Deprecate NIP 04

This commit is contained in:
Jonathan Staab 2023-08-11 13:09:17 -07:00
parent 00a8f9532e
commit 30696049cc
5 changed files with 23 additions and 15 deletions

4
04.md
View File

@ -1,10 +1,12 @@
> __Warning__ `unrecommended`: deprecated in favor of [NIP-44](44.md)
NIP-04 NIP-04
====== ======
Encrypted Direct Message Encrypted Direct Message
------------------------ ------------------------
`final` `optional` `author:arcbtc` `final` `unrecommended` `author:arcbtc`
A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes: A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:

6
07.md
View File

@ -18,8 +18,10 @@ async window.nostr.signEvent(event: Event): Event // takes an event object, adds
Aside from these two basic above, the following functions can also be implemented optionally: Aside from these two basic above, the following functions can also be implemented optionally:
``` ```
async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies
async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 (deprecated)
async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated)
async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns encrypted payload as specified in nip-44
async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes encrypted payload as specified in nip-44
``` ```
### Implementation ### Implementation

16
44.md
View File

@ -8,7 +8,7 @@ Encrypted Payloads (Versioned)
The NIP introduces a versioned encryption data model, allowing multiple algorithm choices to exist simultaneously. The NIP introduces a versioned encryption data model, allowing multiple algorithm choices to exist simultaneously.
The algorithm described in NIP4 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random. The algorithm described in NIP-04 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random. For more information, see [here](https://github.com/nostr-protocol/nips/pull/715#issuecomment-1675301250-).
An encrypted payload MUST be encoded as a JSON object. Different versions may have different parameters. Every format has a `v` field specifying its version. An encrypted payload MUST be encoded as a JSON object. Different versions may have different parameters. Every format has a `v` field specifying its version.
@ -17,10 +17,6 @@ Currently defined encryption algorithms:
- `0x00` - Reserved - `0x00` - Reserved
- `0x01` - XChaCha with same key `sha256(ecdh)` per conversation - `0x01` - XChaCha with same key `sha256(ecdh)` per conversation
# Version 0
Version 0 is not defined, however implementations depending on this NIP MAY choose to support the payload described in NIP 04 in the same places a NIP 44 payload would otherwise be expected. This is intended to allow a smooth transition while clients and signing software adopt the new standard.
# Version 1 # Version 1
Params: Params:
@ -38,11 +34,13 @@ Example:
} }
``` ```
**Note**: By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP4, unhashed shared point was used. # Other Notes
## Code Samples By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP-94, unhashed shared point was used.
### Javascript # Code Samples
## Javascript
```javascript ```javascript
import {xchacha20} from "@noble/ciphers/chacha" import {xchacha20} from "@noble/ciphers/chacha"
@ -99,7 +97,7 @@ export function decrypt(privkey: string, pubkey: string, payload: string) {
} }
``` ```
### Kotlin ## Kotlin
```kotlin ```kotlin
// implementation 'fr.acinq.secp256k1:secp256k1-kmp-jni-android:0.10.1' // implementation 'fr.acinq.secp256k1:secp256k1-kmp-jni-android:0.10.1'

10
46.md
View File

@ -82,12 +82,18 @@ These are mandatory methods the remote signer app MUST implement:
- **get_relays** - **get_relays**
- params [] - params []
- result `{ [url: string]: {read: boolean, write: boolean} }` - result `{ [url: string]: {read: boolean, write: boolean} }`
- **nip04_encrypt** - **nip04_encrypt** (deprecated)
- params [`pubkey`, `plaintext`] - params [`pubkey`, `plaintext`]
- result `nip4 ciphertext` - result `nip4 ciphertext`
- **nip04_decrypt** - **nip04_decrypt** (deprecated)
- params [`pubkey`, `nip4 ciphertext`] - params [`pubkey`, `nip4 ciphertext`]
- result [`plaintext`] - result [`plaintext`]
- **nip44_encrypt**
- params [`pubkey`, `plaintext`]
- result `nip44 encrypted payload`
- **nip44_decrypt**
- params [`pubkey`, `nip44 encrypted payload`]
- result [`plaintext`]
NOTICE: `pubkey` and `signature` are hex-encoded strings. NOTICE: `pubkey` and `signature` are hex-encoded strings.

View File

@ -22,7 +22,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos
- [NIP-01: Basic protocol flow description](01.md) - [NIP-01: Basic protocol flow description](01.md)
- [NIP-02: Contact List and Petnames](02.md) - [NIP-02: Contact List and Petnames](02.md)
- [NIP-03: OpenTimestamps Attestations for Events](03.md) - [NIP-03: OpenTimestamps Attestations for Events](03.md)
- [NIP-04: Encrypted Direct Message](04.md) - [NIP-04: Encrypted Direct Message](04.md) --- **unrecommended**: deprecated in favor of [NIP-44](44.md)
- [NIP-05: Mapping Nostr keys to DNS-based internet identifiers](05.md) - [NIP-05: Mapping Nostr keys to DNS-based internet identifiers](05.md)
- [NIP-06: Basic key derivation from mnemonic seed phrase](06.md) - [NIP-06: Basic key derivation from mnemonic seed phrase](06.md)
- [NIP-07: `window.nostr` capability for web browsers](07.md) - [NIP-07: `window.nostr` capability for web browsers](07.md)