diff --git a/21.md b/21.md index abfedcf..426c630 100644 --- a/21.md +++ b/21.md @@ -6,15 +6,15 @@ Non-public encrypted messages `draft` `optional` `author:fiatjaf` -This NIP defines a method for relays to verify the identity of the client that is requesting ["encrypted directed messages"](04.md) messages and only allow these clients to see messages authored by them or targeted to them. +This NIP defines a method for relays to verify the identity of the client that is requesting ["encrypted directed messages"](04.md) and only allow these clients to see messages authored by them or intended for them. -When connecting to relays that support this NIP, clients SHOULD send a an event of kind `20001`, meaning "client identification", with the content set to `"client identification for "`. +When connecting to relays that support this NIP, clients SHOULD send an event of kind `20001`, meaning "client identification", with the content set to `"client identification for "`. The relay MUST then use the event to verify the identity of the client and discard it afterwards. In the verification process the relay MUST check: 1. if event signature is valid; 2. if the content phrase matches the canonical phrase with the actual relay hostname in it; - 3. if the event timestamp is not too far from the relay current timestamp. + 3. if the event timestamp is not too far from the relay's current timestamp. If all is well, then the relay can use the identified pubkey to validate further requests for kind-4 events and only return kind-4 events that were either authored by the identified pubkey (`"pubkey": ...`) or are addressed to the identified pubkey (`"tags": ["p", ...]`). @@ -23,7 +23,7 @@ If all is well, then the relay can use the identified pubkey to validate further 1. Client connects to `wss://chat.relay.nostr.com/` 2. Client sends `["EVENT", {"id": "...", "pubkey": "aeae...", "sig": "...", "kind": 20001, "tags": [], "created_at": 1609470000, "content": "client identification for chat.relay.nostr.com"}]` 3. Client sends `["REQ", "my-dms", {"kinds": [4], "#p": ["aeae..."]}, {"kinds": [4],"authors": ["aeae"]}]` -5. Relay sends `["EVENT", "my-dms", {"id": "...", "pubkey": "aeae", "kind": 4, "content": "", "sig": "...", "tags": ["p", "786b..."]}]` +5. Relay sends `["EVENT", "my-dms", {"id": "...", "pubkey": "aeae...", "kind": 4, "content": "", "sig": "...", "tags": ["p", "786b..."]}]` 5. Relay sends `["EVENT", "my-dms", {"id": "...", "pubkey": "786b...", "kind": 4, "content": "", "sig": "...", "tags": ["p", "aeae..."]}]` Ids and signatures omitted and pubkeys shortened for readability.