nostr-double-ratchet 0.0.12 → 0.0.14

package/src/Invite.ts

@@ -1,9 +1,7 @@
 import { generateSecretKey, getPublicKey, nip44, finalizeEvent, VerifiedEvent, UnsignedEvent, verifyEvent, Filter } from "nostr-tools";
-import { INVITE_EVENT_KIND, NostrSubscribe, Unsubscribe } from "./types";
+import { INVITE_EVENT_KIND, NostrSubscribe, Unsubscribe, MESSAGE_EVENT_KIND, EncryptFunction, DecryptFunction } from "./types";
 import { getConversationKey } from "nostr-tools/nip44";
 import { Session } from "./Session.ts";
-import { MESSAGE_EVENT_KIND } from "./types";
-import { EncryptFunction, DecryptFunction } from "./types";
 import { hexToBytes, bytesToHex } from "@noble/hashes/utils";
 
 /**
@@ -18,10 +16,10 @@ import { hexToBytes, bytesToHex } from "@noble/hashes/utils";
  */
 export class Invite {
     constructor(
-        public inviterSessionPublicKey: string,
-        public linkSecret: string,
+        public inviterEphemeralPublicKey: string,
+        public sharedSecret: string,
         public inviter: string,
-        public inviterSessionPrivateKey?: Uint8Array,
+        public inviterEphemeralPrivateKey?: Uint8Array,
         public label?: string,
         public maxUses?: number,
         public usedBy: string[] = [],
@@ -31,14 +29,14 @@ export class Invite {
         if (!inviter) {
             throw new Error("Inviter public key is required");
         }
-        const inviterSessionPrivateKey = generateSecretKey();
-        const inviterSessionPublicKey = getPublicKey(inviterSessionPrivateKey);
-        const linkSecret = bytesToHex(generateSecretKey());
+        const inviterEphemeralPrivateKey = generateSecretKey();
+        const inviterEphemeralPublicKey = getPublicKey(inviterEphemeralPrivateKey);
+        const sharedSecret = bytesToHex(generateSecretKey());
         return new Invite(
-            inviterSessionPublicKey,
-            linkSecret,
+            inviterEphemeralPublicKey,
+            sharedSecret,
             inviter,
-            inviterSessionPrivateKey,
+            inviterEphemeralPrivateKey,
             label,
             maxUses
         );
@@ -59,14 +57,14 @@ export class Invite {
             throw new Error("Invite data in URL hash is not valid JSON: " + err);
         }
 
-        const { inviter, sessionKey, linkSecret } = data;
-        if (!inviter || !sessionKey || !linkSecret) {
-            throw new Error("Missing required fields (inviter, sessionKey, linkSecret) in invite data.");
+        const { inviter, ephemeralKey, sharedSecret } = data;
+        if (!inviter || !ephemeralKey || !sharedSecret) {
+            throw new Error("Missing required fields (inviter, ephemeralKey, sharedSecret) in invite data.");
         }
 
         return new Invite(
-            sessionKey,
-            linkSecret,
+            ephemeralKey,
+            sharedSecret,
             inviter
         );
     }
@@ -74,10 +72,10 @@ export class Invite {
     static deserialize(json: string): Invite {
         const data = JSON.parse(json);
         return new Invite(
-            data.inviterSessionPublicKey,
-            data.linkSecret,
+            data.inviterEphemeralPublicKey,
+            data.sharedSecret,
             data.inviter,
-            data.inviterSessionPrivateKey ? new Uint8Array(data.inviterSessionPrivateKey) : undefined,
+            data.inviterEphemeralPrivateKey ? new Uint8Array(data.inviterEphemeralPrivateKey) : undefined,
             data.label,
             data.maxUses,
             data.usedBy
@@ -92,17 +90,17 @@ export class Invite {
             throw new Error("Event signature is invalid");
         }
         const { tags } = event;
-        const inviterSessionPublicKey = tags.find(([key]) => key === 'sessionKey')?.[1];
-        const linkSecret = tags.find(([key]) => key === 'linkSecret')?.[1];
+        const inviterEphemeralPublicKey = tags.find(([key]) => key === 'ephemeralKey')?.[1];
+        const sharedSecret = tags.find(([key]) => key === 'sharedSecret')?.[1];
         const inviter = event.pubkey;
 
