support hyperloglog handlers on COUNT.

small tweaks to nip86 authorization flow and use rl.ServiceURL.
corrects malformed json in blossom list
2026-04-07 14:06:51 +02:00 · 2024-12-07 00:26:22 -03:00 · 2024-11-25 14:11:27 -03:00 · 2024-11-22 10:03:50 -03:00 · 2024-11-22 07:54:57 -03:00 · 2024-11-21 11:58:12 -03:00
30 changed files with 1077 additions and 126 deletions
--- a/README.md
+++ b/README.md
@@ -73,7 +73,7 @@ func main() {
 		policies.ValidateKind,

 		// define your own policies
-		policies.PreventLargeTags(80),
+		policies.PreventLargeTags(100),
 		func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
 			if event.PubKey == "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52" {
 				return true, "we don't allow this person to write here"
--- a/adding.go
+++ b/adding.go
@@ -11,6 +11,9 @@ import (

 // AddEvent sends an event through then normal add pipeline, as if it was received from a websocket.
 func (rl *Relay) AddEvent(ctx context.Context, evt *nostr.Event) (skipBroadcast bool, writeError error) {
+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
 	if evt == nil {
 		return false, errors.New("error: event is nil")
 	}
--- a/blossom/authorization.go
+++ b/blossom/authorization.go
@@ -0,0 +1,46 @@
+package blossom
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+	"strings"
+
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func readAuthorization(r *http.Request) (*nostr.Event, error) {
+	token := r.Header.Get("Authorization")
+	if !strings.HasPrefix(token, "Nostr ") {
+		return nil, nil
+	}
+
+	var reader io.Reader
+	reader = bytes.NewReader([]byte(token)[6:])
+	reader = base64.NewDecoder(base64.StdEncoding, reader)
+	var evt nostr.Event
+	err := json.NewDecoder(reader).Decode(&evt)
+
+	if err != nil || evt.Kind != 24242 || len(evt.ID) != 64 || !evt.CheckID() {
+		return nil, fmt.Errorf("invalid event")
+	}
+
+	if ok, _ := evt.CheckSignature(); !ok {
+		return nil, fmt.Errorf("invalid signature")
+	}
+
+	expirationTag := evt.Tags.GetFirst([]string{"expiration", ""})
+	if expirationTag == nil {
+		return nil, fmt.Errorf("missing \"expiration\" tag")
+	}
+	expiration, _ := strconv.ParseInt((*expirationTag)[1], 10, 64)
+	if nostr.Timestamp(expiration) < nostr.Now() {
+		return nil, fmt.Errorf("event expired")
+	}
+
+	return &evt, nil
+}
--- a/blossom/blob.go
+++ b/blossom/blob.go
@@ -0,0 +1,26 @@
+package blossom
+
+import (
+	"context"
+
+	"github.com/nbd-wtf/go-nostr"
+)
+
+type BlobDescriptor struct {
+	URL      string          `json:"url"`
+	SHA256   string          `json:"sha256"`
+	Size     int             `json:"size"`
+	Type     string          `json:"type"`
+	Uploaded nostr.Timestamp `json:"uploaded"`
+
+	Owner string `json:"-"`
+}
+
+type BlobIndex interface {
+	Keep(ctx context.Context, blob BlobDescriptor, pubkey string) error
+	List(ctx context.Context, pubkey string) (chan BlobDescriptor, error)
+	Get(ctx context.Context, sha256 string) (*BlobDescriptor, error)
+	Delete(ctx context.Context, sha256 string, pubkey string) error
+}
+
+var _ BlobIndex = (*EventStoreBlobIndexWrapper)(nil)
--- a/blossom/eventstorewrapper.go
+++ b/blossom/eventstorewrapper.go
@@ -0,0 +1,104 @@
+package blossom
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/fiatjaf/eventstore"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+// EventStoreBlobIndexWrapper uses fake events to keep track of what blobs we have stored and who owns them
+type EventStoreBlobIndexWrapper struct {
+	eventstore.Store
+
+	ServiceURL string
+}
+
+func (es EventStoreBlobIndexWrapper) Keep(ctx context.Context, blob BlobDescriptor, pubkey string) error {
+	ch, err := es.Store.QueryEvents(ctx, nostr.Filter{Authors: []string{pubkey}, Kinds: []int{24242}, Tags: nostr.TagMap{"x": []string{blob.SHA256}}})
+	if err != nil {
+		return err
+	}
+
+	if <-ch == nil {
+		// doesn't exist, save
+		evt := &nostr.Event{
+			PubKey: pubkey,
+			Kind:   24242,
+			Tags: nostr.Tags{
+				{"x", blob.SHA256},
+				{"type", blob.Type},
+				{"size", strconv.Itoa(blob.Size)},
+			},
+			CreatedAt: blob.Uploaded,
+		}
+		evt.ID = evt.GetID()
+		es.Store.SaveEvent(ctx, evt)
+	}
+
+	return nil
+}
+
+func (es EventStoreBlobIndexWrapper) List(ctx context.Context, pubkey string) (chan BlobDescriptor, error) {
+	ech, err := es.Store.QueryEvents(ctx, nostr.Filter{Authors: []string{pubkey}, Kinds: []int{24242}})
+	if err != nil {
+		return nil, err
+	}
+
+	ch := make(chan BlobDescriptor)
+
+	go func() {
+		for evt := range ech {
+			ch <- es.parseEvent(evt)
+		}
+		close(ch)
+	}()
+
+	return ch, nil
+}
+
+func (es EventStoreBlobIndexWrapper) Get(ctx context.Context, sha256 string) (*BlobDescriptor, error) {
+	ech, err := es.Store.QueryEvents(ctx, nostr.Filter{Tags: nostr.TagMap{"x": []string{sha256}}, Kinds: []int{24242}, Limit: 1})
+	if err != nil {
+		return nil, err
+	}
+
+	evt := <-ech
+	if evt != nil {
+		bd := es.parseEvent(evt)
+		return &bd, nil
+	}
+
+	return nil, nil
+}
+
+func (es EventStoreBlobIndexWrapper) Delete(ctx context.Context, sha256 string, pubkey string) error {
+	ech, err := es.Store.QueryEvents(ctx, nostr.Filter{Authors: []string{pubkey}, Tags: nostr.TagMap{"x": []string{sha256}}, Kinds: []int{24242}, Limit: 1})
+	if err != nil {
+		return err
+	}
+
+	evt := <-ech
+	if evt != nil {
+		return es.Store.DeleteEvent(ctx, evt)
+	}
+
+	return nil
+}
+
+func (es EventStoreBlobIndexWrapper) parseEvent(evt *nostr.Event) BlobDescriptor {
+	hhash := evt.Tags[0][1]
+	mimetype := evt.Tags[1][1]
+	ext := getExtension(mimetype)
+	size, _ := strconv.Atoi(evt.Tags[2][1])
+
+	return BlobDescriptor{
+		Owner:    evt.PubKey,
+		Uploaded: evt.CreatedAt,
+		URL:      es.ServiceURL + "/" + hhash + ext,
+		SHA256:   hhash,
+		Type:     mimetype,
+		Size:     size,
+	}
+}
--- a/blossom/handlers.go
+++ b/blossom/handlers.go
@@ -0,0 +1,336 @@
+package blossom
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"io"
+	"mime"
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/liamg/magic"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func (bs BlossomServer) handleUploadCheck(w http.ResponseWriter, r *http.Request) {
+	auth, err := readAuthorization(r)
+	if err != nil {
+		blossomError(w, err.Error(), 400)
+		return
+	}
+	if auth == nil {
+		blossomError(w, "missing \"Authorization\" header", 400)
+		return
+	}
+	if auth.Tags.GetFirst([]string{"t", "upload"}) == nil {
+		blossomError(w, "invalid \"Authorization\" event \"t\" tag", 403)
+		return
+	}
+
+	mimetype := r.Header.Get("X-Content-Type")
+	exts, _ := mime.ExtensionsByType(mimetype)
+	var ext string
+	if len(exts) > 0 {
+		ext = exts[0]
+	}
+
+	// get the file size from the incoming header
