diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-09 07:57:54 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-09 07:57:54 +0000 |
| commit | 7cc5d37cbf4f02f0bb7eee6342dc1ede5a841a7b (patch) | |
| tree | 62d3dcf291a7ca67d18cf397b448fb98d62553ba | |
| parent | 6bc2d70f6dd351521e522cc4d0f1ac188848ad26 (diff) | |
feat: replace owner-npub with relay-owner-nsec for persistent operator identity
Replace the owner-npub configuration option with relay-owner-nsec to provide
a persistent cryptographic identity for the relay operator. This addresses
NIP-42 authentication requirements discovered during sync debugging.
Motivation:
- Some relays (e.g., relay.damus.io) require NIP-42 authentication for
advanced features like NIP-77 negentropy sync
- Previously used random ephemeral keys per connection, providing no
persistent identity
- Other relays can now recognize us by pubkey for reputation-based rate
limiting
- Ensures consistency between NIP-11 pubkey and authentication key
Changes:
- Config: relay_owner_nsec with auto-load/generate from .relay-owner.nsec
- NIP-11: Pubkey derived from nsec instead of separate npub field
- Sync: RelayConnection now uses operator keys for NIP-42 auth
- Docs: Updated README, .env.example, and added .relay-owner.nsec to gitignore
Key Features:
- Auto-generates key on first run and saves to .relay-owner.nsec
- Loads existing key from file on subsequent runs
- Can override via CLI flag or environment variable
- Enables reputation building across relay network
- Future-ready for event signing and WoT calculations
Testing:
- 225/232 tests passing (7 pre-existing purgatory failures unrelated)
- Verified key generation, loading, and NIP-11 derivation
- Release build successful
Related: work/sync-debug-analysis.md, work/relay-owner-nsec-implementation.md
| -rw-r--r-- | .env.example | 14 | ||||
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | README.md | 8 | ||||
| -rw-r--r-- | src/config.rs | 100 | ||||
| -rw-r--r-- | src/http/nip11.rs | 53 | ||||
| -rw-r--r-- | src/sync/mod.rs | 6 | ||||
| -rw-r--r-- | src/sync/relay_connection.rs | 22 |
7 files changed, 139 insertions, 67 deletions
diff --git a/.env.example b/.env.example index 7545d03..95db3c2 100644 --- a/.env.example +++ b/.env.example | |||
| @@ -30,10 +30,16 @@ | |||
| 30 | # RELAY INFORMATION (NIP-11) | 30 | # RELAY INFORMATION (NIP-11) |
| 31 | # ============================================================================ | 31 | # ============================================================================ |
| 32 | 32 | ||
| 33 | # Owner's npub (optional, for relay info in NIP-11) | 33 | # Relay operator's nsec (private key) for signing and authentication |
| 34 | # CLI: --owner-npub <npub> | 34 | # Used for: |
| 35 | # Default: (none) | 35 | # - NIP-11 relay information document (pubkey field derived from this nsec) |
| 36 | # NGIT_OWNER_NPUB=npub1... | 36 | # - NIP-42 authentication when syncing from other relays |
| 37 | # - Future: signing events, WoT-based rate limiting of syncing relays | ||
| 38 | # | ||
| 39 | # CLI: --relay-owner-nsec <nsec> | ||
| 40 | # Default: Loaded from/saved to .relay-owner.nsec file in current directory | ||
| 41 | # If file doesn't exist, a new key is generated and saved automatically | ||
| 42 | # NGIT_RELAY_OWNER_NSEC=nsec1... | ||
| 37 | 43 | ||
| 38 | # Relay name shown in NIP-11 information document | 44 | # Relay name shown in NIP-11 information document |
| 39 | # CLI: --relay-name <name> | 45 | # CLI: --relay-name <name> |
| @@ -13,5 +13,8 @@ work/* | |||
| 13 | .env | 13 | .env |
| 14 | data/ | 14 | data/ |
| 15 | 15 | ||