-        if (!inviterSessionPublicKey || !linkSecret) {
-            throw new Error("Invalid invite event: missing session key or link secret");
+        if (!inviterEphemeralPublicKey || !sharedSecret) {
+            throw new Error("Invalid invite event: missing session key or sharedSecret");
         }
 
         return new Invite(
-            inviterSessionPublicKey,
-            linkSecret,
+            inviterEphemeralPublicKey,
+            sharedSecret,
             inviter
         );
     }
@@ -136,10 +134,10 @@ export class Invite {
      */
     serialize(): string {
         return JSON.stringify({
-            inviterSessionPublicKey: this.inviterSessionPublicKey,
-            linkSecret: this.linkSecret,
+            inviterEphemeralPublicKey: this.inviterEphemeralPublicKey,
+            sharedSecret: this.sharedSecret,
             inviter: this.inviter,
-            inviterSessionPrivateKey: this.inviterSessionPrivateKey ? Array.from(this.inviterSessionPrivateKey) : undefined,
+            inviterEphemeralPrivateKey: this.inviterEphemeralPrivateKey ? Array.from(this.inviterEphemeralPrivateKey) : undefined,
             label: this.label,
             maxUses: this.maxUses,
             usedBy: this.usedBy,
@@ -152,12 +150,11 @@ export class Invite {
     getUrl(root = "https://iris.to") {
         const data = {
             inviter: this.inviter,
-            sessionKey: this.inviterSessionPublicKey,
-            linkSecret: this.linkSecret
+            ephemeralKey: this.inviterEphemeralPublicKey,
+            sharedSecret: this.sharedSecret
         };
         const url = new URL(root);
         url.hash = encodeURIComponent(JSON.stringify(data));
-        console.log('url', url.toString())
         return url.toString();
     }
 
@@ -167,7 +164,7 @@ export class Invite {
             pubkey: this.inviter,
             content: "",
             created_at: Math.floor(Date.now() / 1000),
-            tags: [['sessionKey', this.inviterSessionPublicKey], ['linkSecret', this.linkSecret], ['d', 'nostr-double-ratchet/invite']],
+            tags: [['ephemeralKey', this.inviterEphemeralPublicKey], ['sharedSecret', this.sharedSecret], ['d', 'nostr-double-ratchet/invite']],
         };
     }
 
@@ -189,49 +186,53 @@ export class Invite {
     async accept(
         nostrSubscribe: NostrSubscribe,
         inviteePublicKey: string,
-        inviteeSecretKey: Uint8Array | EncryptFunction,
+        encryptor: Uint8Array | EncryptFunction,
     ): Promise<{ session: Session, event: VerifiedEvent }> {
         const inviteeSessionKey = generateSecretKey();
         const inviteeSessionPublicKey = getPublicKey(inviteeSessionKey);
-        const inviterPublicKey = this.inviter || this.inviterSessionPublicKey;
+        const inviterPublicKey = this.inviter || this.inviterEphemeralPublicKey;
 
-        const sharedSecret = hexToBytes(this.linkSecret);
-        const session = Session.init(nostrSubscribe, this.inviterSessionPublicKey, inviteeSessionKey, true, sharedSecret, undefined);
+        const sharedSecret = hexToBytes(this.sharedSecret);
+        const session = Session.init(nostrSubscribe, this.inviterEphemeralPublicKey, inviteeSessionKey, true, sharedSecret, undefined);
 
         // Create a random keypair for the envelope sender
         const randomSenderKey = generateSecretKey();
         const randomSenderPublicKey = getPublicKey(randomSenderKey);
 
-        const encrypt = typeof inviteeSecretKey === 'function' ?
-            inviteeSecretKey :
-            (plaintext: string, pubkey: string) => Promise.resolve(nip44.encrypt(plaintext, getConversationKey(inviteeSecretKey, pubkey)));
+        // should we take only Encrypt / Decrypt functions, not keys, to make it simpler and with less imports here?
+        // common implementation problem: plaintext, pubkey params in different order
+        const encrypt = typeof encryptor === 'function' ?
+            encryptor :
+            (plaintext: string, pubkey: string) => Promise.resolve(nip44.encrypt(plaintext, getConversationKey(encryptor, pubkey)));
+
+        const dhEncrypted = await encrypt(inviteeSessionPublicKey, inviterPublicKey);
 
         const innerEvent = {
             pubkey: inviteePublicKey,
-            tags: [['secret', this.linkSecret]],
-            content: await encrypt(inviteeSessionPublicKey, inviterPublicKey),
+            tags: [['sharedSecret', this.sharedSecret]],
+            content: await nip44.encrypt(dhEncrypted, sharedSecret),
             created_at: Math.floor(Date.now() / 1000),
         };
 
