https://i.nostr.build/VYBoGHPweH754PZc.gif
The results of the NIP17 test are in 🔥
Out of the 5 nostriches that were able to send a nip17 DM, *none had a kind 10050 event posted. Kind 10050 for those that don't know, is the private inbox relay list. In the NIP17, it does specify this Must be present or clients should not attempt nip17. However, amethyst, coracle and 0xChat will attempt this anyway if you force the option.
With this in mind, one set of bugs I can file is related to 10050 lists not being published by: coracle, 0xChat. While these apps support NIP17 they do not yet publish these events and therefor cannot really be said to support it fully. These are actually already bugs that I have notified the authors of these apps about, 0xChat via. github, and Coracle via DM (and will post to github). The other amethyst users had simply been confused as to what to put in the private inbox relay setting and therefor had left it blank.
The other bug is out of the two nostriches that used 0xChat, only one was able to see my replies there, the other one had to switch to amethyst to see them. This will be added to the 0xChat bug report.
Out of the 5 nostriches that sent me DMs, we were able to upgrade all 5 to a NIP17 conversation by using the force option. These messages successfully PING/PONGd. Later on, the messages that I sent out, half of them disappeared from amethyst.. The reason I suspect is amethyst does not know where to go find them (as it likely sent them to all the general relays, because of the empty 10050). This is not a bug I can file, as we are outside the spec of NIP17.
One user attempted primal, but primal does not support NIP17 yet. That would be so cool if they did though!
In summary, NIP17 requires private inbox relays to be set, or further testing is not possible. Three of the five testers have now published a 10050.
If you want to add a private inbox relay, you can use this one that I have setup wss://auth.nostr1.com -OR- you can use ANY relay. This relay is hardened with more security for your DMs but NIP17 does not *require that. It only recommends it.
Thank you all testers! I will be zapping you 2100 sats for this attempt. Testing nostr is V4V at it's finest and I appreciate your contributions.
cc nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug nostr:nprofile1qqs84k6jpsav0jmdeqjn2zxlpnsajaw6f8l0m2d4e9t8gjsyn53s4nspzemhxue69uhhyetvv9ujuvrcvd5xzapwvdhk6qg5waehxw309aex2mrp0yhxgctdw4eju6t0qyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueq9vuy3v you may find this useful.
Did you had a 10050 event listed when you noticed that your messages dissapeared?
If Amethyst knows your 10050, it knows where to get them from, so they should never disappear, regarless of now your friend has set up their lists. 🤔
True, I did have a 10050 yes, I have noticed this disappearance a few times now.. I wonder if amethyst is not setting filters long enough or if it's related to created-at somehow. Because the relay logs I've seen it doesn't look like it attempted to fetch them.. then later it does.
Actually, the reason I had assumed, was because when I send one to someone without a 10050, doesn't that just go to the general relays? Ie, it doesn't land on my inbox because it's an outbound DM.. ?
It goes for the p-tag of that user. For wraps to yourself, it should send to your 10050
hum... have you checked why auth.nostr1.com doesn't reply with OK when sending an event? The event is there, but it doesn't reply to the insert command. 🤔
It should be.. hmmm 🤔 what's the specific flow here just connect, perform with, get the auth ok and send?
send a new giftwrap DM and the relay doesn't reply :(
So, kind 1059? The relay doesn't accept kind 1.. hm, I wonder how I can reproduce.. I have nak.. I need to be able to giftwrap tho and see the resp.. are you just using logcat?
On the relay side, the flow is as follows:
On connect, immediate send auth challenge. Go into a loop, for any event, req send ok=false and close and additional auth challenge until a successful auth is received. Then send ok to the auth, and any subsequent auths. Then pass the next messages to strfry which should respond ok (unless you disco too fast)
do you have amethyst? just add auth to the Private DM relays and see how no auth icon comes back after sending a GiftWrap to yourself. The relay has the event, but it doesn't reply with OK)
What do you mean by auth icon? Yes I test a lot with amethyst..
If you use the Complete UI mode, each chat bubble shows the relay icons in the bottom row.
