aiolabs/nsecbunkerd
8
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request 'feat(#14): bump @nostr-dev-kit/ndk 2.8.1 → 3.0.3 + nostr-tools v1 → v2.20 + acl wire-name vocabulary' (#15) from issue-14-ndk-bump into dev
Some checks failed
Docker image / build-and-push-image (push) Has been cancelled
Details

Browse source 
Reviewed-on: #15
This commit is contained in:
padreug 2026-05-31 11:49:29 +00:00
commit 106fa807a1
24 changed files with 4429 additions and 2649 deletions
Download patch file Download diff file Expand all files Collapse all files

4
package.json
View file

@ -39,7 +39,7 @@
"@fastify/view": "^8.2.0",
"@inquirer/password": "^1.1.2",
"@inquirer/prompts": "^1.2.3",
"@nostr-dev-kit/ndk": "2.8.1",
"@nostr-dev-kit/ndk": "3.0.3",
"@prisma/client": "^5.4.1",
"@scure/base": "^1.1.1",
"@types/yargs": "^17.0.24",
@ -57,7 +57,7 @@
"isomorphic-ws": "^5.0.0",
"lnbits": "^1.1.5",
"lnbits-ts": "^0.0.2",
"nostr-tools": "^1.17.0",
"nostr-tools": "~2.20.0",
"websocket-polyfill": "^0.0.3",
"ws": "^8.13.0",
"yargs": "^17.7.2"

6737
pnpm-lock.yaml generated
View file

File diff suppressed because it is too large Load diff

2
src/client.ts
View file

@ -100,7 +100,7 @@ function loadPrivateKey(): string | undefined {
} else {
// check if we have a @ so we try to get the npub from nip05
if (remotePubkey.includes('@')) {
const u = await NDKUser.fromNip05(remotePubkey);
const u = await NDKUser.fromNip05(remotePubkey, ndk);
if (!u) {
console.log(`Invalid nip05 ${remotePubkey}`);
process.exit(1);

3
src/daemon/admin/commands/add_policy_rule.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -43,5 +44,5 @@ export default async function addPolicyRule(admin: AdminInterface, req: NDKRpcRe
});
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/add_signing_condition.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -42,5 +43,5 @@ export default async function addSigningCondition(admin: AdminInterface, req: ND
});
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

5
src/daemon/admin/commands/create_account.ts
View file

@ -131,6 +131,9 @@ export default async function createAccount(admin: AdminInterface, req: NDKRpcRe
username = payload[0];
domain = payload[1];
email = payload[2];
if (!username || !domain) {
throw new Error('Invalid authorization payload: missing username/domain');
}
return createAccountReal(admin, req, username, domain, email);
}
}
@ -195,7 +198,7 @@ export async function createAccountReal(
}
const keyName = nip05;
const nsec = nip19.nsecEncode(key.privateKey!);
const nsec = key.nsec;
currentConfig.keys[keyName] = { key: key.privateKey };
saveCurrentConfig(admin.configFile, currentConfig);

10
src/daemon/admin/commands/create_new_key.ts
View file

@ -1,7 +1,7 @@
import NDK, { NDKEvent, NDKPrivateKeySigner, NDKRpcRequest, type NostrEvent } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import { saveEncrypted } from "../../../commands/add.js";
import { nip19 } from 'nostr-tools';
import { setupSkeletonProfile } from "../../lib/profile.js";
export default async function createNewKey(admin: AdminInterface, req: NDKRpcRequest) {
@ -13,7 +13,9 @@ export default async function createNewKey(admin: AdminInterface, req: NDKRpcReq
let key;
if (_nsec) {
key = new NDKPrivateKeySigner(nip19.decode(_nsec).data as string);
// NDK 3.x's `NDKPrivateKeySigner` accepts nsec1 or hex directly
// (see core/src/signers/private-key/index.ts `@ai-guardrail`).
key = new NDKPrivateKeySigner(_nsec);
} else {
key = NDKPrivateKeySigner.generate();
@ -23,7 +25,7 @@ export default async function createNewKey(admin: AdminInterface, req: NDKRpcReq
}
const user = await key.user();
const nsec = nip19.nsecEncode(key.privateKey!);
const nsec = key.nsec;
await saveEncrypted(
admin.configFile,
@ -38,5 +40,5 @@ export default async function createNewKey(admin: AdminInterface, req: NDKRpcReq
npub: user.npub,
});
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/create_new_policy.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
export default async function createNewPolicy(admin: AdminInterface, req: NDKRpcRequest) {
@ -29,5 +30,5 @@ export default async function createNewPolicy(admin: AdminInterface, req: NDKRpc
}
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/create_new_token.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
export default async function createNewToken(admin: AdminInterface, req: NDKRpcRequest) {
@ -30,5 +31,5 @@ export default async function createNewToken(admin: AdminInterface, req: NDKRpcR
if (!tokenRecord) throw new Error("Token not created");
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/ping.ts
View file