         const envelope = {
             kind: MESSAGE_EVENT_KIND,
             pubkey: randomSenderPublicKey,
-            content: nip44.encrypt(JSON.stringify(innerEvent), getConversationKey(randomSenderKey, this.inviterSessionPublicKey)),
+            content: nip44.encrypt(JSON.stringify(innerEvent), getConversationKey(randomSenderKey, this.inviterEphemeralPublicKey)),
             created_at: Math.floor(Date.now() / 1000),
-            tags: [['p', this.inviterSessionPublicKey]],
+            tags: [['p', this.inviterEphemeralPublicKey]],
         };
 
         return { session, event: finalizeEvent(envelope, randomSenderKey) };
     }
 
-    listen(inviterSecretKey: Uint8Array | DecryptFunction, nostrSubscribe: NostrSubscribe, onSession: (session: Session, identity?: string) => void): Unsubscribe {
-        if (!this.inviterSessionPrivateKey) {
+    listen(decryptor: Uint8Array | DecryptFunction, nostrSubscribe: NostrSubscribe, onSession: (session: Session, identity?: string) => void): Unsubscribe {
+        if (!this.inviterEphemeralPrivateKey) {
             throw new Error("Inviter session key is not available");
         }
         
         const filter = {
             kinds: [MESSAGE_EVENT_KIND],
-            '#p': [this.inviterSessionPublicKey],
+            '#p': [this.inviterEphemeralPublicKey],
         };
 
         return nostrSubscribe(filter, async (event) => {
@@ -241,26 +242,31 @@ export class Invite {
                     return;
                 }
 
-                const decrypted = await nip44.decrypt(event.content, getConversationKey(this.inviterSessionPrivateKey!, event.pubkey));
+                // Decrypt the outer envelope first
+                const decrypted = await nip44.decrypt(event.content, getConversationKey(this.inviterEphemeralPrivateKey!, event.pubkey));
                 const innerEvent = JSON.parse(decrypted);
 
-                if (!innerEvent.tags || !innerEvent.tags.some(([key, value]: [string, string]) => key === 'secret' && value === this.linkSecret)) {
+                if (!innerEvent.tags || !innerEvent.tags.some(([key, value]: [string, string]) => key === 'sharedSecret' && value === this.sharedSecret)) {
                     console.error("Invalid secret from event", event);
                     return;
                 }
 
-                const innerDecrypt = typeof inviterSecretKey === 'function' ?
-                    inviterSecretKey :
-                    (ciphertext: string, pubkey: string) => Promise.resolve(nip44.decrypt(ciphertext, getConversationKey(inviterSecretKey, pubkey)));
-    
+                const sharedSecret = hexToBytes(this.sharedSecret);
                 const inviteeIdentity = innerEvent.pubkey;
                 this.usedBy.push(inviteeIdentity);
 
-                const inviteeSessionPublicKey = await innerDecrypt(innerEvent.content, inviteeIdentity);
-                const sharedSecret = hexToBytes(this.linkSecret);
+                // Decrypt the inner content using shared secret first
+                const dhEncrypted = await nip44.decrypt(innerEvent.content, sharedSecret);
+
+                // Then decrypt using DH key
+                const innerDecrypt = typeof decryptor === 'function' ?
+                    decryptor :
+                    (ciphertext: string, pubkey: string) => Promise.resolve(nip44.decrypt(ciphertext, getConversationKey(decryptor, pubkey)));
+
+                const inviteeSessionPublicKey = await innerDecrypt(dhEncrypted, inviteeIdentity);
 
                 const name = event.id;
-                const session = Session.init(nostrSubscribe, inviteeSessionPublicKey, this.inviterSessionPrivateKey!, false, sharedSecret, name);
+                const session = Session.init(nostrSubscribe, inviteeSessionPublicKey, this.inviterEphemeralPrivateKey!, false, sharedSecret, name);
 
