Nostr CLI client built with Rust

Related tags

Command-line clust
Overview

Nostr CLI client built with Rust

Encrypted chat inside Nostr leaks metadata of who talks to who. This small CLI app implements a "public inbox," which obfuscates that metadata. It's private chat, but more private.

The basic idea is this:

  1. Alice announces her pubkey to Bob
  2. Both have each other's pubkey, both can derive shared key from it
  3. They both post message to "public inbox" with sha256(shared_key) on its tag
  4. With the shared key, only both can create the private event, only both can decrypt
  5. Nobody knows who is messaging who since there's no pubkey on the event
  6. If an attacker tampers with the event, either the event's signature becomes invalid or the content can't be decrypted by Alice or Bob (which they can ignore)

Let me illustrate with an analogy: Public inbox is to PO box what public key is to home address. Instead of sending mails to each other's home address, Alice and Bob send mails to a PO box. In the PO box, only they know how to find each other's mails, only they can write to each other through that PO box.

Example private message event:

{
  "content": "B+teWrgJ4ljieX3Fbr8H3NWA7KbIl4ImRLSqDhbRgavMKGqtmCfsMdwRIp0FjYWEn9B0Kiv4TfhUls0zEkq/9N7EmDlgcX+iinna/brdXc9qy2O5PqO/kap2skbKLZ5gCHOw3oSdP5DyNuSRpxuUOFMuI9xMUxL/zipsVJQDlhbCg2qLzw5Yq2mK0RJSXnDe515lKS6Eb9XlBCa6nYWxq1QzhuvRxDgN5o1ZuIirJDsylMzcDt5/niFW9daav4/WjY1XbbjeUc2XbSFB10J5FpMoz+TgG/NVxNKpmm4VSHBhs+v/A+jF/j/HJQlsbHrsavy2aRKHkRFVYqL7Phyd4O3hKRFcZrS4tnh2nesXif5QoZgxIEqD8eCDQOorO6UUXo8SHOFKdlSXfuYCgFecIVeM+QKTaST4eizJJbx0X8+qnYuuYxAqQt0+0MUMDGPbErlCw1nDhprLY3C3th6y5dDWfGs/cGuhDZBJWpbWvXs69xury9qGfo0p9GDDwprtb363d6/cTxHgMSaji5p7hfXTHzdiyuqfH90TuW8TIuQyfpV7F/BCoUq45wdv9nqpzlV+x/HLXIlOCGu23cNriJcIDFf7SfNk8WmiQpa69nCTYvManculqE2+eIn4k/jj1lWEA7YdSWjVAqJtmhBgnQ==?iv=SbNrOyZOtL7ymyvUxK9xWw==",
  "created_at": 1644948134,
  "id": "3bee25d04aeb632c4babe4a978b838a08882c42874df64858cfd66b41284a87c",
  "kind": 4,
  "pubkey": "9073f08fa71396e45d89adf34024e5c1dccaa369bab3c0d285994fdb8e150e07",
  "sig": "185702115bdf3e5b79219e440ff56efe53924d95ab27325b2fe835c98512dcccecc733d34c807869efb19afd6a9519f42234afe798a61f0e2492669753c20cce",
  "tags": [
    [
      "shared",
      "781caa9f1d2ab6052a3b84d8b3e80cee9ac22cf41e016cc8f13a18cc5064ca4b"
    ]
  ]
}

Notice the pubkey value? That's the public inbox. Public inbox is an agreed-upon keypair to sign things with. Yes, you read it right, it's a keypair, which means anyone has access to the public inbox's private key. Don't worry, the messages are still safe; public inbox is just a central point for inbox to land on, so everyone can post and search on the same place - messages are still secured and encrypted by the shared key only both recipient and sender have.

Here's my dummy pubkey: 5a5373396fe3fb30213adcc189a79d3c6d6c03b6a3e8320e6178a025e52e31c2. Wanna chat?

How to use

This is very unstable and experimental. It's best to not use your "real identity."

  1. Clone repository
  2. cargo run init to initialize config file
  3. cargo run add-contact vincent 5a5373396fe3fb30213adcc189a79d3c6d6c03b6a3e8320e6178a025e52e31c2
  4. cargo run chat vincent

You can try requesting ["REQ", "foobar", {"#p", your_pubkey}] or ["REQ", "foobar", {"#p", 5a5373396fe3fb30213adcc189a79d3c6d6c03b6a3e8320e6178a025e52e31c2}] to relays. You won't see much.

There's a GitHub issue to discuss this "public inbox" idea: https://github.com/fiatjaf/nostr/issues/69.

