Commit Graph

210 Commits

Author SHA1 Message Date
Greg Heartsfield
234a8ba0ac feat: limit event publishing to NIP-05 verified users
This adds a new configurable feature to restrict event publishing to
only users with NIP-05 verified metadata.  Domains can be whitelisted
or blacklisted.  Verification expiration and schedules are
configurable.

This upgrades the database to add a table for tracking verification
records.
2022-02-12 09:29:25 -06:00
Greg Heartsfield
4cc313fa2d fix: cleanup database connections with same name
When a large number of subscriptions is created with identical names,
we do not send a signal over the abandon-read channel.  This
eventually leads to resource exhaustion.
2022-01-30 15:14:02 -06:00
Greg Heartsfield
6502f7dcd7 fix: do not panic when validating events with malformed pubkeys 2022-01-29 13:19:34 -06:00
Greg Heartsfield
98c6fa6f39 feat: allow whitelisting of pubkeys for new events
This adds a configuration option, `authorization.pubkey_whitelist`
which is an array of pubkeys that are allowed to publish events on
this relay.
2022-01-26 21:39:03 -06:00
Greg Heartsfield
ee0de6f875 improvement: clearer and less verbose database logging 2022-01-25 21:42:43 -06:00
Greg Heartsfield
a72eaec3b8 fix: never display hidden events 2022-01-25 20:48:46 -06:00
Greg Heartsfield
f1206e76f2 feat: database reader connection pooling
Added connection pooling for queries, as well as basic configuration
options for min/max connections.
2022-01-25 20:39:24 -06:00
Greg Heartsfield
af453548ee feat: allow author and event id prefix search
This is an experimental non-NIP feature that allows a subscription
filter to include a prefix for authors and events.
2022-01-25 18:23:08 -06:00
Greg Heartsfield
2d28a95ff7 feat: allow arbitrary tag queries
This is an experimental feature, outside of any NIP, that demonstrates
generic tag queries.

Instead of limiting subscription filters to just querying only "e" or
"p" tags (via `#e` or `#p` attributes), any tag can be queried.

As an example, consider an event which uses a tag "url".  With this
modification, a subscription filter could add a top-level field
"#url", with an array of strings as the key.  Exact matches would be
returned.

A NIP is forthcoming to formalize this.
2022-01-22 21:29:15 -06:00
Raj
179928378e
refactor: add strictly typed tags
* Add custom error variant

This can be useful to propagate errors not conforming to available
variants. Also to convert other errors in `crate::Error` without having
explicit conversion defined, with `error.to_string()`

* Implement `Tag` and define protocol serialization

A Tag structure have been implemented with dedicated field types. Then
custom serde serialization is derived to map the structure to current
protocol json array as per NIP01.

This adds compile and run time type checking to always ensure wrong
string data are never stored or processed. With strict typed fields and
custom serde derivation this checks can be done at time of serialization,
saving work for internal handling of the actual data.

tests for possible data violations are added, and gives good example of
kind of errors it will through for different cases.

