nips/46.md
2023-11-21 15:49:40 -03:00

2.1 KiB

NIP-46

Nostr Connect

draft optional

This NIP describes a method for 2-way communication between a remote signer and a normal Nostr client. The remote signer could be, for example, a hardware device dedicated to signing Nostr events, while the client is a normal Nostr client.

Signer Discovery

The client must somehow be able to contact the signer through a common relay.

Started by the signer

The remote signer generates a connection token in the form

<npub1...>#<secret>?relay=wss://...&relay=wss://...

The user copies that token and pastes it in the client UI somehow. Then the client can send events of kind 24133 to the specified relays and wait for responses from the remote signer.

Started by the client

The client generates a QR code in the following form (URL-encoded):

nostrconnect://<client-key-hex>?relay=wss://...&metadata={"name":"client-name"}

The signer scans the QR code and sends a connect message to the client in the specified relays.

Event payloads

Event payloads are NIP-04-encrypted JSON blobs that look like JSONRPC.

Events sent by the client to the remote signer have the following format:

{
  "pubkey": "<client-key-hex>"
  "kind": 24133,
  "tags": [
    ["p", "<signer-key-hex>"]
  ],
  "content": "nip04_encrypted_json({id: <random-string>, method: <see-below>, params: []})",
  ...
}

And the events the remote signer sends to the client have the following format:

  "pubkey": "<signer-key-hex>"
  "kind": 24133,
  "tags": [
    ["p", "<client-key-hex>"]
  ],
  "content": "nip04_encrypted_json({id: <request-id>, result: <any>, error: <reason-string>})",
  ...

Methods

  • connect
    • params: [pubkey, secret]
    • result: null
  • get_public_key
    • params: []
    • result: pubkey
  • sign_event
    • params: [event]
    • result: event_with_pubkey_id_and_signature
  • get_relays
    • params: []
    • result: { [url: string]: {read: boolean, write: boolean} }
  • nip04_encrypt
    • params: [pubkey, plaintext]
    • result: nip4 ciphertext
  • nip04_decrypt
    • params: [pubkey, nip4 ciphertext]
    • result: [plaintext]