From ec8eb9af0b43e42e974877f539940894e84f4847 Mon Sep 17 00:00:00 2001 From: arthurfranca Date: Thu, 7 Nov 2024 10:41:00 -0300 Subject: [PATCH 01/16] NIP-22 - Comment (#1233) Co-authored-by: dluvian <133484344+dluvian@users.noreply.github.com> Co-authored-by: Vitor Pamplona --- 22.md | 184 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 22.md diff --git a/22.md b/22.md new file mode 100644 index 0000000..3706aec --- /dev/null +++ b/22.md @@ -0,0 +1,184 @@ +NIP-22 +====== + +Comment +------- + +`draft` `optional` + +A comment is a threading note always scoped to a root event or an `I`-tag. + +It uses `kind:1111` with plaintext `.content` (no HTML, Markdown, or other formatting). + +Comments MUST point to the root scope using uppercase tag names (e.g. `K`, `E`, `A` or `I`) +and MUST point to the parent item with lowercase ones (e.g. `k`, `e`, `a` or `i`). + +```js +{ + kind: 1111, + content: '', + tags: [ + // root scope: event addresses, event ids, or I-tags. + ["", "", "", ""], + // the root item kind + ["K", ""], + + // parent item: event addresses, event ids, or i-tags. + ["", "", "", ""], + // parent item kind + ["k", ""] + ] + // other fields +} +``` + +Tags `K` and `k` MUST be present to define the event kind of the root and the parent items. + +`I` and `i` tags create scopes for hashtags, geohashes, URLs, and other external identifiers. + +The possible values for `i` tags – and `k` tags, when related to an extenal identity – are listed on [NIP-73](73.md). +Their uppercase versions use the same type of values but relate to the root item instead of the parent one. + +`q` tags MAY be used when citing events in the `.content` with [NIP-21](21.md). + +```json +["q", " or ", "", ""] +``` + +`p` tags SHOULD be used when mentioning pubkeys in the `.content` with [NIP-21](21.md). +If the parent item is an event, a `p` tag set to the parent event's author SHOULD be added. + +```json +["p", "", ""] +``` + +## Examples + +A comment on a blog post looks like this: + +```js +{ + kind: 1111, + content: 'Great blog post!', + tags: [ + // top-level comments scope to event addresses or ids + ["A", "30023:3c9849383bdea883b0bd16fece1ed36d37e37cdde3ce43b17ea4e9192ec11289:f9347ca7", "wss://example.relay"], + // the root kind + ["K", "30023"], + + // the parent event address (same as root for top-level comments) + ["a", "30023:3c9849383bdea883b0bd16fece1ed36d37e37cdde3ce43b17ea4e9192ec11289:f9347ca7", "wss://example.relay"], + // when the parent event is replaceable or addressable, also include an `e` tag referencing its id + ["e", "5b4fc7fed15672fefe65d2426f67197b71ccc82aa0cc8a9e94f683eb78e07651", "wss://example.relay"], + // the parent event kind + ["k", "30023"] + ] + // other fields +} +``` + +A comment on a [NIP-94](94.md) file looks like this: + +```js +{ + kind: 1111, + content: 'Great file!', + tags: [ + // top-level comments have the same scope and reply to addresses or ids + ["E", "768ac8720cdeb59227cf95e98b66560ef03d8bc9a90d721779e76e68fb42f5e6", "wss://example.relay", "3721e07b079525289877c366ccab47112bdff3d1b44758ca333feb2dbbbbe5bb"], + // the root kind + ["K", "1063"], + + // the parent event id (same as root for top-level comments) + ["e", "768ac8720cdeb59227cf95e98b66560ef03d8bc9a90d721779e76e68fb42f5e6", "wss://example.relay", "3721e07b079525289877c366ccab47112bdff3d1b44758ca333feb2dbbbbe5bb"], + // the parent kind + ["k", "1063"] + ] + // other fields +} +``` + +A reply to a comment looks like this: + +```js +{ + kind: 1111, + content: 'This is a reply to "Great file!"', + tags: [ + // nip-94 file event id + ["E", "768ac8720cdeb59227cf95e98b66560ef03d8bc9a90d721779e76e68fb42f5e6", "wss://example.relay", "fd913cd6fa9edb8405750cd02a8bbe16e158b8676c0e69fdc27436cc4a54cc9a"], + // the root kind + ["K", "1063"], + + // the parent event + ["e", "5c83da77af1dec6d7289834998ad7aafbd9e2191396d75ec3cc27f5a77226f36", "wss://example.relay", "93ef2ebaaf9554661f33e79949007900bbc535d239a4c801c33a4d67d3e7f546"], + // the parent kind + ["k", "1111"] + ] + // other fields +} +``` + +A comment on a website's url looks like this: + +```js +{ + kind: 1111, + content: 'Nice article!', + tags: [ + // referencing the root url + ["I", "https://abc.com/articles/1"], + // the root "kind": for an url, the kind is its domain + ["K", "https://abc.com"], + + // the parent reference (same as root for top-level comments) + ["i", "https://abc.com/articles/1"], + // the parent "kind": for an url, the kind is its domain + ["k", "https://abc.com"] + ] + // other fields +} +``` + +A podcast comment example: + +```js +{ + id: "80c48d992a38f9c445b943a9c9f1010b396676013443765750431a9004bdac05", + pubkey: "252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111", + kind: 1111, + content: "This was a great episode!", + tags: [ + // podcast episode reference + ["I", "podcast:item:guid:d98d189b-dc7b-45b1-8720-d4b98690f31f", "https://fountain.fm/episode/z1y9TMQRuqXl2awyrQxg"], + // podcast episode type + ["K", "podcast:item:guid"], + + // same value as "I" tag above, because it is a top-level comment (not a reply to a comment) + ["i", "podcast:item:guid:d98d189b-dc7b-45b1-8720-d4b98690f31f", "https://fountain.fm/episode/z1y9TMQRuqXl2awyrQxg"], + ["k", "podcast:item:guid"] + ] + // other fields +} +``` + +A reply to a podcast comment: + +```js +{ + kind: 