search

wilsonsilva / nostr

Asynchronous Nostr client in Ruby
https://nostr-ruby.com
MIT License
21 stars 5 forks source link

Checking signatures #10

Closed schmijos closed 4 months ago

schmijos commented 7 months ago

The bip-schnorr library you use to sign events can also be used to check signatures: valid_sig? and check_sig! I'd suggest you provide a facade in Nostr::Crypto and encourage library users to check for valid signatures in the docs.

wilsonsilva commented 7 months ago

@schmijos Thanks for the suggestion. That is the next item in the roadmap. I want to use objects instead of strings for ids and signatures.

Regarding those methods, what should they take as arguments?

schmijos commented 7 months ago

Naively I thought about something like this:

module Nostr
  class Event
      def valid_signature?
        crypto = Crypto.new
        crypto.valid_signature?(self)
      end
  end
end

A more powerful approach might be something like this:

event.valid?
=> false
event.errors
=> ["signature empty"]
wilsonsilva commented 4 months ago

@schmijos

Added in 0.6.0:

crypto.valid_sig?(message, public_key, signature) # true or false
crypto.check_sig!(message, public_key, signature) # true or raise an exception

https://www.nostr-ruby.com/common-use-cases/signing-and-verifying-messages.html

event.verify_signature # => true or false

https://www.nostr-ruby.com/common-use-cases/signing-and-verifying-events.html