fix: configureHMAC safety guard and proper ECDH shared secret

Add safety check preventing configureHMAC from overriding after initialization.
Replace placeholder getSharedSecret with actual ECDH via secp256k1.getSharedSecret()
using only the x-coordinate. Remove sensitive data from utils logging.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: vveerrgg

src/core/crypto.ts

@@ -1,4 +1,4 @@
-import { schnorr } from "@noble/curves/secp256k1";
+import { secp256k1, schnorr } from "@noble/curves/secp256k1";
 import { sha256 } from "@noble/hashes/sha256";
 import { hmac } from "@noble/hashes/hmac";
 import { bytesToHex, hexToBytes } from "@noble/hashes/utils";
@@ -86,19 +86,21 @@ export async function verifyWithResult(
 /**
  * Derives a shared secret using ECDH
  * @param {string} privateKey - Private key in hex format
- * @param {string} publicKey - Public key in hex format
- * @returns {Promise<Uint8Array>} Shared secret bytes
+ * @param {string} publicKey - Public key in hex format (32-byte x-only Nostr pubkey)
+ * @returns {Promise<Uint8Array>} Shared secret bytes (x-coordinate of the shared point)
  */
 export async function getSharedSecret(
   privateKey: string,
   publicKey: string,
 ): Promise<Uint8Array> {
   try {
     const privKeyBytes = hexToBytes(privateKey);
-    const pubKeyBytes = hexToBytes(publicKey);
-    const sharedPoint = schnorr.getPublicKey(privKeyBytes);
+    // Nostr uses 32-byte x-only pubkeys; prefix with '02' for compressed format
+    const sharedPoint = secp256k1.getSharedSecret(privKeyBytes, '02' + publicKey);
+    // Extract x-coordinate only (bytes 1..33), per Nostr NIP-04 convention
+    const sharedX = sharedPoint.slice(1, 33);
     privKeyBytes.fill(0); // zero sensitive material
-    return sha256(sharedPoint);
+    return sharedX;
   } catch (error) {
     logger.error("Failed to get shared secret:", error?.toString());
     throw new Error("Failed to get shared secret");

src/index.ts

@@ -433,15 +433,15 @@ export function configureHMAC(): void {
     return h.digest();
   };
 
-  // Type assertion to handle the utils property
-  (secp256k1 as any).utils = {
-    ...(secp256k1 as any).utils,
-    hmacSha256: hmacFunction,
-    hmacSha256Sync: hmacSyncFunction,
-  };
+  // Safety check: only patch if utils exists and hmacSha256Sync is a known property
+  if ('utils' in secp256k1 && typeof (secp256k1 as any).utils?.hmacSha256Sync !== 'undefined') {
+    (secp256k1 as any).utils.hmacSha256 = hmacFunction;
+    (secp256k1 as any).utils.hmacSha256Sync = hmacSyncFunction;
+  } else {
+    logger.log("secp256k1.utils.hmacSha256Sync not found; HMAC configuration skipped (library may handle HMAC internally)");
+  }
 
   logger.log("Configured HMAC for secp256k1");
-  logger.log("secp256k1.utils after configuration:", (secp256k1 as any).utils);
 }
 
 /**