update go-nostr to fix some bugs.

* optimized return messages with more context why the policy blocks an event

README.md

@@ -69,6 +69,11 @@ func main() {
 
 	// there are many other configurable things you can set
 	relay.RejectEvent = append(relay.RejectEvent,
+		// built-in policies
+		policies.ValidateKind,
+
+		// define your own policies
+		policies.PreventLargeTags(80),
 		func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
 			if event.PubKey == "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52" {
 				return true, "we don't allow this person to write here"
@@ -76,16 +81,21 @@ func main() {
 			return false, "" // anyone else can
 		},
 	)
-	relay.OnConnect = append(relay.OnConnect,
-		func(ctx context.Context) {
-			// request NIP-42 AUTH from everybody
-			khatru.RequestAuth(ctx)
-		},
-	)
-	relay.OnAuth = append(relay.OnAuth,
-		func(ctx context.Context, pubkey string) {
-			// and when they auth we just log that for nothing
-			log.Println(pubkey + " is authed!")
+
+	// you can request auth by rejecting an event or a request with the prefix "auth-required: "
+	relay.RejectFilter = append(relay.RejectFilter,
+		// built-in policies
+		policies.NoComplexFilters,
+
+		// define your own policies
+		func(ctx context.Context, filter nostr.Filter) (reject bool, msg string) {
+			if pubkey := khatru.GetAuthed(ctx); pubkey != "" {
+				log.Printf("request from %s\n", pubkey)
+				return false, ""
+			}
+			return true, "auth-required: only authenticated users can read from this relay"
+			// (this will cause an AUTH message to be sent and then a CLOSED message such that clients can
+			//  authenticate and then request again)
 		},
 	)
 	// check the docs for more goodies!
@@ -118,3 +128,13 @@ Fear no more. Using the https://github.com/fiatjaf/eventstore module you get a b
 	relay.CountEvents = append(relay.CountEvents, db.CountEvents)
 	relay.DeleteEvent = append(relay.DeleteEvent, db.DeleteEvent)
 ```
+
+### But I don't want to write a bunch of custom policies!
+
+Fear no more. We have a bunch of common policies written in the `github.com/fiatjaf/khatru/policies` package and also a handpicked selection of base sane defaults, which you can apply with:
+
+```go
+	policies.ApplySaneDefaults(relay)
+```
+
+Contributions to this are very much welcomed.

add-event.go

@@ -1,127 +0,0 @@
-package khatru
-
-import (
-	"context"
-	"errors"
-	"fmt"
-
-	"github.com/fiatjaf/eventstore"
-	"github.com/nbd-wtf/go-nostr"
-)
-
-func (rl *Relay) AddEvent(ctx context.Context, evt *nostr.Event) error {
-	if evt == nil {
-		return errors.New("error: event is nil")
-	}
-
-	for _, reject := range rl.RejectEvent {
-		if reject, msg := reject(ctx, evt); reject {
-			if msg == "" {
-				return errors.New("blocked: no reason")
-			} else {
-				return errors.New(nostr.NormalizeOKMessage(msg, "blocked"))
-			}
-		}
-	}
-
-	if 20000 <= evt.Kind && evt.Kind < 30000 {
-		// do not store ephemeral events
-	} else {
-		if evt.Kind == 0 || evt.Kind == 3 || (10000 <= evt.Kind && evt.Kind < 20000) {
-			// replaceable event, delete before storing
-			for _, query := range rl.QueryEvents {
-				ch, err := query(ctx, nostr.Filter{Authors: []string{evt.PubKey}, Kinds: []int{evt.Kind}})
-				if err != nil {
-					continue
-				}
-				if previous := <-ch; previous != nil && isOlder(previous, evt) {
-					for _, del := range rl.DeleteEvent {
-						del(ctx, previous)
-					}
-				}
-			}
-		} else if 30000 <= evt.Kind && evt.Kind < 40000 {
-			// parameterized replaceable event, delete before storing
-			d := evt.Tags.GetFirst([]string{"d", ""})
-			if d != nil {
-				for _, query := range rl.QueryEvents {
-					ch, err := query(ctx, nostr.Filter{Authors: []string{evt.PubKey}, Kinds: []int{evt.Kind}, Tags: nostr.TagMap{"d": []string{d.Value()}}})
-					if err != nil {
-						continue
-					}
-					if previous := <-ch; previous != nil && isOlder(previous, evt) {
-						for _, del := range rl.DeleteEvent {
-							del(ctx, previous)
-						}
-					}
-				}
-			}
-		}
-
-		// store
-		for _, store := range rl.StoreEvent {
-			if saveErr := store(ctx, evt); saveErr != nil {
-				switch saveErr {
-				case eventstore.ErrDupEvent:
-					return nil
-				default:
-					return fmt.Errorf(nostr.NormalizeOKMessage(saveErr.Error(), "error"))
-				}
-			}
-		}
-
-		for _, ons := range rl.OnEventSaved {
-			ons(ctx, evt)
-		}
-	}
-
-	for _, ovw := range rl.OverwriteResponseEvent {
-		ovw(ctx, evt)
-	}
-	notifyListeners(evt)
-
-	return nil
-}
-
-func (rl *Relay) handleDeleteRequest(ctx context.Context, evt *nostr.Event) error {
-	// event deletion -- nip09
-	for _, tag := range evt.Tags {
-		if len(tag) >= 2 && tag[0] == "e" {
-			// first we fetch the event
-			for _, query := range rl.QueryEvents {
-				ch, err := query(ctx, nostr.Filter{IDs: []string{tag[1]}})
-				if err != nil {
-					continue
-				}
-				target := <-ch
-				if target == nil {
-					continue
-				}
-				// got the event, now check if the user can delete it
-				acceptDeletion := target.PubKey == evt.PubKey
-				var msg string
-				if acceptDeletion == false {
-					msg = "you are not the author of this event"
-				}
-				// but if we have a function to overwrite this outcome, use that instead
-				for _, odo := range rl.OverwriteDeletionOutcome {
-					acceptDeletion, msg = odo(ctx, target, evt)
-				}
-				if acceptDeletion {
-					// delete it
-					for _, del := range rl.DeleteEvent {
-						del(ctx, target)
-					}
-				} else {
-					// fail and stop here
-					return fmt.Errorf("blocked: %s", msg)
-				}
-
-				// don't try to query this same event again
-				break
-			}
-		}
-	}
-
-	return nil
-}

adding.go

@@ -0,0 +1,107 @@
+package khatru
+
+import (
+	"context"
+	"errors"
+	"fmt"
+
+	"github.com/fiatjaf/eventstore"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+// AddEvent sends an event through then normal add pipeline, as if it was received from a websocket.
