Skip to content

Commit 40fb946

Browse files
committed
docs+ui: refactor README/USAGE/CHANGELOG, fit popup to surface, add key icons
- README/USAGE/CHANGELOG: rewrite to match the current capability and security model (session-only key, per-origin consent, trusted-origin signing, NIP-98 with fresh nonce + body/URL binding, honest window.nostr surface). UK English. - popup: cap the trusted-sites list and tighten section spacing so the Export / GitHub footer stays within the browser popup height instead of scrolling off; widen to 400px. - icons: add 16/48/128px key icons (icons/icon.svg master) and wire them into manifest icons + action.default_icon so the toolbar shows the Podkey key. Co-Authored-By: jjohare <github@thedreamlab.uk>
1 parent 12a431b commit 40fb946

9 files changed

Lines changed: 253 additions & 324 deletions

File tree

CHANGELOG.md

Lines changed: 35 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -9,13 +9,41 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
99

1010
### Added
1111

12-
- **NIP-44 (v2) encryption**`window.nostr.nip44.encrypt(pubkey, plaintext)`
13-
and `window.nostr.nip44.decrypt(pubkey, ciphertext)`, enabling NIP-17 / NIP-59
14-
gift-wrapped direct messages. Crypto runs in the background service worker
15-
(the private key never reaches the page), reusing the existing message-passing
16-
path. Implemented with `@noble/ciphers` (chacha20) + `@noble/hashes`
17-
(hkdf/hmac/sha256) + `@noble/secp256k1` (ECDH). Verified against the official
18-
NIP-44 spec test vectors.
12+
- **NIP-44 (v2) encryption.** `window.nostr.nip44.encrypt(pubkey, plaintext)`
13+
and `nip44.decrypt(pubkey, ciphertext)` for NIP-17 / NIP-59 gift-wrapped
14+
direct messages. The crypto runs in the background worker (`@noble/ciphers`
15+
chacha20, `@noble/hashes` hkdf/hmac, ECDH via `@noble/secp256k1`) and is
16+
checked against the official NIP-44 test vectors. The private key stays in
17+
the worker.
18+
- **Per-origin signing consent.** The first request from a site opens an
19+
approval popup; closing it or a 60-second timeout denies. Approving grants
20+
per-origin trust that you can revoke from the popup.
21+
- **Session-only key storage.** The private key is held in
22+
`chrome.storage.session`: in memory, cleared when the browser closes, never
23+
copied to the page.
24+
- **NIP-98 Solid authentication.** Opt-in HTTP auth to Solid pods. Each token
25+
carries a fresh 16-byte nonce and binds the request body hash and the final
26+
redirect-aware URL, so one token authorises one request. Trusted Solid hosts
27+
are matched exactly.
28+
- **Schnorr self-verify.** Every signature is checked against the public key
29+
before it is returned.
30+
- **Extension icons** at 16, 48 and 128px, and a `script-src 'self'`
31+
content-security policy across the popup and test page.
32+
- **Continuous integration.** `.github/workflows/ci.yml` runs build, test and
33+
lint on every pull request and push to `main`, and uploads a sideloadable
34+
extension zip. The 133-case suite covers signing, NIP-44 vectors, NIP-98
35+
token shape, the content-script message whitelist, and the consent flow.
36+
37+
### Changed
38+
39+
- A trusted origin signs any event kind without a prompt, so Podkey works as a
40+
general NIP-07 signer. A normal client publishes kind 0, 10002 and 22242 on
41+
every load; those no longer raise a prompt once you trust the site. Untrusted
42+
origins still prompt, and approving one grants trust.
43+
- The `window.nostr` provider exposes `getPublicKey`, `signEvent` and
44+
`nip44.{encrypt,decrypt}`.
45+
- The popup fits within the browser popup height, keeping the Export and GitHub
46+
links in view.
1947

2048
## [0.0.7] - 2024-12-XX
2149

0 commit comments

Comments
 (0)