APIs:

  • clust chat
  • clust inbox

Low-level APIs:

  • clust init
  • clust generate-keypair
  • clust set-private
  • clust get-pubkey
  • clust publish-raw
  • clust get-event
  • clust add-contact
  • clust delete-contact
  • clust change-contact-pubkey
  • clust change-contact-name

Backend to-do:

  • replace schnorr_fun with secp256k1
  • use config file to store keys and subscriptions
  • use serde and struct instead of throwing json around
  • store config file in ~/.config/clust/config.json
  • pick relay from config file
  • only use strings to pretty-print, deal directly with bytes and structs
  • write tests (duh)
You might also like...
A lightweight focus CLI tool built with Rust

A lightweight pomodoro focus tool with cross-platform desktop notifications on Linux, MacOS and Windows.

A TUI for your todos built in Rust with full CLI support.

todui TUI Features This app allows for almost anythig you would need when dealing with todos: Create, edit, and delete tasks Add links to tasks Add du

Punic is a remote caching CLI built for Apple's .xcframework
Punic is a remote caching CLI built for Apple's .xcframework

Punic is a remote caching CLI built for Carthage that exclusively supports Apple's .xcframeworks.

Provides a mock Ambi client that emulates real sensor hardware such as an Edge client

ambi_mock_client Provides a mock Ambi client that emulates real sensor hardware such as an Edge client. Usage You must have Rust installed to build am

A Rust CLI tool that helps you enforce Git policies through Git hooks both server and client side

GitPolicyEnforcer This is a command line utility written in Rust, that helps you utilize Git hooks, to enforce various policies. It currently supports

Simple but convenient CLI-based Matrix client app for sending and receiving (in Rust)

matrix-commander-rs simple but convenient CLI-based Matrix client app for sending and receiving Help create this Rust program! This project is current

Rust implementation of world of warcraft client v3.3.5a (smart CLI)

idewave-cli This is Rust implementation of World of Warcraft client v3.3.5a. Smart CLI. You can use the CLI to debug TCP packets from/to World of Warc

API bindings, CLI client and FUSE filesystem for Wiki.js written in Rust.

wikijs-rs API bindings, CLI client and FUSE filesystem for Wiki.js written in Rust. What's inside? Library: Rust bindings to Wiki.js's entire GraphQL

CLI Web client for moedict.tw

meowdict CLI Web client for moedict.tw Usage Console Mode

Owner
Vincent Liao
I'm addicted to coffee. Help!
Vincent Liao
A fast nostr opengraph server, built on nostrdb and egui.

notecrumbs A nostr opengraph server build on nostrdb, egui, and skia. It renders notes using the CPU in around 50ms. Status WIP! Local note fetching w

Damus 7 Dec 21, 2023
This is an example Nostr rust project to enable '402 Payment Required' responses for requests to paid content.

Nostr Paywall Example This is an example Nostr rust project to enable 402 Payment Required responses for requests to paid content. To prove payment, a

Blake Jakopovic 6 May 6, 2023
siamstr.com Nostr Address Provider written in Rust.

Siamstr Nostr Address Provider Running project Rust Toolchain You'll need to use the nightly Rust toolchain, and install the wasm32-unknown-unknown ta

Vaz. 5 Nov 27, 2023
convert nostr keys and note-ids between hex and bech32

Key-Convertr People are copy-pasting nostr private keys into webpages to convert between the original hex-encoding and bech32-encoding (specified in N

Rijndael 14 Jan 9, 2023
Safer Nostr is a service that helps protect users by loading sensitive information (IP leak) and using AI to prevent inappropriate images from being uploaded.

Safer Nostr is a service that helps protect users by loading sensitive information (IP leak) and using AI to prevent inappropriate images from being uploaded. It also offers image optimization and storage options. It has configurable privacy and storage settings, as well as custom cache expiration.

Thomas 4 Dec 29, 2022
A simple tool to mine nostr vanity pubkeys.

Nostr CPU pubkey miner A simple tool to mine nostr vanity pubkeys. Currently supports hexadecimal and bech32 vanity keys. Tested on Windows but should

Antonin Verdier 3 Jan 19, 2023
A GPT-3 access point through Nostr, powered by lightning

Geppeto A Nostr based API for GPT-3, powered on Lightning. The bot listens for event kind 29000 (inspired by NIP-9000) and will query the prompt to th

null 5 May 24, 2023
Nostr protocol implementation, SDK and FFI

Searchnos: an experimental implementation of NIP-50 This is a relay-like bridge server that provides a Nostr full-text search capability by using Elas

SAGE 8 Jul 2, 2023
nhdl - a command-line doujinshi downloader client built in rust!

nhdl nhdl - a command-line doujinshi downloader client built in rust! goals fast and asynchronous doujinshi downloader, supporting various doujinshi s

Lumine 2 Dec 23, 2022
Real-time CLI level meter built in Rust.

Meter This is a very simple command line utility written in Rust for measuring the gain of a microphone. It displays the values in dBFS. This is usefu

Chris Burgess 16 Sep 8, 2022