+	size, _ := strconv.Atoi(r.Header.Get("X-Content-Length"))
+
+	for _, rb := range bs.RejectUpload {
+		reject, reason, code := rb(r.Context(), auth, size, ext)
+		if reject {
+			blossomError(w, reason, code)
+			return
+		}
+	}
+}
+
+func (bs BlossomServer) handleUpload(w http.ResponseWriter, r *http.Request) {
+	auth, err := readAuthorization(r)
+	if err != nil {
+		blossomError(w, "invalid \"Authorization\": "+err.Error(), 400)
+		return
+	}
+	if auth == nil {
+		blossomError(w, "missing \"Authorization\" header", 400)
+		return
+	}
+	if auth.Tags.GetFirst([]string{"t", "upload"}) == nil {
+		blossomError(w, "invalid \"Authorization\" event \"t\" tag", 403)
+		return
+	}
+
+	// get the file size from the incoming header
+	size, _ := strconv.Atoi(r.Header.Get("Content-Length"))
+	if size == 0 {
+		blossomError(w, "missing \"Content-Length\" header", 400)
+		return
+	}
+
+	// read first bytes of upload so we can find out the filetype
+	b := make([]byte, min(50, size), size)
+	if _, err = r.Body.Read(b); err != nil {
+		blossomError(w, "failed to read initial bytes of upload body: "+err.Error(), 400)
+		return
+	}
+	var ext string
+	if ft, _ := magic.Lookup(b); ft != nil {
+		ext = "." + ft.Extension
+	} else {
+		// if we can't find, use the filetype given by the upload header
+		mimetype := r.Header.Get("Content-Type")
+		ext = getExtension(mimetype)
+	}
+
+	// run the reject hooks
+	for _, ru := range bs.RejectUpload {
+		reject, reason, code := ru(r.Context(), auth, size, ext)
+		if reject {
+			blossomError(w, reason, code)
+			return
+		}
+	}
+
+	// if it passes then we have to read the entire thing into memory so we can compute the sha256
+	for {
+		var n int
+		n, err = r.Body.Read(b[len(b):cap(b)])
+		b = b[:len(b)+n]
+		if err != nil {
+			if err == io.EOF {
+				err = nil
+			}
+			break
+		}
+		if len(b) == cap(b) {
+			// add more capacity (let append pick how much)
+			// if Content-Length was correct we shouldn't reach this
+			b = append(b, 0)[:len(b)]
+		}
+	}
+	if err != nil {
+		blossomError(w, "failed to read upload body: "+err.Error(), 400)
+		return
+	}
+
+	hash := sha256.Sum256(b)
+	hhash := hex.EncodeToString(hash[:])
+
+	// keep track of the blob descriptor
+	bd := BlobDescriptor{
+		URL:      bs.ServiceURL + "/" + hhash + ext,
+		SHA256:   hhash,
+		Size:     len(b),
+		Type:     mime.TypeByExtension(ext),
+		Uploaded: nostr.Now(),
+	}
+	if err := bs.Store.Keep(r.Context(), bd, auth.PubKey); err != nil {
+		blossomError(w, "failed to save event: "+err.Error(), 400)
+		return
+	}
+
+	// save actual blob
+	for _, sb := range bs.StoreBlob {
+		if err := sb(r.Context(), hhash, b); err != nil {
+			blossomError(w, "failed to save: "+err.Error(), 500)
+			return
+		}
+	}
+
+	// return response
+	json.NewEncoder(w).Encode(bd)
+}
+
+func (bs BlossomServer) handleGetBlob(w http.ResponseWriter, r *http.Request) {
+	spl := strings.SplitN(r.URL.Path, ".", 2)
+	hhash := spl[0]
+	if len(hhash) != 65 {
+		blossomError(w, "invalid /<sha256>[.ext] path", 400)
+		return
+	}
+	hhash = hhash[1:]
+
+	// check for an authorization tag, if any
+	auth, err := readAuthorization(r)
+	if err != nil {
+		blossomError(w, err.Error(), 400)
+		return
+	}
+
+	// if there is one, we check if it has the extra requirements
+	if auth != nil {
+		if auth.Tags.GetFirst([]string{"t", "get"}) == nil {
+			blossomError(w, "invalid \"Authorization\" event \"t\" tag", 403)
+			return
+		}
+
+		if auth.Tags.GetFirst([]string{"x", hhash}) == nil &&
+			auth.Tags.GetFirst([]string{"server", bs.ServiceURL}) == nil {
+			blossomError(w, "invalid \"Authorization\" event \"x\" or \"server\" tag", 403)
+			return
+		}
+	}
+
+	for _, rg := range bs.RejectGet {
+		reject, reason, code := rg(r.Context(), auth, hhash)
+		if reject {
+			blossomError(w, reason, code)
+			return
+		}
+	}
+
+	var ext string
+	if len(spl) == 2 {
+		ext = "." + spl[1]
+	}
+
+	for _, lb := range bs.LoadBlob {
+		reader, _ := lb(r.Context(), hhash)
+		if reader != nil {
+			// use unix epoch as the time if we can't find the descriptor
+			// as described in the http.ServeContent documentation
+			t := time.Unix(0, 0)
+			descriptor, err := bs.Store.Get(r.Context(), hhash)
+			if err == nil && descriptor != nil {
+				t = descriptor.Uploaded.Time()
+			}
+			http.ServeContent(w, r, hhash+ext, t, reader)
+			return
+		}
+	}
+
+	blossomError(w, "file not found", 404)
+	return
+}
+
+func (bs BlossomServer) handleHasBlob(w http.ResponseWriter, r *http.Request) {
+	spl := strings.SplitN(r.URL.Path, ".", 2)
+	hhash := spl[0]
+	if len(hhash) != 65 {
+		blossomError(w, "invalid /<sha256>[.ext] path", 400)
+		return
+	}
+	hhash = hhash[1:]
+
+	bd, err := bs.Store.Get(r.Context(), hhash)
+	if err != nil {
+		blossomError(w, "failed to query: "+err.Error(), 500)
+		return
+	}
+
+	if bd == nil {
+		blossomError(w, "file not found", 404)
+		return
+	}
+
+	return
+}
+
+func (bs BlossomServer) handleList(w http.ResponseWriter, r *http.Request) {
+	// check for an authorization tag, if any
+	auth, err := readAuthorization(r)
+	if err != nil {
+		blossomError(w, err.Error(), 400)
+		return
+	}
+
+	// if there is one, we check if it has the extra requirements
+	if auth != nil {
+		if auth.Tags.GetFirst([]string{"t", "list"}) == nil {
+			blossomError(w, "invalid \"Authorization\" event \"t\" tag", 403)
+			return
+		}
+	}
+
+	pubkey := r.URL.Path[6:]
+
+	for _, rl := range bs.RejectList {
+		reject, reason, code := rl(r.Context(), auth, pubkey)
+		if reject {
+			blossomError(w, reason, code)
+			return
+		}
+	}
+
+	ch, err := bs.Store.List(r.Context(), pubkey)
+	if err != nil {
+		blossomError(w, "failed to query: "+err.Error(), 500)
+		return
+	}
+
+	w.Write([]byte{'['})
+	enc := json.NewEncoder(w)
+	first := true
+	for bd := range ch {
+		if !first {
+			w.Write([]byte{','})
+		} else {
+			first = false
+		}
+		enc.Encode(bd)
+	}
+	w.Write([]byte{']'})
+}
+
+func (bs BlossomServer) handleDelete(w http.ResponseWriter, r *http.Request) {
+	auth, err := readAuthorization(r)
+	if err != nil {
+		blossomError(w, err.Error(), 400)
+		return
+	}
+
+	if auth != nil {
+		if auth.Tags.GetFirst([]string{"t", "delete"}) == nil {
+			blossomError(w, "invalid \"Authorization\" event \"t\" tag", 403)
+			return
+		}
+	}
+
+	spl := strings.SplitN(r.URL.Path, ".", 2)
+	hhash := spl[0]
+	if len(hhash) != 65 {
+		blossomError(w, "invalid /<sha256>[.ext] path", 400)
+		return
+	}
+	hhash = hhash[1:]
+	if auth.Tags.GetFirst([]string{"x", hhash}) == nil &&
+		auth.Tags.GetFirst([]string{"server", bs.ServiceURL}) == nil {
+		blossomError(w, "invalid \"Authorization\" event \"x\" or \"server\" tag", 403)
+		return
+	}
+
+	// should we accept this delete?
