chore: enforce eventID and pubkey pow limits

2025-03-29 11:12:20 +01:00 · 2022-09-22 13:23:38 +00:00 · 2022-09-22 13:23:38 +00:00 · 28a7b9f964
commit 28a7b9f964
parent dd6850f3b2
4 changed files with 51 additions and 3 deletions
--- a/src/handlers/event-message-handler.ts
+++ b/src/handlers/event-message-handler.ts
@ -1,6 +1,6 @@
 import { EventDelegatorMetadataKey, EventTags } from '../constants/base'
+import { getEventProofOfWork, getPubkeyProofOfWork, isDelegatedEvent, isDelegatedEventValid, isEventIdValid, isEventSignatureValid } from '../utils/event'
 import { IEventStrategy, IMessageHandler } from '../@types/message-handlers'
-import { isDelegatedEvent, isDelegatedEventValid, isEventIdValid, isEventSignatureValid } from '../utils/event'
 import { Event } from '../@types/event'
 import { Factory } from '../@types/base'
 import { IncomingEventMessage } from '../@types/messages'
@ -67,5 +67,17 @@ export class EventMessageHandler implements IMessageHandler {
        return `created_at is more than ${limits.createdAt.maxNegativeDelta} seconds in the past`
      }
    }
+
+    if (limits.eventId.minLeadingZeroBits > 0) {
+      if (getEventProofOfWork(event) < limits.eventId.minLeadingZeroBits) {
+        return `insufficient proof of work: eventId has less than ${limits.eventId.minLeadingZeroBits} leading zero bits`
+      }
+    }
+
+    if (limits.pubkey.minLeadingZeroBits > 0) {
+      if (getPubkeyProofOfWork(event.pubkey) < limits.pubkey.minLeadingZeroBits) {
+        return `insufficient proof of work: pubkey has less than ${limits.pubkey.minLeadingZeroBits} leading zero bits`
+      }
+    }
  }
 }
--- a/src/utils/event.ts
+++ b/src/utils/event.ts
@ -4,7 +4,9 @@ import { applySpec, converge, curry, mergeLeft, nth, omit, pipe, prop, reduceBy
 import { CanonicalEvent, Event } from '../@types/event'
 import { EventKinds, EventTags } from '../constants/base'
 import { fromBuffer } from './transform'
+import { getLeadingZeroBits } from './proof-of-work'
 import { isGenericTagQuery } from './filter'
+import { Pubkey } from '../@types/base'
 import { RuneLike } from './runes/rune-like'
 import { SubscriptionFilter } from '../@types/subscription'

@ -135,7 +137,7 @@ export const isDelegatedEventValid = async (event: Event): Promise<boolean> => {

  if (!result) {
    return false
-  }  
+  }

  const serializedDelegationTag = `nostr:${delegation[0]}:${event.pubkey}:${delegation[2]}`

@ -175,3 +177,11 @@ export const isEphemeralEvent = (event: Event): boolean => {
 export const isDeleteEvent = (event: Event): boolean => {
  return event.kind === EventKinds.DELETE
 }
+
+export const getEventProofOfWork = (event: Event): number => {
+  return getLeadingZeroBits(Buffer.from(event.id, 'hex'))
+}
+
+export const getPubkeyProofOfWork = (pubkey: Pubkey): number => {
+  return getLeadingZeroBits(Buffer.from(pubkey, 'hex'))
+}
--- a/src/utils/proof-of-work.ts
+++ b/src/utils/proof-of-work.ts
@ -0,0 +1,26 @@
+export function getLeadingZeroBits(hash: Buffer) {
+  let total: number, i: number, bits: number
+
+  for (i = 0, total = 0; i < hash.length; i++) {
+    bits = msb(hash[i])
+    total += bits
+    if (bits != 8) {
+      break
+    }
+  }
+  return total
+}
+
+function msb(b: number) {
+  let n = 0
+
+	if (b == 0) {
+		return 8
+  }
+
+	while (b >>= 1) {
+		n++
+  }
+
+	return 7 - n
+}
--- a/src/utils/settings.ts
+++ b/src/utils/settings.ts
@ -38,7 +38,7 @@ const getDefaultSettings = (): ISettings => ({
      },
      createdAt: {
        maxPositiveDelta: 900, // +15 min
-        maxNegativeDelta: 31536000, // -1 year
+        maxNegativeDelta: 0, // disabled
      },
    },
    client: {