npm - ns-auth-sdk - Versions diffs - 1.11.0 → 1.12.1 - Mend

ns-auth-sdk 1.11.0 → 1.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md CHANGED Viewed

@@ -1,4 +1,4 @@
-# NS Auth SDK
+# Stoic Identity
 _The simplest way of doing Auth with seamless and decentralized Key-Management for SSO, Authentication, Membership, and Profile-Management_
@@ -75,49 +75,32 @@ relayService.initialize(eventStore);
 // Create a passkey (triggers biometric)
 const credentialId = await authService.createPasskey('user@example.com');
-// Create Nostr key - password required only if PRF unavailable
-const prfSupported = await authService.checkPRFSupport();
-const keyInfo = prfSupported
-  ? await authService.createNostrKey(credentialId)
-  : await authService.createNostrKey(credentialId, userPassword);
+// Create Key
+const keyInfo = await authService.createKey(credentialId, undefined, {
+  username: 'user@example.com',
+  recoveryPassword: 'my-recovery-password', // optional
+});
 // Store keyInfo for later use
 authService.setCurrentKeyInfo(keyInfo);
 ```
-### 3. Sign Events
-```typescript
-const event = {
-  kind: 1,
-  content: 'Hello Nostr!',
-  tags: [],
-  created_at: Math.floor(Date.now() / 1000),
-};
-// Sign - no password needed if key was cached at creation
-const signed = await authService.signEvent(event);
-```
-### Password Fallback
+### Password Fallback (when PRF unavailable)
-When PRF is not supported by the browser or device, the SDK automatically uses password encryption. The password is required only at key creation time - subsequent signs use the cached key:
+When PRF is not supported, username is required and password is used to derive the key:
 ```typescript
-import { AuthService, checkPRFSupport } from 'ns-auth-sdk';
 // Check if password fallback is needed
-const prfSupported = await checkPRFSupport();
+const prfSupported = await authService.checkPRFSupport();
 if (!prfSupported) {
-  const password = await promptUserForPassword();
+  // Username is REQUIRED when PRF unavailable
+  const keyInfo = await authService.createKey(undefined, userPassword, {
+    username: 'user@example.com',
+  });
 }
-// Create key - password required only when PRF unavailable
-const keyInfo = await authService.createNostrKey(credentialId, password);
-// First sign: password used to decrypt and cache key
-// Subsequent signs: uses cached key (no password needed)
+// Sign events
 const signedEvent = await authService.signEvent(event);
 ```
@@ -134,20 +117,23 @@ const signedEvent = await authService.signEvent(event);
 - `hasKeyInfo(): boolean` - Check if key info exists
 - `clearStoredKeyInfo(): void` - Clear stored key info
 - `checkPRFSupport(): Promise<boolean>` - Check if PRF is supported
+- `deriveSaltFromUsername(username?: string): Promise<string>` - Derive salt from username (SHA-256)
 #### Recovery Methods
 - `addPasswordRecovery(password: string): Promise<KeyInfo>` - Add password recovery to an existing PRF key
 - `activateWithPassword(password: string, newCredentialId: Uint8Array): Promise<KeyInfo>` - Recover using password with a new passkey credential ID from a new device
 - `getRecoveryForKind0(): RecoveryData | null` - Get recovery data for publishing to kind-0
+- `parseRecoveryTag(tags: string[][]): KeyRecovery | null` - Parse recovery tag from event
+- `verifyRecoverySignature(kind0: Event): Promise<boolean>` - Verify recovery signature (async)
 #### KeyOptions
 ```typescript
 interface KeyOptions {
-  username?: string;
-  password?: string;
-  recoveryPassword?: string; // Password for recovery - enables recovery on new device
+  username?: string;           // Required when PRF unavailable
