feat: Safari compat — locked sheet, read-only bypass, cached pubKey

vveerrgg · claude · vveerrgg · commit ccb47cc7b1d1 · 2026-03-03T17:32:55.000-08:00
Safari MV3 requires non-persistent background pages, which lose
in-memory session state (locked, sessionKeys) on unload. This
caused "locked" errors even after unlocking.

- getPubKey/getRelays bypass lock check (no private key needed)
- getPubKey uses cached profile.pubKey before private key fallback
- Locked bottom sheet notifies users to unlock (repeatable, auto-dismiss)
- Content script try/catch prevents silent timeouts on sendMessage failure
- nostrAccessWhileLocked defaults to true
- MainView.swift: fallback for Safari extension preferences button

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/dev/apple/Shared (App)/MainView.swift b/dev/apple/Shared (App)/MainView.swift
@@ -188,7 +188,16 @@ struct MainView: View {
     #if os(macOS)
     private func openSafariPreferences() {
         SFSafariApplication.showPreferencesForExtension(withIdentifier: extensionBundleIdentifier) { error in
-            guard error == nil else { return }
+            if let error = error {
+                print("[NostrKey] showPreferencesForExtension failed: \(error.localizedDescription)")
+                // Fallback: open Safari Extensions preferences via system URL
+                DispatchQueue.main.async {
+                    if let url = URL(string: "x-apple.systempreferences:com.apple.Safari.Extensions") {
+                        NSWorkspace.shared.open(url)
+                    }
+                }
+                return
+            }
             DispatchQueue.main.async {
                 NSApp.hide(nil)
             }
diff --git a/src/background.js b/src/background.js
@@ -102,13 +102,14 @@ let locked = true; // start locked; determined on first isLocked check
 let encryptionEnabled = false; // cached encryption state for fast lookups
 let autoLockTimeout = 15 * 60 * 1000; // 15 minutes default
 let autoLockTimer = null;
-let nostrAccessWhileLocked = false;
+let nostrAccessWhileLocked = true;
+
 let blockCrossOriginFrames = true;
 
 // Load persisted state on startup
 (async () => {
     log('[STARTUP] Reading persisted state...');
-    const data = await storage.get({ autoLockMinutes: 15, isEncrypted: false, passwordHash: null, nostrAccessWhileLocked: false, blockCrossOriginFrames: true });
+    const data = await storage.get({ autoLockMinutes: 15, isEncrypted: false, passwordHash: null, nostrAccessWhileLocked: true, blockCrossOriginFrames: true });
     log(`[STARTUP] isEncrypted=${data.isEncrypted}, passwordHash=${data.passwordHash ? 'EXISTS' : 'null'}, autoLockMinutes=${data.autoLockMinutes}`);
     autoLockTimeout = data.autoLockMinutes * 60 * 1000;
     // Defensive: if passwordHash exists but flag is stale, self-heal
@@ -487,7 +488,7 @@ api.runtime.onMessage.addListener((message, _sender, sendResponse) => {
                     sessionPassword = null;
                     locked = false;
                     encryptionEnabled = false;
-                    nostrAccessWhileLocked = false;
+                    nostrAccessWhileLocked = true;
                     blockCrossOriginFrames = true;
                     // Re-initialize with default profile
                     await storage.set({
@@ -1051,12 +1052,24 @@ async function ask(uuid, { kind, host, payload }) {
     const profile = await getProfile(pi);
     const isBunker = profile?.type === 'bunker';
 
+    // Read-only operations (getPubKey, getRelays) work from cached data and
+    // don't need the private key, so they bypass the lock check entirely.
+    // This also fixes Safari's non-persistent background page losing session
+    // keys on reload — these operations still work without re-unlocking.
+    const needsPrivateKey = kind !== 'getPubKey' && kind !== 'getRelays';
+
     // If the extension is locked, reject signing/encryption requests (local profiles only)
-    if (!isBunker) {
+    if (!isBunker && needsPrivateKey) {
         const isLocked = await checkLockState();
         if (isLocked) {
             if (!(nostrAccessWhileLocked && sessionKeys.has(pi))) {
-                // No keys available — reject as before
+                // No keys available — show locked notification and reject
+                try {
+                    const [activeTab] = await api.tabs.query({ active: true, currentWindow: true });
+                    if (activeTab?.id) {
+                        api.tabs.sendMessage(activeTab.id, { kind: 'showLockedSheet' }).catch(() => {});
+                    }
+                } catch (_) {}
                 const sendResponse = validations[uuid];
                 delete validations[uuid];
                 sendResponse?.({ error: 'locked', message: 'Extension is locked. Please unlock with your master password.' });
@@ -1374,6 +1387,10 @@ async function getPubKey() {
         return pubkey;
     }
 
+    // Use cached pubKey if available (works even when locked)
+    if (profile.pubKey) return profile.pubKey;
+
+    // Fallback: derive from private key (requires unlocked state)
     let privKey = await getPrivKey();
     let pubKey = getPublicKeySync(bytesToHex(privKey));
     return pubKey;
diff --git a/src/content.js b/src/content.js
@@ -211,14 +211,149 @@ function showPermissionSheet(host, kind, queuePosition, queueTotal) {
     });
 }
 
