From 5414629298fa1fb768d2a0190a06560cc9ab99b0 Mon Sep 17 00:00:00 2001
From: Mike White <mike.white@auctane.com>
Date: Sat, 25 Feb 2023 10:20:53 -0600
Subject: [PATCH] feat: add event kind allowlist

---
 config.toml   |  5 +++++
 src/config.rs |  4 +++-
 src/db.rs     | 19 +++++++++++++++++++
 3 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/config.toml b/config.toml
index c0237f6..a22809e 100644
--- a/config.toml
+++ b/config.toml
@@ -132,6 +132,11 @@ reject_future_seconds = 1800
 #    70202,
 #]
 
+# Event kind allowlist. Events other than these kinds will be discarded.
+#event_kind_allowlist = [
+#    70202,
+#]
+
 [authorization]
 # Pubkey addresses in this array are whitelisted for event publishing.
 # Only valid events by these authors will be accepted, if the variable
diff --git a/src/config.rs b/src/config.rs
index 784723b..8aa0667 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -69,7 +69,8 @@ pub struct Limits {
     pub max_ws_frame_bytes: Option<usize>,
     pub broadcast_buffer: usize, // events to buffer for subscribers (prevents slow readers from consuming memory)
     pub event_persist_buffer: usize, // events to buffer for database commits (block senders if database writes are too slow)
-    pub event_kind_blacklist: Option<Vec<u64>>
+    pub event_kind_blacklist: Option<Vec<u64>>,
+    pub event_kind_allowlist: Option<Vec<u64>>
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -250,6 +251,7 @@ impl Default for Settings {
                 broadcast_buffer: 16384,
                 event_persist_buffer: 4096,
                 event_kind_blacklist: None,
+                event_kind_allowlist: None,
             },
             authorization: Authorization {
                 pubkey_whitelist: None, // Allow any address to publish
diff --git a/src/db.rs b/src/db.rs
index e0121d5..d24f31c 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -174,6 +174,25 @@ pub async fn db_writer(
             }
         }
 
+        // Check that event kind isn't allowlisted
+        let kinds_allowlist = &settings.limits.event_kind_allowlist.clone();
+        if let Some(event_kind_allowlist) = kinds_allowlist {
+            if !event_kind_allowlist.contains(&event.kind) {
+                debug!(
+                    "rejecting event: {}, allowlist kind: {}",
+                    &event.get_event_id_prefix(),
+                    &event.kind
+                );
+                notice_tx
+                    .try_send(Notice::blocked(
+                        event.id,
+                        "event kind is blocked by relay"
+                    ))
+                    .ok();
+                continue;
+            }
+        }
+
         // send any metadata events to the NIP-05 verifier
         if nip05_active && event.is_kind_metadata() {
             // we are sending this prior to even deciding if we