| 16 | # Relay operator private key (auto-generated if not present) | ||
| 17 | .relay-owner.nsec | ||
| 18 | |||
| 16 | # direnv directory - used by nix | 19 | # direnv directory - used by nix |
| 17 | .direnv \ No newline at end of file | 20 | .direnv \ No newline at end of file |
| @@ -287,10 +287,10 @@ This means CLI flags always take precedence over environment variables, which ta | |||
| 287 | ngit-grasp --help | 287 | ngit-grasp --help |
| 288 | 288 | ||
| 289 | # Run with CLI flags (override everything else) | 289 | # Run with CLI flags (override everything else) |
| 290 | ngit-grasp --domain relay.example.com --owner-npub npub1... --bind-address 0.0.0.0:8080 | 290 | ngit-grasp --domain relay.example.com --relay-owner-nsec nsec1... --bind-address 0.0.0.0:8080 |
| 291 | 291 | ||
| 292 | # Mix CLI flags with environment variables | 292 | # Mix CLI flags with environment variables |
| 293 | NGIT_OWNER_NPUB=npub1... ngit-grasp --domain relay.example.com | 293 | NGIT_RELAY_OWNER_NSEC=nsec1... ngit-grasp --domain relay.example.com |
| 294 | ``` | 294 | ``` |
| 295 | 295 | ||
| 296 | ### Configuration Options | 296 | ### Configuration Options |
| @@ -300,7 +300,7 @@ NGIT_OWNER_NPUB=npub1... ngit-grasp --domain relay.example.com | |||
| 300 | | Option | CLI Flag | Environment Variable | Default | | 300 | | Option | CLI Flag | Environment Variable | Default | |
| 301 | | ----------------- | --------------------- | ------------------------ | -------------------------------------------- | | 301 | | ----------------- | --------------------- | ------------------------ | -------------------------------------------- | |
| 302 | | Domain | `--domain` | `NGIT_DOMAIN` | (required) | | 302 | | Domain | `--domain` | `NGIT_DOMAIN` | (required) | |
| 303 | | Owner npub | `--owner-npub` | `NGIT_OWNER_NPUB` | (optional) | | 303 | | Relay owner nsec | `--relay-owner-nsec` | `NGIT_RELAY_OWNER_NSEC` | `.relay-owner.nsec` file (auto-generated) | |
| 304 | | Relay name | `--relay-name` | `NGIT_RELAY_NAME` | `${domain} grasp relay` | | 304 | | Relay name | `--relay-name` | `NGIT_RELAY_NAME` | `${domain} grasp relay` | |
| 305 | | Relay description | `--relay-description` | `NGIT_RELAY_DESCRIPTION` | `Git Nostr Relay - a grasp implementation` | | 305 | | Relay description | `--relay-description` | `NGIT_RELAY_DESCRIPTION` | `Git Nostr Relay - a grasp implementation` | |
| 306 | | Git data path | `--git-data-path` | `NGIT_GIT_DATA_PATH` | `./data/git` (temp dir for memory backend) | | 306 | | Git data path | `--git-data-path` | `NGIT_GIT_DATA_PATH` | `./data/git` (temp dir for memory backend) | |
| @@ -339,7 +339,7 @@ NGIT_OWNER_NPUB=npub1... ngit-grasp --domain relay.example.com | |||
| 339 | ```bash | 339 | ```bash |
| 340 | # Using environment variables (recommended for production) | 340 | # Using environment variables (recommended for production) |
| 341 | export NGIT_DOMAIN=gitnostr.com | 341 | export NGIT_DOMAIN=gitnostr.com |
| 342 | export NGIT_OWNER_NPUB=npub1... | 342 | export NGIT_RELAY_OWNER_NSEC=nsec1... # Or let it auto-generate from .relay-owner.nsec |
| 343 | export NGIT_BIND_ADDRESS=0.0.0.0:8080 | 343 | export NGIT_BIND_ADDRESS=0.0.0.0:8080 |
| 344 | export NGIT_DATABASE_BACKEND=lmdb | 344 | export NGIT_DATABASE_BACKEND=lmdb |
| 345 | 345 | ||
diff --git a/src/config.rs b/src/config.rs index 94035e4..c4a7b6c 100644 --- a/src/config.rs +++ b/src/config.rs | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | use anyhow::Result; | 1 | use anyhow::{Context, Result}; |
| 2 | use clap::{Parser, ValueEnum}; | 2 | use clap::{Parser, ValueEnum}; |
| 3 | use nostr_sdk::prelude::*; | ||
