Oddbean

▲ ▼

 What relays actually send AUTH requests in practice and why?

▲ ▼

 We use AUTH on many of our relays for different reasons.

nostr.wine - AUTH only for kind 4 REQs to protect DM metadata

filter.nostr.wine - paid proxy relay service, AUTH on connect for access control

creatr.nostr.wine - patreon relay with granular event access control, AUTH on connect

inbox.nostr.wine - special purpose access control relay for DMs, giftwraps, and NWC events. AUTH on any REQ. Events can be sent without AUTH as long as the tagged pubkey has a registered inbox.

▲ ▼

 Do you do the CLOSED+auth-required flow on all of these?

▲ ▼

Yes

▲ ▼

 Well, for bouncer it's sort of similiar like how most server use HTTP AUTH function: Login into the private bouncer and use it alone

▲ ▼

 there's no way to auth up the line tho

▲ ▼

 My relay only send an AUTH request once when establishing a connection with the client because I assume the client will store the challenge.

▲ ▼

 The subsequent events sent to the client will filter out kind4 events that are unrelated to the user.

▲ ▼

 Thank you.

▲ ▼

 my relay does because it’s only intended to be used by me. 

https://github.com/bndw/nostr-relay-proxy

▲ ▼

 That's a good reason.

▲ ▼

 I'm building a proxy for relays that does that in order to ask for sats as collateral to enforce its ToS.

▲ ▼

 i already suggested removing the requirement of the relay tag...

i still stand by that idea, there is nothing more than time and signatures that matter for auth, party is not relevant, and this requirement makes it difficult to enable relay proxying

but then again you can always run a wireguard connection, just it affects all your network, and then you have fun with cloudflare on a regular basis

▲ ▼

 I have different auth flows for different relays. Nostr.wine doesn’t AUTH until the client makes a REQ that requires it. It sends CLOSED with auth-required to that REQ.

Filter.nostr.wine just sends an AUTH on connect. If you ignore it and send REQs it returns CLOSED+auth-required.