@ -1,6 +1,7 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
export default async function ping(admin: AdminInterface, req: NDKRpcRequest) {
return admin.rpc.sendResponse(req.id, req.pubkey, "ok", 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, "ok", NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/remove_policy_rule.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -29,5 +30,5 @@ export default async function removePolicyRule(admin: AdminInterface, req: NDKRp
await prisma.policyRule.delete({ where: { id: ruleId } });
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/remove_signing_condition.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -22,5 +23,5 @@ export default async function removeSigningCondition(admin: AdminInterface, req:
await prisma.signingCondition.delete({ where: { id: conditionId } });
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/rename_key_user.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
export default async function renameKeyUser(admin: AdminInterface, req: NDKRpcRequest) {
@ -25,5 +26,5 @@ export default async function renameKeyUser(admin: AdminInterface, req: NDKRpcRe
});
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/revoke_token.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -32,5 +33,5 @@ export default async function revokeToken(admin: AdminInterface, req: NDKRpcRequ
});
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/revoke_user.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
export default async function revokeUser(admin: AdminInterface, req: NDKRpcRequest) {
@ -20,5 +21,5 @@ export default async function revokeUser(admin: AdminInterface, req: NDKRpcReque
});
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/unlock_key.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
export default async function unlockKey(admin: AdminInterface, req: NDKRpcRequest) {
const [ keyName, passphrase ] = req.params as [ string, string ];
@ -16,5 +17,5 @@ export default async function unlockKey(admin: AdminInterface, req: NDKRpcReques
result = JSON.stringify({ success: false, error: e.message });
}
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

3
src/daemon/admin/commands/update_policy.ts
View file

@ -1,5 +1,6 @@
import { NDKRpcRequest } from "@nostr-dev-kit/ndk";
import AdminInterface from "../index.js";
import { NIP46_ADMIN_RESPONSE_KIND } from "../kinds.js";
import prisma from "../../../db.js";
/**
@ -39,5 +40,5 @@ export default async function updatePolicy(admin: AdminInterface, req: NDKRpcReq
await prisma.policy.update({ where: { id: policyId }, data });
const result = JSON.stringify(["ok"]);
return admin.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return admin.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}

15
src/daemon/admin/index.ts
View file

@ -19,6 +19,7 @@ import updatePolicy from './commands/update_policy';
import addSigningCondition from './commands/add_signing_condition';
import removeSigningCondition from './commands/remove_signing_condition';
import revokeToken from './commands/revoke_token';
import { NIP46_ADMIN_RESPONSE_KIND } from './kinds.js';
import fs from 'fs';
import { validateRequestFromAdmin } from './validations/request-from-admin';
import { dmUser } from '../../utils/dm-user';
@ -142,7 +143,7 @@ class AdminInterface {
this.ndk.connect(2500).then(() => {
// connect for whitelisted admins
this.rpc.subscribe({
"kinds": [NDKKind.NostrConnect, 24134 as number],
"kinds": [NDKKind.NostrConnect, NIP46_ADMIN_RESPONSE_KIND],
"#p": [this.signerUser!.pubkey]
});
@ -272,7 +273,7 @@ class AdminInterface {
const key = keys.find((k) => k.name === keyName);
if (!key || !key.npub) {
return this.rpc.sendResponse(req.id, req.pubkey, JSON.stringify([]), 24134);
return this.rpc.sendResponse(req.id, req.pubkey, JSON.stringify([]), NIP46_ADMIN_RESPONSE_KIND);
}
const npub = key.npub;
@ -294,7 +295,7 @@ class AdminInterface {
};
}));
return this.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return this.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}
/**
@ -326,7 +327,7 @@ class AdminInterface {
};
}));
return this.rpc.sendResponse(req.id, req.pubkey, result, 24134);
return this.rpc.sendResponse(req.id, req.pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}
/**
@ -338,7 +339,7 @@ class AdminInterface {
const result = JSON.stringify(await this.getKeys());
const pubkey = req.pubkey;
return this.rpc.sendResponse(req.id, pubkey, result, 24134); // 24134
return this.rpc.sendResponse(req.id, pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}
/**
@ -350,7 +351,7 @@ class AdminInterface {
const result = JSON.stringify(await this.getKeyUsers(req));
const pubkey = req.pubkey;
return this.rpc.sendResponse(req.id, pubkey, result, 24134); // 24134
return this.rpc.sendResponse(req.id, pubkey, result, NIP46_ADMIN_RESPONSE_KIND);
}
/**
@ -416,7 +417,7 @@ class AdminInterface {
remoteUser.pubkey,
'acl',
[params],
24134,
NIP46_ADMIN_RESPONSE_KIND,
(res: NDKRpcResponse) => {
this.requestPermissionResponse(
remotePubkey,

