nostr-double-ratchet 0.0.26 → 0.0.28

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nostr-double-ratchet",
-  "version": "0.0.26",
+  "version": "0.0.28",
   "type": "module",
   "packageManager": "yarn@1.22.22",
   "description": "Nostr double ratchet library",
@@ -14,7 +14,8 @@
     "build": "vite build && tsc",
     "examples": "cd examples && vite build && tsc",
     "examples-dev": "cd examples && vite && tsc",
-    "docs": "typedoc --out docs src/index.ts"
+    "docs": "typedoc --out docs src/index.ts",
+    "lint": "eslint src --ext .ts --fix"
   },
   "repository": {
     "type": "git",
@@ -32,25 +33,26 @@
     "dist"
   ],
   "devDependencies": {
-    "@nostr-dev-kit/ndk": "2.11.2",
-    "@types/lodash": "^4.17.15",
-    "@types/node": "^22.13.4",
-    "@typescript-eslint/eslint-plugin": "^8.24.1",
-    "@typescript-eslint/parser": "^8.24.1",
-    "eslint": "^9.20.1",
-    "eslint-config-prettier": "^10.0.1",
-    "eslint-plugin-prettier": "^5.2.3",
+    "@nostr-dev-kit/ndk": "2.14.23",
+    "@types/lodash": "^4.17.17",
+    "@types/node": "^22.15.21",
+    "@typescript-eslint/eslint-plugin": "^8.33.1",
+    "@typescript-eslint/parser": "^8.33.1",
+    "eslint": "^9.28.0",
+    "eslint-config-prettier": "^10.1.5",
+    "eslint-plugin-prettier": "^5.4.0",
     "eslint-plugin-simple-import-sort": "^12.1.1",
     "lodash": "^4.17.21",
-    "tsx": "^4.19.2",
-    "typedoc": "^0.27.7",
-    "typescript": "^5.7.3",
+    "tsx": "^4.19.4",
+    "typedoc": "^0.28.4",
+    "typescript": "^5.8.3",
     "typescript-lru-cache": "^2.0.0",
-    "vite": "^6.1.0",
-    "vitest": "^3.0.6",
-    "ws": "^8.18.0"
+    "vite": "^6.3.5",
+    "vitest": "^3.1.4",
+    "ws": "^8.18.2"
   },
   "dependencies": {
-    "nostr-tools": "^2.10.4"
+    "nostr-tools": "^2.13.0",
+    "react-blurhash": "^0.3.0"
   }
 }

package/src/Invite.ts

@@ -28,7 +28,8 @@ export class Invite {
         public label?: string,
         public maxUses?: number,
         public usedBy: string[] = [],
-    ) {}
+    ) {
+    }
 
     static createNew(inviter: string, label?: string, maxUses?: number): Invite {
         if (!inviter) {
@@ -55,7 +56,7 @@ export class Invite {
         }
 
         const decodedHash = decodeURIComponent(rawHash);
-        let data: any;
+        let data: { inviter?: string; ephemeralKey?: string; sharedSecret?: string };
         try {
             data = JSON.parse(decodedHash);
         } catch (err) {
@@ -115,12 +116,11 @@ export class Invite {
         );
     }
 
-    static fromUser(user: string, subscribe: NostrSubscribe, onInvite: (invite: Invite) => void): Unsubscribe {
+    static fromUser(user: string, subscribe: NostrSubscribe, onInvite: (_invite: Invite) => void): Unsubscribe {
         const filter: Filter = {
             kinds: [INVITE_EVENT_KIND],
             authors: [user],
-            limit: 1,
-            "#d": ["double-ratchet/invites/public"],
+            "#l": ["double-ratchet/invites"]
         };
         let latest = 0;
         const unsub = subscribe(filter, (event) => {
@@ -131,8 +131,7 @@ export class Invite {
             try {
                 const inviteLink = Invite.fromEvent(event);
                 onInvite(inviteLink);
-            } catch (error) {
-                console.error("Error processing invite:", error, "event:", event);
+            } catch {
             }
         });
 
@@ -168,7 +167,10 @@ export class Invite {
         return url.toString();
     }
 
