From 2e85b89bcbc2b6dea07d988c3b4e4372614f254d Mon Sep 17 00:00:00 2001 From: Alexander Lopatin Date: Sun, 21 Jul 2024 02:05:46 +0800 Subject: Fix #1377: NIP-46: It's not obvious to the end-user that optional secrets are not temporary --- 46.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '46.md') diff --git a/46.md b/46.md index 1528116..fac06ee 100644 --- a/46.md +++ b/46.md @@ -28,7 +28,7 @@ The remote signer would provide a connection token in the form: bunker://?relay=&relay=&secret= ``` -This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). +This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). Optional secret can be used for single successfully established connection only, remote signer SHOULD ignore new attempts to establish connection with old secret key. ### Direct connection initiated by the client -- cgit v1.2.3 From 8b5c9d8cf20899d6189f05d1d2f9f520677ce12b Mon Sep 17 00:00:00 2001 From: Alexander Lopatin Date: Sat, 20 Jul 2024 21:19:05 +0300 Subject: Update 46.md Co-authored-by: Alex Gleason --- 46.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '46.md') diff --git a/46.md b/46.md index fac06ee..114c377 100644 --- a/46.md +++ b/46.md @@ -28,7 +28,7 @@ The remote signer would provide a connection token in the form: bunker://?relay=&relay=&secret= ``` -This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). Optional secret can be used for single successfully established connection only, remote signer SHOULD ignore new attempts to establish connection with old secret key. +This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). Optional secret can be used for single successfully established connection only, remote signer SHOULD ignore new attempts to establish connection with old optional secret. ### Direct connection initiated by the client -- cgit v1.2.3 From 6c89e929ba445235e45ab2bb970c012827cf35b1 Mon Sep 17 00:00:00 2001 From: randymcmillan Date: Sun, 28 Jul 2024 15:19:39 -0400 Subject: 46.mk:use relative links --- 46.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to '46.md') diff --git a/46.md b/46.md index 114c377..57fd2b0 100644 --- a/46.md +++ b/46.md @@ -101,7 +101,7 @@ nostrconnect://?relay=&metadata } ``` -The `content` field is a JSON-RPC-like message that is [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md) encrypted and has the following structure: +The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted and has the following structure: ```json { @@ -148,7 +148,7 @@ The `connect` method may be provided with `optional_requested_permissions` for u } ``` -The `content` field is a JSON-RPC-like message that is [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md) encrypted and has the following structure: +The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted and has the following structure: ```json { @@ -224,4 +224,4 @@ Coming soon... ## References -- [NIP-04 - Encryption](https://github.com/nostr-protocol/nips/blob/master/04.md) +- [NIP-04 - Encryption](04.md) -- cgit v1.2.3 From b4a2561df7325b8624bc5ffad154ec946ade2f1e Mon Sep 17 00:00:00 2001 From: kehiy Date: Mon, 2 Sep 2024 20:33:45 +0330 Subject: style: fix header styles in same format --- 09.md | 2 +- 10.md | 4 ++-- 11.md | 6 +++--- 26.md | 2 +- 32.md | 2 +- 35.md | 2 +- 38.md | 2 +- 44.md | 2 +- 45.md | 2 +- 46.md | 6 +++++- 55.md | 6 ++++-- 64.md | 2 +- 71.md | 2 +- 73.md | 2 +- 96.md | 6 ++++-- 15 files changed, 28 insertions(+), 20 deletions(-) (limited to '46.md') diff --git a/09.md b/09.md index e1be542..b1a28ac 100644 --- a/09.md +++ b/09.md @@ -2,7 +2,7 @@ NIP-09 ====== Event Deletion Request --------------- +---------------------- `draft` `optional` diff --git a/10.md b/10.md index dfd4cb9..67b01f2 100644 --- a/10.md +++ b/10.md @@ -2,8 +2,8 @@ NIP-10 ====== -On "e" and "p" tags in Text Events (kind 1). --------------------------------------------- +On "e" and "p" tags in Text Events (kind 1) +------------------------------------------- `draft` `optional` diff --git a/11.md b/11.md index a50038a..21c61e4 100644 --- a/11.md +++ b/11.md @@ -2,7 +2,7 @@ NIP-11 ====== Relay Information Document ---------------------------- +-------------------------- `draft` `optional` @@ -172,7 +172,7 @@ There is no need to specify retention times for _ephemeral events_ since they ar ### Content Limitations Some relays may be governed by the arbitrary laws of a nation state. This -may limit what content can be stored in cleartext on those relays. All +may limit what content can be stored in clear-text on those relays. All clients are encouraged to use encryption to work around this limitation. It is not possible to describe the limitations of each country's laws @@ -183,7 +183,7 @@ countries' laws might end up being enforced on them, and then indirectly on their users' content. Users should be able to avoid relays in countries they don't like, -and/or select relays in more favourable zones. Exposing this +and/or select relays in more favorable zones. Exposing this flexibility is up to the client software. ```json diff --git a/26.md b/26.md index 86c46e1..445dd54 100644 --- a/26.md +++ b/26.md @@ -2,7 +2,7 @@ NIP-26 ======= Delegated Event Signing ------ +----------------------- `draft` `optional` diff --git a/32.md b/32.md index 92d18eb..e06cad5 100644 --- a/32.md +++ b/32.md @@ -2,7 +2,7 @@ NIP-32 ====== Labeling ---------- +-------- `draft` `optional` diff --git a/35.md b/35.md index 04cfb46..980bc85 100644 --- a/35.md +++ b/35.md @@ -2,7 +2,7 @@ NIP-35 ====== Torrents ------------ +-------- `draft` `optional` diff --git a/38.md b/38.md index d841d76..684843a 100644 --- a/38.md +++ b/38.md @@ -3,7 +3,7 @@ NIP-38 ====== User Statuses --------------- +------------- `draft` `optional` diff --git a/44.md b/44.md index f3071ea..78c2323 100644 --- a/44.md +++ b/44.md @@ -1,5 +1,5 @@ NIP-44 -===== +====== Encrypted Payloads (Versioned) ------------------------------ diff --git a/45.md b/45.md index 6b25396..219368e 100644 --- a/45.md +++ b/45.md @@ -2,7 +2,7 @@ NIP-45 ====== Event Counts --------------- +------------ `draft` `optional` diff --git a/46.md b/46.md index 57fd2b0..389a3e8 100644 --- a/46.md +++ b/46.md @@ -1,4 +1,8 @@ -# NIP-46 - Nostr Remote Signing +NIP-46 +====== + +Nostr Remote Signing +-------------------- ## Rationale diff --git a/55.md b/55.md index 4565e8c..c0ee957 100644 --- a/55.md +++ b/55.md @@ -1,6 +1,8 @@ -# NIP-55 +NIP-55 +====== -## Android Signer Application +Android Signer Application +-------------------------- `draft` `optional` diff --git a/64.md b/64.md index 6d8d373..7c2329a 100644 --- a/64.md +++ b/64.md @@ -2,7 +2,7 @@ NIP-64 ====== Chess (Portable Game Notation) ------ +------------------------------ `draft` `optional` diff --git a/71.md b/71.md index be1587c..302bbbf 100644 --- a/71.md +++ b/71.md @@ -2,7 +2,7 @@ NIP-71 ====== Video Events ---------------- +------------ `draft` `optional` diff --git a/73.md b/73.md index 12228d3..d50ab22 100644 --- a/73.md +++ b/73.md @@ -2,7 +2,7 @@ NIP-73 ====== External Content IDs -------------------------- +-------------------- `draft` `optional` diff --git a/96.md b/96.md index be70999..fab0c1a 100644 --- a/96.md +++ b/96.md @@ -1,6 +1,8 @@ -# NIP-96 +NIP-96 +====== -## HTTP File Storage Integration +HTTP File Storage Integration +----------------------------- `draft` `optional` -- cgit v1.2.3 From e6552476aa2e5ca7256be572a9aa226ec8a022ee Mon Sep 17 00:00:00 2001 From: kehiy Date: Tue, 3 Sep 2024 20:41:31 +0330 Subject: format(all): json formatting --- 02.md | 4 ++-- 05.md | 4 ++-- 09.md | 4 ++-- 11.md | 26 +++++++++++++++----------- 15.md | 19 ++++++++++--------- 17.md | 10 +++++----- 25.md | 8 ++++---- 28.md | 26 +++++++++++++------------- 29.md | 28 ++++++++++++++-------------- 32.md | 26 +++++++++++++------------- 34.md | 7 ++++--- 35.md | 2 +- 38.md | 4 +++- 39.md | 5 +++-- 42.md | 8 ++++---- 46.md | 2 +- 47.md | 10 ++++------ 50.md | 4 ++-- 51.md | 2 +- 53.md | 10 +++++----- 54.md | 8 ++++---- 56.md | 12 ++++++++---- 57.md | 2 +- 58.md | 12 ++++++------ 59.md | 4 ++-- 64.md | 12 ++++++------ 65.md | 4 ++-- 71.md | 2 +- 72.md | 6 +++--- 75.md | 20 ++++++++++---------- 84.md | 4 ++-- 89.md | 22 ++++++++++++---------- 90.md | 26 +++++++++++++------------- 94.md | 4 ++-- 96.md | 51 +++++++++++++++++++++++++-------------------------- 99.md | 2 +- 36 files changed, 206 insertions(+), 194 deletions(-) (limited to '46.md') diff --git a/02.md b/02.md index 4029b22..8354bf0 100644 --- a/02.md +++ b/02.md @@ -14,7 +14,7 @@ The `.content` is not used. For example: -```json +```jsonc { "kind": 3, "tags": [ @@ -23,7 +23,7 @@ For example: ["p", "612ae..e610f", "ws://carolrelay.com/ws", "carol"] ], "content": "", - ...other fields + // other fields... } ``` diff --git a/05.md b/05.md index eeca551..ca6da7b 100644 --- a/05.md +++ b/05.md @@ -16,12 +16,12 @@ The result should be a JSON document object with a key `"names"` that should the If a client sees an event like this: -```json +```jsonc { "pubkey": "b0635d6a9851d3aed0cd6c495b282167acf761729078d975fc341b22650b07b9", "kind": 0, "content": "{\"name\": \"bob\", \"nip05\": \"bob@example.com\"}" - ... + // other fields... } ``` diff --git a/09.md b/09.md index b1a28ac..23ffeab 100644 --- a/09.md +++ b/09.md @@ -12,7 +12,7 @@ The event's `content` field MAY contain a text note describing the reason for th For example: -``` +```jsonc { "kind": 5, "pubkey": <32-bytes hex-encoded public key of the event creator>, @@ -24,7 +24,7 @@ For example: ["k", "30023"] ], "content": "these posts were published by accident", - ...other fields + // other fields... } ``` diff --git a/11.md b/11.md index 21c61e4..0ca5870 100644 --- a/11.md +++ b/11.md @@ -66,7 +66,7 @@ These are limitations imposed by the relay on clients. Your client should expect that requests which exceed these *practical* limitations are rejected or fail immediately. -```json +```jsonc { "limitation": { "max_message_length": 16384, @@ -83,7 +83,7 @@ are rejected or fail immediately. "created_at_lower_limit": 31536000, "created_at_upper_limit": 3 }, - ... + // other fields... } ``` @@ -146,14 +146,15 @@ Retention times are given in seconds, with `null` indicating infinity. If zero is provided, this means the event will not be stored at all, and preferably an error will be provided when those are received. -```json +```jsonc { "retention": [ {"kinds": [0, 1, [5, 7], [40, 49]], "time": 3600}, {"kinds": [[40000, 49999]], "time": 100}, {"kinds": [[30000, 39999]], "count": 1000}, {"time": 3600, "count": 10000} - ] + ], + // other fields... } ``` @@ -186,10 +187,10 @@ Users should be able to avoid relays in countries they don't like, and/or select relays in more favorable zones. Exposing this flexibility is up to the client software. -```json +```jsonc { "relay_countries": [ "CA", "US" ], - ... + // other fields... } ``` @@ -208,12 +209,12 @@ local