lightning-agent 0.3.0 → 0.3.2

package/README.md

@@ -1,8 +1,10 @@
 # ⚡ lightning-agent
 
-Lightning toolkit for AI agents. Payments, auth, escrow, and streaming micropayments.
+**Settle this transaction without a platform.**
 
-A SDK that gives AI agents the ability to transact, authenticate, escrow work, and stream content for sats — all over [Nostr Wallet Connect (NWC)](https://nwc.dev). No browser, no UI, no bank accounts. Connect to any NWC-compatible wallet (Alby Hub, Mutiny, etc.) and start building the agent economy.
+You can't transact without a payment rail. lightning-agent is the rail — payments, auth, escrow, and streaming micropayments over [Nostr Wallet Connect (NWC)](https://nwc.dev). No browser, no UI, no bank accounts, no Stripe. Connect to any NWC-compatible wallet (Alby Hub, Mutiny, etc.) and two agents can exchange value directly.
+
+Part of the constraint chain: [agent-discovery](https://github.com/jeletor/agent-discovery) (find) → [ai-wot](https://github.com/jeletor/ai-wot) (verify) → **lightning-agent** (pay) → [lightning-toll](https://github.com/jeletor/lightning-toll) (gate).
 
 ## Install
 

package/lib/auth.js

@@ -156,6 +156,10 @@ function createAuthServer(opts = {}) {
 /**
  * Sign an LNURL-auth challenge with a private key.
  * 
+ * Uses the native secp256k1 package (libsecp256k1 bindings) for signing,
+ * which produces DER signatures accepted by all LNURL-auth implementations.
+ * Falls back to @noble/curves if secp256k1 is not available.
+ * 
  * @param {string} k1 - Challenge hex (32 bytes)
  * @param {string|Uint8Array} privateKey - Signing private key (hex or bytes)
  * @returns {{ sig: string, key: string }}
@@ -165,14 +169,27 @@ function createAuthServer(opts = {}) {
  * // Send sig + key back to the auth server
  */
 function signAuth(k1, privateKey) {
-  const secp = getSecp256k1();
-  const privBytes = typeof privateKey === 'string'
-    ? Uint8Array.from(Buffer.from(privateKey, 'hex'))
-    : privateKey;
-  const msgBytes = Uint8Array.from(Buffer.from(k1, 'hex'));
+  const privBuf = typeof privateKey === 'string'
+    ? Buffer.from(privateKey, 'hex')
+    : Buffer.from(privateKey);
+  const msgBuf = Buffer.from(k1, 'hex');
+
+  // Prefer native secp256k1 (libsecp256k1 bindings) — produces DER signatures
+  // accepted by all LNURL-auth server implementations
+  try {
+    const secp = require('secp256k1');
+    const { signature } = secp.ecdsaSign(msgBuf, privBuf);
+    const derSig = Buffer.from(secp.signatureExport(signature)).toString('hex');
+    const pubkey = Buffer.from(secp.publicKeyCreate(privBuf, true)).toString('hex');
+    return { sig: derSig, key: pubkey };
+  } catch (e) {
+    if (e.code !== 'MODULE_NOT_FOUND') throw e;
+  }
 
-  // secp256k1.sign returns 64-byte compact sig (r||s) in @noble/curves v2
-  const compactSig = secp.sign(msgBytes, privBytes);
+  // Fallback: @noble/curves with manual DER encoding
+  const secp = getSecp256k1();
+  const privBytes = Uint8Array.from(privBuf);
+  const compactSig = secp.sign(msgBuf, privBytes);
   const sigDer = compactToDER(compactSig);
   const pubkey = Buffer.from(secp.getPublicKey(privBytes, true)).toString('hex');
 
@@ -231,13 +248,25 @@ function getSecp256k1() {
   throw new Error('secp256k1 not available — install @noble/curves or nostr-tools');
 }
 
-// Verify a secp256k1 DER signature over a message hash
+// Verify a secp256k1 DER signature over a message
 function verifySignature(k1Hex, sigHex, pubkeyHex) {
+  const msg = Buffer.from(k1Hex, 'hex');
+  const sigBuf = Buffer.from(sigHex, 'hex');
+  const pub = Buffer.from(pubkeyHex, 'hex');
+
+  // Prefer native secp256k1
+  try {
+    const secp = require('secp256k1');
+    const compact = secp.signatureImport(sigBuf);
+    return secp.ecdsaVerify(compact, msg, pub);
+  } catch (e) {
+    if (e.code !== 'MODULE_NOT_FOUND') throw e;
+  }
+
+  // Fallback: @noble/curves
   const secp = getSecp256k1();
-  const msg = Uint8Array.from(Buffer.from(k1Hex, 'hex'));
   const compactSig = derToCompact(sigHex);
-  const pub = Uint8Array.from(Buffer.from(pubkeyHex, 'hex'));
-  return secp.verify(compactSig, msg, pub);
+  return secp.verify(compactSig, Uint8Array.from(msg), Uint8Array.from(pub));
 }
 
 // Convert 64-byte compact signature (r||s) to DER hex

package/lib/wallet.js

@@ -265,12 +265,14 @@ class NWCWallet {
    * @param {number} [opts.timeoutMs] - Request timeout
    */
   async createInvoice(opts = {}) {
-    if (!opts.amountSats || opts.amountSats <= 0) {
+    // Accept both amountSats and amount for convenience
+    const sats = opts.amountSats || opts.amount;
+    if (!sats || sats <= 0) {
       throw new Error('amountSats is required and must be positive');
     }
 
     const params = {
-      amount: opts.amountSats * 1000, // NWC uses millisats
+      amount: sats * 1000, // NWC uses millisats
     };
     if (opts.description) params.description = opts.description;
     if (opts.expiry) params.expiry = opts.expiry;

package/package.json

@@ -1,16 +1,30 @@
 {
   "name": "lightning-agent",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Lightning toolkit for AI agents. Payments, auth, escrow, and streaming micropayments.",
   "main": "lib/index.js",
   "bin": {
     "lightning-agent": "bin/lightning-agent.js"
   },
-  "keywords": ["lightning", "bitcoin", "ai", "agent", "nostr", "nwc", "payments", "escrow", "streaming", "lnurl", "auth", "micropayments"],
+  "keywords": [
+    "lightning",
+    "bitcoin",
+    "ai",
+    "agent",
+    "nostr",
+    "nwc",
+    "payments",
+    "escrow",
+    "streaming",
+    "lnurl",
+    "auth",
+    "micropayments"
+  ],
   "author": "Jeletor",
   "license": "MIT",
   "dependencies": {
     "nostr-tools": "^2.0.0",
+    "secp256k1": "^5.0.1",
     "ws": "^8.0.0"
   }
 }