i'm in heavy code-review mode right now for #realy and noticed that queries with no kinds filter or with a kinds filter that might match on privileged events isn't being filtered of privileged event kinds that the user has no business seeing
a final step before returning the results now is that it checks if the user is authed, and if the event is privileged and there is events that are privileged it removes them from the results
sorry, not sorry, but if you use my relay, or the one i build, it has by default that you must auth to access DMs
this is called "privacy protected" h/t: Silberengel (npub1l5s…gx9z)
of course you can disable auth on your instance of realy if you like but i'm not gonna be responsible for the shitty outcomes for your network traffic and processing and data costs
i made it really easy to control access to realy, you can literally just create a new npub and follow whoever you want to whitelist, and if it can get the list of all the whitelisted users, it will allow them to read and write also
it used to have a spider but i removed teh spider, possibly it could go back, i set it up so it only activated if you made a secret key for it to auth with, this would enable peering between relays so they can share data, specifically it was to gather things like follow and mute lists so that they were available to properly protect the privacy and filter the results for whitelisted users
maybe later i will put this back, right now i'm more just sweeping everything of garbage and putting labels on everything
i have an aspiration to make the whole architecture more clean and svelte but there is quite some extra code required to fulfill a lot of functions, notably auth and privacy protection and delete
mleku
npub1fj…mleku
2025-04-06 10:06:06
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuPublished at
2025-04-06 10:06:06Event JSON
{
"id": "87bb3dddb431df69b1033800f340d84cd9c8a866e2632ee92278fc64010d1f5a",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1743933966,
"kind": 1,
"tags": [
[
"t",
"realy"
],
[
"p",
"fd208ee8c8f283780a9552896e4823cc9dc6bfd442063889577106940fd927c1"
],
[
"client",
"jumble"
]
],
"content": "i'm in heavy code-review mode right now for #realy and noticed that queries with no kinds filter or with a kinds filter that might match on privileged events isn't being filtered of privileged event kinds that the user has no business seeing\n\na final step before returning the results now is that it checks if the user is authed, and if the event is privileged and there is events that are privileged it removes them from the results\n\nsorry, not sorry, but if you use my relay, or the one i build, it has by default that you must auth to access DMs\n\nthis is called \"privacy protected\" h/t: nostr:npub1l5sga6xg72phsz5422ykujprejwud075ggrr3z2hwyrfgr7eylqstegx9z\n\nof course you can disable auth on your instance of realy if you like but i'm not gonna be responsible for the shitty outcomes for your network traffic and processing and data costs\n\ni made it really easy to control access to realy, you can literally just create a new npub and follow whoever you want to whitelist, and if it can get the list of all the whitelisted users, it will allow them to read and write also\n\nit used to have a spider but i removed teh spider, possibly it could go back, i set it up so it only activated if you made a secret key for it to auth with, this would enable peering between relays so they can share data, specifically it was to gather things like follow and mute lists so that they were available to properly protect the privacy and filter the results for whitelisted users\n\nmaybe later i will put this back, right now i'm more just sweeping everything of garbage and putting labels on everything\n\ni have an aspiration to make the whole architecture more clean and svelte but there is quite some extra code required to fulfill a lot of functions, notably auth and privacy protection and delete",
"sig": "e7f3562318b3f9953776cb355507c4322952603c080bb8722fbce8ec6cbca06533e8632102657e4890270ec3730d9b33dd1fb0448bdf3799b4ace0dde4918941"
}