reya/coop
1
0
Fork 0
Code Issues Pull Requests 1 Releases 2 Activity

wip

Browse Source
This commit is contained in:
Ren Amamiya
2026-06-10 10:17:40 +07:00
parent 04983be23f
commit 0230fcff23
26 changed files with 718 additions and 1534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
crates/device/src/lib.rs
View File

@@ -65,6 +65,9 @@ pub struct DeviceRegistry {
/// Whether an announcement has been made for this device
pub announcement_existed: Arc<AtomicBool>,
/// Signer
signer: Entity<Option<Keys>>,
/// Async tasks
tasks: Vec<Task<Result<(), Error>>>,
@@ -87,7 +90,10 @@ impl DeviceRegistry {
/// Create a new device registry instance
fn new(window: &mut Window, cx: &mut Context<Self>) -> Self {
let signer = cx.new(|_| None);
let nostr = NostrRegistry::global(cx);
let user_signer = nostr.read(cx).signer.clone();
let settings = AppSettings::global(cx);
let is_nip4e_enabled = settings.read(cx).is_nip4e_enabled(cx);
@@ -104,8 +110,8 @@ impl DeviceRegistry {
subscriptions.push(
// Subscribe to nostr state events
cx.subscribe(&nostr, move |this, _e, event, cx| {
if event == &StateEvent::SignerSet && is_nip4e_enabled {
cx.observe(&user_signer, move |this, signer, cx| {
if signer.read(cx).is_some() && is_nip4e_enabled {
this.get_announcement(cx);
};
}),
@@ -116,6 +122,7 @@ impl DeviceRegistry {
});
Self {
signer,
pending_request: false,
announcement_existed: Arc::new(AtomicBool::new(false)),
tasks: vec![],
@@ -126,13 +133,15 @@ impl DeviceRegistry {
fn handle_notifications(&mut self, window: &mut Window, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let signer = nostr.read(cx).signer();
let announcement_existed = self.announcement_existed.clone();
let (tx, rx) = flume::bounded::<Event>(100);
let Some(current_user) = nostr.read(cx).signer_pubkey(cx) else {
return;
};
self.tasks.push(cx.background_spawn(async move {
let current_user = signer.get_public_key().await?;
let mut notifications = client.notifications();
let mut processed_events = HashSet::new();
@@ -203,24 +212,18 @@ impl DeviceRegistry {
cx.notify();
}
/// Get the signer
pub fn signer(&self, cx: &App) -> Option<Keys> {
self.signer.read(cx).clone()
}
/// Set the decoupled encryption key for the current user
fn set_signer<S>(&mut self, new: S, cx: &mut Context<Self>)
where
S: NostrSigner + 'static,
{
let nostr = NostrRegistry::global(cx);
let signer = nostr.read(cx).signer();
self.tasks.push(cx.spawn(async move |this, cx| {
signer.set_encryption_signer(new).await;
// Notify the UI via event
this.update(cx, |_this, cx| {
cx.emit(DeviceEvent::Set);
})?;
Ok(())
}));
fn set_signer(&mut self, new: Keys, cx: &mut Context<Self>) {
self.signer.update(cx, |this, cx| {
*this = Some(new);
cx.notify();
});
cx.emit(DeviceEvent::Set);
}
/// Backup the encryption's secret key to a file
@@ -228,8 +231,12 @@ impl DeviceRegistry {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let Some(signer) = nostr.read(cx).signer(cx) else {
return Task::ready(Err(anyhow!("Signer is required")));
};
cx.background_spawn(async move {
let keys = get_keys(&client).await?;
let keys = get_keys(&client, &signer).await?;
let content = keys.secret_key().to_bech32()?;
smol::fs::write(path, &content).await?;
@@ -242,16 +249,18 @@ impl DeviceRegistry {
pub fn get_announcement(&mut self, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let signer = nostr.read(cx).signer();
let Some(current_user) = nostr.read(cx).signer_pubkey(cx) else {
return;
};
self.tasks.push(cx.background_spawn(async move {
let public_key = signer.get_public_key().await?;
let opts = SubscribeAutoCloseOptions::default().exit_policy(ReqExitPolicy::ExitOnEOSE);
// Construct the filter for the device announcement event
let filter = Filter::new()
.kind(Kind::Custom(10044))
.author(public_key)
.author(current_user)
.limit(1);
client
@@ -319,15 +328,19 @@ impl DeviceRegistry {
let secret = keys.secret_key().to_secret_hex();
let n = keys.public_key();