+func (rl *Relay) AddEvent(ctx context.Context, evt *nostr.Event) (skipBroadcast bool, writeError error) {
+	if evt == nil {
+		return false, errors.New("error: event is nil")
+	}
+
+	for _, reject := range rl.RejectEvent {
+		if reject, msg := reject(ctx, evt); reject {
+			if msg == "" {
+				return false, errors.New("blocked: no reason")
+			} else {
+				return false, errors.New(nostr.NormalizeOKMessage(msg, "blocked"))
+			}
+		}
+	}
+
+	if 20000 <= evt.Kind && evt.Kind < 30000 {
+		// do not store ephemeral events
+		for _, oee := range rl.OnEphemeralEvent {
+			oee(ctx, evt)
+		}
+	} else {
+		// will store
+
+		// but first check if we already have it
+		filter := nostr.Filter{IDs: []string{evt.ID}}
+		for _, query := range rl.QueryEvents {
+			ch, err := query(ctx, filter)
+			if err != nil {
+				continue
+			}
+			for range ch {
+				// if we run this it means we already have this event, so we just return a success and exit
+				return true, nil
+			}
+		}
+
+		// if it's replaceable we first delete old versions
+		if evt.Kind == 0 || evt.Kind == 3 || (10000 <= evt.Kind && evt.Kind < 20000) {
+			// replaceable event, delete before storing
+			filter := nostr.Filter{Authors: []string{evt.PubKey}, Kinds: []int{evt.Kind}}
+			for _, query := range rl.QueryEvents {
+				ch, err := query(ctx, filter)
+				if err != nil {
+					continue
+				}
+				for previous := range ch {
+					if isOlder(previous, evt) {
+						for _, del := range rl.DeleteEvent {
+							del(ctx, previous)
+						}
+					}
+				}
+			}
+		} else if 30000 <= evt.Kind && evt.Kind < 40000 {
+			// parameterized replaceable event, delete before storing
+			d := evt.Tags.GetFirst([]string{"d", ""})
+			if d == nil {
+				return false, fmt.Errorf("invalid: missing 'd' tag on parameterized replaceable event")
+			}
+
+			filter := nostr.Filter{Authors: []string{evt.PubKey}, Kinds: []int{evt.Kind}, Tags: nostr.TagMap{"d": []string{(*d)[1]}}}
+			for _, query := range rl.QueryEvents {
+				ch, err := query(ctx, filter)
+				if err != nil {
+					continue
+				}
+				for previous := range ch {
+					if isOlder(previous, evt) {
+						for _, del := range rl.DeleteEvent {
+							del(ctx, previous)
+						}
+					}
+				}
+			}
+		}
+
+		// store
+		for _, store := range rl.StoreEvent {
+			if saveErr := store(ctx, evt); saveErr != nil {
+				switch saveErr {
+				case eventstore.ErrDupEvent:
+					return true, nil
+				default:
+					return false, fmt.Errorf(nostr.NormalizeOKMessage(saveErr.Error(), "error"))
+				}
+			}
+		}
+
+		for _, ons := range rl.OnEventSaved {
+			ons(ctx, evt)
+		}
+	}
+
+	return false, nil
+}

broadcasting.go

@@ -0,0 +1,11 @@
+package khatru
+
+import (
+	"github.com/nbd-wtf/go-nostr"
+)
+
+// BroadcastEvent emits an event to all listeners whose filters' match, skipping all filters and actions
+// it also doesn't attempt to store the event or trigger any reactions or callbacks
+func (rl *Relay) BroadcastEvent(evt *nostr.Event) {
+	notifyListeners(evt)
+}

deleting.go

@@ -0,0 +1,53 @@
+package khatru
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func (rl *Relay) handleDeleteRequest(ctx context.Context, evt *nostr.Event) error {
+	// event deletion -- nip09
+	for _, tag := range evt.Tags {
+		if len(tag) >= 2 && tag[0] == "e" {
+			// first we fetch the event
+			for _, query := range rl.QueryEvents {
+				ch, err := query(ctx, nostr.Filter{IDs: []string{tag[1]}})
+				if err != nil {
+					continue
+				}
+				target := <-ch
+				if target == nil {
+					continue
+				}
+				// got the event, now check if the user can delete it
+				acceptDeletion := target.PubKey == evt.PubKey
+				var msg string
+				if acceptDeletion == false {
+					msg = "you are not the author of this event"
+				}
+				// but if we have a function to overwrite this outcome, use that instead
+				for _, odo := range rl.OverwriteDeletionOutcome {
+					acceptDeletion, msg = odo(ctx, target, evt)
+				}
+				if acceptDeletion {
+					// delete it
+					for _, del := range rl.DeleteEvent {
+						if err := del(ctx, target); err != nil {
+							return err
+						}
+					}
+				} else {
+					// fail and stop here
+					return fmt.Errorf("blocked: %s", msg)
+				}
+
+				// don't try to query this same event again
+				break
+			}
+		}
+	}
+
+	return nil
+}

examples/basic-elasticsearch/main.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/fiatjaf/khatru"
 	"github.com/fiatjaf/eventstore/elasticsearch"
+	"github.com/fiatjaf/khatru"
 )
 
 func main() {

examples/basic-postgres/main.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/fiatjaf/khatru"
 	"github.com/fiatjaf/eventstore/postgresql"
+	"github.com/fiatjaf/khatru"
 )
 
 func main() {

examples/basic-sqlite3/main.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/fiatjaf/khatru"
 	"github.com/fiatjaf/eventstore/sqlite3"
+	"github.com/fiatjaf/khatru"
 )
 
 func main() {

examples/readme-demo/main.go

@@ -7,6 +7,7 @@ import (
 	"net/http"
 
 	"github.com/fiatjaf/khatru"
+	"github.com/fiatjaf/khatru/policies"
 	"github.com/nbd-wtf/go-nostr"
 )
 
@@ -53,6 +54,11 @@ func main() {
 
 	// there are many other configurable things you can set
 	relay.RejectEvent = append(relay.RejectEvent,
+		// built-in policies
+		policies.ValidateKind,
+
+		// define your own policies
+		policies.PreventLargeTags(80),
 		func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
 			if event.PubKey == "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52" {
 				return true, "we don't allow this person to write here"
@@ -63,18 +69,18 @@ func main() {
 
 	// you can request auth by rejecting an event or a request with the prefix "auth-required: "
 	relay.RejectFilter = append(relay.RejectFilter,
+		// built-in policies
+		policies.NoComplexFilters,
+
+		// define your own policies
 		func(ctx context.Context, filter nostr.Filter) (reject bool, msg string) {
 			if pubkey := khatru.GetAuthed(ctx); pubkey != "" {
 				log.Printf("request from %s\n", pubkey)
 				return false, ""
 			}
 			return true, "auth-required: only authenticated users can read from this relay"
-		},
-	)
-	relay.OnAuth = append(relay.OnAuth,
-		func(ctx context.Context, pubkey string) {
-			// and when they auth we can just log that for nothing
-			log.Println(pubkey + " is authed!")
