From ffef063a44cc1431da39b9fe145bf2a8ff84f302 Mon Sep 17 00:00:00 2001 From: ocknamo Date: Thu, 1 Feb 2024 23:57:58 +0900 Subject: [PATCH 01/43] fix: Correct PASSPHRASE to PASSWORD in NIP-49 --- 49.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/49.md b/49.md index becc5860..6de05eb9 100644 --- a/49.md +++ b/49.md @@ -7,12 +7,12 @@ Private Key Encryption `draft` `optional` -This NIP defines a method by which clients can encrypt (and decrypt) a user's private key with a passphrase. +This NIP defines a method by which clients can encrypt (and decrypt) a user's private key with a password. Symmetric Encryption Key derivation ----------------------------------- -PASSPHRASE = read from the user +PASSWORD = read from the user LOG\_N = Let the user or implementer choose one byte representing a power of 2 (e.g. 18 represents 262,144) which is used as the number of rounds for scrypt. Larger numbers take more time and more memory, and offer better protection: @@ -26,7 +26,7 @@ LOG\_N = Let the user or implementer choose one byte representing a power of 2 ( SALT = 16 random bytes -SYMMETRIC_KEY = scrypt(passphrase=PASSPHRASE, salt=SALT, log\_n=LOG\_N, r=8, p=1) +SYMMETRIC_KEY = scrypt(password=PASSWORD, salt=SALT, log\_n=LOG\_N, r=8, p=1) The symmetric key should be 32 bytes long. From 2c016b0659a8f29ad2420a4cd844a2dca4956407 Mon Sep 17 00:00:00 2001 From: Jon Staab Date: Mon, 27 Nov 2023 14:47:04 -0800 Subject: [PATCH 02/43] Add imeta tag --- 29.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 94.md | 1 + 2 files changed, 44 insertions(+) create mode 100644 29.md diff --git a/29.md b/29.md new file mode 100644 index 00000000..8c990bb3 --- /dev/null +++ b/29.md @@ -0,0 +1,43 @@ +NIP029 +====== + +imeta +-------------- + +`imeta` is a tag for adding media attachments to events. `imeta` tags MUST match URLs +in the event content. Clients may replace imeta URLs with rich previews. `imeta` tags +contain extra information about the media attachment, which clients can use to provide +a better experience when loading images. + +The `imeta` tag is variadic, and each entry is a space-delimited key/value pair. +Each `imeta` tag MUST have a `url`, and at least one other field. `imeta` may include +any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag per url. + +## Example + +```json +{ + "content": "More image metadata tests don’t mind me https://nostr.build/i/my-image.jpg", + "kind": 1, + "tags": [ + [ + "imeta", + "url https://nostr.build/i/my-image.jpg", + "blurhash eVF$^OI:${M{o#*0-nNFxakD-?xVM}WEWB%iNKxvR-oetmo#R-aen$", + "dim 3024x4032", + "alt A scenic photo overlooking the coast of Costa Rica", + "x ", + "fallback https://nostrcheck.me/alt1.jpg" + "fallback https://void.cat/alt1.jpg" + ] + ] +} +``` + +## Recommended client behavior + +When uploading images during a new post, clients MAY include this metadata +after the image is uploaded and included in the post. + +When pasting urls during post composition, the client MAY download the image +and add this metadata before the post is sent. diff --git a/94.md b/94.md index eb8117a4..e35dfa1c 100644 --- a/94.md +++ b/94.md @@ -25,6 +25,7 @@ This NIP specifies the use of the `1063` event type, having in `content` a descr * `image` (optional) url of preview image with same dimensions * `summary` (optional) text excerpt * `alt` (optional) description for accessibility +* `fallback` (optional) zero or more fallback file sources in case `url` fails ```json { From 716234149a2544cd59c7f4d04608e71b4fc7aab3 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 1 Feb 2024 15:47:51 -0600 Subject: [PATCH 03/43] NIP-29: add to NIPs list, improve preamble phrasing --- 29.md | 14 +++++++------- README.md | 1 + 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/29.md b/29.md index 8c990bb3..dafd51ca 100644 --- a/29.md +++ b/29.md @@ -1,13 +1,12 @@ -NIP029 +NIP-29 ====== -imeta --------------- +Media Attachments +----------------- -`imeta` is a tag for adding media attachments to events. `imeta` tags MUST match URLs -in the event content. Clients may replace imeta URLs with rich previews. `imeta` tags -contain extra information about the media attachment, which clients can use to provide -a better experience when loading images. +Media attachments (images, videos, and other files) may be added to events by including a URL in the event content, along with a matching `imeta` tag. + +`imeta` ("inline metadata") tags add information about media URLs in the event's content. Each `imeta` tag SHOULD match a URL in the event content. Clients may replace imeta URLs with rich previews. `imeta` tags contain extra information about the media attachment, which clients can use to provide a better experience when loading previews. The `imeta` tag is variadic, and each entry is a space-delimited key/value pair. Each `imeta` tag MUST have a `url`, and at least one other field. `imeta` may include @@ -23,6 +22,7 @@ any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag p [ "imeta", "url https://nostr.build/i/my-image.jpg", + "m image/jpeg", "blurhash eVF$^OI:${M{o#*0-nNFxakD-?xVM}WEWB%iNKxvR-oetmo#R-aen$", "dim 3024x4032", "alt A scenic photo overlooking the coast of Costa Rica", diff --git a/README.md b/README.md index 10b1dfb7..28d016b6 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-26: Delegated Event Signing](26.md) - [NIP-27: Text Note References](27.md) - [NIP-28: Public Chat](28.md) +- [NIP-29: Media Attachments](29.md) - [NIP-30: Custom Emoji](30.md) - [NIP-31: Dealing with Unknown Events](31.md) - [NIP-32: Labeling](32.md) From eee64fedb2c81a284fa98e09da57abd06d98dec0 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 1 Feb 2024 15:51:22 -0600 Subject: [PATCH 04/43] NIP-29: remove the redundant last sentence --- 29.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/29.md b/29.md index dafd51ca..2913619e 100644 --- a/29.md +++ b/29.md @@ -6,7 +6,7 @@ Media Attachments Media attachments (images, videos, and other files) may be added to events by including a URL in the event content, along with a matching `imeta` tag. -`imeta` ("inline metadata") tags add information about media URLs in the event's content. Each `imeta` tag SHOULD match a URL in the event content. Clients may replace imeta URLs with rich previews. `imeta` tags contain extra information about the media attachment, which clients can use to provide a better experience when loading previews. +`imeta` ("inline metadata") tags add information about media URLs in the event's content. Each `imeta` tag SHOULD match a URL in the event content. Clients may replace imeta URLs with rich previews. The `imeta` tag is variadic, and each entry is a space-delimited key/value pair. Each `imeta` tag MUST have a `url`, and at least one other field. `imeta` may include From 5e14fd7f0851779cda2adbb8fd8bac4547570b15 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 1 Feb 2024 15:52:52 -0600 Subject: [PATCH 05/43] NIP-29: images -> files --- 29.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/29.md b/29.md index 2913619e..2a22233d 100644 --- a/29.md +++ b/29.md @@ -36,8 +36,8 @@ any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag p ## Recommended client behavior -When uploading images during a new post, clients MAY include this metadata -after the image is uploaded and included in the post. +When uploading files during a new post, clients MAY include this metadata +after the file is uploaded and included in the post. -When pasting urls during post composition, the client MAY download the image +When pasting urls during post composition, the client MAY download the file and add this metadata before the post is sent. From 5196ac196a9e19cfbb9c6cd16d8081dd137e3572 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Thu, 1 Feb 2024 20:59:37 -0300 Subject: [PATCH 06/43] move `imeta` to NIP-92, add `imeta` tag to README. --- 29.md => 92.md | 2 +- README.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) rename 29.md => 92.md (99%) diff --git a/29.md b/92.md similarity index 99% rename from 29.md rename to 92.md index 2a22233d..81d46106 100644 --- a/29.md +++ b/92.md @@ -1,4 +1,4 @@ -NIP-29 +NIP-92 ====== Media Attachments diff --git a/README.md b/README.md index 28d016b6..438f5172 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,6 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-26: Delegated Event Signing](26.md) - [NIP-27: Text Note References](27.md) - [NIP-28: Public Chat](28.md) -- [NIP-29: Media Attachments](29.md) - [NIP-30: Custom Emoji](30.md) - [NIP-31: Dealing with Unknown Events](31.md) - [NIP-32: Labeling](32.md) @@ -74,6 +73,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-84: Highlights](84.md) - [NIP-89: Recommended Application Handlers](89.md) - [NIP-90: Data Vending Machines](90.md) +- [NIP-92: Media Attachments](92.md) - [NIP-94: File Metadata](94.md) - [NIP-96: HTTP File Storage Integration](96.md) - [NIP-98: HTTP Auth](98.md) @@ -218,6 +218,7 @@ Please update these lists when proposing NIPs introducing new event kinds. | `expiration` | unix timestamp (string) | -- | [40](40.md) | | `goal` | event id (hex) | relay URL | [75](75.md) | | `image` | image URL | dimensions in pixels | [23](23.md), [58](58.md) | +| `imeta` | inline metadata | -- | [92](92.md) | | `lnurl` | `bech32` encoded `lnurl` | -- | [57](57.md) | | `location` | location string | -- | [52](52.md), [99](99.md) | | `name` | badge name | -- | [58](58.md) | From 6de5ee32f411a91f5001a7d300931a7b1ec9adca Mon Sep 17 00:00:00 2001 From: Asai Toshiya Date: Sat, 3 Feb 2024 10:28:57 +0900 Subject: [PATCH 07/43] NIP-92: fix typo and nitpicks --- 92.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/92.md b/92.md index 81d46106..b857d6ce 100644 --- a/92.md +++ b/92.md @@ -10,7 +10,7 @@ Media attachments (images, videos, and other files) may be added to events by in The `imeta` tag is variadic, and each entry is a space-delimited key/value pair. Each `imeta` tag MUST have a `url`, and at least one other field. `imeta` may include -any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag per url. +any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag per URL. ## Example @@ -27,7 +27,7 @@ any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag p "dim 3024x4032", "alt A scenic photo overlooking the coast of Costa Rica", "x ", - "fallback https://nostrcheck.me/alt1.jpg" + "fallback https://nostrcheck.me/alt1.jpg", "fallback https://void.cat/alt1.jpg" ] ] @@ -39,5 +39,5 @@ any field specified by [NIP 94](./94.md). There SHOULD be only one `imeta` tag p When uploading files during a new post, clients MAY include this metadata after the file is uploaded and included in the post. -When pasting urls during post composition, the client MAY download the file +When pasting URLs during post composition, the client MAY download the file and add this metadata before the post is sent. From c8ba0e2e35bf987b9336d2ff49f452e84620396a Mon Sep 17 00:00:00 2001 From: Jon Staab Date: Mon, 29 Jan 2024 09:05:11 -0800 Subject: [PATCH 08/43] Add status to nip 99 --- 99.md | 1 + 1 file changed, 1 insertion(+) diff --git a/99.md b/99.md index e65920c6..93550d87 100644 --- a/99.md +++ b/99.md @@ -40,6 +40,7 @@ The following tags, used for structured metadata, are standardized and SHOULD be - `""` is the amount in numeric format (but included in the tag as a string) - `""` is the currency unit in 3-character ISO 4217 format or ISO 4217-like currency code (e.g. `"btc"`, `"eth"`). - `""` is optional and can be used to describe recurring payments. SHOULD be in noun format (hour, day, week, month, year, etc.) +- - `"status"` (optional), the status of the listing. SHOULD be either "active" or "sold". #### `price` examples From d3dad114e60cb45bb04f2088a68ebd16cf6837df Mon Sep 17 00:00:00 2001 From: fiatjaf_ Date: Tue, 6 Feb 2024 20:29:33 -0300 Subject: [PATCH 09/43] NIP-46: replace npub1...