+	for _, rd := range bs.RejectDelete {
+		reject, reason, code := rd(r.Context(), auth, hhash)
+		if reject {
+			blossomError(w, reason, code)
+			return
+		}
+	}
+
+	// delete the entry that links this blob to this author
+	if err := bs.Store.Delete(r.Context(), hhash, auth.PubKey); err != nil {
+		blossomError(w, "delete of blob entry failed: "+err.Error(), 500)
+		return
+	}
+
+	// we will actually only delete the file if no one else owns it
+	if bd, err := bs.Store.Get(r.Context(), hhash); err == nil && bd == nil {
+		for _, del := range bs.DeleteBlob {
+			if err := del(r.Context(), hhash); err != nil {
+				blossomError(w, "failed to delete blob: "+err.Error(), 500)
+				return
+			}
+		}
+	}
+}
+
+func (bs BlossomServer) handleMirror(w http.ResponseWriter, r *http.Request) {
+}
+
+func (bs BlossomServer) handleNegentropy(w http.ResponseWriter, r *http.Request) {
+}
--- a/blossom/server.go
+++ b/blossom/server.go
@@ -0,0 +1,70 @@
+package blossom
+
+import (
+	"context"
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/fiatjaf/khatru"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+type BlossomServer struct {
+	ServiceURL string
+	Store      BlobIndex
+
+	StoreBlob  []func(ctx context.Context, sha256 string, body []byte) error
+	LoadBlob   []func(ctx context.Context, sha256 string) (io.ReadSeeker, error)
+	DeleteBlob []func(ctx context.Context, sha256 string) error
+
+	RejectUpload []func(ctx context.Context, auth *nostr.Event, size int, ext string) (bool, string, int)
+	RejectGet    []func(ctx context.Context, auth *nostr.Event, sha256 string) (bool, string, int)
+	RejectList   []func(ctx context.Context, auth *nostr.Event, pubkey string) (bool, string, int)
+	RejectDelete []func(ctx context.Context, auth *nostr.Event, sha256 string) (bool, string, int)
+}
+
+func New(rl *khatru.Relay, serviceURL string) *BlossomServer {
+	bs := &BlossomServer{
+		ServiceURL: serviceURL,
+	}
+
+	base := rl.Router()
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		if r.URL.Path == "/upload" {
+			if r.Method == "PUT" {
+				bs.handleUpload(w, r)
+				return
+			} else if r.Method == "HEAD" {
+				bs.handleUploadCheck(w, r)
+				return
+			}
+		}
+
+		if strings.HasPrefix(r.URL.Path, "/list/") && r.Method == "GET" {
+			bs.handleList(w, r)
+			return
+		}
+
+		if len(strings.SplitN(r.URL.Path, ".", 2)[0]) == 65 {
+			if r.Method == "HEAD" {
+				bs.handleHasBlob(w, r)
+				return
+			} else if r.Method == "GET" {
+				bs.handleGetBlob(w, r)
+				return
+			} else if r.Method == "DELETE" {
+				bs.handleDelete(w, r)
+				return
+			}
+		}
+
+		base.ServeHTTP(w, r)
+	})
+
+	rl.SetRouter(mux)
+
+	return bs
+}
--- a/blossom/utils.go
+++ b/blossom/utils.go
@@ -0,0 +1,37 @@
+package blossom
+
+import (
+	"mime"
+	"net/http"
+)
+
+func blossomError(w http.ResponseWriter, msg string, code int) {
+	w.Header().Add("X-Reason", msg)
+	w.WriteHeader(code)
+}
+
+func getExtension(mimetype string) string {
+	if mimetype == "" {
+		return ""
+	}
+
+	switch mimetype {
+	case "image/jpeg":
+		return ".jpg"
+	case "image/gif":
+		return ".gif"
+	case "image/png":
+		return ".png"
+	case "image/webp":
+		return ".webp"
+	case "video/mp4":
+		return ".mp4"
+	}
+
+	exts, _ := mime.ExtensionsByType(mimetype)
+	if len(exts) > 0 {
+		return exts[0]
+	}
+
+	return ""
+}
--- a/deleting.go
+++ b/deleting.go
@@ -51,13 +51,14 @@ func (rl *Relay) handleDeleteRequest(ctx context.Context, evt *nostr.Event) erro
 				// got the event, now check if the user can delete it
 				acceptDeletion := target.PubKey == evt.PubKey
 				var msg string
-				if acceptDeletion == false {
+				if !acceptDeletion {
 					msg = "you are not the author of this event"
 				}
 				// but if we have a function to overwrite this outcome, use that instead
 				for _, odo := range rl.OverwriteDeletionOutcome {
 					acceptDeletion, msg = odo(ctx, target, evt)
 				}
+
 				if acceptDeletion {
 					// delete it
 					for _, del := range rl.DeleteEvent {
--- a/docs/cookbook/auth.md
+++ b/docs/cookbook/auth.md
@@ -60,3 +60,26 @@ relay.RejectFilter = append(relay.RejectFilter, func(ctx context.Context, filter
 	}
 })
 ```
+
+## Reacting to a successful authentication
+
+Each `khatru.WebSocket` object has an `.Authed` channel that is closed whenever that connection performs a successful authentication.
+
+You can use that to emulate a listener for these events in case you want to keep track of who is authenticating in real time and not only check it when they request for something.
+
+```go
+	relay.OnConnect = append(relay.OnConnect,
+		khatru.RequestAuth,
+		func(ctx context.Context) {
+			go func(ctx context.Context) {
+				conn := khatru.GetConnection(ctx)
+				select {
+				case <-ctx.Done():
+					fmt.Println("connection closed")
+				case <-conn.Authed:
+					fmt.Println("authenticated as", conn.AuthedPublicKey)
+				}
+			}(ctx)
+		},
+	)
+```
--- a/docs/getting-started/index.md
+++ b/docs/getting-started/index.md
@@ -63,7 +63,7 @@ We can also make use of some default policies that come bundled with Khatru:
 ```go
 import "github.com/fiatjaf/khatru" // implied

-relay.RejectEvent = append(relay.RejectEvent, policies.PreventLargeTags, policies.PreventTimestampsInThePast(time.Hour * 2), policies.PreventTimestampsInTheFuture(time.Minute * 30))
+relay.RejectEvent = append(relay.RejectEvent, policies.PreventLargeTags(120), policies.PreventTimestampsInThePast(time.Hour * 2), policies.PreventTimestampsInTheFuture(time.Minute * 30))
 ```

 There are many other ways to customize the relay behavior. Take a look at the [`Relay` struct docs](https://pkg.go.dev/github.com/fiatjaf/khatru#Relay) for more, or see the [cookbook](/cookbook/).
--- a/docs/use-cases.md
+++ b/docs/use-cases.md
@@ -10,6 +10,7 @@
 * [song](https://git.fiatjaf.com/song), a personal git server that comes with an embedded relay dedicated to dealing with [NIP-34](https://nips.nostr.com/34) git-related Nostr events
 * [relay29](https://github.com/fiatjaf/relay29), a relay that powers most of the [NIP-29](https://nips.nostr.com/29) Nostr groups ecosystem
 * [fiatjaf.com](https://fiatjaf.com), a personal website that serves the same content as HTML but also as Nostr events.
+* [gm-relay](https://github.com/ptrio42/gm-relay), a relay that only accepts GM notes once a day.