14
src/daemon/admin/kinds.ts Normal file
View file

@ -0,0 +1,14 @@
import type { NDKKind } from '@nostr-dev-kit/ndk';
/**
* NIP-46 admin-RPC response channel kind-24134. Distinct from the
* standard NIP-46 client channel kind-24133 (`NDKKind.NostrConnect`)
* which carries `sign_event` / `nip04_*` / `nip44_*` / etc.
*
* nsecbunkerd's admin surface uses a dedicated kind so signer clients
* and admin clients don't subscribe to each other's events.
*
* NDK 3.x's `NDKKind` enum does not include 24134; the cast happens
* once here so callers can pass a typed value to `rpc.sendResponse`.
*/
export const NIP46_ADMIN_RESPONSE_KIND = 24134 as NDKKind;

5
src/daemon/authorize.ts
View file

@ -59,9 +59,8 @@ async function createRecord(
) {
let params: string | undefined;
if (param?.rawEvent) {
const e = param as NDKEvent;
params = JSON.stringify(e.rawEvent());
if (typeof param === 'object' && param !== null && 'rawEvent' in param) {
params = JSON.stringify(param.rawEvent());
} else if (param) {
params = param.toString();
}

2
src/daemon/backend/index.ts
View file

@ -18,8 +18,6 @@ export class Backend extends NDKNip46Backend {
this.baseUrl = baseUrl;
this.fastify = fastify;
// this.setStrategy('publish_event', new PublishEventHandlingStrategy());
}
/**

14
src/daemon/backend/publish-event.ts
View file

@ -1,14 +0,0 @@
import { NDKNip46Backend } from "@nostr-dev-kit/ndk";
import { IEventHandlingStrategy } from '@nostr-dev-kit/ndk';
export default class PublishEventHandlingStrategy implements IEventHandlingStrategy {
async handle(backend: NDKNip46Backend, id: string, remotePubkey: string, params: string[]): Promise<string|undefined> {
const event = await backend.signEvent(remotePubkey, params);
if (!event) return undefined;
console.log('Publishing event', event);
await event.publish();
return JSON.stringify(await event.toNostrEvent());
}
}

31
src/daemon/lib/acl/index.ts
View file

@ -1,4 +1,4 @@
import { NDKEvent, NostrEvent } from '@nostr-dev-kit/ndk';
import { NDKEvent, NostrEvent, NIP46Method } from '@nostr-dev-kit/ndk';
import prisma from '../../../db.js';
/**
@ -114,7 +114,26 @@ export async function checkIfPubkeyAllowed(
return undefined;
}
export type IMethod = "connect" | "sign_event" | "encrypt" | "decrypt" | "ping";
/**
* Sign-time auth method names follow the NIP-46 wire convention as
* NDK 3.x's `NDKNip46Backend` passes them through to `pubkeyAllowed`
* verbatim (it stopped normalizing `nip04_encrypt`/`nip04_decrypt`
* to `encrypt`/`decrypt` somewhere between 2.8.1 and current
* upstream).
*
* lnbits's `_ensure_policy` writes `PolicyRule.method` using the same
* wire-name vocabulary (`nip04_encrypt`, `nip04_decrypt`,
* `nip44_encrypt`, `nip44_decrypt`, `sign_event`, `get_public_key`,
* `connect`, `ping`). With the wire-name vocabulary on both sides,
* the post-#11 live-policy join (step 4 of `checkIfPubkeyAllowed`)
* naturally matches lnbits's stored rules no `encrypt → nip04_encrypt`
* adapter layer needed.
*
* Source the type from NDK itself so it can't drift across future
* NDK bumps; if NDK adds a new method (e.g. `nip60_*`) we pick it up
* for free.
*/
export type IMethod = NIP46Method;
export type IAllowScope = {
kind?: number | 'all';
@ -124,10 +143,14 @@ export function requestToSigningConditionQuery(method: IMethod, payload?: string
const signingConditionQuery: any = { method };
switch (method) {
case 'sign_event':
signingConditionQuery.kind = { in: [ payload?.kind?.toString(), 'all' ] };
case 'sign_event': {
const kindString = (typeof payload === 'object' && payload?.kind !== undefined)
? payload.kind.toString()
: undefined;
signingConditionQuery.kind = { in: [kindString, 'all'] };
break;
}
}
return signingConditionQuery;
}