community. This would encourage users to follow the global feed on that relay, in addition to their usual individual follows. To support this goal, relays MAY specify some of the following values. -```json +```jsonc { "language_tags": ["en", "en-419"], "tags": ["sfw-only", "bitcoin-only", "anime"], "posting_policy": "https://example.com/posting-policy.html", - ... + // other fields... } ``` @@ -260,10 +261,10 @@ Relays that require payments may want to expose their fee schedules. A URL pointing to an image to be used as an icon for the relay. Recommended to be squared in shape. -```json +```jsonc { "icon": "https://nostr.build/i/53866b44135a27d624e99c6165cabd76ac8f72797209700acb189fce75021f47.jpg", - ... + // other fields... } ``` @@ -271,9 +272,11 @@ A URL pointing to an image to be used as an icon for the relay. Recommended to b As of 2 May 2023 the following command provided these results: +```bash +$ curl -H "Accept: application/nostr+json" https://eden.nostr.land | jq ``` -~> curl -H "Accept: application/nostr+json" https://eden.nostr.land | jq +```json { "description": "nostr.land family of relays (us-or-01)", "name": "nostr.land", @@ -312,3 +315,4 @@ As of 2 May 2023 the following command provided these results: ] }, } +``` diff --git a/15.md b/15.md index 2a4e2c2..b55b444 100644 --- a/15.md +++ b/15.md @@ -73,10 +73,10 @@ Fields that are not self-explanatory: **Event Tags** -```json +```jsonc { "tags": [["d", , "address": , - "message": ", + "message": , "contact": { "nostr": <32-bytes hex of a pubkey>, "phone": , @@ -237,7 +237,7 @@ Create a customized user experience using the `naddr` from [NIP-19](19.md#sharea **Event Content** -```json +```jsonc { "name": , "about": , @@ -248,7 +248,7 @@ Create a customized user experience using the `naddr` from [NIP-19](19.md#sharea "darkMode": }, "merchants": [array of pubkeys (optional)], - ... + // other fields... } ``` @@ -290,10 +290,11 @@ This event leverages naddr to enable comprehensive customization and sharing of ### Event `1021`: Bid -```json +```jsonc { "content": , "tags": [["e", ]], + // other fields... } ``` @@ -335,4 +336,4 @@ Customer support is handled over whatever communication method was specified. If ## Additional -Standard data models can be found here +Standard data models can be found [here](https://raw.githubusercontent.com/lnbits/nostrmarket/main/models.py) diff --git a/17.md b/17.md index d22dbde..4b96bce 100644 --- a/17.md +++ b/17.md @@ -12,18 +12,18 @@ This NIP defines an encrypted direct messaging scheme using [NIP-44](44.md) encr Kind `14` is a chat message. `p` tags identify one or more receivers of the message. -```js +```jsonc { "id": "",   "pubkey": "", - "created_at": now(), + "created_at": "",   "kind": 14,   "tags": [     ["p", "", ""],     ["p", "", ""],     ["e", "", "", "reply"] // if this is a reply ["subject", ""], -    ... +    // rest of tags...   ],   "content": "", } @@ -86,7 +86,7 @@ Clients CAN offer disappearing messages by setting an `expiration` tag in the gi Kind `10050` indicates the user's preferred relays to receive DMs. The event MUST include a list of `relay` tags with relay URIs. -```js +```jsonc { "kind": 10050, "tags": [ @@ -94,7 +94,7 @@ Kind `10050` indicates the user's preferred relays to receive DMs. The event MUS ["relay", "wss://myrelay.nostr1.com"], ], "content": "", - //...other fields + // other fields... } ``` diff --git a/25.md b/25.md index f038603..671c55f 100644 --- a/25.md +++ b/25.md @@ -57,14 +57,14 @@ Reactions to a website If the target of the reaction is a website, the reaction MUST be a `kind 17` event and MUST include an `r` tag with the website's URL. -```json +```jsonc { "kind": 17, "content": "⭐", "tags": [ ["r", "https://example.com/"] ], - ...other fields + // other fields... } ``` @@ -79,14 +79,14 @@ The client may specify a custom emoji ([NIP-30](30.md)) `:shortcode:` in the reaction content. The client should refer to the emoji tag and render the content as an emoji if shortcode is specified. -```json +```jsonc { "kind": 7, "content": ":soapbox:", "tags": [ ["emoji", "soapbox", "https://gleasonator.com/emoji/Gleasonator/soapbox.png"] ], - ...other fields + // other fields... } ``` diff --git a/28.md b/28.md index 1632088..73c76b2 100644 --- a/28.md +++ b/28.md @@ -25,10 +25,10 @@ Create a public chat channel. In the channel creation `content` field, Client SHOULD include basic channel metadata (`name`, `about`, `picture` and `relays` as specified in kind 41). -```json +```jsonc { "content": "{\"name\": \"Demo Channel\", \"about\": \"A test channel.\", \"picture\": \"https://placekitten.com/200/200\", \"relays\": [\"wss://nos.lol\", \"wss://nostr.mom\"]}", - ... + // other fields... } ``` @@ -52,11 +52,11 @@ Clients MAY add additional metadata fields. Clients SHOULD use [NIP-10](10.md) marked "e" tags to recommend a relay. -```json +```jsonc { "content": "{\"name\": \"Updated Demo Channel\", \"about\": \"Updating a test channel.\", \"picture\": \"https://placekitten.com/201/201\", \"relays\": [\"wss://nos.lol\", \"wss://nostr.mom\"]}", "tags": [["e", , ]], - ... + // other fields... } ``` @@ -71,26 +71,26 @@ Clients SHOULD append [NIP-10](10.md) "p" tags to replies. Root message: -```json +```jsonc { "content": , "tags": [["e", , , "root"]], - ... + // other fields... } ``` Reply to another message: -```json +```jsonc { "content": , "tags": [ ["e", , , "root"], ["e", , , "reply"], ["p", , ], - ... + // rest of tags... ], - ... + // other fields... } ``` @@ -107,11 +107,11 @@ Clients MAY hide event 42s for other users other than the user who sent the even (For example, if three users 'hide' an event giving a reason that includes the word 'pornography', a Nostr client that is an iOS app may choose to hide that message for all iOS clients.) -```json +```jsonc { "content": "{\"reason\": \"Dick pic\"}", "tags": [["e", ]], - ... + // other fields... } ``` @@ -125,11 +125,11 @@ Clients SHOULD hide event 42s shown to a given user, if there is an event 44 fro Clients MAY hide event 42s for users other than the user who sent the event 44. -```json +```jsonc { "content": "{\"reason\": \"Posting dick pics\"}", "tags": [["p", ]], - ... + // other fields... } ``` diff --git a/29.md b/29.md index f867268..6232f8b 100644 --- a/29.md +++ b/29.md @@ -42,14 +42,14 @@ Relays should prevent late publication (messages published now with a timestamp This is the basic unit of a "microblog" root text note sent to a group. -```js +```jsonc "kind": 11, "content": "hello my friends lovers of pizza", "tags": [ ["h", ""], - ["previous", "", "", ...] + ["previous", "", "", /*...*/] ] - ... + // other fields... ``` - *threaded text reply* (`kind:12`) @@ -63,14 +63,14 @@ This is the basic unit of a "microblog" reply note sent to a group. It's the sam This is the basic unit of a _chat message_ sent to a group. -```js +```jsonc "kind": 9, "content": "hello my friends lovers of pizza", "tags": [ ["h", ""], - ["previous", "", "", ...] + ["previous", "", "", /*...*/] ] - ... + // other fields... ``` - *chat message threaded reply* (`kind:10`) @@ -83,7 +83,7 @@ Similar to `kind:12`, this is the basic unit of a chat message sent to a group. Any user can send one of these events to the relay in order to be automatically or manually added to the group. If the group is `open` the relay will automatically issue a `kind:9000` in response adding this user. Otherwise group admins may choose to query for these requests and act upon them. -```js +```json { "kind": 9021, "content": "optional reason", @@ -97,7 +97,7 @@ Any user can send one of these events to the relay in order to be automatically Any user can send one of these events to the relay in order to be automatically removed from the group. The relay will automatically issue a `kind:9001` in response removing this user. -```js +```json { "kind": 9022, "content": "optional reason", @@ -111,13 +111,13 @@ Any user can send one of these events to the relay in order to be automatically Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action. The relay may discard the event after taking action or keep it as a moderation log. -```js +```json { "kind": 90xx, "content": "optional reason", "tags": [ ["h", ""], - ["previous", ...] + ["previous", /*...*/] ] } ``` @@ -142,7 +142,7 @@ This event defines the metadata for the group -- basically how clients should di If the group is forked and hosted in multiple relays, there will be multiple versions of this event in each different relay and so on. -```js +```jsonc { "kind": 39000, "content": "", @@ -154,7 +154,7 @@ If the group is forked and hosted in multiple relays, there will be multiple ver ["public"], // or ["private"] ["open"] // or ["closed"] ] - ... + // other fields... } ``` @@ -177,7 +177,7 @@ The list of capabilities, as defined by this NIP, for now, is the following: - `edit-group-status` - `delete-group` -```js +```json { "kind": 39001, "content": "list of admins for the pizza lovers group", @@ -186,7 +186,7 @@ The list of capabilities, as defined by this NIP, for now, is the following: ["p", "", "ceo", "add-user", "edit-metadata", "delete-event", "remove-user"], ["p", "", "secretary", "add-user", "delete-event"] ] - ... + // other fields... } ``` diff --git a/32.md b/32.md index e06cad5..66f0283 100644 --- a/32.md +++ b/32.md @@ -57,7 +57,7 @@ Example events A suggestion that multiple pubkeys be associated with the `permies` topic. -```json +```jsonc { "kind": 1985, "tags": [ @@ -66,13 +66,13 @@ A suggestion that multiple pubkeys be associated with the `permies` topic. ["p", , ], ["p", , ] ], - ... + // other fields... } ``` A report flagging violence toward a human being as defined by ontology.example.com. -```json +```jsonc { "kind": 1985, "tags": [ @@ -81,13 +81,13 @@ A report flagging violence toward a human being as defined by ontology.example.c ["p", , ], ["p", , ] ], - ... + // other fields... } ``` A moderation suggestion for a chat event. -```json +```jsonc { "kind": 1985, "tags": [ @@ -95,13 +95,13 @@ A moderation suggestion for a chat event. ["l", "approve", "nip28.moderation"], ["e", , ] ], - ... + // other fields... } ``` Assignment of a license to an event. -```json +```jsonc { "kind": 1985, "tags": [ @@ -109,14 +109,14 @@ Assignment of a license to an event. ["l", "MIT", "license"], ["e", , ] ], - ... + // other fields... } ``` Publishers can self-label by adding `l` tags to their own non-1985 events. In this case, the kind 1 event's author is labeling their note as being related to Milan, Italy using ISO 3166-2. -```json +```jsonc { "kind": 1, "tags": [ @@ -124,13 +124,13 @@ is labeling their note as being related to Milan, Italy using ISO 3166-2. ["l", "IT-MI", "ISO-3166-2"] ], "content": "It's beautiful here in Milan!", - ... + // other fields... } ``` Author is labeling their note language as English using ISO-639-1. -```json +```jsonc { "kind": 1, "tags": [ @@ -138,7 +138,7 @@ Author is labeling their note language as English using ISO-639-1. ["l", "en", "ISO-639-1"] ], "content": "English text", - ... + // other fields... } ``` @@ -169,7 +169,7 @@ be handled in some other way. Appendix: Known Ontologies -------------------------- +-------------------------- Below is a non-exhaustive list of ontologies currently in widespread use. diff --git a/34.md b/34.md index 69f460b..9363aeb 100644 --- a/34.md +++ b/34.md @@ -106,7 +106,7 @@ The first patch in a series MAY be a cover letter in the format produced by `git Issues are Markdown text that is just human-readable conversational threads related to the repository: bug reports, feature requests, questions or comments of any kind. Like patches, these SHOULD be sent to the relays specified in that repository's announcement event's `"relays"` tag. -```jsonc +```json { "kind": 1621, "content": "", @@ -132,8 +132,9 @@ Replies are also Markdown text. The difference is that they MUST be issued as re // other "e" and "p" tags should be applied here when necessary, following the threading rules of NIP-10 ["p", "", "", "mention"], ["e", "", "", "reply"], - // ... - ] + // rest of tags... + ], + // other fields... } ``` diff --git a/35.md b/35.md index 980bc85..3891f6f 100644 --- a/35.md +++ b/35.md @@ -37,7 +37,7 @@ A second level prefix should be included where the database supports multiple me In some cases the url mapping isnt direct, mapping the url in general is out of scope for this NIP, the section above is only a guide so that implementers have enough information to succsesfully map the url if they wish. -```jsonc +```json { "kind": 2003, "content": "", diff --git a/38.md b/38.md index 684843a..8b22b2a 100644 --- a/38.md +++ b/38.md @@ -17,7 +17,7 @@ A special event with `kind:30315` "User Status" is defined as an *optionally exp For example: -```js +```json { "kind": 30315, "content": "Sign up for nostrasia!", @@ -26,7 +26,9 @@ For example: ["r", "https://nostr.world"] ], } +``` +```json { "kind": 30315, "content": "Intergalatic - Beastie Boys", diff --git a/39.md b/39.md index b7c3b9c..3777ac5 100644 --- a/39.md +++ b/39.md @@ -13,7 +13,8 @@ Nostr protocol users may have other online identities such as usernames, profile ## `i` tag on a metadata event A new optional `i` tag is introduced for `kind 0` metadata event defined in [NIP-01](01.md): -```json + +```jsonc { "id": , "pubkey": , @@ -23,7 +24,7 @@ A new optional `i` tag is introduced for `kind 0` metadata event defined in [NIP ["i", "mastodon:bitcoinhackers.org/@semisol", "109775066355589974"] ["i", "telegram:1087295469", "nostrdirectory/770"] ], - ... + // other fields... } ``` diff --git a/42.md b/42.md index 8c70de4..fdc5d10 100644 --- a/42.md +++ b/42.md @@ -22,13 +22,13 @@ A relay may want to require clients to authenticate to access restricted resourc This NIP defines a new message, `AUTH`, which relays CAN send when they support authentication and clients can send to relays when they want to authenticate. When sent by relays the message has the following form: -```json +``` ["AUTH", ] ``` And, when sent by clients, the following form: -```json +``` ["AUTH", ] ``` @@ -38,14 +38,14 @@ And, when sent by clients, the following form: The signed event is an ephemeral event not meant to be published or queried, it must be of `kind: 22242` and it should have at least two tags, one for the relay URL and one for the challenge string as received from the relay. Relays MUST exclude `kind: 22242` events from being broadcasted to any client. `created_at` should be the current time. Example: -```json +```jsonc { "kind": 22242, "tags": [ ["relay", "wss://relay.example.com/"], ["challenge", "challengestringhere"] ], - ... + // other fields... } ``` diff --git a/46.md b/46.md index 389a3e8..e1675b0 100644 --- a/46.md +++ b/46.md @@ -94,7 +94,7 @@ nostrconnect://?relay=&metadata ## Request Events `kind: 24133` -```json +```jsonc { "id": , "kind": 24133, diff --git a/47.md b/47.md index e4e432c..a19230f 100644 --- a/47.md +++ b/47.md @@ -173,7 +173,7 @@ Request: "amount": 123, // invoice amount in msats, required "pubkey": "03...", // payee pubkey, required "preimage": "0123456789abcdef...", // preimage of the payment, optional - "tlv_records: [ // tlv records, optional + "tlv_records": [ // tlv records, optional { "type": 5482373484, // tlv type "value": "0123456789abcdef" // hex encoded tlv value @@ -208,7 +208,7 @@ Request: "method": "multi_pay_keysend", "params": { "keysends": [ - {"id": "4c5b24a351", pubkey": "03...", "amount": 123}, + {"id": "4c5b24a351", "pubkey": "03...", "amount": 123}, {"id": "3da52c32a1", "pubkey": "02...", "amount": 567, "preimage": "abc123..", "tlv_records": [{"type": 696969, "value": "77616c5f6872444873305242454d353736"}]}, ], } @@ -358,8 +358,7 @@ Request: ```jsonc { "method": "get_balance", - "params": { - } + "params": {} } ``` @@ -379,8 +378,7 @@ Request: ```jsonc { "method": "get_info", - "params": { - } + "params": {} } ``` diff --git a/50.md b/50.md index 2a31cb1..9eea1f8 100644 --- a/50.md +++ b/50.md @@ -15,9 +15,9 @@ extensible framework for performing such queries. ## `search` filter field A new `search` field is introduced for `REQ` messages from clients: -```json +```jsonc { - ... + // other fields on filter object... "search": } ``` diff --git a/51.md b/51.md index f7a468e..3792d7f 100644 --- a/51.md +++ b/51.md @@ -111,7 +111,7 @@ Some clients have used these lists in the past, but they should work on transiti ### A _release artifact set_ of an Example App -```json +```jsonc { "id": "567b41fc9060c758c4216fe5f8d3df7c57daad7ae757fa4606f0c39d4dd220ef", "pubkey": "d6dc95542e18b8b7aec2f14610f55c335abebec76f3db9e58c254661d0593a0c", diff --git a/53.md b/53.md index 15bdbc9..ee12fef 100644 --- a/53.md +++ b/53.md @@ -16,7 +16,7 @@ A special event with `kind:30311` "Live Event" is defined as an _addressable eve For example: -```json +```jsonc { "kind": 30311, "tags": [ @@ -35,10 +35,10 @@ For example: ["p", "91cf9..4e5ca", "wss://provider1.com/", "Host", ""], ["p", "14aeb..8dad4", "wss://provider2.com/nostr", "Speaker"], ["p", "612ae..e610f", "ws://provider3.com/ws", "Participant"], - ["relays", "wss://one.com", "wss://two.com", ...] + ["relays", "wss://one.com", "wss://two.com", /*...*/] ], "content": "", - ... + // other fields... } ``` @@ -64,14 +64,14 @@ This feature is important to avoid malicious event owners adding large account h Event `kind:1311` is live chat's channel message. Clients MUST include the `a` tag of the activity with a `root` marker. Other Kind-1 tags such as `reply` and `mention` can also be used. -```json +```jsonc { "kind": 1311, "tags": [ ["a", "30311::", "", "root"], ], "content": "Zaps to live streams is beautiful.", - ... + // other fields... } ``` diff --git a/54.md b/54.md index cf22544..611ec7a 100644 --- a/54.md +++ b/54.md @@ -11,7 +11,7 @@ This NIP defines `kind:30818` (an _addressable event_) for long-form text conten Articles are identified by lowercase, normalized ascii `d` tags. ### Articles -```jsonc +```json { "content": "A wiki is a hypertext publication collaboratively edited and managed by its own audience.", "tags": [ @@ -96,13 +96,13 @@ Asciidoc has a strict spec, multiple implementations in many languages, and supp # Appendix 1: Merge requests Users can request other users to get their entries merged into someone else's entry by creating a `kind:818` event. -```jsonc +```json { "content": "I added information about how to make hot ice-creams", "kind": 818, "tags": [ [ "a", "30818::hot-ice-creams", "" ], - [ "e", "", "' ], + [ "e", "", "" ], [ "p", "" ], [ "e", "", "", "source" ] ] @@ -114,4 +114,4 @@ Users can request other users to get their entries merged into someone else's en `e` tag: optional version of the article in which this modifications is based `e` tag with `source` marker: the ID of the event that should be merged. This event id MUST be of a `kind:30818` as defined in this NIP. -The destination-pubkey (the pubkey being requested to merge something into their article can create [[NIP-25]] reactions that tag the `kind:818` event with `+` or `-` +The destination-pubkey is the pubkey being requested to merge something into their article can create [[NIP-25]] reactions that tag the `kind:818` event with `+` or `-` diff --git a/56.md b/56.md index fc8d898..f7b1b1a 100644 --- a/56.md +++ b/56.md @@ -41,7 +41,7 @@ further qualification and querying. Example events -------------- -```json +```jsonc { "kind": 1984, "tags": [ @@ -50,9 +50,11 @@ Example events ["l", "NS-nud", "social.nos.ontology"] ], "content": "", - ... + // other fields... } +``` +```jsonc { "kind": 1984, "tags": [ @@ -60,16 +62,18 @@ Example events ["p", ] ], "content": "He's insulting the king!", - ... + // other fields... } +``` +```jsonc { "kind": 1984, "tags": [ ["p", , "impersonation"] ], "content": "Profile is impersonating nostr:", - ... + // other fields... } ``` diff --git a/57.md b/57.md index 1c0b314..b533811 100644 --- a/57.md +++ b/57.md @@ -171,7 +171,7 @@ A client can retrieve `zap receipt`s on events and pubkeys using a NIP-01 filter When an event includes one or more `zap` tags, clients wishing to zap it SHOULD calculate the lnurl pay request based on the tags value instead of the event author's profile field. The tag's second argument is the `hex` string of the receiver's pub key and the third argument is the relay to download the receiver's metadata (Kind-0). An optional fourth parameter specifies the weight (a generalization of a percentage) assigned to the respective receiver. Clients should parse all weights, calculate a sum, and then a percentage to each receiver. If weights are not present, CLIENTS should equally divide the zap amount to all receivers. If weights are only partially present, receivers without a weight should not be zapped (`weight = 0`). -```js +```jsonc { "tags": [ [ "zap", "82341f882b6eabcd2ba7f1ef90aad961cf074af15b9ef44a09f9d2a8fbfbe6a2", "wss://nostr.oxtr.dev", "1" ], // 25% diff --git a/58.md b/58.md index 438574b..b6324f4 100644 --- a/58.md +++ b/58.md @@ -74,7 +74,7 @@ Clients SHOULD attempt to render the most appropriate badge thumbnail according ### Example of a Badge Definition event -```json +```jsonc { "pubkey": "alice", "kind": 30009, @@ -85,13 +85,13 @@ Clients SHOULD attempt to render the most appropriate badge thumbnail according ["image", "https://nostr.academy/awards/bravery.png", "1024x1024"], ["thumb", "https://nostr.academy/awards/bravery_256x256.png", "256x256"] ], - ... + // other fields... } ``` ### Example of Badge Award event -```json +```jsonc { "id": "", "kind": 8, @@ -101,14 +101,14 @@ Clients SHOULD attempt to render the most appropriate badge thumbnail according ["p", "bob", "wss://relay"], ["p", "charlie", "wss://relay"] ], - ... + // other