| 3 | use serde::{Deserialize, Serialize}; | 4 | use serde::{Deserialize, Serialize}; |
| 5 | use std::fs; | ||
| 6 | use std::path::PathBuf; | ||
| 4 | 7 | ||
| 5 | /// Database backend type for the relay | 8 | /// Database backend type for the relay |
| 6 | #[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq, Default, ValueEnum)] | 9 | #[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq, Default, ValueEnum)] |
| @@ -40,9 +43,18 @@ pub struct Config { | |||
| 40 | #[arg(long, env = "NGIT_DOMAIN")] | 43 | #[arg(long, env = "NGIT_DOMAIN")] |
| 41 | pub domain: String, | 44 | pub domain: String, |
| 42 | 45 | ||
| 43 | /// Owner's npub (optional, for relay info in NIP-11) | 46 | /// Relay operator's nsec (private key) for signing and authentication |
| 44 | #[arg(long, env = "NGIT_OWNER_NPUB")] | 47 | /// |
| 45 | pub owner_npub: Option<String>, | 48 | /// Used for: |
| 49 | /// - NIP-11 relay information document (pubkey field derived from this nsec) | ||
| 50 | /// - NIP-42 authentication when syncing from other relays | ||
| 51 | /// - Future: signing events, WoT-based rate limiting of syncing relays | ||
| 52 | /// | ||
| 53 | /// If not provided via CLI/env, will be loaded from/saved to `.relay-owner.nsec` file | ||
| 54 | /// in the current directory. If the file doesn't exist, a new key will be generated | ||
| 55 | /// and saved automatically. | ||
| 56 | #[arg(long, env = "NGIT_RELAY_OWNER_NSEC")] | ||
| 57 | pub relay_owner_nsec: Option<String>, | ||
| 46 | 58 | ||
| 47 | /// Relay name for NIP-11 information document (defaults to "${domain} grasp relay") | 59 | /// Relay name for NIP-11 information document (defaults to "${domain} grasp relay") |
| 48 | #[arg(long = "relay-name", env = "NGIT_RELAY_NAME")] | 60 | #[arg(long = "relay-name", env = "NGIT_RELAY_NAME")] |
| @@ -127,6 +139,9 @@ pub struct Config { | |||
| 127 | } | 139 | } |
| 128 | 140 | ||
| 129 | impl Config { | 141 | impl Config { |
| 142 | /// Path to the relay owner key file | ||
| 143 | const RELAY_OWNER_KEY_FILE: &'static str = ".relay-owner.nsec"; | ||
| 144 | |||
| 130 | /// Load configuration from CLI args, environment variables, and defaults. | 145 | /// Load configuration from CLI args, environment variables, and defaults. |
| 131 | /// | 146 | /// |
| 132 | /// Priority (highest to lowest): | 147 | /// Priority (highest to lowest): |
| @@ -139,11 +154,66 @@ impl Config { | |||
| 139 | dotenvy::dotenv().ok(); | 154 | dotenvy::dotenv().ok(); |
| 140 | 155 | ||
| 141 | // Parse CLI args (clap automatically handles env var fallback) | 156 | // Parse CLI args (clap automatically handles env var fallback) |
| 142 | let config = Self::parse(); | 157 | let mut config = Self::parse(); |
| 158 | |||
| 159 | // If relay_owner_nsec not provided, load from file or generate | ||
| 160 | if config.relay_owner_nsec.is_none() { | ||
| 161 | config.relay_owner_nsec = Some(Self::load_or_generate_relay_owner_key()?); | ||
| 162 | } | ||
| 143 | 163 | ||
| 144 | Ok(config) | 164 | Ok(config) |
| 145 | } | 165 | } |
| 146 | 166 | ||
| 167 | /// Load relay owner key from file, or generate and save a new one | ||
| 168 | fn load_or_generate_relay_owner_key() -> Result<String> { | ||
| 169 | let key_path = PathBuf::from(Self::RELAY_OWNER_KEY_FILE); | ||
| 170 | |||
| 171 | // Try to load existing key | ||
| 172 | if key_path.exists() { | ||
| 173 | let nsec = fs::read_to_string(&key_path) | ||
| 174 | .context("Failed to read relay owner key file")? | ||
| 175 | .trim() | ||
| 176 | .to_string(); | ||
| 177 | |||
| 178 | // Validate it's a valid nsec | ||
| 179 | Keys::parse(&nsec).context("Invalid nsec in relay owner key file")?; | ||