 ## Other possible use cases

--- a/examples/basic-badger/main.go
+++ b/examples/basic-badger/main.go
@@ -20,6 +20,7 @@ func main() {
 	relay.QueryEvents = append(relay.QueryEvents, db.QueryEvents)
 	relay.CountEvents = append(relay.CountEvents, db.CountEvents)
 	relay.DeleteEvent = append(relay.DeleteEvent, db.DeleteEvent)
+	relay.Negentropy = true

 	fmt.Println("running on :3334")
 	http.ListenAndServe(":3334", relay)
--- a/examples/blossom/main.go
+++ b/examples/blossom/main.go
@@ -0,0 +1,42 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/fiatjaf/eventstore/badger"
+	"github.com/fiatjaf/khatru"
+	"github.com/fiatjaf/khatru/blossom"
+)
+
+func main() {
+	relay := khatru.NewRelay()
+
+	db := &badger.BadgerBackend{Path: "/tmp/khatru-badger-blossom-tmp"}
+	if err := db.Init(); err != nil {
+		panic(err)
+	}
+
+	relay.StoreEvent = append(relay.StoreEvent, db.SaveEvent)
+	relay.QueryEvents = append(relay.QueryEvents, db.QueryEvents)
+	relay.CountEvents = append(relay.CountEvents, db.CountEvents)
+	relay.DeleteEvent = append(relay.DeleteEvent, db.DeleteEvent)
+
+	bl := blossom.New(relay, "http://localhost:3334")
+	bl.Store = blossom.EventStoreBlobIndexWrapper{Store: db, ServiceURL: bl.ServiceURL}
+	bl.StoreBlob = append(bl.StoreBlob, func(ctx context.Context, sha256 string, body []byte) error {
+		fmt.Println("storing", sha256, len(body))
+		return nil
+	})
+	bl.LoadBlob = append(bl.LoadBlob, func(ctx context.Context, sha256 string) (io.ReadSeeker, error) {
+		fmt.Println("loading", sha256)
+		blob := strings.NewReader("aaaaa")
+		return blob, nil
+	})
+
+	fmt.Println("running on :3334")
+	http.ListenAndServe(":3334", relay)
+}
--- a/examples/readme-demo/main.go
+++ b/examples/readme-demo/main.go
@@ -58,7 +58,7 @@ func main() {
 		policies.ValidateKind,

 		// define your own policies
-		policies.PreventLargeTags(80),
+		policies.PreventLargeTags(100),
 		func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
 			if event.PubKey == "fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52" {
 				return true, "we don't allow this person to write here"
--- a/get-started.go
+++ b/get-started.go
@@ -15,6 +15,10 @@ func (rl *Relay) Router() *http.ServeMux {
 	return rl.serveMux
 }

+func (rl *Relay) SetRouter(mux *http.ServeMux) {
+	rl.serveMux = mux
+}
+
 // Start creates an http server and starts listening on given host and port.
 func (rl *Relay) Start(host string, port int, started ...chan bool) error {
 	addr := net.JoinHostPort(host, strconv.Itoa(port))
@@ -53,6 +57,7 @@ func (rl *Relay) Shutdown(ctx context.Context) {
 	defer rl.clientsMutex.Unlock()
 	for ws := range rl.clients {
 		ws.conn.WriteControl(websocket.CloseMessage, nil, time.Now().Add(time.Second))
+		ws.cancel()
 		ws.conn.Close()
 	}
 	clear(rl.clients)
--- a/go.mod
+++ b/go.mod
@@ -1,28 +1,31 @@
 module github.com/fiatjaf/khatru

-go 1.23
+go 1.23.1

 require (
+	github.com/bep/debounce v1.2.1
 	github.com/fasthttp/websocket v1.5.7
-	github.com/fiatjaf/eventstore v0.5.1
-	github.com/nbd-wtf/go-nostr v0.34.5
+	github.com/fiatjaf/eventstore v0.13.0
+	github.com/liamg/magic v0.0.1
+	github.com/nbd-wtf/go-nostr v0.43.0
 	github.com/puzpuzpuz/xsync/v3 v3.4.0
-	github.com/rs/cors v1.7.0
+	github.com/rs/cors v1.11.1
 	github.com/stretchr/testify v1.9.0
 )

 require (
+	fiatjaf.com/lib v0.2.0 // indirect
 	github.com/PowerDNS/lmdb-go v1.9.2 // indirect
 	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/aquasecurity/esquery v0.2.0 // indirect
-	github.com/btcsuite/btcd/btcec/v2 v2.3.2 // indirect
-	github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/btcsuite/btcd/btcec/v2 v2.3.4 // indirect
+	github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/crypto/blake256 v1.0.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
-	github.com/dgraph-io/badger/v4 v4.2.0 // indirect
-	github.com/dgraph-io/ristretto v0.1.1 // indirect
+	github.com/decred/dcrd/crypto/blake256 v1.1.0 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
+	github.com/dgraph-io/badger/v4 v4.3.1 // indirect
+	github.com/dgraph-io/ristretto v1.0.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/elastic/elastic-transport-go/v8 v8.3.0 // indirect
 	github.com/elastic/go-elasticsearch/v7 v7.17.10 // indirect
@@ -30,31 +33,32 @@ require (
 	github.com/fatih/structs v1.1.0 // indirect
 	github.com/gobwas/httphead v0.1.0 // indirect
 	github.com/gobwas/pool v0.2.1 // indirect
-	github.com/gobwas/ws v1.3.1 // indirect
+	github.com/gobwas/ws v1.4.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/glog v1.1.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/flatbuffers v23.5.26+incompatible // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/flatbuffers v24.3.25+incompatible // indirect
 	github.com/jmoiron/sqlx v1.3.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
-	github.com/klauspost/compress v1.17.8 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.17.10 // indirect
 	github.com/lib/pq v1.10.9 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-sqlite3 v1.14.18 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee // indirect
-	github.com/tidwall/gjson v1.17.0 // indirect
+	github.com/tidwall/gjson v1.17.3 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasthttp v1.51.0 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
-	golang.org/x/net v0.18.0 // indirect
-	golang.org/x/sys v0.20.0 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect
+	golang.org/x/net v0.30.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
+	google.golang.org/protobuf v1.35.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,6 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+fiatjaf.com/lib v0.2.0 h1:TgIJESbbND6GjOgGHxF5jsO6EMjuAxIzZHPo5DXYexs=
+fiatjaf.com/lib v0.2.0/go.mod h1:Ycqq3+mJ9jAWu7XjbQI1cVr+OFgnHn79dQR5oTII47g=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/PowerDNS/lmdb-go v1.9.2 h1:Cmgerh9y3ZKBZGz1irxSShhfmFyRUh+Zdk4cZk7ZJvU=
 github.com/PowerDNS/lmdb-go v1.9.2/go.mod h1:TE0l+EZK8Z1B4dx070ZxkWTlp8RG1mjN0/+FkFRQMtU=
@@ -6,30 +8,30 @@ github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/aquasecurity/esquery v0.2.0 h1:9WWXve95TE8hbm3736WB7nS6Owl8UGDeu+0jiyE9ttA=
 github.com/aquasecurity/esquery v0.2.0/go.mod h1:VU+CIFR6C+H142HHZf9RUkp4Eedpo9UrEKeCQHWf9ao=
-github.com/btcsuite/btcd/btcec/v2 v2.3.2 h1:5n0X6hX0Zk+6omWcihdYvdAlGf2DfasC0GMf7DClJ3U=
-github.com/btcsuite/btcd/btcec/v2 v2.3.2/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2 h1:KdUfX2zKommPRa+PD0sWZUyXe9w277ABlgELO7H04IM=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
+github.com/bep/debounce v1.2.1 h1:v67fRdBA9UQu2NhLFXrSg0Brw7CexQekrBwDMM8bzeY=
+github.com/bep/debounce v1.2.1/go.mod h1:H8yggRPQKLUhUoqrJC1bO2xNya7vanpDl7xR3ISbCJ0=
+github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurTXGPFfiQ=
+github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04=
+github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0 h1:59Kx4K6lzOW5w6nFlA0v5+lk/6sjybR934QNHSJZPTQ=
+github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y=
-github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
-github.com/dgraph-io/badger/v4 v4.2.0 h1:kJrlajbXXL9DFTNuhhu9yCx7JJa4qpYWxtE8BzuWsEs=
-github.com/dgraph-io/badger/v4 v4.2.0/go.mod h1:qfCqhPoWDFJRx1gp5QwwyGo8xk1lbHUxvK9nK0OGAak=
-github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8=
-github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA=
-github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2 h1:tdlZCpZ/P9DhczCTSixgIKmwPv6+wP5DGjqLYw5SUiA=
-github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
-github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/decred/dcrd/crypto/blake256 v1.1.0 h1:zPMNGQCm0g4QTY27fOCorQW7EryeQ/U0x++OzVrdms8=
+github.com/decred/dcrd/crypto/blake256 v1.1.0/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
+github.com/dgraph-io/badger/v4 v4.3.1 h1:7r5wKqmoRpGgSxqa0S/nGdpOpvvzuREGPLSua73C8tw=
+github.com/dgraph-io/badger/v4 v4.3.1/go.mod h1:oObz97DImXpd6O/Dt8BqdKLLTDmEmarAimo72VV5whQ=