let Some(signer) = nostr.read(cx).signer(cx) else {
return Task::ready(Err(anyhow!("Signer is required")));
};
cx.background_spawn(async move {
// Construct an announcement event
let builder = EventBuilder::new(Kind::Custom(10044), "").tags(vec![
Tag::custom(TagKind::custom("n"), vec![n]),
Tag::client(CLIENT_NAME),
]);
// Sign the event with user's signer
let event = client.sign_event_builder(builder).await?;
let event = EventBuilder::new(Kind::Custom(10044), "")
.tags(vec![
Tag::custom("n", vec![n]),
Tag::custom("client", vec![CLIENT_NAME]),
])
.finalize_async(&signer)
.await?;
// Publish announcement
client
@@ -337,7 +350,7 @@ impl DeviceRegistry {
.await?;
// Save device keys to the database
set_keys(&client, &secret).await?;
set_keys(&client, &signer, &secret).await?;
Ok(keys)
})
@@ -348,12 +361,16 @@ impl DeviceRegistry {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let Some(signer) = nostr.read(cx).signer(cx) else {
return;
};
let announcement = Announcement::from(event);
let device_pubkey = announcement.public_key();
// Get encryption key from the database and compare with the announcement
let task: Task<Result<Keys, Error>> = cx.background_spawn(async move {
let keys = get_keys(&client).await?;
let keys = get_keys(&client, &signer).await?;
// Compare the public key from the announcement with the one from the database
if keys.public_key() != device_pubkey {
@@ -382,10 +399,13 @@ impl DeviceRegistry {
fn wait_for_request(&mut self, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let signer = nostr.read(cx).signer();
let Some(signer) = nostr.read(cx).signer(cx) else {
return;
};
self.tasks.push(cx.background_spawn(async move {
let public_key = signer.get_public_key().await?;
let public_key = signer.get_public_key_async().await?;
let id = SubscriptionId::new("dekey-requests");
// Construct a filter for encryption key requests
@@ -405,13 +425,16 @@ impl DeviceRegistry {
pub fn request(&mut self, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let signer = nostr.read(cx).signer();
let app_keys = nostr.read(cx).keys();
let app_keys = Keys::generate();
let app_pubkey = app_keys.public_key();
let Some(signer) = nostr.read(cx).signer(cx) else {
return;
};
let task: Task<Result<Option<Event>, Error>> = cx.background_spawn(async move {
let public_key = signer.get_public_key().await?;
let public_key = signer.get_public_key_async().await?;
// Construct a filter to get the latest approval event
let filter = Filter::new()
@@ -426,13 +449,13 @@ impl DeviceRegistry {
// No approval event found, construct a request event
None => {
// Construct an event for device key request
let builder = EventBuilder::new(Kind::Custom(4454), "").tags(vec![
Tag::custom(TagKind::custom("P"), vec![app_pubkey]),
Tag::client(CLIENT_NAME),
]);
// Sign the event with user's signer
let event = client.sign_event_builder(builder).await?;
let event = EventBuilder::new(Kind::Custom(4454), "")
.tags(vec![
Tag::custom("P", vec![app_pubkey]),
Tag::custom("client", vec![CLIENT_NAME]),
])
.finalize_async(&signer)
.await?;
// Send the event to write relays
client.send_event(&event).to_nip65().await?;
@@ -468,12 +491,15 @@ impl DeviceRegistry {
fn wait_for_approval(&mut self, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let signer = nostr.read(cx).signer();
let Some(signer) = nostr.read(cx).signer(cx) else {
return;
};
cx.emit(DeviceEvent::Requesting);
self.tasks.push(cx.background_spawn(async move {
let public_key = signer.get_public_key().await?;
let public_key = signer.get_public_key_async().await?;
// Construct a filter for device key requests
let filter = Filter::new()
@@ -491,18 +517,19 @@ impl DeviceRegistry {
/// Parse the approval event to get encryption key then set it
fn extract_encryption(&mut self, event: Event, cx: &mut Context<Self>) {
let nostr = NostrRegistry::global(cx);
let app_keys = nostr.read(cx).keys();
