fix(deps): update to patched NDK with NIP-46 fixes

- Update @nostr-dev-kit/ndk to use local patched version - NDK patch fixes async error handling in NIP-46 backend - Fixes nip44_encrypt requests not returning responses - Bump version to 0.11.2 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-03 07:00:11 +00:00 · 2025-11-28 09:13:26 +00:00 · 2025-11-28 09:13:26 +00:00 · 738fb26dd2
commit 738fb26dd2
parent 1e7eb8a279
6 changed files with 164 additions and 5 deletions
--- a/Dockerfile.local
+++ b/Dockerfile.local
@ -0,0 +1,44 @@
+FROM node:20.11-bullseye AS build
+
+WORKDIR /app
+
+# Install pnpm
+RUN npm install -g pnpm
+
+# Copy package files
+COPY package*.json pnpm-lock.yaml ./
+
+# Replace workspace:* with actual npm version for @nostr-dev-kit/ndk
+RUN sed -i 's/"@nostr-dev-kit\/ndk": "workspace:\*"/"@nostr-dev-kit\/ndk": "^2.10.0"/' package.json
+
+# Install dependencies
+RUN pnpm install --no-frozen-lockfile
+
+# Copy application files
+COPY . .
+
+# Generate prisma client and build the application
+RUN npx prisma generate
+RUN pnpm run build
+
+# Runtime stage
+FROM node:20.11-alpine as runtime
+
+WORKDIR /app
+
+RUN apk update && \
+    apk add --no-cache openssl && \
+    rm -rf /var/cache/apk/*
+
+# Copy built files from the build stage
+COPY --from=build /app .
+
+# Install only runtime dependencies
+RUN npm install -g pnpm && \
+    sed -i 's/"@nostr-dev-kit\/ndk": "workspace:\*"/"@nostr-dev-kit\/ndk": "^2.10.0"/' package.json && \
+    pnpm install --prod --no-frozen-lockfile
+
+EXPOSE 3000
+
+ENTRYPOINT [ "node", "./dist/index.js" ]
+CMD ["start"]
--- a/PULL_REQUEST_0.10.6.md
+++ b/PULL_REQUEST_0.10.6.md
@ -0,0 +1,42 @@
+# Pull Request: nostr-tools v2 compatibility and null kind handling
+
+## Summary
+
+This PR fixes compatibility issues with nostr-tools v2 and a null pointer issue when creating policies with rules that have null kind values.
+
+## Changes
+
+### Bug Fixes
+
+1. **nostr-tools v2 Compatibility** (`src/daemon/run.ts`, `src/daemon/admin/commands/create_new_key.ts`, `src/daemon/admin/commands/create_account.ts`)
+   - nostr-tools v2 changed `generateSecretKey()` to return `Uint8Array` instead of hex string
+   - Added conversion using new `bytesToHex()` utility function
+
+2. **Null Kind Handling** (`src/daemon/admin/commands/create_new_policy.ts`)
+   - Fixed `TypeError: Cannot read properties of null (reading 'toString')` when creating policies with rules that have `null` kind values (e.g., method-only rules like `allowMethod("sign_event")`)
+   - Added null check before calling `.toString()` on `rule.kind`
+
+### New Files
+
+- **`src/utils/hex.ts`**: Utility functions for converting between `Uint8Array` and hex strings
+  - `bytesToHex(bytes: Uint8Array): string`
+  - `hexToBytes(hex: string): Uint8Array`
+
+### Version Bump
+
+- `package.json`: 0.10.5 → 0.10.6 (PATCH version for bug fixes)
+
+## Testing
+
+- Tested with nsecbunker-java E2E test suite
+- All admin operations (key creation, policy creation, key listing) working correctly
+- Policy rules with null kind values are now handled properly
+
+## Breaking Changes
+
+None. This is a backward-compatible bug fix release.