+github.com/dgraph-io/ristretto v1.0.0 h1:SYG07bONKMlFDUYu5pEu3DGAh8c2OFNzKm6G9J4Si84=
+github.com/dgraph-io/ristretto v1.0.0/go.mod h1:jTi2FiYEhQ1NsMmA7DeBykizjOuY88NhKBkepyu1jPc=
+github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y=
+github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/elastic/elastic-transport-go/v8 v8.3.0 h1:DJGxovyQLXGr62e9nDMPSxRyWION0Bh6d9eCFBriiHo=
@@ -47,8 +49,8 @@ github.com/fasthttp/websocket v1.5.7 h1:0a6o2OfeATvtGgoMKleURhLT6JqWPg7fYfWnH4KH
 github.com/fasthttp/websocket v1.5.7/go.mod h1:bC4fxSono9czeXHQUVKxsC0sNjbm7lPJR04GDFqClfU=
 github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
-github.com/fiatjaf/eventstore v0.5.1 h1:tTh+JYP0RME51VY2QB2Gvtzj6QTaZAnSVhgZtrYqY2A=
-github.com/fiatjaf/eventstore v0.5.1/go.mod h1:r5yCFmrVNT2b1xUOuMnDVS3xPGh97y8IgTcLyY2rYP8=
+github.com/fiatjaf/eventstore v0.13.0 h1:60cE/oIUdVHoE6aOayjIyubiQIhMW6jezLjdvcl29Y4=
+github.com/fiatjaf/eventstore v0.13.0/go.mod h1:XOl5B6WGBX1a0ww6s3WT94QVOmye/6zDTtyWHVtHQ5U=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
@@ -56,13 +58,11 @@ github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU
 github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
 github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og=
 github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
-github.com/gobwas/ws v1.3.1 h1:Qi34dfLMWJbiKaNbDVzM9x27nZBjmkaW6i4+Ku+pGVU=
-github.com/gobwas/ws v1.3.1/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY=
+github.com/gobwas/ws v1.4.0 h1:CTaoG1tojrh4ucGPcoJFiAQUAsEWekEWvLy7GsVNqGs=
+github.com/gobwas/ws v1.4.0/go.mod h1:G3gNqMNtPppf5XUz7O4shetPpcZ1VJ7zt18dlUeakrc=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo=
-github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -76,22 +76,19 @@ github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:W
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
-github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/google/flatbuffers v23.5.26+incompatible h1:M9dgRyhJemaM4Sw8+66GHBu8ioaQmyPLg1b8VwK5WJg=
-github.com/google/flatbuffers v23.5.26+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/flatbuffers v24.3.25+incompatible h1:CX395cjN9Kke9mmalRoL3d81AtFUxJM+yDthflgJGkI=
+github.com/google/flatbuffers v24.3.25+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/jgroeneveld/schema v1.0.0 h1:J0E10CrOkiSEsw6dfb1IfrDJD14pf6QLVJ3tRPl/syI=
 github.com/jgroeneveld/schema v1.0.0/go.mod h1:M14lv7sNMtGvo3ops1MwslaSYgDYxrSmbzWIQ0Mr5rs=
@@ -101,14 +98,18 @@ github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g=
 github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=
-github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/klauspost/compress v1.17.10 h1:oXAz+Vh0PMUvJczoi+flxpnBEPxoER1IaAnU/NMPtT0=
+github.com/klauspost/compress v1.17.10/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/liamg/magic v0.0.1 h1:Ru22ElY+sCh6RvRTWjQzKKCxsEco8hE0co8n1qe7TBM=
+github.com/liamg/magic v0.0.1/go.mod h1:yQkOmZZI52EA+SQ2xyHpVw8fNvTBruF873Y+Vt6S+fk=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
@@ -117,8 +118,12 @@ github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
 github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
-github.com/nbd-wtf/go-nostr v0.34.5 h1:vti8WqvGWbVoWAPniaz7li2TpCyC+7ZS62Gmy7ib/z0=
-github.com/nbd-wtf/go-nostr v0.34.5/go.mod h1:NZQkxl96ggbO8rvDpVjcsojJqKTPwqhP4i82O7K5DJs=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/nbd-wtf/go-nostr v0.43.0 h1:KJh/HXjKkhNCejRswHWVg8IgoAyLjw4iWxu/JDUZzqM=
+github.com/nbd-wtf/go-nostr v0.43.0/go.mod h1:8YfmT9tBuRT+4nWHuMBDh+xSIZqAdZC6QIOgQfBgWxU=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -126,21 +131,23 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/puzpuzpuz/xsync/v3 v3.4.0 h1:DuVBAdXuGFHv8adVXjWWZ63pJq+NRXOWVXlKDBZ+mJ4=
 github.com/puzpuzpuz/xsync/v3 v3.4.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
-github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
-github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rs/cors v1.11.1 h1:eU3gRzXLRK57F5rKMGMZURNdIG4EoAmX8k94r9wXWHA=
+github.com/rs/cors v1.11.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU=
 github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee h1:8Iv5m6xEo1NR1AvpV+7XmhI4r39LGNzwUL4YpMuL5vk=
 github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee/go.mod h1:qwtSXrKuJh/zsFQ12yEE89xfCrGKK63Rr7ctU/uCo4g=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
-github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/gjson v1.17.3 h1:bwWLZU7icoKRG+C+0PNwIKC6FCJO/Q3p2pZvuP0jN94=
+github.com/tidwall/gjson v1.17.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
 github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
@@ -158,8 +165,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
+golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk=
+golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
@@ -174,8 +181,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
-golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -186,10 +193,9 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -223,16 +229,15 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
+google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
+gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
--- a/handlers.go
+++ b/handlers.go
@@ -3,7 +3,6 @@ package khatru
 import (
 	"context"
 	"crypto/rand"
-	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"net/http"
@@ -11,9 +10,15 @@ import (
 	"sync"
 	"time"

+	"github.com/bep/debounce"
 	"github.com/fasthttp/websocket"
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/nbd-wtf/go-nostr/nip42"
+	"github.com/nbd-wtf/go-nostr/nip45"
+	"github.com/nbd-wtf/go-nostr/nip45/hyperloglog"
+	"github.com/nbd-wtf/go-nostr/nip77"
+	"github.com/nbd-wtf/go-nostr/nip77/negentropy"
+	"github.com/puzpuzpuz/xsync/v3"
 	"github.com/rs/cors"
 )

@@ -23,14 +28,28 @@ func (rl *Relay) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		rl.ServiceURL = getServiceBaseURL(r)
 	}

+	corsMiddleware := cors.New(cors.Options{
+		AllowedOrigins: []string{"*"},
+		AllowedMethods: []string{
+			http.MethodHead,
+			http.MethodGet,
+			http.MethodPost,
+			http.MethodPut,
+			http.MethodPatch,
+			http.MethodDelete,
+		},
+		AllowedHeaders: []string{"Authorization", "*"},
+		MaxAge:         86400,
+	})
+
 	if r.Header.Get("Upgrade") == "websocket" {
 		rl.HandleWebsocket(w, r)
 	} else if r.Header.Get("Accept") == "application/nostr+json" {
-		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP11)).ServeHTTP(w, r)
+		corsMiddleware.Handler(http.HandlerFunc(rl.HandleNIP11)).ServeHTTP(w, r)
 	} else if r.Header.Get("Content-Type") == "application/nostr+json+rpc" {
-		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP86)).ServeHTTP(w, r)
+		corsMiddleware.Handler(http.HandlerFunc(rl.HandleNIP86)).ServeHTTP(w, r)
 	} else {
-		rl.serveMux.ServeHTTP(w, r)
+		corsMiddleware.Handler(rl.serveMux).ServeHTTP(w, r)
 	}
 }

@@ -55,10 +74,12 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 	rand.Read(challenge)

 	ws := &WebSocket{
-		conn:      conn,
-		Request:   r,
-		Challenge: hex.EncodeToString(challenge),
+		conn:               conn,
+		Request:            r,
+		Challenge:          hex.EncodeToString(challenge),
+		negentropySessions: xsync.NewMapOf[string, *NegentropySession](),
 	}
+	ws.Context, ws.cancel = context.WithCancel(context.Background())

 	rl.clientsMutex.Lock()
 	rl.clients[ws] = make([]listenerSpec, 0, 2)
@@ -78,7 +99,8 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {

 		ticker.Stop()
 		cancel()
-		conn.Close()
+		ws.cancel()
+		ws.conn.Close()

 		rl.removeClientAndListeners(ws)
 	}
@@ -86,10 +108,10 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 	go func() {
 		defer kill()

-		conn.SetReadLimit(rl.MaxMessageSize)
-		conn.SetReadDeadline(time.Now().Add(rl.PongWait))
-		conn.SetPongHandler(func(string) error {
-			conn.SetReadDeadline(time.Now().Add(rl.PongWait))
+		ws.conn.SetReadLimit(rl.MaxMessageSize)
+		ws.conn.SetReadDeadline(time.Now().Add(rl.PongWait))
