feat: add event kind allowlist

2024-11-21 16:59:06 -05:00 · 2023-02-25 10:20:53 -06:00 · 2023-02-25 10:20:53 -06:00 · 5414629298
commit 5414629298
parent 2be75e18fb
3 changed files with 27 additions and 1 deletions
--- a/config.toml
+++ b/config.toml
@ -132,6 +132,11 @@ reject_future_seconds = 1800
 #    70202,
 #]

+# Event kind allowlist. Events other than these kinds will be discarded.
+#event_kind_allowlist = [
+#    70202,
+#]
+
 [authorization]
 # Pubkey addresses in this array are whitelisted for event publishing.
 # Only valid events by these authors will be accepted, if the variable
--- a/src/config.rs
+++ b/src/config.rs
@ -69,7 +69,8 @@ pub struct Limits {
    pub max_ws_frame_bytes: Option<usize>,
    pub broadcast_buffer: usize, // events to buffer for subscribers (prevents slow readers from consuming memory)
    pub event_persist_buffer: usize, // events to buffer for database commits (block senders if database writes are too slow)
-    pub event_kind_blacklist: Option<Vec<u64>>
+    pub event_kind_blacklist: Option<Vec<u64>>,
+    pub event_kind_allowlist: Option<Vec<u64>>
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -250,6 +251,7 @@ impl Default for Settings {
                broadcast_buffer: 16384,
                event_persist_buffer: 4096,
                event_kind_blacklist: None,
+                event_kind_allowlist: None,
            },
            authorization: Authorization {
                pubkey_whitelist: None, // Allow any address to publish
--- a/src/db.rs
+++ b/src/db.rs
@ -174,6 +174,25 @@ pub async fn db_writer(
            }
        }

+        // Check that event kind isn't allowlisted
+        let kinds_allowlist = &settings.limits.event_kind_allowlist.clone();
+        if let Some(event_kind_allowlist) = kinds_allowlist {
+            if !event_kind_allowlist.contains(&event.kind) {
+                debug!(
+                    "rejecting event: {}, allowlist kind: {}",
+                    &event.get_event_id_prefix(),
+                    &event.kind
+                );
+                notice_tx
+                    .try_send(Notice::blocked(
+                        event.id,
+                        "event kind is blocked by relay"
+                    ))
+                    .ok();
+                continue;
+            }
+        }
+
        // send any metadata events to the NIP-05 verifier
        if nip05_active && event.is_kind_metadata() {
            // we are sending this prior to even deciding if we