Merge remote-tracking branch 'zw/master' into causulity-graph

Author: ai-chen2050

event.go

@@ -1,11 +1,12 @@
 package nostr
 
 import (
-	"crypto/sha256"
+    "fmt"
 	"encoding/hex"
 	"strconv"
 
 	"github.com/mailru/easyjson"
+	"github.com/ethereum/go-ethereum/crypto"
 )
 
 // Event represents a Nostr event.
@@ -26,19 +27,17 @@ func (evt Event) String() string {
 
 // GetID computes the event ID and returns it as a hex string.
 func (evt *Event) GetID() string {
-	h := sha256.Sum256(evt.Serialize())
-	return hex.EncodeToString(h[:])
+    message := evt.Serialize()
+	prefixedMessage := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len(message), message)
+	h:= crypto.Keccak256Hash([]byte(prefixedMessage))
+	return hex.EncodeToString(h.Bytes())
 }
 
 // CheckID checks if the implied ID matches the given ID more efficiently.
 func (evt *Event) CheckID() bool {
-	if len(evt.ID) != 64 {
-		return false
-	}
-
-	ser := make([]byte, 0, 100+len(evt.Content)+len(evt.Tags)*80)
-	ser = serializeEventInto(evt, ser)
-	h := sha256.Sum256(ser)
+    message := evt.Serialize()
+	prefixedMessage := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len(message), message)
+	h:= crypto.Keccak256Hash([]byte(prefixedMessage))
 
 	const hextable = "0123456789abcdef"
 

go.mod

@@ -15,6 +15,7 @@ require (
 	github.com/dgraph-io/badger/v4 v4.5.0
 	github.com/dgraph-io/ristretto v1.0.0
 	github.com/elnosh/gonuts v0.3.1-0.20250123162555-7c0381a585e3
+	github.com/ethereum/go-ethereum v1.15.5
 	github.com/fiatjaf/eventstore v0.16.2
 	github.com/fiatjaf/khatru v0.17.4
 	github.com/gomarkdown/markdown v0.0.0-20241205020045-f7e15b2f3e62
@@ -63,6 +64,7 @@ require (
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
+	github.com/holiman/uint256 v1.3.2 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/klauspost/compress v1.18.0 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.10 // indirect

go.sum

@@ -98,6 +98,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/ethereum/go-ethereum v1.15.5 h1:Fo2TbBWC61lWVkFw9tsMoHCNX1ndpuaQBRJ8H6xLUPo=
+github.com/ethereum/go-ethereum v1.15.5/go.mod h1:1LG2LnMOx2yPRHR/S+xuipXH29vPr6BIH6GElD8N/fo=
 github.com/fasthttp/websocket v1.5.12 h1:e4RGPpWW2HTbL3zV0Y/t7g0ub294LkiuXXUuTOUInlE=
 github.com/fasthttp/websocket v1.5.12/go.mod h1:I+liyL7/4moHojiOgUOIKEWm9EIxHqxZChS+aMFltyg=
 github.com/fiatjaf/eventstore v0.16.2 h1:h4rHwSwPcqAKqWUsAbYWUhDeSgm2Kp+PBkJc3FgBYu4=
@@ -149,6 +151,8 @@ github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
 github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
+github.com/holiman/uint256 v1.3.2 h1:a9EgMPSC1AAaj1SZL5zIQD3WbwTuHrMGOerLjGmM/TA=
+github.com/holiman/uint256 v1.3.2/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

keys.go

@@ -8,7 +8,6 @@ import (
 	"math/big"
 
 	"github.com/btcsuite/btcd/btcec/v2"
-	"github.com/btcsuite/btcd/btcec/v2/schnorr"
 )
 
 func GeneratePrivateKey() string {
@@ -35,7 +34,7 @@ func GetPublicKey(sk string) (string, error) {
 	}
 
 	_, pk := btcec.PrivKeyFromBytes(b)
-	return hex.EncodeToString(schnorr.SerializePubKey(pk)), nil
+	return hex.EncodeToString(pk.SerializeUncompressed()), nil
 }
 
 func IsValidPublicKey(pk string) bool {
@@ -44,6 +43,7 @@ func IsValidPublicKey(pk string) bool {
 	}
 
 	v, _ := hex.DecodeString(pk)
-	_, err := schnorr.ParsePubKey(v)
+    _, err := btcec.ParsePubKey(v)
+
 	return err == nil
 }

signature.go

@@ -3,49 +3,51 @@
 package nostr
 
 import (
-	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
+    "strings"
 