| 180 | |||
| 181 | tracing::info!( | ||
| 182 | "Loaded relay owner key from {}", | ||
| 183 | key_path.display() | ||
| 184 | ); | ||
| 185 | return Ok(nsec); | ||
| 186 | } | ||
| 187 | |||
| 188 | // Generate new key | ||
| 189 | let keys = Keys::generate(); | ||
| 190 | let nsec = keys.secret_key().to_bech32()?; | ||
| 191 | |||
| 192 | // Save to file | ||
| 193 | fs::write(&key_path, &nsec) | ||
| 194 | .context("Failed to write relay owner key file")?; | ||
| 195 | |||
| 196 | tracing::info!( | ||
| 197 | "Generated new relay owner key and saved to {}", | ||
| 198 | key_path.display() | ||
| 199 | ); | ||
| 200 | |||
| 201 | Ok(nsec) | ||
| 202 | } | ||
| 203 | |||
| 204 | /// Get the relay owner's Keys object | ||
| 205 | pub fn relay_owner_keys(&self) -> Result<Keys> { | ||
| 206 | let nsec = self.relay_owner_nsec.as_ref() | ||
| 207 | .context("relay_owner_nsec not set (should be set by Config::load())")?; | ||
| 208 | Keys::parse(nsec).context("Invalid relay_owner_nsec") | ||
| 209 | } | ||
| 210 | |||
| 211 | /// Get the relay owner's public key (npub format) for NIP-11 | ||
| 212 | pub fn relay_owner_npub(&self) -> Result<String> { | ||
| 213 | let keys = self.relay_owner_keys()?; | ||
| 214 | Ok(keys.public_key().to_bech32()?) | ||
| 215 | } | ||
| 216 | |||
| 147 | /// Get relay name (defaults to "${domain} grasp relay" if not set) | 217 | /// Get relay name (defaults to "${domain} grasp relay" if not set) |
| 148 | pub fn relay_name(&self) -> String { | 218 | pub fn relay_name(&self) -> String { |
| 149 | self.relay_name_override | 219 | self.relay_name_override |
| @@ -167,9 +237,13 @@ impl Config { | |||
| 167 | /// Create config for testing | 237 | /// Create config for testing |
| 168 | #[cfg(test)] | 238 | #[cfg(test)] |
| 169 | pub fn for_testing() -> Self { | 239 | pub fn for_testing() -> Self { |
| 240 | // Generate a test key deterministically for consistent tests | ||
| 241 | let keys = Keys::generate(); | ||
| 242 | let nsec = keys.secret_key().to_bech32().expect("Failed to generate test nsec"); | ||
| 243 | |||
| 170 | Self { | 244 | Self { |
| 171 | domain: "localhost:8080".to_string(), | 245 | domain: "localhost:8080".to_string(), |
| 172 | owner_npub: Some("npub1test".to_string()), | 246 | relay_owner_nsec: Some(nsec), |
| 173 | relay_name_override: Some("test relay".to_string()), | 247 | relay_name_override: Some("test relay".to_string()), |
| 174 | relay_description: "test description".to_string(), | 248 | relay_description: "test description".to_string(), |
| 175 | git_data_path: "./test_data/git".to_string(), | 249 | git_data_path: "./test_data/git".to_string(), |
| @@ -256,12 +330,14 @@ mod tests { | |||
| 256 | } | 330 | } |
| 257 | 331 | ||
| 258 | #[test] | 332 | #[test] |
| 259 | fn test_owner_npub_optional() { | 333 | fn test_relay_owner_keys() { |
| 260 | let config = Config { | 334 | let config = Config::for_testing(); |
| 261 | owner_npub: None, | 335 | let keys = config.relay_owner_keys().expect("Should have valid keys"); |
| 262 | ..Config::for_testing() | 336 | let npub = config.relay_owner_npub().expect("Should derive npub"); |
| 263 | }; | 337 | |
| 264 | assert!(config.owner_npub.is_none()); | 338 | // Verify the npub matches the keys |
| 339 | assert_eq!(npub, keys.public_key().to_bech32().unwrap()); | ||
| 340 | assert!(npub.starts_with("npub1")); | ||
| 265 | } | 341 | } |
| 266 | 342 | ||
| 267 | #[test] | 343 | #[test] |
diff --git a/src/http/nip11.rs b/src/http/nip11.rs index 7df8306..cf31cf3 100644 --- a/src/http/nip11.rs +++ b/src/http/nip11.rs | |||
