Policy System Verification & Testing (Latest Updates) Authentication & Security:
Verified policy system enforces authentication for all REQ and EVENT messages when enabled
Confirmed AUTH challenges are sent immediately on connection and repeated until authentication succeeds
Validated unauthenticated requests are silently rejected regardless of other policy rules
Access Control Logic:
Confirmed privileged flag only restricts read access (REQ queries), not write operations (EVENT submissions)
Validated read_allow and privileged use OR logic: users get access if EITHER they're in the allow list OR they're a party to the event (author/p-tag)
This design allows both explicit whitelisting and privacy for involved parties
Kind Whitelisting:
Verified kind filtering properly rejects unlisted events in all scenarios:
Explicit kind.whitelist: Only listed kinds accepted, even if rules exist for other kinds
Implicit whitelist (rules only): Only kinds with defined rules accepted
Blacklist mode: Blacklisted kinds rejected, others require rules
Added comprehensive test suite (10 scenarios) covering edge cases and real-world configurations
- Deleted obsolete files including ALL_FIXES.md, MESSAGE_QUEUE_FIX.md, PUBLISHER_FIX.md, and others to streamline the codebase.
- Implemented critical fixes for subscription stability, ensuring receiver channels are consumed and preventing drops.
- Introduced per-subscription consumer goroutines to enhance event delivery and prevent message queue overflow.
- Updated documentation to reflect changes and provide clear testing guidelines for subscription stability.
- Bumped version to v0.26.3 to signify these important updates.
- Resolved critical issues causing subscriptions to drop after 30-60 seconds due to unconsumed receiver channels.
- Introduced per-subscription consumer goroutines to ensure continuous event delivery and prevent channel overflow.
- Enhanced REQ parsing to handle both wrapped and unwrapped filter arrays, eliminating EOF errors.
- Updated publisher logic to correctly send events to receiver channels, ensuring proper event delivery to subscribers.
- Added extensive documentation and testing tools to verify subscription stability and performance.
- Bumped version to v0.26.2 to reflect these significant improvements.
- Added a FilterBuilder component to allow users to create complex search filters based on various criteria such as event kinds, authors, and tags.
- Introduced a FilterDisplay component to show active filters and provide an option to clear them.
- Updated the App.svelte to integrate the new filtering features, including handling filter application and clearing.
- Enhanced search functionality to utilize the new filter structure, improving the search results experience.
- Bumped version to v0.26.0 to reflect these changes.
- Updated the authentication challenge conditions in both HandleCount and HandleReq functions to check for the presence of an authenticated public key.
- Introduced the schnorr package to handle public key length validation.
- Bumped version to v0.25.7 to reflect these changes.
- Modified the CI workflow to copy the `libsecp256k1.so` file to the root directory for test accessibility.
- Enhanced the `InitPub` method in the `FallbackSigner` to parse the x-only public key for verification.
- Bumped version to v0.25.6 to reflect these updates.
- Enhanced the Signer struct to include a FallbackSigner for scenarios where the libsecp256k1 implementation is unavailable.
- Updated the New function to initialize the fallback signer when the context creation fails.
- Refactored methods in the Signer to delegate operations to the FallbackSigner when applicable, ensuring compatibility with pure Go implementations.
- Added comprehensive method implementations for the FallbackSigner, including key generation, signing, and verification.
- Improved error handling and memory management in the new implementation.
- Removed installation steps for `libsecp256k1` from the CI workflow, streamlining the build process.
- Adjusted the build steps for release binaries to utilize pre-compiled `libsecp256k1.so` for Linux AMD64.
- Bumped version to v0.25.4 to reflect these changes.
- Deleted `testresults.txt` and `testmain_test.go` as they were no longer needed.
- Updated the Go workflow to streamline the build process by removing commented-out build steps for various platforms.
- Refactored encryption benchmarks to improve performance and clarity in the `benchmark_test.go` file.
- Introduced a new LICENSE file for the encryption package, specifying the MIT License.
- Enhanced the README with usage instructions and links to the NIP-44 specification.
- Bumped version to v0.25.3 to reflect these changes.
- Added `github.com/ebitengine/purego` as a direct dependency to the project.
- Removed the unused `p8k.mleku.dev` dependency from the `go.mod` file.
- Refactored the `GenerateConversationKeyFromHex` function to clarify parameter order, aligning with the NIP-44 specification.
- Enhanced test cases for conversation key generation to ensure proper handling of public key formats and improved error messages.
- Updated the `Signer` interface to include methods for extracting and serializing public keys in compressed format.
- Updated the HandleDelete function to allow delete events to be stored even if no valid targets are found, enhancing flexibility in event management.
- Improved logging to provide clearer insights when no deletions are processed, ensuring that issues are logged without blocking event acceptance.
- Refactored SHA256 validation tests and adjusted expected values to ensure accuracy in hash comparisons.
- Enhanced various test cases to improve coverage and reliability across the application.
- Introduced test files for the blossom and database packages to improve test coverage and ensure functionality.
- Updated logging practices by suppressing unnecessary log outputs during tests to enhance clarity and focus on relevant information.
- Refactored error handling in the `handle-message` and `handle-req` functions to avoid logging expected context cancellation errors during shutdown.
- Bumped version to v0.25.2 to reflect these updates.
