nappup 1.0.14 → 1.2.0

package/README.md

@@ -26,8 +26,9 @@ nappup [directory] [options]
 
 | Flag | Description |
 |------|-------------|
-| `-s <secret_key>` | Your Nostr secret key (hex format) used to sign the application event. See [Authentication](#authentication) for alternatives. |
+| `-s <secret_key>` | Your Nostr secret key (hex or nsec format) used to sign the application event. See [Authentication](#authentication) for alternatives. |
 | `-d <d_tag>` | The unique identifier (`d` tag) for your application. If omitted, defaults to the directory name. Avoid generic names like `dist` or `build` - use something unique among your other apps like `mycoolapp`. |
+| `-y` | Skip confirmation prompt. Useful for CI/CD pipelines or automated scripts. |
 | `-r` | Force re-upload. By default, Napp Up! might skip files that haven't changed. Use this flag to ensure everything is pushed fresh. |
 | `--main` | Publish to the **main** release channel. This is the default behavior. |
 | `--next` | Publish to the **next** release channel. Ideal for beta testing or staging builds. |
@@ -37,36 +38,34 @@ nappup [directory] [options]
 
 Napp Up! supports multiple ways to provide your Nostr secret key:
 
-1. **CLI flag**: Pass your hex-encoded secret key directly via `-s`:
+1. **CLI flag**: Pass your secret key (hex or nsec) directly via `-s`:
    ```bash
-   nappup -s 0123456789abcdef...
+   nappup -s nsec1...
    ```
 
 2. **Environment variable**: Set `NOSTR_SECRET_KEY` in your environment or a `.env` file:
    ```bash
-   export NOSTR_SECRET_KEY=0123456789abcdef...
+   export NOSTR_SECRET_KEY=nsec1...
    nappup ./dist
    ```
 
-3. **Auto-generated key**: If no key is provided, Napp Up! will generate a new keypair automatically and store it in your project's `.env` file for future use.
-
-> **Note**: The secret key must be in **hex format**. If you have an `nsec`, convert it to hex first.
+3. **Auto-generated key**: If no key is provided, Napp Up! will generate a new keypair automatically and store it (as nsec) in your project's `.env` file for future use.
 
 ### Examples
 
 Upload the current directory to the main channel:
 ```bash
-nappup -s 0123456789abcdef...
+nappup -s nsec1...
 ```
 
 Or using an environment variable:
 ```bash
-NOSTR_SECRET_KEY=0123456789abcdef... nappup
+NOSTR_SECRET_KEY=nsec1... nappup
 ```
 
 Upload a specific `dist` folder with a custom identifier to the `next` channel:
 ```bash
-nappup ./dist -s 0123456789abcdef... -d myapp --next
+nappup ./dist -s nsec1... -d myapp --next
 ```
 
 Force re-upload a draft:

package/bin/nappup/helpers.js

@@ -11,6 +11,7 @@ export function parseArgs (args) {
   let dTag = null
   let channel = null
   let shouldReupload = false
+  let yes = false
 
   for (let i = 0; i < args.length; i++) {
     if (args[i] === '-s' && args[i + 1]) {
@@ -27,6 +28,8 @@ export function parseArgs (args) {
       channel = 'draft'
     } else if (args[i] === '-r') {
       shouldReupload = true
+    } else if (args[i] === '-y') {
+      yes = true
     } else if (!args[i].startsWith('-') && dir === null) {
       dir = args[i]
     }
@@ -37,11 +40,13 @@ export function parseArgs (args) {
     sk,
     dTag,
     channel: channel || 'main',
-    shouldReupload
+    shouldReupload,
+    yes
   }
 }
 
 export async function confirmArgs (args) {
+  if (args.yes) return
   const rl = readline.createInterface({
     input: process.stdin,
     output: process.stdout

package/package.json

@@ -6,7 +6,7 @@
     "url": "git+https://github.com/44billion/nappup.git"
   },
   "license": "GPL-3.0-or-later",
-  "version": "1.0.14",
+  "version": "1.2.0",
   "description": "Nostr App Uploader",
   "type": "module",
   "scripts": {

