From f707d79314fa6626251a3f70fede7c5dd5f0fd8f Mon Sep 17 00:00:00 2001 From: Ryan Breen Date: Fri, 10 Feb 2023 23:51:12 -0500 Subject: [PATCH] NIP-26 support in NIP-07 --- 07.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/07.md b/07.md index 8ebb4d99..a252baf2 100644 --- a/07.md +++ b/07.md @@ -4,7 +4,7 @@ NIP-07 `window.nostr` capability for web browsers ------------------------------------------ -`draft` `optional` `author:fiatjaf` +`draft` `optional` `author:fiatjaf` `author:ursuscamp` The `window.nostr` object may be made available by web browsers or extensions and websites or web-apps may make use of it after checking its availability. @@ -12,7 +12,7 @@ That object must define the following methods: ``` async window.nostr.getPublicKey(): string // returns a public key as hex -async window.nostr.signEvent(event: Event): Event // takes an event object, adds `id`, `pubkey` and `sig` and returns it +async window.nostr.signEvent(event: Event): Event // takes an event object, adds `id`, `pubkey`, `sig`, and optional `delegation` tag and returns it ``` Aside from these two basic above, the following functions can also be implemented optionally: @@ -22,9 +22,18 @@ async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertex async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 ``` +### NIP-26 Considerations + +Delegation can be supported in an extension by allowing the user to create a delegatee identity and storing the information necessary to construct the `delegation` tag, such as the signed token. There is no need for the extension to store the delegator's private key. + +When operating with a delegated identity, an extension must return the _delegator's_ public key from the `getPublicKey` method, so that the user may see their normal feed upon login. Additionally, during `signEvent`, the extension must modify the event by inserting the _delegatee's_ `pubkey`, append a valid `delegation` tag to the end of the tags list and recalculate the event `id`, prior to signing the event. + +The client, upon receiving the returned event, need only check for the presence of a `delegation` tag to determine how to handle the event. The client must accept the `id`, `pubkey`, `sig` and `delegation` tag from the signed delegation event. + ### Implementation - [nos2x](https://github.com/fiatjaf/nos2x) - [Alby](https://getalby.com) - [Blockcore](https://www.blockcore.net/wallet) - [nos2x-fox](https://diegogurpegui.com/nos2x-fox/) +- [Nostore](https://github.com/ursuscamp/nostore)