+			// (this will cause an AUTH message to be sent and then a CLOSED message such that clients can
+			//  authenticate and then request again)
 		},
 	)
 	// check the docs for more goodies!

go.mod

@@ -1,15 +1,13 @@
 module github.com/fiatjaf/khatru
 
-go 1.21.0
+go 1.21.4
 
 require (
-	github.com/fasthttp/websocket v1.5.3
-	github.com/fiatjaf/eventstore v0.3.1
-	github.com/nbd-wtf/go-nostr v0.27.1
-	github.com/puzpuzpuz/xsync/v2 v2.5.1
+	github.com/fasthttp/websocket v1.5.7
+	github.com/fiatjaf/eventstore v0.5.1
+	github.com/nbd-wtf/go-nostr v0.34.3
+	github.com/puzpuzpuz/xsync/v3 v3.0.2
 	github.com/rs/cors v1.7.0
-	github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a
-	golang.org/x/exp v0.0.0-20231006140011-7918f672742d
 )
 
 require (
@@ -39,7 +37,7 @@ require (
 	github.com/google/flatbuffers v23.5.26+incompatible // indirect
 	github.com/jmoiron/sqlx v1.3.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
-	github.com/klauspost/compress v1.17.2 // indirect
+	github.com/klauspost/compress v1.17.8 // indirect
 	github.com/lib/pq v1.10.9 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-sqlite3 v1.14.18 // indirect
@@ -49,9 +47,10 @@ require (
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
-	github.com/valyala/fasthttp v1.47.0 // indirect
+	github.com/valyala/fasthttp v1.51.0 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/sys v0.20.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 )

go.sum

@@ -43,12 +43,12 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/fasthttp/websocket v1.5.3 h1:TPpQuLwJYfd4LJPXvHDYPMFWbLjsT91n3GpWtCQtdek=
-github.com/fasthttp/websocket v1.5.3/go.mod h1:46gg/UBmTU1kUaTcwQXpUxtRwG2PvIZYeA8oL6vF3Fs=
+github.com/fasthttp/websocket v1.5.7 h1:0a6o2OfeATvtGgoMKleURhLT6JqWPg7fYfWnH4KHau4=
+github.com/fasthttp/websocket v1.5.7/go.mod h1:bC4fxSono9czeXHQUVKxsC0sNjbm7lPJR04GDFqClfU=
 github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
-github.com/fiatjaf/eventstore v0.3.1 h1:GDuF8RxBNL6km9Y7qEucDQbkzKfkPJqoA/YiiIE0wao=
-github.com/fiatjaf/eventstore v0.3.1/go.mod h1:q3r6SuNhCxaSwfnK++2BratEVUcwK2NNr004hLOpz7Q=
+github.com/fiatjaf/eventstore v0.5.1 h1:tTh+JYP0RME51VY2QB2Gvtzj6QTaZAnSVhgZtrYqY2A=
+github.com/fiatjaf/eventstore v0.5.1/go.mod h1:r5yCFmrVNT2b1xUOuMnDVS3xPGh97y8IgTcLyY2rYP8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
@@ -103,8 +103,8 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4=
-github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
+github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=
+github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
@@ -113,21 +113,19 @@ github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
 github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
-github.com/nbd-wtf/go-nostr v0.27.1 h1:DAwXpAUGxq3/B8KZIWlZmJIoDNkMvlKqQwB/OM/49xk=
-github.com/nbd-wtf/go-nostr v0.27.1/go.mod h1:bkffJI+x914sPQWum9ZRUn66D7NpDnAoWo1yICvj3/0=
+github.com/nbd-wtf/go-nostr v0.34.3 h1:JfDOHOje7gzUhisbZD0v2Y9b9vh2PmP6eHsU/GfU8QE=
+github.com/nbd-wtf/go-nostr v0.34.3/go.mod h1:NZQkxl96ggbO8rvDpVjcsojJqKTPwqhP4i82O7K5DJs=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/puzpuzpuz/xsync/v2 v2.5.1 h1:mVGYAvzDSu52+zaGyNjC+24Xw2bQi3kTr4QJ6N9pIIU=
-github.com/puzpuzpuz/xsync/v2 v2.5.1/go.mod h1:gD2H2krq/w52MfPLE+Uy64TzJDVY7lP2znR9qmR35kU=
+github.com/puzpuzpuz/xsync/v3 v3.0.2 h1:3yESHrRFYr6xzkz61LLkvNiPFXxJEAABanTQpKbAaew=
+github.com/puzpuzpuz/xsync/v3 v3.0.2/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
 github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
 github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
 github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee h1:8Iv5m6xEo1NR1AvpV+7XmhI4r39LGNzwUL4YpMuL5vk=
 github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee/go.mod h1:qwtSXrKuJh/zsFQ12yEE89xfCrGKK63Rr7ctU/uCo4g=
-github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a h1:iLcLb5Fwwz7g/DLK89F+uQBDeAhHhwdzB5fSlVdhGcM=
-github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a/go.mod h1:wozgYq9WEBQBaIJe4YZ0qTSFAMxmcwBhQH0fO0R34Z0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -135,8 +133,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
 github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
@@ -146,8 +144,8 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
 github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasthttp v1.47.0 h1:y7moDoxYzMooFpT5aHgNgVOQDrS3qlkfiP9mDtGGK9c=
-github.com/valyala/fasthttp v1.47.0/go.mod h1:k2zXd82h/7UZc3VOdJ2WaUqt1uZ/XpXAfE9i+HBC3lA=
+github.com/valyala/fasthttp v1.51.0 h1:8b30A5JlZ6C7AS81RsWjYMQmrZG6feChmgAolCl1SqA=
+github.com/valyala/fasthttp v1.51.0/go.mod h1:oI2XroL+lI7vdXyYoQk03bXBThfFl2cVdIA3Xl7cH8g=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
@@ -172,8 +170,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
+golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -186,8 +184,8 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
-golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

handlers.go

@@ -5,7 +5,6 @@ import (
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/hex"
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -28,12 +27,21 @@ func (rl *Relay) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		rl.HandleWebsocket(w, r)
 	} else if r.Header.Get("Accept") == "application/nostr+json" {
 		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP11)).ServeHTTP(w, r)
+	} else if r.Header.Get("Content-Type") == "application/nostr+json+rpc" {
