Nostr Collectives client - a proof-of-concept for shared identity and capabilities on Nostr.

This project implements the client-side of Nostr Collectives, a proposal for group identities on Nostr. Collectives are npubs that represent groups (not individuals), where members receive capabilities (CAPs) to act within a collective's commons.

• Identity Management: Create and manage personal and collective Nostr identities
• Capability System (CAPs): Issue, receive, and use CAPs for delegated actions
• Commons: Create shared spaces within collectives for member contributions
• Inbox: View posts from accessible commons and mentions
• NIP-42 + CAP Authentication: Extended NIP-42 relay authentication with embedded CAPs for capability-based access control

• Vite + TypeScript
• Lit (Web Components)
• nostr-tools
• Vitest for testing

# Install dependencies
npm install

# Start dev server
npm run dev

# Run all tests
npm test

# Watch mode
npm run test:watch

# Unit tests only
npm run test:unit

# Integration tests (requires relay)
npm run test:integration

The client requires a relay that supports CAP-based access control. A modified Bucket relay is included as a submodule:

# One-time setup
npm run relay:install

# Start relay (runs on ws://localhost:3334)
npm run relay:start

The relay enforces CAP-based authentication for protected commons - clients must authenticate with NIP-42 AUTH events that include their CAP to read/write.

src/
├── lib/
│   └── nostr/           # Nostr modules
│       ├── keys.ts      # Key generation and encoding (npub/nsec)
│       ├── NostrClient.ts  # Relay connection and event management
│       ├── IdentityManager.ts  # Identity storage and management
│       ├── CapManager.ts   # CAP issuance and management
│       ├── cap.ts       # CAP event building and parsing
│       ├── commons.ts   # Commons event building
│       ├── post.ts      # Post event building
│       └── auth.ts      # NIP-42 authentication with CAP extension
├── components/          # Lit web components
│   ├── app-shell.ts     # Main app container with navigation
│   ├── identity-panel.ts  # Identity list sidebar
│   ├── identity-card.ts   # Identity details view
│   ├── steward-panel.ts   # Member management for collectives
│   ├── commons-panel.ts   # Commons management for collectives
│   └── inbox-panel.ts     # Feed view with compose functionality
├── styles/
│   └── shared.ts        # Shared CSS styles
└── config.ts            # App configuration
caped-bucket/            # CAP-enabled relay (submodule)

This client extends NIP-42 for capability-based access:

1. Connection: Relay sends AUTH challenge on connect
2. Proactive Auth: When accessing protected resources, client sends AUTH event with embedded CAP
3. CAP Verification: Relay verifies CAP grants permission for the requested action
4. Access Granted: Client can read/write to protected commons

// AUTH event with CAP extension
{
  kind: 22242,
  tags: [
    ["relay", "wss://relay.example.com"],
    ["challenge", "random-challenge-string"],
    ["cap", "{...full CAP event JSON...}"]  // CAP extension
  ],
  content: ""
}

Active development - core functionality implemented including identity management, CAP system, commons, and inbox with NIP-42+CAP authentication.