Fix NIP-42 AUTH compliance: always respond with OK message
Some checks failed
Go / build-and-release (push) Has been cancelled
Some checks failed
Go / build-and-release (push) Has been cancelled
- Ensure AUTH handler always sends OK response per NIP-42 specification, including for parse failures (uses zero event ID with error reason) - Add zeroEventID constant for OK responses when event ID cannot be parsed - Document critical client guidance: clients MUST wait for OK response after AUTH before publishing events requiring authentication - Update nostr skill and CLAUDE.md with NIP-42 AUTH protocol requirements for client developers, emphasizing OK response handling - Add MAX_THINKING_TOKENS setting to Claude configuration Files modified: - app/handle-auth.go: Add OK response for AUTH parse failures - .claude/skills/nostr/SKILL.md: Document AUTH OK response requirements - CLAUDE.md: Add NIP-42 AUTH Protocol section for client developers - .claude/settings.local.json: Add MAX_THINKING_TOKENS setting - pkg/version/version: Bump to v0.34.7 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -1,4 +1,5 @@
|
||||
{
|
||||
"MAX_THINKING_TOKENS": "8000",
|
||||
"permissions": {
|
||||
"allow": [
|
||||
"Bash:*",
|
||||
|
||||
@@ -150,10 +150,20 @@ Event kind `7` for reactions:
|
||||
|
||||
#### NIP-42: Authentication
|
||||
Client authentication to relays:
|
||||
- AUTH message from relay
|
||||
- Client responds with event kind `22242`
|
||||
- AUTH message from relay (challenge)
|
||||
- Client responds with event kind `22242` signed auth event
|
||||
- Proves key ownership
|
||||
|
||||
**CRITICAL: Clients MUST wait for OK response after AUTH**
|
||||
- Relays MUST respond to AUTH with an OK message (same as EVENT)
|
||||
- An OK with `true` confirms the relay has stored the authenticated pubkey
|
||||
- An OK with `false` indicates authentication failed:
|
||||
1. **Alert the user** that authentication failed
|
||||
2. **Assume the relay will reject** subsequent events requiring auth
|
||||
3. Check the `reason` field for error details (e.g., "error: failed to parse auth event")
|
||||
- Do NOT send events requiring authentication until OK `true` is received
|
||||
- If no OK is received within timeout, assume connection issues and retry or alert user
|
||||
|
||||
#### NIP-50: Search
|
||||
Query filter extension for full-text search:
|
||||
- `search` field in REQ filters
|
||||
|
||||
Reference in New Issue
Block a user