notes and other stuff signed by an extension
This is a fork from https://github.com/fiatjaf/nos2x focused on Firefox and related browsers.
This allows you to sign Nostr events on web-apps without having to give them your keys.
It provides a window.nostr object which has the following methods:
async window.nostr.getPublicKey(): string // returns your public key as hex
async window.nostr.signEvent(event): Event // returns the full event object signed
async window.nostr.getRelays(): { [url: string]: RelayPolicy } // returns a map of relays
async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext+iv as specified in nip04
async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext+iv as specified in nip04
async window.nostr.nip44.encrypt(pubkey, plaintext): string // takes pubkey, plaintext, returns ciphertext as specified in nip-44
async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes pubkey, ciphertext, returns plaintext as specified in nip-44- By yourself from file: look into Releases
- From the site Firefox Add-on
To run the plugin from this code:
$ git clone https://github.com/diegogurpegui/nos2x-fox
$ cd nos2x-fox
$ yarn install
$ yarn run build
After you build the extension, follow these steps:
- Open Firefox
- Go to about:debugging
- Click on "This Firefox" on the left
- Click on "Load Temporary Add-on..."
- Select any file from the
dist/folder of the extension
nos2x-fox includes optional PIN protection to encrypt your private keys. When enabled, your private keys are encrypted using a PIN you choose, and you'll need to enter the PIN each time you use the extension (after the first unlock, the PIN is cached for 10 minutes).
- Open the extension options page
- In the "Keys" section, click "Enable PIN Protection" or "Disable PIN Protection"
- Enter your PIN (4-6 digits)
- If enabling, confirm your PIN
- If disabling, enter your PIN one last time to verify
- Ephemeral PIN Cache: The PIN is stored in memory only and is lost when the browser closes, regardless of how much time has passed
- Encrypted Storage: When PIN protection is enabled, private keys are encrypted before being stored. No plain-text private keys are stored anywhere
- Global Protection: PIN protection applies to all profiles simultaneously
Private keys are encrypted using the following specification:
- Algorithm: AES-GCM-256
- Key Derivation: PBKDF2 with SHA-256
- Iterations: 100,000
- Salt: 16 bytes (random, stored with encrypted data)
- IV: 12 bytes (random, stored with encrypted data)
- Cache Duration: 10 minutes (ephemeral, lost on browser close)
The encrypted data is stored as a JSON string containing base64-encoded salt, IV, and ciphertext.
If you are experiencing any issue, you can report it in the Issues secion.
If you have any feature suggestion or idea for this extension, feel free to leave it in the Discussions.
Also, if you like any of the already proposed ideas, upvote them!
LICENSE: public domain. Original work by fiatjaf.
Design taken from Flydexo. See fiatjaf/nos2x#15
Icons from IonIcons.