Add NIP-11 relay synchronization and group management features

- Introduced a new `sync` package for managing NIP-11 relay information and relay group configurations.
- Implemented a cache for NIP-11 documents, allowing retrieval of relay public keys and authoritative configurations.
- Enhanced the sync manager to update peer lists based on authoritative configurations from relay group events.
- Updated event handling to incorporate policy checks during event imports, ensuring compliance with relay rules.
- Refactored various components to utilize the new `sha256-simd` package for improved performance.
- Added comprehensive tests to validate the new synchronization and group management functionalities.
- Bumped version to v0.24.1 to reflect these changes.

pkg/database/get-indexes-for-event_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 
 	"lol.mleku.dev/chk"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/database/indexes"
 	types2 "next.orly.dev/pkg/database/indexes/types"
 	"next.orly.dev/pkg/encoders/event"

pkg/database/get-indexes-from-filter_test.go

@@ -6,7 +6,7 @@ import (
 	"testing"
 
 	"lol.mleku.dev/chk"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/database/indexes"
 	types2 "next.orly.dev/pkg/database/indexes/types"
 	"next.orly.dev/pkg/encoders/filter"

pkg/database/import_utils.go

@@ -38,15 +38,20 @@ func (d *D) ImportEventsFromReader(ctx context.Context, rr io.Reader) error {
 	return d.processJSONLEvents(ctx, tmp)
 }
 
-// ImportEventsFromStrings imports events from a slice of JSON strings
-func (d *D) ImportEventsFromStrings(ctx context.Context, eventJSONs []string) error {
+// ImportEventsFromStrings imports events from a slice of JSON strings with policy filtering
+func (d *D) ImportEventsFromStrings(ctx context.Context, eventJSONs []string, policyManager interface{ CheckPolicy(action string, ev *event.E, pubkey []byte, remote string) (bool, error) }) error {
 	// Create a reader from the string slice
 	reader := strings.NewReader(strings.Join(eventJSONs, "\n"))
-	return d.processJSONLEvents(ctx, reader)
+	return d.processJSONLEventsWithPolicy(ctx, reader, policyManager)
 }
 
 // processJSONLEvents processes JSONL events from a reader
 func (d *D) processJSONLEvents(ctx context.Context, rr io.Reader) error {
+	return d.processJSONLEventsWithPolicy(ctx, rr, nil)
+}
+
+// processJSONLEventsWithPolicy processes JSONL events from a reader with optional policy filtering
+func (d *D) processJSONLEventsWithPolicy(ctx context.Context, rr io.Reader, policyManager interface{ CheckPolicy(action string, ev *event.E, pubkey []byte, remote string) (bool, error) }) error {
 	// Create a scanner to read the buffer line by line
 	scan := bufio.NewScanner(rr)
 	scanBuf := make([]byte, maxLen)
@@ -75,6 +80,24 @@ func (d *D) processJSONLEvents(ctx context.Context, rr io.Reader) error {
 			continue
 		}
 
+		// Apply policy checking if policy manager is provided
+		if policyManager != nil {
+			// For sync imports, we treat events as coming from system/trusted source
+			// Use nil pubkey and empty remote to indicate system-level import
+			allowed, policyErr := policyManager.CheckPolicy("write", ev, nil, "")
+			if policyErr != nil {
+				log.W.F("policy check failed for event %x: %v", ev.ID, policyErr)
+				ev.Free()
+				continue
+			}
+			if !allowed {
+				log.D.F("policy rejected event %x during sync import", ev.ID)
+				ev.Free()
+				continue
+			}
+			log.D.F("policy allowed event %x during sync import", ev.ID)
+		}
+
 		if _, err := d.SaveEvent(ctx, ev); err != nil {
 			// return the pooled buffer on error paths too
 			ev.Free()

pkg/database/indexes/types/fullid.go

@@ -4,7 +4,7 @@ import (
 	"io"
 
 	"lol.mleku.dev/errorf"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 )
 
 const IdLen = sha256.Size

pkg/database/indexes/types/fullid_test.go

@@ -7,7 +7,7 @@ import (
 	"lol.mleku.dev/chk"
 	"next.orly.dev/pkg/utils"
 
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 )
 
 func TestFromId(t *testing.T) {

pkg/database/indexes/types/identhash.go

@@ -3,7 +3,7 @@ package types
 import (
 	"io"
 
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 )
 
 const IdentLen = 8

pkg/database/indexes/types/identhash_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 
 	"lol.mleku.dev/chk"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/utils"
 )
 

pkg/database/indexes/types/idhash.go

@@ -6,7 +6,7 @@ import (
 
 	"lol.mleku.dev/chk"
 	"lol.mleku.dev/errorf"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/encoders/hex"
 )
 

pkg/database/indexes/types/idhash_test.go

@@ -6,7 +6,7 @@ import (
 	"testing"
 
 	"lol.mleku.dev/chk"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/encoders/hex"
 	"next.orly.dev/pkg/utils"
 )

pkg/database/indexes/types/pubhash.go

@@ -6,7 +6,7 @@ import (
 	"lol.mleku.dev/chk"
 	"lol.mleku.dev/errorf"
 	"next.orly.dev/pkg/crypto/ec/schnorr"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/encoders/hex"
 )
 

pkg/database/indexes/types/pubhash_test.go

@@ -6,7 +6,7 @@ import (
 
 	"lol.mleku.dev/chk"
 	"next.orly.dev/pkg/crypto/ec/schnorr"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/encoders/hex"
 	"next.orly.dev/pkg/utils"
 )

pkg/database/query-events.go

@@ -9,7 +9,7 @@ import (
 
 	"lol.mleku.dev/chk"
 	"lol.mleku.dev/log"
-	"next.orly.dev/pkg/crypto/sha256"
+	"github.com/minio/sha256-simd"
 	"next.orly.dev/pkg/database/indexes/types"
 	"next.orly.dev/pkg/encoders/event"
 	"next.orly.dev/pkg/encoders/filter"

pkg/database/tokenize.go

@@ -4,7 +4,7 @@ import (
 	"strings"
 	"unicode"
 
-	sha "next.orly.dev/pkg/crypto/sha256"
+	sha "github.com/minio/sha256-simd"
 )
 
 // TokenHashes extracts unique word hashes (8-byte truncated sha256) from content.