applesauce-signers 0.0.0-next-20250128152442

package/dist/signers/serial-port-signer.js

@@ -0,0 +1,229 @@
+/// <reference types="@types/dom-serial" />
+import { getEventHash, verifyEvent } from "nostr-tools";
+import { base64 } from "@scure/base";
+import { randomBytes, hexToBytes, bytesToHex } from "@noble/hashes/utils";
+import { Point } from "@noble/secp256k1";
+import { createDefer } from "applesauce-core/promise";
+import { logger } from "../logger.js";
+const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+function xOnlyToXY(p) {
+    return Point.fromHex(p).toHex().substring(2);
+}
+const utf8Decoder = new TextDecoder("utf-8");
+const utf8Encoder = new TextEncoder();
+/** A signer that works with [nostr-signing-device](https://github.com/lnbits/nostr-signing-device) */
+export class SerialPortSigner {
+    log = logger.extend("SerialPortSigner");
+    writer = null;
+    pubkey;
+    get isConnected() {
+        return !!this.writer;
+    }
+    verifyEvent = verifyEvent;
+    nip04;
+    constructor() {
+        this.nip04 = {
+            encrypt: this.nip04Encrypt.bind(this),
+            decrypt: this.nip04Decrypt.bind(this),
+        };
+    }
+    lastCommand = null;
+    async callMethodOnDevice(method, params, opts = {}) {
+        if (!SerialPortSigner.SUPPORTED)
+            throw new Error("Serial devices are not supported");
+        if (!this.writer)
+            await this.connectToDevice(opts);
+        // only one command can be pending at any time
+        // but each will only wait 6 seconds
+        if (this.lastCommand)
+            throw new Error("Previous command to device still pending!");
+        const command = createDefer();
+        this.lastCommand = command;
+        // send actual command
+        this.sendCommand(method, params);
+        setTimeout(() => {
+            command.reject(new Error("Device timeout"));
+            if (this.lastCommand === command)
+                this.lastCommand = null;
+        }, 6000);
+        return this.lastCommand;
+    }
+    async connectToDevice({ onConnect, onDisconnect, onError, onDone }) {
+        let port = await window.navigator.serial.requestPort();
+        let reader;
+        const startSerialPortReading = async () => {
+            // reading responses
+            while (port && port.readable) {
+                const textDecoder = new window.TextDecoderStream();
+                port.readable.pipeTo(textDecoder.writable);
+                reader = textDecoder.readable.getReader();
+                const readStringUntil = this.readFromSerialPort(reader);
+                try {
+                    while (true) {
+                        const { value, done } = await readStringUntil("\n");
+                        if (value) {
+                            const { method, data } = this.parseResponse(value);
+                            // if (method === "/log") deviceLog(data);
+                            if (method === "/ping")
+                                this.log("Pong");
+                            if (SerialPortSigner.PUBLIC_METHODS.indexOf(method) === -1) {
+                                // ignore /ping, /log responses
+                                continue;
+                            }
+                            this.log("Received: ", method, data);
+                            if (this.lastCommand) {
+                                this.lastCommand.resolve(data);
+                                this.lastCommand = null;
+                            }
+                        }
+                        if (done) {
+                            this.lastCommand = null;
+                            this.writer = null;
+                            if (onDone)
+                                onDone();
+                            return;
+                        }
+                    }
+                }
+                catch (error) {
+                    if (error instanceof Error) {
+                        this.writer = null;
+                        if (onError)
+                            onError(error);
+                        if (this.lastCommand) {
+                            this.lastCommand.reject(error);
+                            this.lastCommand = null;
+                        }
+                        throw error;
+                    }
+                }
+            }
+        };
+        await port.open({ baudRate: 9600 });
+        // this `sleep()` is a hack, I know!
+        // but `port.onconnect` is never called. I don't know why!
+        await sleep(1000);
+        startSerialPortReading();
+        const textEncoder = new window.TextEncoderStream();
+        textEncoder.readable.pipeTo(port.writable);
+        this.writer = textEncoder.writable.getWriter();
+        // send ping first
+        await this.sendCommand(SerialPortSigner.METHOD_PING);
+        await this.sendCommand(SerialPortSigner.METHOD_PING, [window.location.host]);
+        if (onConnect)
+            onConnect();
+        port.addEventListener("disconnect", () => {
