From 8a97fc0394a4315b09337d4b66f48c30c86eda5d Mon Sep 17 00:00:00 2001 From: 2ro <17595647+2ro@users.noreply.github.com> Date: Thu, 2 Jul 2026 22:19:36 -0400 Subject: [PATCH] floonet-rs: whitelist the marketplace kind set Extend the default-deny admission whitelist from the Goblin-wallet-only kinds to the union with Magick Market so one relay serves both apps, matching floonet-strfry. Adds 1 note, 7 reaction, 14/16/17 order+receipt (Gamma), 1111 comment, 10000 mute/blacklist, 24133 remote signing, 30000/30003 NIP-51 sets, 30078 app data, 30402/30405/30406 listing/collection/shipping, 31990 handler info. Keeps the Goblin base including 13 seal and 27235 NIP-98. DEFAULT_ALLOWED_KINDS, config.toml, and tests updated together. --- config.toml | 30 +++++++++++++++++++++--------- src/admission.rs | 30 +++++++++++++++++++++--------- tests/whitelist.rs | 6 +++--- 3 files changed, 45 insertions(+), 21 deletions(-) diff --git a/config.toml b/config.toml index f0ee483..26f98ed 100644 --- a/config.toml +++ b/config.toml @@ -84,17 +84,29 @@ subscriptions_per_min = 30 # THE KEYSTONE: default-deny event kind whitelist. The relay accepts # ONLY these kinds and rejects everything else. Removing the line # entirely keeps this exact built-in set (never allow-all); an empty -# list denies everything. +# list denies everything. The set is the union of the two apps this +# relay serves (Goblin wallet + Magick Market marketplace). # -# 0 profile metadata -# 3 contacts -# 5 delete (NIP-09) -# 13 seal +# Goblin wallet: +# 0 profile metadata 10002 relay list (NIP-65) +# 3 contacts 10050 DM relays (NIP-17) +# 5 delete (NIP-09) 27235 HTTP auth (NIP-98, name authority) +# 13 seal (NIP-59) # 1059 gift wrap (NIP-59) -# 10002 relay list (NIP-65) -# 10050 DM relays (NIP-17) -# 27235 HTTP auth (NIP-98, used by the name authority) -event_kind_allowlist = [0, 3, 5, 13, 1059, 10002, 10050, 27235] +# +# Magick Market marketplace: +# 1 text note (NIP-01) 30000 people set (NIP-51) +# 7 reaction (NIP-25) 30003 bookmark set (NIP-51) +# 14 order chat (Gamma) 30078 app data: cart/prefs (NIP-78) +# 16 order status (Gamma) 30402 product listing (NIP-99) +# 17 payment receipt (Gamma) 30405 product collection (Gamma) +# 1111 comment (NIP-22) 30406 shipping option (Gamma) +# 10000 mute/blacklist (NIP-51) 31990 handler info (NIP-89) +# 24133 remote signing (NIP-46) +event_kind_allowlist = [ + 0, 1, 3, 5, 7, 13, 14, 16, 17, 1059, 1111, 10000, 10002, 10050, 24133, + 27235, 30000, 30003, 30078, 30402, 30405, 30406, 31990, +] # Rejects imprecise requests (kind-only or author-only scrapes). limit_scrapers = false diff --git a/src/admission.rs b/src/admission.rs index a9db663..f42b5bc 100644 --- a/src/admission.rs +++ b/src/admission.rs @@ -16,11 +16,23 @@ use crate::config::Settings; use crate::event::Event; /// The Floonet default kind whitelist, applied when the operator has not -/// configured `event_kind_allowlist` explicitly. Kinds: -/// 0 profile metadata, 3 contacts, 5 delete (NIP-09), 13 seal, -/// 1059 gift wrap (NIP-59), 10002 relay list (NIP-65), -/// 10050 DM relays (NIP-17), 27235 NIP-98 HTTP auth. -pub const DEFAULT_ALLOWED_KINDS: [u64; 8] = [0, 3, 5, 13, 1059, 10002, 10050, 