1111, + content: "I'm replying to the above comment.", + tags: [ + // podcast episode reference + ["I", "podcast:item:guid:d98d189b-dc7b-45b1-8720-d4b98690f31f", "https://fountain.fm/episode/z1y9TMQRuqXl2awyrQxg"], + // podcast episode type + ["K", "podcast:item:guid"], + + // this is a reference to the above comment + ["e", "80c48d992a38f9c445b943a9c9f1010b396676013443765750431a9004bdac05", "wss://example.relay", "252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111"], + // the parent comment kind + ["k", "1111"] + ] + // other fields +} +``` From 690e1b065ca789b04edce220d23bf6e39f6891bd Mon Sep 17 00:00:00 2001 From: Asai Toshiya Date: Wed, 6 Nov 2024 22:40:46 +0900 Subject: [PATCH 02/16] nip29: add kind 9009 to moderation events table. --- 29.md | 1 + 1 file changed, 1 insertion(+) diff --git a/29.md b/29.md index 80e0f96..885dae4 100644 --- a/29.md +++ b/29.md @@ -175,6 +175,7 @@ Each moderation action uses a different kind and requires different arguments, w | 9005 | `delete-event` | | | 9007 | `create-group` | | | 9008 | `delete-group` | | +| 9009 | `create-invite` | | It's expected that the group state (of who is an allowed member or not, who is an admin and with which permission or not, what are the group name and picture etc) can be fully reconstructed from the canonical sequence of these events. From b0840be3124ee04abadc68155d71dbd6abaa6bde Mon Sep 17 00:00:00 2001 From: Asai Toshiya Date: Fri, 8 Nov 2024 09:45:19 +0900 Subject: [PATCH 03/16] add NIP-22 to index. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 32fbd78..fc53a0a 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-18: Reposts](18.md) - [NIP-19: bech32-encoded entities](19.md) - [NIP-21: `nostr:` URI scheme](21.md) +- [NIP-22: Comment](22.md) - [NIP-23: Long-form Content](23.md) - [NIP-24: Extra metadata fields and tags](24.md) - [NIP-25: Reactions](25.md) From 29696eb364d8a0cd609efa85b450c174c5806eda Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Sat, 9 Nov 2024 08:53:01 -0300 Subject: [PATCH 04/16] rename kind:11 as "forum thread root". --- 29.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/29.md b/29.md index 885dae4..ed57e51 100644 --- a/29.md +++ b/29.md @@ -66,9 +66,9 @@ These are the events expected to be found in NIP-29 groups. These events generally can be sent by all members of a group and they require the `h` tag to be present so they're attached to a specific group. -- *text root note* (`kind:11`) +- *thread root post* (`kind:11`) -This is the basic unit of a "microblog" root text note sent to a group. +This is the basic unit of a forum-like root thread post sent to a group. ```jsonc "kind": 11, From 39154346bb691191a1fc734e53d5eda08a1eec79 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Sat, 9 Nov 2024 08:56:29 -0300 Subject: [PATCH 05/16] remove kind:10 and note that kind:1111 could be used. --- 29.md | 41 ++++++++++++++--------------------------- 1 file changed, 14 insertions(+), 27 deletions(-) diff --git a/29.md b/29.md index ed57e51..b02cad2 100644 --- a/29.md +++ b/29.md @@ -66,28 +66,7 @@ These are the events expected to be found in NIP-29 groups. These events generally can be sent by all members of a group and they require the `h` tag to be present so they're attached to a specific group. -- *thread root post* (`kind:11`) - -This is the basic unit of a forum-like root thread post sent to a group. - -```jsonc - "kind": 11, - "content": "hello my friends lovers of pizza", - "tags": [ - ["h", ""], - ["previous", "", "", /*...*/] - ] - // other fields... -``` - -- *threaded text reply* (`kind:12`) - -This is the basic unit of a "microblog" reply note sent to a group. It's the same as `kind:11`, except for the fact that it must be used whenever it's in reply to some other note (either in reply to a `kind:11` or a `kind:12`). `kind:12` events SHOULD use NIP-10 markers, leaving an empty relay url: - -* `["e", "", "", "root"]` -* `["e", "", "", "reply"]` - -- *chat message* (`kind:9`) +- _chat message_ (`kind:9`) This is the basic unit of a _chat message_ sent to a group. @@ -101,15 +80,23 @@ This is the basic unit of a _chat message_ sent to a group. // other fields... ``` -- *chat message threaded reply* (`kind:10`) +- _thread root post_ (`kind:11`) -Similar to `kind:12`, this is the basic unit of a chat message sent to a group. This is intended for in-chat threads that may be hidden by default. Not all in-chat replies MUST use `kind:10`, only when the intention is to create a hidden thread that isn't part of the normal flow of the chat (although clients are free to display those by default too). +This is the basic unit of a forum-like root thread post sent to a group. -`kind:10` SHOULD use NIP-10 markers, just like `kind:12`. +```jsonc + "kind": 11, + "content": "hello my friends lovers of pizza", + "tags": [ + ["h", ""], + ["previous", "", "", /*...*/] + ] + // other fields... +``` -- other events: +- _other events_: -Groups may also accept other events, like long-form articles, calendar, livestream, market announcements and so on. These should be as defined in their respective NIPs, with the addition of the `h` tag. +Groups may also accept other events, like [NIP-22](22.md) comments as threaded replies to both chats messages and threads, long-form articles, calendar, livestreams, market announcements and so on. These should be as defined in their respective NIPs, with the addition of the `h` tag. ### User-related group management events From b58f02925e7ea05e9f104041cb6e42d146ab4c54 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Sat, 9 Nov 2024 08:56:43 -0300 Subject: [PATCH 06/16] rename kind:9000 to "put-user" instead of "add-user". --- 29.