-    getEvent(): UnsignedEvent {
+    getEvent(deviceName: string): UnsignedEvent {
+        if (!deviceName) {
+            throw new Error("Device name is required");
+        }
         return {
             kind: INVITE_EVENT_KIND,
             pubkey: this.inviter,
@@ -177,7 +179,7 @@ export class Invite {
             tags: [
                 ['ephemeralKey', this.inviterEphemeralPublicKey],
                 ['sharedSecret', this.sharedSecret],
-                ['d', 'double-ratchet/invites/public'],
+                ['d', 'double-ratchet/invites/' + deviceName],
                 ['l', 'double-ratchet/invites']
             ],
         };
@@ -240,7 +242,7 @@ export class Invite {
         return { session, event: finalizeEvent(envelope, randomSenderKey) };
     }
 
-    listen(decryptor: Uint8Array | DecryptFunction, nostrSubscribe: NostrSubscribe, onSession: (session: Session, identity?: string) => void): Unsubscribe {
+    listen(decryptor: Uint8Array | DecryptFunction, nostrSubscribe: NostrSubscribe, onSession: (_session: Session, _identity?: string) => void): Unsubscribe {
         if (!this.inviterEphemeralPrivateKey) {
             throw new Error("Inviter session key is not available");
         }
@@ -253,7 +255,6 @@ export class Invite {
         return nostrSubscribe(filter, async (event) => {
             try {
                 if (this.maxUses && this.usedBy.length >= this.maxUses) {
-                    console.error("Invite has reached maximum number of uses");
                     return;
                 }
 
@@ -279,9 +280,8 @@ export class Invite {
                 const session = Session.init(nostrSubscribe, inviteeSessionPublicKey, this.inviterEphemeralPrivateKey!, false, sharedSecret, name);
 
                 onSession(session, inviteeIdentity);
-            } catch (error) {
-                console.error("Error processing invite message:", error, "event", event);
+            } catch {
             }
         });
     }
-}
+}

package/src/Session.ts

@@ -1,5 +1,5 @@
 import { generateSecretKey, getPublicKey, nip44, finalizeEvent, VerifiedEvent, UnsignedEvent, getEventHash, validateEvent } from "nostr-tools";
-import { bytesToHex } from "@noble/hashes/utils";
+
 import {
   SessionState,
   Header,
@@ -38,7 +38,7 @@ export class Session {
 
   /**
    * Initializes a new secure communication session
-   * @param nostrSubscribe Function to subscribe to Nostr events
+   * @param nostrSubscribe Function to subscribe to Nostr events. Make sure it deduplicates events (doesnt return the same event twice), otherwise you'll see decryption errors!
    * @param theirNextNostrPublicKey The public key of the other party
    * @param ourCurrentPrivateKey Our current private key for Nostr
    * @param isInitiator Whether we are initiating the conversation (true) or responding (false)
@@ -205,24 +205,13 @@ export class Session {
     this.state.receivingChainKey = newReceivingChainKey;
     this.state.receivingChainMessageNumber++;
 
-    try {
-      return nip44.decrypt(ciphertext, messageKey);
-    } catch (error) {
-      console.error(this.name, 'Decryption failed:', error, {
-        messageKey: bytesToHex(messageKey).slice(0, 4),
-        receivingChainKey: bytesToHex(this.state.receivingChainKey).slice(0, 4),
-        sendingChainKey: this.state.sendingChainKey && bytesToHex(this.state.sendingChainKey).slice(0, 4),
-        rootKey: bytesToHex(this.state.rootKey).slice(0, 4)
-      });
-      throw error;
-    }
+    return nip44.decrypt(ciphertext, messageKey);
   }
 
-  private ratchetStep(theirNextNostrPublicKey: string) {
+  private ratchetStep() {
     this.state.previousSendingChainMessageCount = this.state.sendingChainMessageNumber;
     this.state.sendingChainMessageNumber = 0;
     this.state.receivingChainMessageNumber = 0;
-    this.state.theirNextNostrPublicKey = theirNextNostrPublicKey;
 