I'll try to DM u now..
Oh wait, that icon is inbox.nostr.wine? Wtf.. 🤔
Hey nostr:nprofile1qqswuyd9ml6qcxd92h6pleptfrcqucvvjy39vg4wx7mv9wm8kakyujgpypmhxue69uhkx6r0wf6hxtndd94k2erfd3nk2u3wvdhk6w35xs6z7qgwwaehxw309ahx7uewd3hkctcpypmhxue69uhkummnw3ezuetfde6kuer6wasku7nfvuh8xurpvdjj7a0nq40 during our testing, did you get OK messages from nip17 giftwraps on auth.nostr1.com? Vitor says amethyst isn't getting em.. but I'm pretty sure I'm sending em.. 🤔
I don't remember. I could put a giftwrap there and check, I think I'll need to write some code for that though.
Does your relay tester test for stuff like this? Man, ya I am struggle with this, I keep trying clients but not many have this auth. Afaik I'm the only one to opensource a nip42 proxy with all this DM protection stuff..
other than go-nostr, which has nip-42 code in it, but idk if fiatjaf ever put it into use because i had to add it to my code, library was there but it took me a little bit to figure out when to prompt it and how to handle timeouts and stuff
Yea run my relay tester.
I'm writing the tool to create and post the giftwrap from the command line, that will be here shortly.
Ok I'm getting an error when I post a giftwrap. First, it is giving me AUTH twice (not an error but odd) then it appears to be sending false, but as a string.
Hmm ok, maybe I screwed up the false thing.. remember I 'fixed' that so it would send false to any events pre-auth..
It sends a new auth each time it gets a non-auth response (like event or request) as per the spec.. so then clients usually send back multiple responses .. 🤦♂️ afaik that's the norm..
it should only do that once for each new socket connection, which should stay open for multiple requests - this depends on how the client is written though
would make life a lot easier if the relay also had a multiplexed socket, one auth, many client worker threads no problem
The spec said send false or close and another auth challenge, unless I read it wrong. The very first thing I send is auth but clients usually connect and send before checking.. I could modify to just do one auth challenge ya..
send ["OK",false,"auth-required: blah"] should be enough, i forget exactly, but the client has to expect that and queue the request to send it out after doing the auth and getting the OK true
i forget how the CLOSE envelope plays into it, but i do know that replicatr does it correctly, lemme dig it up...
no, it's CLOSED envelope:
https://github.com/Hubmakerlabs/replicatr/blob/main/app/auth.go
and then after that you send the AUTH envelope with the challenge to the client
and here is my client side code, this shoud help the client devs a bit at least:
this is a simple auth tester:
https://github.com/Hubmakerlabs/replicatr/blob/main/cmd/authr/authr.go
this shows how it's used in a client (this one can auth to two relays and pull from one and push to the other):
https://github.com/Hubmakerlabs/replicatr/blob/main/cmd/ingestr/app/ingest.go
of course nobody pays attention to me, but i've actually written both sides of it, fiatjaf wrote some fragments of parts of it but i wasn't able to find anything that actually demonstrated how to string it together
yes, this works with coracle btw on the client side
hell, replicatr works perfectly as a relay except after about 24 hours it has some weird resource leak that eats CPU that's why it isn't in production
if you can find it and fix it i'll pay a reasonable amount of sats for doing it, it's embarrassing that i couldn't find that bastard thing... it's instrumented with profiling and runtime configuration settings and everything, drove me nuts
most likely i made the bug, also, but probably thanks to how convoluted fiatjaf's goroutine spawning is written
I am pretty sure auth is working I tested with a bunch of clients and use it with ndk, but the mystery of the giftwraps. I tried your tool, it has mleku.net deps still lingering I can't build it.
ah crap, i better fix that tomorrow
not sure why you aren't getting them from the go module proxy cache tho
yeah, tomorrow...