* Use String for URL
2022-01-19 07:42:58 -06:00
Greg Heartsfield
81e4e2b892 feat: add supported NIPs (2, 11) to relay info 2022-01-16 08:37:21 -06:00
Greg Heartsfield
6f166433b5 fix: test failures 2022-01-16 08:36:52 -06:00
Greg Heartsfield
030b64de62 feat: replace email with contact field in relay info.
This finalizes the NIP-11 spec implementation.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/21.
2022-01-16 08:34:19 -06:00
Greg Heartsfield
a3124ccea4 improvement: better sql error handling 2022-01-15 09:42:53 -06:00
Greg Heartsfield
4e51e61d16 improvement: display rate limit messages max once per sec 2022-01-15 09:42:17 -06:00
Raj
5c8390bbe0
fix: fix some test failures 2022-01-14 14:27:12 -06:00
Greg Heartsfield
da7968efef fix: restore working websocket message size configuration options 2022-01-05 17:41:12 -05:00
Greg Heartsfield
7037555516 improvement: add indexed tag queries 2022-01-05 17:33:53 -05:00
Greg Heartsfield
19ed990c57 refactor: fix clippy errors for relay info response 2022-01-05 10:10:44 -05:00
Greg Heartsfield
2924da88bc feat: incorporated improvements from NIP-11 discussion
Change descr to description.  Add `id` for websocket URL.  Use
integers for supported NIPs instead of strings.  Top-level is object,
instead of the array before.
2022-01-03 22:03:30 -05:00
Greg Heartsfield
d3da4eb009 feat: implementation of proposed NIP-11 (server metadata) 2022-01-03 18:42:24 -05:00
Greg Heartsfield
afc9a0096a improvement: logging failed queries and timing 2022-01-01 19:25:09 -06:00
Greg Heartsfield
6673fcfd11 feat: implement multi-valued filter searching
NIP-01 now uses arrays instead of scalars.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/17
2022-01-01 18:38:52 -06:00
Greg Heartsfield
1aa5a5458d improvement: event signature validation is 100x faster
Switched to latest (git) release of secp256k1, which has more
efficient verification-only context for Schnorr.  Switched to single
pre-instantiated instance of the verifier.
2022-01-01 09:08:19 -06:00
Greg Heartsfield
620e227699 fix: connection issues with Firefox
This adds Hyper, and a 200 response code.  Prior to this, Firefox
would fail to connect.  There is also a text document displayed at the
root URL to indicate this is a Nostr relay.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/15
2022-01-01 08:11:20 -06:00
Greg Heartsfield
5ad383f257 fix: incorrect logic on empty filters for hidden events 2021-12-31 16:34:10 -06:00
Greg Heartsfield
4171a8870e feat: reject events that are too large
A new configuration setting controls the maximum size of event
messages, and sends a notice to the client if they exceed it.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/14
2021-12-31 15:19:35 -06:00
Greg Heartsfield
415d32299b fix: docker run references the correct database file 2021-12-31 14:05:11 -06:00
Greg Heartsfield
5a19a8876f feat: allow database directory configuration
Adds configuration options for database directory, either on command
line through (--db dir-name) or the config.toml file.

Fixes: https://todo.sr.ht/~gheartsfield/nostr-rs-relay/13
2021-12-31 11:51:57 -06:00
Greg Heartsfield
20ee5a054c feat: rate limit event creation
A configuration option, `messages_per_sec`, imposes a global limit on
the rate for which new events can be stored.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/6
2021-12-30 21:07:21 -06:00
Greg Heartsfield
c60519de23 feat: hide older contact update events
Type 3 (NIP-02) contact lists are hidden when newer ones are submitted
for the same author.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/4
2021-12-30 15:45:03 -06:00
Greg Heartsfield
d72e7a57b6 feat: hide older metadata update events
This updates the database schema to support hiding events.  In this
case, we are hiding older metadata updates when an author provides an
updated event.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/11
2021-12-30 13:55:05 -06:00
Greg Heartsfield
6447ddd974 fix: compile error with missing import 2021-12-30 10:00:34 -06:00
Greg Heartsfield
079722ddd9 improvement: reduce logging level for rejected events 2021-12-30 06:35:36 -06:00
Greg Heartsfield
3302fb2e81 refactor: clippy suggestions 2021-12-29 22:49:46 -06:00
Greg Heartsfield
f415295184 feat: reject future-dated events
If configured, reject events than are more than N seconds in the
future.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/5
2021-12-29 22:47:31 -06:00
Greg Heartsfield
d730bf0c59 feat: add configuration through file
A file named `config.toml` can now be used to load the address, port,
and some websocket configuration settings.

Fixes https://todo.sr.ht/~gheartsfield/nostr-rs-relay/3
2021-12-29 22:13:02 -06:00
Greg Heartsfield
100f890284 feat: add until for request filters
This implements an additional filter criteria for selecting events
prior to some timestamp.