     const conversationKey1 = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, this.state.theirNextNostrPublicKey!);
     const [theirRootKey, receivingChainKey] = kdf(this.state.rootKey, conversationKey1, 2);
@@ -259,10 +248,14 @@ export class Session {
       // Store header keys
       if (this.state.ourCurrentNostrKey) {
         const currentSecret = nip44.getConversationKey(this.state.ourCurrentNostrKey.privateKey, nostrSender);
-        this.state.skippedKeys[nostrSender].headerKeys.push(currentSecret);
+        if (!this.state.skippedKeys[nostrSender].headerKeys.includes(currentSecret)) {
+          this.state.skippedKeys[nostrSender].headerKeys.push(currentSecret);
+        }
       }
       const nextSecret = nip44.getConversationKey(this.state.ourNextNostrKey.privateKey, nostrSender);
-      this.state.skippedKeys[nostrSender].headerKeys.push(nextSecret);
+      if (!this.state.skippedKeys[nostrSender].headerKeys.includes(nextSecret)) {
+        this.state.skippedKeys[nostrSender].headerKeys.push(nextSecret);
+      }
     }
 
     while (this.state.receivingChainMessageNumber < until) {
@@ -291,14 +284,14 @@ export class Session {
   }
 
   // 4. NOSTR EVENT HANDLING
-  private decryptHeader(event: any): [Header, boolean, boolean] {
+  private decryptHeader(event: { tags: string[][]; pubkey: string }): [Header, boolean, boolean] {
     const encryptedHeader = event.tags[0][1];
     if (this.state.ourCurrentNostrKey) {
       const currentSecret = nip44.getConversationKey(this.state.ourCurrentNostrKey.privateKey, event.pubkey);
       try {
         const header = JSON.parse(nip44.decrypt(encryptedHeader, currentSecret)) as Header;
         return [header, false, false];
-      } catch (error) {
+      } catch {
         // Decryption with currentSecret failed, try with nextSecret
       }
     }
@@ -307,7 +300,7 @@ export class Session {
     try {
       const header = JSON.parse(nip44.decrypt(encryptedHeader, nextSecret)) as Header;
       return [header, true, false];
-    } catch (error) {
+    } catch {
       // Decryption with nextSecret also failed
     }
 
@@ -317,7 +310,7 @@ export class Session {
         try {
           const header = JSON.parse(nip44.decrypt(encryptedHeader, key)) as Header;
           return [header, false, true];
-        } catch (error) {
+        } catch {
           // Decryption failed, try next secret
         }
       }
@@ -326,7 +319,7 @@ export class Session {
     throw new Error("Failed to decrypt header with current and skipped header keys");
   }
 
-  private handleNostrEvent(e: any) {
+  private handleNostrEvent(e: { tags: string[][]; pubkey: string; content: string }) {
     const [header, shouldRatchet, isSkipped] = this.decryptHeader(e);
 
     if (!isSkipped) {
@@ -343,7 +336,7 @@ export class Session {
   
       if (shouldRatchet) {
         this.skipMessageKeys(header.previousChainLength, e.pubkey);
-        this.ratchetStep(header.nextPublicKey);
+        this.ratchetStep();
       }
     } else {
       if (!this.state.skippedKeys[e.pubkey]?.messageKeys[header.number]) {
@@ -355,16 +348,14 @@ export class Session {
     const text = this.ratchetDecrypt(header, e.content, e.pubkey);
     const innerEvent = JSON.parse(text);
     if (!validateEvent(innerEvent)) {
-      console.error("Invalid event received", innerEvent);
       return;
     }
 
     if (innerEvent.id !== getEventHash(innerEvent)) {
-      console.error("Event hash does not match", innerEvent);
       return;
     }
 
-    this.internalSubscriptions.forEach(callback => callback(innerEvent, e));  
+    this.internalSubscriptions.forEach(callback => callback(innerEvent, e as VerifiedEvent));  
   }
 
