shogun-core 3.0.4 → 3.0.6

package/dist/types/plugins/nostr/nostrConnector.d.ts

@@ -0,0 +1,119 @@
+import { EventEmitter } from "../../utils/eventEmitter";
+import { ConnectionResult, AlbyProvider, NostrProvider, NostrConnectorConfig, NostrConnectorKeyPair } from "./types";
+declare global {
+    interface Window {
+        alby?: AlbyProvider;
+        nostr?: NostrProvider;
+        NostrConnector?: typeof NostrConnector;
+    }
+}
+export declare const MESSAGE_TO_SIGN = "I Love Shogun!";
+/**
+ * Class for Bitcoin wallet connections and operations
+ */
+declare class NostrConnector extends EventEmitter {
+    private readonly DEFAULT_CONFIG;
+    private readonly config;
+    private readonly signatureCache;
+    private connectedAddress;
+    private connectedType;
+    private manualKeyPair;
+    constructor(config?: Partial<NostrConnectorConfig>);
+    /**
+     * Setup event listeners
+     */
+    private setupEventListeners;
+    /**
+     * Clear signature cache for a specific address or all addresses
+     */
+    clearSignatureCache(address?: string): void;
+    /**
+     * Check if Nostr extension is available
+     */
+    isNostrExtensionAvailable(): boolean;
+    /**
+     * Check if any Bitcoin wallet is available
+     */
+    isAvailable(): boolean;
+    /**
+     * Connect to a wallet type
+     */
+    connectWallet(type?: "alby" | "nostr" | "manual"): Promise<ConnectionResult>;
+    /**
+     * Connect to Nostr extension
+     */
+    private connectNostr;
+    /**
+     * Set up manual key pair for connection
+     */
+    private connectManual;
+    /**
+     * Set a manual key pair for use
+     */
+    setKeyPair(keyPair: NostrConnectorKeyPair): void;
+    /**
+     * Generate credentials using Nostr: username deterministico e chiave GunDB derivata dall'address
+     */
+    generateCredentials(address: string, signature: string, message: string): Promise<{
+        username: string;
+        key: {
+            pub: string;
+            priv: string;
+            epub: string;
+            epriv: string;
+            secp256k1Bitcoin: {
+                privateKey: string;
+                publicKey: string;
+                address: string;
+            };
+            secp256k1Ethereum: {
+                privateKey: string;
+                publicKey: string;
+                address: string;
+            };
+        };
+        message: string;
+        signature: string;
+    }>;
+    /**
+     * Generate a password from a signature
+     */
+    generatePassword(signature: string): Promise<string>;
+    /**
+     * Verify a signature
+     */
+    verifySignature(message: string, signature: string, address: any): Promise<boolean>;
+    /**
+     * Get the currently connected address
+     */
+    getConnectedAddress(): string | null;
+    /**
+     * Get the currently connected wallet type
+     */
+    getConnectedType(): "alby" | "nostr" | "manual" | null;
+    /**
+     * Request a signature from the connected wallet
+     */
+    requestSignature(address: string, message: string): Promise<string>;
+    /**
+     * Cleanup event listeners
+     */
+    cleanup(): void;
+}
+export declare function deriveNostrKeys(address: string, signature: string, message: string): Promise<{
+    pub: string;
+    priv: string;
+    epub: string;
+    epriv: string;
+    secp256k1Bitcoin: {
+        privateKey: string;
+        publicKey: string;
+        address: string;
+    };
+    secp256k1Ethereum: {
+        privateKey: string;
+        publicKey: string;
+        address: string;
+    };
+}>;
+export { NostrConnector };

