Refactor NIP-44 key derivation and improve error handling #501
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The NIP-44 specification requires HKDF for key derivation: - conversation_key = HKDF-Extract(salt="nip44-v2", ikm=shared_x) - keys = HKDF-Expand(prk=conversation_key, info=nonce, L=76) The previous implementation incorrectly used PBKDF2WithHmacSHA256, which caused decryption failures when interoperating with other NIP-44 implementations (e.g., nostr-tools in JavaScript). Changes: - getConversationKey: Use HKDFBytesGenerator with salt for extract - getMessageKeys: Use HKDFParameters.skipExtractParameters for expand - Remove unused PBKDF2 imports and constants - Simplify getConversationKey signature (no longer throws checked exceptions) This fix enables DM interoperability between Java backend and JavaScript frontend implementations. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Breaking change: NIP-44 now uses correct HKDF key derivation. Ciphertext encrypted with previous versions will not decrypt. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
HKDF-Extract is defined as HMAC-Hash(salt, IKM), not the full HKDF Extract+Expand. The previous fix incorrectly used HKDFBytesGenerator.generateBytes() which performs both steps. Now uses Mac with HmacSHA256 directly for Extract, which matches the nostr-tools implementation and NIP-44 specification. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
…t-driven notifications
Projects updated: - nostr-java: 1.2.0 → 1.2.1 (patch) - All modules: 1.2.0 → 1.2.1 (patch) Fixes included: - NIP-44 HKDF-Extract for conversation key derivation - Kind enum error handling for unknown values - WebSocket CompletableFuture response handling Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request refactors NIP-44 encryption to use proper HKDF key derivation instead of PBKDF2, improving cryptographic compliance and interoperability. It also enhances error handling for unknown Kind enum values and refactors WebSocket client response handling to use CompletableFuture for more reliable event-driven notifications.
Changes:
- Replaced PBKDF2 with HKDF-Extract and HKDF-Expand in NIP-44 key derivation for compliance with the specification
- Changed Kind.valueOf() to throw IllegalArgumentException for unknown kinds instead of silently returning TEXT_NOTE
- Refactored StandardWebSocketClient to use CompletableFuture instead of polling-based await mechanism
Reviewed changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| pom.xml (multiple) | Version bumped from 1.1.1 to 1.2.1 across all modules |
| nostr-java-crypto/src/main/java/nostr/crypto/nip44/EncryptedPayloads.java | Implemented proper HKDF-Extract and HKDF-Expand for NIP-44 key derivation |
| nostr-java-encryption/src/main/java/nostr/encryption/MessageCipher44.java | Removed now-unnecessary exception handling from getConversationKey() |
| nostr-java-base/src/main/java/nostr/base/Kind.java | Changed valueOf() to throw exception for unknown kinds instead of returning TEXT_NOTE |
| nostr-java-client/src/main/java/nostr/client/springwebsocket/StandardWebSocketClient.java | Refactored to use CompletableFuture for event-driven response handling |
| nostr-java-event/src/test/java/nostr/event/unit/Nip60FilterJsonTest.java | Added test for NIP-60 filter JSON serialization |
| nostr-java-api/src/test/resources/strfry.conf | Added strfry relay configuration for integration testing |
| CHANGELOG.md | Updated with 1.2.1 release notes |
| AGENTS.md | Added comprehensive coding guidelines and NIP references |
| CLAUDE.md | Added repository documentation for Claude Code assistant |
nostr-java-client/src/main/java/nostr/client/springwebsocket/StandardWebSocketClient.java
Show resolved
Hide resolved
nostr-java-client/src/main/java/nostr/client/springwebsocket/StandardWebSocketClient.java
Show resolved
Hide resolved
nostr-java-event/src/test/java/nostr/event/unit/Nip60FilterJsonTest.java
Outdated
Show resolved
Hide resolved
nostr-java-event/src/test/java/nostr/event/unit/Nip60FilterJsonTest.java
Show resolved
Hide resolved
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2a53b78a26
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
nostr-java-client/src/main/java/nostr/client/springwebsocket/StandardWebSocketClient.java
Outdated
Show resolved
Hide resolved
added 4 commits
January 21, 2026 03:35
Added `findByValue` for Optional-based Kind lookups and `valueOfStrict` for strict validation, improving flexibility and error handling for unknown or custom kinds.
Added tests for `valueOfStrict` and `findByValue` methods, ensuring strict validation and Optional-based lookups for unknown, valid, and invalid range Kind values.
Replaced responseFuture and events with a thread-safe PendingRequest encapsulating CompletableFuture and event list. Improved response handling, added termination signal checks, and enhanced error handling for WebSocket communication.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This pull request addresses issues with NIP-44 key derivation, improving compliance with the specification and fixing critical interoperability bugs. It also enhances error handling and updates documentation to reflect best practices.
What changed?
Kindenum values.CompletableFuture, enabling more robust event-driven notifications.BREAKING
Review focus
CompletableFuturefor WebSocket responses align with event-driven design principles?Checklist