package/src/helpers/bech32.js

@@ -0,0 +1,130 @@
+const ALPHABET = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l'
+
+const ALPHABET_MAP = {}
+for (let z = 0; z < ALPHABET.length; z++) {
+  const x = ALPHABET.charAt(z)
+  ALPHABET_MAP[x] = z
+}
+
+function polymod (values) {
+  let chk = 1
+  for (let p = 0; p < values.length; ++p) {
+    const top = chk >> 25
+    chk = (chk & 0x1ffffff) << 5 ^ values[p]
+    for (let i = 0; i < 5; ++i) {
+      if ((top >> i) & 1) {
+        chk ^= 0x3b6a57b2 >> i
+      }
+    }
+  }
+  return chk
+}
+
+function hrpExpand (hrp) {
+  const ret = []
+  for (let p = 0; p < hrp.length; ++p) {
+    ret.push(hrp.charCodeAt(p) >> 5)
+  }
+  ret.push(0)
+  for (let p = 0; p < hrp.length; ++p) {
+    ret.push(hrp.charCodeAt(p) & 31)
+  }
+  return ret
+}
+
+function verifyChecksum (hrp, data) {
+  return polymod(hrpExpand(hrp).concat(data)) === 1
+}
+
+function createChecksum (hrp, data) {
+  const values = hrpExpand(hrp).concat(data).concat([0, 0, 0, 0, 0, 0])
+  const mod = polymod(values) ^ 1
+  const ret = []
+  for (let p = 0; p < 6; ++p) {
+    ret.push((mod >> 5 * (5 - p)) & 31)
+  }
+  return ret
+}
+
+export function encode (hrp, data) {
+  const combined = data.concat(createChecksum(hrp, data))
+  let ret = hrp + '1'
+  for (let p = 0; p < combined.length; ++p) {
+    ret += ALPHABET.charAt(combined[p])
+  }
+  return ret
+}
+
+export function decode (bechString, limit = 90) {
+  let p
+  let hasLower = false
+  let hasUpper = false
+  for (p = 0; p < bechString.length; ++p) {
+    if (bechString.charCodeAt(p) < 33 || bechString.charCodeAt(p) > 126) {
+      return null
+    }
+    if (bechString.charCodeAt(p) >= 97 && bechString.charCodeAt(p) <= 122) {
+      hasLower = true
+    }
+    if (bechString.charCodeAt(p) >= 65 && bechString.charCodeAt(p) <= 90) {
+      hasUpper = true
+    }
+  }
+  if (hasLower && hasUpper) {
+    return null
+  }
+  bechString = bechString.toLowerCase()
+  const pos = bechString.lastIndexOf('1')
+  if (pos < 1 || pos + 7 > bechString.length || bechString.length > limit) {
+    return null
+  }
+  const hrp = bechString.substring(0, pos)
+  const data = []
+  for (p = pos + 1; p < bechString.length; ++p) {
+    const d = ALPHABET_MAP[bechString.charAt(p)]
+    if (d === undefined) {
+      return null
+    }
+    data.push(d)
+  }
+  if (!verifyChecksum(hrp, data)) {
+    return null
+  }
+  return { hrp, data: data.slice(0, data.length - 6) }
+}
+
+export function toWords (data) {
+  let value = 0
+  let bits = 0
+  const maxV = 31
+  const result = []
+  for (let i = 0; i < data.length; ++i) {
+    value = (value << 8) | data[i]
+    bits += 8
+    while (bits >= 5) {
+      bits -= 5
+      result.push((value >> bits) & maxV)
+    }
+  }
+  if (bits > 0) {
+    result.push((value << (5 - bits)) & maxV)
+  }
+  return result
+}
+
+export function fromWords (data) {
+  let value = 0
+  let bits = 0
+  const maxV = 255
+  const result = []
+  for (let i = 0; i < data.length; ++i) {
+    const element = data[i]
+    value = (value << 5) | element
+    bits += 5
+    while (bits >= 8) {
+      bits -= 8
+      result.push((value >> bits) & maxV)
+    }
+  }
+  return result
+}

package/src/helpers/nip19.js

@@ -1,5 +1,6 @@
 import { bytesToBase16, base16ToBytes } from '#helpers/base16.js'
 import { bytesToBase62, base62ToBytes, BASE62_ALPHABET } from '#helpers/base62.js'
+import { encode as bech32Encode, decode as bech32Decode, toWords, fromWords } from '#helpers/bech32.js'
 import { isNostrAppDTagSafe } from '#helpers/app.js'
 
 const MAX_SIZE = 5000
@@ -58,6 +59,22 @@ export function appDecode (entity) {
   }
 }
 
+export function nsecEncode (hex) {
+  const bytes = base16ToBytes(hex)
+  const words = toWords(bytes)
+  return bech32Encode('nsec', words)
+}
+
+export function nsecDecode (nsec) {
+  const decoded = bech32Decode(nsec, MAX_SIZE)
+  if (!decoded) throw new Error('Invalid nsec')
+  const { hrp, data } = decoded
+  if (hrp !== 'nsec') throw new Error('Invalid nsec')
+  const bytes = fromWords(data)
+  if (bytes.length !== 32) throw new Error('Invalid nsec length')
+  return bytesToBase16(new Uint8Array(bytes))
+}
+
 function toTlv (tlvConfig) {
   const arrays = []
   tlvConfig

package/src/services/nostr-relays.js

@@ -16,19 +16,19 @@ export const freeRelays = [
   'wss://relay.nostr.band'
 ]
 
