diff --git a/package.json b/package.json index 5154f3d9..8d87caec 100644 --- a/package.json +++ b/package.json @@ -48,9 +48,6 @@ "@event-calendar/day-grid": "^2.4.1", "@event-calendar/interaction": "^2.4.1", "@fortawesome/fontawesome-free": "^6.5.1", - "@noble/ciphers": "^0.4.0", - "@noble/curves": "^1.2.0", - "@noble/hashes": "^1.3.2", "@nostr-dev-kit/ndk": "^2.3.1", "@scure/base": "^1.1.3", "classnames": "^2.3.2", @@ -61,6 +58,7 @@ "hurdak": "^0.2.6", "husky": "^8.0.3", "insane": "^2.6.2", + "nip44": "https://gitpkg.now.sh/paulmillr/nip44/javascript?post-audit", "lru-cache": "^10.1.0", "marked": "^11.0.0", "normalize-url": "^8.0.0", diff --git a/src/app/views/EventDetail.svelte b/src/app/views/EventDetail.svelte index 1eea2281..7e1dffa1 100644 --- a/src/app/views/EventDetail.svelte +++ b/src/app/views/EventDetail.svelte @@ -23,7 +23,6 @@ } let event - let relays = [] let actions = [] let replyIsOpen = false let promise: Promise = defer() diff --git a/src/engine/relays/utils.ts b/src/engine/relays/utils.ts index 29eb93c5..65e2485d 100644 --- a/src/engine/relays/utils.ts +++ b/src/engine/relays/utils.ts @@ -224,7 +224,7 @@ export const getGroupHints = hintSelector(function* (address: string) { }) export const getGroupPublishHints = (addresses: string[]) => { - const urls = mergeHints(addresses.map(getGroupHints)) + const urls = mergeHints(addresses.map(getGroupRelayUrls)) return urls.length === 0 ? getUserRelayUrls("write") : urls } diff --git a/src/engine/session/utils/nip44.ts b/src/engine/session/utils/nip44.ts index bdd75a6c..b4c745f9 100644 --- a/src/engine/session/utils/nip44.ts +++ b/src/engine/session/utils/nip44.ts @@ -1,64 +1,16 @@ import {join} from "ramda" +import {v2} from "nip44/index" import {cached} from "paravel" -import {base64} from "@scure/base" -import {randomBytes} from "@noble/hashes/utils" -import {secp256k1} from "@noble/curves/secp256k1" -import {sha256} from "@noble/hashes/sha256" -import {xchacha20} from "@noble/ciphers/chacha" import {switcher, switcherFn} from "hurdak" import type {Session} from "src/engine/session/model" -export const utf8Decoder = new TextDecoder() - -export const utf8Encoder = new TextEncoder() - // Deriving shared secret is an expensive computation, cache it export const getSharedSecret = cached({ maxSize: 100, getKey: join(":"), - getValue: ([sk, pk]: string[]) => - sha256(secp256k1.getSharedSecret(sk, "02" + pk).subarray(1, 33)), + getValue: ([sk, pk]: string[]) => v2.utils.getConversationKey(sk, pk), }) -export function encryptWithSharedSecret(key: Uint8Array, text: string, v = 1) { - if (v !== 1) { - throw new Error("NIP44: unknown encryption version") - } - - const nonce = randomBytes(24) - const plaintext = utf8Encoder.encode(text) - const ciphertext = xchacha20(key, nonce, plaintext) - - const payload = new Uint8Array(25 + ciphertext.length) - payload.set([v], 0) - payload.set(nonce, 1) - payload.set(ciphertext, 25) - - return base64.encode(payload) -} - -export function decryptWithSharedSecret(key: Uint8Array, payload: string) { - const data = base64.decode(payload) - - if (data[0] !== 1) { - throw new Error(`NIP44: unknown encryption version: ${data[0]}`) - } - - const nonce = data.slice(1, 25) - const ciphertext = data.slice(25) - const plaintext = xchacha20(key, nonce, ciphertext) - - return utf8Decoder.decode(plaintext) -} - -export function encryptFor(sk: string, pk: string, text: string, v = 1) { - return encryptWithSharedSecret(getSharedSecret(sk, pk), text, v) -} - -export function decryptFor(sk: string, pk: string, payload: string) { - return decryptWithSharedSecret(getSharedSecret(sk, pk), payload) -} - export class Nip44 { constructor(readonly session: Session) {} @@ -73,11 +25,11 @@ export class Nip44 { } encrypt(message: string, pk: string, sk: string) { - return encryptFor(sk, pk, message) + return v2.encrypt(message, getSharedSecret(sk, pk)) } - decrypt(message: string, pk: string, sk: string) { - return decryptFor(sk, pk, message) + decrypt(payload: string, pk: string, sk: string) { + return v2.decrypt(payload, getSharedSecret(sk, pk)) } encryptAsUser(message: string, pk: string) { diff --git a/yarn.lock b/yarn.lock index 072615e4..15f0cccc 100644 Binary files a/yarn.lock and b/yarn.lock differ