+		ws.conn.SetPongHandler(func(string) error {
+			ws.conn.SetReadDeadline(time.Now().Add(rl.PongWait))
 			return nil
 		})

@@ -98,7 +120,7 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 		}

 		for {
-			typ, message, err := conn.ReadMessage()
+			typ, message, err := ws.conn.ReadMessage()
 			if err != nil {
 				if websocket.IsUnexpectedCloseError(
 					err,
@@ -110,6 +132,7 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 				) {
 					rl.Log.Printf("unexpected close error from %s: %v\n", r.Header.Get("X-Forwarded-For"), err)
 				}
+				ws.cancel()
 				return
 			}

@@ -121,16 +144,20 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 			go func(message []byte) {
 				envelope := nostr.ParseMessage(message)
 				if envelope == nil {
-					// stop silently
-					return
+					if !rl.Negentropy {
+						// stop silently
+						return
+					}
+					envelope = nip77.ParseNegMessage(message)
+					if envelope == nil {
+						return
+					}
 				}

 				switch env := envelope.(type) {
 				case *nostr.EventEnvelope:
 					// check id
-					hash := sha256.Sum256(env.Event.Serialize())
-					id := hex.EncodeToString(hash[:])
-					if id != env.Event.ID {
+					if !env.Event.CheckID() {
 						ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: false, Reason: "invalid: id is computed incorrectly"})
 						return
 					}
@@ -177,6 +204,7 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 					var ok bool
 					var writeErr error
 					var skipBroadcast bool
+
 					if env.Event.Kind == 5 {
 						// this always returns "blocked: " whenever it returns an error
 						writeErr = srl.handleDeleteRequest(ctx, &env.Event)
@@ -202,20 +230,53 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 					}
 					ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: ok, Reason: reason})
 				case *nostr.CountEnvelope:
-					if rl.CountEvents == nil {
+					if rl.CountEvents == nil && rl.CountEventsHLL == nil {
 						ws.WriteJSON(nostr.ClosedEnvelope{SubscriptionID: env.SubscriptionID, Reason: "unsupported: this relay does not support NIP-45"})
 						return
 					}

 					var total int64
+					var hll *hyperloglog.HyperLogLog
+					uneligibleForHLL := false
+
 					for _, filter := range env.Filters {
 						srl := rl
 						if rl.getSubRelayFromFilter != nil {
 							srl = rl.getSubRelayFromFilter(filter)
 						}
-						total += srl.handleCountRequest(ctx, ws, filter)
+
+						if offset := nip45.HyperLogLogEventPubkeyOffsetForFilter(filter); offset != -1 && !uneligibleForHLL {
+							partial, phll := srl.handleCountRequestWithHLL(ctx, ws, filter, offset)
+							if phll != nil {
+								if hll == nil {
+									// in the first iteration (which should be the only case of the times)
+									// we optimize slightly by assigning instead of merging
+									hll = phll
+								} else {
+									hll.Merge(phll)
+								}
+							} else {
+								// if any of the filters is uneligible then we will discard previous HLL results
+								// and refuse to do HLL at all anymore for this query
+								uneligibleForHLL = true
+								hll = nil
+							}
+							total += partial
+						} else {
+							total += srl.handleCountRequest(ctx, ws, filter)
+						}
 					}
-					ws.WriteJSON(nostr.CountEnvelope{SubscriptionID: env.SubscriptionID, Count: &total})
+
+					resp := nostr.CountEnvelope{
+						SubscriptionID: env.SubscriptionID,
+						Count:          &total,
+					}
+					if hll != nil {
+						resp.HyperLogLog = hll.GetRegisters()
+					}
+
+					ws.WriteJSON(resp)
+
 				case *nostr.ReqEnvelope:
 					eose := sync.WaitGroup{}
 					eose.Add(len(env.Filters))
@@ -271,6 +332,75 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 					} else {
 						ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: false, Reason: "error: failed to authenticate"})
 					}
+				case *nip77.OpenEnvelope:
+					srl := rl
+					if rl.getSubRelayFromFilter != nil {
+						srl = rl.getSubRelayFromFilter(env.Filter)
+						if !srl.Negentropy {
+							// ignore
+							return
+						}
+					}
+					vec, err := srl.startNegentropySession(ctx, env.Filter)
+					if err != nil {
+						// fail everything if any filter is rejected
+						reason := err.Error()
+						if strings.HasPrefix(reason, "auth-required:") {
+							RequestAuth(ctx)
+						}
+						ws.WriteJSON(nip77.ErrorEnvelope{SubscriptionID: env.SubscriptionID, Reason: reason})
+						return
+					}
+
+					// reconcile to get the next message and return it
+					neg := negentropy.New(vec, 1024*1024)
+					out, err := neg.Reconcile(env.Message)
+					if err != nil {
+						ws.WriteJSON(nip77.ErrorEnvelope{SubscriptionID: env.SubscriptionID, Reason: err.Error()})
+						return
+					}
+					ws.WriteJSON(nip77.MessageEnvelope{SubscriptionID: env.SubscriptionID, Message: out})
+
+					// if the message is not empty that means we'll probably have more reconciliation sessions, so store this
+					if out != "" {
+						deb := debounce.New(time.Second * 7)
+						negSession := &NegentropySession{
+							neg: neg,
+							postponeClose: func() {
+								deb(func() {
+									ws.negentropySessions.Delete(env.SubscriptionID)
+								})
+							},
+						}
+						negSession.postponeClose()
+
+						ws.negentropySessions.Store(env.SubscriptionID, negSession)
+					}
+				case *nip77.MessageEnvelope:
+					negSession, ok := ws.negentropySessions.Load(env.SubscriptionID)
+					if !ok {
+						// bad luck, your request was destroyed
+						ws.WriteJSON(nip77.ErrorEnvelope{SubscriptionID: env.SubscriptionID, Reason: "CLOSED"})
+						return
+					}
+					// reconcile to get the next message and return it
+					out, err := negSession.neg.Reconcile(env.Message)
+					if err != nil {
+						ws.WriteJSON(nip77.ErrorEnvelope{SubscriptionID: env.SubscriptionID, Reason: err.Error()})
+						ws.negentropySessions.Delete(env.SubscriptionID)
+						return
+					}
+					ws.WriteJSON(nip77.MessageEnvelope{SubscriptionID: env.SubscriptionID, Message: out})
+
+					// if there is more reconciliation to do, postpone this
+					if out != "" {
+						negSession.postponeClose()
+					} else {
+						// otherwise we can just close it
+						ws.negentropySessions.Delete(env.SubscriptionID)
+					}
+				case *nip77.CloseEnvelope:
+					ws.negentropySessions.Delete(env.SubscriptionID)
 				}
 			}(message)
 		}
--- a/negentropy.go
+++ b/negentropy.go
@@ -0,0 +1,53 @@
+package khatru
+
+import (
+	"context"
+	"errors"
+	"fmt"
+
+	"github.com/fiatjaf/eventstore"
+	"github.com/nbd-wtf/go-nostr"
+	"github.com/nbd-wtf/go-nostr/nip77/negentropy"
+	"github.com/nbd-wtf/go-nostr/nip77/negentropy/storage/vector"
+)
+
+type NegentropySession struct {
+	neg           *negentropy.Negentropy
+	postponeClose func()
+}
+
+func (rl *Relay) startNegentropySession(ctx context.Context, filter nostr.Filter) (*vector.Vector, error) {
+	ctx = eventstore.SetNegentropy(ctx)
+
+	// do the same overwrite/reject flow we do in normal REQs
+	for _, ovw := range rl.OverwriteFilter {
+		ovw(ctx, &filter)
+	}
+	if filter.LimitZero {
+		return nil, fmt.Errorf("invalid limit 0")
+	}
+	for _, reject := range rl.RejectFilter {
+		if reject, msg := reject(ctx, filter); reject {
+			return nil, errors.New(nostr.NormalizeOKMessage(msg, "blocked"))
+		}
+	}
+
+	// fetch events and add them to a negentropy Vector store
+	vec := vector.New()
+	for _, query := range rl.QueryEvents {
+		ch, err := query(ctx, filter)
+		if err != nil {
+			continue
+		} else if ch == nil {
+			continue
+		}
+
+		for event := range ch {
+			// since the goal here is to sync databases we won't do fancy stuff like overwrite events
+			vec.Insert(event.CreatedAt, event.ID)
+		}
+	}
+	vec.Seal()
+
+	return vec, nil
+}
--- a/nip11.go
+++ b/nip11.go
@@ -11,10 +11,13 @@ func (rl *Relay) HandleNIP11(w http.ResponseWriter, r *http.Request) {
 	info := *rl.Info

 	if len(rl.DeleteEvent) > 0 {
-		info.SupportedNIPs = append(info.SupportedNIPs, 9)
+		info.AddSupportedNIP(9)
 	}
 	if len(rl.CountEvents) > 0 {
