feat: implement NIP-98 HTTP auth for gRPC

Add comprehensive NIP-98 authentication support following the standard gRPC credentials.PerRPCCredentials pattern. Client-side: - NostrCredentials implements PerRPCCredentials interface - Automatically signs each request with kind 27235 event - Drop-in replacement for OAuth2/JWT in gRPC clients Server-side: - Unary and stream interceptors for validation - Extracts and validates NIP-98 events from Authorization headers - Configurable options (timestamp window, whitelists, skip methods) - Adds authenticated pubkey to request context Security features: - Replay protection via timestamp validation - Optional payload hash verification - Signature verification using schnorr - TLS requirement option Includes comprehensive test coverage and detailed README with usage examples and security considerations.
author: bndw <ben@bdw.to> 2026-02-14 08:39:37 -0800
committer: bndw <ben@bdw.to> 2026-02-14 08:39:37 -0800
commit: 756c325223ef744b476ade565cb1970c7717d053 (patch)
tree: 56ca7b864c686f8a8b9f23ed462ee187d8b30a7e /internal/auth/README.md
parent: 44872a7642c31166fc500d2d81ff9a9abdeeb727 (diff)
1 files changed, 181 insertions, 0 deletions
diff --git a/internal/auth/README.md b/internal/auth/README.md
new file mode 100644
index 0000000..adfe260
--- /dev/null
+++ b/internal/auth/README.md
@@ -0,0 +1,181 @@
+# Nostr HTTP Authentication (NIP-98)
+This package implements [NIP-98](https://github.com/nostr-protocol/nips/blob/master/98.md) authentication for gRPC using the standard `credentials.PerRPCCredentials` interface.
+## Overview
+NIP-98 provides HTTP authentication using Nostr event signatures instead of bearer tokens or OAuth2. It uses cryptographic signatures to prove the request came from a specific public key, without requiring passwords or centralized identity providers.
+## How It Works
+### Authentication Flow
+1. **Client** creates a special kind 27235 event with:
+   - `u` tag: Full request URI
+   - `method` tag: HTTP method (GET, POST, etc.) or gRPC method name
+   - `payload` tag (optional): SHA256 hash of the request body
+   - `created_at`: Current Unix timestamp
+2. **Client** signs the event with their private key
+3. **Client** base64-encodes the event JSON and sends it in the `Authorization` header:
+   ```
+   Authorization: Nostr <base64-encoded-event>
+   ```
+4. **Server** validates the event:
+   - Verifies the signature matches the pubkey
+   - Checks the timestamp is recent (prevents replay attacks)
+   - Verifies the `u` and `method` tags match the actual request
+   - Optionally validates the payload hash
+5. **Server** adds the validated pubkey to the request context for use by handlers
+### Example Event
+```json
+{
+  "id": "9e1b6471f...",
+  "pubkey": "79be667ef9dc...",
+  "created_at": 1682327852,
+  "kind": 27235,
+  "tags": [
+    ["u", "https://api.example.com/nostr.v1.NostrRelay/PublishEvent"],
+    ["method", "POST"],
+    ["payload", "5c9e3a4d..."]
+  ],
+  "content": "",
+  "sig": "d2d6e9f0..."
+}
+```
+## Usage
+### Client Side
+Use the `NostrCredentials` type with standard gRPC dial options:
+```go
+import (
+    "google.golang.org/grpc"
+    "northwest.io/muxstr/internal/auth"
+    "northwest.io/muxstr/internal/nostr"
+)
+// Generate or load your private key
+key, _ := nostr.GenerateKey()
+// Create credentials
+creds := auth.NewNostrCredentials(key)
+// Use with gRPC client
+conn, err := grpc.NewClient(
+    "localhost:50051",
+    grpc.WithPerRPCCredentials(creds),
+    grpc.WithTransportCredentials(insecure.NewCredentials()),
+)
+```
+The credentials automatically sign each request with a fresh NIP-98 event.
+### Server Side
+Use the interceptors to validate incoming requests:
+```go
+import (
+    "google.golang.org/grpc"
+    "northwest.io/muxstr/internal/auth"
+)
+// Create auth options
+authOpts := &auth.InterceptorOptions{
+    TimestampWindow: 60, // Accept events within 60 seconds
+    Required:        true, // Reject unauthenticated requests
+}
+// Create gRPC server with interceptors
+server := grpc.NewServer(
+    grpc.UnaryInterceptor(auth.NostrUnaryInterceptor(authOpts)),
+    grpc.StreamInterceptor(auth.NostrStreamInterceptor(authOpts)),
+)
+```
+### Accessing the Authenticated Pubkey
+In your handlers, retrieve the authenticated pubkey from the context:
+```go
+func (s *Server) PublishEvent(ctx context.Context, req *pb.PublishEventRequest) (*pb.PublishEventResponse, error) {
+    pubkey, ok := auth.PubkeyFromContext(ctx)
+    if !ok {
+        return nil, status.Error(codes.Unauthenticated, "no authentication")
+    }
+    // Verify the event was signed by the authenticated user
+    if req.Event.Pubkey != pubkey {
+        return nil, status.Error(codes.PermissionDenied, "event pubkey doesn't match auth")
+    }
+    // Process the event...
