feat: add heartwood_lsag_sign to NIP-46 bunker

LSAG ring signature computation on the signing device. The private key
never leaves the bunker. Accepts ring pubkeys, message, signerIndex,
and electionId via NIP-46. Returns the LSAG signature and key image.

Adds @forgesworn/ring-sig as a bunker dependency.

Author: ForgeSworn

bunker/index.mjs

@@ -16,6 +16,7 @@ import { decode as nip19decode } from 'nostr-tools/nip19'
 import { SimplePool } from 'nostr-tools/pool'
 import WebSocket from 'ws'
 import { fromNsec } from 'nsec-tree/core'
+import { lsagSign } from '@forgesworn/ring-sig'
 import { fromMnemonic } from 'nsec-tree/mnemonic'
 import { derivePersona } from 'nsec-tree/persona'
 import { bytesToHex } from 'nostr-tools/utils'
@@ -661,6 +662,51 @@ async function handleRequest(event) {
       break
     }
 
+    case 'heartwood_lsag_sign': {
+      // LSAG ring signature — the private key never leaves the device.
+      // params: [JSON string of { ring: string[], message: string, signerIndex: number }]
+      if (!Array.isArray(request.params) || typeof request.params[0] !== 'string') {
+        error = 'heartwood_lsag_sign: missing params JSON'
+        break
+      }
+      let lsagParams
+      try {
+        lsagParams = JSON.parse(request.params[0])
+      } catch {
+        error = 'heartwood_lsag_sign: invalid JSON'
+        break
+      }
+      const { ring, message, signerIndex, electionId, domain } = lsagParams
+      if (!Array.isArray(ring) || typeof message !== 'string' || typeof signerIndex !== 'number' || typeof electionId !== 'string') {
+        error = 'heartwood_lsag_sign: requires { ring: string[], message: string, signerIndex: number, electionId: string, domain?: string }'
+        break
+      }
+      if (ring.length < 2 || ring.length > 64) {
+        error = 'heartwood_lsag_sign: ring must have 2-64 members'
+        break
+      }
+      if (signerIndex < 0 || signerIndex >= ring.length) {
+        error = 'heartwood_lsag_sign: signerIndex out of range'
+        break
+      }
+      const lsagActive = getActiveSigningKey()
+      try {
+        const skHex = typeof lsagActive.sk === 'string' ? lsagActive.sk : bytesToHex(lsagActive.sk)
+        const sig = domain
+          ? lsagSign(message, ring, signerIndex, skHex, electionId, domain)
+          : lsagSign(message, ring, signerIndex, skHex, electionId)
+        result = JSON.stringify({
+          signature: sig,
+          keyImage: sig.keyImage,
+          publicKey: lsagActive.pk,
+        })
+        console.log(`LSAG signed: ring=${ring.length}, index=${signerIndex}, pubkey=${lsagActive.pk.slice(0, 12)}...`)
+      } finally {
+        releaseKey(lsagActive)
+      }
+      break
+    }
+
     default:
       error = `unsupported method: ${request.method}`
   }

bunker/package-lock.json

@@ -8,6 +8,7 @@
     "test": "node --test 'test/**/*.test.mjs'"
   },
   "dependencies": {
+    "@forgesworn/ring-sig": "^3.0.0",
     "nostr-tools": "^2.23.0",
     "nsec-tree": "^1.4.2",
     "ws": "^8.20.0"