#? notation with bunker://... (#1023) --- 46.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/46.md b/46.md index 05247c59..94a052ee 100644 --- a/46.md +++ b/46.md @@ -17,7 +17,7 @@ The client always starts by generating a random key which is used to communicate The remote signer generates a connection token in the form ``` -#?relay=wss://...&relay=wss://... +bunker://?relay=wss://...&relay=wss://...&secret= ``` The user copies that token and pastes it in the client UI somehow. Then the client can send events of kind `24133` to the specified relays and wait for responses from the remote signer. @@ -96,4 +96,3 @@ The signer key will always be the key of the user who controls the signer device - **ping** - params: [] - result: `"pong"` - From a46338bd6a183f17a292ea578ee69ff15ea6723f Mon Sep 17 00:00:00 2001 From: Thebora Kompanioni Date: Thu, 8 Feb 2024 00:03:32 +0100 Subject: [PATCH 10/43] fix(docs): typo in 01.md --- 01.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01.md b/01.md index c1e37480..905e45f7 100644 --- a/01.md +++ b/01.md @@ -147,7 +147,7 @@ The `limit` property of a filter is only valid for the initial query and MUST be ### From relay to client: sending events and notices -Relays can send 4 types of messages, which must also be JSON arrays, according to the following patterns: +Relays can send 5 types of messages, which must also be JSON arrays, according to the following patterns: * `["EVENT", , ]`, used to send events requested by clients. * `["OK", , , ]`, used to indicate acceptance or denial of an `EVENT` message. From 94761a5f3bcfb2c4085ae4d42fced450a2da25eb Mon Sep 17 00:00:00 2001 From: Asai Toshiya Date: Mon, 12 Feb 2024 22:23:21 +0900 Subject: [PATCH 11/43] Add kinds for NIP-59 --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 438f5172..d1c52500 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `6` | Repost | [18](18.md) | | `7` | Reaction | [25](25.md) | | `8` | Badge Award | [58](58.md) | +| `13` | Seal | [59](59.md) | | `16` | Generic Repost | [18](18.md) | | `40` | Channel Creation | [28](28.md) | | `41` | Channel Metadata | [28](28.md) | @@ -100,6 +101,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `1021` | Bid | [15](15.md) | | `1022` | Bid confirmation | [15](15.md) | | `1040` | OpenTimestamps | [03](03.md) | +| `1059` | Gift Wrap | [59](59.md) | | `1063` | File Metadata | [94](94.md) | | `1311` | Live Chat Message | [53](53.md) | | `1971` | Problem Tracker | [nostrocket][nostrocket] | From 3f13eb34bf21f693ee7a8ddaba19229600fd323e Mon Sep 17 00:00:00 2001 From: franzap <126621043+fr4nzap@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:40:57 +0000 Subject: [PATCH 12/43] File metadata sets (#1040) * File metadata sets * Make kind specific to release artifacts * Update example * Update README --- 51.md | 25 +++++++++++++++++++++++++ README.md | 1 + 2 files changed, 26 insertions(+) diff --git a/51.md b/51.md index 9a1639f8..c58d37a6 100644 --- a/51.md +++ b/51.md @@ -49,6 +49,7 @@ Aside from their main identifier, the `"d"` tag, sets can optionally have a `"ti | Curation sets | 30005 | groups of videos picked by users as interesting and/or belonging to the same category | `"a"` (kind:34235 videos) | | Interest sets | 30015 | interest topics represented by a bunch of "hashtags" | `"t"` (hashtags) | | Emoji sets | 30030 | categorized emoji groups | `"emoji"` (see [NIP-30](30.md)) | +| Release artifact sets | 30063 | groups of files of a software release | `"e"` (kind:1063 [file metadata](94.md) events), `"i"` (application identifier, typically reverse domain notation), `"version"` | ## Deprecated standard lists @@ -103,6 +104,30 @@ Some clients have used these lists in the past, but they should work on transiti } ``` +### A _release artifact set_ of an Example App + +```json +{ + "id": "567b41fc9060c758c4216fe5f8d3df7c57daad7ae757fa4606f0c39d4dd220ef", + "pubkey": "d6dc95542e18b8b7aec2f14610f55c335abebec76f3db9e58c254661d0593a0c", + "created_at": 1695327657, + "kind": 30063, + "tags": [ + ["d", "ak8dy3v7"], + ["i", "com.example.app"], + ["version", "0.0.1"], + ["title", "Example App"], + ["image", "http://cdn.site/p/com.example.app/icon.png"], + ["e", "d78ba0d5dce22bfff9db0a9e996c9ef27e2c91051de0c4e1da340e0326b4941e"], // Windows exe + ["e", "f27e2c91051de0c4e1da0d5dce22bfff9db0a9340e0326b4941ed78bae996c9e"], // MacOS dmg + ["e", "9d24ddfab95ba3ff7c03fbd07ad011fff245abea431fb4d3787c2d04aad02332"], // Linux AppImage + ["e", "340e0326b340e0326b4941ed78ba340e0326b4941ed78ba340e0326b49ed78ba"] // PWA + ], + "content": "Example App is a decentralized marketplace for apps", + "sig": "a9a4e2192eede77e6c9d24ddfab95ba3ff7c03fbd07ad011fff245abea431fb4d3787c2d04aad001cb039cb8de91d83ce30e9a94f82ac3c5a2372aa1294a96bd" +} +``` + ## Encryption process pseudocode ```scala diff --git a/README.md b/README.md index d1c52500..caecc016 100644 --- a/README.md +++ b/README.md @@ -148,6 +148,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `30023` | Long-form Content | [23](23.md) | | `30024` | Draft Long-form Content | [23](23.md) | | `30030` | Emoji sets | [51](51.md) | +| `30063` | Release artifact sets | [51](51.md) | | `30078` | Application-specific Data | [78](78.md) | | `30311` | Live Event | [53](53.md) | | `30315` | User Statuses | [38](38.md) | From b5dc891973a1c5a76c39e9c48409d841d2d687c3 Mon Sep 17 00:00:00 2001 From: franzap <_@franzap.com> Date: Mon, 12 Feb 2024 19:45:25 +0000 Subject: [PATCH 13/43] Add PGP as NIP-39 external identity --- 39.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/39.md b/39.md index c819e43b..df1578fb 100644 --- a/39.md +++ b/39.md @@ -20,6 +20,7 @@ A new optional `i` tag is introduced for `kind 0` metadata event contents in add ["i", "twitter:semisol_public", "1619358434134196225"], ["i", "mastodon:bitcoinhackers.org/@semisol", "109775066355589974"] ["i", "telegram:1087295469", "nostrdirectory/770"] + ["i", "pgp:A999B7498D1A8DC473E53C92309F635DAD1B5517", "xsFNBF2V8eEBEADmjYzGOpxEI0J7jQ1qFzlsrjF6NaBSq+UqKw..."] ], ... } @@ -62,3 +63,9 @@ Identity: A Telegram user ID. Proof: A string in the format `/` which points to a message published in the public channel or group with name `` and message ID ``. This message should be sent by user ID `` and have the text `Verifying that I control the following Nostr public key: ""`. This can be located at `https://t.me/`. + +### `pgp` + +Identity: A PGP fingerprint. + +Proof: PGP signature of the fingerprint used in the identity field. \ No newline at end of file From afbb8dd008969c863f6075645d09fcb1ef283ed2 Mon Sep 17 00:00:00 2001 From: Semisol <45574030+Semisol@users.noreply.github.com> Date: Thu, 15 Feb 2024 01:32:38 +0300 Subject: [PATCH 14/43] remove pgp identity from NIP-39 temporarily the current scheme recommends signing the *fingerprint* of the pgp key, which doesn't tie into the nostr identity this commit temporarily undos the commit adding pgp identities until a proper fixed version is merged just signing the npub string also would not be sufficient, and the message should indicate this is for identity verification ideally, a link to download key material would also be included --- 39.md | 7 ------- 1 file changed, 7 deletions(-) diff --git a/39.md b/39.md index df1578fb..c819e43b 100644 --- a/39.md +++ b/39.md @@ -20,7 +20,6 @@ A new optional `i` tag is introduced for `kind 0` metadata event contents in add ["i", "twitter:semisol_public", "1619358434134196225"], ["i", "mastodon:bitcoinhackers.org/@semisol", "109775066355589974"] ["i", "telegram:1087295469", "nostrdirectory/770"] - ["i", "pgp:A999B7498D1A8DC473E53C92309F635DAD1B5517", "xsFNBF2V8eEBEADmjYzGOpxEI0J7jQ1qFzlsrjF6NaBSq+UqKw..."] ], ... } @@ -63,9 +62,3 @@ Identity: A Telegram user ID. Proof: A string in the format `/` which points to a message published in the public channel or group with name `` and message ID ``. This message should be sent by user ID `` and have the text `Verifying that I control the following Nostr public key: ""`. This can be located at `https://t.me/`. - -### `pgp` - -Identity: A PGP fingerprint. - -Proof: PGP signature of the fingerprint used in the identity field. \ No newline at end of file From cbec02ab52ffb062f7b7712e0ed6ec524cfe0b6a Mon Sep 17 00:00:00 2001 From: Mike Dilger Date: Fri, 16 Feb 2024 09:38:21 +1300 Subject: [PATCH 15/43] NIP-49 [breaking]: password normalized to unicode NFKC format --- 49.