develop

nsecbunker-account/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-account</artifactId>
@@ -19,7 +19,7 @@
 
     <dependencies>
         <!-- Internal -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-core</artifactId>
         </dependency>

nsecbunker-admin/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-admin</artifactId>
@@ -19,7 +19,7 @@
 
     <dependencies>
         <!-- Internal -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-core</artifactId>
         </dependency>

nsecbunker-admin/src/main/java/xyz/tcheeric/nsecbunker/admin/key/DefaultKeyManager.java

@@ -58,20 +58,22 @@ public DefaultKeyManager(NsecBunkerAdminClient adminClient, ObjectMapper objectM
     @Override
     public CompletableFuture<BunkerKey> createKey(String name, String nsec, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
         if (nsec == null || nsec.isBlank()) {
             throw new IllegalArgumentException("nsec must not be null or blank");
         }
 
-        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, passphrase, nsec), name);
+        // Empty passphrase is allowed - nsecbunkerd will store the key unencrypted
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, normalizedPassphrase, nsec), name);
     }
 
     @Override
     public CompletableFuture<BunkerKey> createKey(String name, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
 
-        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, passphrase), name);
+        // Empty passphrase is allowed - nsecbunkerd will store the key unencrypted
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, normalizedPassphrase), name);
     }
 
     @Override
@@ -83,9 +85,10 @@ public CompletableFuture<List<BunkerKey>> listKeys() {
     @Override
     public CompletableFuture<Boolean> unlockKey(String name, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
 
-        return sendForResult(METHOD_UNLOCK_KEY, List.of(name, passphrase), "unlock key " + name)
+        // Empty passphrase is allowed - for keys stored without encryption
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForResult(METHOD_UNLOCK_KEY, List.of(name, normalizedPassphrase), "unlock key " + name)
                 .thenApply(ignored -> Boolean.TRUE);
     }
 
@@ -108,9 +111,9 @@ public CompletableFuture<BunkerKey> getKeyDetails(String name) {
     public CompletableFuture<BunkerKey> rotateKey(String oldName, String newName, String passphrase) {
         validateName(oldName);
         validateName(newName);
-        requirePassphrase(passphrase);
 
-        return sendForKey(METHOD_ROTATE_KEY, List.of(oldName, newName, passphrase), newName);
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_ROTATE_KEY, List.of(oldName, newName, normalizedPassphrase), newName);
     }
 
     private CompletableFuture<String> sendForResult(String method, List<String> params, String description) {
@@ -185,9 +188,14 @@ private void validateName(String name) {
         }
     }
 
-    private void requirePassphrase(String passphrase) {
-        if (passphrase == null || passphrase.isBlank()) {
-            throw new IllegalArgumentException("Passphrase must not be null or blank");
-        }
+    /**
+     * Normalizes a passphrase to an empty string if null or blank.
+     * This allows creating/unlocking keys without encryption.
+     *
+     * @param passphrase the passphrase to normalize
+     * @return the passphrase or empty string if null/blank
+     */
+    private String normalizePassphrase(String passphrase) {
+        return passphrase != null && !passphrase.isBlank() ? passphrase : "";
     }
 }

nsecbunker-admin/src/test/java/xyz/tcheeric/nsecbunker/admin/key/DefaultKeyManagerTest.java

@@ -213,6 +213,45 @@ void shouldRotateKey() throws Exception {
         assertThat(request.getParams()).containsExactlyElementsOf(List.of("cashu-old", "cashu-rotated", TEST_PASSPHRASE));
     }
 
+    /**
+     * Ensures creating a key with null passphrase normalizes it to empty string.
+     */
+    @Test
+    void shouldCreateKeyWithNullPassphraseNormalizedToEmpty() {
+        // Arrange
+        String npub = "npub1nopwd";
+        ArgumentCaptor<Nip46Request> requestCaptor = ArgumentCaptor.forClass(Nip46Request.class);
+        when(adminClient.sendRequest(requestCaptor.capture()))
+                .thenReturn(CompletableFuture.completedFuture(Nip46Response.success("1", npub)));
+
+        // Act
+        BunkerKey result = keyManager.createKey("key-no-passphrase", null).join();
+
+        // Assert
+        assertThat(result.getName()).isEqualTo("key-no-passphrase");
+        Nip46Request request = requestCaptor.getValue();
+        assertThat(request.getParams()).containsExactlyElementsOf(List.of("key-no-passphrase", ""));
+    }
+
+    /**
+     * Ensures unlocking a key with null passphrase normalizes it to empty string.
+     */
+    @Test
+    void shouldUnlockKeyWithNullPassphraseNormalizedToEmpty() {
+        // Arrange
+        ArgumentCaptor<Nip46Request> requestCaptor = ArgumentCaptor.forClass(Nip46Request.class);
+        when(adminClient.sendRequest(requestCaptor.capture()))
+                .thenReturn(CompletableFuture.completedFuture(Nip46Response.success("1", "ok")));
+
+        // Act
+        boolean result = keyManager.unlockKey("key-unencrypted", null).join();
+
+        // Assert
+        assertThat(result).isTrue();
+        Nip46Request request = requestCaptor.getValue();
+        assertThat(request.getParams()).containsExactlyElementsOf(List.of("key-unencrypted", ""));
+    }
+
     /**
      * Ensures NIP-46 errors are surfaced as AdminException through the future.
      */

nsecbunker-client/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-client</artifactId>
@@ -33,7 +33,7 @@
         </dependency>
 
         <!-- Nostr Java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>

nsecbunker-connection/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-connection</artifactId>
@@ -25,7 +25,7 @@
         </dependency>
 