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/29.md b/29.md index b02cad2..5526b74 100644 --- a/29.md +++ b/29.md @@ -156,7 +156,7 @@ Each moderation action uses a different kind and requires different arguments, w | kind | name | tags | | --- | --- | --- | -| 9000 | `add-user` | `p` with pubkey hex and optional roles | +| 9000 | `put-user` | `p` with pubkey hex and optional roles | | 9001 | `remove-user` | `p` with pubkey hex | | 9002 | `edit-metadata` | fields from `kind:39000` to be modified | | 9005 | `delete-event` | | From b79e46d33cdbe275080a0cb6c7db8e84c685bdb4 Mon Sep 17 00:00:00 2001 From: laanwj <126646+laanwj@users.noreply.github.com> Date: Sat, 9 Nov 2024 14:34:29 +0100 Subject: [PATCH 07/16] readme: Add standardized tags for NIP-35 (torrents) (#1575) --- README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index fc53a0a..73e3f18 100644 --- a/README.md +++ b/README.md @@ -268,7 +268,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `-` | -- | -- | [70](70.md) | | `g` | geohash | -- | [52](52.md) | | `h` | group id | -- | [29](29.md) | -| `i` | external identity | proof, url hint | [39](39.md), [73](73.md) | +| `i` | external identity | proof, url hint | [35](35.md), [39](39.md), [73](73.md) | | `k` | kind | -- | [18](18.md), [25](25.md), [72](72.md), [73](73.md) | | `l` | label, label namespace | -- | [32](32.md) | | `L` | label namespace | -- | [32](32.md) | @@ -276,7 +276,8 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `q` | event id (hex) | relay URL, pubkey (hex) | [18](18.md) | | `r` | a reference (URL, etc) | -- | [24](24.md), [25](25.md) | | `r` | relay url | marker | [65](65.md) | -| `t` | hashtag | -- | [24](24.md), [34](34.md) | +| `t` | hashtag | -- | [24](24.md), [34](34.md), [35](35.md) | +| `x` | infohash | -- | [35](35.md) | | `alt` | summary | -- | [31](31.md) | | `amount` | millisatoshis, stringified | -- | [57](57.md) | | `bolt11` | `bolt11` invoice | -- | [57](57.md) | @@ -289,6 +290,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `emoji` | shortcode, image URL | -- | [30](30.md) | | `encrypted` | -- | -- | [90](90.md) | | `expiration` | unix timestamp (string) | -- | [40](40.md) | +| `file` | full path (string) | -- | [35](35.md) | | `goal` | event id (hex) | relay URL | [75](75.md) | | `image` | image URL | dimensions in pixels | [23](23.md), [52](52.md), [58](58.md) | | `imeta` | inline metadata | -- | [92](92.md) | @@ -307,6 +309,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `summary` | summary | -- | [23](23.md), [52](52.md) | | `thumb` | badge thumbnail | dimensions in pixels | [58](58.md) | | `title` | article title | -- | [23](23.md) | +| `tracker` | torrent tracker URL | -- | [35](35.md) | | `web` | webpage URL | -- | [34](34.md) | | `zap` | pubkey (hex), relay URL | weight | [57](57.md) | From 18bdc0ce8c80b68cd8e2c30c0dfd12c43e8b8bc0 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Sat, 9 Nov 2024 15:41:25 -0300 Subject: [PATCH 08/16] nip29: add missing "e" tag in kind:9005. --- 29.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/29.md b/29.md index 5526b74..e4673dd 100644 --- a/29.md +++ b/29.md @@ -159,7 +159,7 @@ Each moderation action uses a different kind and requires different arguments, w | 9000 | `put-user` | `p` with pubkey hex and optional roles | | 9001 | `remove-user` | `p` with pubkey hex | | 9002 | `edit-metadata` | fields from `kind:39000` to be modified | -| 9005 | `delete-event` | | +| 9005 | `delete-event` | `e` with event id hex | | 9007 | `create-group` | | | 9008 | `delete-group` | | | 9009 | `create-invite` | | From b8a5447e264333f1fb009fce9ea631c3d1009db9 Mon Sep 17 00:00:00 2001 From: Vitor Pamplona Date: Sat, 9 Nov 2024 15:37:10 -0500 Subject: [PATCH 09/16] adds missing single letter tags --- README.md | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 73e3f18..9bc2599 100644 --- a/README.md +++ b/README.md @@ -261,23 +261,32 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | name | value | other parameters | NIP | | ----------------- | ------------------------------------ | ------------------------------- | -------------------------------------------------- | -| `e` | event id (hex) | relay URL, marker, pubkey (hex) | [01](01.md), [10](10.md) | -| `p` | pubkey (hex) | relay URL, petname | [01](01.md), [02](02.md) | | `a` | coordinates to an event | relay URL | [01](01.md) | +| `A` | root address | relay URL | [22](22.md) | | `d` | identifier | -- | [01](01.md) | -| `-` | -- | -- | [70](70.md) | +| `e` | event id (hex) | relay URL, marker, pubkey (hex) | [01](01.md), [10](10.md) | +| `E` | root event i | relay URL | [22](22.md) | +| `f` | currency code | -- | [69](69.md) | | `g` | geohash | -- | [52](52.md) | | `h` | group id | -- | [29](29.md) | | `i` | external identity | proof, url hint | [35](35.md), [39](39.md), [73](73.md) | +| `I` | root external identity | -- | [22](22.md) | | `k` | kind | -- | [18](18.md), [25](25.md), [72](72.md), [73](73.md) | +| `K` | root