Nostr WoT

Documentación

Todo lo que necesitas para integrar Web of Trust en tu aplicación.

Extension API

The extension provides the NIP-07 signer API (window.nostr) for identity, event signing, and NIP-04/NIP-44 message encryption.

Prerequisite: Users must have the extension installed and an account unlocked.

Setup

Always check that a NIP-07 provider is available before using the API:

javascript
// Feature detection
function hasNostr() {
  return typeof window !== "undefined" &&
         window.nostr !== undefined;
}

// Wait for the extension to load
async function waitForNostr(timeout = 3000) {
  const start = Date.now();
  while (!hasNostr() && Date.now() - start < timeout) {
    await new Promise(r => setTimeout(r, 100));
  }
  return hasNostr();
}

NIP-07 Signer API

The extension implements the NIP-07 standard, making it compatible with any Nostr client that supports window.nostr.

getPublicKey()

Returns the active account's hex-encoded public key.

Returns

Promise<string>

Example

javascript
const pubkey = await window.nostr.getPublicKey();
console.log(pubkey); // "3bf0c63f..."

signEvent(event)

Signs a Nostr event with the active key. Returns the event with id, pubkey, sig, and created_at fields populated.

Parameters

NameTypeDescription
eventUnsignedEventEvent object with kind, content, tags, and created_at

Returns

Promise<SignedEvent>

Example

javascript
const signed = await window.nostr.signEvent({
  kind: 1,
  content: "Hello Nostr!",
  tags: [],
  created_at: Math.floor(Date.now() / 1000),
});
console.log(signed.sig); // schnorr signature

nip04.encrypt(pubkey, plaintext)

Encrypts a message using NIP-04 (legacy DM encryption).

Parameters

NameTypeDescription
pubkeystringRecipient's hex pubkey
plaintextstringMessage to encrypt

Returns

Promise<string>

Example

javascript
const encrypted = await window.nostr.nip04.encrypt(
  recipientPubkey,
  "Secret message"
);

nip04.decrypt(pubkey, ciphertext)

Decrypts a NIP-04 encrypted message.

Parameters

NameTypeDescription
pubkeystringSender's hex pubkey
ciphertextstringEncrypted message string

Returns

Promise<string>

Example

javascript
const plaintext = await window.nostr.nip04.decrypt(
  senderPubkey,
  ciphertext
);
console.log(plaintext); // "Secret message"

nip44.encrypt(pubkey, plaintext)

Encrypts a message using NIP-44 (recommended). NIP-44 provides improved security over NIP-04.

Parameters

NameTypeDescription
pubkeystringRecipient's hex pubkey
plaintextstringMessage to encrypt

Returns

Promise<string>

Example

javascript
const encrypted = await window.nostr.nip44.encrypt(
  recipientPubkey,
  "Secret message"
);

nip44.decrypt(pubkey, ciphertext)

Decrypts a NIP-44 encrypted message.

Parameters

NameTypeDescription
pubkeystringSender's hex pubkey
ciphertextstringEncrypted message string

Returns

Promise<string>

Example

javascript
const plaintext = await window.nostr.nip44.decrypt(
  senderPubkey,
  ciphertext
);
console.log(plaintext); // "Secret message"

getRelays()

Returns the user's relay list (NIP-65) as a map of relay URLs to read/write policies.

Returns

Promise<Record<string, { read: boolean; write: boolean }>>

Example

javascript
const relays = await window.nostr.getRelays();

// {
//   "wss://relay.damus.io": { read: true, write: true },
//   "wss://nos.lol": { read: true, write: false }
// }

Looking for Web of Trust distance and trust-score queries? Those now live in the nostr-wot-sdk and the WoT Oracle API, not the browser extension.