For those devs interested in #blossom or the ones who have written other server implementations. I have a PR out that id like to get some thoughts on
https://github.com/hzrd149/blossom/pull/12
It changes the requirements for the upload authorization
Previously the upload auth required a "size" tag matching the exact size of the blob
This would change it to require an "x" tag with a matching sha256 hash
I initially wrote to spec to require a "size" tag because I thought it would be difficult for web apps to hash the file before uploading it
Turns out its not difficult at all https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#basic_example
And id like to correct this issue before any more clients implement blossom
PABLOF7z (npub1l2v…ajft) franzap (npub1wf4…dgh9) Kieran (npub1v0l…qj49) Stuart Bowman (npub1lun…27lj)
hzrd149
npub1ye…pknpr
2024-05-18 15:00:06
Author Public Key
npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknprPublished at
2024-05-18 15:00:06Event JSON
{
"id": "24bfbe8db135c346d9a05cba2ba951e8076431a98401055dfc51871d0d7f7944",
"pubkey": "266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5",
"created_at": 1716044406,
"kind": 1,
"tags": [
[
"t",
"blossom"
],
[
"p",
"fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52",
"",
"mention"
],
[
"p",
"726a1e261cc6474674e8285e3951b3bb139be9a773d1acf49dc868db861a1c11",
"",
"mention"
],
[
"p",
"63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed",
"",
"mention"
],
[
"p",
"ff27d01cb1e56fb58580306c7ba76bb037bf211c5b573c56e4e70ca858755af0",
"",
"mention"
]
],
"content": "For those devs interested in #blossom or the ones who have written other server implementations. I have a PR out that id like to get some thoughts on\nhttps://github.com/hzrd149/blossom/pull/12\nIt changes the requirements for the upload authorization\n\nPreviously the upload auth required a \"size\" tag matching the exact size of the blob\nThis would change it to require an \"x\" tag with a matching sha256 hash\n\nI initially wrote to spec to require a \"size\" tag because I thought it would be difficult for web apps to hash the file before uploading it\nTurns out its not difficult at all https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#basic_example\nAnd id like to correct this issue before any more clients implement blossom\n\nnostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft nostr:npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9 nostr:npub1v0lxxxxutpvrelsksy8cdhgfux9l6a42hsj2qzquu2zk7vc9qnkszrqj49 nostr:npub1lunaq893u4hmtpvqxpk8hfmtkqmm7ggutdtnc4hyuux2skr4ttcqr827lj ",
"sig": "88ac604be93644e6bc73c1243a01b6937b5a8eb5966946266c3989b11eee367a67497b7c5f5b05c07c766c97eaf8c08a16c286036bce716e82513676fa8d87af"
}