Skip to content

fix: remove broken bech32 nsec/npub stub functions#16

Merged
melvincarvalho merged 1 commit into
JavaScriptSolidServer:mainfrom
jjohare:fix/remove-fake-bech32
May 13, 2026
Merged

fix: remove broken bech32 nsec/npub stub functions#16
melvincarvalho merged 1 commit into
JavaScriptSolidServer:mainfrom
jjohare:fix/remove-fake-bech32

Conversation

@jjohare
Copy link
Copy Markdown

@jjohare jjohare commented May 12, 2026

Summary

  • Removes three broken NIP-19 stub functions from src/crypto.js: privateKeyToNsec, nsecToPrivateKey, and publicKeyToNpub
  • These functions emitted fake nsec_<hex> / npub_<hex> strings that are NOT valid NIP-19 bech32 encoding, which could confuse users into thinking they have a valid key backup
  • Grep confirms none of these functions are imported or called anywhere in the codebase — they are dead code
  • Proper NIP-19 bech32 support can be added when needed via a bech32 library (e.g. @scure/base)

Test plan

  • Verify the extension builds without import errors (functions are unused)
  • Confirm key generation and signing still work (unrelated code paths)
  • Run existing tests to verify no regressions

🤖 Generated with claude-flow

@ruvnet
fix: remove broken bech32 nsec/npub stub functions
1072ba5 
The privateKeyToNsec, nsecToPrivateKey, and publicKeyToNpub functions
emitted fake nsec_<hex> / npub_<hex> strings that are not valid NIP-19
bech32 encoding. These stubs could confuse users into thinking they
have a valid key backup, and any interoperability with other Nostr
clients would silently fail.

The functions are not imported or called anywhere in the codebase, so
they are removed entirely rather than replaced with throwing stubs.
Proper NIP-19 bech32 support can be added when needed via a bech32
library.

Co-Authored-By: claude-flow <ruv@ruv.net>
@melvincarvalho melvincarvalho requested a review from Copilot May 13, 2026 06:38
Copilot AI reviewed May 13, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes misleading, non-compliant NIP-19 “bech32” stub helpers from src/crypto.js that were returning nsec_<hex> / npub_<hex> placeholder strings (not valid bech32), reducing the risk of users treating those strings as real backups/identifiers.

Changes:

  • Deleted privateKeyToNsec, nsecToPrivateKey, and publicKeyToNpub stub exports from src/crypto.js.
  • Left the actual key generation/signing/validation code paths unchanged.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@melvincarvalho melvincarvalho merged commit ef27ea6 into JavaScriptSolidServer:main May 13, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jjohare @melvincarvalho