fields... } ``` ### Example of a Profile Badges event Honorable Bob The Brave: -```json +```jsonc { "kind": 30008, "pubkey": "bob", @@ -119,6 +119,6 @@ Honorable Bob The Brave: ["a", "30009:alice:honor"], ["e", "", "wss://nostr.academy"] ], - ... + // other fields... } ``` diff --git a/59.md b/59.md index 4dc857f..a4fc99d 100644 --- a/59.md +++ b/59.md @@ -41,7 +41,7 @@ A `seal` is a `kind:13` event that wraps a `rumor` with the sender's regular key to a receiver's pubkey but there is no `p` tag pointing to the receiver. There is no way to know who the rumor is for without the receiver's or the sender's private key. The only public information in this event is who is signing it. -```js +```json { "id": "", "pubkey": "", @@ -60,7 +60,7 @@ Tags MUST must always be empty in a `kind:13`. The inner event MUST always be un A `gift wrap` event is a `kind:1059` event that wraps any other event. `tags` SHOULD include any information needed to route the event to its intended recipient, including the recipient's `p` tag or [NIP-13](13.md) proof of work. -```js +```json { "id": "", "pubkey": "", diff --git a/64.md b/64.md index 7c2329a..616c5d6 100644 --- a/64.md +++ b/64.md @@ -16,23 +16,23 @@ The `.content` of these notes is a string representing a [PGN-database][pgn_form ### Notes -```json +```jsonc { "kind": 64, "content": "1. e4 *", - ... + // other fields... } ``` -```json +```jsonc { "kind": 64, "tags": [ ["alt", "Fischer vs. Spassky in Belgrade on 1992-11-04 (F/S Return Match, Round 29)"], - ... + // rest of tags... ], - "content": "[Event \"F/S Return Match\"]\n[Site \"Belgrade, Serbia JUG\"]\n[Date \"1992.11.04\"]\n[Round \"29\"]\n[White \"Fischer, Robert J.\"]\n[Black \"Spassky, Boris V.\"]\n[Result \"1/2-1/2\"]\n\n1. e4 e5 2. Nf3 Nc6 3. Bb5 {This opening is called the Ruy Lopez.} 3... a6\n4. Ba4 Nf6 5. O-O Be7 6. Re1 b5 7. Bb3 d6 8. c3 O-O 9. h3 Nb8 10. d4 Nbd7\n11. c4 c6 12. cxb5 axb5 13. Nc3 Bb7 14. Bg5 b4 15. Nb1 h6 16. Bh4 c5 17. dxe5\nNxe4 18. Bxe7 Qxe7 19. exd6 Qf6 20. Nbd2 Nxd6 21. Nc4 Nxc4 22. Bxc4 Nb6\n23. Ne5 Rae8 24. Bxf7+ Rxf7 25. Nxf7 Rxe1+ 26. Qxe1 Kxf7 27. Qe3 Qg5 28. Qxg5\nhxg5 29. b3 Ke6 30. a3 Kd6 31. axb4 cxb4 32. Ra5 Nd5 33. f3 Bc8 34. Kf2 Bf5\n35. Ra7 g6 36. Ra6+ Kc5 37. Ke1 Nf4 38. g3 Nxh3 39. Kd2 Kb5 40. Rd6 Kc5 41. Ra6\nNf2 42. g4 Bd3 43. Re6 1/2-1/2" - ... + "content": "[Event \"F/S Return Match\"]\n[Site \"Belgrade, Serbia JUG\"]\n[Date \"1992.11.04\"]\n[Round \"29\"]\n[White \"Fischer, Robert J.\"]\n[Black \"Spassky, Boris V.\"]\n[Result \"1/2-1/2\"]\n\n1. e4 e5 2. Nf3 Nc6 3. Bb5 {This opening is called the Ruy Lopez.} 3... a6\n4. Ba4 Nf6 5. O-O Be7 6. Re1 b5 7. Bb3 d6 8. c3 O-O 9. h3 Nb8 10. d4 Nbd7\n11. c4 c6 12. cxb5 axb5 13. Nc3 Bb7 14. Bg5 b4 15. Nb1 h6 16. Bh4 c5 17. dxe5\nNxe4 18. Bxe7 Qxe7 19. exd6 Qf6 20. Nbd2 Nxd6 21. Nc4 Nxc4 22. Bxc4 Nb6\n23. Ne5 Rae8 24. Bxf7+ Rxf7 25. Nxf7 Rxe1+ 26. Qxe1 Kxf7 27. Qe3 Qg5 28. Qxg5\nhxg5 29. b3 Ke6 30. a3 Kd6 31. axb4 cxb4 32. Ra5 Nd5 33. f3 Bc8 34. Kf2 Bf5\n35. Ra7 g6 36. Ra6+ Kc5 37. Ke1 Nf4 38. g3 Nxh3 39. Kd2 Kb5 40. Rd6 Kc5 41. Ra6\nNf2 42. g4 Bd3 43. Re6 1/2-1/2", + // other fields... } ``` diff --git a/65.md b/65.md index f32c965..71660d4 100644 --- a/65.md +++ b/65.md @@ -12,7 +12,7 @@ The event MUST include a list of `r` tags with relay URIs and a `read` or `write The `.content` is not used. -```json +```jsonc { "kind": 10002, "tags": [ @@ -22,7 +22,7 @@ The `.content` is not used. ["r", "wss://nostr-relay.example.com", "read"] ], "content": "", - ...other fields + // other fields... } ``` diff --git a/71.md b/71.md index 302bbbf..5cf3b36 100644 --- a/71.md +++ b/71.md @@ -42,7 +42,7 @@ The list of tags are as follows: * `p` (optional, repeated) 32-bytes hex pubkey of a participant in the video, optional recommended relay URL * `r` (optional, repeated) references / links to web pages -```json +```jsonc { "id": <32-bytes lowercase hex-encoded SHA-256 of the the serialized event data>, "pubkey": <32-bytes lowercase hex-encoded public key of the event creator>, diff --git a/72.md b/72.md index b2f523b..582410a 100644 --- a/72.md +++ b/72.md @@ -35,7 +35,7 @@ The goal of this NIP is to enable public communities. It defines the replaceable ["relay", "", "approvals"], ["relay", ""] ], - ... + // other fields... } ``` @@ -50,7 +50,7 @@ Any Nostr event can be posted to a community. Clients MUST add one or more commu ["a", "34550::", ""], ], "content": "hello world", - // ... + // other fields... } ``` @@ -75,7 +75,7 @@ Moderators MAY request deletion of their approval of a post at any time using [N ["k", ""] ], "content": "", - // ... + // other fields... } ``` diff --git a/75.md b/75.md index a6f2bff..885c391 100644 --- a/75.md +++ b/75.md @@ -21,15 +21,16 @@ The following tags are defined as REQUIRED. Example event: -```json +```jsonc { "kind": 9041, "tags": [ - ["relays", "wss://alicerelay.example.com", "wss://bobrelay.example.com", ...], + ["relays", "wss://alicerelay.example.com", "wss://bobrelay.example.com", /*...*/], ["amount", "210000"], ], "content": "Nostrasia travel expenses", - ... + // other fields... +} ``` The following tags are OPTIONAL. @@ -38,18 +39,18 @@ The following tags are OPTIONAL. - `image` - an image for the goal - `summary` - a brief description -```json +```jsonc { "kind": 9041, "tags": [ - ["relays", "wss://alicerelay.example.com", "wss://bobrelay.example.com", ...], + ["relays", "wss://alicerelay.example.com", "wss://bobrelay.example.com", /*...*/], ["amount", "210000"], ["closed_at", ""], ["image", ""], ["summary", ""], ], "content": "Nostrasia travel expenses", - ... + // other fields... } ``` @@ -59,15 +60,14 @@ The goal MAY include multiple beneficiary pubkeys by specifying [`zap` tags](57. Addressable events can link to a goal by using a `goal` tag specifying the event id and an optional relay hint. -```json +```jsonc { - ... "kind": 3xxxx, "tags": [ - ... ["goal", "", ""], + // rest of tags... ], - ... + // other fields... } ``` diff --git a/84.md b/84.md index d5f54d4..e3063c2 100644 --- a/84.md +++ b/84.md @@ -26,14 +26,14 @@ useful when highlighting non-nostr content for which the client might be able to (e.g. prompting the user or reading a `` tag on the document). A role MAY be included as the last value of the tag. -```json +```jsonc { "tags": [ ["p", "", "", "author"], ["p", "", "", "author"], ["p", "", "", "editor"] ], - ... + // other fields... } ``` diff --git a/89.md b/89.md index 54aa30b..24aa3c5 100644 --- a/89.md +++ b/89.md @@ -27,7 +27,7 @@ There are three actors to this workflow: ## Events ### Recommendation event -```json +```jsonc { "kind": 31989, "pubkey": , @@ -35,7 +35,8 @@ There are three actors to this workflow: ["d", ], ["a", "31990:app1-pubkey:", "wss://relay1", "ios"], ["a", "31990:app2-pubkey:", "wss://relay2", "web"] - ] + ], + // other fields... } ``` @@ -47,7 +48,7 @@ The second value of the tag SHOULD be a relay hint. The third value of the tag SHOULD be the platform where this recommendation might apply. ## Handler information -```json +```jsonc { "kind": 31990, "pubkey": "", @@ -59,7 +60,8 @@ The third value of the tag SHOULD be the platform where this recommendation migh ["web", "https://..../p/", "nprofile"], ["web", "https://..../e/"], ["ios", ".../"] - ] + ], + // other fields... } ``` @@ -77,13 +79,13 @@ A tag without a second value in the array SHOULD be considered a generic handler # Client tag When publishing events, clients MAY include a `client` tag. Identifying the client that published the note. This tag is a tuple of `name`, `address` identifying a handler event and, a relay `hint` for finding the handler event. This has privacy implications for users, so clients SHOULD allow users to opt-out of using this tag. -```json +```jsonc { "kind": 1, "tags": [ ["client", "My Client", "31990:app1-pubkey:", "wss://relay1"] ] - ... + // other fields... } ``` @@ -99,14 +101,14 @@ The client MIGHT query for the user's and the user's follows handler. ### User A recommends a `kind:31337`-handler User A might be a user of Zapstr, a `kind:31337`-centric client (tracks). Using Zapstr, user A publishes an event recommending Zapstr as a `kind:31337`-handler. -```json +```jsonc { "kind": 31989, "tags": [ ["d", "31337"], ["a", "31990:1743058db7078661b94aaf4286429d97ee5257d14a86d6bfa54cb0482b876fb0:abcd", , "web"] ], - ... + // other fields... } ``` @@ -115,7 +117,7 @@ User B might see in their timeline an event referring to a `kind:31337` event (e User B's client, not knowing how to handle a `kind:31337` might display the event using its `alt` tag (as described in NIP-31). When the user clicks on the event, the application queries for a handler for this `kind`: -```json +``` ["REQ", , { "kinds": [31989], "#d": ["31337"], "authors": [, ] }] ``` @@ -126,6 +128,6 @@ User B's client sees the application's `kind:31990` which includes the informati ### Alternative query bypassing `kind:31989` Alternatively, users might choose to query directly for `kind:31990` for an event kind. Clients SHOULD be careful doing this and use spam-prevention mechanisms or querying high-quality restricted relays to avoid directing users to malicious handlers. -```json +``` ["REQ", , { "kinds": [31990], "#k": [], "authors": [...] }] ``` diff --git a/90.md b/90.md index 5a15ebb..696ebd5 100644 --- a/90.md +++ b/90.md @@ -36,7 +36,7 @@ There are two actors in the workflow described in this NIP: ## Job request (`kind:5000-5999`) A request to process data, published by a customer. This event signals that a customer is interested in receiving the result of some kind of compute. -```json +```jsonc { "kind": 5xxx, // kind in 5000-5999 range "content": "", @@ -46,7 +46,8 @@ A request to process data, published by a customer. This event signals that a cu [ "relays", "wss://..." ], [ "bid", "" ], [ "t", "bitcoin" ] - ] + ], + // other fields... } ``` @@ -81,19 +82,18 @@ If the user wants to keep the input parameters a secret, they can encrypt the `i ["param", "top-p", "0.7"], ["param", "frequency_penalty", "1"] ] - ``` This param data will be encrypted and added to the `content` field and `p` tag should be present -```json +```jsonc { "content": "BE2Y4xvS6HIY7TozIgbEl3sAHkdZoXyLRRkZv4fLPh3R7LtviLKAJM5qpkC7D6VtMbgIt4iNcMpLtpo...", "tags": [ ["p", "04f74530a6ede6b24731b976b8e78fb449ea61f40ff10e3d869a3030c4edc91f"], ["encrypted"] ], - ... + // other fields... } ``` @@ -102,7 +102,7 @@ This param data will be encrypted and added to the `content` field and `p` tag s Service providers publish job results, providing the output of the job result. They should tag the original job request event id as well as the customer's pubkey. -```json +```jsonc { "pubkey": "", "content": "", @@ -114,7 +114,7 @@ Service providers publish job results, providing the output of the job result. T ["p", ""], ["amount", "requested-payment-amount", ""] ], - ... + // other