i'm currently working on a count encoder that appends to a buffer you pass it so you can reuse the buffer
i'm getting that done now btw, just running tests after moving all the required content into place so it's a monorepo then i'll check that everything in cmd and the root build correctly also, won't be long (one of the tests runs for a while haha)
it's done btw, you should now be able to do like
go install github.com/Hubmakerlabs/replicatr/cmd/ingestr
and have it pull and build it, anyhow, it's there, i needed to fix it, i forgot it was totally broken
go install github.com/Hubmakerlabs/replicatr/cmd/ingestr@latest
lol
go install github.com/Hubmakerlabs/replicatr/cmd/ingestr@v1.2.17
better still, that is the actually what i just built now
me@iox:/src/github.com/Hubmakerlabs/replicatr$ ingestr
Usage: ingestr [--nsec NSEC] [--since SINCE] [--limit LIMIT] [--interval INTERVAL] [--pause PAUSE] [--follows FOLLOWS] DOWNLOADRELAY UPLOADRELAY
error: downloadrelay is required
Thanks man, ya I found my bug. String instead of bool. 🤦♂️
i saw that, was just thinking maybe something in that stuff might have helped with the auth flow is all
Yeah it isn't a problem. I just noticed it in the output.
Yeah, false is correct since I hadn't AUTHed yet, but false as a string crashes my testing client which cannot deserialize the json.
Ah, so maybe my false response is malformed then? I will re-read the nip again..
I am basically hand crafting these responses according to the nip examples
see my response, i wrote all this stuff, i know it works, it auths on nostrudel and coracle, just the damn resource bug
it's at https://github.com/Hubmakerlabs/replicatr in cmd/ingestr for client side, anyway, just check my other note
here: nostr:nevent1qvzqqqqqqypzqnyqqft6tz9g9pyaqjvp0s4a4tvcfvj6gkke7mddvmj86w68uwe0qqszeyrlj2mcvggjzp2y9np52eyq4yjxu09wzzyret7zvqxskflcthsv9prp8
just to repeat, replicatr is not ok for production, it has a resource leak bug that i couldn't squash in a month of hunting it
I will need to fire up mitmproxy to see the traffic on the wire. As far as i can tell, the code is supposed to be sending false like this
falseString := fmt.Sprintf(`["OK","%s","false","auth-required: you must auth"]`, event.ID)
Of course, my own client doesn't send an event pre auth, so I would need one that does and inspect it's traffic. 😂 also nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug said he may have found a problem in amethyst where it wasn't retrying the event when it received a pre-auth "false". So...
I still will try your tool at your leisure man, thanks for the halp! 💎
https://github.com/Hubmakerlabs/replicatr this should build for you now, i pulled in all those dependencies and made it a monorepo
was pretty funny running it again... had all the configurations and a database already sitting on my disk and just fires right up
anyhow, please reply if you get any errors with it now, i'm pretty sure i didn't exclude anything in the allowlist .gitignore but i buggered up the precomps in my revised embed version elsewhere
(yeah, this whole mess happened because i kept getting git bugs and gave up self hosting after i had mleku.net/reponame as i wanted using legit but gd fkn git buggerization, haven't heard from the legit dev yet about a fix on it i filed an issue)
Ohhhh dude, I get what you mean now.. the relay tester wants a Boolean and I am sending a string 🤦♂️🤦♂️🤦♂️ big whoops, I forgot json had boolean. Ok I will fix this.
Hey Mike, ya the relay tester was right. I deployed a fix to change the string to bool and the auth test proceeded. Whew, relay tester ftw!! 💎
did you verify that it is a "CLOSED" envelope its supposed to send first then "AUTH" with challenge after? (and expect an AUTH with signed event containing challenge... in the content field??? i think? no, i think in the tag after "challenge")
nostr.wine has auth with DM protection if I remember correctly @Mazin
Thanks, 10050 will be supported in our next update, along with DM bug fixes.
Cc nostr:nprofile1qqsdv8emcke7k3qqaldwv956tstu40ejg663gdsaayuuujs6pknw7jspp4mhxue69uhkummn9ekx7mqpr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmqpzfmhxue69uhhqatjwpkx2urpvuhx2uc86mqq0 any plans to support NiP17 with primal? Would be so awesome 🔥