scope | -- | [22](22.md) | | `l` | label, label namespace | -- | [32](32.md) | | `L` | label namespace | -- | [32](32.md) | | `m` | MIME type | -- | [94](94.md) | +| `p` | pubkey (hex) | relay URL, petname | [01](01.md), [02](02.md) | | `q` | event id (hex) | relay URL, pubkey (hex) | [18](18.md) | | `r` | a reference (URL, etc) | -- | [24](24.md), [25](25.md) | | `r` | relay url | marker | [65](65.md) | +| `s` | status | -- | [69](69.md) | | `t` | hashtag | -- | [24](24.md), [34](34.md), [35](35.md) | +| `u` | url | -- | [61](61.md), [98](98.md) | | `x` | infohash | -- | [35](35.md) | +| `y` | platform | -- | [69](69.md) | +| `z` | order number | -- | [69](69.md) | +| `-` | -- | -- | [70](70.md) | | `alt` | summary | -- | [31](31.md) | | `amount` | millisatoshis, stringified | -- | [57](57.md) | | `bolt11` | `bolt11` invoice | -- | [57](57.md) | From 926a51e72206dfa71b9950a0ce58b54a7422aad2 Mon Sep 17 00:00:00 2001 From: "Nostr.Band" <124499563+nostrband@users.noreply.github.com> Date: Tue, 12 Nov 2024 01:35:42 +0100 Subject: [PATCH 10/16] Nip46 upgrade part2: remove nip05 and create_account, clarify nostrconnect, cleanup, add nip05 signer metadata (#1553) --- 46.md | 173 ++++++++++++++++++++++++++++------------------------------ 1 file changed, 83 insertions(+), 90 deletions(-) diff --git a/46.md b/46.md index c356a9c..60850aa 100644 --- a/46.md +++ b/46.md @@ -6,7 +6,7 @@ Nostr Remote Signing ## Changes -`remote-signer-key` is introduced, passed in bunker url, clients must differentiate between `remote-signer-pubkey` and `user-pubkey`, must call `get_public_key` after connect. +`remote-signer-key` is introduced, passed in bunker url, clients must differentiate between `remote-signer-pubkey` and `user-pubkey`, must call `get_public_key` after connect, nip05 login is removed, create_account moved to another NIP. ## Rationale @@ -25,6 +25,14 @@ This NIP describes a method for 2-way communication between a remote signer and All pubkeys specified in this NIP are in hex format. +## Overview + +1. _client_ generates `client-keypair`. This keypair doesn't need to be communicated to _user_ since it's largely disposable. _client_ might choose to store it locally and they should delete it on logout; +2. A connection is established (see below), _remote-signer_ learns `client-pubkey`, _client_ learns `remote-signer-pubkey`. +3. _client_ uses `client-keypair` to send requests to _remote-signer_ by `p`-tagging and encrypting to `remote-signer-pubkey`; +4. _remote-signer_ responds to _client_ by `p`-tagging and encrypting to the `client-pubkey`. +5. _client_ requests `get_public_key` to learn `user-pubkey`. + ## Initiating a connection There are two ways to initiate a connection: @@ -37,66 +45,16 @@ _remote-signer_ provides connection token in the form: bunker://?relay=&relay=&secret= ``` -_user_ pastes this token on _client_, which then uses the details to connect to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old optional secret. +_user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. -### Direct connection initiated by the client +### Direct connection initiated by the _client_ -In this case, basically the opposite direction of the first case, _client_ provides a connection token (or encodes the token in a QR code) and _remote-signer_ initiates a connection via the specified relays. +_client_ provides a connection token in the form: ``` -nostrconnect://?relay=&metadata= +nostrconnect://?relay=&metadata=&secret= ``` - -## The flow - -1. _client_ generates `client-keypair`. This keypair doesn't need to be communicated to _user_ since it's largely disposable. _client_ might choose to store it locally and they should delete it on logout; -2. _client_ gets `remote-signer-pubkey` (either via a `bunker://` connection string or a NIP-05 login-flow; shown below); -3. _client_ use `client-keypair` to send requests to _remote-signer_ by `p`-tagging and encrypting to `remote-signer-pubkey`; -4. _remote-signer_ responds to _client_ by `p`-tagging and encrypting to the `client-pubkey`. - -### Example flow for signing an event - -- `remote-signer-pubkey` is `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` -- `user-pubkey` is also `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` -- `client-pubkey` is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` - -#### Signature request - -```js -{ - "kind": 24133, - "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", - "content": nip04({ - "id": , - "method": "sign_event", - "params": [json_stringified(<{ - content: "Hello, I'm signing remotely", - kind: 1, - tags: [], - created_at: 1714078911 - }>)] - }), - "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote-signer-pubkey -} -``` - -#### Response event - -```js -{ - "kind": 24133, - "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", - "content": nip04({ - "id": , - "result": json_stringified() - }), - "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the client-pubkey -} -``` - -#### Diagram - -![signing-example](https://i.nostr.build/P3gW.png) +_user_ passes this token to _remote-signer_, which then sends `connect` *response* event to the `client-pubkey` via the specified relays. Client discovers `remote-signer-pubkey` from connect response author. `secret` value MUST be