventEmitter implements Signer {
     return this.signerPromise;
   }
 
+  private async initSignerInternal(info: Info, listen: boolean, connect: boolean, eventToAddAccount: boolean, resolve: () => void) {
+    // pre-connect if we're creating the connection (listen|connect) or
+    // not iframe mode
+    if (info.relays && !info.iframeUrl) {
+      for (const r of info.relays) {
+        this.ndk.addExplicitRelay(r, undefined);
+      }
+    }
+
+    // wait until we connect, otherwise
+    // signer won't start properly
+    await this.ndk.connect();
+
+    // create and prepare the signer
+    const localSigner = new PrivateKeySigner(info.sk!);
+    this.signer = new Nip46Signer(this.ndk, localSigner, info.signerPubkey!, info.iframeUrl ? new URL(info.iframeUrl!).origin : undefined);
+
+    // we should notify the banner the same way as
+    // the onAuthUrl does
+    this.signer.on(`iframeRestart`, async () => {
+      const iframeUrl = info.iframeUrl + (info.iframeUrl!.includes('?') ? '&' : '?') + 'pubkey=' + info.pubkey + '&rebind=' + localSigner.pubkey;
+      this.emit('iframeRestart', { pubkey: info.pubkey, iframeUrl });
+    });
+
+    // OAuth flow
+    // if (!listen) {
+    this.signer.on('authUrl', (url: string) => {
+      console.log('nostr login auth url', url);
+
+      // notify our UI
+      this.emit('onAuthUrl', { url, iframeUrl: info.iframeUrl, eventToAddAccount });
+    });
+    // }
+
+    if (listen) {
+      // nostrconnect: flow
+      // wait for the incoming message from signer
+      await this.listen(info);
+    } else if (connect) {
+      // bunker: flow
+      // send 'connect' message to signer
+      await this.connect(info, this.params.optionsModal.perms);
+    } else {
+      // provide saved pubkey as a hint
+      await this.signer!.initUserPubkey(info.pubkey);
+    }
+
+    // ensure, we're using it in callbacks above
+    // and expect info to be valid after this call
+    info.pubkey = this.signer!.userPubkey;
+    // learned after nostrconnect flow
+    info.signerPubkey = this.signer!.remotePubkey;
+
+    this.signerAbortController = undefined;
+    resolve();
+  }
+
   public async authNip46(
     type: 'login' | 'signup',
-    { name, bunkerUrl, sk = '', domain = '', iframeUrl = '' }: { name: string; bunkerUrl: string; sk?: string; domain?: string; iframeUrl?: string },
+    {
+      name,
+      bunkerUrl,
+      sk = '',
+      domain = '',
+      iframeUrl = '',
+      customRelays,
+    }: { name: string; bunkerUrl: string; sk?: string; domain?: string; iframeUrl?: string; customRelays?: string[] },
   ) {
     try {
       const info = bunkerUrlToInfo(bunkerUrl, sk);
@@ -773,8 +664,13 @@ class AuthNostrService extends EventEmitter implements Signer {
       if (domain) info.domain = domain;
       if (iframeUrl) info.iframeUrl = iframeUrl;
 
+      // カスタムリレーが指定されていれば使用する
+      if (customRelays && customRelays.length > 0) {
+        info.relays = customRelays;
+      }
+
       // console.log('nostr login auth info', info);
-      if (!info.signerPubkey || !info.sk || !info.relays || info.relays.length === 0) {
+      if (!info.signerPubkey || !info.sk || !info.relays?.[0]) {
         throw new Error(`Bad bunker url ${bunkerUrl}`);
       }
 
@@ -795,37 +691,22 @@ class AuthNostrService extends EventEmitter implements Signer {
   }
 
   public async signEvent(event: any) {
-    const timeoutMs = 20000;
-
-    const signPromise = (async () => {
-      if (this.localSigner) {
-        event.pubkey = getPublicKey(this.localSigner.privateKey!);
-        event.id = getEventHash(event);
-        event.sig = await this.localSigner.sign(event);
-      } else if (this.params.userInfo?.authMethod === ('amber' as any)) {
-        const userInfo = this.params.userInfo!;
-        if (!this.amberSigner) this.amberSigner = new AmberDirectSigner(userInfo.pubkey);
-        return this.amberSigner.signEvent(event);
-      } else {
-        event.pubkey = this.signer?.remotePubkey;
-        event.id = getEventHash(event);
-        event.sig = await this.signer?.sign(event);
-      }
-      return event;
-    })();
-
-    const timeoutPromise = new Promise((_, reject) => {
-      setTimeout(() => reject(new Error('Sign timeout')), timeoutMs);
-    });
-
-    const result = await Promise.race([signPromise, timeoutPromise]);
-    console.log('signed', { event: result });
-    return result;
+    if (this.localSigner) {
+      event.pubkey = getPublicKey(this.localSigner.privateKey!);
+      event.id = getEventHash(event);
+      event.sig = await this.localSigner.sign(event);
+    } else {
+      event.pubkey = this.signer?.remotePubkey;
+      event.id = getEventHash(event);
+      event.sig = await this.signer?.sign(event);
+    }
+    console.log('signed', { event });
+    return event;
   }
 
