@Doug Hoyte
https://hoytech.com
Relays (2)
- wss://nos.lol β read & write
- wss://relay.damus.io β read & write
Recent Notes
Thinking about running the #strfry relay as public, I may delete things from time to time if taking too much space. Should I? π€π€
I think clients must be written to handle the case of individual relays missing/deleting data. If you're low on disk-space, not much choice!
You could have some kind of heuristics that delete unneeded notes, and keep the important ones (whatever that is for your use-case).
You could have some kind of heuristics that delete unneeded notes, and keep the important ones (whatever that is for your use-case).
π1
Congratz ππ not feeling creative right now but if any idea will share πΈ
I take the opportunity also to ask if there is any way to have a readPolicy plugin for the relay ππ€
I'm still thinking about how to approach this. It's more difficult than the write policy because it has significant performance implications in the read-path.
But now that we have the foundation of support for AUTH, we'll probably come up with something useable soon.
What is your use-case? Restricting DMs to only be read by their recipient? Something else?
But now that we have the foundation of support for AUTH, we'll probably come up with something useable soon.
What is your use-case? Restricting DMs to only be read by their recipient? Something else?
π1
strfry has been invited to participate in the Summer of Bitcoin!
https://www.summerofbitcoin.org/
Anyone have any project ideas for a student to work on during the summer?
https://www.summerofbitcoin.org/
Anyone have any project ideas for a student to work on during the summer?
32β€οΈ2π1π1
Thanks! For now none at all, but I take the opportunity to ask a maybe silly question.
For auth I saw the new options 'enabled' and 'serviceUrl'. I saw a bit about nip42 and I understand there I gott...
Correct, yes, it should be the relay URL that external users use. I believe no trailing slash.
We should probably normalise the URL so it accepts both, I added a ticket for this: https://github.com/hoytech/strfry/issues/182
We should probably normalise the URL so it accepts both, I added a ticket for this: https://github.com/hoytech/strfry/issues/182
π1
Running the new #strfry version π
Gotta set up a whitelist so is only for myself and check if auth works but is already up βπΌ
Amber + Tor + Private relay π€π΄ββ οΈ
Great! Let me know if you hit any issues.
Note that AUTH will currently only be triggered if you try to send a protected event to the relay. We're trying to decide on the best way to extend this functionality (any comments/suggestions welcome).
Note that AUTH will currently only be triggered if you try to send a protected event to the relay. We're trying to decide on the best way to extend this functionality (any comments/suggestions welcome).
1π1
did they fix the DoS on negentropy or no? https://github.com/mlekudev/strfry right there in the commit log. i told it openly here on nostr 3 weeks ago. wen fix?
I think I found it. This note right?
> Hah, always worth going again at least once with bug audits β another 9 were found.
>
> 1. **Negentropy DoS (HIGH)** β RelayNegentropy.cpp:208,250 β `filters.at(0)` throws `out_of_range` if a client sends a filter with all-empty arrays (e.g. `{"ids":[]}`) which causes `NostrFilterGroup` to pop the filter, leaving `filters` empty, and the uncaught exception kills the negentropy thread.
>
> ---
> *Edited by Claude Opus 4.6*
Were you able to reproduce this report? The analysis doesn't sound correct to me. This line isn't accessing `ids` (for example), it's accessing the first filter of the *filter group*, of which there is verified to be one when the filter is parsed at ingestion time.
In my testing, both of these are handled correctly:
$ echo '["NEG-OPEN","N",{"ids":[]},"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NEG-MSG","N","6100000200"]
$ echo '["NEG-OPEN","N",[],"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NOTICE","ERROR: negentropy error: too small"]
I'm happy to investigate further if you have more details and/or a test case.
> Hah, always worth going again at least once with bug audits β another 9 were found.
>
> 1. **Negentropy DoS (HIGH)** β RelayNegentropy.cpp:208,250 β `filters.at(0)` throws `out_of_range` if a client sends a filter with all-empty arrays (e.g. `{"ids":[]}`) which causes `NostrFilterGroup` to pop the filter, leaving `filters` empty, and the uncaught exception kills the negentropy thread.