27235]; +/// configured `event_kind_allowlist` explicitly. It is the union of the two +/// apps this relay serves (default-deny for everything else). +/// +/// Goblin wallet: 0 profile, 3 contacts, 5 delete (NIP-09), 13 seal (NIP-59), +/// 1059 gift wrap (NIP-59), 10002 relay list (NIP-65), 10050 DM relays +/// (NIP-17), 27235 NIP-98 HTTP auth (name authority). +/// +/// Magick Market: 1 text note, 7 reaction (NIP-25), 14 order chat, 16 order +/// status, 17 payment receipt (Gamma), 1111 comment (NIP-22), 10000 +/// mute/blacklist, 30000 people set, 30003 bookmark set (NIP-51), 30078 app +/// data (NIP-78), 30402 product listing (NIP-99), 30405 product collection, +/// 30406 shipping option (Gamma), 31990 handler info (NIP-89), 24133 remote +/// signing (NIP-46). +pub const DEFAULT_ALLOWED_KINDS: [u64; 23] = [ + 0, 1, 3, 5, 7, 13, 14, 16, 17, 1059, 1111, 10000, 10002, 10050, 24133, + 27235, 30000, 30003, 30078, 30402, 30405, 30406, 31990, +]; /// Outcome of an admission check. #[derive(Debug, Clone, PartialEq, Eq)] @@ -186,8 +198,8 @@ mod tests { #[test] fn default_whitelist_rejects_disallowed_kinds() { let admission = Admission::from_settings(&floonet_settings()); - // kind 1 (short text note) and other common kinds are NOT accepted. - for kind in [1u64, 4, 6, 7, 42, 1984, 9735, 30023] { + // Common kinds outside the two-app whitelist are NOT accepted. + for kind in [4u64, 6, 42, 1984, 9735, 25910, 30017, 30018, 30023] { match admission.check(&event_of_kind(kind), None) { Decision::Deny { auth_required, .. } => { assert!(!auth_required, "kind rejection is not an auth issue"); @@ -203,7 +215,7 @@ mod tests { settings.limits.event_kind_allowlist = None; let admission = Admission::from_settings(&settings); assert_eq!(admission.check(&event_of_kind(1059), None), Decision::Allow); - assert_ne!(admission.check(&event_of_kind(1), None), Decision::Allow); + assert_ne!(admission.check(&event_of_kind(30023), None), Decision::Allow); } #[test] @@ -272,7 +284,7 @@ mod tests { settings.authorization.nip42_auth = true; settings.authorization.require_auth_to_write = true; let admission = Admission::from_settings(&settings); - match admission.check(&event_of_kind(1), None) { + match admission.check(&event_of_kind(30023), None) { Decision::Deny { auth_required, .. } => { assert!(!auth_required, "disallowed kind must not leak auth hints"); } diff --git a/tests/whitelist.rs b/tests/whitelist.rs index c2fd741..98c8fb5 100644 --- a/tests/whitelist.rs +++ b/tests/whitelist.rs @@ -66,13 +66,13 @@ async fn whitelist_accepts_allowed_kind_and_rejects_disallowed() -> Result<()> { let relay = common::start_relay()?; common::wait_for_healthy_relay(&relay).await?; - // Kind 1 (short text note) is NOT in the Floonet whitelist: rejected. - let (msg, id) = signed_event(1, "hello world"); + // Kind 30023 (long-form article) is NOT in the Floonet whitelist: rejected. + let (msg, id) = signed_event(30023, "hello world"); let ok = publish_and_get_ok(relay.port, &msg, &id).await?; assert_eq!( ok.get(2).and_then(Value::as_bool), Some(false), - "kind 1 must be rejected: {ok}" + "kind 30023 must be rejected: {ok}" ); let reason = ok.get(3).and_then(Value::as_str).unwrap_or_default(); assert!(