nostr-double-ratchet 0.0.36 → 0.0.38

package/src/StorageAdapter.ts

@@ -1,8 +1,8 @@
 /*
- * Simple async key	value storage interface plus an in	memory implementation.
+ * Simple async key-value storage interface plus implementations.
  *
- * All methods are Promise	based to accommodate back	ends like
- * IndexedDB, SQLite, remote HTTP APIs, etc.  For environments where you only
+ * All methods are Promise-based to accommodate back-ends like
+ * IndexedDB, SQLite, remote HTTP APIs, etc. For environments where you only
  * need ephemeral data (tests, Node scripts) the InMemoryStorageAdapter can be
  * used directly.
  */
@@ -33,11 +33,69 @@ export class InMemoryStorageAdapter implements StorageAdapter {
     this.store.delete(key)
   }
 
-  async list(prefix = ''): Promise<string[]> {
+  async list(prefix = ""): Promise<string[]> {
     const keys: string[] = []
-    for (const k of this.store.keys()) {
+    const storeKeys = Array.from(this.store.keys())
+    for (const k of storeKeys) {
       if (k.startsWith(prefix)) keys.push(k)
     }
     return keys
   }
-} 
+}
+
+export class LocalStorageAdapter implements StorageAdapter {
+  private keyPrefix: string
+
+  constructor(keyPrefix = "session_") {
+    this.keyPrefix = keyPrefix
+  }
+
+  private getFullKey(key: string): string {
+    return `${this.keyPrefix}${key}`
+  }
+
+  async get<T = unknown>(key: string): Promise<T | undefined> {
+    try {
+      const item = localStorage.getItem(this.getFullKey(key))
+      return item ? JSON.parse(item) : undefined
+    } catch {
+      return undefined
+    }
+  }
+
+  async put<T = unknown>(key: string, value: T): Promise<void> {
+    try {
+      localStorage.setItem(this.getFullKey(key), JSON.stringify(value))
+    } catch (e) {
+      console.error(`Failed to put key ${key} to localStorage:`, e)
+      throw e
+    }
+  }
+
+  async del(key: string): Promise<void> {
+    try {
+      localStorage.removeItem(this.getFullKey(key))
+    } catch {
+      // Ignore deletion failures
+    }
+  }
+
+  async list(prefix = ""): Promise<string[]> {
+    const keys: string[] = []
+    const searchPrefix = this.getFullKey(prefix)
+
+    try {
+      for (let i = 0; i < localStorage.length; i++) {
+        const key = localStorage.key(i)
+        if (key && key.startsWith(searchPrefix)) {
+          // Remove our prefix to return the original key
+          keys.push(key.substring(this.keyPrefix.length))
+        }
+      }
+    } catch {
+      // Ignore list failures
+    }
+
+    return keys
+  }
+}

package/src/index.ts

@@ -1,5 +1,9 @@
 export * from "./Session"
 export * from "./Invite"
+export * from "./InviteList"
+export * from "./inviteUtils"
 export * from "./types"
 export * from "./utils"
-export * from "./SessionManager"
+export * from "./SessionManager"
+export * from "./DeviceManager"
+export * from "./StorageAdapter"

