Commit Graph

2 Commits

Author SHA1 Message Date
2ro b35ddb29d3 scripts: smoke test covers gift wraps and long-form (4 checks)
Extend smoke_test_lockdown.py from two checks to four, all signed by one
throwaway unauthorized key:

  kind 1     text note          -> BLOCKED  (lockdown)
  kind 0     profile            -> ACCEPTED (profiles stay open)
  kind 1059  gift wrap          -> ACCEPTED (money path ungated; p-tag a
                                   random recipient, opaque base64 content)
  kind 30023 long-form article  -> BLOCKED  (lockdown)

Prints all four results; RESULT: PASS and exit 0 only if every expectation
holds, nonzero otherwise. Verified offline end to end against a local mock
relay driven by the real plugin decide() (PASS) and against an accept-all
relay (FAIL, exit 1).
2026-07-04 20:07:15 -04:00
2ro 65ec8fcef2 relay: lock public notes (kinds 1, 30023) to operator-authorized authors
Public-note kinds are now accepted only from an operator-configured list of
author pubkeys (FLOONET_AUTHORIZED_AUTHORS, hex or npub). Closed by default:
with no authors set, kinds 1 and 30023 are rejected for everyone, so random
notes cannot be spammed to the relay. Every other kind is unaffected and
kind 0 profiles stay open.

- add 30023 (long-form article) to the default kind whitelist
- check_authorized_authors runs right after check_kind; LOCKED_KINDS {1,30023}
- pure-python bech32 npub decoder (no new deps); invalid entries logged/skipped
- load_config also reads a KEY=VALUE floonet.env next to the plugin
  (FLOONET_ENV_FILE), env vars win, so config changes need no container
  recreate; strfry reloads the plugin on mtime change (no restart)
- extend test_policy.py (32 tests green)
- scripts/purge_public_notes.sh (dry-run default) to clean pre-existing notes
- scripts/smoke_test_lockdown.py post-deploy check
- README + .env.example config docs
2026-07-04 19:58:31 -04:00