mirror/ditto
mirror/ditto
1
0
Fork 0
mirror of https://gitlab.com/soapbox-pub/ditto.git synced 2025-12-06 03:19:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove DittoWallet module

Browse source
This commit is contained in:
Alex Gleason 2024-10-11 18:05:46 -05:00
parent b2397bccdd
commit a7bca0bdff
No known key found for this signature in database
GPG key ID: 7211D1F99744FBB7
4 changed files with 7 additions and 91 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
deno.json
View file

@ -46,7 +46,6 @@
"@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.36.0", "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.36.0",
"@nostrify/policies": "jsr:@nostrify/policies@^0.35.0", "@nostrify/policies": "jsr:@nostrify/policies@^0.35.0",
"@scure/base": "npm:@scure/base@^1.1.6", "@scure/base": "npm:@scure/base@^1.1.6",
"@scure/bip32": "npm:@scure/bip32@^1.5.0",
"@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs", "@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs",
"@soapbox/kysely-pglite": "jsr:@soapbox/kysely-pglite@^1.0.0", "@soapbox/kysely-pglite": "jsr:@soapbox/kysely-pglite@^1.0.0",
"@soapbox/stickynotes": "jsr:@soapbox/stickynotes@^0.4.0", "@soapbox/stickynotes": "jsr:@soapbox/stickynotes@^0.4.0",

36
deno.lock generated
View file

@ -79,7 +79,6 @@
"npm:@noble/secp256k1@2": "2.1.0", "npm:@noble/secp256k1@2": "2.1.0",
"npm:@scure/base@^1.1.6": "1.1.6", "npm:@scure/base@^1.1.6": "1.1.6",
"npm:@scure/bip32@^1.4.0": "1.4.0", "npm:@scure/bip32@^1.4.0": "1.4.0",
"npm:@scure/bip32@^1.5.0": "1.5.0",
"npm:@scure/bip39@^1.3.0": "1.3.0", "npm:@scure/bip39@^1.3.0": "1.3.0",
"npm:@types/node@*": "18.16.19", "npm:@types/node@*": "18.16.19",
"npm:comlink-async-generator@*": "0.0.1", "npm:comlink-async-generator@*": "0.0.1",
@ -306,7 +305,7 @@
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@noble/hashes", "npm:@noble/hashes",
"npm:@scure/base", "npm:@scure/base",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:kysely@~0.27.3", "npm:kysely@~0.27.3",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
@ -320,7 +319,7 @@
"dependencies": [ "dependencies": [
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/base", "npm:@scure/base",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:kysely@~0.27.3", "npm:kysely@~0.27.3",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
@ -336,7 +335,7 @@
"jsr:@std/crypto", "jsr:@std/crypto",
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/base", "npm:@scure/base",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
"npm:nostr-tools@^2.7.0", "npm:nostr-tools@^2.7.0",
@ -349,7 +348,7 @@
"dependencies": [ "dependencies": [
"jsr:@nostrify/types@~0.30.1", "jsr:@nostrify/types@~0.30.1",
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
"npm:nostr-tools@^2.7.0", "npm:nostr-tools@^2.7.0",
@ -362,7 +361,7 @@
"dependencies": [ "dependencies": [
"jsr:@nostrify/types@~0.30.1", "jsr:@nostrify/types@~0.30.1",
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
"npm:nostr-tools@^2.7.0", "npm:nostr-tools@^2.7.0",
@ -375,7 +374,7 @@
"dependencies": [ "dependencies": [
"jsr:@nostrify/types@0.35", "jsr:@nostrify/types@0.35",
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
"npm:nostr-tools@^2.7.0", "npm:nostr-tools@^2.7.0",
@ -390,7 +389,7 @@
"jsr:@std/crypto", "jsr:@std/crypto",
"jsr:@std/encoding@~0.224.1", "jsr:@std/encoding@~0.224.1",
"npm:@scure/base", "npm:@scure/base",
"npm:@scure/bip32@^1.4.0", "npm:@scure/bip32",
"npm:@scure/bip39", "npm:@scure/bip39",
"npm:lru-cache@^10.2.0", "npm:lru-cache@^10.2.0",
"npm:nostr-tools@^2.7.0", "npm:nostr-tools@^2.7.0",
@ -649,12 +648,6 @@
"@noble/hashes@1.4.0" "@noble/hashes@1.4.0"
] ]
}, },
"@noble/curves@1.6.0": {
"integrity": "sha512-TlaHRXDehJuRNR9TfZDNQ45mMEd5dwUwmicsafcIX4SsNiqnCHKjE/1alYPd/lDRVhxdhUAlv8uEhMCI5zjIJQ==",
"dependencies": [
"@noble/hashes@1.5.0"
]
},
"@noble/hashes@1.3.1": { "@noble/hashes@1.3.1": {
"integrity": "sha512-EbqwksQwz9xDRGfDST86whPBgM65E0OH/pCgqW0GBVzO22bNE+NuIbeTb714+IfSjU3aRk47EUvXIb5bTsenKA==" "integrity": "sha512-EbqwksQwz9xDRGfDST86whPBgM65E0OH/pCgqW0GBVzO22bNE+NuIbeTb714+IfSjU3aRk47EUvXIb5bTsenKA=="
}, },
@ -664,9 +657,6 @@
"@noble/hashes@1.4.0": { "@noble/hashes@1.4.0": {
"integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==" "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg=="
}, },
"@noble/hashes@1.5.0": {
"integrity": "sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA=="
},
"@noble/secp256k1@2.1.0": { "@noble/secp256k1@2.1.0": {
"integrity": "sha512-XLEQQNdablO0XZOIniFQimiXsZDNwaYgL96dZwC54Q30imSbAOFf3NKtepc+cXyuZf5Q1HCgbqgZ2UFFuHVcEw==" "integrity": "sha512-XLEQQNdablO0XZOIniFQimiXsZDNwaYgL96dZwC54Q30imSbAOFf3NKtepc+cXyuZf5Q1HCgbqgZ2UFFuHVcEw=="
}, },
@ -679,9 +669,6 @@
"@scure/base@1.1.6": { "@scure/base@1.1.6": {
"integrity": "sha512-ok9AWwhcgYuGG3Zfhyqg+zwl+Wn5uE+dwC0NV/2qQkx4dABbb/bx96vWu8NSj+BNjjSjno+JRYRjle1jV08k3g==" "integrity": "sha512-ok9AWwhcgYuGG3Zfhyqg+zwl+Wn5uE+dwC0NV/2qQkx4dABbb/bx96vWu8NSj+BNjjSjno+JRYRjle1jV08k3g=="
}, },
"@scure/base@1.1.9": {
"integrity": "sha512-8YKhl8GHiNI/pU2VMaofa2Tor7PJRAjwQLBBuilkJ9L5+13yVbC7JO/wS7piioAvPSwR3JKM1IJ/u4xQzbcXKg=="
},
"@scure/bip32@1.3.1": { "@scure/bip32@1.3.1": {
"integrity": "sha512-osvveYtyzdEVbt3OfwwXFr4P2iVBL5u1Q3q4ONBfDY/UpOuXmOlbgwc1xECEboY8wIays8Yt6onaWMUdUbfl0A==", "integrity": "sha512-osvveYtyzdEVbt3OfwwXFr4P2iVBL5u1Q3q4ONBfDY/UpOuXmOlbgwc1xECEboY8wIays8Yt6onaWMUdUbfl0A==",
"dependencies": [ "dependencies": [
@ -698,14 +685,6 @@
"@scure/base@1.1.6" "@scure/base@1.1.6"
] ]
}, },
"@scure/bip32@1.5.0": {
"integrity": "sha512-8EnFYkqEQdnkuGBVpCzKxyIwDCBLDVj3oiX0EKUFre/tOjL/Hqba1D6n/8RcmaQy4f95qQFrO2A8Sr6ybh4NRw==",
"dependencies": [
"@noble/curves@1.6.0",
"@noble/hashes@1.5.0",
"@scure/base@1.1.9"
]
},
"@scure/bip39@1.2.1": { "@scure/bip39@1.2.1": {
"integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==", "integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==",
"dependencies": [ "dependencies": [
@ -2096,7 +2075,6 @@
"npm:@isaacs/ttlcache@^1.4.1", "npm:@isaacs/ttlcache@^1.4.1",
"npm:@noble/secp256k1@2", "npm:@noble/secp256k1@2",
"npm:@scure/base@^1.1.6", "npm:@scure/base@^1.1.6",
"npm:@scure/bip32@^1.5.0",
"npm:comlink-async-generator@^0.0.1", "npm:comlink-async-generator@^0.0.1",
"npm:comlink@^4.4.1", "npm:comlink@^4.4.1",
"npm:commander@12.1.0", "npm:commander@12.1.0",