         <!-- Nostr Java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>

nsecbunker-core/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-core</artifactId>
@@ -19,7 +19,7 @@
 
     <dependencies>
         <!-- Nostr Java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>

nsecbunker-monitoring/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-monitoring</artifactId>
@@ -19,7 +19,7 @@
 
     <dependencies>
         <!-- Internal -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-core</artifactId>
         </dependency>

nsecbunker-protocol/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-protocol</artifactId>
@@ -29,7 +29,7 @@
         </dependency>
 
         <!-- Nostr Java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>

nsecbunker-spring-boot-starter/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-spring-boot-starter</artifactId>
@@ -19,7 +19,7 @@
 
     <dependencies>
         <!-- Internal -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-admin</artifactId>
         </dependency>
@@ -37,7 +37,7 @@
         </dependency>
 
         <!-- Spring Boot -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter</artifactId>
         </dependency>

nsecbunker-tests/nsecbunker-chaos/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-tests</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-chaos</artifactId>
@@ -41,7 +41,7 @@
             <artifactId>nsecbunker-core</artifactId>
             <version>${project.version}</version>
         </dependency>
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-connection</artifactId>
             <version>${project.version}</version>
@@ -75,7 +75,7 @@
             <artifactId>mockwebserver</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
             <scope>test</scope>

nsecbunker-tests/nsecbunker-chaos/src/test/java/xyz/tcheeric/nsecbunker/chaos/RelayConnectionChaosTest.java

@@ -89,9 +89,34 @@ void shouldStopAfterMaxReconnectAttempts() throws Exception {
     }
 
     /**
-     * No-op WebSocket listener for MockWebServer upgrades.
+     * WebSocket listener for MockWebServer upgrades that properly handles lifecycle.
+     *
+     * <p>A completely empty listener causes NPE in OkHttp's RealWebSocket.loopReader
+     * because the reader loop expects proper lifecycle handling. This implementation
+     * handles onOpen, onMessage, and onClosing to prevent the MockWebServer crash.
      */
     private static final class NoopWebSocketListener extends okhttp3.WebSocketListener {
+
+        @Override
+        public void onOpen(okhttp3.WebSocket webSocket, okhttp3.Response response) {
+            // Connection opened - no action needed for test
+        }
+
+        @Override
+        public void onMessage(okhttp3.WebSocket webSocket, String text) {
+            // Message received - no action needed for test
+        }
+
+        @Override
+        public void onClosing(okhttp3.WebSocket webSocket, int code, String reason) {
+            // Server closing - echo back close to complete handshake
+            webSocket.close(code, reason);
+        }
+
+        @Override
+        public void onFailure(okhttp3.WebSocket webSocket, Throwable t, okhttp3.Response response) {
+            // Connection failed - no action needed for test
+        }
     }
 
     /**

nsecbunker-tests/nsecbunker-e2e/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-tests</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-e2e</artifactId>
@@ -51,7 +51,7 @@
         </dependency>
 
         <!-- nostr-java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>
@@ -73,7 +73,7 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
             <scope>test</scope>
@@ -109,7 +109,7 @@
         </dependency>
 
         <!-- Testcontainers -->
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>testcontainers</artifactId>
             <scope>test</scope>

nsecbunker-tests/nsecbunker-it/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-tests</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-it</artifactId>
@@ -22,7 +22,7 @@
     </properties>
 
     <dependencies>
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-client</artifactId>
         </dependency>
@@ -48,7 +48,7 @@
             <artifactId>junit-jupiter</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>testcontainers</artifactId>
             <scope>test</scope>
@@ -63,7 +63,7 @@
             <artifactId>mockito-junit-jupiter</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>

nsecbunker-tests/nsecbunker-it/src/test/java/xyz/tcheeric/nsecbunker/admin/integration/AdminConnectionLifecycleTest.java

@@ -86,6 +86,8 @@ void connectIsIdempotentWhenConnected() throws Exception {
 
         client.connect();
         assertThat(client.isConnected()).isTrue();
+        // Wait for server to register the connection
+        assertThat(mockRelay.awaitConnection(5, TimeUnit.SECONDS)).isTrue();
 
         // Second connect should not throw
         client.connect();

nsecbunker-tests/nsecbunker-perf/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-tests</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-perf</artifactId>
@@ -46,7 +46,7 @@
         </dependency>
 
         <!-- nostr-java -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nostr-java-api</artifactId>
         </dependency>
@@ -89,7 +89,7 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
             <scope>runtime</scope>
@@ -115,7 +115,7 @@
         </dependency>
 
         <!-- Testcontainers for load tests -->
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>testcontainers</artifactId>
             <scope>test</scope>

nsecbunker-tests/nsecbunker-security/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-tests</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-security</artifactId>
@@ -16,7 +16,7 @@
 
     <dependencies>
         <!-- Project modules under test -->
         <dependency>
             <groupId>xyz.tcheeric</groupId>
             <artifactId>nsecbunker-core</artifactId>
             <version>${project.version}</version>
@@ -89,7 +89,7 @@
         </dependency>
 
         <!-- Logging -->
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
             <scope>test</scope>

nsecbunker-tests/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-tests</artifactId>

pom.xml

@@ -7,7 +7,7 @@
 
     <groupId>xyz.tcheeric</groupId>
     <artifactId>nsecbunker-java</artifactId>
-    <version>0.1.0</version>
+    <version>0.1.1</version>
     <packaging>pom</packaging>
 
     <name>nsecBunker Java Library</name>