mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-27 10:45:52 -05:00
Update 79.md
This commit is contained in:
parent
303e915ceb
commit
fba2e364c2
47
79.md
47
79.md
|
@ -8,22 +8,59 @@ NIP-79
|
|||
|
||||
### Idea 💡
|
||||
|
||||
The ability to sign and verify messages must be available clientside in order to have a proper implementation in the case where Users and Remote needs to be mutually verified.
|
||||
Authentication standards like NIP-07 and NIP-47 have proven effective. However, there's a need to extend the capability of message signature and verification to third-party applications that don't utilize the NIP-01 standard. This is crucial for scenarios where users and remote entities require mutual verification without relying on the NIP-42 standard, which involves submitting events for network-based verification.
|
||||
|
||||
The authentication between clients and relays can already be implemented with `nip-42` but this standard may lead to a **much simpler authentication** process where no Event has to be submitted on the network to verify authenticity.
|
||||
**tl;dr**
|
||||
|
||||
_The ability to sign and verify messages must be available clientside in order to have a proper implementation in the case where Users and Remote needs to be mutually verified._
|
||||
|
||||
_The authentication between clients and relays can already be implemented with `nip-42` but this standard may lead to a **much simpler authentication** process where no Event has to be submitted on the network to verify authenticity._
|
||||
|
||||
### Nostr Implementation Possibility
|
||||
|
||||
|
||||
> `nip-79` can be used standalone but it is intended to be a superset of `nip-07` it is therefore not recommended to use it without proper NIP-07 implementation.
|
||||
<br>
|
||||
NIP-79 proposes a solution to this challenge by introducing a client-side standard for message signature and verification, enabling seamless authentication between users and remote entities. This standard can work independently but is designed to enhance and complement NIP-07's capabilities.
|
||||
|
||||
The `window.nostr` object may be made available by web browsers or extensions and websites or web-apps may make use of it after checking its availability.
|
||||
|
||||
In order to sign and verify messages directly from the browser, the `window.nostr` object must define the following methods:
|
||||
<br>
|
||||
|
||||
```
|
||||
- ```js
|
||||
async window.nostr.signMessage(msg : string): string // returns sig string from nip-07 extension
|
||||
async window.nostr.verifyMessage(sig: string, pubkey : string): boolean // takes a sig and a pubkey and verify message integrity
|
||||
```
|
||||
- This method takes a message (`msg`) as input and returns the message's signature (`sig`) using the NIP-07 extension.
|
||||
- Example :
|
||||
```js
|
||||
const message = "Hello, world!";
|
||||
const signature = await window.nostr.signMessage(message);
|
||||
console.log("Message Signature:", signature);
|
||||
```
|
||||
<br>
|
||||
|
||||
- ```js
|
||||
// takes a sig and a pubkey and verify message integrity
|
||||
async window.nostr.verifyMessage(sig: string, pubkey : string): boolean
|
||||
```
|
||||
- This method verifies the integrity of a message by checking the validity of a given signature (`sig`) and public key
|
||||
(`pubkey`).
|
||||
- Returns true if the verification is successful, and false otherwise.
|
||||
- Example :
|
||||
```js
|
||||
const receivedSignature = "0xabcdef123456..."; // Received signature
|
||||
const senderPublicKey = "0x1234567890abc..."; // Sender's public key
|
||||
const isVerified = await window.nostr.verifyMessage(receivedSignature, senderPublicKey);
|
||||
console.log("Message Verified:", isVerified);
|
||||
```
|
||||
## Implementation Considerations
|
||||
|
||||
It's important to note that NIP-79 can function as a standalone solution. However, its design is intended to expand upon the capabilities of NIP-07. Therefore, it's recommended to have a proper NIP-07 implementation before utilizing NIP-79.
|
||||
|
||||
## Conclusion
|
||||
|
||||
NIP-79 introduces a powerful method for enabling offline message signature and verification through the window.nostr object. By providing these methods, the proposal aims to simplify and streamline the authentication process for third-party applications, fostering secure and trusted communication between users and remote entities.
|
||||
|
||||
_Please keep in mind that the code examples provided are simplified for illustration purposes and might not directly correspond to real-world implementations. The actual implementation details might vary based on the technology stack and tools being used._
|
||||
|
||||
## Implementations
|
||||
|
|
Loading…
Reference in New Issue
Block a user