Oddbean new post about login | logout I think we’ve waited long enough on this one. I’ll be rolling this out shortly. Please note this means 🍷 filter.nostr.wine will no longer work on Primal or any other client that does not support NIP-42. nostr:note1mfuywzsgeamkezufp4ys4sdv03zg8fge06ka9stwu6ne9fper5nqwrddx4
Update: filter(.)nostr(.)wine will no longer work on Primal or any other client that does not support NIP-42 #cybersecgirl #nostrwine nostr:nevent1qqs8fltwnvn9d6arz8vyyt7k6wy90sn75ysvkmt63le4sv3zlu5t8uspr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmqzyq7cg2h7e40zj0egke38jvmsfglm3ns4825367g2ky0k5afdgjjz6qcyqqqqqqg328u9p
What is NIP-42 AUTH?
https://github.com/nostr-protocol/nips/blob/master/42.md
If I understood what I read. This is an authentication layer for the websocket subscription filter? So for example, instead of giving everyone access to pull DMs, you only serve the DMs to their owners after they prove they are the owners. That’s nice. Any downsides to this?
That’s exactly it! We already use this on nostr.wine to protect your DM metadata. When you try to request a DM from nostr.wine, we send an AUTH challenge through the socket. Your client signs and returns the challenge so that we know who is making the request. We user this information to only allow the sender or receiver to request DMs. There main downside is decreased privacy from the relay operator as it becomes easier to associate REQs with a pubkey (though it can be done without AUTH anyway).
We hate to break interoperability anywhere, but the abuse has simply gotten too bad to not enforce AUTH. Private-to-read relays are an important part of the future nostr ecosystem and lack of/poor client authentication support is holding this back.
Damus, Amethyst, Nostur and Snort. I think there are more as well…
amethyst and snort on my phone, gonna see if this works
amethyst is definitely not... my relay is sending out auths and gets silence in return i think that a lot of people have been kicking this can for way too long, i was already fed up 3 months ago
Not sure - Amethyst has always worked well with all of our relays including inbox.nostr.wine which has the most restrictive access control.
ok, i'm gonna fully test and fix my relay so it also works now... coracle is definitely 100% functional... the problems i was having before were my bugs
Ah, ya was gonna say, coracle sends the auth everytime in my testing, very promptly.. not sure about others yet.
yep, i've just patched my code to work properly now also... literally just never had a proper thing to test it with before, kudos to nostr:nprofile1qyd8wumn8ghj7urewfsk66ty9enxjct5dfskvtnrdakj7qguwaehxw309a5x7ervvfhkgtnrdaexzcmvv5h8gmm0d3ej7qgnwaehxw309ac82unsd3jhqct89ejhxtcpzemhxue69uhk2er9dchxummnw3ezumrpdejz7qpqjlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3q3snygq for being one of the early implementoors
i'm not getting auth out of my android amethyst... coracle is working perfectly, sometimes a bit slow when the page is refreshed at first, the relay is requiring auth immediately upon connection, but it sorta looks like it only auths correctly after receiving an envelope
amethyst is definitely not... my relay is sending out auths and gets silence in return i think that a lot of people have been kicking this can for way too long, i was already fed up 3 months ago
Not sure - Amethyst has always worked well with all of our relays including inbox.nostr.wine which has the most restrictive access control.
ok, i'm gonna fully test and fix my relay so it also works now... coracle is definitely 100% functional... the problems i was having before were my bugs
Ah, ya was gonna say, coracle sends the auth everytime in my testing, very promptly.. not sure about others yet.
yep, i've just patched my code to work properly now also... literally just never had a proper thing to test it with before, kudos to nostr:nprofile1qyd8wumn8ghj7urewfsk66ty9enxjct5dfskvtnrdakj7qguwaehxw309a5x7ervvfhkgtnrdaexzcmvv5h8gmm0d3ej7qgnwaehxw309ac82unsd3jhqct89ejhxtcpzemhxue69uhk2er9dchxummnw3ezumrpdejz7qpqjlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3q3snygq for being one of the early implementoors
i'm not getting auth out of my android amethyst... coracle is working perfectly, sometimes a bit slow when the page is refreshed at first, the relay is requiring auth immediately upon connection, but it sorta looks like it only auths correctly after receiving an envelope