+
+## Related Issues
+
+- Fixes compatibility with nostr-tools v2.x
+- Fixes policy creation with method-only rules (no kind specified)
--- a/PULL_REQUEST_dockerfile_casing.md
+++ b/PULL_REQUEST_dockerfile_casing.md
@ -0,0 +1,22 @@
+# Pull Request: Dockerfile stage casing consistency
+
+## Summary
+
+Normalize the runtime stage declaration in the multi-stage Dockerfile to use uppercase `AS`, matching the build stage and eliminating a lint warning about inconsistent casing.
+
+## Changes
+
+1. **Dockerfile Stage Casing** (`Dockerfile`)
+   - Switched `as runtime` to `AS runtime` for consistent multi-stage syntax
+
+## Testing
+
+- Not run (cosmetic Dockerfile change only)
+
+## Breaking Changes
+
+None.
+
+## Related Issues
+
+- Addresses Dockerfile lint warning for inconsistent `FROM`/`AS` casing
--- a/nostr-tools-v2-patch.md
+++ b/nostr-tools-v2-patch.md
@ -0,0 +1,51 @@
+# Patch to upgrade nsecbunkerd to nostr-tools v2
+
+## Step 1: Update package.json
+Change: "nostr-tools": "^1.17.0" → "nostr-tools": "^2.17.0"
+
+## Step 2: Add hex conversion utility
+Create file: src/utils/hex.ts
+
+```typescript
+export function bytesToHex(bytes: Uint8Array): string {
+  return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
+}
+
+export function hexToBytes(hex: string): Uint8Array {
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = parseInt(hex.substr(i, 2), 16);
+  }
+  return bytes;
+}
+```
+
+## Step 3: Patch files that decode nsec
+
+### src/daemon/run.ts (line ~41)
+```diff
+import { bytesToHex } from '../utils/hex.js';
+...
+-const hexpk = nip19.decode(nsec).data as string;
+const hexpk = bytesToHex(nip19.decode(nsec).data as Uint8Array);
+```
+
+### src/commands/add.ts (line ~37)  
+```diff
+import { bytesToHex } from '../utils/hex.js';
+...
+-decoded = nip19.decode(nsec);
+const decoded = nip19.decode(nsec);
+const hexpk = decoded.type === 'nsec' ? bytesToHex(decoded.data as Uint8Array) : decoded.data;
+```
+
+### src/daemon/admin/commands/create_new_key.ts (line ~16)
+```diff
+import { bytesToHex } from '../../../utils/hex.js';
+...
+-key = new NDKPrivateKeySigner(nip19.decode(_nsec).data as string);
+key = new NDKPrivateKeySigner(bytesToHex(nip19.decode(_nsec).data as Uint8Array));
+```
+
+## Note
+npubEncode/decode still uses hex strings in v2, so request-from-admin.ts works unchanged.
--- a/package-lock.json
+++ b/package-lock.json
@ -1,19 +1,19 @@
 {
  "name": "nsecbunkerd",
-  "version": "0.11.1",
+  "version": "0.11.2",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "nsecbunkerd",
-      "version": "0.11.1",
+      "version": "0.11.2",
      "license": "MIT",
      "dependencies": {
        "@fastify/formbody": "^7.4.0",
        "@fastify/view": "^8.2.0",
        "@inquirer/password": "^1.1.2",
        "@inquirer/prompts": "^1.2.3",
-        "@nostr-dev-kit/ndk": "^2.18.1",
+        "@nostr-dev-kit/ndk": "file:../ndk/core",
        "@prisma/client": "^5.4.1",
        "@scure/base": "^1.1.1",
        "@types/yargs": "^17.0.24",
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "nsecbunkerd",
-  "version": "0.11.1",
+  "version": "0.11.2",
  "description": "nsecbunker daemon",
  "main": "dist/index.js",
  "bin": {
@ -42,7 +42,7 @@
    "@fastify/view": "^8.2.0",
    "@inquirer/password": "^1.1.2",
    "@inquirer/prompts": "^1.2.3",
-    "@nostr-dev-kit/ndk": "^2.18.1",
+    "@nostr-dev-kit/ndk": "file:../ndk/core",
    "@prisma/client": "^5.4.1",
    "@scure/base": "^1.1.1",
    "@types/yargs": "^17.0.24",