+  password?: string;           // Required when PRF unavailable
+  recoveryPassword?: string;   // Password for recovery (optional)
 }
 ```
@@ -158,6 +144,7 @@ interface RecoveryData {
   recoveryPubkey: string;
   recoverySalt: string;
   createdAt?: number;
+  signature?: string; // Schnorr signature from recovery key signing the current pubkey
 }
 ```
@@ -178,17 +165,7 @@ interface KeyRecovery {
   recoveryPubkey: string;
   recoverySalt: string;
   createdAt?: number;
-}
-interface KeyRecovery {
-  recoveryPubkey: string;
-  recoverySalt: string;
-  nextSalt?: string;
-  nextRecoverySalt?: string;
-  nextPubkey?: string;
-  nextCredentialId?: string;
-  rotatedAt?: number;
-  rotatedBy?: 'passkey' | 'password';
-  activatedAt?: number;
+  signature?: string; // Schnorr signature from recovery key signing the current pubkey
 }
 // Sign options
@@ -211,7 +188,7 @@ const keyInfo = await authService.createKey(credentialId, undefined, {
 });
 // The recovery data is stored in kind-0 tags:
-// ["r", recoveryPubkey, recoverySalt, createdAt]
+// ["r", recoveryPubkey, recoverySalt, createdAt, signature]
 ```
 **Recovery on a new device:**
@@ -224,6 +201,23 @@ const newCredentialId = await authService.createPasskey('user@example.com');
 const keyInfo = await authService.activateWithPassword('my-recovery-password', newCredentialId);
 ```
+**Verification:**
+Anyone can verify ownership by fetching the kind-0 and checking the signature:
+```typescript
+import { parseRecoveryTag, verifyRecoverySignature } from 'ns-auth-sdk';
+// Fetch kind-0 from relay
+const kind0 = await relayService.fetchProfile(pubkey);
+// Verify recovery signature (async)
+const isValid = await verifyRecoverySignature(kind0);
+if (isValid) {
+  console.log('Recovery key holder controls this identity');
+}
+```
 #### Configuration Options
 ```typescript

package/dist/index.cjs CHANGED Viewed

@@ -1,4 +1,33 @@
+//#region rolldown:runtime
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+//#endregion
 let applesauce_core_helpers = require("applesauce-core/helpers");
+let _noble_secp256k1 = require("@noble/secp256k1");
+_noble_secp256k1 = __toESM(_noble_secp256k1);
 //#region src/utils/utils.ts
 /**
@@ -391,7 +420,14 @@ async function getPublicKeyFromPassword(password, salt = DEFAULT_SALT) {
 * Nosskey class for Passkey-Derived Nostr Identity
 * @packageDocumentation
 */
-const STANDARD_SALT = "6e6f7374722d6b6579";
+async function deriveSaltFromUsername(username) {
+	if (!username) return "";
+	const msgBuffer = new TextEncoder().encode(username.toLowerCase().trim());
+	const subtle = globalThis.crypto?.subtle;
+	if (!subtle) throw new Error("Web Crypto API not available");
+	const hashBuffer = await subtle.digest("SHA-256", msgBuffer);
+	return bytesToHex(new Uint8Array(hashBuffer));
+}
 function parseRecoveryTag(tags) {
 	const recoveryTag = tags.find((tag) => tag[0] === "r");
 	if (!recoveryTag || recoveryTag.length < 3) return null;
@@ -399,7 +435,8 @@ function parseRecoveryTag(tags) {
 	return {
 		recoveryPubkey: recoveryTag[1],
 		recoverySalt: recoveryTag[2],
-		createdAt: createdAt || void 0
+		createdAt: createdAt || void 0,
+		signature: recoveryTag[4] || void 0
 	};
 }
 function createRecoveryTag(recovery) {
@@ -407,9 +444,35 @@ function createRecoveryTag(recovery) {
 		"r",
 		recovery.recoveryPubkey,
 		recovery.recoverySalt,
-		recovery.createdAt?.toString() || ""
+		recovery.createdAt?.toString() || "",
+		recovery.signature || ""
 	];
 }
+function getRecoverySignature(kind0) {
+	if (!parseRecoveryTag(kind0.tags || [])) return null;