See https://github.com/fiatjaf/nostr/issues/39x
2021-12-23 21:38:32 -06:00
Greg Heartsfield
0e288fe678 feat: send messages in order of oldest to newest 2021-12-23 21:36:46 -06:00
Greg Heartsfield
bfc804e18c feat: debug protocol messages 2021-12-23 21:30:04 -06:00
Greg Heartsfield
55bb6bd440 feat: add resource limits for websocket messages 2021-12-19 16:26:32 -06:00
Greg Heartsfield
7933abaa48 fix: allow unknown fields, like author 2021-12-19 16:18:03 -06:00
Greg Heartsfield
5b6a20dfa6 feat: remove author from subscriptions (NIP-01 Spec)
The `authors` field is sufficient to represent all queries that
`author` could have been used in.  See
https://github.com/fiatjaf/nostr/issues/34 for the discussion leading
to this removal.
2021-12-16 18:53:53 -06:00
Greg Heartsfield
49598b2c9e fix: subscription event filtering bugs
Subscriptions properly filter using the authors tag.  Petname/keys are
correctly filtered (previously the event tags were incorrectly used).
2021-12-14 21:38:26 -06:00
Greg Heartsfield
850064b871 fix: handle filters with no criteria 2021-12-12 14:52:55 -06:00
Greg Heartsfield
b3c7852b19 fix: correct SQL query for inserting pubkeys 2021-12-12 14:34:52 -06:00
Greg Heartsfield
6910b8d945 feat: add log for unique client connection count 2021-12-12 10:58:00 -06:00
Greg Heartsfield
531f6c4624 feat: improved NOTICE messages for events and subscriptions 2021-12-12 10:50:16 -06:00
Greg Heartsfield
1589268eba fix: use database to publish all events
This fixes a race condition where a publisher might send an event, and
immediately after issue a subscription for the same event ID.  Prior
to this change, that event would have been published on the broadcast
channel (and ignored by our publisher, because they had not yet issued
the subscription), but not yet committed to the database.  Their
subscription would trigger a database query which would return zero
results.  Therefore, they would never see the event they published.
The noscl tool is one client that would suffer from this.

Now, all events are broadcast only after they exist in the database,
so a late subscription will always return the event.
2021-12-12 10:20:23 -06:00
Greg Heartsfield
56c40f2be9 refactor: improve error messages 2021-12-12 10:03:28 -06:00
Greg Heartsfield
e732f918f9 refactor: clippy suggestions 2021-12-11 21:56:52 -06:00
Greg Heartsfield
ca0f01c94b docs: add rustdoc comments 2021-12-11 21:43:41 -06:00
Greg Heartsfield
d79e0a59f5 config: change default websocket port 2021-12-11 16:57:55 -06:00
Greg Heartsfield
65969a4121 feat: store events in SQLite and allow querying
Events are persisted in a local database, and can be queried through
subscriptions.
2021-12-11 15:48:59 -06:00
Greg Heartsfield
23f47899cd feat: broadcast events that match active client subscriptions
A broadcast channel sends messages to all connections.  Any connection
with a subscription that matches then sends it via websocket.
2021-12-05 20:28:02 -06:00
Greg Heartsfield
8b4c43ae71 feat: add and remove subscriptions from client requests
A hashmap of active subscriptions is maintained for each client.  REQ
and CLOSE commands will modify the subscription list.
2021-12-05 18:14:14 -06:00
Greg Heartsfield
35ceb7cb64 feat: parse subscription close requests from websockets 2021-12-05 17:33:40 -06:00
Greg Heartsfield
e7d0ab1aca feat: parse subscriptions from websockets
Parses subscription requests (REQ, but not CLOSE).  Performs no
subscription state management yet.
2021-12-05 17:15:50 -06:00
Greg Heartsfield
92e9a5e639 feat: parse and validate events from websockets
Establishes a websocket listener, parses events, and performs
validation to ensure valid signatures.
2021-12-05 16:53:26 -06:00
Greg Heartsfield
d0c2b242cd feat: cargo build files and expected dependencies 2021-12-05 08:42:28 -06:00