@getalby/sdk
Advanced tools
Readme
This JavaScript SDK for the Alby OAuth2 Wallet API and the Nostr Wallet Connect API.
npm install @getalby/sdk
or
yarn add @getalby/sdk
or for use without any build tools:
<script type="module">
import { webln } from "https://esm.sh/@getalby/js-sdk@3.0.0"; // jsdelivr.net, skypack.dev also work
// use webln normally...
(async () => {
const nwc = new webln.NostrWebLNProvider({
nostrWalletConnectUrl: YOUR_NWC_URL,
});
await nwc.enable();
const balanceResponse = await nwc.getBalance();
console.log("Wallet balance", balanceResponse.balance);
nwc.close();
})();
</script>
This library relies on a global fetch() function which will work in browsers and node v18.x or newer. (In older versions you have to use a polyfill.)
Nostr Wallet Connect is an open protocol enabling applications to interact with bitcoin lightning wallets. It allows users to connect their existing wallets to your application allowing developers to easily integrate bitcoin lightning functionality.
The Alby JS SDK allows you to easily integrate Nostr Wallet Connect into any JavaScript based application.
The NostrWebLNProvider exposes the WebLN interface to execute lightning wallet functionality through Nostr Wallet Connect, such as sending payments, making invoices and getting the node balance.
(Note: in the future more WebLN functions will be added to Nostr Wallet Connect)
providerName: name of the provider to load the default options. currently alby (default)nostrWalletConnectUrl: full Nostr Wallet Connect URL as defined by the specrelayUrl: URL of the Nostr relay to be used (e.g. wss://nostr-relay.getalby.com)walletPubkey: pubkey of the Nostr Wallet Connect appsecret: secret key to sign the request event (if not available window.nostr will be used)authorizationUrl: URL to the NWC interface for the user to and the app connectionimport { webln } from "@getalby/sdk";
const nwc = new webln.NostrWebLNProvider({
nostrWalletConnectUrl: loadNWCUrl(),
}); // loadNWCUrl is some function to get the NWC URL from some (encrypted) storage
// or use the short version
const nwc = new webln.NWC({ nostrWalletConnectUrl: loadNWCUrl });
// connect to the relay
await nwc.enable();
// now you can send payments by passing in the invoice
const response = await nwc.sendPayment(invoice);
You can use NWC as a webln compatible object in your web app:
// you can set the window.webln object to use the universal API to send payments:
if (!window.webln) {
// prompt the user to connect to NWC
window.webln = new webln.NostrWebLNProvider({
nostrWalletConnectUrl: loadNWCUrl,
});
// now use any webln code
}
The goal of the Nostr Wallet Connect provider is to be API compatible with webln. Currently not all methods are supported - see the examples/nwc directory for a list of supported methods.
static withNewSecret()Initialized a new NostrWebLNProvider instance but generates a new random secret. The pubkey of that secret then needs to be authorized by the user (this can be initiated by redirecting the user to the getAuthorizationUrl() URL or calling initNWC() to open an authorization popup.
const nwc = NostrWebLNProvider.withNewSecret();
await nwc.initNWC();
Takes a bolt11 invoice and calls the NWC pay_invoice function.
It returns a promise object that is resolved with an object with the preimage or is rejected with an error
const nwc = new NostrWebLNProvider({ nostrWalletConnectUrl: loadNWCUrl });
await nwc.enable();
const response = await nwc.sendPayment(invoice);
console.log(response);
Returns the nostr+walletconnect:// URL which includes all the connection information (walletPubkey, relayUrl, secret)
This can be used to get and persist the string for later use.
Opens a new window prompt with the getAuthorizationUrl() (the user's NWC UI) to ask the user to authorize the app connection.
The promise resolves when the connection is authorized and the popup sends a nwc:success message or rejects when the prompt is closed.
Pass a name to the NWC provider describing the application.
const nwc = NostrWebLNProvider.withNewSecret();
try {
await nwc.initNWC({name: 'ACME app' );
} catch(e) {
console.warn("Prompt closed");
}
await nwc.enable();
let response;
try {
response = await nwc.sendPayment(invoice);
// if success then the response.preimage will be only
console.info(`payment successful, the preimage is ${response.preimage}`);
}
catch (e) {
console.error(e.error || e);
}
Look at our NWC React Native Expo Demo app for how to use NWC in a React Native expo project.