-		info.SupportedNIPs = append(info.SupportedNIPs, 45)
+		info.AddSupportedNIP(45)
+	}
+	if rl.Negentropy {
+		info.AddSupportedNIP(77)
 	}

 	for _, ovw := range rl.OverwriteRelayInformation {
--- a/nip86.go
+++ b/nip86.go
@@ -65,16 +65,22 @@ func (rl *Relay) HandleNIP86(w http.ResponseWriter, r *http.Request) {
 			resp.Error = "missing auth"
 			goto respond
 		}
-		if evtj, err := base64.StdEncoding.DecodeString(spl[1]); err != nil {
+
+		evtj, err := base64.StdEncoding.DecodeString(spl[1])
+		if err != nil {
 			resp.Error = "invalid base64 auth"
 			goto respond
-		} else if err := json.Unmarshal(evtj, &evt); err != nil {
+		}
+		if err := json.Unmarshal(evtj, &evt); err != nil {
 			resp.Error = "invalid auth event json"
 			goto respond
-		} else if ok, _ := evt.CheckSignature(); !ok {
+		}
+		if ok, _ := evt.CheckSignature(); !ok {
 			resp.Error = "invalid auth event"
 			goto respond
-		} else if uTag := evt.Tags.GetFirst([]string{"u", ""}); uTag == nil || getServiceBaseURL(r) != (*uTag)[1] {
+		}
+
+		if uTag := evt.Tags.GetFirst([]string{"u", ""}); uTag == nil || rl.ServiceURL != (*uTag)[1] {
 			resp.Error = "invalid 'u' tag"
 			goto respond
 		} else if pht := evt.Tags.GetFirst([]string{"payload", hex.EncodeToString(payloadHash[:])}); pht == nil {
--- a/policies/events.go
+++ b/policies/events.go
@@ -67,11 +67,15 @@ func PreventLargeTags(maxTagValueLen int) func(context.Context, *nostr.Event) (b

 // RestrictToSpecifiedKinds returns a function that can be used as a RejectFilter that will reject
 // any events with kinds different than the specified ones.
-func RestrictToSpecifiedKinds(kinds ...uint16) func(context.Context, *nostr.Event) (bool, string) {
+func RestrictToSpecifiedKinds(allowEphemeral bool, kinds ...uint16) func(context.Context, *nostr.Event) (bool, string) {
 	// sort the kinds in increasing order
 	slices.Sort(kinds)

 	return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
+		if allowEphemeral && nostr.IsEphemeralKind(event.Kind) {
+			return false, ""
+		}
+
 		if _, allowed := slices.BinarySearch(kinds, uint16(event.Kind)); allowed {
 			return false, ""
 		}
--- a/policies/helpers.go
+++ b/policies/helpers.go
@@ -18,13 +18,12 @@ func startRateLimitSystem[K comparable](
 	go func() {
 		for {
 			time.Sleep(interval)
-			negativeBuckets.Range(func(key K, bucket *atomic.Int32) bool {
+			for key, bucket := range negativeBuckets.Range {
 				newv := bucket.Add(int32(-tokensPerInterval))
 				if newv <= 0 {
 					negativeBuckets.Delete(key)
 				}
-				return true
-			})
+			}
 		}
 	}()

--- a/policies/ratelimits.go
+++ b/policies/ratelimits.go
@@ -13,7 +13,11 @@ func EventIPRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens
 	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)

 	return func(ctx context.Context, _ *nostr.Event) (reject bool, msg string) {
-		return rl(khatru.GetIP(ctx)), "rate-limited: slow down, please"
+		ip := khatru.GetIP(ctx)
+		if ip == "" {
+			return false, ""
+		}
+		return rl(ip), "rate-limited: slow down, please"
 	}
 }

--- a/policies/sane_defaults.go
+++ b/policies/sane_defaults.go
@@ -13,12 +13,11 @@ func ApplySaneDefaults(relay *khatru.Relay) {
 	)

 	relay.RejectFilter = append(relay.RejectFilter,
-		NoEmptyFilters,
 		NoComplexFilters,
 		FilterIPRateLimiter(20, time.Minute, 100),
 	)

 	relay.RejectConnection = append(relay.RejectConnection,
-		ConnectionRateLimiter(1, time.Minute*5, 3),
+		ConnectionRateLimiter(1, time.Minute*5, 10),
 	)
 }
--- a/relay.go
+++ b/relay.go
@@ -11,6 +11,7 @@ import (
 	"github.com/fasthttp/websocket"
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/nbd-wtf/go-nostr/nip11"
+	"github.com/nbd-wtf/go-nostr/nip45/hyperloglog"
 )

 func NewRelay() *Relay {
@@ -46,7 +47,7 @@ func NewRelay() *Relay {
 type Relay struct {
 	ServiceURL string

-	// these structs keeps track of all the things that can be customized when handling events or requests
+	// hooks that will be called at various times
 	RejectEvent               []func(ctx context.Context, event *nostr.Event) (reject bool, msg string)
 	OverwriteDeletionOutcome  []func(ctx context.Context, target *nostr.Event, deletion *nostr.Event) (acceptDeletion bool, msg string)
 	StoreEvent                []func(ctx context.Context, event *nostr.Event) error
@@ -56,9 +57,9 @@ type Relay struct {
 	RejectFilter              []func(ctx context.Context, filter nostr.Filter) (reject bool, msg string)
 	RejectCountFilter         []func(ctx context.Context, filter nostr.Filter) (reject bool, msg string)
 	OverwriteFilter           []func(ctx context.Context, filter *nostr.Filter)
-	OverwriteCountFilter      []func(ctx context.Context, filter *nostr.Filter)
 	QueryEvents               []func(ctx context.Context, filter nostr.Filter) (chan *nostr.Event, error)
 	CountEvents               []func(ctx context.Context, filter nostr.Filter) (int64, error)
+	CountEventsHLL            []func(ctx context.Context, filter nostr.Filter, offset int) (int64, *hyperloglog.HyperLogLog, error)
 	RejectConnection          []func(r *http.Request) bool
 	OnConnect                 []func(ctx context.Context)
 	OnDisconnect              []func(ctx context.Context)
@@ -90,6 +91,9 @@ type Relay struct {
 	listeners    []listener
 	clientsMutex sync.Mutex

+	// set this to true to support negentropy
+	Negentropy bool
+
 	// in case you call Server.Start
 	Addr       string
 	serveMux   *http.ServeMux
--- a/responding.go
+++ b/responding.go
@@ -6,6 +6,7 @@ import (
 	"sync"

 	"github.com/nbd-wtf/go-nostr"
+	"github.com/nbd-wtf/go-nostr/nip45/hyperloglog"
 )

 func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGroup, ws *WebSocket, filter nostr.Filter) error {
@@ -61,12 +62,7 @@ func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGr
 }

 func (rl *Relay) handleCountRequest(ctx context.Context, ws *WebSocket, filter nostr.Filter) int64 {
-	// overwrite the filter (for example, to eliminate some kinds or tags that we know we don't support)
-	for _, ovw := range rl.OverwriteCountFilter {
-		ovw(ctx, &filter)
-	}
-
-	// then check if we'll reject this filter
+	// check if we'll reject this filter
 	for _, reject := range rl.RejectCountFilter {
 		if rejecting, msg := reject(ctx, filter); rejecting {
 			ws.WriteJSON(nostr.NoticeEnvelope(msg))
@@ -86,3 +82,38 @@ func (rl *Relay) handleCountRequest(ctx context.Context, ws *WebSocket, filter n

 	return subtotal
 }
+
+func (rl *Relay) handleCountRequestWithHLL(
+	ctx context.Context,
+	ws *WebSocket,
+	filter nostr.Filter,
+	offset int,
+) (int64, *hyperloglog.HyperLogLog) {
+	// check if we'll reject this filter
+	for _, reject := range rl.RejectCountFilter {
+		if rejecting, msg := reject(ctx, filter); rejecting {
+			ws.WriteJSON(nostr.NoticeEnvelope(msg))
+			return 0, nil
+		}
+	}
+
+	// run the functions to count (generally it will be just one)
+	var subtotal int64 = 0
+	var hll *hyperloglog.HyperLogLog
+	for _, countHLL := range rl.CountEventsHLL {
+		res, fhll, err := countHLL(ctx, filter, offset)
+		if err != nil {
+			ws.WriteJSON(nostr.NoticeEnvelope(err.Error()))
+		}
+		subtotal += res
+		if fhll != nil {
+			if hll == nil {
+				hll = fhll
+			} else {
+				hll.Merge(fhll)
+			}
+		}
+	}
+
+	return subtotal, hll
+}
--- a/utils.go
+++ b/utils.go
@@ -41,7 +41,12 @@ func GetAuthed(ctx context.Context) string {
 }

 func GetIP(ctx context.Context) string {
-	return GetIPFromRequest(GetConnection(ctx).Request)
+	conn := GetConnection(ctx)
+	if conn == nil {
+		return ""
+	}
+
+	return GetIPFromRequest(conn.Request)
 }

 func GetSubscriptionID(ctx context.Context) string {
--- a/websocket.go
+++ b/websocket.go
@@ -1,10 +1,12 @@
 package khatru

 import (
+	"context"
 	"net/http"
 	"sync"

 	"github.com/fasthttp/websocket"
+	"github.com/puzpuzpuz/xsync/v3"
 )

 type WebSocket struct {
@@ -14,11 +16,18 @@ type WebSocket struct {
 	// original request
 	Request *http.Request

+	// this Context will be canceled whenever the connection is closed from the client side or server-side.
