nostr/nips
1
0
Fork 0
mirror of https://github.com/nostr-protocol/nips.git synced 2024-09-19 14:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add context for limiting before timestamp

Browse Source
This commit is contained in:
Seth For Privacy 2023-06-09 11:19:23 -04:00 committed by fiatjaf_
parent d435ffc39c
commit 3e03b4b67f
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
26.md
View File

@ -52,7 +52,9 @@ For example, the following condition strings are valid:
- `kind=0&kind=1&created_at>1675721813`
- `kind=1&created_at>1674777689&created_at<1675721813`
For the vast majority of use-cases, it is advisable that query strings should include a `created_at` ***after*** condition reflecting the current time, to prevent the delegatee from publishing historic notes on the delegator's behalf.
For the vast majority of use-cases, it is advisable that:
1. Query strings should include a `created_at` ***after*** condition reflecting the current time, to prevent the delegatee from publishing historic notes on the delegator's behalf.
2. Query strings should include a `created_at` ***before*** condition that is not empty and is not some extremely distant time in the future. If delegations are not limited in time scope, they expose similar security risks to simply using the root key for authentication.
#### Example
@ -105,4 +107,4 @@ Clients should display the delegated note as if it was published directly by the
Relays should answer requests such as `["REQ", "", {"authors": ["A"]}]` by querying both the `pubkey` and delegation tags `[1]` value.
Relays SHOULD allow the delegator (8e0d3d3e) to delete the events published by the delegatee (477318cf).
Relays SHOULD allow the delegator (8e0d3d3e) to delete the events published by the delegatee (477318cf).