-	"github.com/btcsuite/btcd/btcec/v2"
-	"github.com/btcsuite/btcd/btcec/v2/schnorr"
+	"github.com/ethereum/go-ethereum/crypto"
+	//"github.com/ethereum/go-ethereum/common/hexutil"
 )
 
 // CheckSignature checks if the event signature is valid for the given event.
 // It won't look at the ID field, instead it will recompute the id from the entire event body.
 // If the signature is invalid bool will be false and err will be set.
 func (evt Event) CheckSignature() (bool, error) {
 	// read and check pubkey
-	pk, err := hex.DecodeString(evt.PubKey)
-	if err != nil {
-		return false, fmt.Errorf("event pubkey '%s' is invalid hex: %w", evt.PubKey, err)
-	}
-
-	pubkey, err := schnorr.ParsePubKey(pk)
-	if err != nil {
-		return false, fmt.Errorf("event has invalid pubkey '%s': %w", evt.PubKey, err)
-	}
+    address := "0x" + evt.PubKey
 
 	// read signature
-	s, err := hex.DecodeString(evt.Sig)
+    //sig, err := hexutil.Decode(evt.Sig)
+    sig, err := hex.DecodeString(evt.Sig)
 	if err != nil {
 		return false, fmt.Errorf("signature '%s' is invalid hex: %w", evt.Sig, err)
 	}
-	sig, err := schnorr.ParseSignature(s)
-	if err != nil {
-		return false, fmt.Errorf("failed to parse signature: %w", err)
+	if sig[64] >= 27 {
+		sig[64] -= 27
 	}
 
 	// check signature
-	hash := sha256.Sum256(evt.Serialize())
-	return sig.Verify(hash[:], pubkey), nil
+    message := evt.Serialize()
+    prefixedMessage := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len(message), message)
+	hash := crypto.Keccak256Hash([]byte(prefixedMessage))
+
+    pubKey, err := crypto.SigToPub(hash.Bytes(), sig)
+	if err != nil {
+        return false, fmt.Errorf("failed to recover public key: %w", err)
+	}
+
+	recoveredAddr := crypto.PubkeyToAddress(*pubKey).Hex()
+
+	return (recoveredAddr == address), nil
 }
 
 // Sign signs an event with a given privateKey.
 // It sets the event's ID, PubKey, and Sig fields.
 // Returns an error if the private key is invalid or if signing fails.
 func (evt *Event) Sign(secretKey string) error {
-	s, err := hex.DecodeString(secretKey)
+    s, err := crypto.HexToECDSA(secretKey)
 	if err != nil {
 		return fmt.Errorf("Sign called with invalid secret key '%s': %w", secretKey, err)
 	}
@@ -54,18 +56,22 @@ func (evt *Event) Sign(secretKey string) error {
 		evt.Tags = make(Tags, 0)
 	}
 
-	sk, pk := btcec.PrivKeyFromBytes(s)
-	pkBytes := pk.SerializeCompressed()
-	evt.PubKey = hex.EncodeToString(pkBytes[1:])
+	evt.PubKey = crypto.PubkeyToAddress(s.PublicKey).Hex()
+    evt.PubKey = strings.TrimPrefix(crypto.PubkeyToAddress(s.PublicKey).Hex(), "0x")
+
+
+    message := evt.Serialize()
+	prefixedMessage := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len(message), message)
+	h:= crypto.Keccak256Hash([]byte(prefixedMessage))
 
-	h := sha256.Sum256(evt.Serialize())
-	sig, err := schnorr.Sign(sk, h[:], schnorr.FastSign())
+    sig, err := crypto.Sign(h.Bytes(), s)
 	if err != nil {
-		return err
+        return fmt.Errorf("failed to sign: %w", err)
 	}
 
-	evt.ID = hex.EncodeToString(h[:])
-	evt.Sig = hex.EncodeToString(sig.Serialize())
+	evt.ID = hex.EncodeToString(h.Bytes())
+    //evt.Sig = hexutil.Encode(sig)
+	evt.Sig = hex.EncodeToString(sig)
 
 	return nil
 }