+}
+```
+## Security Considerations
+### Replay Protection
+Events include a `created_at` timestamp. The server validates that events are recent (within the configured `TimestampWindow`). This prevents replay attacks where an attacker intercepts and re-sends a valid auth event.
+### Transport Security
+While NIP-98 provides authentication (proving who you are), it doesn't provide encryption. Use TLS/SSL to encrypt the connection and prevent eavesdropping.
+```go
+// Client with TLS
+creds := credentials.NewClientTLSFromCert(nil, "")
+conn, err := grpc.NewClient(addr,
+    grpc.WithTransportCredentials(creds),
+    grpc.WithPerRPCCredentials(nostrCreds),
+)
+```
+### Payload Validation
+The `payload` tag is optional but recommended for POST/PUT requests. When present, the server can verify the request body hasn't been tampered with:
+```go
+authOpts := &auth.InterceptorOptions{
+    ValidatePayload: true, // Verify payload hash if present
+}
+```
+## Configuration Options
+### InterceptorOptions
+- **`TimestampWindow`**: Maximum age of events in seconds (default: 60)
+- **`Required`**: Whether to reject unauthenticated requests (default: false)
+- **`ValidatePayload`**: Whether to verify payload hash when present (default: false)
+- **`AllowedPubkeys`**: Optional whitelist of allowed pubkeys (nil = allow all)
+### NostrCredentials Options
+- **`IncludePayload`**: Whether to include payload hash in auth events (default: false)
+## Benefits Over Traditional Auth
+1. **No passwords**: Uses public key cryptography
+2. **Decentralized**: No central identity provider
+3. **Per-request auth**: Each request is independently authenticated
+4. **Nostr compatible**: Works with existing Nostr identities and tools
+5. **Standard pattern**: Uses industry-standard gRPC credentials interface
+6. **Key rotation**: Easy to rotate keys without server-side updates
+## Compatibility
+This implementation follows the gRPC `credentials.PerRPCCredentials` interface, making it a drop-in replacement for OAuth2, JWT, or other auth mechanisms. It works with:
+- Standard gRPC clients (Go, Python, JS, etc.)
+- gRPC-Web and Connect protocol
+- All gRPC features (unary, streaming, metadata, etc.)
author	bndw <ben@bdw.to>	2026-02-14 08:39:37 -0800
committer	bndw <ben@bdw.to>	2026-02-14 08:39:37 -0800
commit	756c325223ef744b476ade565cb1970c7717d053 (patch)
tree	56ca7b864c686f8a8b9f23ed462ee187d8b30a7e /internal/auth/README.md
parent	44872a7642c31166fc500d2d81ff9a9abdeeb727 (diff)

diff --git a/internal/auth/README.md b/internal/auth/README.md new file mode 100644 index 0000000..adfe260 --- /dev/null +++ b/internal/auth/README.md
@@ -0,0 +1,181 @@
	1	# Nostr HTTP Authentication (NIP-98)
	2
	3	This package implements [NIP-98](https://github.com/nostr-protocol/nips/blob/master/98.md) authentication for gRPC using the standard `credentials.PerRPCCredentials` interface.
	4
	5	## Overview
	6
	7	NIP-98 provides HTTP authentication using Nostr event signatures instead of bearer tokens or OAuth2. It uses cryptographic signatures to prove the request came from a specific public key, without requiring passwords or centralized identity providers.
	8
	9	## How It Works
	10
	11	### Authentication Flow
	12
	13	1. Client creates a special kind 27235 event with:
	14	- `u` tag: Full request URI
	15	- `method` tag: HTTP method (GET, POST, etc.) or gRPC method name
	16	- `payload` tag (optional): SHA256 hash of the request body
	17	- `created_at`: Current Unix timestamp
	18
	19	2. Client signs the event with their private key
	20
	21	3. Client base64-encodes the event JSON and sends it in the `Authorization` header:
	22	```
	23	Authorization: Nostr <base64-encoded-event>
	24	```
	25
	26	4. Server validates the event:
	27	- Verifies the signature matches the pubkey
	28	- Checks the timestamp is recent (prevents replay attacks)
	29	- Verifies the `u` and `method` tags match the actual request
	30	- Optionally validates the payload hash
	31
	32	5. Server adds the validated pubkey to the request context for use by handlers
	33
	34	### Example Event
	35
	36	```json
	37	{
	38	"id": "9e1b6471f...",
	39	"pubkey": "79be667ef9dc...",
	40	"created_at": 1682327852,
	41	"kind": 27235,
	42	"tags": [
	43	["u", "https://api.example.com/nostr.v1.NostrRelay/PublishEvent"],
	44	["method", "POST"],
	45	["payload", "5c9e3a4d..."]