   private async codec_call(method: string, pubkey: string, param: string) {
     return new Promise<string>((resolve, reject) => {
-      this.signer!.rpc.sendRequest(this.signer!.remotePubkey!, method, [pubkey, param], 24133, (response: RpcResponse) => {
+      this.signer!.rpc.sendRequest(this.signer!.remotePubkey!, method, [pubkey, param], 24133, (response: NDKRpcResponse) => {
         if (!response.error) {
           resolve(response.result);
         } else {
@@ -837,35 +718,20 @@ class AuthNostrService extends EventEmitter implements Signer {
 
   public async encrypt04(pubkey: string, plaintext: string) {
     if (this.localSigner) {
-      return this.localSigner.encrypt(pubkey, plaintext);
-    } else if (this.params.userInfo?.authMethod === ('amber' as any)) {
-      const userInfo = this.params.userInfo!;
-      if (!this.amberSigner) this.amberSigner = new AmberDirectSigner(userInfo.pubkey);
-      return this.amberSigner.encrypt04(pubkey, plaintext);
+      return this.localSigner.encrypt(new NDKUser({ pubkey }), plaintext);
     } else {
-      // adapter supports encrypt(pubkey, plaintext)
-      if (this.signer && typeof this.signer.encrypt === 'function') {
-        return this.signer.encrypt(pubkey, plaintext);
-      }
-      // fallback to remote codec via signer RPC
-      return this.codec_call('nip04_encrypt', pubkey, plaintext);
+      return this.signer!.encrypt(new NDKUser({ pubkey }), plaintext);
     }
   }
 
   public async decrypt04(pubkey: string, ciphertext: string) {
     if (this.localSigner) {
-      return this.localSigner.decrypt(pubkey, ciphertext);
-    } else if (this.params.userInfo?.authMethod === ('amber' as any)) {
-      const userInfo = this.params.userInfo!;
-      if (!this.amberSigner) this.amberSigner = new AmberDirectSigner(userInfo.pubkey);
-      return this.amberSigner.decrypt04(pubkey, ciphertext);
+      return this.localSigner.decrypt(new NDKUser({ pubkey }), ciphertext);
     } else {
-      // If signer supports direct decrypt(pubkey, ciphertext), use it
-      if (this.signer && typeof this.signer.decrypt === 'function') {
-        return this.signer.decrypt(pubkey, ciphertext);
-      }
+      // decrypt is broken in ndk v2.3.1, and latest
+      // ndk v2.8.1 doesn't allow to override connect easily,
+      // so we reimplement and fix decrypt here as a temporary fix
 
-      // fallback to remote codec via signer RPC
       return this.codec_call('nip04_decrypt', pubkey, ciphertext);
     }
   }
@@ -873,12 +739,8 @@ class AuthNostrService extends EventEmitter implements Signer {
   public async encrypt44(pubkey: string, plaintext: string) {
     if (this.localSigner) {
       return this.nip44Codec.encrypt(this.localSigner.privateKey!, pubkey, plaintext);
-    } else if (this.params.userInfo?.authMethod === ('amber' as any)) {
-      const userInfo = this.params.userInfo!;
-      if (!this.amberSigner) this.amberSigner = new AmberDirectSigner(userInfo.pubkey);
-      return this.amberSigner.encrypt44(pubkey, plaintext);
     } else {
-      // no support of nip44 in legacy signer implementation
+      // no support of nip44 in ndk yet
       return this.codec_call('nip44_encrypt', pubkey, plaintext);
     }
   }
@@ -886,12 +748,8 @@ class AuthNostrService extends EventEmitter implements Signer {
   public async decrypt44(pubkey: string, ciphertext: string) {
     if (this.localSigner) {
       return this.nip44Codec.decrypt(this.localSigner.privateKey!, pubkey, ciphertext);
-    } else if (this.params.userInfo?.authMethod === ('amber' as any)) {
-      const userInfo = this.params.userInfo!;
-      if (!this.amberSigner) this.amberSigner = new AmberDirectSigner(userInfo.pubkey);
-      return this.amberSigner.decrypt44(pubkey, ciphertext);
     } else {
-      // no support of nip44 in legacy signer implementation
+      // no support of nip44 in ndk yet
       return this.codec_call('nip44_decrypt', pubkey, ciphertext);
     }
   }