mleku/next.orly.dev
1
0
Fork 1
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix NIP-42 AUTH compliance: always respond with OK message
Some checks failed
Go / build-and-release (push) Has been cancelled
Details

Browse Source 
- Ensure AUTH handler always sends OK response per NIP-42 specification,
  including for parse failures (uses zero event ID with error reason)
- Add zeroEventID constant for OK responses when event ID cannot be parsed
- Document critical client guidance: clients MUST wait for OK response
  after AUTH before publishing events requiring authentication
- Update nostr skill and CLAUDE.md with NIP-42 AUTH protocol requirements
  for client developers, emphasizing OK response handling
- Add MAX_THINKING_TOKENS setting to Claude configuration

Files modified:
- app/handle-auth.go: Add OK response for AUTH parse failures
- .claude/skills/nostr/SKILL.md: Document AUTH OK response requirements
- CLAUDE.md: Add NIP-42 AUTH Protocol section for client developers
- .claude/settings.local.json: Add MAX_THINKING_TOKENS setting
- pkg/version/version: Bump to v0.34.7

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ
2025-12-12 06:14:24 +01:00
parent 28b41847a6
commit a816737cd3
5 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.claude/skills/nostr/SKILL.md
View File

@@ -150,10 +150,20 @@ Event kind `7` for reactions:
#### NIP-42: Authentication
Client authentication to relays:
- AUTH message from relay
- Client responds with event kind `22242`
- AUTH message from relay (challenge)
- Client responds with event kind `22242` signed auth event
- Proves key ownership
**CRITICAL: Clients MUST wait for OK response after AUTH**
- Relays MUST respond to AUTH with an OK message (same as EVENT)
- An OK with `true` confirms the relay has stored the authenticated pubkey
- An OK with `false` indicates authentication failed:
1. **Alert the user** that authentication failed
2. **Assume the relay will reject** subsequent events requiring auth
3. Check the `reason` field for error details (e.g., "error: failed to parse auth event")
- Do NOT send events requiring authentication until OK `true` is received
- If no OK is received within timeout, assume connection issues and retry or alert user
#### NIP-50: Search
Query filter extension for full-text search:
- `search` field in REQ filters