-// Interacts with Nostr relays.
+// Interacts with Nostr relays
 export class NostrRelays {
   #relays = new Map()
   #relayTimeouts = new Map()
   #timeout = 30000 // 30 seconds
 
-  // Get a relay connection, creating one if it doesn't exist.
+  // Get a relay connection, creating one if it doesn't exist
   async #getRelay (url) {
     if (this.#relays.has(url)) {
       clearTimeout(this.#relayTimeouts.get(url))
       this.#relayTimeouts.set(url, maybeUnref(setTimeout(() => this.disconnect(url), this.#timeout)))
       const relay = this.#relays.get(url)
-      // reconnect if needed to avoid SendingOnClosedConnection errors
+      // Reconnect if needed to avoid SendingOnClosedConnection errors
       await relay.connect()
       return relay
     }
@@ -43,7 +43,7 @@ export class NostrRelays {
     return relay
   }
 
-  // Disconnect from a relay.
+  // Disconnect from a relay
   async disconnect (url) {
     if (this.#relays.has(url)) {
       const relay = this.#relays.get(url)
@@ -54,7 +54,7 @@ export class NostrRelays {
     }
   }
 
-  // Disconnect from all relays.
+  // Disconnect from all relays
   async disconnectAll () {
     for (const url of this.#relays.keys()) {
       await this.disconnect(url)
@@ -82,7 +82,7 @@ export class NostrRelays {
           onclose: err => {
             clearTimeout(timer)
             if (isClosed) return
-            // may have closed normally, without error
+            // May have closed normally, without error
             err ? p.reject(err) : p.resolve()
           },
           oneose: () => {
@@ -110,7 +110,7 @@ export class NostrRelays {
     }
   }
 
-  // Send an event to a list of relays.
+  // Send an event to a list of relays
   async sendEvent (event, relays, timeout = 3000) {
     const promises = relays.map(async (url) => {
       let timer
@@ -146,6 +146,7 @@ export class NostrRelays {
     }
   }
 }
-// Share same connection.
-// Connections aren't authenticated, thus no need to split by authed user.
+
+// Share same connection
+// Connections aren't authenticated, thus no need to split by authed user
 export default new NostrRelays()

package/src/services/nostr-signer.js

@@ -7,6 +7,7 @@ import { getConversationKey, encrypt, decrypt } from 'nostr-tools/nip44'
 import nostrRelays, { seedRelays, freeRelays } from '#services/nostr-relays.js'
 import { bytesToBase16, base16ToBytes } from '#helpers/base16.js'
 import { finalizeEvent } from '#helpers/nip01.js'
+import { nsecDecode, nsecEncode } from '#helpers/nip19.js'
 const __dirname = fileURLToPath(new URL('.', import.meta.url))
 
 const dotenvPath = process.env.DOTENV_CONFIG_PATH ?? `${__dirname}/../../.env`
@@ -34,21 +35,26 @@ export default class NostrSigner {
     this.#secretKey = skBytes
   }
 
-  static async create (skHex) {
-    if (skHex) return new this(createToken, base16ToBytes(skHex))
+  static async create (sk) {
+    if (sk) {
+      if (sk.startsWith('nsec')) sk = nsecDecode(sk)
+      return new this(createToken, base16ToBytes(sk))
+    }
 
     let skBytes
     let isNewSk = false
     if (process.env.NOSTR_SECRET_KEY) {
-      skBytes = base16ToBytes(process.env.NOSTR_SECRET_KEY)
+      let envSk = process.env.NOSTR_SECRET_KEY
+      if (envSk.startsWith('nsec')) envSk = nsecDecode(envSk)
+      skBytes = base16ToBytes(envSk)
     } else {
       isNewSk = true
-      skHex = generateSecretKey()
-      fs.appendFileSync(path.resolve(dotenvPath), `NOSTR_SECRET_KEY=${skHex}\n`)
-      skBytes = base16ToBytes(skHex)
+      sk = generateSecretKey()
+      fs.appendFileSync(path.resolve(dotenvPath), `NOSTR_SECRET_KEY=${nsecEncode(sk)}\n`)
+      skBytes = base16ToBytes(sk)
     }
     const ret = new this(createToken, skBytes)
-    if (isNewSk) await ret.#initSk(skHex)
+    if (isNewSk) await ret.#initSk(sk)
     return ret
   }