package/dist/types/plugins/nostr/nostrConnectorPlugin.d.ts

@@ -0,0 +1,163 @@
+import { BasePlugin } from "../base";
+import { ShogunCore } from "../../core";
+import { NostrSigningCredential } from "./nostrSigner";
+import { NostrConnectorCredentials, ConnectionResult, NostrConnectorPluginInterface } from "./types";
+import { AuthResult, SignUpResult } from "../../interfaces/shogun";
+/**
+ * Plugin for managing Bitcoin wallet functionality in ShogunCore
+ * Supports Alby, Nostr extensions, or direct key management
+ */
+export declare class NostrConnectorPlugin extends BasePlugin implements NostrConnectorPluginInterface {
+    name: string;
+    version: string;
+    description: string;
+    private bitcoinConnector;
+    private signer;
+    /**
+     * @inheritdoc
+     */
+    initialize(core: ShogunCore): void;
+    /**
+     * @inheritdoc
+     */
+    destroy(): void;
+    /**
+     * Ensure that the Bitcoin wallet module is initialized
+     * @private
+     */
+    private assertBitcoinConnector;
+    /**
+     * Assicura che il signer sia inizializzato
+     * @private
+     */
+    private assertSigner;
+    /**
+     * @inheritdoc
+     */
+    isAvailable(): boolean;
+    /**
+     * Check if Nostr extension is available
+     */
+    isNostrExtensionAvailable(): boolean;
+    /**
+     * Connect to Nostr wallet automatically
+     * This is a convenience method for easy wallet connection
+     */
+    connectNostrWallet(): Promise<ConnectionResult>;
+    /**
+     * @inheritdoc
+     */
+    connectBitcoinWallet(type?: "alby" | "nostr" | "manual"): Promise<ConnectionResult>;
+    /**
+     * @inheritdoc
+     */
+    generateCredentials(address: string, signature: string, message: string): Promise<NostrConnectorCredentials>;
+    /**
+     * @inheritdoc
+     */
+    cleanup(): void;
+    /**
+     * @inheritdoc
+     */
+    verifySignature(message: string, signature: string, address: string): Promise<boolean>;
+    /**
+     * @inheritdoc
+     */
+    generatePassword(signature: string): Promise<string>;
+    /**
+     * Creates a new Nostr signing credential
+     * CONSISTENT with normal Nostr approach
+     */
+    createSigningCredential(address: string): Promise<NostrSigningCredential>;
+    /**
+     * Creates an authenticator function for Nostr signing
+     */
+    createAuthenticator(address: string): (data: any) => Promise<string>;
+    /**
+     * Creates a derived key pair from Nostr credential
+     */
+    createDerivedKeyPair(address: string, extra?: string[]): Promise<{
+        pub: string;
+        priv: string;
+        epub: string;
+        epriv: string;
+    }>;
+    /**
+     * Signs data with derived keys after Nostr verification
+     */
+    signWithDerivedKeys(data: any, address: string, extra?: string[]): Promise<string>;
+    /**
+     * Get signing credential by address
+     */
+    getSigningCredential(address: string): NostrSigningCredential | undefined;
+    /**
+     * List all signing credentials
+     */
+    listSigningCredentials(): NostrSigningCredential[];
+    /**
+     * Remove a signing credential
+     */
+    removeSigningCredential(address: string): boolean;
+    /**
+     * Creates a Gun user from Nostr signing credential
+     * This ensures the SAME user is created as with normal approach
+     */
+    createGunUserFromSigningCredential(address: string): Promise<{
+        success: boolean;
+        userPub?: string;
+        error?: string;
+    }>;
+    /**
+     * Get the Gun user public key for a signing credential
+     */
+    getGunUserPubFromSigningCredential(address: string): string | undefined;
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address: string): string | undefined;
+    /**
+     * Verify consistency between oneshot and normal approaches
+     * This ensures both approaches create the same Gun user
+     */
+    verifyConsistency(address: string, expectedUserPub?: string): Promise<{
+        consistent: boolean;
+        actualUserPub?: string;
+        expectedUserPub?: string;
+    }>;
+    /**
+     * Complete oneshot workflow that creates the SAME Gun user as normal approach
+     * This is the recommended method for oneshot signing with full consistency
+     */
+    setupConsistentOneshotSigning(address: string): Promise<{
+        credential: NostrSigningCredential;
+        authenticator: (data: any) => Promise<string>;
+        gunUser: {
+            success: boolean;
+            userPub?: string;
+            error?: string;
+        };
+        username: string;
+        password: string;
+    }>;
+    /**
+     * Login with Bitcoin wallet
+     * @param address - Bitcoin address
+     * @returns {Promise<AuthResult>} Authentication result
+     * @description Authenticates the user using Bitcoin wallet credentials after signature verification
+     */
+    login(address: string): Promise<AuthResult>;
+    /**
+     * Register new user with Nostr wallet
+     * @param address - Nostr address
+     * @returns {Promise<SignUpResult>} Registration result
+     */
+    signUp(address: string): Promise<SignUpResult>;
+    /**
+     * Convenience method that matches the interface pattern
+     */
+    loginWithBitcoinWallet(address: string): Promise<AuthResult>;
+    /**
+     * Convenience method that matches the interface pattern
+     */
+    signUpWithBitcoinWallet(address: string): Promise<AuthResult>;
+}