                 onSession(session, inviteeIdentity);
             } catch (error) {

package/src/Session.ts

@@ -33,16 +33,16 @@ export class Session {
   /**
    * Initializes a new secure communication session
    * @param nostrSubscribe Function to subscribe to Nostr events
-   * @param theirNostrPublicKey The public key of the other party
+   * @param theirNextNostrPublicKey The public key of the other party
    * @param ourCurrentPrivateKey Our current private key for Nostr
    * @param isInitiator Whether we are initiating the conversation (true) or responding (false)
    * @param sharedSecret Initial shared secret for securing the first message chain
    * @param name Optional name for the session (for debugging)
    * @returns A new Session instance
    */
-  static init(nostrSubscribe: NostrSubscribe, theirNostrPublicKey: string, ourCurrentPrivateKey: Uint8Array, isInitiator: boolean, sharedSecret: Uint8Array, name?: string): Session {
+  static init(nostrSubscribe: NostrSubscribe, theirNextNostrPublicKey: string, ourCurrentPrivateKey: Uint8Array, isInitiator: boolean, sharedSecret: Uint8Array, name?: string): Session {
     const ourNextPrivateKey = generateSecretKey();
-    const [rootKey, sendingChainKey] = kdf(sharedSecret, nip44.getConversationKey(ourNextPrivateKey, theirNostrPublicKey), 2);
+    const [rootKey, sendingChainKey] = kdf(sharedSecret, nip44.getConversationKey(ourNextPrivateKey, theirNextNostrPublicKey), 2);
     let ourCurrentNostrKey;
     let ourNextNostrKey;
     if (isInitiator) {
@@ -53,7 +53,7 @@ export class Session {
     }
     const state: SessionState = {
       rootKey: isInitiator ? rootKey : sharedSecret,
-      theirNostrPublicKey,
+      theirNextNostrPublicKey,
       ourCurrentNostrKey,
       ourNextNostrKey,
       receivingChainKey: undefined,
@@ -76,13 +76,13 @@ export class Session {
    * @throws Error if we are not the initiator and trying to send the first message
    */
   send(data: string): VerifiedEvent {
-    if (!this.state.theirNostrPublicKey || !this.state.ourCurrentNostrKey) {
+    if (!this.state.theirNextNostrPublicKey || !this.state.ourCurrentNostrKey) {
       throw new Error("we are not the initiator, so we can't send the first message");
     }
 
     const [header, encryptedData] = this.ratchetEncrypt(data);
     
-    const sharedSecret = nip44.getConversationKey(this.state.ourCurrentNostrKey.privateKey, this.state.theirNostrPublicKey);
+    const sharedSecret = nip44.getConversationKey(this.state.ourCurrentNostrKey.privateKey, this.state.theirNextNostrPublicKey);
     const encryptedHeader = nip44.encrypt(JSON.stringify(header), sharedSecret);
     
     const nostrEvent = finalizeEvent({
@@ -151,13 +151,13 @@ export class Session {
     }
   }
 
-  private ratchetStep(theirNostrPublicKey: string) {
+  private ratchetStep(theirNextNostrPublicKey: string) {
     this.state.previousSendingChainMessageCount = this.state.sendingChainMessageNumber;
     this.state.sendingChainMessageNumber = 0;
     this.state.receivingChainMessageNumber = 0;
-    this.state.theirNostrPublicKey = theirNostrPublicKey;
+    this.state.theirNextNostrPublicKey = theirNextNostrPublicKey;
 
-    const conversationKey1 = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, this.state.theirNostrPublicKey!);
+    const conversationKey1 = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, this.state.theirNextNostrPublicKey!);
     const [theirRootKey, receivingChainKey] = kdf(this.state.rootKey, conversationKey1, 2);
 
     this.state.receivingChainKey = receivingChainKey;
@@ -169,7 +169,7 @@ export class Session {
       privateKey: ourNextSecretKey
     };
 
-    const conversationKey2 = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, this.state.theirNostrPublicKey!);
+    const conversationKey2 = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, this.state.theirNextNostrPublicKey!);
     const [rootKey, sendingChainKey] = kdf(theirRootKey, conversationKey2, 2);
     this.state.rootKey = rootKey;
     this.state.sendingChainKey = sendingChainKey;
@@ -261,12 +261,13 @@ export class Session {
     const [header, shouldRatchet, isSkipped] = this.decryptHeader(e);
 
