sigit/docs.sigit.io
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
docs.sigit.io/create.md
_ ce92669bc3
All checks were successful
Release to Production / build_and_release (push) Successful in 29s
Details
fix: sign flow
2025-03-07 15:17:11 +00:00

3.7 KiB
Raw Blame History

Create

Nostr Event

This event is designed to provide clarity (when signing) about the agreement being created. It is NOT published to a relay - instead, it is saved in an encrypted zip.

{ 
  "kind": 160300,
  "content": "You are creating an Agreement between the following npubs:\n- npub1\n- npub2\n\nEnsure this event is sourced from a trusted SIGit instance.",
  "created_at": 1716564780,
  "id": "...",
  "sig": "...",
  "pubkey": "pubkey of CREATOR",
  "tags":[
    ["signers","npub1d0csynr..","npub1nqulz.."],
    ["viewers","npub1viewer1"], // optional tag, only if there are viewers
    ["files","hash1:name1.csv","hash2:name2.pdf"], // extension determines the file type.  Order determines index.
    ["meta","hash1"] // the hash of the meta.json file
  ]
}

Encrypted Zip File

This file contains the following:

  • "files" folder - the unmarked files, using original filenames (to make them easy to open)
  • "events" folder - contains the create Event and OTS request event
  • meta.json file - contains the marks information

Keys

The keys.json looks like this:

{ 
  "kind": 160301,
  "content": "",
  "created_at": 1716564780,
  "id": "...",
  "sig": "",  
  "pubkey": "random pubkey",
  "tags":[
    ["filehash",<optional list of blossom servers>],
    ["array of decryption keys", "encrypted to each recipient"]
  ]
}

Online Communication

Once the zip file is created, encrypted, and uploaded to the blossom server(s) - the decryption key and file location(s) must be sent to each counterparty. This is done using a regular NIP-17 Chat Message.

The rumor would be the same for all recipients:

{
  "id": "<usual hash>",
  "pubkey": "<sender-pubkey>",
  "created_at": "<current-time>",
  "kind": 14,
  "tags": [
    ["p", "<receiver-1-pubkey>", "<relay-url>"],
    ["p", "<receiver-2-pubkey>", "<relay-url>"],
    ["e", "<kind-14-id>", "<relay-url>", "reply"] // if this is a reply
    ["subject", "<conversation-title>"],
    // by including tags from the kind 160301 we avoid an additional lookup in SIGit
    ["filehash",<optional list of blossom servers>],
    ["array of decryption keys", "encrypted to each recipient"]
  ],
  "content": "A new SIGit has been created - please visit your preferred instance or click https://sigit.io/find/$(idOfKind160301)",
}

Online Flow

  • Create & sign kind 160300
  • Zip this along with files and meta.json
  • Push zip to blossom
  • Publish kind 160301 with decryption keys
  • Send DM with link to above (manual flow) and keys (automatic flow)
sequenceDiagram
    autoNumber
    
    actor u as Creator
    participant b as browser
    participant r as Relay
    participant bl as Blossom


    u->>b: Upload files
    u->>b: Define marks & <br>counterparties
    u->>b: Sign Kind 160300 
    Note over b: 160300 + files <br>+ meta.json<br> = encrypted zip

    b->>bl: Upload encrypted zip
    Note over b: Create kind 160301 event<br>with ephemeral key
    b->>r: publish 160301<br> to relay

    Note over b: Create NIP-17 DM<br> with link to SIGit<br> & 160301 npub
    u->>b: Sign NIP-17<br> notification / DM<br> for each receiver
    b->>r: send DM to <br>each counterparty

Offline Communication

For offline, the encrypted zip PLUS the Kind 160301 are zipped together and downloaded.

sequenceDiagram
    autoNumber
    
    actor u as Creator
    participant b as browser

    u->>b: Upload files
    u->>b: Define marks & <br>counterparties
    u->>b: Sign Kind 160300 
    Note over b: Encrypted Zip =<br>Kind 160300 <br>+ files <br>+ meta.json

    Note over b: Kind 160301 = <br> decryption key<br>+ location

    Note over b: Final Zip =<br> Encrypted Zip<br> + Kind 160301

    b->>u: Download Zip