| @@ -59,7 +59,7 @@ impl RelayInformationDocument { | |||
| 59 | Self { | 59 | Self { |
| 60 | name: config.relay_name(), | 60 | name: config.relay_name(), |
| 61 | description: config.relay_description.clone(), | 61 | description: config.relay_description.clone(), |
| 62 | pubkey: config.owner_npub.clone(), | 62 | pubkey: config.relay_owner_npub().ok(), |
| 63 | contact: None, // Could be added to config if needed | 63 | contact: None, // Could be added to config if needed |
| 64 | supported_nips: vec![ | 64 | supported_nips: vec![ |
| 65 | 1, // NIP-01: Basic protocol flow | 65 | 1, // NIP-01: Basic protocol flow |
| @@ -93,30 +93,21 @@ mod tests { | |||
| 93 | 93 | ||
| 94 | #[test] | 94 | #[test] |
| 95 | fn test_relay_information_document_structure() { | 95 | fn test_relay_information_document_structure() { |
| 96 | let config = Config { | 96 | let mut config = Config::for_testing(); |
| 97 | domain: "relay.example.com".to_string(), | 97 | config.domain = "relay.example.com".to_string(); |
| 98 | owner_npub: Some("npub1test".to_string()), | 98 | config.relay_name_override = Some("Test Relay".to_string()); |
| 99 | relay_name_override: Some("Test Relay".to_string()), | 99 | config.relay_description = "A test relay".to_string(); |
| 100 | relay_description: "A test relay".to_string(), | ||
| 101 | git_data_path: "./data/git".to_string(), | ||
| 102 | relay_data_path: "./data/relay".to_string(), | ||
| 103 | bind_address: "127.0.0.1:8080".to_string(), | ||
| 104 | database_backend: crate::config::DatabaseBackend::Memory, | ||
| 105 | metrics_enabled: true, | ||
| 106 | metrics_connection_per_ip_abuse_threshold: 10, | ||
| 107 | metrics_top_n_repos: 10, | ||
| 108 | sync_bootstrap_relay_url: None, | ||
| 109 | sync_max_backoff_secs: 3600, | ||
| 110 | sync_disconnect_check_interval_secs: 60, | ||
| 111 | sync_base_backoff_secs: 5, | ||
| 112 | sync_disable_negentropy: false, | ||
| 113 | }; | ||
| 114 | 100 | ||
| 115 | let doc = RelayInformationDocument::from_config(&config); | 101 | let doc = RelayInformationDocument::from_config(&config); |
| 116 | 102 | ||
| 117 | assert_eq!(doc.name, "Test Relay"); | 103 | assert_eq!(doc.name, "Test Relay"); |
| 118 | assert_eq!(doc.description, "A test relay"); | 104 | assert_eq!(doc.description, "A test relay"); |
| 119 | assert_eq!(doc.pubkey, Some("npub1test".to_string())); | 105 | |
| 106 | // Verify pubkey is present and is a valid npub | ||
| 107 | assert!(doc.pubkey.is_some()); | ||
| 108 | let pubkey = doc.pubkey.unwrap(); | ||
| 109 | assert!(pubkey.starts_with("npub1")); | ||
| 110 | |||
| 120 | assert!(doc.supported_nips.contains(&1)); | 111 | assert!(doc.supported_nips.contains(&1)); |
| 121 | assert!(doc.supported_nips.contains(&11)); | 112 | assert!(doc.supported_nips.contains(&11)); |
| 122 | assert!(doc.supported_nips.contains(&34)); | 113 | assert!(doc.supported_nips.contains(&34)); |
| @@ -132,24 +123,10 @@ mod tests { | |||
| 132 | 123 | ||
| 133 | #[test] | 124 | #[test] |
| 134 | fn test_relay_information_document_json() { | 125 | fn test_relay_information_document_json() { |
| 135 | let config = Config { | 126 | let mut config = Config::for_testing(); |
| 136 | domain: "relay.example.com".to_string(), | 127 | config.domain = "relay.example.com".to_string(); |
| 137 | owner_npub: Some("npub1test".to_string()), | 128 | config.relay_name_override = Some("Test Relay".to_string()); |
| 138 | relay_name_override: Some("Test Relay".to_string()), | 129 | config.relay_description = "A test relay".to_string(); |
| 139 | relay_description: "A test relay".to_string(), | ||
| 140 | git_data_path: "./data/git".to_string(), | ||