package/src/inviteUtils.ts

@@ -0,0 +1,270 @@
+import { generateSecretKey, getPublicKey, nip44 } from 'nostr-tools'
+import { getConversationKey } from 'nostr-tools/nip44'
+import { hexToBytes, bytesToHex } from '@noble/hashes/utils'
+import { Session } from './Session'
+import { NostrSubscribe, INVITE_RESPONSE_KIND, EncryptFunction, DecryptFunction, KeyPair } from './types'
+
+/**
+ * Device payload for QR code / text code sharing.
+ */
+export interface DevicePayload {
+  /** Ephemeral public key (64 hex chars) */
+  ephemeralPubkey: string
+  /** Shared secret (64 hex chars) */
+  sharedSecret: string
+  /** Device ID (16 hex chars) */
+  deviceId: string
+  /** Human-readable device label */
+  deviceLabel: string
+  /** Identity public key for this device (64 hex chars) */
+  identityPubkey: string
+}
+
+/**
+ * Generates a new ephemeral keypair for invites.
+ * @returns A keypair with publicKey (hex string) and privateKey (Uint8Array)
+ */
+export function generateEphemeralKeypair(): KeyPair {
+  const privateKey = generateSecretKey()
+  const publicKey = getPublicKey(privateKey)
+  return { publicKey, privateKey }
+}
+
+/**
+ * Generates a new shared secret for invite handshakes.
+ * @returns A 64-character hex string (32 bytes)
+ */
+export function generateSharedSecret(): string {
+  return bytesToHex(generateSecretKey())
+}
+
+/**
+ * Generates a unique device ID.
+ * @returns A random device ID string
+ */
+export function generateDeviceId(): string {
+  return bytesToHex(generateSecretKey()).slice(0, 16)
+}
+
+export interface EncryptInviteResponseParams {
+  /** The invitee's session public key */
+  inviteeSessionPublicKey: string
+  /** The invitee's identity public key */
+  inviteePublicKey: string
+  /** The invitee's identity private key (optional if encrypt function provided) */
+  inviteePrivateKey?: Uint8Array
+  /** The inviter's identity public key */
+  inviterPublicKey: string
+  /** The inviter's ephemeral public key */
+  inviterEphemeralPublicKey: string
+  /** The shared secret for the invite */
+  sharedSecret: string
+  /** Optional device ID for the invitee's device */
+  deviceId?: string
+  /** Optional custom encrypt function */
+  encrypt?: EncryptFunction
+}
+
+export interface EncryptedInviteResponse {
+  /** The inner event containing the encrypted payload */
+  innerEvent: {
+    pubkey: string
+    content: string
+    created_at: number
+  }
+  /** The outer envelope event */
+  envelope: {
+    kind: number
+    pubkey: string
+    content: string
+    created_at: number
+    tags: string[][]
+  }
+  /** The random sender's public key used for the envelope */
+  randomSenderPublicKey: string
+  /** The random sender's private key used for the envelope */
+  randomSenderPrivateKey: Uint8Array
+}
+
+const TWO_DAYS = 2 * 24 * 60 * 60
+const now = () => Math.round(Date.now() / 1000)
+const randomNow = () => Math.round(now() - Math.random() * TWO_DAYS)
+
+/**
+ * Encrypts an invite response with two-layer encryption.
+ *
+ * Layer 1 (inner): Payload encrypted with DH key, then encrypted with shared secret.
+ * Layer 2 (outer): Envelope encrypted with random key -> inviter ephemeral key.
+ */
+export async function encryptInviteResponse(params: EncryptInviteResponseParams): Promise<EncryptedInviteResponse> {
+  const {
+    inviteeSessionPublicKey,
+    inviteePublicKey,
+    inviteePrivateKey,
+    inviterPublicKey,
+    inviterEphemeralPublicKey,
+    sharedSecret,
+    deviceId,
+    encrypt,
+  } = params
+
+  const sharedSecretBytes = hexToBytes(sharedSecret)
+
+  // Create the encrypt function
+  const encryptFn = encrypt ?? (async (plaintext: string, pubkey: string) => {
+    if (!inviteePrivateKey) {
+      throw new Error('inviteePrivateKey is required when encrypt function is not provided')
+    }
+    return nip44.encrypt(plaintext, getConversationKey(inviteePrivateKey, pubkey))
+  })
+
+  // Create the payload
+  const payload = JSON.stringify({
+    sessionKey: inviteeSessionPublicKey,
+    deviceId: deviceId,
+  })
+
+  // Encrypt with DH key (invitee -> inviter)
+  const dhEncrypted = await encryptFn(payload, inviterPublicKey)
+
+  // Encrypt with shared secret
+  const innerEvent = {
+    pubkey: inviteePublicKey,
+    content: nip44.encrypt(dhEncrypted, sharedSecretBytes),
+    created_at: now(),
+  }
+
+  // Create a random keypair for the envelope sender
+  const randomSenderPrivateKey = generateSecretKey()
+  const randomSenderPublicKey = getPublicKey(randomSenderPrivateKey)
+
+  // Encrypt the inner event with the random key -> inviter ephemeral key
+  const innerJson = JSON.stringify(innerEvent)
+  const envelope = {
+    kind: INVITE_RESPONSE_KIND,
+    pubkey: randomSenderPublicKey,
+    content: nip44.encrypt(innerJson, getConversationKey(randomSenderPrivateKey, inviterEphemeralPublicKey)),
+    created_at: randomNow(),
+    tags: [['p', inviterEphemeralPublicKey]],
+  }
+
+  return {
+    innerEvent,
+    envelope,
+    randomSenderPublicKey,
+    randomSenderPrivateKey,
+  }
+}
+
+export interface DecryptInviteResponseParams {
+  /** The encrypted envelope content */
+  envelopeContent: string
+  /** The envelope sender's public key */
+  envelopeSenderPubkey: string
+  /** The inviter's ephemeral private key */
+  inviterEphemeralPrivateKey: Uint8Array
+  /** The inviter's identity private key (optional if decrypt function provided) */
+  inviterPrivateKey?: Uint8Array
+  /** The shared secret for the invite */
+  sharedSecret: string
+  /** Optional custom decrypt function */
+  decrypt?: DecryptFunction
+}
+
+export interface DecryptedInviteResponse {
+  /** The invitee's identity public key */
+  inviteeIdentity: string
+  /** The invitee's session public key */
+  inviteeSessionPublicKey: string
+  /** Optional device ID for the invitee's device */
+  deviceId?: string
+}
+
+/**
+ * Decrypts an invite response.
+ */
+export async function decryptInviteResponse(params: DecryptInviteResponseParams): Promise<DecryptedInviteResponse> {
+  const {
+    envelopeContent,
+    envelopeSenderPubkey,
+    inviterEphemeralPrivateKey,
+    inviterPrivateKey,
+    sharedSecret,
+    decrypt,
+  } = params
+
+  const sharedSecretBytes = hexToBytes(sharedSecret)
+
+  // Decrypt the outer envelope
+  const decrypted = nip44.decrypt(
+    envelopeContent,
+    getConversationKey(inviterEphemeralPrivateKey, envelopeSenderPubkey)
+  )
+  const innerEvent = JSON.parse(decrypted)
+
+  const inviteeIdentity = innerEvent.pubkey
+
+  // Decrypt the inner content using shared secret
+  const dhEncrypted = nip44.decrypt(innerEvent.content, sharedSecretBytes)
+
+  // Create the decrypt function
+  const decryptFn = decrypt ?? (async (ciphertext: string, pubkey: string) => {
+    if (!inviterPrivateKey) {
+      throw new Error('inviterPrivateKey is required when decrypt function is not provided')
+    }
+    return nip44.decrypt(ciphertext, getConversationKey(inviterPrivateKey, pubkey))
+  })
+
+  // Decrypt using DH key
+  const decryptedPayload = await decryptFn(dhEncrypted, inviteeIdentity)
+
+  let inviteeSessionPublicKey: string
+  let deviceId: string | undefined
+
+  try {
+    const parsed = JSON.parse(decryptedPayload)
+    inviteeSessionPublicKey = parsed.sessionKey
+    deviceId = parsed.deviceId
+  } catch {
+    // Backward compatibility: plain session key
+    inviteeSessionPublicKey = decryptedPayload
+  }
+
+  return {
+    inviteeIdentity,
+    inviteeSessionPublicKey,
+    deviceId,
+  }
+}
+
+export interface CreateSessionFromAcceptParams {
+  /** Nostr subscription function */
+  nostrSubscribe: NostrSubscribe
+  /** The other party's public key */
+  theirPublicKey: string
+  /** Our session private key */
+  ourSessionPrivateKey: Uint8Array
+  /** The shared secret (hex string) */
+  sharedSecret: string
+  /** Whether we are the sender (initiator) */
+  isSender: boolean
+  /** Optional session name */
+  name?: string
+}
+
+/**
+ * Creates a Session from invite acceptance parameters.
+ */
+export function createSessionFromAccept(params: CreateSessionFromAcceptParams): Session {
+  const {
+    nostrSubscribe,
+    theirPublicKey,
+    ourSessionPrivateKey,
+    sharedSecret,
+    isSender,
+    name,
+  } = params
+
+  const sharedSecretBytes = hexToBytes(sharedSecret)
+  return Session.init(nostrSubscribe, theirPublicKey, ourSessionPrivateKey, isSender, sharedSecretBytes, name)
+}