provided to avoid connection spoofing, _client_ MUST validate the `secret` returned by `connect` response. ## Request Events `kind: 24133` @@ -125,11 +83,11 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Methods/Commands -Each of the following are methods that the client sends to the remote signer. +Each of the following are methods that the _client_ sends to the _remote-signer_. | Command | Params | Result | | ------------------------ | ------------------------------------------------- | ---------------------------------------------------------------------- | -| `connect` | `[, , ]` | "ack" | +| `connect` | `[, , ]` | "ack" OR `` | | `sign_event` | `[<{kind, content, tags, created_at}>]` | `json_stringified()` | | `ping` | `[]` | "pong" | | `get_relays` | `[]` | `json_stringified({: {read: , write: }})` | @@ -138,11 +96,10 @@ Each of the following are methods that the client sends to the remote signer. | `nip04_decrypt` | `[, ]` | `` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | -| `create_account` | `[<username>, <domain>, <optional_email>, <optional_requested_permissions>]` | `<newly_created_user_pubkey>` | ### Requested permissions -The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. +The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. Same permission format may be used for `perms` field of `metadata` in `nostrconnect://` string. ## Response Events `kind:24133` @@ -171,9 +128,54 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted - `results` is a string of the result of the call (this can be either a string or a JSON stringified object) - `error`, _optionally_, it is an error in string form, if any. Its presence indicates an error with the request. -### Auth Challenges +## Example flow for signing an event -An Auth Challenge is a response that a remote signer can send back when it needs the user to authenticate via other means. This is currently used in the OAuth-like flow enabled by signers like [Nsecbunker](https://github.com/kind-0/nsecbunkerd/). The response `content` object will take the following form: +- `remote-signer-pubkey` is `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `user-pubkey` is also `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `client-pubkey` is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` + +### Signature request + +```js +{ + "kind": 24133, + "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", + "content": nip04({ + "id": <random_string>, + "method": "sign_event", + "params": [json_stringified(<{ + content: "Hello, I'm signing remotely", + kind: 1, + tags: [], + created_at: 1714078911 + }>)] + }), + "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote-signer-pubkey +} +``` + +### Response event + +```js +{ + "kind": 24133, + "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", + "content": nip04({ + "id": <random_string>, + "result": json_stringified(<signed-event>) + }), + "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the client-pubkey +} +``` + +### Diagram + +![signing-example](https://i.nostr.build/P3gW.png) + + +## Auth Challenges + +An Auth Challenge is a response that a _remote-signer_ can send back when it needs the _user_ to authenticate via other means. The response `content` object will take the following form: ```json { @@ -183,42 +185,33 @@ An Auth Challenge is a response that a remote signer can send back when it needs } ``` -Clients should display (in a popup or new tab) the URL from the `error` field and then subscribe/listen for another response from the remote signer (reusing the same request ID). This event will be sent once the user authenticates in the other window (or will never arrive if the user doesn't authenticate). It's also possible to add a `redirect_uri` url parameter to the auth_url, which is helpful in situations when a client cannot open a new window or tab to display the auth challenge. +_client_ should display (in a popup or new tab) the URL from the `error` field and then subscribe/listen for another response from the _remote-signer_ (reusing the same request ID). This event will be sent once the user authenticates in the other window (or will never arrive if the user doesn't authenticate). -#### Example event signing request with auth challenge +### Example event signing request with auth challenge ![signing-example-with-auth-challenge](https://i.nostr.build/W3aj.png) ## Appendix -### NIP-05 Login Flow +### Announcing _remote-signer_ metadata -Clients might choose to present a more familiar login flow, so users can type a NIP-05 address instead of a `bunker://` string. +_remote-signer_ MAY publish it's metadata by using [NIP-05](05.md) and [NIP-89](89.md). With NIP-05, a request to `<remote-signer>/.well-known/nostr.json?name=_` MAY return this: +``` +{ + "names":{ + "_": <remote-signer-app-pubkey>, + }, + "nip46": { + "relays": ["wss://relay1","wss://relay2"...], + "nostrconnect_url": "https://remote-signer-domain.com/<nostrconnect>" + } +} +``` -When the user types a NIP-05 the client: +The `<remote-signer-app-pubkey>` MAY be used to verify the domain from _remote-signer_'s NIP-89 event (see below). `relays` SHOULD be used to construct a more precise `nostrconnect://` string for the specific `remote-signer`. `nostrconnect_url` template MAY be used to redirect users to _remote-signer_'s connection flow by replacing `<nostrconnect>` placeholder with an actual `nostrconnect://` string. -- Queries the `/.well-known/nostr.json` file from the domain for the NIP-05 address provided to get the user's pubkey (this is the `user-pubkey`) -- In the same `/.well-known/nostr.json` file, queries for the `nip46` key to get the relays that the remote signer will be listening on. -- Now the client has enough information to send commands to the remote signer on behalf of the user. +### Remote signer discovery via NIP-89 -### OAuth-like Flow +_remote-signer_ MAY publish a NIP-89 `kind: 31990` event with `k` tag of `24133`, which MAY also include one or more `relay` tags and MAY include `nostrconnect_url` tag. The semantics of `relay` and `nostrconnect_url` tags are the same as in the section above. -#### Remote signer discovery via NIP-89 - -In this last case, most often used to facilitate an OAuth-like signin flow, the client first looks for remote signers that have announced themselves via NIP-89 application handler events. - -First the client will query for `kind: 31990` events that have a `k` tag of `24133`. - -These are generally shown to a user, and once the user selects which remote signer to use and provides the `user-pubkey` they want to use (via npub, pubkey, or nip-05 value), the client can initiate a connection. Note that it's on the user to select the _remote-signer_ that is actually managing the `user-keypair` that they would like to use in this case. If the `user-pubkey` is managed on another _remote-signer_ the connection will fail. - -In addition, it's important that clients validate that the pubkey of the announced _remote-signer_ matches the pubkey of the `_` entry in the `/.well-known/nostr.json` file of the remote signer's announced domain. - -Clients that allow users to create new accounts should also consider validating the availability of a given username in the namespace of remote signer's domain by checking the `/.well-known/nostr.json` file for existing usernames. Clients can then show users feedback in the UI before sending a `create_account` event to the remote signer and receiving an error in return. Ideally, remote signers would also respond with understandable error messages if a client tries to create an account with an existing username. - -#### Example Oauth-like flow to create a new user account with Nsecbunker - -Coming soon... - -## References - -- [NIP-04 - Encryption](04.md) +_client_ MAY improve UX by discovering _remote-signers_ using their `kind: 31990` events. _client_ MAY then pre-generate `nostrconnect://` strings for the _remote-signers_, and SHOULD in that case verify that `kind: 31990` event's author is mentioned in signer's `nostr.json?name=_` file as `<remote-signer-app-pubkey>`. From 3e540a38e2da3e4ce93f50b2fb6f9009721db10d Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Thu, 14 Nov 2024 22:43:44 +0900 Subject: [PATCH 11/16] update kinds table. --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9bc2599..ffda69c 100644 --- a/README.md +++ b/README.md @@ -108,9 +108,9 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `7` | Reaction | [25](25.md) | | `8` | Badge Award | [58](58.md) | | `9` | Group Chat Message | [29](29.md) | -| `10` | Group Chat Threaded Reply | [29](29.md) | +| `10` | Group Chat Threaded Reply | 29 (deprecated) | | `11` | Group Thread | [29](29.md) | -| `12` | Group Thread Reply | [29](29.md) | +| `12` | Group Thread Reply | 29 (deprecated) | | `13` | Seal | [59](59.md) | | `14` | Direct Message | [17](17.md) | | `16` | Generic Repost | [18](18.md) | @@ -127,6 +127,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `1040` | OpenTimestamps | [03](03.md) | | `1059` | Gift Wrap | [59](59.md) | | `1063` | File Metadata | [94](94.md) | +| `1111` | Comment | [22](22.md) | | `1311` | Live Chat Message | [53](53.md) | | `1617` | Patches | [34](34.md) | | `1621` | Issues | [34](34.md) | From 8f112857a256f2a6af943a28d45f30b363d1627a Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Fri, 15 Nov 2024 08:34:58 +0900 Subject: [PATCH 12/16] fix typo. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ffda69c..cbd45cf 100644 --- a/README.md +++ b/README.md @@ -266,7 +266,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `A` | root address | relay URL | [22](22.md) | | `d` | identifier | -- | [01](01.md) | | `e` | event id (hex) | relay URL, marker, pubkey (hex) | [01](01.md), [10](10.md) | -| `E` | root event i | relay URL | [22](22.md) | +| `E` | root event id | relay URL | [22](22.md) | | `f` | currency code | -- | [69](69.md) | | `g` | geohash | -- | [52](52.md) | | `h` | group id | -- | [29](29.md) | From eca0a83d097e274bc1c4b416315b5f2e924f7e02 Mon Sep 17 00:00:00 2001 From: Vitor Pamplona <vitor@vitorpamplona.com> Date: Thu, 14 Nov 2024 16:53:33 -0500 Subject: [PATCH 13/16] Moves deprecated stuff to the bottom --- 10.md | 57 ++++++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/10.md b/10.md index 94db4fa..c1d5068 100644 --- a/10.md +++ b/10.md @@ -10,33 +10,6 @@ On "e" and "p" tags in Text Events (kind 1) ## Abstract This NIP describes how to use "e" and "p" tags in text events, especially those that are replies to other text events. It helps clients thread the replies into a tree rooted at the original event. -## Positional "e" tags (DEPRECATED) ->This scheme is in common use; but should be considered deprecated. - -`["e", <event-id>, <relay-url>]` as per NIP-01. - -Where: - - * `<event-id>` is the id of the event being referenced. - * `<relay-url>` is the URL of a recommended relay associated with the reference. Many clients treat this field as optional. - -**The positions of the "e" tags within the event denote specific meanings as follows**: - - * No "e" tag: <br> - This event is not a reply to, nor does it refer to, any other event. - - * One "e" tag: <br> - `["e", <id>]`: The id of the event to which this event is a reply. - - * Two "e" tags: `["e", <root-id>]`, `["e", <reply-id>]` <br> - `<root-id>` is the id of the event at the root of the reply chain. `<reply-id>` is the id of the article to which this event is a reply. - - * Many "e" tags: `["e", <root-id>]` `["e", <mention-id>]`, ..., `["e", <reply-id>]`<br> -There may be any number of `<mention-ids>`. These are the ids of events which may, or may not be in the reply chain. -They are citing from this event. `root-id` and `reply-id` are as above. - ->This scheme is deprecated because it creates ambiguities that are difficult, or impossible to resolve when an event references another but is not a reply. - ## Marked "e" tags (PREFERRED) `["e", <event-id>, <relay-url>, <marker>, <pubkey>]` @@ -62,3 +35,33 @@ When replying to a text event E the reply event's "p" tags should contain all of Example: Given a text event authored by `a1` with "p" tags [`p1`, `p2`, `p3`] then the "p" tags of the reply should be [`a1`, `p1`, `p2`, `p3`] in no particular order. + +## Deprecated Positional "e" tags + +This scheme is not in common use anymore and is here just to keep backward compatibility with older events on the network. + +Positional `e` tags are deprecated because they create ambiguities that are difficult, or impossible to resolve when an event references another but is not a reply. + +They use simple `e` tags without any marker. + +`["e", <event-id>, <relay-url>]` as per NIP-01. + +Where: + + * `<event-id>` is the id of the event being referenced. + * `<relay-url>` is the URL of a recommended relay associated with the reference. Many clients treat this field as optional. + +**The positions of the "e" tags within the event denote specific meanings as follows**: + + * No "e" tag: <br> + This event is not a reply to, nor does it refer to, any other event. + + * One "e" tag: <br> + `["e", <id>]`: The id of the event to which this event is a reply. + + * Two "e" tags: `["e", <root-id>]`, `["e", <reply-id>]` <br> + `<root-id>` is the id of the event at the root of the reply chain. `<reply-id>` is the id of the article to which this event is a reply. + + * Many "e" tags: `["e", <root-id>]` `["e", <mention-id>]`, ..., `["e", <reply-id>]`<br> +There may be any number of `<mention-ids>`. These are the ids of events which may, or may not be in the reply chain. +They are citing from this event. `root-id` and `reply-id` are as above. \ No newline at end of file From 8794be6775a6264a82ed8044b14f3c5e4eb01122 Mon Sep 17 00:00:00 2001 From: Josh Brown <josh@roadfiresoftware.com> Date: Fri, 15 Nov 2024 11:14:19 -0500 Subject: [PATCH 14/16] Fix typo in NIP-29 --- 29.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/29.md b/29.md index e4673dd..f0ba8ab 100644 --- a/29.md +++ b/29.md @@ -26,7 +26,7 @@ Group identifiers must be strings restricted to the characters `a-z0-9-_`. When encountering just the `<host>` without the `'<group-id>`, clients can choose to connect to the group with id `_`, which is a special top-level group dedicated to relay-local discussions. -Group identifiers in most cases should be random or pseudo-random, as that mitigates message replay confusiong and ensures they can be migrated or forked to other relays easily without risking conflicting with other groups using the same id in these new relays. This isn't a hard rule, as, for example, in `unmanaged` and/or ephemeral relays groups might not want to migrate ever, so they might not care about this. Notably, the `_` relay-local group isn't expected to be migrated ever. +Group identifiers in most cases should be random or pseudo-random, as that mitigates message replay confusion and ensures they can be migrated or forked to other relays easily without risking conflicting with other groups using the same id in these new relays. This isn't a hard rule, as, for example, in `unmanaged` and/or ephemeral relays groups might not want to migrate ever, so they might not care about this. Notably, the `_` relay-local group isn't expected to be migrated ever. ## The `h` tag From 108b6314299f71540190a7abf37074787fa6d698 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E5=8E=9F=E6=99=B4=E5=A4=AA?= <haruta@s3-odara.net> Date: Sun, 17 Nov 2024 15:22:47 +0000 Subject: [PATCH 15/16] "user matadata" --- 05.