+            this.log("Disconnected");
+            this.lastCommand = null;
+            this.writer = null;
+            if (onDisconnect)
+                onDisconnect();
+        });
+    }
+    async sendCommand(method, params = []) {
+        if (!this.writer)
+            return;
+        this.log("Send command", method, params);
+        const message = [method].concat(params).join(" ");
+        await this.writer.write(message + "\n");
+    }
+    readFromSerialPort(reader) {
+        let partialChunk;
+        let fulliness = [];
+        const readStringUntil = async (separator = "\n") => {
+            if (fulliness.length)
+                return { value: fulliness.shift().trim(), done: false };
+            const chunks = [];
+            if (partialChunk) {
+                // leftovers from previous read
+                chunks.push(partialChunk);
+                partialChunk = undefined;
+            }
+            while (true) {
+                const { value, done } = await reader.read();
+                if (value) {
+                    const values = value.split(separator);
+                    // found one or more separators
+                    if (values.length > 1) {
+                        chunks.push(values.shift()); // first element
+                        partialChunk = values.pop(); // last element
+                        fulliness = values; // full lines
+                        return { value: chunks.join("").trim(), done: false };
+                    }
+                    chunks.push(value);
+                }
+                if (done)
+                    return { value: chunks.join("").trim(), done: true };
+            }
+        };
+        return readStringUntil;
+    }
+    parseResponse(value) {
+        const method = value.split(" ")[0];
+        const data = value.substring(method.length).trim();
+        return { method, data };
+    }
+    // NIP-04
+    async nip04Encrypt(pubkey, text) {
+        const sharedSecretStr = await this.callMethodOnDevice(SerialPortSigner.METHOD_SHARED_SECRET, [xOnlyToXY(pubkey)]);
+        const sharedSecret = hexToBytes(sharedSecretStr);
+        let iv = Uint8Array.from(randomBytes(16));
+        let plaintext = utf8Encoder.encode(text);
+        let cryptoKey = await crypto.subtle.importKey("raw", sharedSecret, { name: "AES-CBC" }, false, ["encrypt"]);
+        let ciphertext = await crypto.subtle.encrypt({ name: "AES-CBC", iv }, cryptoKey, plaintext);
+        let ctb64 = base64.encode(new Uint8Array(ciphertext));
+        let ivb64 = base64.encode(new Uint8Array(iv.buffer));
+        return `${ctb64}?iv=${ivb64}`;
+    }
+    async nip04Decrypt(pubkey, data) {
+        let [ctb64, ivb64] = data.split("?iv=");
+        const sharedSecretStr = await this.callMethodOnDevice(SerialPortSigner.METHOD_SHARED_SECRET, [xOnlyToXY(pubkey)]);
+        const sharedSecret = hexToBytes(sharedSecretStr);
+        let cryptoKey = await crypto.subtle.importKey("raw", sharedSecret, { name: "AES-CBC" }, false, ["decrypt"]);
+        let ciphertext = base64.decode(ctb64);
+        let iv = base64.decode(ivb64);
+        let plaintext = await crypto.subtle.decrypt({ name: "AES-CBC", iv }, cryptoKey, ciphertext);
+        let text = utf8Decoder.decode(plaintext);
+        return text;
+    }
+    /** Returns the public key on the device */
+    async getPublicKey() {
+        const pubkey = await this.callMethodOnDevice(SerialPortSigner.METHOD_PUBLIC_KEY, []);
+        this.pubkey = pubkey;
+        return pubkey;
+    }
+    /** Sets the secret key used on the device */
+    async restore(secretKey) {
+        await this.callMethodOnDevice(SerialPortSigner.METHOD_RESTORE, [bytesToHex(secretKey)]);
+    }
+    /** Requires the device to sign an event */
+    async signEvent(draft) {
+        const pubkey = draft.pubkey || this.pubkey;
+        if (!pubkey)
+            throw new Error("Unknown signer pubkey");
+        const draftWithId = { ...draft, id: getEventHash({ ...draft, pubkey }) };
+        const sig = await this.callMethodOnDevice(SerialPortSigner.METHOD_SIGN_MESSAGE, [draftWithId.id]);
+        const event = { ...draftWithId, sig, pubkey };
+        if (!this.verifyEvent(event))
+            throw new Error("Invalid signature");
+        return event;
+    }
+    /** Pings to device to see if the connection is open */
+    ping() {
+        this.sendCommand(SerialPortSigner.METHOD_PING, [window.location.host]);
+    }
+    // static const
+    static SUPPORTED = "navigator" in globalThis && !!navigator.serial;
+    static METHOD_PING = "/ping";
+    static METHOD_LOG = "/log";
+    static METHOD_SIGN_MESSAGE = "/sign-message";
+    static METHOD_SHARED_SECRET = "/shared-secret";
+    static METHOD_PUBLIC_KEY = "/public-key";
+    static METHOD_RESTORE = "/restore";
+    static PUBLIC_METHODS = [
+        SerialPortSigner.METHOD_PUBLIC_KEY,
+        SerialPortSigner.METHOD_SIGN_MESSAGE,
+        SerialPortSigner.METHOD_SHARED_SECRET,
+        SerialPortSigner.METHOD_RESTORE,
+    ];
+}