+	const tag = kind0.tags?.find((t) => t[0] === "r");
+	return tag && tag.length > 4 ? tag[4] || null : null;
+}
+async function verifyRecoverySignature(kind0) {
+	try {
+		if (!parseRecoveryTag(kind0.tags || [])) return false;
+		const signature = getRecoverySignature(kind0);
+		if (!signature || !kind0.pubkey) return false;
+		const messageHash = await sha256(kind0.pubkey);
+		const signatureBytes = hexToBytes(signature);
+		const pubkeyBytes = hexToBytes(kind0.pubkey);
+		return _noble_secp256k1.verify(signatureBytes, messageHash, pubkeyBytes);
+	} catch (e) {
+		return false;
+	}
+}
+async function sha256(message) {
+	const msgBuffer = new TextEncoder().encode(message);
+	const subtle = globalThis.crypto?.subtle;
+	if (!subtle) throw new Error("Web Crypto API not available");
+	const hashBuffer = await subtle.digest("SHA-256", msgBuffer);
+	return new Uint8Array(hashBuffer);
+}
 /**
 * Nosskey - Passkey-Derived Nostr Keys
 */
@@ -601,6 +664,7 @@ var NosskeyManager = class {
 			if (options.recoveryPassword) keyInfo = await this.addPasswordRecovery(options.recoveryPassword, credentialId);
 		} else {
 			if (!password) throw new Error("Password is required when PRF is not supported");
+			if (!options.username) throw new Error("Username is required when PRF is not supported");
 			keyInfo = await this.createPasswordProtectedNostrKey(password, options);
 		}
 		return keyInfo;
@@ -613,10 +677,11 @@ var NosskeyManager = class {
 		if (sk.every((byte) => byte === 0)) throw new Error("Invalid PRF output: all zeros");
 		bytesToHex(sk);
 		const publicKey = (0, applesauce_core_helpers.getPublicKey)(sk);
+		const salt = await deriveSaltFromUsername(options.username);
 		const keyInfo = {
 			credentialId: bytesToHex(credentialId || responseId),
 			pubkey: publicKey,
-			salt: STANDARD_SALT,
+			salt,
 			...options.username && { username: options.username }
 		};
 		if (this.#keyCache.isEnabled() && this.#keyCache.getCacheOptions().cacheOnCreation) this.#keyCache.setKey(keyInfo.credentialId, sk);
@@ -628,11 +693,12 @@ var NosskeyManager = class {
 	* @param options
 	*/
 	async createPasswordProtectedNostrKey(password, options = {}) {
-		const pubkey = await getPublicKeyFromPassword(password, STANDARD_SALT);
+		const salt = await deriveSaltFromUsername(options.username);
+		const pubkey = await getPublicKeyFromPassword(password, salt);
 		return {
 			credentialId: bytesToHex((typeof window !== "undefined" ? window.crypto : globalThis.crypto).getRandomValues(new Uint8Array(16))),
 			pubkey,
-			salt: STANDARD_SALT,
+			salt,
 			...options.username && { username: options.username }
 		};
 	}
@@ -716,17 +782,29 @@ var NosskeyManager = class {
 		if (!(currentCredentialId || (keyInfo.credentialId ? hexToBytes(keyInfo.credentialId) : void 0))) throw new Error("Credential ID required");
 		const recoverySalt = bytesToHex((typeof window !== "undefined" ? window.crypto : globalThis.crypto).getRandomValues(new Uint8Array(16)));
 		const recoveryPubkey = await getPublicKeyFromPassword(password, recoverySalt);
+		const recoverySk = await deriveNostrPrivateKey(password, recoverySalt);
+		const signature = this.#signWithKey(recoverySk, keyInfo.pubkey);
+		this.#clearKey(recoverySk);
 		const updatedKeyInfo = {
 			...keyInfo,
 			recovery: {
 				recoveryPubkey,
 				recoverySalt,
-				createdAt: Date.now()
+				createdAt: Date.now(),
+				signature
 			}
 		};
 		this.setCurrentKeyInfo(updatedKeyInfo);
 		return updatedKeyInfo;
 	}
+	#signWithKey(sk, message) {
+		return (0, applesauce_core_helpers.finalizeEvent)({
+			kind: 0,
+			content: "",
+			tags: [],
+			created_at: Math.floor(Date.now() / 1e3)