fields... } ``` @@ -127,7 +127,7 @@ Service providers publish job results, providing the output of the job result. T If the request has encrypted params, then output should be encrypted and placed in `content` field. If the output is encrypted, then avoid including `i` tag with input-data as clear text. Add a tag encrypted to mark the output content as `encrypted` -```json +```jsonc { "pubkey": "", "content": "", @@ -139,7 +139,7 @@ Add a tag encrypted to mark the output content as `encrypted` ["amount", "requested-payment-amount", ""], ["encrypted"] ], - ... + // other fields... } ``` @@ -147,7 +147,7 @@ Add a tag encrypted to mark the output content as `encrypted` Service providers can give feedback about a job back to the customer. -```json +```jsonc { "kind": 7000, "content": "", @@ -157,7 +157,7 @@ Service providers can give feedback about a job back to the customer. ["e", "", ""], ["p", ""], ], - ... + // other fields... } ``` @@ -211,7 +211,7 @@ This gives a higher level of flexibility to service providers (which sophisticat # Appendix 2: Service provider discoverability Service Providers MAY use NIP-89 announcements to advertise their support for job kinds: -```js +```jsonc { "kind": 31990, "pubkey": "", @@ -223,7 +223,7 @@ Service Providers MAY use NIP-89 announcements to advertise their support for jo ["k", "5005"], // e.g. translation ["t", "bitcoin"] // e.g. optionally advertises it specializes in bitcoin audio transcription that won't confuse "Drivechains" with "Ridechains" ], - ... + // other fields... } ``` diff --git a/94.md b/94.md index e35dfa1..a057cb2 100644 --- a/94.md +++ b/94.md @@ -27,7 +27,7 @@ This NIP specifies the use of the `1063` event type, having in `content` a descr * `alt` (optional) description for accessibility * `fallback` (optional) zero or more fallback file sources in case `url` fails -```json +```jsonc { "kind": 1063, "tags": [ @@ -46,7 +46,7 @@ This NIP specifies the use of the `1063` event type, having in `content` a descr ["alt", ] ], "content": "", - ... + // other fields... } ``` diff --git a/96.md b/96.md index fab0c1a..75d7f1f 100644 --- a/96.md +++ b/96.md @@ -19,7 +19,7 @@ will not have to learn anything about nostr relays. File storage servers wishing to be accessible by nostr users should opt-in by making available an https route at `/.well-known/nostr/nip96.json` with `api_url`: -```js +```jsonc { // Required // File upload and deletion are served from this url @@ -59,7 +59,7 @@ File storage servers wishing to be accessible by nostr users should opt-in by ma "file_expiration": [14, 90], "media_transformations": { "image": [ - 'resizing' + "resizing" ] } } @@ -127,14 +127,14 @@ The `server` MUST link the user's `pubkey` string as the owner of the file so to The upload response is a json object as follows: -```js +```jsonc { // "success" if successful or "error" if not - status: "success", + "status": "success", // Free text success, failure or info message - message: "Upload successful.", + "message": "Upload successful.", // Optional. See "Delayed Processing" section - processing_url: "...", + "processing_url": "...", // This uses the NIP-94 event format but DO NOT need // to fill some fields like "id", "pubkey", "created_at" and "sig" // @@ -143,9 +143,9 @@ The upload response is a json object as follows: // and, optionally, all file metadata the server wants to make available // // nip94_event field is absent if unsuccessful upload - nip94_event: { + "nip94_event2":{ // Required tags: "url" and "ox" - tags: [ + "tags": [ // Can be same from /.well-known/nostr/nip96.json's "download_url" field // (or "api_url" field if "download_url" is absent or empty) with appended // original file hash. @@ -171,7 +171,7 @@ The upload response is a json object as follows: ["dim", "800x600"] // ... other optional NIP-94 tags ], - content: "" + "content": "" }, // ... other custom fields (please consider adding them to this NIP or to NIP-94 tags) } @@ -202,12 +202,12 @@ the file processing is done. If the processing isn't done, the server should reply at the `processing_url` url with **200 OK** and the following JSON: -``` +```jsonc { // It should be "processing". If "error" it would mean the processing failed. - status: "processing", - message: "Processing. Please check again later for updated status.", - percentage: 15 // Processing percentage. An integer between 0 and 100. + "status": "processing", + "message": "Processing. Please check again later for updated status.", + "percentage": 15 // Processing percentage. An integer between 0 and 100. } ``` @@ -270,10 +270,10 @@ in the same file hash). The successful response is a 200 OK one with just basic JSON fields: -``` +```json { - status: "success", - message: "File deleted." + "status": "success", + "message": "File deleted." } ``` @@ -287,7 +287,7 @@ Returns a list of files linked to the authenticated users pubkey. Example Response: -```js +```jsonc { "count": 1, // server page size, eg. max(1, min(server_max_page_size, arg_count)) "total": 1, // total number of files @@ -295,17 +295,16 @@ Example Response: "files": [ { "tags": [ - ["ox": "719171db19525d9d08dd69cb716a18158a249b7b3b3ec4bbdec5698dca104b7b"], - ["x": "5d2899290e0e69bcd809949ee516a4a1597205390878f780c098707a7f18e3df"], + ["ox", "719171db19525d9d08dd69cb716a18158a249b7b3b3ec4bbdec5698dca104b7b"], + ["x", "5d2899290e0e69bcd809949ee516a4a1597205390878f780c098707a7f18e3df"], ["size", "123456"], ["alt", "a meme that makes you laugh"], ["expiration", "1715691139"], // ...other metadata - ] + ], "content": "haha funny meme", // caption "created_at": 1715691130 // upload timestamp - }, - ... + } ] } ``` @@ -324,14 +323,14 @@ Note: HTTP File Storage Server developers may skip this section. This is meant f A File Server Preference event is a kind 10096 replaceable event meant to select one or more servers the user wants to upload files to. Servers are listed as `server` tags: -```js -{ - // ... +```json +{. "kind": 10096, "content": "", "tags": [ ["server", "https://file.server.one"], ["server", "https://file.server.two"] - ] + ], + // other fields... } ``` diff --git a/99.md b/99.md index b1b7ce9..e2ffc3b 100644 --- a/99.md +++ b/99.md @@ -54,7 +54,7 @@ Other standard tags that might be useful. ## Example Event -```json +```jsonc { "kind": 30402, "created_at": 1675642635, -- cgit v1.2.3 From f1e8d2c4f764d66996c0c1fb2eeabfbc0c7b2528 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Thu, 24 Oct 2024 20:59:15 -0300 Subject: nip46: remove words, introduce distinction between bunker key and user key. --- 46.md | 85 +++++++++++++++++++++++++++++++------------------------------------ 1 file changed, 39 insertions(+), 46 deletions(-) (limited to '46.md') diff --git a/46.md b/46.md index e1675b0..c356a9c 100644 --- a/46.md +++ b/46.md @@ -4,6 +4,10 @@ NIP-46 Nostr Remote Signing -------------------- +## Changes + +`remote-signer-key` is introduced, passed in bunker url, clients must differentiate between `remote-signer-pubkey` and `user-pubkey`, must call `get_public_key` after connect. + ## Rationale Private keys should be exposed to as few systems - apps, operating systems, devices - as possible as each system adds to the attack surface. @@ -12,51 +16,53 @@ This NIP describes a method for 2-way communication between a remote signer and ## Terminology -- **Local keypair**: A local public and private key-pair used to encrypt content and communicate with the remote signer. Usually created by the client application. -- **Remote user pubkey**: The public key that the user wants to sign as. The remote signer has control of the private key that matches this public key. -- **Remote signer pubkey**: This is the public key of the remote signer itself. This is needed in both `create_account` command because you don't yet have a remote user pubkey. +- **user**: A person that is trying to use Nostr. +- **client**: A user-facing application that _user_ is looking at and clicking buttons in. This application will send requests to _remote-signer_. +- **remote-signer**: A daemon or server running somewhere that will answer requests from _client_, also known as "bunker". +- **client-keypair/pubkey**: The keys generated by _client_. Used to encrypt content and communicate with _remote-signer_. +- **remote-signer-keypair/pubkey**: The keys used by _remote-signer_ to encrypt content and communicate with _client_. This keypair MAY be same as _user-keypair_, but not necessarily. +- **user-keypair/pubkey**: The actual keys representing _user_ (that will be used to sign events in response to `sign_event` requests, for example). The _remote-signer_ generally has control over these keys. All pubkeys specified in this NIP are in hex format. ## Initiating a connection -To initiate a connection between a client and a remote signer there are a few different options. - -### Direct connection initiated by remote signer +There are two ways to initiate a connection: -This is most common in a situation where you have your own nsecbunker or other type of remote signer and want to connect through a client that supports remote signing. +### Direct connection initiated by _remote-signer_ -The remote signer would provide a connection token in the form: +_remote-signer_ provides connection token in the form: ``` -bunker://?relay=&relay=&secret= +bunker://?relay=&relay=&secret= ``` -This token is pasted into the client by the user and the client then uses the details to connect to the remote signer via the specified relay(s). Optional secret can be used for single successfully established connection only, remote signer SHOULD ignore new attempts to establish connection with old optional secret. +_user_ pastes this token on _client_, which then uses the details to connect to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old optional secret. ### Direct connection initiated by the client -In this case, basically the opposite direction of the first case, the client provides a connection token (or encodes the token in a QR code) and the signer initiates a connection to the client via the specified relay(s). +In this case, basically the opposite direction of the first case, _client_ provides a connection token (or encodes the token in a QR code) and _remote-signer_ initiates a connection via the specified relays. ``` -nostrconnect://?relay=&metadata= +nostrconnect://?relay=&metadata= ``` ## The flow -1. Client creates a local keypair. This keypair doesn't need to be communicated to the user since it's largely disposable (i.e. the user doesn't need to see this pubkey). Clients might choose to store it locally and they should delete it when the user logs out. -2. Client gets the remote user pubkey (either via a `bunker://` connection string or a NIP-05 login-flow; shown below) -3. Clients use the local keypair to send requests