+		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP86)).ServeHTTP(w, r)
 	} else {
 		rl.serveMux.ServeHTTP(w, r)
 	}
 }
 
 func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
+	for _, reject := range rl.RejectConnection {
+		if reject(r) {
+			w.WriteHeader(429) // Too many requests
+			return
+		}
+	}
+
 	conn, err := rl.upgrader.Upgrade(w, r, nil)
 	if err != nil {
 		rl.Log.Printf("failed to upgrade websocket: %v\n", err)
@@ -50,7 +58,6 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 		conn:      conn,
 		Request:   r,
 		Challenge: hex.EncodeToString(challenge),
-		Authed:    make(chan struct{}),
 	}
 
 	ctx, cancel := context.WithCancel(
@@ -97,6 +104,7 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 					websocket.CloseGoingAway,        // 1001
 					websocket.CloseNoStatusReceived, // 1005
 					websocket.CloseAbnormalClosure,  // 1006
+					4537,                            // some client seems to send many of these
 				) {
 					rl.Log.Printf("unexpected close error from %s: %v\n", r.Header.Get("X-Forwarded-For"), err)
 				}
@@ -134,19 +142,51 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 						return
 					}
 
+					// check NIP-70 protected
+					for _, v := range env.Event.Tags {
+						if len(v) == 1 && v[0] == "-" {
+							msg := "must be published by event author"
+							authed := GetAuthed(ctx)
+							if authed == "" {
+								RequestAuth(ctx)
+								ws.WriteJSON(nostr.OKEnvelope{
+									EventID: env.Event.ID,
+									OK:      false,
+									Reason:  "auth-required: " + msg,
+								})
+								return
+							}
+							if authed != env.Event.PubKey {
+								ws.WriteJSON(nostr.OKEnvelope{
+									EventID: env.Event.ID,
+									OK:      false,
+									Reason:  "blocked: " + msg,
+								})
+								return
+							}
+						}
+					}
+
 					var ok bool
 					var writeErr error
+					var skipBroadcast bool
 					if env.Event.Kind == 5 {
 						// this always returns "blocked: " whenever it returns an error
 						writeErr = rl.handleDeleteRequest(ctx, &env.Event)
 					} else {
 						// this will also always return a prefixed reason
-						writeErr = rl.AddEvent(ctx, &env.Event)
+						skipBroadcast, writeErr = rl.AddEvent(ctx, &env.Event)
 					}
 
 					var reason string
 					if writeErr == nil {
 						ok = true
+						for _, ovw := range rl.OverwriteResponseEvent {
+							ovw(ctx, &env.Event)
+						}
+						if !skipBroadcast {
+							notifyListeners(&env.Event)
+						}
 					} else {
 						reason = writeErr.Error()
 						if strings.HasPrefix(reason, "auth-required:") {
@@ -204,7 +244,12 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 					wsBaseUrl := strings.Replace(rl.ServiceURL, "http", "ws", 1)
 					if pubkey, ok := nip42.ValidateAuthEvent(&env.Event, ws.Challenge, wsBaseUrl); ok {
 						ws.AuthedPublicKey = pubkey
-						close(ws.Authed)
+						ws.authLock.Lock()
+						if ws.Authed != nil {
+							close(ws.Authed)
+							ws.Authed = nil
+						}
+						ws.authLock.Unlock()
 						ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: true})
 					} else {
 						ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: false, Reason: "error: failed to authenticate"})
@@ -233,14 +278,3 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 		}
 	}()
 }
-
-func (rl *Relay) HandleNIP11(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Content-Type", "application/nostr+json")
-
-	info := *rl.Info
-	for _, ovw := range rl.OverwriteRelayInformation {
-		info = ovw(r.Context(), r, info)
-	}
-
-	json.NewEncoder(w).Encode(info)
-}

helpers.go

@@ -1,19 +1,14 @@
 package khatru
 
 import (
-	"hash/maphash"
+	"net"
 	"net/http"
 	"strconv"
 	"strings"
-	"unsafe"
 
 	"github.com/nbd-wtf/go-nostr"
 )
 
-func pointerHasher[V any](_ maphash.Seed, k *V) uint64 {
-	return uint64(uintptr(unsafe.Pointer(k)))
-}
-
 func isOlder(previous, next *nostr.Event) bool {
 	return previous.CreatedAt < next.CreatedAt ||
 		(previous.CreatedAt == next.CreatedAt && previous.ID > next.ID)
@@ -40,3 +35,43 @@ func getServiceBaseURL(r *http.Request) string {
 	}
 	return proto + "://" + host
 }
+
+var privateMasks = func() []net.IPNet {
+	privateCIDRs := []string{
+		"127.0.0.0/8",
+		"10.0.0.0/8",
+		"172.16.0.0/12",
+		"192.168.0.0/16",
+		"fc00::/7",
+	}
+	masks := make([]net.IPNet, len(privateCIDRs))
+	for i, cidr := range privateCIDRs {
+		_, netw, err := net.ParseCIDR(cidr)
+		if err != nil {
+			return nil
+		}
+		masks[i] = *netw
+	}
+	return masks
+}()
+
+func isPrivate(ip net.IP) bool {
+	for _, mask := range privateMasks {
+		if mask.Contains(ip) {
+			return true
+		}
+	}
+	return false
+}
+
+func GetIPFromRequest(r *http.Request) string {
+	if xffh := r.Header.Get("X-Forwarded-For"); xffh != "" {
+		for _, v := range strings.Split(xffh, ",") {
+			if ip := net.ParseIP(strings.TrimSpace(v)); ip != nil && ip.IsGlobalUnicast() && !isPrivate(ip) {
+				return ip.String()
+			}
+		}
+	}
+	ip, _, _ := net.SplitHostPort(r.RemoteAddr)
+	return ip
+}

listener.go

@@ -5,7 +5,7 @@ import (
 	"fmt"
 
 	"github.com/nbd-wtf/go-nostr"
-	"github.com/puzpuzpuz/xsync/v2"
+	"github.com/puzpuzpuz/xsync/v3"
 )
 
 type Listener struct {
@@ -13,7 +13,7 @@ type Listener struct {
 	cancel  context.CancelCauseFunc
 }
 
-var listeners = xsync.NewTypedMapOf[*WebSocket, *xsync.MapOf[string, *Listener]](pointerHasher[WebSocket])
+var listeners = xsync.NewMapOf[*WebSocket, *xsync.MapOf[string, *Listener]]()
 
 func GetListeningFilters() nostr.Filters {