   private subscribeToNostrEvents() {

package/src/SessionManager.ts

@@ -0,0 +1,165 @@
+import { CHAT_MESSAGE_KIND, NostrPublish, NostrSubscribe, Rumor, Unsubscribe } from "./types"
+import { UserRecord } from "./UserRecord"
+import { Invite } from "./Invite"
+import { getPublicKey } from "nostr-tools"
+
+export default class SessionManager {
+    private userRecords: Map<string, UserRecord> = new Map()
+    private nostrSubscribe: NostrSubscribe
+    private nostrPublish: NostrPublish
+    private ourIdentityKey: Uint8Array
+    private inviteUnsubscribes: Map<string, Unsubscribe> = new Map()
+    private ownDeviceInvites: Map<string, Invite | null> = new Map()
+
+    constructor(ourIdentityKey: Uint8Array, nostrSubscribe: NostrSubscribe, nostrPublish: NostrPublish) {
+        this.userRecords = new Map()
+        this.nostrSubscribe = nostrSubscribe
+        this.nostrPublish = nostrPublish
+        this.ourIdentityKey = ourIdentityKey
+    }
+
+    async sendText(recipientIdentityKey: string, text: string) {
+        const event = {
+            kind: CHAT_MESSAGE_KIND,
+            content: text,
+        }
+        return await this.sendEvent(recipientIdentityKey, event)
+    }
+
+    async sendEvent(recipientIdentityKey: string, event: Partial<Rumor>) {
+        const results = []
+        
+        // Send to recipient's devices
+        const userRecord = this.userRecords.get(recipientIdentityKey)
+        if (!userRecord) {
+            // Listen for invites from recipient
+            this.listenToUser(recipientIdentityKey)
+            throw new Error("No active session with user. Listening for invites.")
+        }
+
+        // Send to all active sessions with recipient
+        for (const session of userRecord.getActiveSessions()) {
+            const { event: encryptedEvent } = session.sendEvent(event)
+            results.push(encryptedEvent)
+        }
+
+        // Send to our own devices (for multi-device sync)
+        const ourPublicKey = getPublicKey(this.ourIdentityKey)
+        const ownUserRecord = this.userRecords.get(ourPublicKey)
+        if (ownUserRecord) {
+            for (const session of ownUserRecord.getActiveSessions()) {
+                const { event: encryptedEvent } = session.sendEvent(event)
+                results.push(encryptedEvent)
+            }
+        }
+
+        return results
+    }
+
+    listenToUser(userPubkey: string) {
+        // Don't subscribe multiple times to the same user
+        if (this.inviteUnsubscribes.has(userPubkey)) return
+
+        const unsubscribe = Invite.fromUser(userPubkey, this.nostrSubscribe, async (_invite) => {
+            try {
+                const { session, event } = await _invite.accept(
+                    this.nostrSubscribe,
+                    getPublicKey(this.ourIdentityKey),
+                    this.ourIdentityKey
+                )
+                this.nostrPublish(event)
+
+                // Store the new session
+                let userRecord = this.userRecords.get(userPubkey)
+                if (!userRecord) {
+                    userRecord = new UserRecord(userPubkey, this.nostrSubscribe)
+                    this.userRecords.set(userPubkey, userRecord)
+                }
+                userRecord.insertSession(event.id || 'unknown', session)
+
+                // Set up event handling for the new session
+                session.onEvent((_event) => {
+                    this.internalSubscriptions.forEach(callback => callback(_event))
+                })
+
+                // Return the event to be published
+                return event
+            } catch {
+            }
+        })
+
+        this.inviteUnsubscribes.set(userPubkey, unsubscribe)
+    }
+
+    stopListeningToUser(userPubkey: string) {
+        const unsubscribe = this.inviteUnsubscribes.get(userPubkey)
+        if (unsubscribe) {
+            unsubscribe()
+            this.inviteUnsubscribes.delete(userPubkey)
+        }
+    }
+
+    // Update onEvent to include internalSubscriptions management
+    private internalSubscriptions: Set<(_event: Rumor) => void> = new Set()
+
+    onEvent(callback: (_event: Rumor) => void) {
+        this.internalSubscriptions.add(callback)
+
+        // Subscribe to existing sessions
+        for (const userRecord of this.userRecords.values()) {
+            for (const session of userRecord.getActiveSessions()) {
+                session.onEvent((_event: Rumor) => {
+                    callback(_event)
+                })
+            }
+        }
+
+        // Return unsubscribe function
+        return () => {
+            this.internalSubscriptions.delete(callback)
+        }
+    }
+
+    close() {
+        // Clean up all subscriptions
+        for (const unsubscribe of this.inviteUnsubscribes.values()) {
+            unsubscribe()
+        }
+        this.inviteUnsubscribes.clear()
+        
+        // Close all sessions
+        for (const userRecord of this.userRecords.values()) {
+            for (const session of userRecord.getActiveSessions()) {
+                session.close()
+            }
+        }
+        this.userRecords.clear()
+        this.internalSubscriptions.clear()
+        this.ownDeviceInvites.clear()
+    }
+
+    createOwnDeviceInvite(deviceName: string, label?: string, maxUses?: number): Invite {
+        const ourPublicKey = getPublicKey(this.ourIdentityKey)
+        const invite = Invite.createNew(ourPublicKey, label, maxUses)
+        this.ownDeviceInvites.set(deviceName, invite)
+        return invite
+    }
+
+    removeOwnDevice(deviceName: string): void {
+        this.ownDeviceInvites.set(deviceName, null)
+    }
+
+    getOwnDeviceInvites(): Map<string, Invite | null> {
+        return new Map(this.ownDeviceInvites)
+    }
+
+    getActiveOwnDeviceInvites(): Map<string, Invite> {
+        const active = new Map<string, Invite>()
+        for (const [deviceName, invite] of this.ownDeviceInvites) {
+            if (invite !== null) {
+                active.set(deviceName, invite)
+            }
+        }
+        return active
+    }
+}