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/49.md b/49.md index 6de05eb9..addcf749 100644 --- a/49.md +++ b/49.md @@ -12,7 +12,7 @@ This NIP defines a method by which clients can encrypt (and decrypt) a user's pr Symmetric Encryption Key derivation ----------------------------------- -PASSWORD = read from the user +PASSWORD = Read from the user. The password should be unicode normalized to NFKC format to ensure that the password can be entered identically on other computers/clients. LOG\_N = Let the user or implementer choose one byte representing a power of 2 (e.g. 18 represents 262,144) which is used as the number of rounds for scrypt. Larger numbers take more time and more memory, and offer better protection: From 62c48eff58d6dd4d2b0a817bbb36cd75087f0ae3 Mon Sep 17 00:00:00 2001 From: Michael Dilger Date: Fri, 16 Feb 2024 14:15:32 +1300 Subject: [PATCH 16/43] Breaking changes list (#1052) * Start of new BREAKING.md changes list * more * Make NIP column into links * notes * Make commits links * Remove optional P tag entry, was not breaking * Update BREAKING with nip-49 breaking change --- BREAKING.md | 21 +++++++++++++++++++++ README.md | 5 +++++ 2 files changed, 26 insertions(+) create mode 100644 BREAKING.md diff --git a/BREAKING.md b/BREAKING.md new file mode 100644 index 00000000..2a85a281 --- /dev/null +++ b/BREAKING.md @@ -0,0 +1,21 @@ +# Breaking Changes + +This is a history of NIP changes that potentially break pre-existing implementations, in +reverse chronological order. + +| Date | Commit | NIP | Change | +| ----------- | --------- | -------- | ------ | +| 2024-02-16 | [cbec02ab](https://github.com/nostr-protocol/nips/commit/cbec02ab) | [NIP-49](49.md) | Password first normalized to NFKC | +| 2024-02-15 | [afbb8dd0](https://github.com/nostr-protocol/nips/commit/afbb8dd0) | [NIP-39](39.md) | PGP identity was removed | +| 2024-02-07 | [d3dad114](https://github.com/nostr-protocol/nips/commit/d3dad114) | [NIP-46](46.md) | Connection token format was changed | +| 2024-01-30 | [1a2b21b6](https://github.com/nostr-protocol/nips/commit/1a2b21b6) | [NIP-59](59.md) | 'p' tag became optional | +| 2023-01-27 | [c2f34817](https://github.com/nostr-protocol/nips/commit/c2f34817) | [NIP-47](47.md) | optional expiration tag should be honored | +| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-02](02.md) | list entries should be chronological | +| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-51](51.md) | list entries should be chronological | + +Breaking changes prior to 2024-01-01 are not yet documented. + +## NOTES + +- If it isn't clear that a change is breaking or not, we list it. +- The date is the date it was merged, not necessarily the date of the commit. diff --git a/README.md b/README.md index caecc016..b9ca8aa7 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [Criteria for acceptance of NIPs](#criteria-for-acceptance-of-nips) - [Is this repository a centralizing factor?](#is-this-repository-a-centralizing-factor) - [How this repository works](#how-this-repository-works) +- [Breaking Changes](#breaking-changes) - [License](#license) --- @@ -261,6 +262,10 @@ Standards may emerge in two ways: the first way is that someone starts doing som These two ways of standardizing things are supported by this repository. Although the second is preferred, an effort will be made to codify standards emerged outside this repository into NIPs that can be later referenced and easily understood and implemented by others -- but obviously as in any human system discretion may be applied when standards are considered harmful. +## Breaking Changes + +[Breaking Changes](BREAKING.md) + ## License All NIPs are public domain. From 36d22815878186285825511358e66a52d2bf95e4 Mon Sep 17 00:00:00 2001 From: Michael Dilger Date: Fri, 16 Feb 2024 15:54:47 +1300 Subject: [PATCH 17/43] NIP-49 test vector for unicode normalization (#1054) * NIP-49 [breaking]: password normalized to unicode NFKC format * Test vector for unicode normalization --- 49.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/49.md b/49.md index addcf749..da58ba27 100644 --- a/49.md +++ b/49.md @@ -78,6 +78,22 @@ The decryption process operates in the reverse. Test Data --------- +## Password Unicode Normalization + +The following password input: "ÅΩẛ̣" +- Unicode Codepoints: U+212B U+2126 U+1E9B U+0323 +- UTF-8 bytes: [0xE2, 0x84, 0xAB, 0xE2, 0x84, 0xA6, 0xE1, 0xBA, 0x9B, 0xCC, 0xA3] + +Should be converted into the unicode normalized NFKC format prior to use in scrypt: "ÅΩẛ̣" +- Unicode Codepoints: U+00C5 U+03A9 U+1E69 +- UTF-8 bytes: [0xC3, 0x85, 0xCE, 0xA9, 0xE1, 0xB9, 0xA9] + +## Encryption + +The encryption process is non-deterministic due to the random nonce. + +## Decryption + The following encrypted private key: `ncryptsec1qgg9947rlpvqu76pj5ecreduf9jxhselq2nae2kghhvd5g7dgjtcxfqtd67p9m0w57lspw8gsq6yphnm8623nsl8xn9j4jdzz84zm3frztj3z7s35vpzmqf6ksu8r89qk5z2zxfmu5gv8th8wclt0h4p` @@ -86,8 +102,6 @@ When decrypted with password='nostr' and log_n=16 yields the following hex-encod `3501454135014541350145413501453fefb02227e449e57cf4d3a3ce05378683` -The reverse process is non-deterministic due to the random nonce. - Discussion ---------- From 71b0cbc2de50ca9088398bb3cbf8f9eb6d5a7b53 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Tue, 20 Feb 2024 12:06:06 -0600 Subject: [PATCH 18/43] NIP-07: add NIP-44 calls --- 07.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/07.md b/07.md index 12ae6478..18ca7309 100644 --- a/07.md +++ b/07.md @@ -20,6 +20,8 @@ Aside from these two basic above, the following functions can also be implemente async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 (deprecated) async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated) +async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-44 +async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-44 ``` ### Implementation From 2390058a3260d778e62df066c0d5bb5e803d2527 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Tue, 20 Feb 2024 12:09:40 -0600 Subject: [PATCH 19/43] NIP-07: remove "and iv" from NIP-44 comments --- 07.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/07.md b/07.md index 18ca7309..6c663224 100644 --- a/07.md +++ b/07.md @@ -20,8 +20,8 @@ Aside from these two basic above, the following functions can also be implemente async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 (deprecated) async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated) -async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-44 -async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-44 +async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns ciphertext as specified in nip-44 +async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes ciphertext as specified in nip-44 ``` ### Implementation From cbffa7a5de845bd6ed939c77de5540904d011d4b Mon Sep 17 00:00:00 2001 From: Asai Toshiya Date: Wed, 21 Feb 2024 05:26:44 +0900 Subject: [PATCH 20/43] BREAKING.md: update the history (#1055) * BREAKING.md: add NIP changes until 2023-12-01 * Update BREAKING.md * BREAKING.md: add NIP changes until 2023-11-01 * Update BREAKING.md * Remove change to NIP-22 in 2023-12-02 * BREAKING.md: add NIP changes until 2023-08-01 * BREAKING.md: add NIP changes until 2023-04-01 * BREAKING.md: add NIP changes until 2023-03-01 * BREAKING.md: add NIP changes * Just format --- BREAKING.md | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/BREAKING.md b/BREAKING.md index 2a85a281..cd8c03d3 100644 --- a/BREAKING.md +++ b/BREAKING.md @@ -7,13 +7,37 @@ reverse chronological order. | ----------- | --------- | -------- | ------ | | 2024-02-16 | [cbec02ab](https://github.com/nostr-protocol/nips/commit/cbec02ab) | [NIP-49](49.md) | Password first normalized to NFKC | | 2024-02-15 | [afbb8dd0](https://github.com/nostr-protocol/nips/commit/afbb8dd0) | [NIP-39](39.md) | PGP identity was removed | -| 2024-02-07 | [d3dad114](https://github.com/nostr-protocol/nips/commit/d3dad114) | [NIP-46](46.md) | Connection token format was changed | -| 2024-01-30 | [1a2b21b6](https://github.com/nostr-protocol/nips/commit/1a2b21b6) | [NIP-59](59.md) | 'p' tag became optional | -| 2023-01-27 | [c2f34817](https://github.com/nostr-protocol/nips/commit/c2f34817) | [NIP-47](47.md) | optional expiration tag should be honored | -| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-02](02.md) | list entries should be chronological | -| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-51](51.md) | list entries should be chronological | +| 2024-02-07 | [d3dad114](https://github.com/nostr-protocol/nips/commit/d3dad114) | [NIP-46](46.md) | Connection token format was changed | +| 2024-01-30 | [1a2b21b6](https://github.com/nostr-protocol/nips/commit/1a2b21b6) | [NIP-59](59.md) | 'p' tag became optional | +| 2023-01-27 | [c2f34817](https://github.com/nostr-protocol/nips/commit/c2f34817) | [NIP-47](47.md) | optional expiration tag should be honored | +| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-02](02.md) | list entries should be chronological | +| 2024-01-10 | [3d8652ea](https://github.com/nostr-protocol/nips/commit/3d8652ea) | [NIP-51](51.md) | list entries should be chronological | +| 2023-12-30 | [29869821](https://github.com/nostr-protocol/nips/commit/29869821) | [NIP-52](52.md) | 'name' tag was removed (use 'title' tag instead) | +| 2023-12-27 | [17c67ef5](https://github.com/nostr-protocol/nips/commit/17c67ef5) | [NIP-94](94.md) | 'aes-256-gcm' tag was removed | +| 2023-12-03 | [0ba45895](https://github.com/nostr-protocol/nips/commit/0ba45895) | [NIP-01](01.md) | WebSocket status code `4000` was replaced by 'CLOSED' message | +| 2023-11-28 | [6de35f9e](https://github.com/nostr-protocol/nips/commit/6de35f9e) | [NIP-89](89.md) | 'client' tag value was changed | +| 2023-11-20 | [7822a8b1](https://github.com/nostr-protocol/nips/commit/7822a8b1) | [NIP-51](51.md) | `kind: 30000` and `kind: 30001` were deprecated | +| 2023-11-11 | [cbdca1e9](https://github.com/nostr-protocol/nips/commit/cbdca1e9) | [NIP-84](84.md) | 'range' tag was removed | +| 2023-11-07 | [108b7f16](https://github.com/nostr-protocol/nips/commit/108b7f16) | [NIP-01](01.md) | 'OK' message must have 4 items | +| 2023-10-17 | [cf672b76](https://github.com/nostr-protocol/nips/commit/cf672b76) | [NIP-03](03.md) | 'block' tag was removed | +| 2023-09-29 | [7dc6385f](https://github.com/nostr-protocol/nips/commit/7dc6385f) | [NIP-57](57.md) | optional 'a' tag was included in `zap receipt` | +| 2023-08-21 | [89915e02](https://github.com/nostr-protocol/nips/commit/89915e02) | [NIP-11](11.md) | 'min_prefix' was removed | +| 2023-08-20 | [37c4375e](https://github.com/nostr-protocol/nips/commit/37c4375e) | [NIP-01](01.md) | replaceable events with same timestamp should be retained event with lowest id | +| 2023-08-15 | [88ee873c](https://github.com/nostr-protocol/nips/commit/88ee873c) | [NIP-15](15.md) | 'countries' tag was renamed to 'regions' | +| 2023-08-14 | [72bb8a12](https://github.com/nostr-protocol/nips/commit/72bb8a12) | [NIP-12](12.md) | NIP-12, 16, 20 and 33 were merged into NIP-01 | +| 2023-08-14 | [72bb8a12](https://github.com/nostr-protocol/nips/commit/72bb8a12) | [NIP-16](16.md) | NIP-12, 16, 20 and 33 were merged into NIP-01 | +| 2023-08-14 | [72bb8a12](https://github.com/nostr-protocol/nips/commit/72bb8a12) | [NIP-20](20.md) | NIP-12, 16, 20 and 33 were merged into NIP-01 | +| 2023-08-14 | [72bb8a12](https://github.com/nostr-protocol/nips/commit/72bb8a12) | [NIP-33](33.md) | NIP-12, 16, 20 and 33 were merged into NIP-01 | +| 2023-08-11 | [d87f8617](https://github.com/nostr-protocol/nips/commit/d87f8617) | [NIP-25](25.md) | empty `content` should be considered as "+" | +| 2023-08-01 | [5d63b157](https://github.com/nostr-protocol/nips/commit/5d63b157) | [NIP-57](57.md) | 'zap' tag was changed | +| 2023-07-15 | [d1814405](https://github.com/nostr-protocol/nips/commit/d1814405) | [NIP-01](01.md) | `since` and `until` filters should be `since <= created_at <= until` | +| 2023-07-12 | [a1cd2bd8](https://github.com/nostr-protocol/nips/commit/a1cd2bd8) | [NIP-25](25.md) | custom emoji was supported | +| 2023-06-18 | [83cbd3e1](https://github.com/nostr-protocol/nips/commit/83cbd3e1) | [NIP-11](11.md) | 'image' was renamed to 'icon' | +| 2023-04-13 | [bf0a0da6](https://github.com/nostr-protocol/nips/commit/bf0a0da6) | [NIP-15](15.md) | different NIP was re-added as NIP-15 | +| 2023-04-09 | [fb5b7c73](https://github.com/nostr-protocol/nips/commit/fb5b7c73) | [NIP-15](15.md) | NIP-15 was merged into NIP-01 | +| 2023-03-15 | [e1004d3d](https://github.com/nostr-protocol/nips/commit/e1004d3d) | [NIP-19](19.md) | `1: relay` was changed to optionally | -Breaking changes prior to 2024-01-01 are not yet documented. +Breaking changes prior to 2023-03-01 are not yet documented. ## NOTES From c6cd655c1cba483fa9932b76e5ec62bafc56bc33 Mon Sep 17 00:00:00 2001 From: JeffG <202880+erskingardner@users.noreply.github.com> Date: Tue, 20 Feb 2024 21:56:17 +0100 Subject: [PATCH 21/43] New version of NIP-46 (#1047) * New version of NIP-46 * Update pubkey references * Document what we have * Update terms and kind number in discovery * Update encypt/decrypt calls to handle arrays. Add redirect_uri param for auth_challenges * Move remote signer commands to own section, add appendix for oauth-like stuff. * Add diagrams --- 46.md | 261 +++++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 193 insertions(+), 68 deletions(-) diff --git a/46.md b/46.md index 94a052ee..13a2fe4d 100644 --- a/46.md +++ b/46.md @@ -1,98 +1,223 @@ -NIP-46 -====== +# NIP-46 - Nostr Remote Signing -Nostr Connect -------------- +## Rationale -`draft` `optional` +Private keys should be exposed to as few systems - apps, operating systems, devices - as possible as each system adds to the attack surface. -This NIP describes a method for 2-way communication between a **remote signer** and a normal Nostr client. The remote signer could be, for example, a hardware device dedicated to signing Nostr events, while the client is a normal Nostr client. +This NIP describes a method for 2-way communication between a remote signer and a Nostr client. The remote signer could be, for example, a hardware device dedicated to signing Nostr events, while the client is a normal Nostr client. -## Signer Discovery +## Terminology -The client always starts by generating a random key which is used to communicate with the signer, then it one of the methods below is used to allow the client to know what is the signer public key for the session and which relays to use. +- **Local keypair**: A local public and private key-pair used to encrypt content and communicate with the remote signer. Usually created by the client application. +- **Remote user pubkey**: The public key that the user wants to sign as. The remote signer has control of the private key that matches this public key. +- **Remote signer pubkey**: This is the public key of the remote signer itself. This is needed in both `create_account` command because you don't yet have a remote user pubkey. -### Started by the signer (nsecBunker) +All pubkeys specified in this NIP are in hex format. -The remote signer generates a connection token in the form +## Initiating a connection + +To initiate a connection between a client and a remote signer there are a few different options. + +### Direct connection initiated by remote signer + +This is most common in a situation where you have your own nsecbunker or other type of remote signer and want to connect through a client that supports remote signing. + +The remote signer would provide a connection token in the form: ``` -bunker://?relay=wss://...&relay=wss://...&secret= +bunker://?relay=&relay=&secret= ``` -The user copies that token and pastes it in the client UI somehow. Then the client can send events of kind `24133` to the specified relays and wait for responses from the remote signer. +This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). -### Started by the client +### Direct connection initiated by the client -The client generates a QR code in the following form (URL-encoded): +In this case, basically the opposite direction of the first case, the client provides a connection token (or encodes the token in a QR code) and the signer initiates a connection to the client via the specified relay(s). ``` -nostrconnect://?relay=wss://...&metadata={"name":"...", "url": "...", "description": "..."} +nostrconnect://?relay=&metadata= ``` -The signer scans the QR code and sends a `connect` message to the client in the specified relays. +## The flow -## Event payloads +1. Client creates a local keypair. This keypair doesn't need to be communicated to the user since it's largely disposable (i.e. the user doesn't need to see this pubkey). Clients might choose to store it locally and they should delete it when the user logs out. +2. Client gets the remote user pubkey (either via a `bunker://` connection string or a NIP-05 login-flow; shown below) +3. Clients use the local keypair to send requests to the remote signer by `p`-tagging and encrypting to the remote user pubkey. +4. The remote signer responds to the client by `p`-tagging and encrypting to the local keypair pubkey. -Event payloads are [NIP-04](04.md)-encrypted JSON blobs that look like JSONRPC messages (their format is specified inside the `.content` of the event formats below). +### Example flow for signing an event -Events sent by the client to the remote signer have the following format: +- Remote user pubkey (e.g. signing as) `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- Local pubkey is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` -```js +#### Signature request + +```json { - "pubkey": "" - "kind": 24133, - "tags": [ - ["p", ""] - ], - "content": "nip04_encrypted_json({id: , method: , params: [array_of_strings]})", - ... + "kind": 24133, + "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", + "content": nip04({ + "id": , + "method": "sign_event", + "params": [json_stringified(<{ + content: "Hello, I'm signing remotely", + pubkey: "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", + // ...the rest of the event data + }>)] + }), + "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote user pubkey } ``` -And the events the remote signer sends to the client have the following format: +#### Response event -```js - "pubkey": "" - "kind": 24133, - "tags": [ - ["p", ""] - ], - "content": "nip04_encrypted_json({id: , result: , error: })", - ... +```json +{ + "kind": 24133, + "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", + "content": nip04({ + "id": , + "result": json_stringified() + }), + "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the local keypair pubkey +} ``` -The signer key will always be the key of the user who controls the signer device. +#### Diagram -### Methods +![signing-example](https://i.nostr.build/P3gW.png) -- **connect** - - params: [`pubkey`, `secret`] - - result: `"ack"` -- **get_public_key** - - params: [] - - result: `pubkey-hex` -- **sign_event** - - params: [`event`] - - result: `json_string(event_with_pubkey_id_and_signature)` -- **get_relays** - - params: [] - - result: `json_string({[url: string]: {read: boolean, write: boolean}})` -- **nip04_encrypt** - - params: [`third-party-pubkey`, `plaintext`] - - result: `nip04-ciphertext` -- **nip04_decrypt** - - params: [`third-party-pubkey`, `nip04-ciphertext`] - - result: `plaintext` -- **nip44_get_key** - - params: [`third-party-pubkey`] - - result: `nip44-conversation-key` -- **nip44_encrypt** - - params: [`third-party-pubkey`, `plaintext`] - - result: `nip44-ciphertext` -- **nip44_decrypt** - - params: [`third-party-pubkey`, `nip44-ciphertext`] - - result: `plaintext` -- **ping** - - params: [] - - result: `"pong"` +## Request Events `kind: 24133` + +```json +{ + "id": , + "kind": 24133, + "pubkey": , + "content": )>, + "tags": [["p", ]], // NB: in the `create_account` event, the remote signer pubkey should be `p` tagged. + "created_at": , +} +``` + +The `content` field is a JSON-RPC-like message that is [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md) encrypted and has the following structure: + +```json +{ + "id": , + "method": , + "params": [array_of_strings] +} +``` + +- `id` is a random string that is a request ID. This same ID will be sent back in the response payload. +- `method` is the name of the method/command (detailed below). +- `params` is a positional array of string parameters. + +### Methods/Commands + +Each of the following are methods that the client sends to the remote signer. + +| Command | Params | Result | +| ------------------------ | ------------------------------------------------- | ---------------------------------------------------------------------- | +| `connect` | `[, ]` | "ack" | +| `sign_event` | `[]` | `json_stringified()` | +| `ping` | `[]` | "pong" | +| `get_relays` | `[]` | `json_stringified({: {read: , write: }})` | +| `get_public_key` | `[]` | `` | +| `nip04_encrypt` | `[, ]` | `` | +| `nip04_decrypt` | `[, ]` | `` | +| `nip44_conversation_key` | Potential future addition | | +| `nip44_encrypt` | Potential future addition | | +| `nip44_decrypt` | Potential future addition | | + +## Response Events `kind:24133` + +```json +{ + "id": <id>, + "kind": 24133, + "pubkey": <remote_signer_pubkey>, + "content": <nip04(<response>)>, + "tags": [["p", <local_keypair_pubkey>]], + "created_at": <unix timestamp in seconds>, +} +``` + +The `content` field is a JSON-RPC-like message that is [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md) encrypted and has the following structure: + +```json +{ + "id": <request_id>, + "result": <results_string>, + "error": <error_string> +} +``` + +- `id` is the request ID that this response is for. +- `results` is a string of the result of the call (this can be either a string or a JSON stringified object) +- `error` is an error in string form. + +### Auth Challenges + +An Auth Challenge is a response that a remote signer can send back when it needs the user to authenticate via other means. This is currently used in the OAuth-like flow enabled by signers like [Nsecbunker](https://github.com/kind-0/nsecbunkerd/). The response `content` object will take the following form: + +```json +{ + "id": <request_id>, + "result": "auth_url", + "error": <URL_to_display_to_end_user> +} +``` + +Clients should display (in a popup or new tab) the URL from the `error` field and then subscribe/listen for another response from the remote signer (reusing the same request ID). This event will be sent once the user authenticates in the other window (or will never arrive if the user doesn't authenticate). It's also possible to add a `redirect_uri` url parameter to the auth_url, which is helpful in situations when a client cannot open a new window or tab to display the auth challenge. + +#### Example event signing request with auth challenge + +![signing-example-with-auth-challenge](https://i.nostr.build/W3aj.png) + +## Remote Signer Commands + +Remote signers might support additional commands when communicating directly with it. These commands follow the same flow as noted above, the only difference is that when the client sends a request event, the `p`-tag is the pubkey of the remote signer itself and the `content` payload is encrypted to the same remote signer pubkey. + +### Methods/Commands + +Each of the following are methods that the client sends to the remote signer. + +| Command | Params | Result | +| ---------------- | ------------------------------------------ | ------------------------------------ | +| `create_account` | `[<username>, <domain>, <optional_email>]` | `<newly_created_remote_user_pubkey>` | + +## Appendix + +### NIP-05 Login Flow + +Clients might choose to present a more familiar login flow, so users can type a NIP-05 address instead of a `bunker://` string. + +When the user types a NIP-05 the client: + +- Queries the `/.well-known/nostr.json` file from the domain for the NIP-05 address provided to get the user's pubkey (this is the **remote user pubkey**) +- In the same `/.well-known/nostr.json` file, queries for the `nip46` key to get the relays that the remote signer will be listening on. +- Now the client has enough information to send commands to the remote signer on behalf of the user. + +### OAuth-like Flow + +#### Remote signer discovery via NIP-89 + +In this last case, most often used to fascilitate an OAuth-like signin flow, the client first looks for remote signers that have announced themselves via NIP-89 application handler events. + +First the client will query for `kind: 31990` events that have a `k` tag of `24133`. + +These are generally shown to a user, and once the user selects which remote signer to use and provides the remote user pubkey they want to use (via npub, pubkey, or nip-05 value), the client can initiate a connection. Note that it's on the user to select the remote signer that is actually managing the remote key that they would like to use in this case. If the remote user pubkey is managed on another remote signer, the connection will fail. + +In addition, it's important that clients validate that the pubkey of the announced remote signer matches the pubkey of the `_` entry in the `/.well-known/nostr.json` file of the remote signer's announced domain. + +Clients that allow users to create new accounts should also consider validating the availability of a given username in the namespace of remote signer's domain by checking the `/.well-known/nostr.json` file for existing usernames. Clients can then show users feedback in the UI before sending a `create_account` event to the remote signer and receiving an error in return. Ideally, remote signers would also respond with understandable error messages if a client tries to create an account with an existing username. + +#### Example Oauth-like flow to create a new user account with Nsecbunker + +Coming soon... + +## References + +- [NIP-04 - Encryption](https://github.com/nostr-protocol/nips/blob/master/04.md) From 9c7ae62e53e6e423d301575546581c700b6f9d9f Mon Sep 17 00:00:00 2001 From: monlovesmango <monlovesmango@protonmail.com> Date: Tue, 20 Feb 2024 16:17:40 -0600 Subject: [PATCH 22/43] update nip44 encrypt/decrypt --- 46.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/46.md b/46.md index 13a2fe4d..b8946408 100644 --- a/46.md +++ b/46.md @@ -126,10 +126,10 @@ Each of the following are methods that the client sends to the remote signer. | `get_relays` | `[]` | `json_stringified({<relay_url>: {read: <boolean>, write: <boolean>}})` | | `get_public_key` | `[]` | `<hex-pubkey>` | | `nip04_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip04_ciphertext>` | -| `nip04_decrypt` | `[<third_party_pubkey>, <ciphertext_to_decrypt>]` | `<plaintext>` | +| `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | | `nip44_conversation_key` | Potential future addition | | -| `nip44_encrypt` | Potential future addition | | -| `nip44_decrypt` | Potential future addition | | +| `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | +| `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | ## Response Events `kind:24133` From ff39f492e1aebdb401100b3e6f848ca0600ef9b1 Mon Sep 17 00:00:00 2001 From: monlovesmango <96307647+monlovesmango@users.noreply.github.com> Date: Tue, 20 Feb 2024 16:29:01 -0600 Subject: [PATCH 23/43] update nip44_get_conversation_key --- 46.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/46.md b/46.md index b8946408..db805fbf 100644 --- a/46.md +++ b/46.md @@ -126,10 +126,10 @@ Each of the following are methods that the client sends to the remote signer. | `get_relays` | `[]` | `json_stringified({<relay_url>: {read: <boolean>, write: <boolean>}})` | | `get_public_key` | `[]` | `<hex-pubkey>` | | `nip04_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip04_ciphertext>` | -| `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | -| `nip44_conversation_key` | Potential future addition | | +| `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | +| `nip44_get_conversation_key` | `[<third_party_pubkey>]` | `<nip44_conversation_key>` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | -| `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | +| `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | ## Response Events `kind:24133` From 0045106dd1d08c38006d9a1c089081202078496e Mon Sep 17 00:00:00 2001 From: monlovesmango <96307647+monlovesmango@users.noreply.github.com> Date: Wed, 21 Feb 2024 10:03:33 -0600 Subject: [PATCH 24/43] leave nip44_get_conversation_key undefined for now --- 46.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/46.md b/46.md index db805fbf..b0e5c769 100644 --- a/46.md +++ b/46.md @@ -127,9 +127,9 @@ Each of the following are methods that the client sends to the remote signer. | `get_public_key` | `[]` | `<hex-pubkey>` | | `nip04_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip04_ciphertext>` | | `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | -| `nip44_get_conversation_key` | `[<third_party_pubkey>]` | `<nip44_conversation_key>` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | +| `nip44_get_conversation_key`| _Potential future addition_ | | ## Response Events `kind:24133` From f1f992e95ee369c766d486807ad208c0769532dd Mon Sep 17 00:00:00 2001 From: Jon Staab <shtaab@gmail.com> Date: Wed, 21 Feb 2024 08:17:42 -0800 Subject: [PATCH 25/43] Remove get_conversation_key --- 46.md | 1 - 1 file changed, 1 deletion(-) diff --git a/46.md b/46.md index b0e5c769..d9343008 100644 --- a/46.md +++ b/46.md @@ -129,7 +129,6 @@ Each of the following are methods that the client sends to the remote signer. | `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | -| `nip44_get_conversation_key`| _Potential future addition_ | | ## Response Events `kind:24133` From 4313fbf7a5c1d7d2c29e414ed68104641f3286fa Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Thu, 22 Feb 2024 12:30:18 +0900 Subject: [PATCH 26/43] NIP-46, NIP-49, NIP-65: fix typos --- 46.md | 4 ++-- 49.md | 14 +++++++------- 65.md | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/46.md b/46.md index d9343008..eb964942 100644 --- a/46.md +++ b/46.md @@ -96,7 +96,7 @@ nostrconnect://<local-keypair-pubkey>?relay=<wss://relay-to-connect-on>&metadata "pubkey": <local_keypair_pubkey>, "content": <nip04(<request>)>, "tags": [["p", <remote_user_pubkey>]], // NB: in the `create_account` event, the remote signer pubkey should be `p` tagged. - "created_at": <unix timestamp in seconds>, + "created_at": <unix timestamp in seconds> } ``` @@ -139,7 +139,7 @@ Each of the following are methods that the client sends to the remote signer. "pubkey": <remote_signer_pubkey>, "content": <nip04(<response>)>, "tags": [["p", <local_keypair_pubkey>]], - "created_at": <unix timestamp in seconds>, + "created_at": <unix timestamp in seconds> } ``` diff --git a/49.md b/49.md index da58ba27..731f132d 100644 --- a/49.md +++ b/49.md @@ -16,13 +16,13 @@ PASSWORD = Read from the user. The password should be unicode normalized to NFKC LOG\_N = Let the user or implementer choose one byte representing a power of 2 (e.g. 18 represents 262,144) which is used as the number of rounds for scrypt. Larger numbers take more time and more memory, and offer better protection: - | LOG\_N | MEMORY REQUIRED | APPROX TIME ON FAST COMPUTER | - |--------|-----------------|----------------------------- | - | 16 | 64 MiB | 100 ms | - | 18 | 256 MiB | | - | 20 | 1 GiB | 2 seconds | - | 21 | 2 GiB | | - | 22 | 4 GiB | | + | LOG_N | MEMORY REQUIRED | APPROX TIME ON FAST COMPUTER | + |-------|-----------------|----------------------------- | + | 16 | 64 MiB | 100 ms | + | 18 | 256 MiB | | + | 20 | 1 GiB | 2 seconds | + | 21 | 2 GiB | | + | 22 | 4 GiB | | SALT = 16 random bytes diff --git a/65.md b/65.md index 4a6f5a11..1a2d7e81 100644 --- a/65.md +++ b/65.md @@ -19,7 +19,7 @@ The `.content` is not used. ["r", "wss://alicerelay.example.com"], ["r", "wss://brando-relay.com"], ["r", "wss://expensive-relay.example2.com", "write"], - ["r", "wss://nostr-relay.example.com", "read"], + ["r", "wss://nostr-relay.example.com", "read"] ], "content": "", ...other fields From 996ef456057c6f91320411098c259c3b68f3cc77 Mon Sep 17 00:00:00 2001 From: William Casarin <jb55@jb55.com> Date: Thu, 22 Feb 2024 11:38:39 -0800 Subject: [PATCH 27/43] Use `q` instead of `e` tags for quote reposts Signed-off-by: William Casarin <jb55@jb55.com> --- 18.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/18.md b/18.md index ba96c895..27c5915a 100644 --- a/18.md +++ b/18.md @@ -20,9 +20,10 @@ reposted. ## Quote Reposts -Quote reposts are `kind 1` events with an embedded `e` tag -(see [NIP-08](08.md) and [NIP-27](27.md)). Because a quote repost includes -an `e` tag, it may show up along replies to the reposted note. +Quote reposts are `kind 1` events with an embedded `q` tag of the note being +quote reposted. The `q` tag ensures quote reposts are not pulled and included +as replies in threads. It also allows you to easily pull and count all of the +quotes for a post. ## Generic Reposts From 84236acdd9fa84206beb27a4c7353a191393bf41 Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Fri, 23 Feb 2024 22:48:42 +0900 Subject: [PATCH 28/43] NIP-92: Clarify that `imeta` tag can be ignored --- 92.