package/src/types.ts

@@ -68,11 +68,18 @@ export type Unsubscribe = () => void;
 export type NostrSubscribe = (_filter: Filter, _onEvent: (_e: VerifiedEvent) => void) => Unsubscribe;
 export type EncryptFunction = (_plaintext: string, _pubkey: string) => Promise<string>;
 export type DecryptFunction = (_ciphertext: string, _pubkey: string) => Promise<string>;
+
+/**
+ * Identity key for cryptographic operations.
+ * Either a raw private key (Uint8Array) or encrypt/decrypt functions for extension login (NIP-07).
+ */
+export type IdentityKey = Uint8Array | { encrypt: EncryptFunction; decrypt: DecryptFunction };
+
 export type NostrPublish = (_event: UnsignedEvent) => Promise<VerifiedEvent>;
 
 export type Rumor = UnsignedEvent & { id: string }
 
-/** 
+/**
  * Callback function for handling decrypted messages
  * @param _event - The decrypted message object (Rumor)
  * @param _outerEvent - The outer Nostr event (VerifiedEvent)
@@ -91,6 +98,11 @@ export const INVITE_EVENT_KIND = 30078;
 
 export const INVITE_RESPONSE_KIND = 1059;
 
+/**
+ * Invite list event kind (replaceable - one per user)
+ */
+export const INVITE_LIST_EVENT_KIND = 10078;
+
 export const CHAT_MESSAGE_KIND = 14;
 
 export const MAX_SKIP = 100;

package/src/utils.ts

@@ -136,12 +136,12 @@ export function deepCopyState(s: SessionState): SessionState {
     receivingChainMessageNumber: s.receivingChainMessageNumber,
     previousSendingChainMessageCount: s.previousSendingChainMessageCount,
     skippedKeys: Object.fromEntries(
-      Object.entries(s.skippedKeys).map(([author, entry]: any) => [
+      Object.entries(s.skippedKeys).map(([author, entry]) => [
         author,
         {
-          headerKeys: entry.headerKeys.map((hk: Uint8Array) => new Uint8Array(hk)),
+          headerKeys: entry.headerKeys.map((hk) => new Uint8Array(hk)),
           messageKeys: Object.fromEntries(
-            Object.entries(entry.messageKeys).map(([n, mk]: any) => [n, new Uint8Array(mk)])
+            Object.entries(entry.messageKeys).map(([n, mk]) => [n, new Uint8Array(mk)])
           ),
         },
       ])