-// Listen for permission requests from background
+// Locked notification sheet — shown when a site needs the private key
+// but the extension is locked. Shows every time until unlocked.
+let lockedSheetEl = null;
+let lockedSheetTimer = null;
+
+function showLockedSheet() {
+    // If already visible, reset the auto-dismiss timer
+    if (lockedSheetEl && lockedSheetEl.classList.contains('active')) {
+        if (lockedSheetTimer) clearTimeout(lockedSheetTimer);
+        lockedSheetTimer = setTimeout(dismissLockedSheet, 5000);
+        return;
+    }
+
+    // Remove any stale sheet
+    if (lockedSheetEl) lockedSheetEl.remove();
+
+    const sheet = document.createElement('div');
+    sheet.id = 'nostrkey-locked-sheet';
+    sheet.innerHTML = `
+        <style>
+            #nostrkey-locked-sheet {
+                position: fixed;
+                bottom: 0;
+                left: 0;
+                right: 0;
+                z-index: 2147483647;
+                font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+                pointer-events: auto;
+            }
+            #nostrkey-locked-sheet .nk-backdrop {
+                position: fixed;
+                inset: 0;
+                background: rgba(0,0,0,0.5);
+                opacity: 0;
+                transition: opacity 0.2s ease;
+            }
+            #nostrkey-locked-sheet.active .nk-backdrop {
+                opacity: 1;
+            }
+            #nostrkey-locked-sheet .nk-sheet {
+                position: relative;
+                background: #3e3d32;
+                border-radius: 16px 16px 0 0;
+                padding: 24px;
+                transform: translateY(100%);
+                transition: transform 0.3s ease;
+                box-shadow: 0 -4px 20px rgba(0,0,0,0.3);
+            }
+            #nostrkey-locked-sheet.active .nk-sheet {
+                transform: translateY(0);
+            }
+            #nostrkey-locked-sheet .nk-handle {
+                width: 40px;
+                height: 4px;
+                background: #8f908a;
+                border-radius: 2px;
+                margin: 0 auto 16px;
+            }
+            #nostrkey-locked-sheet .nk-icon {
+                font-size: 32px;
+                text-align: center;
+                margin-bottom: 12px;
+            }
+            #nostrkey-locked-sheet .nk-title {
+                color: #e6db74;
+                font-size: 18px;
+                font-weight: 600;
+                text-align: center;
+                margin-bottom: 8px;
+            }
+            #nostrkey-locked-sheet .nk-text {
+                color: #f8f8f2;
+                font-size: 14px;
+                text-align: center;
+                line-height: 1.5;
+                margin-bottom: 4px;
+            }
+            #nostrkey-locked-sheet .nk-muted {
+                color: #8f908a;
+                font-size: 13px;
+                text-align: center;
+            }
+            #nostrkey-locked-sheet .nk-btn {
+                display: block;
+                width: 100%;
+                padding: 14px;
+                border-radius: 8px;
+                border: 1px solid #a6e22e;
+                background: rgba(166,226,46,0.1);
+                color: #a6e22e;
+                font-size: 16px;
+                font-weight: 500;
+                cursor: pointer;
+                margin-top: 20px;
+                transition: background 0.15s ease;
+            }
+            #nostrkey-locked-sheet .nk-btn:hover {
+                background: rgba(166,226,46,0.2);
+            }
+        </style>
+        <div class="nk-backdrop"></div>
+        <div class="nk-sheet">
+            <div class="nk-handle"></div>
+            <div class="nk-icon">&#x1F512;</div>
+            <div class="nk-title">NostrKey is Locked</div>
+            <div class="nk-text">This site needs your key to sign or encrypt.</div>
+            <div class="nk-muted">Click the NostrKey icon in your toolbar and enter your master password.</div>
+            <button class="nk-btn">Got it</button>
+        </div>
+    `;
+    document.body.appendChild(sheet);
+    lockedSheetEl = sheet;
+    requestAnimationFrame(() => sheet.classList.add('active'));
+
+    sheet.querySelector('.nk-btn').addEventListener('click', dismissLockedSheet);
+    sheet.querySelector('.nk-backdrop').addEventListener('click', dismissLockedSheet);
+
+    // Auto-dismiss after 5 seconds
+    lockedSheetTimer = setTimeout(dismissLockedSheet, 5000);
+}
+
+function dismissLockedSheet() {
+    if (lockedSheetTimer) { clearTimeout(lockedSheetTimer); lockedSheetTimer = null; }
+    if (!lockedSheetEl) return;
+    lockedSheetEl.classList.remove('active');
+    const el = lockedSheetEl;
+    lockedSheetEl = null;
+    setTimeout(() => el.remove(), 300);
+}
+
+// Listen for requests from background
 api.runtime.onMessage.addListener((message, sender, sendResponse) => {
     if (message.kind === 'showPermissionSheet') {
         showPermissionSheet(message.host, message.permissionKind, message.queuePosition, message.queueTotal).then(result => {
             sendResponse(result);
         });
         return true; // Keep channel open for async response
     }
+    if (message.kind === 'showLockedSheet') {
+        showLockedSheet();
+        sendResponse(true);
+        return true;
+    }
 });
 
 window.addEventListener('message', async message => {
@@ -238,11 +373,15 @@ window.addEventListener('message', async message => {
     let { kind, reqId, payload } = message.data;
     if (!validEvents.includes(kind)) return;
 
-    payload = await api.runtime.sendMessage({
-        kind,
-        payload,
-        host: window.location.host,
-    });
+    try {
+        payload = await api.runtime.sendMessage({
+            kind,
+            payload,
+            host: window.location.host,
+        });
+    } catch (e) {
+        payload = { error: 'connection_error', message: e.message || 'Failed to reach extension background' };
+    }
 
     kind = `return_${kind}`;
 