package/src/UserRecord.ts

@@ -17,11 +17,21 @@ export class UserRecord {
   private deviceRecords: Map<string, DeviceRecord> = new Map();
   private isStale: boolean = false;
   private staleTimestamp?: number;
+  /**
+   * Temporary store for sessions when the corresponding deviceId is unknown.
+   *
+   * SessionManager currently operates at a per-user granularity (it is not
+   * yet aware of individual devices). Until full Sesame device handling is
+   * implemented we keep sessions in this simple list so that
+   * SessionManager.getActiveSessions / getAllSessions work as expected.
+   */
+  private extraSessions: Session[] = [];
 
   constructor(
-    public userId: string,
-    private nostrSubscribe: NostrSubscribe,
-  ) {}
+    public _userId: string,
+    private _nostrSubscribe: NostrSubscribe,
+  ) {
+  }
 
   /**
    * Adds or updates a device record for this user
@@ -109,7 +119,7 @@ export class UserRecord {
     if (this.isStale) return [];
 
     return Array.from(this.deviceRecords.entries())
-      .filter(([_, record]) => !record.isStale && record.activeSession)
+      .filter(([, record]) => !record.isStale && record.activeSession)
       .map(([deviceId, record]) => [deviceId, record.activeSession!]);
   }
 
@@ -129,7 +139,7 @@ export class UserRecord {
     }
 
     const session = Session.init(
-      this.nostrSubscribe,
+      this._nostrSubscribe,
       record.publicKey,
       ourCurrentPrivateKey,
       isInitiator,
@@ -179,4 +189,52 @@ export class UserRecord {
     });
     this.deviceRecords.clear();
   }
-}
+
+  // ---------------------------------------------------------------------------
+  // Helper methods used by SessionManager (WIP):
+  // ---------------------------------------------------------------------------
+
+  /**
+   * Add a session without associating it with a specific device.
+   * This is mainly used by SessionManager which does not yet keep track of
+   * device identifiers. The session will be considered active.
+   */
+  public addSession(session: Session): void {
+    this.extraSessions.push(session);
+  }
+
+  /**
+   * Return all sessions that are currently considered *active*.
+   * For now this means any session in a non-stale device record as well as
+   * all sessions added through `addSession`.
+   */
+  public getActiveSessions(): Session[] {
+    const sessions: Session[] = [...this.extraSessions];
+
+    for (const record of this.deviceRecords.values()) {
+      if (!record.isStale && record.activeSession) {
+        sessions.push(record.activeSession);
+      }
+    }
+
+    return sessions;
+  }
+
+  /**
+   * Return *all* sessions — active or inactive — that we have stored for this
+   * user. This is required for `SessionManager.onEvent` so that it can attach
+   * listeners to existing sessions.
+   */
+  public getAllSessions(): Session[] {
+    const sessions: Session[] = [...this.extraSessions];
+
+    for (const record of this.deviceRecords.values()) {
+      if (record.activeSession) {
+        sessions.push(record.activeSession);
+      }
+      sessions.push(...record.inactiveSessions);
+    }
+
+    return sessions;
+  }
+}