     if (!isSkipped) {
-      if (this.state.theirNostrPublicKey !== header.nextPublicKey) {
-        this.state.theirNostrPublicKey = header.nextPublicKey;
+      if (this.state.theirNextNostrPublicKey !== header.nextPublicKey) {
+        this.state.theirCurrentNostrPublicKey = this.state.theirNextNostrPublicKey;
+        this.state.theirNextNostrPublicKey = header.nextPublicKey;
         this.nostrUnsubscribe?.(); // should we keep this open for a while? maybe as long as we have skipped messages?
         this.nostrUnsubscribe = this.nostrNextUnsubscribe;
         this.nostrNextUnsubscribe = this.nostrSubscribe(
-          {authors: [this.state.theirNostrPublicKey], kinds: [MESSAGE_EVENT_KIND]},
+          {authors: [this.state.theirNextNostrPublicKey], kinds: [MESSAGE_EVENT_KIND]},
           (e) => this.handleNostrEvent(e)
         );
       }
@@ -290,18 +291,19 @@ export class Session {
   private subscribeToNostrEvents() {
     if (this.nostrNextUnsubscribe) return;
     this.nostrNextUnsubscribe = this.nostrSubscribe(
-      {authors: [this.state.theirNostrPublicKey], kinds: [MESSAGE_EVENT_KIND]},
+      {authors: [this.state.theirNextNostrPublicKey], kinds: [MESSAGE_EVENT_KIND]},
       (e) => this.handleNostrEvent(e)
     );
 
-    const skippedSenders = Object.keys(this.state.skippedHeaderKeys);
-    if (skippedSenders.length > 0) {
-      // do we want this unsubscribed on rotation or should we keep it open
-      // in case more skipped messages are found by relays or peers?
-      this.nostrUnsubscribe = this.nostrSubscribe(
-        {authors: skippedSenders, kinds: [MESSAGE_EVENT_KIND]},
-        (e) => this.handleNostrEvent(e)
-      );
+    const authors = Object.keys(this.state.skippedHeaderKeys);
+    if (this.state.theirCurrentNostrPublicKey && !authors.includes(this.state.theirCurrentNostrPublicKey)) {
+      authors.push(this.state.theirCurrentNostrPublicKey)
     }
+    // do we want this unsubscribed on rotation or should we keep it open
+    // in case more skipped messages are found by relays or peers?
+    this.nostrUnsubscribe = this.nostrSubscribe(
+      {authors, kinds: [MESSAGE_EVENT_KIND]},
+      (e) => this.handleNostrEvent(e)
+    );
   }
 }