package/dist/types/plugins/nostr/nostrSigner.d.ts

@@ -0,0 +1,105 @@
+import { NostrConnector } from "./nostrConnector";
+/**
+ * Nostr Signing Credential for oneshot signing
+ */
+export interface NostrSigningCredential {
+    address: string;
+    signature: string;
+    message: string;
+    username: string;
+    password: string;
+    gunUserPub?: string;
+}
+/**
+ * Nostr Signer - Provides oneshot signing functionality
+ * Similar to webauthn.js but for Nostr/Bitcoin wallets
+ * CONSISTENT with normal Nostr approach
+ */
+export declare class NostrSigner {
+    private nostrConnector;
+    private credentials;
+    private readonly MESSAGE_TO_SIGN;
+    constructor(nostrConnector?: NostrConnector);
+    /**
+     * Creates a new Nostr signing credential
+     * CONSISTENT with normal Nostr approach
+     */
+    createSigningCredential(address: string): Promise<NostrSigningCredential>;
+    /**
+     * Validates address using the same logic as NostrConnector
+     */
+    private validateAddress;
+    /**
+     * Generate deterministic signature using the SAME approach as NostrConnector
+     */
+    private generateDeterministicSignature;
+    /**
+     * Generate password using the SAME approach as NostrConnector
+     */
+    private generatePassword;
+    /**
+     * Creates an authenticator function compatible with SEA.sign
+     * This is the key function that makes it work like webauthn.js but for Nostr
+     */
+    createAuthenticator(address: string): (data: any) => Promise<string>;
+    /**
+     * Sign data using the credential
+     */
+    private signData;
+    /**
+     * Creates a derived key pair from Nostr credential
+     * CONSISTENT with normal approach: uses password as seed
+     */
+    createDerivedKeyPair(address: string, extra?: string[]): Promise<{
+        pub: string;
+        priv: string;
+        epub: string;
+        epriv: string;
+    }>;
+    /**
+     * Creates a Gun user from Nostr credential
+     * This ensures the SAME user is created as with normal approach
+     * FIX: Use derived pair instead of username/password for GunDB auth
+     */
+    createGunUser(address: string, gunInstance: any): Promise<{
+        success: boolean;
+        userPub?: string;
+        error?: string;
+    }>;
+    /**
+     * Signs data using Nostr + derived keys
+     * This provides a hybrid approach: Nostr for user verification + derived keys for actual signing
+     * CONSISTENT with normal approach
+     */
+    signWithDerivedKeys(data: any, address: string, extra?: string[]): Promise<string>;
+    /**
+     * Get the Gun user public key for a credential
+     * This allows checking if the same user would be created
+     */
+    getGunUserPub(address: string): string | undefined;
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address: string): string | undefined;
+    /**
+     * Check if this credential would create the same Gun user as normal approach
+     */
+    verifyConsistency(address: string, expectedUserPub?: string): Promise<{
+        consistent: boolean;
+        actualUserPub?: string;
+        expectedUserPub?: string;
+    }>;
+    /**
+     * Get credential by address
+     */
+    getCredential(address: string): NostrSigningCredential | undefined;
+    /**
+     * List all stored credentials
+     */
+    listCredentials(): NostrSigningCredential[];
+    /**
+     * Remove a credential
+     */
+    removeCredential(address: string): boolean;
+}
+export default NostrSigner;

