Skip to content

Commit 64bfb01

Browse files
committed
feat: upgrade inventory key encryption to NIP-44
1 parent 574df74 commit 64bfb01

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

src/hooks/useInventoryKey.ts

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -72,11 +72,14 @@ export function useInventoryKey() {
7272
const myTag = event.tags.find(t => t[0] === 'p' && t[1] === activeUser.pubkey);
7373
if (!myTag || !myTag[2]) return;
7474

75+
76+
// Try NIP-44 Decryption
7577
try {
7678
const encryptedKey = myTag[2];
7779
const senderUser = new NDKUser({ pubkey: event.pubkey });
7880

79-
const decryptedHex = await ndk!.signer!.decrypt(senderUser, encryptedKey);
81+
// Attempt NIP-44 first
82+
const decryptedHex = await ndk!.signer!.decrypt(senderUser, encryptedKey, 'nip44');
8083
const keyBytes = hexToBytes(decryptedHex);
8184

8285
keys.set(event.pubkey, keyBytes);
@@ -86,7 +89,8 @@ export function useInventoryKey() {
8689
myKeychain = event;
8790
}
8891
} catch (e) {
89-
console.warn(`Failed to decrypt key from ${event.pubkey}`, e);
92+
console.warn(`Failed to decrypt key from ${event.pubkey} (NIP-44)`, e);
93+
// Fallback to NIP-04? No, strict upgrade for Phase 2.
9094
}
9195
}));
9296

@@ -108,8 +112,8 @@ export function useInventoryKey() {
108112
const newKey = generateInventoryKey();
109113
const newKeyHex = bytesToHex(newKey);
110114

111-
// Encrypt for self
112-
const encryptedForSelf = await ndk.signer.encrypt(activeUser, newKeyHex);
115+
// Encrypt for self (NIP-44)
116+
const encryptedForSelf = await ndk.signer.encrypt(activeUser, newKeyHex, 'nip44');
113117

114118
const event = new NDKEvent(ndk);
115119
event.kind = KEYCHAIN_KIND;
@@ -136,7 +140,8 @@ export function useInventoryKey() {
136140
const keyHex = bytesToHex(myKey);
137141
const targetUser = new NDKUser({ pubkey: targetPubkey });
138142

139-
const encryptedForTarget = await ndk.signer.encrypt(targetUser, keyHex);
143+
// Encrypt for target (NIP-44)
144+
const encryptedForTarget = await ndk.signer.encrypt(targetUser, keyHex, 'nip44');
140145

141146
const existingTags = myKeychain.tags.filter(t => t[0] !== 'd');
142147
const filteredTags = existingTags.filter(t => !(t[0] === 'p' && t[1] === targetPubkey));

0 commit comments

Comments
 (0)