to the remote signer by `p`-tagging and encrypting to the remote user pubkey. -4. The remote signer responds to the client by `p`-tagging and encrypting to the local keypair pubkey. +1. _client_ generates `client-keypair`. This keypair doesn't need to be communicated to _user_ since it's largely disposable. _client_ might choose to store it locally and they should delete it on logout; +2. _client_ gets `remote-signer-pubkey` (either via a `bunker://` connection string or a NIP-05 login-flow; shown below); +3. _client_ use `client-keypair` to send requests to _remote-signer_ by `p`-tagging and encrypting to `remote-signer-pubkey`; +4. _remote-signer_ responds to _client_ by `p`-tagging and encrypting to the `client-pubkey`. ### Example flow for signing an event -- Remote user pubkey (e.g. signing as) `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` -- Local pubkey is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` +- `remote-signer-pubkey` is `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `user-pubkey` is also `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `client-pubkey` is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` #### Signature request -```json +```js { "kind": 24133, "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", @@ -70,13 +76,13 @@ nostrconnect://?relay=&metadata created_at: 1714078911 }>)] }), - "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote user pubkey + "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote-signer-pubkey } ``` #### Response event -```json +```js { "kind": 24133, "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", @@ -84,7 +90,7 @@ nostrconnect://?relay=&metadata "id": , "result": json_stringified() }), - "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the local keypair pubkey + "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the client-pubkey } ``` @@ -94,20 +100,18 @@ nostrconnect://?relay=&metadata ## Request Events `kind: 24133` -```jsonc +```js { - "id": , "kind": 24133, "pubkey": , "content": )>, - "tags": [["p", ]], // NB: in the `create_account` event, the remote signer pubkey should be `p` tagged. - "created_at": + "tags": [["p", ]], } ``` The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted and has the following structure: -```json +```jsonc { "id": , "method": , @@ -125,15 +129,16 @@ Each of the following are methods that the client sends to the remote signer. | Command | Params | Result | | ------------------------ | ------------------------------------------------- | ---------------------------------------------------------------------- | -| `connect` | `[, , ]` | "ack" | +| `connect` | `[, , ]` | "ack" | | `sign_event` | `[<{kind, content, tags, created_at}>]` | `json_stringified()` | | `ping` | `[]` | "pong" | | `get_relays` | `[]` | `json_stringified({: {read: , write: }})` | -| `get_public_key` | `[]` | `` | +| `get_public_key` | `[]` | `` | | `nip04_encrypt` | `[, ]` | `` | | `nip04_decrypt` | `[, ]` | `` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | +| `create_account` | `[<username>, <domain>, <optional_email>, <optional_requested_permissions>]` | `<newly_created_user_pubkey>` | ### Requested permissions @@ -145,9 +150,9 @@ The `connect` method may be provided with `optional_requested_permissions` for u { "id": <id>, "kind": 24133, - "pubkey": <remote_signer_pubkey>, + "pubkey": <remote-signer-pubkey>, "content": <nip04(<response>)>, - "tags": [["p", <local_keypair_pubkey>]], + "tags": [["p", <client-pubkey>]], "created_at": <unix timestamp in seconds> } ``` @@ -184,18 +189,6 @@ Clients should display (in a popup or new tab) the URL from the `error` field an ![signing-example-with-auth-challenge](https://i.nostr.build/W3aj.png) -## Remote Signer Commands - -Remote signers might support additional commands when communicating directly with it. These commands follow the same flow as noted above, the only difference is that when the client sends a request event, the `p`-tag is the pubkey of the remote signer itself and the `content` payload is encrypted to the same remote signer pubkey. - -### Methods/Commands - -Each of the following are methods that the client sends to the remote signer. - -| Command | Params | Result | -| ---------------- | ------------------------------------------ | ------------------------------------ | -| `create_account` | `[<username>, <domain>, <optional_email>, <optional_requested_permissions>]` | `<newly_created_remote_user_pubkey>` | - ## Appendix ### NIP-05 Login Flow @@ -204,7 +197,7 @@ Clients might choose to present a more familiar login flow, so users can type a When the user types a NIP-05 the client: -- Queries the `/.well-known/nostr.json` file from the domain for the NIP-05 address provided to get the user's pubkey (this is the **remote user pubkey**) +- Queries the `/.well-known/nostr.json` file from the domain for the NIP-05 address provided to get the user's pubkey (this is the `user-pubkey`) - In the same `/.well-known/nostr.json` file, queries for the `nip46` key to get the relays that the remote signer will be listening on. - Now the client has enough information to send commands to the remote signer on behalf of the user. @@ -216,9 +209,9 @@ In this last case, most often used to facilitate an OAuth-like signin flow, the First the client will query for `kind: 31990` events that have a `k` tag of `24133`. -These are generally shown to a user, and once the user selects which remote signer to use and provides the remote user pubkey they want to use (via npub, pubkey, or nip-05 value), the client can initiate a connection. Note that it's on the user to select the remote signer that is actually managing the remote key that they would like to use in this case. If the remote user pubkey is managed on another remote signer, the connection will fail. +These are generally shown to a user, and once the user selects which remote signer to use and provides the `user-pubkey` they want to use (via npub, pubkey, or nip-05 value), the client can initiate a connection. Note that it's on the user to select the _remote-signer_ that is actually managing the `user-keypair` that they would like to use in this case. If the `user-pubkey` is managed on another _remote-signer_ the connection will fail. -In addition, it's important that clients validate that the pubkey of the announced remote signer matches the pubkey of the `_` entry in the `/.well-known/nostr.json` file of the remote signer's announced domain. +In addition, it's important that clients validate that the pubkey of the announced _remote-signer_ matches the pubkey of the `_` entry in the `/.well-known/nostr.json` file of the remote signer's announced domain. Clients that allow users to create new accounts should also consider validating the availability of a given username in the namespace of remote signer's domain by checking the `/.well-known/nostr.json` file for existing usernames. Clients can then show users feedback in the UI before sending a `create_account` event to the remote signer and receiving an error in return. Ideally, remote signers would also respond with understandable error messages if a client tries to create an account with an existing username. -- cgit v1.2.3 From 926a51e72206dfa71b9950a0ce58b54a7422aad2 Mon Sep 17 00:00:00 2001 From: "Nostr.Band" <124499563+nostrband@users.noreply.github.com> Date: Tue, 12 Nov 2024 01:35:42 +0100 Subject: Nip46 upgrade part2: remove nip05 and create_account, clarify nostrconnect, cleanup, add nip05 signer metadata (#1553) --- 46.md | 169 ++++++++++++++++++++++++++++++++---------------------------------- 1 file changed, 81 insertions(+), 88 deletions(-) (limited to '46.md') diff --git a/46.md b/46.md index c356a9c..60850aa 100644 --- a/46.md +++ b/46.md @@ -6,7 +6,7 @@ Nostr Remote Signing ## Changes -`remote-signer-key` is introduced, passed in bunker url, clients must differentiate between `remote-signer-pubkey` and `user-pubkey`, must call `get_public_key` after connect. +`remote-signer-key` is introduced, passed in bunker url, clients must differentiate between `remote-signer-pubkey` and `user-pubkey`, must call `get_public_key` after connect, nip05 login is removed, create_account moved to another NIP. ## Rationale @@ -25,6 +25,14 @@ This NIP describes a method for 2-way communication between a remote signer and All pubkeys specified in this NIP are in hex format. +## Overview + +1. _client_ generates `client-keypair`. This keypair doesn't need to be communicated to _user_ since it's largely disposable. _client_ might choose to store it locally and they should delete it on logout; +2. A connection is established (see below), _remote-signer_ learns `client-pubkey`, _client_ learns `remote-signer-pubkey`. +3. _client_ uses `client-keypair` to send requests to _remote-signer_ by `p`-tagging and encrypting to `remote-signer-pubkey`; +4. _remote-signer_ responds to _client_ by `p`-tagging and encrypting to the `client-pubkey`. +5. _client_ requests `get_public_key` to learn `user-pubkey`. + ## Initiating a connection There are two ways to initiate a connection: @@ -37,66 +45,16 @@ _remote-signer_ provides connection token in the form: bunker://<remote-signer-pubkey>?relay=<wss://relay-to-connect-on>&relay=<wss://another-relay-to-connect-on>&secret=<optional-secret-value> ``` -_user_ pastes this token on _client_, which then uses the details to connect to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old optional secret. +_user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. -### Direct connection initiated by the client +### Direct connection initiated by the _client_ -In this case, basically the opposite direction of the first case, _client_ provides a connection token (or encodes the token in a QR code) and _remote-signer_ initiates a connection via the specified relays. +_client_ provides a connection token in the form: ``` -nostrconnect://<client-pubkey>?relay=<wss://relay-to-connect-on>&metadata=<json metadata in the form: {"name":"...", "url": "...", "description": "..."}> +nostrconnect://<client-pubkey>?relay=<wss://relay-to-connect-on>&metadata=<json metadata: {"name":"...", "url": "...", "description": "...", "perms": "..."