 	respfilters := make(nostr.Filters, 0, listeners.Size()*2)
@@ -49,7 +49,7 @@ func GetListeningFilters() nostr.Filters {
 
 func setListener(id string, ws *WebSocket, filters nostr.Filters, cancel context.CancelCauseFunc) {
 	subs, _ := listeners.LoadOrCompute(ws, func() *xsync.MapOf[string, *Listener] {
-		return xsync.NewMapOf[*Listener]()
+		return xsync.NewMapOf[string, *Listener]()
 	})
 	subs.Store(id, &Listener{filters: filters, cancel: cancel})
 }

nip11.go

@@ -0,0 +1,25 @@
+package khatru
+
+import (
+	"encoding/json"
+	"net/http"
+)
+
+func (rl *Relay) HandleNIP11(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "application/nostr+json")
+
+	info := *rl.Info
+
+	if len(rl.DeleteEvent) > 0 {
+		info.SupportedNIPs = append(info.SupportedNIPs, 9)
+	}
+	if len(rl.CountEvents) > 0 {
+		info.SupportedNIPs = append(info.SupportedNIPs, 45)
+	}
+
+	for _, ovw := range rl.OverwriteRelayInformation {
+		info = ovw(r.Context(), r, info)
+	}
+
+	json.NewEncoder(w).Encode(info)
+}

nip86.go

@@ -0,0 +1,267 @@
+package khatru
+
+import (
+	"context"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"reflect"
+	"strings"
+
+	"github.com/nbd-wtf/go-nostr"
+	"github.com/nbd-wtf/go-nostr/nip86"
+)
+
+type RelayManagementAPI struct {
+	RejectAPICall []func(ctx context.Context, mp nip86.MethodParams) (reject bool, msg string)
+
+	BanPubKey                   func(ctx context.Context, pubkey string, reason string) error
+	ListBannedPubKeys           func(ctx context.Context) ([]nip86.PubKeyReason, error)
+	AllowPubKey                 func(ctx context.Context, pubkey string, reason string) error
+	ListAllowedPubKeys          func(ctx context.Context) ([]nip86.PubKeyReason, error)
+	ListEventsNeedingModeration func(ctx context.Context) ([]nip86.IDReason, error)
+	AllowEvent                  func(ctx context.Context, id string, reason string) error
+	BanEvent                    func(ctx context.Context, id string, reason string) error
+	ListBannedEvents            func(ctx context.Context) ([]nip86.IDReason, error)
+	ChangeRelayName             func(ctx context.Context, name string) error
+	ChangeRelayDescription      func(ctx context.Context, desc string) error
+	ChangeRelayIcon             func(ctx context.Context, icon string) error
+	AllowKind                   func(ctx context.Context, kind int) error
+	DisallowKind                func(ctx context.Context, kind int) error
+	ListAllowedKinds            func(ctx context.Context) ([]int, error)
+	BlockIP                     func(ctx context.Context, ip net.IP, reason string) error
+	UnblockIP                   func(ctx context.Context, ip net.IP, reason string) error
+	ListBlockedIPs              func(ctx context.Context) ([]nip86.IPReason, error)
+}
+
+func (rl *Relay) HandleNIP86(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "application/nostr+json+rpc")
+
+	var (
+		resp        nip86.Response
+		ctx         = r.Context()
+		req         nip86.Request
+		mp          nip86.MethodParams
+		evt         nostr.Event
+		payloadHash [32]byte
+	)
+
+	payload, err := io.ReadAll(r.Body)
+	if err != nil {
+		resp.Error = "empty request"
+		goto respond
+	}
+	payloadHash = sha256.Sum256(payload)
+
+	{
+		auth := r.Header.Get("Authorization")
+		spl := strings.Split(auth, "Nostr ")
+		if len(spl) != 2 {
+			resp.Error = "missing auth"
+			goto respond
+		}
+		if evtj, err := base64.StdEncoding.DecodeString(spl[1]); err != nil {
+			resp.Error = "invalid base64 auth"
+			goto respond
+		} else if err := json.Unmarshal(evtj, &evt); err != nil {
+			resp.Error = "invalid auth event json"
+			goto respond
+		} else if ok, _ := evt.CheckSignature(); !ok {
+			resp.Error = "invalid auth event"
+			goto respond
+		} else if pht := evt.Tags.GetFirst([]string{"payload", hex.EncodeToString(payloadHash[:])}); pht == nil {
+			resp.Error = "invalid auth event payload hash"
+			goto respond
+		} else if evt.CreatedAt < nostr.Now()-30 {
+			resp.Error = "auth event is too old"
+			goto respond
+		}
+	}
+
+	if err := json.Unmarshal(payload, &req); err != nil {
+		resp.Error = "invalid json body"
+		goto respond
+	}
+
+	mp, err = nip86.DecodeRequest(req)
+	if err != nil {
+		resp.Error = fmt.Sprintf("invalid params: %s", err)
+		goto respond
+	}
+
+	ctx = context.WithValue(ctx, nip86HeaderAuthKey, evt.PubKey)
+	for _, rac := range rl.ManagementAPI.RejectAPICall {
+		if reject, msg := rac(ctx, mp); reject {
+			resp.Error = msg
+			goto respond
+		}
+	}
+
+	if _, ok := mp.(nip86.SupportedMethods); ok {
+		mat := reflect.TypeOf(rl.ManagementAPI)
+		mav := reflect.ValueOf(rl.ManagementAPI)
+
+		methods := make([]string, 0, mat.NumField())
+		for i := 0; i < mat.NumField(); i++ {
+			field := mat.Field(i)
+
+			// danger: this assumes the struct fields are appropriately named
+			methodName := strings.ToLower(field.Name)
+
+			// assign this only if the function was defined
+			if mav.Field(i).Interface() != nil {
+				methods[i] = methodName
+			}
+		}
+		resp.Result = methods
+	} else {
+		switch thing := mp.(type) {
+		case nip86.BanPubKey:
+			if rl.ManagementAPI.BanPubKey == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BanPubKey(ctx, thing.PubKey, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListBannedPubKeys:
+			if rl.ManagementAPI.ListBannedPubKeys == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListBannedPubKeys(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.AllowPubKey:
+			if rl.ManagementAPI.AllowPubKey == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowPubKey(ctx, thing.PubKey, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListAllowedPubKeys:
+			if rl.ManagementAPI.ListAllowedPubKeys == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListAllowedPubKeys(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.BanEvent:
+			if rl.ManagementAPI.BanEvent == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BanEvent(ctx, thing.ID, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.AllowEvent:
+			if rl.ManagementAPI.AllowEvent == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowEvent(ctx, thing.ID, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListEventsNeedingModeration:
+			if rl.ManagementAPI.ListEventsNeedingModeration == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListEventsNeedingModeration(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.ListBannedEvents:
+			if rl.ManagementAPI.ListBannedEvents == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListEventsNeedingModeration(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.ChangeRelayName:
+			if rl.ManagementAPI.ChangeRelayName == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayName(ctx, thing.Name); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ChangeRelayDescription:
+			if rl.ManagementAPI.ChangeRelayDescription == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayDescription(ctx, thing.Description); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ChangeRelayIcon:
+			if rl.ManagementAPI.ChangeRelayIcon == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayIcon(ctx, thing.IconURL); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.AllowKind:
+			if rl.ManagementAPI.AllowKind == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowKind(ctx, thing.Kind); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.DisallowKind:
+			if rl.ManagementAPI.DisallowKind == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.DisallowKind(ctx, thing.Kind); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListAllowedKinds:
+			if rl.ManagementAPI.ListAllowedKinds == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListAllowedKinds(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.BlockIP:
+			if rl.ManagementAPI.BlockIP == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BlockIP(ctx, thing.IP, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.UnblockIP:
+			if rl.ManagementAPI.UnblockIP == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.UnblockIP(ctx, thing.IP, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListBlockedIPs:
+			if rl.ManagementAPI.ListBlockedIPs == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListBlockedIPs(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		default:
+			resp.Error = fmt.Sprintf("method '%s' not known", mp.MethodName())
+		}
+	}
+
+respond:
+	json.NewEncoder(w).Encode(resp)
+}

policies/events.go

@@ -2,9 +2,11 @@ package policies
 
 import (
 	"context"
+	"fmt"
+	"slices"
+	"strings"
 
 	"github.com/nbd-wtf/go-nostr"
-	"golang.org/x/exp/slices"
 )
 
 // PreventTooManyIndexableTags returns a function that can be used as a RejectFilter that will reject
@@ -13,6 +15,9 @@ import (
 // If ignoreKinds is given this restriction will not apply to these kinds (useful for allowing a bigger).
 // If onlyKinds is given then all other kinds will be ignored.
 func PreventTooManyIndexableTags(max int, ignoreKinds []int, onlyKinds []int) func(context.Context, *nostr.Event) (bool, string) {
+	slices.Sort(ignoreKinds)
+	slices.Sort(onlyKinds)
+
 	ignore := func(kind int) bool { return false }
 	if len(ignoreKinds) > 0 {
 		ignore = func(kind int) bool {
@@ -62,32 +67,15 @@ func PreventLargeTags(maxTagValueLen int) func(context.Context, *nostr.Event) (b
 // RestrictToSpecifiedKinds returns a function that can be used as a RejectFilter that will reject
 // any events with kinds different than the specified ones.
 func RestrictToSpecifiedKinds(kinds ...uint16) func(context.Context, *nostr.Event) (bool, string) {
-	max := 0
-	min := 0
-	for _, kind := range kinds {
-		if int(kind) > max {
-			max = int(kind)
-		}
-		if int(kind) < min {
-			min = int(kind)
-		}
-	}
+	// sort the kinds in increasing order
+	slices.Sort(kinds)
 
 	return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
-		// these are cheap and very questionable optimizations, but they exist for a reason:
-		// we would have to ensure that the kind number is within the bounds of a uint16 anyway
-		if event.Kind > max {
-			return true, "event kind not allowed"
-		}
-		if event.Kind < min {
-			return true, "event kind not allowed"
-		}
-
-		// hopefully this map of uint16s is very fast
 		if _, allowed := slices.BinarySearch(kinds, uint16(event.Kind)); allowed {
 			return false, ""
 		}
-		return true, "event kind not allowed"
+
+		return true, fmt.Sprintf("received event kind %d not allowed", event.Kind)
 	}
 }
 
@@ -108,3 +96,7 @@ func PreventTimestampsInTheFuture(thresholdSeconds nostr.Timestamp) func(context
 		return false, ""
 	}
 }
+
+func RejectEventsWithBase64Media(ctx context.Context, evt *nostr.Event) (bool, string) {
+	return strings.Contains(evt.Content, "data:image/") || strings.Contains(evt.Content, "data:video/"), "event with base64 media"
+}

policies/filters.go

@@ -2,9 +2,9 @@ package policies
 
 import (
 	"context"
+	"slices"
 
 	"github.com/nbd-wtf/go-nostr"
-	"golang.org/x/exp/slices"
 )
 
 // NoComplexFilters disallows filters with more than 2 tags.
