nips/04.md

NIP-04
======

Encrypted Direct Message
------------------------

`final` `optional` `author:arcbtc`

A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:

**`content`** MUST be equal to the base64-encoded, aes-256-cbc encrypted string of anything a user wants to write, encrypted using a shared cipher generated by combining the recipient's public-key with the sender's private-key; this appended by the base64-encoded initialization vector as if it was a querystring parameter named "iv". The format is the following: `"content": "<encrypted_text>?iv=<initialization_vector>"`.

**`tags`** MUST contain an entry identifying the receiver of the message (such that relays may naturally forward this event to them), in the form `["p", "<pubkey, as a hex string>"]`.

**`tags`** MAY contain an entry identifying the previous message in a conversation or a message we are explicitly replying to (such that contextual, more organized conversations may happen), in the form `["e", "<event_id>"]`.

**Note**: By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). In Nostr, only the X coordinate of the shared point is used as the secret and it is NOT hashed. If using libsecp256k1, a custom function that copies the X coordinate must be passed as the `hashfp` argument in `secp256k1_ecdh`. See [here](https://github.com/bitcoin-core/secp256k1/blob/master/src/modules/ecdh/main_impl.h#L29).

Code sample for generating such an event in JavaScript:

```js
import crypto from 'crypto'
import * as secp from 'noble-secp256k1'

let sharedPoint = secp.getSharedSecret(ourPrivateKey, '02' + theirPublicKey)
let sharedX = sharedPoint.substr(2, 64)

let iv = crypto.randomFillSync(new Uint8Array(16))
var cipher = crypto.createCipheriv(
  'aes-256-cbc',
  Buffer.from(sharedX, 'hex'),
  iv
)
let encryptedMessage = cipher.update(text, 'utf8', 'base64')
encryptedMessage += cipher.final('base64')
let ivBase64 = Buffer.from(iv.buffer).toString('base64')

let event = {
  pubkey: ourPubKey,
  created_at: Math.floor(Date.now() / 1000),
  kind: 4,
  tags: [['p', theirPublicKey]],
  content: encryptedMessage + '?iv=' + ivBase64
}
```
migrate nips from main nostr repo. 2022-05-01 06:48:57 -04:00			`NIP-04`
			`======`

			`Encrypted Direct Message`
			`------------------------`

finalize some NIPs we will not going to change anymore. 2022-11-22 06:59:10 -05:00			`final` `optional` `author:arcbtc`
migrate nips from main nostr repo. 2022-05-01 06:48:57 -04:00
			A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:

			`content` MUST be equal to the base64-encoded, aes-256-cbc encrypted string of anything a user wants to write, encrypted using a shared cipher generated by combining the recipient's public-key with the sender's private-key; this appended by the base64-encoded initialization vector as if it was a querystring parameter named "iv". The format is the following: `"content": "<encrypted_text>?iv=<initialization_vector>"`.

			`tags` MUST contain an entry identifying the receiver of the message (such that relays may naturally forward this event to them), in the form `["p", "<pubkey, as a hex string>"]`.

			`tags` MAY contain an entry identifying the previous message in a conversation or a message we are explicitly replying to (such that contextual, more organized conversations may happen), in the form `["e", "<event_id>"]`.

Fix minor typo Fix spelling of `coordinates` in Note 2023-02-22 19:14:07 -05:00			Note: By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). In Nostr, only the X coordinate of the shared point is used as the secret and it is NOT hashed. If using libsecp256k1, a custom function that copies the X coordinate must be passed as the `hashfp` argument in `secp256k1_ecdh`. See [here](https://github.com/bitcoin-core/secp256k1/blob/master/src/modules/ecdh/main_impl.h#L29).
NIP-04: clarify how shared secret is computed 2023-02-10 08:18:40 -05:00
migrate nips from main nostr repo. 2022-05-01 06:48:57 -04:00			`Code sample for generating such an event in JavaScript:`

			```js
			`import crypto from 'crypto'`
			`import * as secp from 'noble-secp256k1'`

			`let sharedPoint = secp.getSharedSecret(ourPrivateKey, '02' + theirPublicKey)`
			`let sharedX = sharedPoint.substr(2, 64)`

			`let iv = crypto.randomFillSync(new Uint8Array(16))`
			`var cipher = crypto.createCipheriv(`
			`'aes-256-cbc',`
			`Buffer.from(sharedX, 'hex'),`
			`iv`
			`)`
			`let encryptedMessage = cipher.update(text, 'utf8', 'base64')`
			`encryptedMessage += cipher.final('base64')`
			`let ivBase64 = Buffer.from(iv.buffer).toString('base64')`

			`let event = {`
			`pubkey: ourPubKey,`
			`created_at: Math.floor(Date.now() / 1000),`
			`kind: 4,`
			`tags: [['p', theirPublicKey]],`
			`content: encryptedMessage + '?iv=' + ivBase64`
			`}`
			```