To use this on Node.js you first must install websocket-polyfill and import it:
import "websocket-polyfill";
// or: require('websocket-polyfill');
if you get an crypto is not defined error you have to import it first:
import * as crypto from 'crypto'; // or 'node:crypto'
globalThis.crypto = crypto as any;
//or: global.crypto = require('crypto');
import { NostrWebLNProvider } from "@getalby/sdk";
const webln = new NostrWebLNProvider(); // use defaults (connects to Alby's relay, will use window.nostr to sign the request)
await webln.enable(); // connect to the relay
const response = await webln.sendPayment(invoice);
console.log(response.preimage);
webln.close(); // close the websocket connection
import { NostrWebLNProvider } from '@getalby/sdk';
const webln = new NostrWebLNProvider({ nostrWalletConnectUrl: 'nostr+walletconnect://69effe7b49a6dd5cf525bd0905917a5005ffe480b58eeb8e861418cf3ae760d9?relay=wss://nostr.bitcoiner.social&secret=c60320b3ecb6c15557510d1518ef41194e9f9337c82621ddef3f979f668bfebd'); // use defaults
await webln.enable(); // connect to the relay
const response = await webln.sendPayment(invoice);
console.log(response.preimage);
webln.close(); // close the websocket connection
// same options can be provided to .withNewSecret() as creating a new NostrWebLNProvider()
const webln = webln.NostrWebLNProvider.withNewSecret();
// get the connect URL to the interface where the user has to enable the connection
webln.getConnectUrl({ name: `My app name` });
// an optional return_to parameter can be passed in
webln.getConnectUrl({
name: `My app name`,
returnTo: document.location.toString(),
});
// or use the `initNWC` helper which opens a popup to initiate the connection flow.
// the promise resolves once the NWC app returned.
await webln.initNWC("alby", {
name: `My app name`,
});
// ... enable and send a payment
// if you want to get the connect url with the secret:
// const nostrWalletConnectUrl nwc.getNostrWalletConnectUrl(true)
Please have a look a the Alby OAuth2 Wallet API:
https://guides.getalby.com/alby-wallet-api/reference/getting-started
const authClient = new auth.OAuth2User({
client_id: process.env.CLIENT_ID,
client_secret: process.env.CLIENT_SECRET,
callback: "http://localhost:8080/callback",
scopes: [
"invoices:read",
"account:read",
"balance:read",
"invoices:create",
"invoices:read",
"payments:send",
],
token: {
access_token: undefined,
refresh_token: undefined,
expires_at: undefined,
}, // initialize with existing token
});
const authUrl = await authClient.generateAuthURL({
code_challenge_method: "S256",
// authorizeUrl: "https://getalby.com/oauth" endpoint for authorization (replace with the appropriate URL based on the environment)
});
// open auth URL
// `code` is passed as a query parameter when the user is redirected back after authorization
await authClient.requestAccessToken(code);
// access the token response. You can store this securely for future client initializations
console.log(authClient.token);
// initialize a client
const client = new Client(authClient);
const result = await client.accountBalance();
const token = loadTokenForUser(); // {access_token: string, refresh_token: string, expires_at: number}
const authClient = new auth.OAuth2User({
client_id: process.env.CLIENT_ID,
callback: "http://localhost:8080/callback",
scopes: [
"invoices:read",
"account:read",
"balance:read",
"invoices:create",
"invoices:read",
"payments:send",
],
token: token,
});
const client = new Client(authClient);
// the authClient will automatically refresh the access token if expired using the refresh token
const result = await client.createInvoice({ amount: 1000 });
Access tokens do expire. If an access token is about to expire, this library will automatically use a refresh token to retrieve a fresh one. Utilising the tokenRefreshed event is a simple approach to guarantee that you always save the most recent tokens.
If token refresh fails, you can restart the OAuth Authentication flow or log the error by listening for the tokenRefreshFailed event.