@@ -45,7 +45,10 @@ func NoSearchQueries(ctx context.Context, filter nostr.Filter) (reject bool, msg
 }
 
 func RemoveSearchQueries(ctx context.Context, filter *nostr.Filter) {
-	filter.Search = ""
+	if filter.Search != "" {
+		filter.Search = ""
+		filter.LimitZero = true // signals that this query should be just skipped
+	}
 }
 
 func RemoveAllButKinds(kinds ...uint16) func(context.Context, *nostr.Filter) {
@@ -58,15 +61,23 @@ func RemoveAllButKinds(kinds ...uint16) func(context.Context, *nostr.Filter) {
 				}
 			}
 			filter.Kinds = newKinds
+			if len(filter.Kinds) == 0 {
+				filter.LimitZero = true // signals that this query should be just skipped
+			}
 		}
 	}
 }
 
 func RemoveAllButTags(tagNames ...string) func(context.Context, *nostr.Filter) {
 	return func(ctx context.Context, filter *nostr.Filter) {
-		for tagName := range filter.Tags {
-			if !slices.Contains(tagNames, tagName) {
-				delete(filter.Tags, tagName)
+		if n := len(filter.Tags); n > 0 {
+			for tagName := range filter.Tags {
+				if !slices.Contains(tagNames, tagName) {
+					delete(filter.Tags, tagName)
+				}
+			}
+			if len(filter.Tags) == 0 {
+				filter.LimitZero = true // signals that this query should be just skipped
 			}
 		}
 	}

policies/helpers.go

@@ -0,0 +1,43 @@
+package policies
+
+import (
+	"sync/atomic"
+	"time"
+
+	"github.com/puzpuzpuz/xsync/v3"
+)
+
+func startRateLimitSystem[K comparable](
+	tokensPerInterval int,
+	interval time.Duration,
+	maxTokens int,
+) func(key K) (ratelimited bool) {
+	negativeBuckets := xsync.NewMapOf[K, *atomic.Int32]()
+	maxTokensInt32 := int32(maxTokens)
+
+	go func() {
+		for {
+			time.Sleep(interval)
+			negativeBuckets.Range(func(key K, bucket *atomic.Int32) bool {
+				newv := bucket.Add(int32(-tokensPerInterval))
+				if newv <= 0 {
+					negativeBuckets.Delete(key)
+				}
+				return true
+			})
+		}
+	}()
+
+	return func(key K) bool {
+		nb, _ := negativeBuckets.LoadOrStore(key, &atomic.Int32{})
+
+		if nb.Load() < maxTokensInt32 {
+			nb.Add(1)
+			// rate limit not reached yet
+			return false
+		}
+
+		// rate limit reached
+		return true
+	}
+}

policies/kind_validation.go

@@ -0,0 +1,29 @@
+package policies
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func ValidateKind(ctx context.Context, evt *nostr.Event) (bool, string) {
+	switch evt.Kind {
+	case 0:
+		var m struct {
+			Name string `json:"name"`
+		}
+		json.Unmarshal([]byte(evt.Content), &m)
+		if m.Name == "" {
+			return true, "missing json name in kind 0"
+		}
+	case 1:
+		return false, ""
+	case 2:
+		return true, "this kind has been deprecated"
+	}
+
+	// TODO: all other kinds
+
+	return false, ""
+}

policies/nip04.go

@@ -3,9 +3,10 @@ package policies
 import (
 	"context"
 
+	"slices"
+
 	"github.com/fiatjaf/khatru"
 	"github.com/nbd-wtf/go-nostr"
-	"golang.org/x/exp/slices"
 )
 
 // RejectKind04Snoopers prevents reading NIP-04 messages from people not involved in the conversation.