let app_keys = Keys::generate();
let task: Task<Result<Keys, Error>> = cx.background_spawn(async move {
let master = event
.tags
.find(TagKind::custom("P"))
.iter()
.find(|tag| tag.kind() == "P")
.and_then(|tag| tag.content())
.and_then(|content| PublicKey::parse(content).ok())
.context("Invalid event's tags")?;
let payload = event.content.as_str();
let decrypted = app_keys.nip44_decrypt(&master, payload).await?;
let decrypted = app_keys.nip44_decrypt_async(&master, payload).await?;
let secret = SecretKey::from_hex(&decrypted)?;
let keys = Keys::new(secret);
@@ -532,37 +559,42 @@ impl DeviceRegistry {
let nostr = NostrRegistry::global(cx);
let client = nostr.read(cx).client();
let Some(signer) = nostr.read(cx).signer(cx) else {
return;
};
// Get user's write relays
let event = event.clone();
let id: SharedString = event.id.to_hex().into();
let task: Task<Result<(), Error>> = cx.background_spawn(async move {
// Get device keys
let keys = get_keys(&client).await?;
let keys = get_keys(&client, &signer).await?;
let secret = keys.secret_key().to_secret_hex();
// Extract the target public key from the event tags
let target = event
.tags
.find(TagKind::custom("P"))
.iter()
.find(|tag| tag.kind() == "P")
.and_then(|tag| tag.content())
.and_then(|content| PublicKey::parse(content).ok())
.context("Target is not a valid public key")?;
// Encrypt the device keys with the user's signer
let payload = keys.nip44_encrypt(&target, &secret).await?;
let payload = keys.nip44_encrypt_async(&target, &secret).await?;
// Construct the response event
//
// P tag: the current device's public key
// p tag: the requester's public key
let builder = EventBuilder::new(Kind::Custom(4455), payload).tags(vec![
Tag::custom(TagKind::custom("P"), vec![keys.public_key().to_hex()]),
Tag::public_key(target),
]);
// Sign the builder
let event = client.sign_event_builder(builder).await?;
let event = EventBuilder::new(Kind::Custom(4455), payload)
.tags(vec![
Tag::custom("P", vec![keys.public_key().to_hex()]),
Tag::public_key(target),
])
.finalize_async(&signer)
.await?;
// Send the response event to the user's relay list
client.send_event(&event).to_nip65().await?;
@@ -713,18 +745,14 @@ impl DeviceRegistry {
struct DeviceNotification;
/// Encrypt and store device keys in the local database.
async fn set_keys(client: &Client, secret: &str) -> Result<(), Error> {
let signer = client.signer().context("Signer not found")?;
let public_key = signer.get_public_key().await?;
// Encrypt the value
let content = signer.nip44_encrypt(&public_key, secret).await?;
async fn set_keys(client: &Client, signer: &Keys, secret: &str) -> Result<(), Error> {
let public_key = signer.get_public_key_async().await?;
let content = signer.nip44_encrypt_async(&public_key, secret).await?;
// Construct the application data event
let event = EventBuilder::new(Kind::ApplicationSpecificData, content)
.tag(Tag::identifier(IDENTIFIER))
.build(public_key)
.sign(&Keys::generate())
.finalize_async(signer)
.await?;
// Save the event to the database
@@ -734,9 +762,8 @@ async fn set_keys(client: &Client, secret: &str) -> Result<(), Error> {
}
/// Get device keys from the local database.
async fn get_keys(client: &Client) -> Result<Keys, Error> {
let signer = client.signer().context("Signer not found")?;
let public_key = signer.get_public_key().await?;
async fn get_keys(client: &Client, signer: &Keys) -> Result<Keys, Error> {
let public_key = signer.get_public_key_async().await?;
let filter = Filter::new()
.kind(Kind::ApplicationSpecificData)
@@ -744,7 +771,10 @@ async fn get_keys(client: &Client) -> Result<Keys, Error> {
.author(public_key);
if let Some(event) = client.database().query(filter).await?.first() {
let content = signer.nip44_decrypt(&public_key, &event.content).await?;
let content = signer
.nip44_decrypt_async(&public_key, &event.content)
.await?;
let secret = SecretKey::parse(&content)?;
let keys = Keys::new(secret);