>
> ---
> *Edited by Claude Opus 4.6*
Were you able to reproduce this report? The analysis doesn't sound correct to me. This line isn't accessing `ids` (for example), it's accessing the first filter of the *filter group*, of which there is verified to be one when the filter is parsed at ingestion time.
In my testing, both of these are handled correctly:
$ echo '["NEG-OPEN","N",{"ids":[]},"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NEG-MSG","N","6100000200"]
$ echo '["NEG-OPEN","N",[],"6100000200"]' | websocat -n ws://127.0.0.1:7777
["NOTICE","ERROR: negentropy error: too small"]
I'm happy to investigate further if you have more details and/or a test case.
did they fix the DoS on negentropy or no? https://github.com/mlekudev/strfry right there in the commit log. i told it openly here on nostr 3 weeks ago. wen fix?
This is the first I'm hearing of it. Can you please point me to any more details? I don't see anything related to negentropy in the commits you referenced.
strfry 1.1.0 release
There are a lot of changes in this release. Some highlights:
* Preliminary support for AUTH (NIP-42)
* Support for COUNT requests (NIP-45)
* Prometheus monitoring end-point
* REQ filter validation: restrict which filters your relay will service
* Configure your relay.info with npubs instead of 32-byte hex (optional)
* Timeout-support for plugins to detect and recover from plugin hangs/crashes
* Deletion of parameterised replaceable events now follows NIP-09
* upload/download convenience commands to transfer notes to/from remote relays
* Improved error messages for both external users and admins
* Many small bugfixes and convenience features
See here for the full list: https://github.com/hoytech/strfry/blob/master/CHANGES
Thank you to everyone who contributed!
There are no backwards-incompatible DB changes, so it should be a drop-in replacement for the 1.0.0 series. However, we always recommend backing up your DB first just in case.
One thing to note: We are deprecating the `strfry stream` command. `strfry router` does everything stream did and much more.
There are a lot of changes in this release. Some highlights:
* Preliminary support for AUTH (NIP-42)
* Support for COUNT requests (NIP-45)
* Prometheus monitoring end-point
* REQ filter validation: restrict which filters your relay will service
* Configure your relay.info with npubs instead of 32-byte hex (optional)
* Timeout-support for plugins to detect and recover from plugin hangs/crashes
* Deletion of parameterised replaceable events now follows NIP-09
* upload/download convenience commands to transfer notes to/from remote relays
* Improved error messages for both external users and admins
* Many small bugfixes and convenience features
See here for the full list: https://github.com/hoytech/strfry/blob/master/CHANGES
Thank you to everyone who contributed!
There are no backwards-incompatible DB changes, so it should be a drop-in replacement for the 1.0.0 series. However, we always recommend backing up your DB first just in case.
One thing to note: We are deprecating the `strfry stream` command. `strfry router` does everything stream did and much more.
810β€οΈ6π€2β€οΈ1π1π1π₯1
What's the latest with delete events :-)
I believe they are working as per spec, but please let me know if not.
The beta-series finally implements the deletion of parameterised replaceable events with a-tags: https://github.com/hoytech/strfry/issues/168
Is there anything in particular you're wondering about?
The beta-series finally implements the deletion of parameterised replaceable events with a-tags: https://github.com/hoytech/strfry/issues/168
Is there anything in particular you're wondering about?
1
Amazing. Canβt wait. I noticed a PR a few days ago to add auth support - is that going to make it in too?
Yes! It's already in the beta series. I'll write this up in a bit more detail soon.
Note that the AUTH is a bit limited, and mostly is used to restrict the writing of protected events (NIP-70). Using AUTH for restricting which notes can be read is not currently implemented. We're still trying to figure out the best approach for this.
Note that the AUTH is a bit limited, and mostly is used to restrict the writing of protected events (NIP-70). Using AUTH for restricting which notes can be read is not currently implemented. We're still trying to figure out the best approach for this.
cool stuff. thanks for continueing making updates to strfry.
You're welcome! Let me know if there's anything you'd like me to implement.
π€1