policies/ratelimits.go

@@ -0,0 +1,42 @@
+package policies
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"github.com/fiatjaf/khatru"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func EventIPRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens int) func(ctx context.Context, _ *nostr.Event) (reject bool, msg string) {
+	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)
+
+	return func(ctx context.Context, _ *nostr.Event) (reject bool, msg string) {
+		return rl(khatru.GetIP(ctx)), "rate-limited: slow down, please"
+	}
+}
+
+func EventPubKeyRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens int) func(ctx context.Context, _ *nostr.Event) (reject bool, msg string) {
+	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)
+
+	return func(ctx context.Context, evt *nostr.Event) (reject bool, msg string) {
+		return rl(evt.PubKey), "rate-limited: slow down, please"
+	}
+}
+
+func ConnectionRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens int) func(r *http.Request) bool {
+	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)
+
+	return func(r *http.Request) bool {
+		return rl(khatru.GetIPFromRequest(r))
+	}
+}
+
+func FilterIPRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens int) func(ctx context.Context, _ nostr.Filter) (reject bool, msg string) {
+	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)
+
+	return func(ctx context.Context, _ nostr.Filter) (reject bool, msg string) {
+		return rl(khatru.GetIP(ctx)), "rate-limited: there is a bug in the client, no one should be making so many requests"
+	}
+}

policies/sane_defaults.go

@@ -0,0 +1,24 @@
+package policies
+
+import (
+	"time"
+
+	"github.com/fiatjaf/khatru"
+)
+
+func ApplySaneDefaults(relay *khatru.Relay) {
+	relay.RejectEvent = append(relay.RejectEvent,
+		RejectEventsWithBase64Media,
+		EventIPRateLimiter(2, time.Minute*3, 5),
+	)
+
+	relay.RejectFilter = append(relay.RejectFilter,
+		NoEmptyFilters,
+		NoComplexFilters,
+		FilterIPRateLimiter(20, time.Minute, 100),
+	)
+
+	relay.RejectConnection = append(relay.RejectConnection,
+		ConnectionRateLimiter(1, time.Minute*5, 3),
+	)
+}

relay.go

@@ -10,7 +10,7 @@ import (
 	"github.com/fasthttp/websocket"
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/nbd-wtf/go-nostr/nip11"
-	"github.com/puzpuzpuz/xsync/v2"
+	"github.com/puzpuzpuz/xsync/v3"
 )
 
 func NewRelay() *Relay {
@@ -20,7 +20,7 @@ func NewRelay() *Relay {
 		Info: &nip11.RelayInformationDocument{
 			Software:      "https://github.com/fiatjaf/khatru",
 			Version:       "n/a",
-			SupportedNIPs: make([]int, 0),
+			SupportedNIPs: []int{1, 11, 42, 70, 86},
 		},
 
 		upgrader: websocket.Upgrader{
@@ -29,7 +29,7 @@ func NewRelay() *Relay {
 			CheckOrigin:     func(r *http.Request) bool { return true },
 		},
 
-		clients:  xsync.NewTypedMapOf[*websocket.Conn, struct{}](pointerHasher[websocket.Conn]),
+		clients:  xsync.NewMapOf[*websocket.Conn, struct{}](),
 		serveMux: &http.ServeMux{},
 
 		WriteWait:      10 * time.Second,
@@ -45,6 +45,7 @@ type Relay struct {
 	RejectEvent               []func(ctx context.Context, event *nostr.Event) (reject bool, msg string)
 	RejectFilter              []func(ctx context.Context, filter nostr.Filter) (reject bool, msg string)
 	RejectCountFilter         []func(ctx context.Context, filter nostr.Filter) (reject bool, msg string)
+	RejectConnection          []func(r *http.Request) bool
 	OverwriteDeletionOutcome  []func(ctx context.Context, target *nostr.Event, deletion *nostr.Event) (acceptDeletion bool, msg string)
 	OverwriteResponseEvent    []func(ctx context.Context, event *nostr.Event)
 	OverwriteFilter           []func(ctx context.Context, filter *nostr.Filter)
@@ -54,12 +55,15 @@ type Relay struct {
 	DeleteEvent               []func(ctx context.Context, event *nostr.Event) error
 	QueryEvents               []func(ctx context.Context, filter nostr.Filter) (chan *nostr.Event, error)
 	CountEvents               []func(ctx context.Context, filter nostr.Filter) (int64, error)
-	OnAuth                    []func(ctx context.Context, pubkey string)
 	OnConnect                 []func(ctx context.Context)
 	OnDisconnect              []func(ctx context.Context)
 	OnEventSaved              []func(ctx context.Context, event *nostr.Event)
+	OnEphemeralEvent          []func(ctx context.Context, event *nostr.Event)
 
-	// editing info will affect
+	// setting up handlers here will enable these methods
+	ManagementAPI RelayManagementAPI
+
+	// editing info will affect the NIP-11 responses
 	Info *nip11.RelayInformationDocument
 
 	// Default logger, as set by NewServer, is a stdlib logger prefixed with "[khatru-relay] ",

responding.go

@@ -17,8 +17,9 @@ func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGr
 		ovw(ctx, &filter)
 	}
 
-	if filter.Limit < 0 {
-		return errors.New("blocked: filter invalidated")
+	if filter.LimitZero {
+		// don't do any queries, just subscribe to future events
+		return nil
 	}
 
 	// then check if we'll reject this filter (we apply this after overwriting
@@ -27,7 +28,6 @@ func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGr
 	// filter we can just reject it)
 	for _, reject := range rl.RejectFilter {
 		if reject, msg := reject(ctx, filter); reject {
-			ws.WriteJSON(nostr.NoticeEnvelope(msg))
 			return errors.New(nostr.NormalizeOKMessage(msg, "blocked"))
 		}
 	}
@@ -41,6 +41,9 @@ func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGr
 			ws.WriteJSON(nostr.NoticeEnvelope(err.Error()))
 			eose.Done()
 			continue
+		} else if ch == nil {
+			eose.Done()
+			continue
 		}
 
 		go func(ch chan *nostr.Event) {

utils.go

@@ -4,29 +4,44 @@ import (
 	"context"
 
 	"github.com/nbd-wtf/go-nostr"
-	"github.com/sebest/xff"
 )
 
 const (
 	wsKey = iota
 	subscriptionIdKey
+	nip86HeaderAuthKey
 )
 
 func RequestAuth(ctx context.Context) {
 	ws := GetConnection(ctx)
+	ws.authLock.Lock()
+	if ws.Authed == nil {
+		ws.Authed = make(chan struct{})
+	}
+	ws.authLock.Unlock()
 	ws.WriteJSON(nostr.AuthEnvelope{Challenge: &ws.Challenge})
 }
 
 func GetConnection(ctx context.Context) *WebSocket {
-	return ctx.Value(wsKey).(*WebSocket)
+	wsi := ctx.Value(wsKey)
+	if wsi != nil {
+		return wsi.(*WebSocket)
+	}
+	return nil
 }
 
 func GetAuthed(ctx context.Context) string {
-	return GetConnection(ctx).AuthedPublicKey
+	if conn := GetConnection(ctx); conn != nil {
+		return conn.AuthedPublicKey
+	}
+	if nip86Auth := ctx.Value(nip86HeaderAuthKey); nip86Auth != nil {
+		return nip86Auth.(string)
+	}
+	return ""
 }
 
 func GetIP(ctx context.Context) string {
-	return xff.GetRemoteAddr(GetConnection(ctx).Request)
+	return GetIPFromRequest(GetConnection(ctx).Request)
 }
 
 func GetSubscriptionID(ctx context.Context) string {

websocket.go

@@ -18,6 +18,8 @@ type WebSocket struct {
 	Challenge       string
 	AuthedPublicKey string
 	Authed          chan struct{}
+
+	authLock sync.Mutex
 }
 
 func (ws *WebSocket) WriteJSON(any any) error {