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/05.md b/05.md index b914344..7e823fb 100644 --- a/05.md +++ b/05.md @@ -10,7 +10,7 @@ On events of kind `0` (`user metadata`) one can specify the key `"nip05"` with a Upon seeing that, the client splits the identifier into `<local-part>` and `<domain>` and use these values to make a GET request to `https://<domain>/.well-known/nostr.json?name=<local-part>`. -The result should be a JSON document object with a key `"names"` that should then be a mapping of names to hex formatted public keys. If the public key for the given `<name>` matches the `pubkey` from the `user's metadata` event, the client then concludes that the given pubkey can indeed be referenced by its identifier. +The result should be a JSON document object with a key `"names"` that should then be a mapping of names to hex formatted public keys. If the public key for the given `<name>` matches the `pubkey` from the `user metadata` event, the client then concludes that the given pubkey can indeed be referenced by its identifier. ### Example From f3244a0903b1fedbd8aa89596c658c9529e19ea6 Mon Sep 17 00:00:00 2001 From: hakkadaikon <hakkadaikon@yahoo.co.jp> Date: Mon, 18 Nov 2024 02:33:29 +0900 Subject: [PATCH 16/16] js,json -> jsonc --- 11.md | 4 ++-- 17.md | 2 +- 22.md | 14 +++++++------- 29.md | 2 +- 46.md | 8 ++++---- 96.md | 4 ++-- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/11.md b/11.md index 8efd0f0..8af4f31 100644 --- a/11.md +++ b/11.md @@ -262,7 +262,7 @@ processed by appropriate client software. Relays that require payments may want to expose their fee schedules. -```json +```jsonc { "payments_url": "https://my-relay/payments", "fees": { @@ -270,7 +270,7 @@ Relays that require payments may want to expose their fee schedules. "subscription": [{ "amount": 5000000, "unit": "msats", "period": 2592000 }], "publication": [{ "kinds": [4], "amount": 100, "unit": "msats" }], }, - ... + // other fields... } ``` diff --git a/17.md b/17.md index 4b96bce..72f40c4 100644 --- a/17.md +++ b/17.md @@ -47,7 +47,7 @@ An optional `subject` tag defines the current name/topic of the conversation. An Following [NIP-59](59.md), the **unsigned** `kind:14` chat message must be sealed (`kind:13`) and then gift-wrapped (`kind:1059`) to each receiver and the sender individually. -```js +```jsonc { "id": "<usual hash>",   "pubkey": randomPublicKey, diff --git a/22.md b/22.md index 3706aec..f11925f 100644 --- a/22.md +++ b/22.md @@ -13,7 +13,7 @@ It uses `kind:1111` with plaintext `.content` (no HTML, Markdown, or other forma Comments MUST point to the root scope using uppercase tag names (e.g. `K`, `E`, `A` or `I`) and MUST point to the parent item with lowercase ones (e.g. `k`, `e`, `a` or `i`). -```js +```jsonc { kind: 1111, content: '<comment>', @@ -56,7 +56,7 @@ If the parent item is an event, a `p` tag set to the parent event's author SHOUL A comment on a blog post looks like this: -```js +```jsonc { kind: 1111, content: 'Great blog post!', @@ -79,7 +79,7 @@ A comment on a blog post looks like this: A comment on a [NIP-94](94.md) file looks like this: -```js +```jsonc { kind: 1111, content: 'Great file!', @@ -100,7 +100,7 @@ A comment on a [NIP-94](94.md) file looks like this: A reply to a comment looks like this: -```js +```jsonc { kind: 1111, content: 'This is a reply to "Great file!"', @@ -121,7 +121,7 @@ A reply to a comment looks like this: A comment on a website's url looks like this: -```js +```jsonc { kind: 1111, content: 'Nice article!', @@ -142,7 +142,7 @@ A comment on a website's url looks like this: A podcast comment example: -```js +```jsonc { id: "80c48d992a38f9c445b943a9c9f1010b396676013443765750431a9004bdac05", pubkey: "252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111", @@ -164,7 +164,7 @@ A podcast comment example: A reply to a podcast comment: -```js +```jsonc { kind: 1111, content: "I'm replying to the above comment.", diff --git a/29.md b/29.md index f0ba8ab..a116433 100644 --- a/29.md +++ b/29.md @@ -141,7 +141,7 @@ These are events expected to be sent by the relay master key or by group admins Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action based on its role and the relay's internal policy (see also the description of `kind:39003`). -```json +```jsonc { "kind": 90xx, "content": "optional reason", diff --git a/46.md b/46.md index 60850aa..ce6764d 100644 --- a/46.md +++ b/46.md @@ -58,7 +58,7 @@ _user_ passes this token to _remote-signer_, which then sends `connect` *respons ## Request Events `kind: 24133` -```js +```jsonc { "kind": 24133, "pubkey": <local_keypair_pubkey>, @@ -136,7 +136,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Signature request -```js +```jsonc { "kind": 24133, "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", @@ -156,7 +156,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Response event -```js +```jsonc { "kind": 24133, "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", @@ -196,7 +196,7 @@ _client_ should display (in a popup or new tab) the URL from the `error` field a ### Announcing _remote-signer_ metadata _remote-signer_ MAY publish it's metadata by using [NIP-05](05.md) and [NIP-89](89.md). With NIP-05, a request to `<remote-signer>/.well-known/nostr.json?name=_` MAY return this: -``` +```jsonc { "names":{ "_": <remote-signer-app-pubkey>, diff --git a/96.md b/96.md index 05c1b18..3828e76 100644 --- a/96.md +++ b/96.md @@ -323,8 +323,8 @@ Note: HTTP File Storage Server developers may skip this section. This is meant f A File Server Preference event is a kind 10096 replaceable event meant to select one or more servers the user wants to upload files to. Servers are listed as `server` tags: -```json -{. +```jsonc +{ "kind": 10096, "content": "", "tags": [