47
src/daemon/run.ts
View file

@ -1,10 +1,7 @@
import NDK, { NDKPrivateKeySigner, Nip46PermitCallback, Nip46PermitCallbackParams } from '@nostr-dev-kit/ndk';
import { nip19 } from 'nostr-tools';
import { nip19, utils as nostrUtils } from 'nostr-tools';
import { Backend } from './backend/index.js';
import {
IMethod,
checkIfPubkeyAllowed,
} from './lib/acl/index.js';
import { checkIfPubkeyAllowed } from './lib/acl/index.js';
import AdminInterface from './admin/index.js';
import { IConfig } from '../config/index.js';
import { NDKRpcRequest } from '@nostr-dev-kit/ndk';
@ -38,8 +35,7 @@ function getKeys(config: DaemonConfig) {
const keys: Key[] = [];
for (const [name, nsec] of Object.entries(config.keys)) {
const hexpk = nip19.decode(nsec).data as string;
const user = await new NDKPrivateKeySigner(hexpk).user();
const user = await new NDKPrivateKeySigner(nsec).user();
const key = {
name,
npub: user.npub,
@ -108,7 +104,7 @@ function signingAuthorizationCallback(keyName: string, adminInterface: AdminInte
}
try {
const keyAllowed = await checkIfPubkeyAllowed(keyName, remotePubkey, method as IMethod, payload);
const keyAllowed = await checkIfPubkeyAllowed(keyName, remotePubkey, method, payload);
if (keyAllowed === true || keyAllowed === false) {
console.log(`🔎 ${nip19.npubEncode(remotePubkey)} is ${keyAllowed ? 'allowed' : 'denied'} to ${method} with key ${keyName}`);
@ -164,7 +160,7 @@ class Daemon {
explicitRelayUrls: config.nostr.relays,
});
this.ndk.pool.on('relay:connect', (r) => console.log(`✅ Connected to ${r.url}`) );
this.ndk.pool.on('relay:notice', (n, r) => { console.log(`👀 Notice from ${r.url}`, n); });
this.ndk.pool.on('notice', (r, n) => { console.log(`👀 Notice from ${r.url}`, n); });
this.ndk.pool.on('relay:disconnect', (r) => {
console.log(`🚫 Disconnected from ${r.url}`);
@ -206,7 +202,10 @@ class Daemon {
continue;
}
const nsec = nip19.nsecEncode(settings.key);
// nostr-tools v2: `nsecEncode` takes `Uint8Array`, not hex string.
// pragma: allowlist secret
// `settings.key` is the hex-encoded private key from config.
const nsec = nip19.nsecEncode(nostrUtils.hexToBytes(settings.key));
this.loadNsec(keyName, nsec);
}
}
@ -226,27 +225,13 @@ class Daemon {
*/
async startKey(name: string, nsec: string) {
const cb = signingAuthorizationCallback(name, this.adminInterface);
let hexpk: string;
if (nsec.startsWith('nsec1')) {
try {
// NDK 2.8.1's NDKPrivateKeySigner constructor passes its
// arg straight to nostr-tools getPublicKey() which requires
// 32-byte hex / bytes / bigint, not bech32. Without this
// decode, every key created via create_new_key fails to
// load with the nostr-tools getPublicKey type error, so
// the bunker can never sign for any target it provisions.
// See aiolabs/nsecbunkerd#8.
hexpk = nip19.decode(nsec).data as string;
} catch(e) {
console.error(`Error loading key ${name}:`, e);
return
}
} else {
hexpk = nsec;
}
const backend = new Backend(this.ndk, this.fastify, hexpk, cb, this.config.baseUrl);
// NDK 3.x's `NDKPrivateKeySigner` accepts nsec1 or hex directly
// (see `core/src/signers/private-key/index.ts` `@ai-guardrail`
// — "DO NOT use nip19.decode() to convert nsec to hex before
// passing it here"). The bech32-decode workaround for #8 was
// tied to NDK 2.8.1's old constructor behavior and is no
// longer needed post-#14 NDK bump.
const backend = new Backend(this.ndk, this.fastify, nsec, cb, this.config.baseUrl);
await backend.start();
}