Client code can always be bypassed. If were talking hiding content from dirty relays for the majority of users yeah I this would be pretty useful! In the case of aedile, we maybe could add a toolkit/utility that can filter this content if it's fetched from a dirty relay. I don't recommend opinionated libraries so I think it should be left up to the application builder to decide how they want to handle this because csam stuff casts a wide net that is constantly expanding. 

I've been thinking of the architecture more and how we might be able to implement a "pluggable" event filtering system which I think would be pretty neat, kind of similar to how Grain's kind handlers are implemented. 

 Say more about pluggable events 👀 

 An event data validator? 

 Could it be both for clients and for relays? 

 Well, I suppose those would be two different functions receiving the data, but couldn't we create an event validator system that could be customized? Like symfony has?

I think one of the other NDKs did something like that, but on a simpler/smaller scope. 

 I agree that it should be voluntary, but it seems like a core-library-level function that we should be offering in our NDK package, even if it's a separate repo/tool.

It's data validation will be beyond the abilities of many people using our NDK to build. You see how many apps just accept any garbage. 

 Totally cool with that yeah, just having tools available for developers to choose to filter/moderate content within their clients to offer some protection from rogue relays. I kind of like that too I suppose. It gives client devs the ability to pass that power to the user if they choose.