package/src/UserRecord.ts

@@ -0,0 +1,182 @@
+import { Session } from './Session';
+import { NostrSubscribe } from './types';
+
+interface DeviceRecord {
+  publicKey: string;
+  activeSession?: Session;
+  inactiveSessions: Session[];
+  isStale: boolean;
+  staleTimestamp?: number;
+}
+
+/**
+ * WIP: Conversation management system similar to Signal's Sesame
+ * https://signal.org/docs/specifications/sesame/
+ */
+export class UserRecord {
+  private deviceRecords: Map<string, DeviceRecord> = new Map();
+  private isStale: boolean = false;
+  private staleTimestamp?: number;
+
+  constructor(
+    public userId: string,
+    private nostrSubscribe: NostrSubscribe,
+  ) {}
+
+  /**
+   * Adds or updates a device record for this user
+   */
+  public conditionalUpdate(deviceId: string, publicKey: string): void {
+    const existingRecord = this.deviceRecords.get(deviceId);
+    
+    // If device record doesn't exist or public key changed, create new empty record
+    if (!existingRecord || existingRecord.publicKey !== publicKey) {
+      this.deviceRecords.set(deviceId, {
+        publicKey,
+        inactiveSessions: [],
+        isStale: false
+      });
+    }
+  }
+
+  /**
+   * Inserts a new session for a device, making it the active session
+   */
+  public insertSession(deviceId: string, session: Session): void {
+    const record = this.deviceRecords.get(deviceId);
+    if (!record) {
+      throw new Error(`No device record found for ${deviceId}`);
+    }
+
+    // Move current active session to inactive list if it exists
+    if (record.activeSession) {
+      record.inactiveSessions.unshift(record.activeSession);
+    }
+
+    // Set new session as active
+    record.activeSession = session;
+  }
+
+  /**
+   * Activates an inactive session for a device
+   */
+  public activateSession(deviceId: string, session: Session): void {
+    const record = this.deviceRecords.get(deviceId);
+    if (!record) {
+      throw new Error(`No device record found for ${deviceId}`);
+    }
+
+    const sessionIndex = record.inactiveSessions.indexOf(session);
+    if (sessionIndex === -1) {
+      throw new Error('Session not found in inactive sessions');
+    }
+
+    // Remove session from inactive list
+    record.inactiveSessions.splice(sessionIndex, 1);
+
+    // Move current active session to inactive list if it exists
+    if (record.activeSession) {
+      record.inactiveSessions.unshift(record.activeSession);
+    }
+
+    // Set selected session as active
+    record.activeSession = session;
+  }
+
+  /**
+   * Marks a device record as stale
+   */
+  public markDeviceStale(deviceId: string): void {
+    const record = this.deviceRecords.get(deviceId);
+    if (record) {
+      record.isStale = true;
+      record.staleTimestamp = Date.now();
+    }
+  }
+
+  /**
+   * Marks the entire user record as stale
+   */
+  public markUserStale(): void {
+    this.isStale = true;
+    this.staleTimestamp = Date.now();
+  }
+
+  /**
+   * Gets all non-stale device records with active sessions
+   */
+  public getActiveDevices(): Array<[string, Session]> {
+    if (this.isStale) return [];
+
+    return Array.from(this.deviceRecords.entries())
+      .filter(([_, record]) => !record.isStale && record.activeSession)
+      .map(([deviceId, record]) => [deviceId, record.activeSession!]);
+  }
+
+  /**
+   * Creates a new session for a device
+   */
+  public createSession(
+    deviceId: string, 
+    sharedSecret: Uint8Array,
+    ourCurrentPrivateKey: Uint8Array,
+    isInitiator: boolean,
+    name?: string
+  ): Session {
+    const record = this.deviceRecords.get(deviceId);
+    if (!record) {
+      throw new Error(`No device record found for ${deviceId}`);
+    }
+
+    const session = Session.init(
+      this.nostrSubscribe,
+      record.publicKey,
+      ourCurrentPrivateKey,
+      isInitiator,
+      sharedSecret,
+      name
+    );
+
+    this.insertSession(deviceId, session);
+    return session;
+  }
+
+  /**
+   * Deletes stale records that are older than maxLatency
+   */
+  public pruneStaleRecords(maxLatency: number): void {
+    const now = Date.now();
+
+    // Delete stale device records
+    for (const [deviceId, record] of this.deviceRecords.entries()) {
+      if (record.isStale && record.staleTimestamp && 
+          (now - record.staleTimestamp) > maxLatency) {
+        // Close all sessions
+        record.activeSession?.close();
+        record.inactiveSessions.forEach(session => session.close());
+        this.deviceRecords.delete(deviceId);
+      }
+    }
+
+    // Delete entire user record if stale
+    if (this.isStale && this.staleTimestamp && 
+        (now - this.staleTimestamp) > maxLatency) {
+      this.deviceRecords.forEach(record => {
+        record.activeSession?.close();
+        record.inactiveSessions.forEach(session => session.close());
+      });
+      this.deviceRecords.clear();
+    }
+  }
+
+  /**
+   * Cleanup when destroying the user record
+   */
+  public close(): void {
+    this.deviceRecords.forEach(record => {
+      record.activeSession?.close();
+      record.inactiveSessions.forEach(session => session.close());
+    });
+    this.deviceRecords.clear();
+  }
+}

package/src/types.ts

@@ -33,7 +33,10 @@ export interface SessionState {
   rootKey: Uint8Array;
   
   /** The other party's current Nostr public key */
-  theirNostrPublicKey: string;
+  theirCurrentNostrPublicKey?: string;
+
+  /** The other party's next Nostr public key */
+  theirNextNostrPublicKey: string;
 
   /** Our current Nostr keypair used for this session */
   ourCurrentNostrKey?: KeyPair;

package/src/utils.ts

@@ -7,7 +7,8 @@ import { sha256 } from '@noble/hashes/sha256';
 export function serializeSessionState(state: SessionState): string {
   return JSON.stringify({
     rootKey: bytesToHex(state.rootKey),
-    theirNostrPublicKey: state.theirNostrPublicKey,
+    theirCurrentNostrPublicKey: state.theirCurrentNostrPublicKey,
+    theirNextNostrPublicKey: state.theirNextNostrPublicKey,
     ourCurrentNostrKey: state.ourCurrentNostrKey ? {
       publicKey: state.ourCurrentNostrKey.publicKey,
       privateKey: bytesToHex(state.ourCurrentNostrKey.privateKey),
@@ -40,7 +41,8 @@ export function deserializeSessionState(data: string): SessionState {
   const state = JSON.parse(data);
   return {
     rootKey: hexToBytes(state.rootKey),
-    theirNostrPublicKey: state.theirNostrPublicKey,
+    theirCurrentNostrPublicKey: state.theirCurrentNostrPublicKey,
+    theirNextNostrPublicKey: state.theirNextNostrPublicKey,
     ourCurrentNostrKey: state.ourCurrentNostrKey ? {
       publicKey: state.ourCurrentNostrKey.publicKey,
       privateKey: hexToBytes(state.ourCurrentNostrKey.privateKey),