mleku/next.orly.dev
1
0
Fork 1
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix NIP-42 AUTH compliance: always respond with OK message
Some checks failed
Go / build-and-release (push) Has been cancelled
Details

Browse Source 
- Ensure AUTH handler always sends OK response per NIP-42 specification,
  including for parse failures (uses zero event ID with error reason)
- Add zeroEventID constant for OK responses when event ID cannot be parsed
- Document critical client guidance: clients MUST wait for OK response
  after AUTH before publishing events requiring authentication
- Update nostr skill and CLAUDE.md with NIP-42 AUTH protocol requirements
  for client developers, emphasizing OK response handling
- Add MAX_THINKING_TOKENS setting to Claude configuration

Files modified:
- app/handle-auth.go: Add OK response for AUTH parse failures
- .claude/skills/nostr/SKILL.md: Document AUTH OK response requirements
- CLAUDE.md: Add NIP-42 AUTH Protocol section for client developers
- .claude/settings.local.json: Add MAX_THINKING_TOKENS setting
- pkg/version/version: Bump to v0.34.7

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ
2025-12-12 06:14:24 +01:00
parent 28b41847a6
commit a816737cd3
5 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
CLAUDE.md
View File

@@ -901,6 +901,18 @@ WebAssembly-compatible database backend (`pkg/wasmdb/`):
- `ORLY_AUTH_REQUIRED=true`: Require authentication for ALL requests
- `ORLY_AUTH_TO_WRITE=true`: Require authentication only for writes (allow anonymous reads)
### NIP-42 AUTH Protocol (IMPORTANT for Client Developers)
Per NIP-42, this relay always responds to AUTH messages with an OK message:
- **Clients MUST wait for the OK response** after sending AUTH before publishing events
- An OK with `true` confirms the relay has stored the authenticated pubkey
- An OK with `false` indicates authentication failed - clients should:
1. Alert the user that authentication failed
2. Assume the relay will reject subsequent events requiring auth
3. Check the reason field for error details
- If no OK is received within a reasonable timeout, assume connection issues
Implementation: `app/handle-auth.go`
### NIP-43 Relay Access Metadata
Invite-based access control system:
- `ORLY_NIP43_ENABLED=true`: Enable invite system