+	Context context.Context
+	cancel  context.CancelFunc
+
 	// nip42
 	Challenge       string
 	AuthedPublicKey string
 	Authed          chan struct{}

+	// nip77
+	negentropySessions *xsync.MapOf[string, *NegentropySession]
+
 	authLock sync.Mutex
 }
Author	SHA1	Message	Date
fiatjaf	6275f52134	support hyperloglog handlers on COUNT.	2024-12-07 00:26:22 -03:00
fiatjaf	5b88b9b087	small tweaks to nip86 authorization flow and use rl.ServiceURL.	2024-11-25 14:11:27 -03:00
Your Name	1b4d81dde4	corrects malformed json in blossom list	2024-11-22 10:03:50 -03:00
Anthony Accioly	7bfdbb557c	fix(blossom): use io.ReadSeeker in Blossom example This should fix the failing pipeline test	2024-11-22 07:54:57 -03:00
girino	3f26a1f727	Change API of LoadBlob to return io.ReadSeeker instead of io.Reader and use ServeContent to serve blob content (#19 ) * first test with http.ServeContent * added debug to help me here * removed debug messages * changed LoadBlob to requisre io.ReadSeeker --------- Co-authored-by: Your Name <you@example.com>	2024-11-21 11:58:12 -03:00
fiatjaf_	76ecf4f791	Merge pull request #17 from aaccioly-open-source/feature/bud01-cors-support Optimised CORS Headers + Small fixes	2024-11-05 22:59:18 -03:00
Anthony Accioly	1498da09c8	refactor(blossom): remove setCors function	2024-11-05 19:04:41 +00:00
Anthony Accioly	3d4dd71510	refactor(blossom): undo enhanced routing	2024-11-05 18:55:47 +00:00
Anthony Accioly	582a74c000	refactor: apply CORS rules on relay	2024-11-05 18:37:12 +00:00
Anthony Accioly	bbcf948dd6	fix(blossom): forward requests to base relay	2024-11-05 17:56:56 +00:00
Anthony Accioly	553d848362	fix(policies): update check for ephemeral kinds The Event.IsEphemeral method has been removed from go-nostr	2024-11-05 17:32:56 +00:00
Anthony Accioly	2a80d4099d	perf(blossom): set Access-Control-Max-Age to 24 h	2024-11-05 16:56:59 +00:00
Anthony Accioly	ad6635d86c	refactor(blossom): use Go 1.22 enhanced routing	2024-11-05 16:48:21 +00:00
Anthony Accioly	c93441cd63	feat(blossom): use rs/cors to handle BUD-01 CORS	2024-11-04 17:18:37 +00:00
Anthony Accioly	dc34dd7e90	build(deps): bump rs/cors version to v1.11.1	2024-11-04 14:02:18 +00:00
Anthony Accioly	a004f59187	fix(blossom): Example returns io.Reader	2024-11-04 13:56:13 +00:00
fiatjaf	a931a83370	fix negentropy by making special provisions for bypassing query limits.	2024-11-03 16:57:18 -03:00
Anthony Accioly	1c15db2ca1	fix(blossom): CORS headers required by noStrudel	2024-10-31 07:50:34 -03:00
fiatjaf	b617fea679	blossom: again a bunch of fixes. require Authorization on /upload again always.	2024-10-29 16:32:53 -03:00
fiatjaf	1d7bdccb3a	blossom: fixes and updates from trying to use it.	2024-10-29 09:01:19 -03:00
fiatjaf	92d1a5b671	blossom: implement bud06 (upload requirements).	2024-10-29 09:01:16 -03:00
fiatjaf	7f878121fc	blossom: return code from Reject* functions because HTTP is stupid.	2024-10-29 09:01:13 -03:00
fiatjaf	a893dc2d2c	blossom: store as a standalone interface (and an eventstore wrapper).	2024-10-29 09:01:04 -03:00
fiatjaf	91e7737ec1	basic modular blossom support.	2024-10-27 17:20:10 -03:00
fiatjaf	1dc12e5d2e	support negentropy.	2024-10-26 23:41:39 -03:00
fiatjaf	f3b18619c7	update eventstore just so badger and ristretto are the same everywhere, who knows what the package manager will do.	2024-10-23 23:17:50 -03:00
fiatjaf	902e882d97	policies: RestrictToSpecifiedKinds() to allow ephemeral.	2024-10-22 13:32:24 -03:00
fiatjaf	8f62b2fbbe	policies.PreventLargeTags() example was too strict for "a" tags.	2024-10-21 08:53:37 -03:00
fiatjaf	d4334ac2bb	revert "a function to send an event directly to a specific connection." this reverts commit `e9c9d0c3a7` because it is not a good idea and probably useless.	2024-10-16 15:07:55 -03:00
fiatjaf	9069341657	a context that is canceled whenever a websocket is dropped.	2024-10-16 15:06:47 -03:00
fiatjaf	9137eb02b0	cookbook: reacting to auth events.	2024-10-14 12:20:46 -03:00
fiatjaf	e9c9d0c3a7	a function to send an event directly to a specific connection.	2024-10-13 12:42:36 -03:00
fiatjaf	39d882857c	fix missing ! in CheckID()	2024-09-25 14:34:04 -03:00
ptrio42 aka pitiunited	6e04cca511	Update use-cases.md	2024-09-25 08:01:35 -03:00
fiatjaf	cc891d06ed	update go-nostr and make checkid faster.	2024-09-24 19:04:18 -03:00
fiatjaf	08be77b914	empty filters are not insane.	2024-09-24 19:01:57 -03:00
fiatjaf	e25400a61a	actually we don't need all that fluff.	2024-09-16 17:39:54 -03:00
fiatjaf	635e91f360	policies: shoehorn an iterator in a xsync map Range().	2024-09-16 15:59:08 -03:00
kehiy	eb92c2aac5	make check id more simple.	2024-09-14 10:21:47 -03:00
fiatjaf	18fc0dc1dd	ensure AddEvent contexts get cleaned so store queries aren't left half-read. similar to `1196fabb86`	2024-09-12 22:33:57 -03:00
fiatjaf	6d827ac89a	return blank IP and do not rate-limit when calling AddEvent().	2024-09-11 23:02:01 -03:00
fiatjaf	b8bb58f77c	sane defaults: increase initial connections limit burst.	2024-09-11 08:00:39 -03:00
fiatjaf	79eaedcffe	remove useless boolean comparison.	2024-09-05 14:38:59 -03:00