}>&secret=<required-secret-value> ``` - -## The flow - -1. _client_ generates `client-keypair`. This keypair doesn't need to be communicated to _user_ since it's largely disposable. _client_ might choose to store it locally and they should delete it on logout; -2. _client_ gets `remote-signer-pubkey` (either via a `bunker://` connection string or a NIP-05 login-flow; shown below); -3. _client_ use `client-keypair` to send requests to _remote-signer_ by `p`-tagging and encrypting to `remote-signer-pubkey`; -4. _remote-signer_ responds to _client_ by `p`-tagging and encrypting to the `client-pubkey`. - -### Example flow for signing an event - -- `remote-signer-pubkey` is `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` -- `user-pubkey` is also `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` -- `client-pubkey` is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` - -#### Signature request - -```js -{ - "kind": 24133, - "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", - "content": nip04({ - "id": <random_string>, - "method": "sign_event", - "params": [json_stringified(<{ - content: "Hello, I'm signing remotely", - kind: 1, - tags: [], - created_at: 1714078911 - }>)] - }), - "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote-signer-pubkey -} -``` - -#### Response event - -```js -{ - "kind": 24133, - "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", - "content": nip04({ - "id": <random_string>, - "result": json_stringified(<signed-event>) - }), - "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the client-pubkey -} -``` - -#### Diagram - -![signing-example](https://i.nostr.build/P3gW.png) +_user_ passes this token to _remote-signer_, which then sends `connect` *response* event to the `client-pubkey` via the specified relays. Client discovers `remote-signer-pubkey` from connect response author. `secret` value MUST be provided to avoid connection spoofing, _client_ MUST validate the `secret` returned by `connect` response. ## Request Events `kind: 24133` @@ -125,11 +83,11 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Methods/Commands -Each of the following are methods that the client sends to the remote signer. +Each of the following are methods that the _client_ sends to the _remote-signer_. | Command | Params | Result | | ------------------------ | ------------------------------------------------- | ---------------------------------------------------------------------- | -| `connect` | `[<user_pubkey>, <optional_secret>, <optional_requested_permissions>]` | "ack" | +| `connect` | `[<remote-signer-pubkey>, <optional_secret>, <optional_requested_permissions>]` | "ack" OR `<required-secret-value>` | | `sign_event` | `[<{kind, content, tags, created_at}>]` | `json_stringified(<signed_event>)` | | `ping` | `[]` | "pong" | | `get_relays` | `[]` | `json_stringified({<relay_url>: {read: <boolean>, write: <boolean>}})` | @@ -138,11 +96,10 @@ Each of the following are methods that the client sends to the remote signer. | `nip04_decrypt` | `[<third_party_pubkey>, <nip04_ciphertext_to_decrypt>]` | `<plaintext>` | | `nip44_encrypt` | `[<third_party_pubkey>, <plaintext_to_encrypt>]` | `<nip44_ciphertext>` | | `nip44_decrypt` | `[<third_party_pubkey>, <nip44_ciphertext_to_decrypt>]` | `<plaintext>` | -| `create_account` | `[<username>, <domain>, <optional_email>, <optional_requested_permissions>]` | `<newly_created_user_pubkey>` | ### Requested permissions -The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. +The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. Same permission format may be used for `perms` field of `metadata` in `nostrconnect://` string. ## Response Events `kind:24133` @@ -171,54 +128,90 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted - `results` is a string of the result of the call (this can be either a string or a JSON stringified object) - `error`, _optionally_, it is an error in string form, if any. Its presence indicates an error with the request. -### Auth Challenges +## Example flow for signing an event + +- `remote-signer-pubkey` is `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `user-pubkey` is also `fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52` +- `client-pubkey` is `eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86` -An Auth Challenge is a response that a remote signer can send back when it needs the user to authenticate via other means. This is currently used in the OAuth-like flow enabled by signers like [Nsecbunker](https://github.com/kind-0/nsecbunkerd/). The response `content` object will take the following form: +### Signature request -```json +```js { - "id": <request_id>, - "result": "auth_url", - "error": <URL_to_display_to_end_user> + "kind": 24133, + "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", + "content": nip04({ + "id": <random_string>, + "method": "sign_event", + "params": [json_stringified(<{ + content: "Hello, I'm signing remotely", + kind: 1, + tags: [], + created_at: 1714078911 + }>)] + }), + "tags": [["p", "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"]], // p-tags the remote-signer-pubkey } ``` -Clients should display (in a popup or new tab) the URL from the `error` field and then subscribe/listen for another response from the remote signer (reusing the same request ID). This event will be sent once the user authenticates in the other window (or will never arrive if the user doesn't authenticate). It's also possible to add a `redirect_uri` url parameter to the auth_url, which is helpful in situations when a client cannot open a new window or tab to display the auth challenge. - -#### Example event signing request with auth challenge +### Response event -![signing-example-with-auth-challenge](https://i.nostr.build/W3aj.png) +```js +{ + "kind": 24133, + "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", + "content": nip04({ + "id": <random_string>, + "result": json_stringified(<signed-event>) + }), + "tags": [["p", "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86"]], // p-tags the client-pubkey +} +``` -## Appendix +### Diagram -### NIP-05 Login Flow +![signing-example](https://i.nostr.build/P3gW.png) -Clients might choose to present a more familiar login flow, so users can type a NIP-05 address instead of a `bunker://` string. -When the user types a NIP-05 the client: +## Auth Challenges -- Queries the `/.well-known/nostr.json` file from the domain for the NIP-05 address provided to get the user's pubkey (this is the `user-pubkey`) -- In the same `/.well-known/nostr.json` file, queries for the `nip46` key to get the relays that the remote signer will be listening on. -- Now the client has enough information to send commands to the remote signer on behalf of the user. +An Auth Challenge is a response that a _remote-signer_ can send back when it needs the _user_ to authenticate via other means. The response `content` object will take the following form: -### OAuth-like Flow +```json +{ + "id": <request_id>, + "result": "auth_url", + "error": <URL_to_display_to_end_user> +} +``` -#### Remote signer discovery via NIP-89 +_client_ should display (in a popup or new tab) the URL from the `error` field and then subscribe/listen for another response from the _remote-signer_ (reusing the same request ID). This event will be sent once the user authenticates in the other window (or will never arrive if the user doesn't authenticate). -In this last case, most often used to facilitate an OAuth-like signin flow, the client first looks for remote signers that have announced themselves via NIP-89 application handler events. +### Example event signing request with auth challenge -First the client will query for `kind: 31990` events that have a `k` tag of `24133`. +![signing-example-with-auth-challenge](https://i.nostr.build/W3aj.png) -These are generally shown to a user, and once the user selects which remote signer to use and provides the `user-pubkey` they want to use (via npub, pubkey, or nip-05 value), the client can initiate a connection. Note that it's on the user to select the _remote-signer_ that is actually managing the `user-keypair` that they would like to use in this case. If the `user-pubkey` is managed on another _remote-signer_ the connection will fail. +## Appendix -In addition, it's important that clients validate that the pubkey of the announced _remote-signer_ matches the pubkey of the `_` entry in the `/.well-known/nostr.json` file of the remote signer's announced domain. +### Announcing _remote-signer_ metadata -Clients that allow users to create new accounts should also consider validating the availability of a given username in the namespace of remote signer's domain by checking the `/.well-known/nostr.json` file for existing usernames. Clients can then show users feedback in the UI before sending a `create_account` event to the remote signer and receiving an error in return. Ideally, remote signers would also respond with understandable error messages if a client tries to create an account with an existing username. +_remote-signer_ MAY publish it's metadata by using [NIP-05](05.md) and [NIP-89](89.md). With NIP-05, a request to `<remote-signer>/.well-known/nostr.json?name=_` MAY return this: +``` +{ + "names":{ + "_": <remote-signer-app-pubkey>, + }, + "nip46": { + "relays": ["wss://relay1","wss://relay2"...], + "nostrconnect_url": "https://remote-signer-domain.com/<nostrconnect>" + } +} +``` -#### Example Oauth-like flow to create a new user account with Nsecbunker +The `<remote-signer-app-pubkey>` MAY be used to verify the domain from _remote-signer_'s NIP-89 event (see below). `relays` SHOULD be used to construct a more precise `nostrconnect://` string for the specific `remote-signer`. `nostrconnect_url` template MAY be used to redirect users to _remote-signer_'s connection flow by replacing `<nostrconnect>` placeholder with an actual `nostrconnect://` string. -Coming soon... +### Remote signer discovery via NIP-89 -## References +_remote-signer_ MAY publish a NIP-89 `kind: 31990` event with `k` tag of `24133`, which MAY also include one or more `relay` tags and MAY include `nostrconnect_url` tag. The semantics of `relay` and `nostrconnect_url` tags are the same as in the section above. -- [NIP-04 - Encryption](04.md) +_client_ MAY improve UX by discovering _remote-signers_ using their `kind: 31990` events. _client_ MAY then pre-generate `nostrconnect://` strings for the _remote-signers_, and SHOULD in that case verify that `kind: 31990` event's author is mentioned in signer's `nostr.json?name=_` file as `<remote-signer-app-pubkey>`. -- cgit v1.2.3 From f3244a0903b1fedbd8aa89596c658c9529e19ea6 Mon Sep 17 00:00:00 2001 From: hakkadaikon <hakkadaikon@yahoo.co.jp> Date: Mon, 18 Nov 2024 02:33:29 +0900 Subject: js,json -> jsonc --- 11.md | 4 ++-- 17.md | 2 +- 22.md | 14 +++++++------- 29.md | 2 +- 46.md | 8 ++++---- 96.md | 4 ++-- 6 files changed, 17 insertions(+), 17 deletions(-) (limited to '46.md') diff --git a/11.md b/11.md index 8efd0f0..8af4f31 100644 --- a/11.md +++ b/11.md @@ -262,7 +262,7 @@ processed by appropriate client software. Relays that require payments may want to expose their fee schedules. -```json +```jsonc { "payments_url": "https://my-relay/payments", "fees": { @@ -270,7 +270,7 @@ Relays that require payments may want to expose their fee schedules. "subscription": [{ "amount": 5000000, "unit": "msats", "period": 2592000 }], "publication": [{ "kinds": [4], "amount": 