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/92.md b/92.md index b857d6ce..b332d211 100644 --- a/92.md +++ b/92.md @@ -41,3 +41,5 @@ after the file is uploaded and included in the post. When pasting URLs during post composition, the client MAY download the file and add this metadata before the post is sent. + +The client MAY ignore `imeta` tags that do not match the URL in the event content. From 383eb594b4cabc4d8f606937c86440037b77a8f8 Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Mon, 26 Feb 2024 10:07:55 +0900 Subject: [PATCH 29/43] README: add q tag --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b9ca8aa7..634ea056 100644 --- a/README.md +++ b/README.md @@ -206,6 +206,7 @@ Please update these lists when proposing NIPs introducing new event kinds. | `l` | label, label namespace | annotations | [32](32.md) | | `L` | label namespace | -- | [32](32.md) | | `m` | MIME type | -- | [94](94.md) | +| `q` | event id (hex) | relay URL, marker | [18](18.md) | | `r` | a reference (URL, etc) | petname | | | `r` | relay url | marker | [65](65.md) | | `t` | hashtag | -- | | From c9b3abfa3c531a926f0865d10e6d5ed746da3825 Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Mon, 26 Feb 2024 12:30:49 +0900 Subject: [PATCH 30/43] Remove marker Co-authored-by: Alex Gleason <alex@alexgleason.me> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 634ea056..3273ab06 100644 --- a/README.md +++ b/README.md @@ -206,7 +206,7 @@ Please update these lists when proposing NIPs introducing new event kinds. | `l` | label, label namespace | annotations | [32](32.md) | | `L` | label namespace | -- | [32](32.md) | | `m` | MIME type | -- | [94](94.md) | -| `q` | event id (hex) | relay URL, marker | [18](18.md) | +| `q` | event id (hex) | relay URL | [18](18.md) | | `r` | a reference (URL, etc) | petname | | | `r` | relay url | marker | [65](65.md) | | `t` | hashtag | -- | | From 5b2461eb01f784d546f77cfc21af26bf7e4b6670 Mon Sep 17 00:00:00 2001 From: fiatjaf_ <fiatjaf@gmail.com> Date: Wed, 28 Feb 2024 11:50:54 -0300 Subject: [PATCH 31/43] NIP-29: Simple Groups (#566) * NIP-29: Simple Group Chat. * split hostname and subgroup path into two different tag items. * add and remove permissions actions. * fix kind number for moderation event. * add missing / to "flavors" in example. * some new ideas + making this universal and not only applicable to chat. * fix delete-message => delete-event. * flesh out the entire thing. * saner approach with multiple kinds for moderation. * delete-event as kind 9005. * update meta events description. * `public` and `open` tags and join request event. * edit-group-status permission. * add kinds to README. * add kind:12 * add nip-10 note * add optional list of members * admins prefixed by "p". * remove "alt" from event templates for brevity. * add kind 10009 for public list of simple groups. * update "previous" stuff. * remove naddr stuff, use a different identifier format. * remove reference to trimmed signatures until that is more developed. * add kind:10 threaded chat replies. --------- Co-authored-by: Pablo Fernandez <p@f7z.io> --- 29.md | 197 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 51.md | 1 + README.md | 8 +++ 3 files changed, 206 insertions(+) create mode 100644 29.md diff --git a/29.md b/29.md new file mode 100644 index 00000000..0f4a5796 --- /dev/null +++ b/29.md @@ -0,0 +1,197 @@ +NIP-29 +====== + +Relay-based Groups +------------------ + +`draft` `optional` + +This NIP defines a standard for groups that are only writable by a closed set of users. They can be public for reading by external users or not. + +Groups are identified by a random string of any length that serves as an _id_. + +There is no way to create a group, what happens is just that relays (most likely when asked by users) will create rules around some specific ids so these ids can serve as an actual group, henceforth messages sent to that group will be subject to these rules. + +Normally a group will originally belong to one specific relay, but the community may choose to move the group to other relays or even fork the group so it exists in different forms -- still using the same _id_ -- across different relays. + +## Relay-generated events + +Relays are supposed to generate the events that describe group metadata and group admins. These are parameterized replaceable events signed by the relay keypair directly, with the group _id_ as the `d` tag. + +## Group identifier + +A group may be identified by a string in the format `<host>'<group-id>`. For example, a group with _id_ `abcdef` hosted at the relay `wss://groups.nostr.com` would be identified by the string `groups.nostr.com'abcdef`. + +## The `h` tag + +Events sent by users to groups (chat messages, text notes, moderation events etc) must have an `h` tag with the value set to the group _id_. + +## Timeline references + +In order to not be used out of context, events sent to these groups may contain references to previous events seen from the same relay in the `previous` tag. The choice of which previous events to pick belongs to the clients. The references are to be made using the first 8 characters (4 bytes) of any event in the last 50 events seen by the user in the relay, excluding events by themselves. There can be any number of references (including zero), but it's recommended that clients include at least 3 and that relays enforce this. + +This is a hack to prevent messages from being broadcasted to external relays that have forks of one group out of context. Relays are expected to reject any events that contain timeline references to events not found in their own database. Clients should also check these to keep relays honest about them. + +## Late publication + +Relays should prevent late publication (messages published now with a timestamp from days or even hours ago) unless they are open to receive a group forked or moved from another relay. + +## Event definitions + +- *text root note* (`kind:11`) + +This is the basic unit of a "microblog" root text note sent to a group. + +```js + "kind": 11, + "content": "hello my friends lovers of pizza", + "tags": [ + ["h", "<group-id>"], + ["previous", "<event-id-first-chars>", "<event-id-first-chars>", ...] + ] + ... +``` + +- *threaded text reply* (`kind:12`) + +This is the basic unit of a "microblog" reply note sent to a group. It's the same as `kind:11`, except for the fact that it must be used whenever it's in reply to some other note (either in reply to a `kind:11` or a `kind:12`). `kind:12` events SHOULD use NIP-10 markers, leaving an empty relay url: + +* `["e", "<kind-11-root-id>", "", "root"]` +* `["e", "<kind-12-event-id>", "", "reply"]` + +- *chat message* (`kind:9`) + +This is the basic unit of a _chat message_ sent to a group. + +```js + "kind": 9, + "content": "hello my friends lovers of pizza", + "tags": [ + ["h", "<group-id>"], + ["previous", "<event-id-first-chars>", "<event-id-first-chars>", ...] + ] + ... +``` + +- *chat message threaded reply* (`kind:10`) + +Similar to `kind:12`, this is the basic unit of a chat message sent to a group. This is intended for in-chat threads that may be hidden by default. Not all in-chat replies MUST use `kind:10`, only when the intention is to create a hidden thread that isn't part of the normal flow of the chat (although clients are free to display those by default too). + +`kind:10` SHOULD use NIP-10 markers, just like `kind:12`. + +- *join request* (`kind:9021`) + +Any user can send one of these events to the relay in order to be automatically or manually added to the group. If the group is `open` the relay will automatically issue a `kind:9000` in response adding this user. Otherwise group admins may choose to query for these requests and act upon them. + +```js +{ + "kind": 9021, + "content": "optional reason", + "tags": [ + ["h", "<group-id>"] + ] +} +``` + +- *moderation events* (`kinds:9000-9020`) (optional) + +Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action. The relay may discard the event after taking action or keep it as a moderation log. + +```js +{ + "kind": 90xx, + "content": "optional reason", + "tags": [ + ["h", "<group-id>"], + ["previous", ...] + ] +} +``` + +Each moderation action uses a different kind and requires different arguments, which are given as tags. These are defined in the following table: + +| kind | name | tags | +| --- | --- | --- | +| 9000 | `add-user` | `p` (pubkey hex) | +| 9001 | `remove-user` | `p` (pubkey hex) | +| 9002 | `edit-metadata` | `name`, `about`, `picture` (string) | +| 9003 | `add-permission` | `p` (pubkey), `permission` (name) | +| 9004 | `remove-permission` | `p` (pubkey), `permission` (name) | +| 9005 | `delete-event` | `e` (id hex) | +| 9006 | `edit-group-status` | `public` or `private`, `open` or `closed` | + +- *group metadata* (`kind:39000`) (optional) + +This event defines the metadata for the group -- basically how clients should display it. It must be generated and signed by the relay in which is found. Relays shouldn't accept these events if they're signed by anyone else. + +If the group is forked and hosted in multiple relays, there will be multiple versions of this event in each different relay and so on. + +```js +{ + "kind": 39000, + "content": "", + "tags": [ + ["d", "<group-id>"], + ["name", "Pizza Lovers"], + ["picture", "https://pizza.com/pizza.png"], + ["about", "a group for people who love pizza"], + ["public"], // or ["private"] + ["open"] // or ["closed"] + ] + ... +} +``` + +`name`, `picture` and `about` are basic metadata for the group for display purposes. `public` signals the group can be _read_ by anyone, while `private` signals that only AUTHed users can read. `open` signals that anyone can request to join and the request will be automatically granted, while `closed` signals that members must be pre-approved or that requests to join will be manually handled. + +- *group admins* (`kind:39001`) (optional) + +Similar to the group metadata, this event is supposed to be generated by relays that host the group. + +Each admin gets a label that is only used for display purposes, and a list of permissions it has are listed afterwards. These permissions can inform client building UI, but ultimately are evaluated by the relay in order to become effective. + +The list of capabilities, as defined by this NIP, for now, is the following: + +- `add-user` +- `edit-metadata` +- `delete-event` +- `remove-user` +- `add-permission` +- `remove-permission` +- `edit-group-status` + +```js +{ + "kind": 39001, + "content": "list of admins for the pizza lovers group", + "tags": [ + ["d", "<group-id>"], + ["p", "<pubkey1-as-hex>", "ceo", "add-user", "edit-metadata", "delete-event", "remove-user"], + ["p", "<pubkey2-as-hex>", "secretary", "add-user", "delete-event"] + ] + ... +} +``` + +- *group members* (`kind:39002`) (optional) + +Similar to *group admins*, this event is supposed to be generated by relays that host the group. + +It's a NIP-51-like list of pubkeys that are members of the group. Relays might choose to not to publish this information or to restrict what pubkeys can fetch it. + +```json +{ + "kind": 39002, + "content": "list of members for the pizza lovers group", + "tags": [ + ["d", "<group-id>"], + ["p", "<admin1>"], + ["p", "<member-pubkey1>"], + ["p", "<member-pubkey2>"], + ] +} +``` + +## Storing the list of groups a user belongs to + +A definition for kind `10009` was included in [NIP-51](51.md) that allows clients to store the list of groups a user wants to remember being in. diff --git a/51.md b/51.md index c58d37a6..95acbc81 100644 --- a/51.md +++ b/51.md @@ -29,6 +29,7 @@ For example, _mute list_ can contain the public keys of spammers and bad actors | Public chats | 10005 | [NIP-28](28.md) chat channels the user is in | `"e"` (kind:40 channel definitions) | | Blocked relays | 10006 | relays clients should never connect to | `"relay"` (relay URLs) | | Search relays | 10007 | relays clients should use when performing search queries | `"relay"` (relay URLs) | +| Simple groups | 10009 | [NIP-29](29.md) groups