package/src/types.ts

@@ -65,10 +65,10 @@ export type Unsubscribe = () => void;
 /** 
  * Function that subscribes to Nostr events matching a filter and calls onEvent for each event.
  */
-export type NostrSubscribe = (filter: Filter, onEvent: (e: VerifiedEvent) => void) => Unsubscribe;
-export type EncryptFunction = (plaintext: string, pubkey: string) => Promise<string>;
-export type DecryptFunction = (ciphertext: string, pubkey: string) => Promise<string>;
-export type NostrPublish = (event: UnsignedEvent) => Promise<VerifiedEvent>;
+export type NostrSubscribe = (_filter: Filter, _onEvent: (_e: VerifiedEvent) => void) => Unsubscribe;
+export type EncryptFunction = (_plaintext: string, _pubkey: string) => Promise<string>;
+export type DecryptFunction = (_ciphertext: string, _pubkey: string) => Promise<string>;
+export type NostrPublish = (_event: UnsignedEvent) => Promise<VerifiedEvent>;
 
 export type Rumor = UnsignedEvent & { id: string }
 
@@ -76,7 +76,7 @@ export type Rumor = UnsignedEvent & { id: string }
  * Callback function for handling decrypted messages
  * @param message - The decrypted message object
  */
-export type EventCallback = (event: Rumor, outerEvent: VerifiedEvent) => void;
+export type EventCallback = (_event: Rumor, _outerEvent: VerifiedEvent) => void;
 
 /**
  * Message event kind

package/src/utils.ts

@@ -51,10 +51,10 @@ export function deserializeSessionState(data: string): SessionState {
     
     // Migrate old skipped keys format to new structure
     if (state.skippedMessageKeys) {
-      Object.entries(state.skippedMessageKeys).forEach(([pubKey, messageKeys]: [string, any]) => {
+      Object.entries(state.skippedMessageKeys).forEach(([pubKey, messageKeys]: [string, unknown]) => {
         skippedKeys[pubKey] = {
           headerKeys: state.skippedHeaderKeys?.[pubKey] || [],
-          messageKeys: messageKeys
+          messageKeys: messageKeys as { [msgIndex: number]: Uint8Array }
         };
       });
     }
@@ -102,9 +102,9 @@ export function deserializeSessionState(data: string): SessionState {
       Object.entries(state.skippedKeys || {}).map(([pubKey, value]) => [
         pubKey,
         {
-          headerKeys: (value as any).headerKeys.map((hex: string) => hexToBytes(hex)),
+          headerKeys: (value as { headerKeys: string[] }).headerKeys.map((hex: string) => hexToBytes(hex)),
           messageKeys: Object.fromEntries(
-            Object.entries((value as any).messageKeys).map(([msgIndex, hex]) => [
+            Object.entries((value as { messageKeys: Record<string, string> }).messageKeys).map(([msgIndex, hex]) => [
               msgIndex,
               hexToBytes(hex as string)
             ])
@@ -117,14 +117,14 @@ export function deserializeSessionState(data: string): SessionState {
 
 export async function* createEventStream(session: Session): AsyncGenerator<Rumor, void, unknown> {
   const messageQueue: Rumor[] = [];
-  let resolveNext: ((value: Rumor) => void) | null = null;
+  let resolveNext: ((_value: Rumor) => void) | null = null;
 
-  const unsubscribe = session.onEvent((event) => {
+  const unsubscribe = session.onEvent((_event) => {
     if (resolveNext) {
-      resolveNext(event);
+      resolveNext(_event);
       resolveNext = null;
     } else {
-      messageQueue.push(event);
+      messageQueue.push(_event);
     }
   });
 
@@ -153,14 +153,14 @@ export function kdf(input1: Uint8Array, input2: Uint8Array = new Uint8Array(32),
   return outputs;
 }
 
-export function skippedMessageIndexKey(nostrSender: string, number: number): string {
-  return `${nostrSender}:${number}`;
+export function skippedMessageIndexKey(_nostrSender: string, _number: number): string {
+  return `${_nostrSender}:${_number}`;
 }
 
 export function getMillisecondTimestamp(event: Rumor) {
-  const msTag = event.tags?.find(tag => tag[0] === "ms");
+  const msTag = event.tags?.find((tag: string[]) => tag[0] === "ms");
   if (msTag) {
     return parseInt(msTag[1]);
   }
   return event.created_at * 1000;
-}
+}