(Note: To prevent losing access to the user's token, only initialize one instance of the client per token pair at a time)
const token = loadTokenForUser(); // {access_token: string, refresh_token: string, expires_at: number}
const authClient = new auth.OAuth2User({
client_id: process.env.CLIENT_ID,
callback: "http://localhost:8080/callback",
scopes: [
"invoices:read",
"account:read",
"balance:read",
"invoices:create",
"invoices:read",
"payments:send",
],
token: token,
});
// listen to the tokenRefreshed event
authClient.on("tokenRefreshed", (tokens) => {
// store the tokens in database
console.log(tokens);
});
// Listen to the tokenRefreshFailed event
authClient.on("tokenRefreshFailed", (error) => {
// Handle the token refresh failure, for example, log the error or launch OAuth authentication flow
console.error("Token refresh failed:", error.message);
});
const token = loadTokenForUser(); // {access_token: string, refresh_token: string, expires_at: number}
const authClient = new auth.OAuth2User({
client_id: process.env.CLIENT_ID,
callback: "http://localhost:8080/callback",
scopes: [
"invoices:read",
"account:read",
"balance:read",
"invoices:create",
"invoices:read",
"payments:send",
],
token: token,
});
const client = new Client(authClient);
// the authClient will automatically refresh the access token if expired using the refresh token
await client.sendPayment({ invoice: bolt11 });
await client.keysend({
destination: nodekey,
amount: 10,
memo: memo,
});
refer also to the boostagram spec: https://github.com/lightning/blips/blob/master/blip-0010.md
const token = loadTokenForUser(); // {access_token: string, refresh_token: string, expires_at: number}
const authClient = new auth.OAuth2User({
client_id: process.env.CLIENT_ID,
callback: "http://localhost:8080/callback",
scopes: ["payments:send"],
token: token,
});
const client = new Client(authClient);
// the authClient will automatically refresh the access token if expired using the refresh token
// pass in an array if you want to send multiple boostagrams with one call
await client.sendBoostagram({
recipient: {
address:
"030a58b8653d32b99200a2334cfe913e51dc7d155aa0116c176657a4f1722677a3",
customKey: "696969",
customValue: "bNVHj0WZ0aLPPAesnn9M",
},
amount: 10,
// spec: https://github.com/lightning/blips/blob/master/blip-0010.md
boostagram: {
app_name: "Alby SDK Demo",
value_msat_total: 49960, // TOTAL Number of millisats for the payment (all splits together, before fees. The actual number someone entered in their player, for numerology purposes.)
value_msat: 2121, // Number of millisats for this split payment
url: "https://feeds.buzzsprout.com/xxx.rss",
podcast: "Podcast title",
action: "boost",
episode: "The episode title",
episode_guid: "Buzzsprout-xxx",
ts: 574,
name: "Podcaster - the recipient name",
sender_name: "Satoshi - the sender/listener name",
},
});
// or manually through the keysend:
// pass in an array if you want to do multiple keysend payments with one call
await client.keysend({
destination: nodekey,
amount: 10,
customRecords: {
7629169: JSON.stringify(boostagram),
696969: "user",
},
});
You often want to send a boostagram for multiple splits. You can do this with one API call. Simply pass in an array of boostagrams. See example above.
const response = await client.sendBoostagram([
boostagram1,
boostagram2,
boostagram3,
]);
console.log(response.keysends);
response.keysends is an array of objects that either has an error key if a payment faild or the keysend key if everything succeeded.
{
"keysends": [
{
"keysend": {
"amount": 10,
"fee": 0,
"destination": "xx",
"payment_preimage": "xx",
"payment_hash": "xx"
}
},
{
"keysend": {
"amount": 10,
"fee": 0,
"destination": "xxx",
"payment_preimage": "xxx",
"payment_hash": "xxx"
}
}
]
}
For quick invoice decoding without an API request please see Alby's Lightning Tools package.
For more invoice details you can use the Alby Wallet API:
const decodedInvoice = await client.decodeInvoice(paymentRequest);
const {payment_hash, amount, description, ...} = decodedInvoice;
This library relies on a global fetch() function which will only work in browsers and node v18.x or newer. In older versions you can manually install a global fetch option or polyfill if needed.
For example:
import fetch from "cross-fetch"; // or "@inrupt/universal-fetch"
globalThis.fetch = fetch;
// or as a polyfill:
import "cross-fetch/polyfill";
You can find examples in the examples/ directory.
We are happy to help, please contact us or create an issue.
The client and the setup is inspired and based on the twitter-api-typescript-sdk.
MIT
FAQs
The SDK to integrate with Nostr Wallet Connect and the Alby API
The npm package @getalby/sdk receives a total of 1,513 weekly downloads. As such, @getalby/sdk popularity was classified as popular.
We found that @getalby/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.