the user is in | `"group"` ([NIP-29](29.md) group ids + mandatory relay URL) | | Interests | 10015 | topics a user may be interested in and pointers | `"t"` (hashtags) and `"a"` (kind:30015 interest set) | | Emojis | 10030 | user preferred emojis and pointers to emoji sets | `"emoji"` (see [NIP-30](30.md)) and `"a"` (kind:30030 emoji set) | diff --git a/README.md b/README.md index 3273ab06..505e3e03 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-26: Delegated Event Signing](26.md) - [NIP-27: Text Note References](27.md) - [NIP-28: Public Chat](28.md) +- [NIP-29: Relay-based Groups](29.md) - [NIP-30: Custom Emoji](30.md) - [NIP-31: Dealing with Unknown Events](31.md) - [NIP-32: Labeling](32.md) @@ -92,6 +93,10 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `6` | Repost | [18](18.md) | | `7` | Reaction | [25](25.md) | | `8` | Badge Award | [58](58.md) | +| `9` | Group Chat Message | [29](29.md) | +| `10` | Group Chat Threaded Reply | [29](29.md) | +| `11` | Group Thread | [29](29.md) | +| `12` | Group Thread Reply | [29](29.md) | | `13` | Seal | [59](59.md) | | `16` | Generic Repost | [18](18.md) | | `40` | Channel Creation | [28](28.md) | @@ -112,6 +117,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `5000`-`5999` | Job Request | [90](90.md) | | `6000`-`6999` | Job Result | [90](90.md) | | `7000` | Job Feedback | [90](90.md) | +| `9000`-`9030` | Group Control Events | [29](29.md) | | `9041` | Zap Goal | [75](75.md) | | `9734` | Zap Request | [57](57.md) | | `9735` | Zap | [57](57.md) | @@ -124,6 +130,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `10005` | Public chats list | [51](51.md) | | `10006` | Blocked relays list | [51](51.md) | | `10007` | Search relays list | [51](51.md) | +| `10009` | User groups | [51](51.md), [29](29.md) | | `10015` | Interests list | [51](51.md) | | `10030` | User emoji list | [51](51.md) | | `10096` | File storage server list | [96](96.md) | @@ -161,6 +168,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `31925` | Calendar Event RSVP | [52](52.md) | | `31989` | Handler recommendation | [89](89.md) | | `31990` | Handler information | [89](89.md) | +| `39000-9` | Group metadata events | [29](29.md) | | `34550` | Community Definition | [72](72.md) | [nostrocket]: https://github.com/nostrocket/NIPS/blob/main/Problems.md From ac1221fa5d855fd838e29d71c636897feae6c3a2 Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Tue, 5 Mar 2024 10:34:01 +0900 Subject: [PATCH 32/43] BREAKING.md: add NIP-18 change --- BREAKING.md | 1 + 1 file changed, 1 insertion(+) diff --git a/BREAKING.md b/BREAKING.md index cd8c03d3..3693c345 100644 --- a/BREAKING.md +++ b/BREAKING.md @@ -5,6 +5,7 @@ reverse chronological order. | Date | Commit | NIP | Change | | ----------- | --------- | -------- | ------ | +| 2024-02-25 | [4a171cb0](https://github.com/nostr-protocol/nips/commit/4a171cb0) | [NIP-18](18.md) | quote repost should use `q` tag | | 2024-02-16 | [cbec02ab](https://github.com/nostr-protocol/nips/commit/cbec02ab) | [NIP-49](49.md) | Password first normalized to NFKC | | 2024-02-15 | [afbb8dd0](https://github.com/nostr-protocol/nips/commit/afbb8dd0) | [NIP-39](39.md) | PGP identity was removed | | 2024-02-07 | [d3dad114](https://github.com/nostr-protocol/nips/commit/d3dad114) | [NIP-46](46.md) | Connection token format was changed | From 9a283796ce95261c960d1b9ffc13e8f278079956 Mon Sep 17 00:00:00 2001 From: fiatjaf_ <fiatjaf@gmail.com> Date: Tue, 5 Mar 2024 08:57:59 -0300 Subject: [PATCH 33/43] NIP-34: git stuff (#997) * NIP-34: git stuff. * repository head. * threads/issues and replies. * add "p" optional tags to events. * add list of things to do later in the end. * multiple values in some tags instead of multiple tags. * replace "patches", "issues" tags and replace that with "relays". * bring in tags that allow for a commit id to be stable. * edit "reply" kind to say it should follow normal NIP-10 threading rules. * update "things to be added later". * add commit time to "committer" tag. * remove "head" tag. * mention the possibility of mentioning others users in patches. Co-authored-by: DanConwayDev <114834599+DanConwayDev@users.noreply.github.com> * clarify commit-pgp-sig. * clarify requirements and threading of replies. * add t=root tag. --------- Co-authored-by: DanConwayDev <114834599+DanConwayDev@users.noreply.github.com> --- 34.md | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 34.md diff --git a/34.md b/34.md new file mode 100644 index 00000000..651407d2 --- /dev/null +++ b/34.md @@ -0,0 +1,102 @@ +NIP-34 +====== + +`git` stuff +----------- + +`draft` `optional` + +This NIP defines all the ways code collaboration using and adjacent to [`git`](https://git-scm.com/) can be done using Nostr. + +## Repository announcements + +Git repositories are hosted in Git-enabled servers, but their existence can be announced using Nostr events, as well as their willingness to receive patches, bug reports and comments in general. + +```jsonc +{ + "kind": 30617, + "content": "", + "tags": [ + ["d", "<repo-id>"], + ["name", "<human-readable project name>"], + ["description", "brief human-readable project description>"], + ["web", "<url for browsing>", ...], // a webpage url, if the git server being used provides such a thing + ["clone", "<url for git-cloning>", ...], // a url to be given to `git clone` so anyone can clone it + ["relays", "<relay-url>", ...] // relays that this repository will monitor for patches and issues + ] +} +``` + +The tags `web`, `clone`, `relays` can have multiple values. + +Except `d`, all tags are optional. + +## Patches + +Patches can be sent by anyone to any repository. Patches to a specific repository SHOULD be sent to the relays specified in that repository's announcement event's `"relays"` tag. Patch events SHOULD include an `a` tag pointing to that repository's announcement address. + +```jsonc +{ + "kind": 1617, + "content": "<patch>", // contents of <git format-patch> + "tags": [ + ["a", "30617:<base-repo-owner-pubkey>:<base-repo-id>"], + ["p", "<repository-owner>"], + ["p", "<other-user>"], // optionally send the patch to another user to bring it to their attention + + // for the first patch in a thread or series + ["t", "root"], + + // optional tags for when it is desirable that the merged patch has a stable commit id + // these fields are necessary for ensuring that the commit resulting from applying a patch + // has the same id as it had in the proposer's machine -- all these tags can be omitted + // if the maintainer doesn't care about these things + ["commit", "<current-commit-id>"], + ["parent-commit", "<parent-commit-id>"], + ["commit-pgp-sig", "-----BEGIN PGP SIGNATURE-----..."], // empty string for unsigned commit + ["committer", "<name>", "<email>", "<timestamp>", "<timezone offset in minutes>"], + ] +} +``` + +## Issues + +Issues are Markdown text that is just human-readable conversational threads related to the repository: bug reports, feature requests, questions or comments of any kind. Like patches, these SHOULD be sent to the relays specified in that repository's announcement event's `"relays"` tag. + +```jsonc +{ + "kind": 1621, + "content": "<markdown text>", + "tags": [ + ["a", "30617:<base-repo-owner-pubkey>:<base-repo-id>"], + ["p", "<repository-owner>"] + ] +} +``` + +## Replies + +Replies are also Markdown text. The difference is that they MUST be issued as replies to either a `kind:1621` _issue_ or a `kind:1617` _patch_ event. The threading of replies and patches should follow NIP-10 rules. + +```jsonc +{ + "kind": 1622, + "content": "<markdown text>", + "tags": [ + ["a", "30617:<base-repo-owner-pubkey>:<base-repo-id>", "<relay-url>"], + ["e", "<issue-or-patch-id-hex>", "", "root"], + + // other "e" and "p" tags should be applied here when necessary, following the threading rules of NIP-10 + ["p", "<patch-author-pubkey-hex>", "", "mention"], + ["e", "<previous-reply-id-hex>", "", "reply"], + // ... + ] +} +``` + +## Possible things to be added later + +- "status" kind (for letting people know a patch was merged or an issue was fixed or won't be fixed) +- "branch merge" kind (specifying a URL from where to fetch the branch to be merged) +- "cover letter" kind (to which multiple patches can refer and serve as a unifying layer to them) +- inline file comments kind (we probably need one for patches and a different one for merged files) From 808569e562e774c17bd0caccf28b6ac95bc0641a Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Wed, 6 Mar 2024 12:35:59 +0900 Subject: [PATCH 34/43] README: add NIP-34 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 505e3e03..5d163fd4 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos - [NIP-30: Custom Emoji](30.md) - [NIP-31: Dealing with Unknown Events](31.md) - [NIP-32: Labeling](32.md) +- [NIP-34: `git` stuff](34.md) - [NIP-36: Sensitive Content](36.md) - [NIP-38: User Statuses](38.md) - [NIP-39: External Identities in Profiles](39.md) From 1166fb9fb5e359a023de613417861ae2cb23e6a7 Mon Sep 17 00:00:00 2001 From: Alex Gleason <alex@alexgleason.me> Date: Wed, 6 Mar 2024 13:59:36 -0600 Subject: [PATCH 35/43] NIP-50: search by nip05 domain --- 50.md | 1 + 1 file changed, 1 insertion(+) diff --git a/50.md b/50.md index 9d1a54c3..66033037 100644 --- a/50.md +++ b/50.md @@ -47,3 +47,4 @@ Relays SHOULD exclude spam from search results by default if they support some f Relay MAY support these extensions: - `include:spam` - turn off spam filtering, if it was enabled by default +- `domain:<domain>` - include events from users whose valid nip05 domain matches the domain From 6871b3b334c3ae6ec23266b42d238859805a1ebe Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Thu, 7 Mar 2024 06:45:35 +0900 Subject: [PATCH 36/43] README: add kinds and tags for NIP-34 --- README.