Add reference

This commit is contained in:
0xc0de4c0ffee 2023-02-12 17:08:29 +05:45
parent 93f96f060b
commit 901135a0ee

48
xx.md
View File

@ -9,7 +9,7 @@ Nostr specific keys from Ethereum wallet signatures
This NIP ?is optional specification for Nostr clients to generate private key from deterministic Ethereum wallet signatures. This NIP ?is optional specification for Nostr clients to generate private key from deterministic Ethereum wallet signatures.
A) Username : ## A) Username :
``` ```
let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" || "sub.domain.eth.limo" let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" || "sub.domain.eth.limo"
``` ```
@ -21,28 +21,44 @@ let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" ||
~~Implementing clients should verify if generated public keys match NIP05 and NIP02 records.~~ ~~Implementing clients should verify if generated public keys match NIP05 and NIP02 records.~~
B) Message : ## B) Password :
Password is optional value used in HKDF salt:
```js
let username = "name@domain.eth.limo"
let password = "horse staple battery"
let signature = wallet.signMessage(message)
let salt = sha256(`nostr:${username}:${password}:${signature.slice(68)}`);
if(!password || password == ""){
salt = sha256(`nostr:${username}:${signature.slice(68)}`)
}
``` ```
## C) Message :
```js
let message = `Login to Nostr as ${username}\n\nWARNING : DO NOT SIGN THIS REQUEST FROM UNTRUSTED NOSTR CLIENTS.\n${checksum(wallet.address)}` let message = `Login to Nostr as ${username}\n\nWARNING : DO NOT SIGN THIS REQUEST FROM UNTRUSTED NOSTR CLIENTS.\n${checksum(wallet.address)}`
``` ```
## D) Signature :
Signature is
C) Private Key : ## C) HKDF :
We use HKDF with SHA256
```js ```js
import { hkdf } from '@noble/hashes/hkdf'; import { hkdf } from '@noble/hashes/hkdf';
import { sha256 } from '@noble/hashes/sha256'; import { sha256 } from '@noble/hashes/sha256';
import * as secp256k1 from '@noble/secp256k1'; import * as secp256k1 from '@noble/secp256k1';
let username = 'name@domain.eth.limo'; //let username = 'name@domain.eth.limo';
let optPassword = "horse staple battery"; //let optPassword = "horse staple battery";
// optional pin/password // optional pin/password
let address = wallet.getAddress(); //let address = wallet.getAddress();
// get checksum'd address from eth wallet // get checksum'd address from eth wallet
let signature = wallet.signMessage(message); //let signature = wallet.signMessage(message);
// request signature from eth wallet // request signature from eth wallet (v,r,s)
// 0x + bytes1 + bytes32 + bytes32 // 0x + bytes1(v) + bytes32(r) + bytes32(s)
// 2 + (2 + 64 + 64) = 132 length // 2 + (2 + 64 + 64) = 132 String length
let inputKey = sha256(signature); let inputKey = sha256(signature);
let salt = sha256(`nostr:${username}:${optPassword}:${signature.slice(68)}`); //68~132 let salt = sha256(`nostr:${username}:${optPassword}:${signature.slice(68)}`); //68~132
@ -59,3 +75,13 @@ let privKey = nobleSecp256k1.hashToPrivateKey(hashKey);
let pubKey = nobleSecp256k1.getPublicKey(privKey) let pubKey = nobleSecp256k1.getPublicKey(privKey)
``` ```
## Reference :
1) ERC-191: Signed Data Standard - https://eips.ethereum.org/EIPS/eip-191
2) RFC6979: Deterministic Usage of the DSA and ECDSA - https://datatracker.ietf.org/doc/html/rfc6979
3) RFC5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - https://datatracker.ietf.org/doc/html/rfc5869
4) FIPS 186 B.4.1 - https://csrc.nist.gov/publications/detail/fips/186/4/final