100, "unit": "msats" }], }, - ... + // other fields... } ``` diff --git a/17.md b/17.md index 4b96bce..72f40c4 100644 --- a/17.md +++ b/17.md @@ -47,7 +47,7 @@ An optional `subject` tag defines the current name/topic of the conversation. An Following [NIP-59](59.md), the **unsigned** `kind:14` chat message must be sealed (`kind:13`) and then gift-wrapped (`kind:1059`) to each receiver and the sender individually. -```js +```jsonc { "id": "<usual hash>",   "pubkey": randomPublicKey, diff --git a/22.md b/22.md index 3706aec..f11925f 100644 --- a/22.md +++ b/22.md @@ -13,7 +13,7 @@ It uses `kind:1111` with plaintext `.content` (no HTML, Markdown, or other forma Comments MUST point to the root scope using uppercase tag names (e.g. `K`, `E`, `A` or `I`) and MUST point to the parent item with lowercase ones (e.g. `k`, `e`, `a` or `i`). -```js +```jsonc { kind: 1111, content: '<comment>', @@ -56,7 +56,7 @@ If the parent item is an event, a `p` tag set to the parent event's author SHOUL A comment on a blog post looks like this: -```js +```jsonc { kind: 1111, content: 'Great blog post!', @@ -79,7 +79,7 @@ A comment on a blog post looks like this: A comment on a [NIP-94](94.md) file looks like this: -```js +```jsonc { kind: 1111, content: 'Great file!', @@ -100,7 +100,7 @@ A comment on a [NIP-94](94.md) file looks like this: A reply to a comment looks like this: -```js +```jsonc { kind: 1111, content: 'This is a reply to "Great file!"', @@ -121,7 +121,7 @@ A reply to a comment looks like this: A comment on a website's url looks like this: -```js +```jsonc { kind: 1111, content: 'Nice article!', @@ -142,7 +142,7 @@ A comment on a website's url looks like this: A podcast comment example: -```js +```jsonc { id: "80c48d992a38f9c445b943a9c9f1010b396676013443765750431a9004bdac05", pubkey: "252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111", @@ -164,7 +164,7 @@ A podcast comment example: A reply to a podcast comment: -```js +```jsonc { kind: 1111, content: "I'm replying to the above comment.", diff --git a/29.md b/29.md index f0ba8ab..a116433 100644 --- a/29.md +++ b/29.md @@ -141,7 +141,7 @@ These are events expected to be sent by the relay master key or by group admins Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action based on its role and the relay's internal policy (see also the description of `kind:39003`). -```json +```jsonc { "kind": 90xx, "content": "optional reason", diff --git a/46.md b/46.md index 60850aa..ce6764d 100644 --- a/46.md +++ b/46.md @@ -58,7 +58,7 @@ _user_ passes this token to _remote-signer_, which then sends `connect` *respons ## Request Events `kind: 24133` -```js +```jsonc { "kind": 24133, "pubkey": <local_keypair_pubkey>, @@ -136,7 +136,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Signature request -```js +```jsonc { "kind": 24133, "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", @@ -156,7 +156,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted ### Response event -```js +```jsonc { "kind": 24133, "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", @@ -196,7 +196,7 @@ _client_ should display (in a popup or new tab) the URL from the `error` field a ### Announcing _remote-signer_ metadata _remote-signer_ MAY publish it's metadata by using [NIP-05](05.md) and [NIP-89](89.md). With NIP-05, a request to `<remote-signer>/.well-known/nostr.json?name=_` MAY return this: -``` +```jsonc { "names":{ "_": <remote-signer-app-pubkey>, diff --git a/96.md b/96.md index 05c1b18..3828e76 100644 --- a/96.md +++ b/96.md @@ -323,8 +323,8 @@ Note: HTTP File Storage Server developers may skip this section. This is meant f A File Server Preference event is a kind 10096 replaceable event meant to select one or more servers the user wants to upload files to. Servers are listed as `server` tags: -```json -{. +```jsonc +{ "kind": 10096, "content": "", "tags": [ -- cgit v1.2.3 From 7976f8ab777a2bb6359ed64171309b4a0663bdf4 Mon Sep 17 00:00:00 2001 From: Jon Staab <shtaab@gmail.com> Date: Thu, 21 Nov 2024 08:48:32 -0800 Subject: Clarify nostrconnect metadata --- 46.md | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to '46.md') diff --git a/46.md b/46.md index ce6764d..824059c 100644 --- a/46.md +++ b/46.md @@ -45,15 +45,25 @@ _remote-signer_ provides connection token in the form: bunker://<remote-signer-pubkey>?relay=<wss://relay-to-connect-on>&relay=<wss://another-relay-to-connect-on>&secret=<optional-secret-value> ``` -_user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. +_user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. ### Direct connection initiated by the _client_ -_client_ provides a connection token in the form: +_client_ provides a connection token using `nostrconnect://` as the protocol, and `client-pubkey` as the origin. Additional information should be passed as query parameters: + +- `relay` (required) - one or more relay urls on which the _client_ is listening for responses from the _remote-signer_. +- `secret` (required) - a short random string that the _remote-signer_ should return as the `result` field of its response. +- `perms` (optional) - a comma-separated list of permissions the _client_ is requesting be approved by the _remote-signer_ +- `name` (optional) - the name of the _client_ application +- `url` (optional) - the canonical url of the _client_ application +- `image` (optional) - a small image representing the _client_ application + +Here's an example: ``` -nostrconnect://<client-pubkey>?relay=<wss://relay-to-connect-on>&metadata=<json metadata: {"name":"...", "url": "...", "description": "...", "perms": "..."}>&secret=<required-secret-value> +nostrconnect://83f3b2ae6aa368e8275397b9c26cf550101d63ebaab900d19dd4a4429f5ad8f5?relay=wss%3A%2F%2Frelay1.example.com&perms=nip44_encrypt%2Cnip44_decrypt%2Csign_event%3A13%2Csign_event%3A14%2Csign_event%3A1059&name=My+Client&secret=0s8j2djs&relay=wss%3A%2F%2Frelay2.example2.com ``` + _user_ passes this token to _remote-signer_, which then sends `connect` *response* event to the `client-pubkey` via the specified relays. Client discovers `remote-signer-pubkey` from connect response author. `secret` value MUST be provided to avoid connection spoofing, _client_ MUST validate the `secret` returned by `connect` response. ## Request Events `kind: 24133` -- cgit v1.2.3 From 2ffd8ec36360512c5f5087519b667434b4dc7832 Mon Sep 17 00:00:00 2001 From: 小原晴太 <haruta@s3-odara.net> Date: Fri, 29 Nov 2024 14:40:11 +0000 Subject: use example domain --- 46.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '46.md') diff --git a/46.md b/46.md index 824059c..7f8859f 100644 --- a/46.md +++ b/46.md @@ -213,7 +213,7 @@ _remote-signer_ MAY publish it's metadata by using [NIP-05](05.md) and [NIP-89]( }, "nip46": { "relays": ["wss://relay1","wss://relay2"...], - "nostrconnect_url": "https://remote-signer-domain.com/<nostrconnect>" + "nostrconnect_url": "https://remote-signer-domain.example/<nostrconnect>" } } ``` -- cgit v1.2.3 From 6d16019e9e98807b23b7ae1faf5edeead7ddee7a Mon Sep 17 00:00:00 2001 From: fiatjaf <fiatjaf@gmail.com> Date: Thu, 5 Dec 2024 16:59:18 -0300 Subject: nip46: abandon nip04 entirely and just use nip44. --- 46.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to '46.md') diff --git a/46.md b/46.md index 7f8859f..d170628 100644 --- a/46.md +++ b/46.md @@ -72,12 +72,12 @@ _user_ passes this token to _remote-signer_, which then sends `connect` *respons { "kind": 24133, "pubkey": <local_keypair_pubkey>, - "content": <nip04(<request>)>, + "content": <nip44(<request>)>, "tags": [["p", <remote-signer-pubkey>]], } ``` -The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted and has the following structure: +The `content` field is a JSON-RPC-like message that is [NIP-44](44.md) encrypted and has the following structure: ```jsonc { @@ -109,7 +109,7 @@ Each of the following are methods that the _client_ sends to the _remote-signer_ ### Requested permissions -The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip04_encrypt,sign_event:4` meaning permissions to call `nip04_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. Same permission format may be used for `perms` field of `metadata` in `nostrconnect://` string. +The `connect` method may be provided with `optional_requested_permissions` for user convenience. The permissions are a comma-separated list of `method[:params]`, i.e. `nip44_encrypt,sign_event:4` meaning permissions to call `nip44_encrypt` and to call `sign_event` with `kind:4`. Optional parameter for `sign_event` is the kind number, parameters for other methods are to be defined later. Same permission format may be used for `perms` field of `metadata` in `nostrconnect://` string. ## Response Events `kind:24133` @@ -118,13 +118,13 @@ The `connect` method may be provided with `optional_requested_permissions` for u "id": <id>, "kind": 24133, "pubkey": <remote-signer-pubkey>, - "content": <nip04(<response>)>, + "content": <nip44(<response>)>, "tags": [["p", <client-pubkey>]], "created_at": <unix timestamp in seconds> } ``` -The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted and has the following structure: +The `content` field is a JSON-RPC-like message that is [NIP-44](44.md) encrypted and has the following structure: ```json { @@ -150,7 +150,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted { "kind": 24133, "pubkey": "eff37350d839ce3707332348af4549a96051bd695d3223af4aabce4993531d86", - "content": nip04({ + "content": nip44({ "id": <random_string>, "method": "sign_event", "params": [json_stringified(<{ @@ -170,7 +170,7 @@ The `content` field is a JSON-RPC-like message that is [NIP-04](04.md) encrypted { "kind": 24133, "pubkey": "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52", - "content": nip04({ + "content": nip44({ "id": <random_string>, "result": json_stringified(<signed-event>) }), @@ -224,4 +224,4 @@ The `<remote-signer-app-pubkey>` MAY be used to verify the domain from _remote-s _remote-signer_ MAY publish a NIP-89 `kind: 31990` event with `k` tag of `24133`, which MAY also include one or more `relay` tags and MAY include `nostrconnect_url` tag. The semantics of `relay` and `nostrconnect_url` tags are the same as in the section above. -_client_ MAY improve UX by discovering _remote-signers_ using their `kind: 31990` events. _client_ MAY then pre-generate `nostrconnect://` strings for the _remote-signers_, and SHOULD in that case verify that `kind: 31990` event's author is mentioned in signer's `nostr.json?name=_` file as `<remote-signer-app-pubkey>`. +_client_ MAY improve UX by discovering _remote-signers_ using their `kind: 31990` events. _client_ MAY then pre-generate `nostrconnect://` strings for the _remote-signers_, and SHOULD in that case verify that `kind: 31990` event's author is mentioned in signer's `nostr.json?name=_` file as `<remote-signer-app-pubkey>`. -- cgit v1.2.3