| 141 | relay_data_path: "./data/relay".to_string(), | ||
| 142 | bind_address: "127.0.0.1:8080".to_string(), | ||
| 143 | database_backend: crate::config::DatabaseBackend::Memory, | ||
| 144 | metrics_enabled: true, | ||
| 145 | metrics_connection_per_ip_abuse_threshold: 10, | ||
| 146 | metrics_top_n_repos: 10, | ||
| 147 | sync_bootstrap_relay_url: None, | ||
| 148 | sync_max_backoff_secs: 3600, | ||
| 149 | sync_disconnect_check_interval_secs: 60, | ||
| 150 | sync_base_backoff_secs: 5, | ||
| 151 | sync_disable_negentropy: false, | ||
| 152 | }; | ||
| 153 | 130 | ||
| 154 | let doc = RelayInformationDocument::from_config(&config); | 131 | let doc = RelayInformationDocument::from_config(&config); |
| 155 | let json = doc.to_json().expect("Failed to serialize to JSON"); | 132 | let json = doc.to_json().expect("Failed to serialize to JSON"); |
diff --git a/src/sync/mod.rs b/src/sync/mod.rs index 280f857..6da2644 100644 --- a/src/sync/mod.rs +++ b/src/sync/mod.rs | |||
| @@ -1396,8 +1396,12 @@ impl SyncManager { | |||
| 1396 | async fn register_relay(&mut self, relay_url: String) { | 1396 | async fn register_relay(&mut self, relay_url: String) { |
| 1397 | // Create RelayConnection if not exists | 1397 | // Create RelayConnection if not exists |
| 1398 | if !self.connections.contains_key(&relay_url) { | 1398 | if !self.connections.contains_key(&relay_url) { |
| 1399 | // Get relay owner keys for NIP-42 authentication | ||
| 1400 | let keys = self.config.relay_owner_keys() | ||
| 1401 | .expect("relay_owner_keys should be available"); | ||
| 1402 | |||
| 1399 | let connection = | 1403 | let connection = |
| 1400 | RelayConnection::new_with_database(relay_url.clone(), Arc::clone(&self.database)); | 1404 | RelayConnection::new_with_database(relay_url.clone(), Arc::clone(&self.database), keys); |
| 1401 | self.connections.insert(relay_url.clone(), connection); | 1405 | self.connections.insert(relay_url.clone(), connection); |
| 1402 | tracing::debug!(relay = %relay_url, "Registered new relay connection"); | 1406 | tracing::debug!(relay = %relay_url, "Registered new relay connection"); |
| 1403 | } | 1407 | } |
diff --git a/src/sync/relay_connection.rs b/src/sync/relay_connection.rs index 21d864d..d0090c8 100644 --- a/src/sync/relay_connection.rs +++ b/src/sync/relay_connection.rs | |||
| @@ -106,9 +106,10 @@ impl RelayConnection { | |||
| 106 | /// | 106 | /// |
| 107 | /// # Arguments | 107 | /// # Arguments |
| 108 | /// * `url` - The relay URL to connect to (with or without scheme, e.g., "relay.example.com" or "wss://relay.example.com") | 108 | /// * `url` - The relay URL to connect to (with or without scheme, e.g., "relay.example.com" or "wss://relay.example.com") |
| 109 | pub fn new(url: String) -> Self { | 109 | /// * `keys` - Cryptographic keys for NIP-42 authentication (typically the relay operator's keys) |
| 110 | pub fn new(url: String, keys: Keys) -> Self { | ||
| 110 | let normalized_url = Self::normalize_url(&url); | 111 | let normalized_url = Self::normalize_url(&url); |
| 111 | let client = Client::default(); | 112 | let client = Client::new(keys); |
| 112 | Self { | 113 | Self { |
| 113 | url: normalized_url, | 114 | url: normalized_url, |
| 114 | client, | 115 | client, |
| @@ -122,9 +123,10 @@ impl RelayConnection { | |||
| 122 | /// # Arguments | 123 | /// # Arguments |
| 123 | /// * `url` - The relay URL to connect to (with or without scheme, e.g., "relay.example.com" or "wss://relay.example.com") | 124 | /// * `url` - The relay URL to connect to (with or without scheme, e.g., "relay.example.com" or "wss://relay.example.com") |
| 124 | /// * `database` - