mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-22 08:25:53 -05:00
Deprecate NIP 04
This commit is contained in:
parent
00a8f9532e
commit
30696049cc
4
04.md
4
04.md
|
@ -1,10 +1,12 @@
|
||||||
|
> __Warning__ `unrecommended`: deprecated in favor of [NIP-44](44.md)
|
||||||
|
|
||||||
NIP-04
|
NIP-04
|
||||||
======
|
======
|
||||||
|
|
||||||
Encrypted Direct Message
|
Encrypted Direct Message
|
||||||
------------------------
|
------------------------
|
||||||
|
|
||||||
`final` `optional` `author:arcbtc`
|
`final` `unrecommended` `author:arcbtc`
|
||||||
|
|
||||||
A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:
|
A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:
|
||||||
|
|
||||||
|
|
6
07.md
6
07.md
|
@ -18,8 +18,10 @@ async window.nostr.signEvent(event: Event): Event // takes an event object, adds
|
||||||
Aside from these two basic above, the following functions can also be implemented optionally:
|
Aside from these two basic above, the following functions can also be implemented optionally:
|
||||||
```
|
```
|
||||||
async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies
|
async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies
|
||||||
async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04
|
async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 (deprecated)
|
||||||
async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04
|
async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated)
|
||||||
|
async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns encrypted payload as specified in nip-44
|
||||||
|
async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes encrypted payload as specified in nip-44
|
||||||
```
|
```
|
||||||
|
|
||||||
### Implementation
|
### Implementation
|
||||||
|
|
16
44.md
16
44.md
|
@ -8,7 +8,7 @@ Encrypted Payloads (Versioned)
|
||||||
|
|
||||||
The NIP introduces a versioned encryption data model, allowing multiple algorithm choices to exist simultaneously.
|
The NIP introduces a versioned encryption data model, allowing multiple algorithm choices to exist simultaneously.
|
||||||
|
|
||||||
The algorithm described in NIP4 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random.
|
The algorithm described in NIP-04 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random. For more information, see [here](https://github.com/nostr-protocol/nips/pull/715#issuecomment-1675301250-).
|
||||||
|
|
||||||
An encrypted payload MUST be encoded as a JSON object. Different versions may have different parameters. Every format has a `v` field specifying its version.
|
An encrypted payload MUST be encoded as a JSON object. Different versions may have different parameters. Every format has a `v` field specifying its version.
|
||||||
|
|
||||||
|
@ -17,10 +17,6 @@ Currently defined encryption algorithms:
|
||||||
- `0x00` - Reserved
|
- `0x00` - Reserved
|
||||||
- `0x01` - XChaCha with same key `sha256(ecdh)` per conversation
|
- `0x01` - XChaCha with same key `sha256(ecdh)` per conversation
|
||||||
|
|
||||||
# Version 0
|
|
||||||
|
|
||||||
Version 0 is not defined, however implementations depending on this NIP MAY choose to support the payload described in NIP 04 in the same places a NIP 44 payload would otherwise be expected. This is intended to allow a smooth transition while clients and signing software adopt the new standard.
|
|
||||||
|
|
||||||
# Version 1
|
# Version 1
|
||||||
|
|
||||||
Params:
|
Params:
|
||||||
|
@ -38,11 +34,13 @@ Example:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note**: By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP4, unhashed shared point was used.
|
# Other Notes
|
||||||
|
|
||||||
## Code Samples
|
By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP-94, unhashed shared point was used.
|
||||||
|
|
||||||
### Javascript
|
# Code Samples
|
||||||
|
|
||||||
|
## Javascript
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
import {xchacha20} from "@noble/ciphers/chacha"
|
import {xchacha20} from "@noble/ciphers/chacha"
|
||||||
|
@ -99,7 +97,7 @@ export function decrypt(privkey: string, pubkey: string, payload: string) {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
### Kotlin
|
## Kotlin
|
||||||
|
|
||||||
```kotlin
|
```kotlin
|
||||||
// implementation 'fr.acinq.secp256k1:secp256k1-kmp-jni-android:0.10.1'
|
// implementation 'fr.acinq.secp256k1:secp256k1-kmp-jni-android:0.10.1'
|
||||||
|
|
10
46.md
10
46.md
|
@ -82,12 +82,18 @@ These are mandatory methods the remote signer app MUST implement:
|
||||||
- **get_relays**
|
- **get_relays**
|
||||||
- params []
|
- params []
|
||||||
- result `{ [url: string]: {read: boolean, write: boolean} }`
|
- result `{ [url: string]: {read: boolean, write: boolean} }`
|
||||||
- **nip04_encrypt**
|
- **nip04_encrypt** (deprecated)
|
||||||
- params [`pubkey`, `plaintext`]
|
- params [`pubkey`, `plaintext`]
|
||||||
- result `nip4 ciphertext`
|
- result `nip4 ciphertext`
|
||||||
- **nip04_decrypt**
|
- **nip04_decrypt** (deprecated)
|
||||||
- params [`pubkey`, `nip4 ciphertext`]
|
- params [`pubkey`, `nip4 ciphertext`]
|
||||||
- result [`plaintext`]
|
- result [`plaintext`]
|
||||||
|
- **nip44_encrypt**
|
||||||
|
- params [`pubkey`, `plaintext`]
|
||||||
|
- result `nip44 encrypted payload`
|
||||||
|
- **nip44_decrypt**
|
||||||
|
- params [`pubkey`, `nip44 encrypted payload`]
|
||||||
|
- result [`plaintext`]
|
||||||
|
|
||||||
|
|
||||||
NOTICE: `pubkey` and `signature` are hex-encoded strings.
|
NOTICE: `pubkey` and `signature` are hex-encoded strings.
|
||||||
|
|
|
@ -22,7 +22,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos
|
||||||
- [NIP-01: Basic protocol flow description](01.md)
|
- [NIP-01: Basic protocol flow description](01.md)
|
||||||
- [NIP-02: Contact List and Petnames](02.md)
|
- [NIP-02: Contact List and Petnames](02.md)
|
||||||
- [NIP-03: OpenTimestamps Attestations for Events](03.md)
|
- [NIP-03: OpenTimestamps Attestations for Events](03.md)
|
||||||
- [NIP-04: Encrypted Direct Message](04.md)
|
- [NIP-04: Encrypted Direct Message](04.md) --- **unrecommended**: deprecated in favor of [NIP-44](44.md)
|
||||||
- [NIP-05: Mapping Nostr keys to DNS-based internet identifiers](05.md)
|
- [NIP-05: Mapping Nostr keys to DNS-based internet identifiers](05.md)
|
||||||
- [NIP-06: Basic key derivation from mnemonic seed phrase](06.md)
|
- [NIP-06: Basic key derivation from mnemonic seed phrase](06.md)
|
||||||
- [NIP-07: `window.nostr` capability for web browsers](07.md)
|
- [NIP-07: `window.nostr` capability for web browsers](07.md)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user