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5d163fd4..90a63949 100644 --- a/README.md +++ b/README.md @@ -111,6 +111,9 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `1059` | Gift Wrap | [59](59.md) | | `1063` | File Metadata | [94](94.md) | | `1311` | Live Chat Message | [53](53.md) | +| `1617` | Patches | [34](34.md) | +| `1621` | Issues | [34](34.md) | +| `1622` | Replies | [34](34.md) | | `1971` | Problem Tracker | [nostrocket][nostrocket] | | `1984` | Reporting | [56](56.md) | | `1985` | Label | [32](32.md) | @@ -163,6 +166,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos | `30315` | User Statuses | [38](38.md) | | `30402` | Classified Listing | [99](99.md) | | `30403` | Draft Classified Listing | [99](99.md) | +| `30617` | Repository announcements | [34](34.md) | | `31922` | Date-Based Calendar Event | [52](52.md) | | `31923` | Time-Based Calendar Event | [52](52.md) | | `31924` | Calendar | [52](52.md) | @@ -224,9 +228,10 @@ Please update these lists when proposing NIPs introducing new event kinds. | `bolt11` | `bolt11` invoice | -- | [57](57.md) | | `challenge` | challenge string | -- | [42](42.md) | | `client` | name, address | relay URL | [89](89.md) | +| `clone` | git clone URL | -- | [34](34.md) | | `content-warning` | reason | -- | [36](36.md) | | `delegation` | pubkey, conditions, delegation token | -- | [26](26.md) | -| `description` | invoice/badge description | -- | [57](57.md), [58](58.md) | +| `description` | description | -- | [34](34.md), [57](57.md), [58](58.md) | | `emoji` | shortcode, image URL | -- | [30](30.md) | | `encrypted` | -- | -- | [90](90.md) | | `expiration` | unix timestamp (string) | -- | [40](40.md) | @@ -235,7 +240,7 @@ Please update these lists when proposing NIPs introducing new event kinds. | `imeta` | inline metadata | -- | [92](92.md) | | `lnurl` | `bech32` encoded `lnurl` | -- | [57](57.md) | | `location` | location string | -- | [52](52.md), [99](99.md) | -| `name` | badge name | -- | [58](58.md) | +| `name` | name | -- | [34](34.md), [58](58.md) | | `nonce` | random | -- | [13](13.md) | | `preimage` | hash of `bolt11` invoice | -- | [57](57.md) | | `price` | price | currency, frequency | [99](99.md) | @@ -248,6 +253,7 @@ Please update these lists when proposing NIPs introducing new event kinds. | `summary` | article summary | -- | [23](23.md) | | `thumb` | badge thumbnail | dimensions in pixels | [58](58.md) | | `title` | article title | -- | [23](23.md) | +| `web` | webpage URL | -- | [34](34.md) | | `zap` | pubkey (hex), relay URL | weight | [57](57.md) | ## Criteria for acceptance of NIPs From d11f50bd0ad6663eb53e1da495f8a8b91bb194f5 Mon Sep 17 00:00:00 2001 From: "nostr.wine" <124309146+nostr-wine@users.noreply.github.com> Date: Fri, 8 Mar 2024 11:23:22 -0500 Subject: [PATCH 37/43] NIP-50: add event classification extensions --- 50.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/50.md b/50.md index 66033037..a3fcf87e 100644 --- a/50.md +++ b/50.md @@ -47,4 +47,8 @@ Relays SHOULD exclude spam from search results by default if they support some f Relay MAY support these extensions: - `include:spam` - turn off spam filtering, if it was enabled by default -- `domain:<domain>` - include events from users whose valid nip05 domain matches the domain +- `domain:<domain>` - include only events from users whose valid nip05 domain matches the domain +- `topic:<topic>` - include only events within a classified topic (short string, one to two words) +- `language:<two letter ISO 639-1 language code>` - include only events of a specified language +- `sentiment:<negative/neutral/positive>` - include only events of a specific sentiment +- `nsfw:<true/false>` - include or exclude nsfw events (default: true) From 0438236268194cfec1e0e02579e29e75bd52b173 Mon Sep 17 00:00:00 2001 From: "nostr.wine" <124309146+nostr-wine@users.noreply.github.com> Date: Fri, 8 Mar 2024 12:05:49 -0500 Subject: [PATCH 38/43] Update 50.md --- 50.md | 1 - 1 file changed, 1 deletion(-) diff --git a/50.md b/50.md index a3fcf87e..a6e02be9 100644 --- a/50.md +++ b/50.md @@ -48,7 +48,6 @@ Relays SHOULD exclude spam from search results by default if they support some f Relay MAY support these extensions: - `include:spam` - turn off spam filtering, if it was enabled by default - `domain:<domain>` - include only events from users whose valid nip05 domain matches the domain -- `topic:<topic>` - include only events within a classified topic (short string, one to two words) - `language:<two letter ISO 639-1 language code>` - include only events of a specified language - `sentiment:<negative/neutral/positive>` - include only events of a specific sentiment - `nsfw:<true/false>` - include or exclude nsfw events (default: true) From de71f998289a829ac4b2c0b0e601b02a2bf755b6 Mon Sep 17 00:00:00 2001 From: Asai Toshiya <to.asai.60@gmail.com> Date: Wed, 13 Mar 2024 12:46:16 +0900 Subject: [PATCH 39/43] NIP-96: simplify server list --- 96.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/96.md b/96.md index 3ebbef83..f7d901fd 100644 --- a/96.md +++ b/96.md @@ -82,14 +82,7 @@ it must use the "api_url" field instead. ### List of Supporting File Storage Servers -| Name | Domain | -| ------------- | ------------------------- | -| nostrcheck.me | https://nostrcheck.me | -| nostrage | https://nostrage.com | -| sove | https://sove.rent | -| nostr.build | https://nostr.build | -| sovbit | https://files.sovbit.host | -| void.cat | https://void.cat | +See https://github.com/aljazceru/awesome-nostr#nip-96-file-storage-servers. ## Upload From 4f33dbc2b86684f9bf26dd1b0fc9789e3cbf2165 Mon Sep 17 00:00:00 2001 From: silberengel <silberengel7@protonmail.com> Date: Mon, 18 Mar 2024 08:01:06 +0100 Subject: [PATCH 40/43] Added bot field to denote automated npubs --- 24.md | 1 + 1 file changed, 1 insertion(+) diff --git a/24.md b/24.md index d444a4bc..449101af 100644 --- a/24.md +++ b/24.md @@ -16,6 +16,7 @@ These are extra fields not specified in NIP-01 that may be present in the string - `display_name`: an alternative, bigger name with richer characters than `name`. `name` should always be set regardless of the presence of `display_name` in the metadata. - `website`: a web URL related in any way to the event author. - `banner`: an URL to a wide (~1024x768) picture to be optionally displayed in the background of a profile screen. + - `bot`: a boolean to clarify that the content is entirely or partially the result of automation, such as with chatbots or newsfeeds. ### Deprecated fields From 46a6bf331ae823dad079a9740f37d57e58b92358 Mon Sep 17 00:00:00 2001 From: utxo <github@utxo.one> Date: Thu, 21 Mar 2024 10:15:02 -0400 Subject: [PATCH 41/43] Make relay attribute recommended in NIP-05 --- 05.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/05.md b/05.md index 64375506..a4b804cc 100644 --- a/05.md +++ b/05.md @@ -1,8 +1,6 @@ -NIP-05 -====== +# NIP-05 -Mapping Nostr keys to DNS-based internet identifiers ----------------------------------------------------- +## Mapping Nostr keys to DNS-based internet identifiers `final` `optional` @@ -33,9 +31,9 @@ It will make a GET request to `https://example.com/.well-known/nostr.json?name=b "bob": "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9" } } -```` +``` -or with the **optional** `"relays"` attribute: +or with the **recommended** `"relays"` attribute: ```json { @@ -43,14 +41,17 @@ or with the **optional** `"relays"` attribute: "bob": "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9" }, "relays": { - "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9": [ "wss://relay.example.com", "wss://relay2.example.com" ] + "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9": [ + "wss://relay.example.com", + "wss://relay2.example.com" + ] } } -```` +``` If the pubkey matches the one given in `"names"` (as in the example above) that means the association is right and the `"nip05"` identifier is valid and can be displayed. -The optional `"relays"` attribute may contain an object with public keys as properties and arrays of relay URLs as values. When present, that can be used to help clients learn in which relays the specific user may be found. Web servers which serve `/.well-known/nostr.json` files dynamically based on the query string SHOULD also serve the relays data for any name they serve in the same reply when that is available. +The recommended `"relays"` attribute may contain an object with public keys as properties and arrays of relay URLs as values. When present, that can be used to help clients learn in which relays the specific user may be found. Web servers which serve `/.well-known/nostr.json` files dynamically based on the query string SHOULD also serve the relays data for any name they serve in the same reply when that is available. ## Finding users from their NIP-05 identifier From 965eb45b30b6000da976addcf3163858abadcf07 Mon Sep 17 00:00:00 2001 From: utxo <github@utxo.one> Date: Thu, 21 Mar 2024 10:18:42 -0400 Subject: [PATCH 42/43] remove prettier formatting --- 05.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/05.md b/05.md index a4b804cc..405078a4 100644 --- a/05.md +++ b/05.md @@ -1,6 +1,8 @@ -# NIP-05 +NIP-05 +====== -## Mapping Nostr keys to DNS-based internet identifiers +Mapping Nostr keys to DNS-based internet identifiers +---------------------------------------------------- `final` `optional` @@ -31,7 +33,7 @@ It will make a GET request to `https://example.com/.well-known/nostr.json?name=b "bob": "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9" } } -``` +```` or with the **recommended** `"relays"` attribute: @@ -41,13 +43,10 @@ or with the **recommended** `"relays"` attribute: "bob": "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9" }, "relays": { - "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9": [ - "wss://relay.example.com", - "wss://relay2.example.com" - ] + "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9": [ "wss://relay.example.com", "wss://relay2.example.com" ] } } -``` +```` If the pubkey matches the one given in `"names"` (as in the example above) that means the association is right and the `"nip05"` identifier is valid and can be displayed. From 4b79bc67c471f77061d62704538e5fdd6ac28ae8 Mon Sep 17 00:00:00 2001 From: "Nostr.Band" <124499563+nostrband@users.noreply.github.com> Date: Fri, 22 Mar 2024 08:01:37 +0100 Subject: [PATCH 43/43] Add optional_requested_permissions This is implemented in nsec.app, nostr.band, Coracle and Nostrudel, so maybe it's time to update the NIP. --- 46.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/46.md b/46.md index eb964942..8ba65d96 100644 --- a/46.md +++ b/46.md @@ -120,7 +120,7 @@ Each of the following are methods that the client sends to the remote signer. | Command | Params | Result | | ------------------------ | ------------------------------------------------- | ---------------------------------------------------------------------- | -| `connect` | `[<remote_user_pubkey>, <optional_secret>]` | "ack" | +| `connect` | `[<remote_user_pubkey>, <optional_secret>, <optional_requested_permissions>]` | "ack" | | `sign_event` | `[<json_stringified_event_to_sign>]` | `json_stringified(<signed_event>)` | | `ping` | `[]` | "pong" | | `get_relays` | `[]` | `json_stringified({<relay_url>: {read: <boolean>, write: <boolean>}})` | @@ -130,6 +130,10 @@ Each of the following are methods that the client sends to the remote signer. | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | +### Requested permissions + +The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. + ## Response Events `kind:24133` ```json @@ -185,7 +189,7 @@ Each of the following are methods that the client sends to the remote signer. | Command | Params | Result | | ---------------- | ------------------------------------------ | ------------------------------------ | -| `create_account` | `[<username>, <domain>, <optional_email>]` | `<newly_created_remote_user_pubkey>` | +| `create_account` | `[<username>, <domain>, <optional_email>, <optional_requested_permissions>]` | `<newly_created_remote_user_pubkey>` | ## Appendix