From 901135a0eef95107cba51a120316af75bf296cff Mon Sep 17 00:00:00 2001 From: 0xc0de4c0ffee <43116881+0xc0de4c0ffee@users.noreply.github.com> Date: Sun, 12 Feb 2023 17:08:29 +0545 Subject: [PATCH] Add reference --- xx.md | 50 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 38 insertions(+), 12 deletions(-) diff --git a/xx.md b/xx.md index 6a776118..80ca3268 100644 --- a/xx.md +++ b/xx.md @@ -9,7 +9,7 @@ Nostr specific keys from Ethereum wallet signatures This NIP ?is optional specification for Nostr clients to generate private key from deterministic Ethereum wallet signatures. -A) Username : +## A) Username : ``` let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" || "sub.domain.eth.limo" ``` @@ -21,28 +21,44 @@ let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" || ~~Implementing clients should verify if generated public keys match NIP05 and NIP02 records.~~ -B) Message : +## B) Password : +Password is optional value used in HKDF salt: +```js +let username = "name@domain.eth.limo" +let password = "horse staple battery" +let signature = wallet.signMessage(message) +let salt = sha256(`nostr:${username}:${password}:${signature.slice(68)}`); +if(!password || password == ""){ + salt = sha256(`nostr:${username}:${signature.slice(68)}`) +} ``` + + +## C) Message : + +```js let message = `Login to Nostr as ${username}\n\nWARNING : DO NOT SIGN THIS REQUEST FROM UNTRUSTED NOSTR CLIENTS.\n${checksum(wallet.address)}` ``` +## D) Signature : +Signature is -C) Private Key : - +## C) HKDF : +We use HKDF with SHA256 ```js import { hkdf } from '@noble/hashes/hkdf'; import { sha256 } from '@noble/hashes/sha256'; import * as secp256k1 from '@noble/secp256k1'; -let username = 'name@domain.eth.limo'; -let optPassword = "horse staple battery"; +//let username = 'name@domain.eth.limo'; +//let optPassword = "horse staple battery"; // optional pin/password -let address = wallet.getAddress(); +//let address = wallet.getAddress(); // get checksum'd address from eth wallet -let signature = wallet.signMessage(message); -// request signature from eth wallet -// 0x + bytes1 + bytes32 + bytes32 -// 2 + (2 + 64 + 64) = 132 length +//let signature = wallet.signMessage(message); +// request signature from eth wallet (v,r,s) +// 0x + bytes1(v) + bytes32(r) + bytes32(s) +// 2 + (2 + 64 + 64) = 132 String length let inputKey = sha256(signature); let salt = sha256(`nostr:${username}:${optPassword}:${signature.slice(68)}`); //68~132 @@ -58,4 +74,14 @@ let privKey = nobleSecp256k1.hashToPrivateKey(hashKey); //FIPS 186 B.4.1 @noble/secp256k1 let pubKey = nobleSecp256k1.getPublicKey(privKey) -``` \ No newline at end of file +``` + +## Reference : + +1) ERC-191: Signed Data Standard - https://eips.ethereum.org/EIPS/eip-191 + +2) RFC6979: Deterministic Usage of the DSA and ECDSA - https://datatracker.ietf.org/doc/html/rfc6979 + +3) RFC5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - https://datatracker.ietf.org/doc/html/rfc5869 + +4) FIPS 186 B.4.1 - https://csrc.nist.gov/publications/detail/fips/186/4/final \ No newline at end of file