46
src/DittoWallet.ts
View file

@ -1,46 +0,0 @@
import { HDKey } from '@scure/bip32';
import { Conf } from '@/config.ts';
/**
* HD wallet based on the `DITTO_NSEC`.
* The wallet is used to derive keys for various purposes.
* It is a singleton with static methods, and the keys are cached.
*/
export class DittoWallet {
static #root = HDKey.fromMasterSeed(Conf.seckey);
static #keys = new Map<string, HDKey>();
/** Derive the key cached. */
static derive(path: string): HDKey {
const existing = this.#keys.get(path);
if (existing) {
return existing;
} else {
const key = this.#root.derive(path);
this.#keys.set(path, key);
return key;
}
}
/** Derive the key and return the bytes. */
static deriveKey(path: string): Uint8Array {
const { privateKey } = this.derive(path);
if (!privateKey) {
throw new Error('Private key not available');
}
return privateKey;
}
/** Database encryption key for AES-GCM encryption of database columns. */
static get dbKey(): Uint8Array {
return this.deriveKey(Conf.wallet.dbKeyPath);
}
/** VAPID secret key, used for web push notifications. ES256. */
static get vapidKey(): Uint8Array {
return this.deriveKey(Conf.wallet.vapidKeyPath);
}
}

15
src/config.ts
View file

@ -103,21 +103,6 @@ class Conf {
static get captchaTTL(): number { static get captchaTTL(): number {
return Number(Deno.env.get('CAPTCHA_TTL') || 5 * 60 * 1000); return Number(Deno.env.get('CAPTCHA_TTL') || 5 * 60 * 1000);
} }
/**
* BIP-32 derivation paths for different crypto use-cases.
* The `DITTO_NSEC` is used as the seed.
* Keys can be rotated by changing the derviation path.
*/
static wallet = {
/** Private key for AES-GCM encryption in the Postgres database. */
get dbKeyPath(): string {
return Deno.env.get('WALLET_DB_KEY_PATH') || "m/0'/1'";
},
/** VAPID private key path. */
get vapidKeyPath(): string {
return Deno.env.get('WALLET_VAPID_KEY_PATH') || "m/0'/3'";
},
};
/** Character limit to enforce for posts made through Mastodon API. */ /** Character limit to enforce for posts made through Mastodon API. */
static get postCharLimit(): number { static get postCharLimit(): number {
return Number(Deno.env.get('POST_CHAR_LIMIT') || 5000); return Number(Deno.env.get('POST_CHAR_LIMIT') || 5000);