package/dist/types/plugins/nostr/types.d.ts

@@ -0,0 +1,122 @@
+import { BaseConfig, BaseResult, BaseCacheEntry } from "../../interfaces/common";
+import { AuthResult, SignUpResult } from "../../interfaces/shogun";
+/**
+ * Result of connection attempt
+ */
+export interface ConnectionResult extends BaseResult {
+    address?: string;
+    username?: string;
+    randomPassword?: string;
+    extensionType?: "alby" | "nostr" | "manual";
+}
+/**
+ * Structure for credentials generated via Bitcoin wallet
+ */
+export interface NostrConnectorCredentials {
+    /** Generated username based on the address */
+    username: string;
+    /** Chiave GunDB derivata dalla signature */
+    key: any;
+    /** Original message signed by the user */
+    message: string;
+    /** Signature provided by the wallet */
+    signature: string;
+}
+/**
+ * Alby extension interface
+ */
+export interface AlbyProvider {
+    isAlby?: boolean;
+    enable: () => Promise<any>;
+    signMessage?: (message: string, address?: string) => Promise<string>;
+    getPublicKey?: () => Promise<string>;
+    getInfo?: () => Promise<any>;
+}
+/**
+ * Nostr extension interface
+ */
+export interface NostrProvider {
+    getPublicKey: () => Promise<string>;
+    signEvent: (event: any) => Promise<any>;
+    nip04: {
+        encrypt: (pubkey: string, plaintext: string) => Promise<string>;
+        decrypt: (pubkey: string, ciphertext: string) => Promise<string>;
+    };
+}
+/**
+ * Cache entry for signatures
+ */
+export interface SignatureCache extends BaseCacheEntry<string> {
+    signature: string;
+    address: string;
+}
+/**
+ * Bitcoin wallet configuration options
+ */
+export interface NostrConnectorConfig extends BaseConfig {
+    cacheDuration?: number;
+    network?: "mainnet" | "testnet";
+    useApi?: boolean;
+    apiUrl?: string;
+}
+/**
+ * Bitcoin Key pair interface
+ */
+export interface NostrConnectorKeyPair {
+    privateKey: string;
+    publicKey: string;
+    address: string;
+    type: "legacy" | "segwit" | "taproot" | "nostr";
+}
+/**
+ * Interface for the Bitcoin wallet plugin
+ */
+export interface NostrConnectorPluginInterface {
+    /**
+     * Check if any Bitcoin wallet is available in the browser
+     * @returns true if a wallet is available, false otherwise
+     */
+    isAvailable(): boolean;
+    /**
+     * Connect to a Bitcoin wallet
+     * @param type Type of wallet to connect to
+     * @returns Promise with the connection result
+     */
+    connectBitcoinWallet(type?: "alby" | "nostr" | "manual"): Promise<ConnectionResult>;
+    /**
+     * Generate credentials using a Bitcoin wallet
+     * @param address Bitcoin address
+     * @returns Promise with the generated credentials
+     */
+    generateCredentials(address: string, signature: string, message: string): Promise<NostrConnectorCredentials>;
+    /**
+     * Release resources and clean up event listeners
+     */
+    cleanup(): void;
+    /**
+     * Generate a password based on a signature
+     * @param signature Signature
+     * @returns Promise with the generated password
+     */
+    generatePassword(signature: string): Promise<string>;
+    /**
+     * Verify a signature
+     * @param message Signed message
+     * @param signature Signature to verify
+     * @param address The Bitcoin address that supposedly created the signature
+     * @returns Promise that resolves to true if the signature is valid
+     */
+    verifySignature(message: string, signature: string, address: string): Promise<boolean>;
+    /**
+     * Login with Bitcoin wallet
+     * @param address Bitcoin address
+     * @returns Promise with the operation result
+     */
+    login(address: string): Promise<AuthResult>;
+    /**
+     * Sign up with Nostr wallet
+     * @param address Nostr address
+     * @returns Promise with authentication result
+     */
+    signUp(address: string): Promise<SignUpResult>;
+}

