@Doug Hoyte
https://hoytech.com
Relays (2)
- wss://nos.lol – read & write
- wss://relay.damus.io – read & write
Recent Notes
I'm still thinking about how to approach this. It's more difficult than the write policy because it has significant performance implications in the read-path.
But now that we have the foundation of support for AUTH, we'll probably come up with something useable soon.
What is your use-case? Restricting DMs to only be read by their recipient? Something else?
But now that we have the foundation of support for AUTH, we'll probably come up with something useable soon.
What is your use-case? Restricting DMs to only be read by their recipient? Something else?
strfry has been invited to participate in the Summer of Bitcoin!
https://www.summerofbitcoin.org/
Anyone have any project ideas for a student to work on during the summer?
https://www.summerofbitcoin.org/
Anyone have any project ideas for a student to work on during the summer?
2
Correct, yes, it should be the relay URL that external users use. I believe no trailing slash.
We should probably normalise the URL so it accepts both, I added a ticket for this: https://github.com/hoytech/strfry/issues/182
We should probably normalise the URL so it accepts both, I added a ticket for this: https://github.com/hoytech/strfry/issues/182
did they fix the DoS on negentropy or no? https://github.com/mlekudev/strfry right there in the commit log. i told it openly here on nostr 3 weeks ago. wen fix?
I think I found it. This note right?
> Hah, always worth going again at least once with bug audits — another 9 were found.
>
> 1. **Negentropy DoS (HIGH)** — RelayNegentropy.cpp:208,250 — `filters.at(0)` throws `out_of_range` if a client sends a filter with all-empty arrays (e.g. `{"ids":[]}`) which causes `NostrFilterGroup` to pop the filter, leaving `filters` empty, and the uncaught exception kills the negentropy thread.
>
> ---
> *Edited by Claude Opus 4.6*
Were you able to reproduce this report? The analysis doesn't sound correct to me. This line isn't accessing `ids` (for example), it's accessing the first filter of the *filter group*, of which there is verified to be one when the filter is parsed at ingestion time.
In my testing, both of these are handled correctly:
$ echo '["NEG-OPEN","N",{"ids":[]},"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NEG-MSG","N","6100000200"]
$ echo '["NEG-OPEN","N",[],"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NOTICE","ERROR: negentropy error: too small"]
I'm happy to investigate further if you have more details and/or a test case.
> Hah, always worth going again at least once with bug audits — another 9 were found.
>
> 1. **Negentropy DoS (HIGH)** — RelayNegentropy.cpp:208,250 — `filters.at(0)` throws `out_of_range` if a client sends a filter with all-empty arrays (e.g. `{"ids":[]}`) which causes `NostrFilterGroup` to pop the filter, leaving `filters` empty, and the uncaught exception kills the negentropy thread.
>
> ---
> *Edited by Claude Opus 4.6*
Were you able to reproduce this report? The analysis doesn't sound correct to me. This line isn't accessing `ids` (for example), it's accessing the first filter of the *filter group*, of which there is verified to be one when the filter is parsed at ingestion time.
In my testing, both of these are handled correctly:
$ echo '["NEG-OPEN","N",{"ids":[]},"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NEG-MSG","N","6100000200"]
$ echo '["NEG-OPEN","N",[],"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NOTICE","ERROR: negentropy error: too small"]
I'm happy to investigate further if you have more details and/or a test case.
did they fix the DoS on negentropy or no? https://github.com/mlekudev/strfry right there in the commit log. i told it openly here on nostr 3 weeks ago. wen fix?
This is the first I'm hearing of it. Can you please point me to any more details? I don't see anything related to negentropy in the commits you referenced.
strfry 1.1.0 release
There are a lot of changes in this release. Some highlights:
* Preliminary support for AUTH (NIP-42)
* Support for COUNT requests (NIP-45)
* Prometheus monitoring end-point
* REQ filter validation: restrict which filters your relay will service
* Configure your relay.info with npubs instead of 32-byte hex (optional)
* Timeout-support for plugins to detect and recover from plugin hangs/crashes
* Deletion of parameterised replaceable events now follows NIP-09
* upload/download convenience commands to transfer notes to/from remote relays
* Improved error messages for both external users and admins
* Many small bugfixes and convenience features
See here for the full list: https://github.com/hoytech/strfry/blob/master/CHANGES
Thank you to everyone who contributed!
There are no backwards-incompatible DB changes, so it should be a drop-in replacement for the 1.0.0 series. However, we always recommend backing up your DB first just in case.
One thing to note: We are deprecating the `strfry stream` command. `strfry router` does everything stream did and much more.
There are a lot of changes in this release. Some highlights:
* Preliminary support for AUTH (NIP-42)
* Support for COUNT requests (NIP-45)
* Prometheus monitoring end-point
* REQ filter validation: restrict which filters your relay will service
* Configure your relay.info with npubs instead of 32-byte hex (optional)
* Timeout-support for plugins to detect and recover from plugin hangs/crashes
* Deletion of parameterised replaceable events now follows NIP-09
* upload/download convenience commands to transfer notes to/from remote relays
* Improved error messages for both external users and admins
* Many small bugfixes and convenience features
See here for the full list: https://github.com/hoytech/strfry/blob/master/CHANGES
Thank you to everyone who contributed!
There are no backwards-incompatible DB changes, so it should be a drop-in replacement for the 1.0.0 series. However, we always recommend backing up your DB first just in case.
One thing to note: We are deprecating the `strfry stream` command. `strfry router` does everything stream did and much more.
810❤️6🤙2❤️1👍1💜1🔥1
What's the latest with delete events :-)
I believe they are working as per spec, but please let me know if not.
The beta-series finally implements the deletion of parameterised replaceable events with a-tags: https://github.com/hoytech/strfry/issues/168
Is there anything in particular you're wondering about?
The beta-series finally implements the deletion of parameterised replaceable events with a-tags: https://github.com/hoytech/strfry/issues/168
Is there anything in particular you're wondering about?
1
Amazing. Can’t wait. I noticed a PR a few days ago to add auth support - is that going to make it in too?
Yes! It's already in the beta series. I'll write this up in a bit more detail soon.
Note that the AUTH is a bit limited, and mostly is used to restrict the writing of protected events (NIP-70). Using AUTH for restricting which notes can be read is not currently implemented. We're still trying to figure out the best approach for this.
Note that the AUTH is a bit limited, and mostly is used to restrict the writing of protected events (NIP-70). Using AUTH for restricting which notes can be read is not currently implemented. We're still trying to figure out the best approach for this.
cool stuff. thanks for continueing making updates to strfry.
You're welcome! Let me know if there's anything you'd like me to implement.
🤙1