package/dist/signers/simple-signer.d.ts

@@ -0,0 +1,16 @@
+import { EventTemplate } from "nostr-tools";
+/** A Simple NIP-07 signer class */
+export declare class SimpleSigner {
+    key: Uint8Array;
+    constructor(key?: Uint8Array);
+    getPublicKey(): Promise<string>;
+    signEvent(event: EventTemplate): Promise<import("nostr-tools").VerifiedEvent>;
+    nip04: {
+        encrypt: (pubkey: string, plaintext: string) => Promise<string>;
+        decrypt: (pubkey: string, ciphertext: string) => Promise<string>;
+    };
+    nip44: {
+        encrypt: (pubkey: string, plaintext: string) => Promise<string>;
+        decrypt: (pubkey: string, ciphertext: string) => Promise<string>;
+    };
+}

package/dist/signers/simple-signer.js

@@ -0,0 +1,22 @@
+import { finalizeEvent, generateSecretKey, getPublicKey, nip04, nip44 } from "nostr-tools";
+/** A Simple NIP-07 signer class */
+export class SimpleSigner {
+    key;
+    constructor(key) {
+        this.key = key || generateSecretKey();
+    }
+    async getPublicKey() {
+        return getPublicKey(this.key);
+    }
+    async signEvent(event) {
+        return finalizeEvent(event, this.key);
+    }
+    nip04 = {
+        encrypt: async (pubkey, plaintext) => nip04.encrypt(this.key, pubkey, plaintext),
+        decrypt: async (pubkey, ciphertext) => nip04.decrypt(this.key, pubkey, ciphertext),
+    };
+    nip44 = {
+        encrypt: async (pubkey, plaintext) => nip44.v2.encrypt(plaintext, nip44.v2.utils.getConversationKey(this.key, pubkey)),
+        decrypt: async (pubkey, ciphertext) => nip44.v2.decrypt(ciphertext, nip44.v2.utils.getConversationKey(this.key, pubkey)),
+    };
+}

package/package.json

@@ -0,0 +1,59 @@
+{
+  "name": "applesauce-signers",
+  "version": "0.0.0-next-20250128152442",
+  "description": "Signer classes for applesauce",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "keywords": [
+    "nostr"
+  ],
+  "author": "hzrd149",
+  "license": "MIT",
+  "files": [
+    "dist",
+    "applesauce"
+  ],
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./signers": {
+      "import": "./dist/signers/index.js",
+      "require": "./dist/signers/index.js",
+      "types": "./dist/signers/index.d.ts"
+    },
+    "./signers/*": {
+      "import": "./dist/signers/*.js",
+      "require": "./dist/signers/*.js",
+      "types": "./dist/signers/*.d.ts"
+    }
+  },
+  "dependencies": {
+    "@noble/hashes": "^1.5.0",
+    "@noble/secp256k1": "^1.7.1",
+    "@scure/base": "^1.1.9",
+    "applesauce-core": "0.0.0-next-20250128152442",
+    "debug": "^4.3.7",
+    "nanoid": "^5.0.7",
+    "nostr-tools": "^2.10.3"
+  },
+  "devDependencies": {
+    "@types/dom-serial": "^1.0.6",
+    "@types/debug": "^4.1.12",
+    "typescript": "^5.6.3",
+    "vitest": "^2.1.8"
+  },
+  "funding": {
+    "type": "lightning",
+    "url": "lightning:nostrudel@geyser.fund"
+  },
+  "scripts": {
+    "build": "tsc",
+    "watch:build": "tsc --watch > /dev/null",
+    "test": "vitest run --passWithNoTests",
+    "watch:test": "vitest"
+  }
+}