+		}, sk).sig;
+	}
 	/**
 	* Activate recovery using password
 	* Requires new credential ID from new device
@@ -745,6 +823,9 @@ var NosskeyManager = class {
 		this.#clearKey(newSk);
 		const newRecoverySalt = bytesToHex((typeof window !== "undefined" ? window.crypto : globalThis.crypto).getRandomValues(new Uint8Array(16)));
 		const newRecoveryPubkey = await getPublicKeyFromPassword(password, newRecoverySalt);
+		const recoverySk = await deriveNostrPrivateKey(password, recoverySalt);
+		const signature = this.#signWithKey(recoverySk, newPubkey);
+		this.#clearKey(recoverySk);
 		const updatedKeyInfo = {
 			credentialId: bytesToHex(newCredentialId),
 			pubkey: newPubkey,
@@ -752,7 +833,8 @@ var NosskeyManager = class {
 			recovery: {
 				recoveryPubkey: newRecoveryPubkey,
 				recoverySalt: newRecoverySalt,
-				createdAt: Date.now()
+				createdAt: Date.now(),
+				signature
 			}
 		};
 		this.setCurrentKeyInfo(updatedKeyInfo);
@@ -767,7 +849,8 @@ var NosskeyManager = class {
 		return {
 			recoveryPubkey: keyInfo.recovery.recoveryPubkey,
 			recoverySalt: keyInfo.recovery.recoverySalt,
-			createdAt: keyInfo.recovery.createdAt
+			createdAt: keyInfo.recovery.createdAt,
+			signature: keyInfo.recovery.signature
 		};
 	}
 	/**
@@ -786,6 +869,11 @@ var NosskeyManager = class {
 */
 const INFO_BYTES = new TextEncoder().encode("nostr-pwk");
 const AES_LENGTH = 256;
+function getSubtle() {
+	const subtle = globalThis.crypto?.subtle;
+	if (!subtle) throw new Error("Web Crypto API not available");
+	return subtle;
+}
 /**
 * PRF AES-GCM
 * @param secret PRF
@@ -793,8 +881,9 @@ const AES_LENGTH = 256;
 * @returns AES-GCM
 */
 async function deriveAesGcmKey(secret, salt) {
-	const keyMaterial = await crypto.subtle.importKey("raw", secret, "HKDF", false, ["deriveKey"]);
-	return crypto.subtle.deriveKey({
+	const subtle = getSubtle();
+	const keyMaterial = await subtle.importKey("raw", secret, "HKDF", false, ["deriveKey"]);
+	return subtle.deriveKey({
 		name: "HKDF",
 		hash: "SHA-256",
 		salt,
@@ -812,7 +901,7 @@ async function deriveAesGcmKey(secret, salt) {
 * @returns
 */
 async function aesGcmEncrypt(key, iv, plaintext) {
-	const buf = await crypto.subtle.encrypt({
+	const buf = await getSubtle().encrypt({
 		name: "AES-GCM",
 		iv
 	}, key, plaintext);
@@ -831,7 +920,7 @@ async function aesGcmEncrypt(key, iv, plaintext) {
 * @returns
 */
 async function aesGcmDecrypt(key, iv, ct, tag) {
-	const buf = await crypto.subtle.decrypt({
+	const buf = await getSubtle().decrypt({
 		name: "AES-GCM",
 		iv
 	}, key, new Uint8Array([...ct, ...tag]));
@@ -1416,15 +1505,18 @@ exports.createPasskey = createPasskey;
 exports.createRecoveryTag = createRecoveryTag;
 exports.deriveAesGcmKey = deriveAesGcmKey;
 exports.deriveNostrPrivateKey = deriveNostrPrivateKey;
+exports.deriveSaltFromUsername = deriveSaltFromUsername;
 exports.generatePasswordProtectedKey = generatePasswordProtectedKey;
 exports.getPrfSecret = getPrfSecret;
 exports.getPublicKeyFromPassword = getPublicKeyFromPassword;
+exports.getRecoverySignature = getRecoverySignature;
 exports.hexToBytes = hexToBytes;
 exports.importPublicKeyFromBundle = importPublicKeyFromBundle;
 exports.isPrfSupported = isPrfSupported;
 exports.parseRecoveryTag = parseRecoveryTag;
 exports.registerDummyPasskey = registerDummyPasskey;
 exports.unwrapPasswordProtectedPrivateKey = unwrapPasswordProtectedPrivateKey;
+exports.verifyRecoverySignature = verifyRecoverySignature;
 var applesauce_core = require("applesauce-core");
 Object.keys(applesauce_core).forEach(function (k) {
   if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {