Extension API
The extension provides the NIP-07 signer API (window.nostr) for identity, event signing, and NIP-04/NIP-44 message encryption.
Prerequisite: Users must have the extension installed and an account unlocked.
Setup
Always check that a NIP-07 provider is available before using the API:
// Feature detection
function hasNostr() {
return typeof window !== "undefined" &&
window.nostr !== undefined;
}
// Wait for the extension to load
async function waitForNostr(timeout = 3000) {
const start = Date.now();
while (!hasNostr() && Date.now() - start < timeout) {
await new Promise(r => setTimeout(r, 100));
}
return hasNostr();
}NIP-07 Signer API
The extension implements the NIP-07 standard, making it compatible with any Nostr client that supports window.nostr.
getPublicKey()
Returns the active account's hex-encoded public key.
Returns
Promise<string>
Example
const pubkey = await window.nostr.getPublicKey();
console.log(pubkey); // "3bf0c63f..."signEvent(event)
Signs a Nostr event with the active key. Returns the event with id, pubkey, sig, and created_at fields populated.
Parameters
| Name | Type | Description |
|---|---|---|
event | UnsignedEvent | Event object with kind, content, tags, and created_at |
Returns
Promise<SignedEvent>
Example
const signed = await window.nostr.signEvent({
kind: 1,
content: "Hello Nostr!",
tags: [],
created_at: Math.floor(Date.now() / 1000),
});
console.log(signed.sig); // schnorr signaturenip04.encrypt(pubkey, plaintext)
Encrypts a message using NIP-04 (legacy DM encryption).
Parameters
| Name | Type | Description |
|---|---|---|
pubkey | string | Recipient's hex pubkey |
plaintext | string | Message to encrypt |
Returns
Promise<string>
Example
const encrypted = await window.nostr.nip04.encrypt(
recipientPubkey,
"Secret message"
);nip04.decrypt(pubkey, ciphertext)
Decrypts a NIP-04 encrypted message.
Parameters
| Name | Type | Description |
|---|---|---|
pubkey | string | Sender's hex pubkey |
ciphertext | string | Encrypted message string |
Returns
Promise<string>
Example
const plaintext = await window.nostr.nip04.decrypt(
senderPubkey,
ciphertext
);
console.log(plaintext); // "Secret message"nip44.encrypt(pubkey, plaintext)
Encrypts a message using NIP-44 (recommended). NIP-44 provides improved security over NIP-04.
Parameters
| Name | Type | Description |
|---|---|---|
pubkey | string | Recipient's hex pubkey |
plaintext | string | Message to encrypt |
Returns
Promise<string>
Example
const encrypted = await window.nostr.nip44.encrypt(
recipientPubkey,
"Secret message"
);nip44.decrypt(pubkey, ciphertext)
Decrypts a NIP-44 encrypted message.
Parameters
| Name | Type | Description |
|---|---|---|
pubkey | string | Sender's hex pubkey |
ciphertext | string | Encrypted message string |
Returns
Promise<string>
Example
const plaintext = await window.nostr.nip44.decrypt(
senderPubkey,
ciphertext
);
console.log(plaintext); // "Secret message"getRelays()
Returns the user's relay list (NIP-65) as a map of relay URLs to read/write policies.
Returns
Promise<Record<string, { read: boolean; write: boolean }>>
Example
const relays = await window.nostr.getRelays();
// {
// "wss://relay.damus.io": { read: true, write: true },
// "wss://nos.lol": { read: true, write: false }
// }Looking for Web of Trust distance and trust-score queries? Those now live in the nostr-wot-sdk and the WoT Oracle API, not the browser extension.