	46	],
	47	"content": "",
	48	"sig": "d2d6e9f0..."
	49	}
	50	```
	51
	52	## Usage
	53
	54	### Client Side
	55
	56	Use the `NostrCredentials` type with standard gRPC dial options:
	57
	58	```go
	59	import (
	60	"google.golang.org/grpc"
	61	"northwest.io/muxstr/internal/auth"
	62	"northwest.io/muxstr/internal/nostr"
	63	)
	64
	65	// Generate or load your private key
	66	key, _ := nostr.GenerateKey()
	67
	68	// Create credentials
	69	creds := auth.NewNostrCredentials(key)
	70
	71	// Use with gRPC client
	72	conn, err := grpc.NewClient(
	73	"localhost:50051",
	74	grpc.WithPerRPCCredentials(creds),
	75	grpc.WithTransportCredentials(insecure.NewCredentials()),
	76	)
	77	```
	78
	79	The credentials automatically sign each request with a fresh NIP-98 event.
	80
	81	### Server Side
	82
	83	Use the interceptors to validate incoming requests:
	84
	85	```go
	86	import (
	87	"google.golang.org/grpc"
	88	"northwest.io/muxstr/internal/auth"
	89	)
	90
	91	// Create auth options
	92	authOpts := &auth.InterceptorOptions{
	93	TimestampWindow: 60, // Accept events within 60 seconds
	94	Required: true, // Reject unauthenticated requests
	95	}
	96
	97	// Create gRPC server with interceptors
	98	server := grpc.NewServer(
	99	grpc.UnaryInterceptor(auth.NostrUnaryInterceptor(authOpts)),
	100	grpc.StreamInterceptor(auth.NostrStreamInterceptor(authOpts)),
	101	)
	102	```
	103
	104	### Accessing the Authenticated Pubkey
	105
	106	In your handlers, retrieve the authenticated pubkey from the context:
	107
	108	```go
	109	func (s Server) PublishEvent(ctx context.Context, req pb.PublishEventRequest) (*pb.PublishEventResponse, error) {
	110	pubkey, ok := auth.PubkeyFromContext(ctx)
	111	if !ok {
	112	return nil, status.Error(codes.Unauthenticated, "no authentication")
	113	}
	114
	115	// Verify the event was signed by the authenticated user
	116	if req.Event.Pubkey != pubkey {
	117	return nil, status.Error(codes.PermissionDenied, "event pubkey doesn't match auth")
	118	}
	119
	120	// Process the event...
	121	}
	122	```
	123
	124	## Security Considerations
	125
	126	### Replay Protection
	127
	128	Events include a `created_at` timestamp. The server validates that events are recent (within the configured `TimestampWindow`). This prevents replay attacks where an attacker intercepts and re-sends a valid auth event.
	129
	130	### Transport Security
	131
	132	While NIP-98 provides authentication (proving who you are), it doesn't provide encryption. Use TLS/SSL to encrypt the connection and prevent eavesdropping.
	133
	134	```go
	135	// Client with TLS
	136	creds := credentials.NewClientTLSFromCert(nil, "")
	137	conn, err := grpc.NewClient(addr,
	138	grpc.WithTransportCredentials(creds),
	139	grpc.WithPerRPCCredentials(nostrCreds),
	140	)
	141	```
	142
	143	### Payload Validation
	144
	145	The `payload` tag is optional but recommended for POST/PUT requests. When present, the server can verify the request body hasn't been tampered with:
	146
	147	```go
	148	authOpts := &auth.InterceptorOptions{
	149	ValidatePayload: true, // Verify payload hash if present
	150	}
	151	```
	152
	153	## Configuration Options
	154
	155	### InterceptorOptions
	156
	157	- `TimestampWindow`: Maximum age of events in seconds (default: 60)
	158	- `Required`: Whether to reject unauthenticated requests (default: false)
	159	- `ValidatePayload`: Whether to verify payload hash when present (default: false)
	160	- `AllowedPubkeys`: Optional whitelist of allowed pubkeys (nil = allow all)
	161
	162	### NostrCredentials Options
	163
	164	- `IncludePayload`: Whether to include payload hash in auth events (default: false)
	165
	166	## Benefits Over Traditional Auth
	167
	168	1. No passwords: Uses public key cryptography
	169	2. Decentralized: No central identity provider
	170	3. Per-request auth: Each request is independently authenticated
	171	4. Nostr compatible: Works with existing Nostr identities and tools
	172	5. Standard pattern: Uses industry-standard gRPC credentials interface
	173	6. Key rotation: Easy to rotate keys without server-side updates
	174
	175	## Compatibility
	176
	177	This implementation follows the gRPC `credentials.PerRPCCredentials` interface, making it a drop-in replacement for OAuth2, JWT, or other auth mechanisms. It works with:
	178
	179	- Standard gRPC clients (Go, Python, JS, etc.)
	180	- gRPC-Web and Connect protocol
	181	- All gRPC features (unary, streaming, metadata, etc.)