package/dist/types/plugins/oauth/index.d.ts

@@ -0,0 +1,3 @@
+export { OAuthConnector } from "./oauthConnector";
+export { OAuthPlugin } from "./oauthPlugin";
+export type { OAuthPluginInterface, OAuthConfig, OAuthProvider, OAuthCredentials, OAuthConnectionResult, OAuthUserInfo, } from "./types";

package/dist/types/plugins/oauth/oauthConnector.d.ts

@@ -0,0 +1,110 @@
+/**
+ * OAuth Connector - Secure version for GunDB user creation
+ */
+import { EventEmitter } from "../../utils/eventEmitter";
+import { OAuthConfig, OAuthProvider, OAuthUserInfo, OAuthCredentials, OAuthConnectionResult } from "./types";
+/**
+ * OAuth Connector
+ */
+export declare class OAuthConnector extends EventEmitter {
+    private readonly DEFAULT_CONFIG;
+    private config;
+    private readonly userCache;
+    private readonly memoryStorage;
+    constructor(config?: Partial<OAuthConfig>);
+    /**
+     * Validates security configuration
+     */
+    private validateSecurityConfig;
+    /**
+     * Update the connector configuration
+     * @param config - New configuration options
+     */
+    updateConfig(config: Partial<OAuthConfig>): void;
+    /**
+     * Get origin URL (browser or Node.js compatible)
+     */
+    private getOrigin;
+    /**
+     * Storage abstraction (browser sessionStorage or Node.js Map)
+     */
+    private setItem;
+    private getItem;
+    private removeItem;
+    /**
+     * Check if OAuth is supported
+     */
+    isSupported(): boolean;
+    /**
+     * Get available OAuth providers
+     */
+    getAvailableProviders(): OAuthProvider[];
+    /**
+     * Generate PKCE challenge for secure OAuth flow
+     */
+    private generatePKCEChallenge;
+    /**
+     * Calculate the PKCE code challenge from a code verifier.
+     * Hashes the verifier using SHA-256 and then base64url encodes it.
+     * @param verifier The code verifier string.
+     * @returns The base64url-encoded SHA-256 hash of the verifier.
+     */
+    private calculatePKCECodeChallenge;
+    /**
+     * Encodes a buffer into a Base64URL-encoded string.
+     * @param buffer The buffer to encode.
+     * @returns The Base64URL-encoded string.
+     */
+    private base64urlEncode;
+    /**
+     * Generate cryptographically secure random string
+     */
+    private generateRandomString;
+    /**
+     * Initiate OAuth flow
+     */
+    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
+    /**
+     * Complete OAuth flow
+     */
+    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
+    /**
+     * Generate credentials from OAuth user info
+     * Ora restituisce anche la chiave GunDB derivata (key)
+     */
+    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials & {
+        key: any;
+    }>;
+    /**
+     * Exchange authorization code for access token
+     */
+    private exchangeCodeForToken;
+    /**
+     * Fetch user info from provider
+     */
+    private fetchUserInfo;
+    /**
+     * Normalize user info from different providers
+     */
+    private normalizeUserInfo;
+    /**
+     * Cache user info
+     */
+    private cacheUserInfo;
+    /**
+     * Get cached user info
+     */
+    getCachedUserInfo(userId: string, provider: OAuthProvider): OAuthUserInfo | null;
+    /**
+     * Clear user cache
+     */
+    clearUserCache(userId?: string, provider?: OAuthProvider): void;
+    /**
+     * Cleanup
+     */
+    cleanup(): void;
+    /**
+     * Clean up expired OAuth data from storage
+     */
+    private cleanupExpiredOAuthData;
+}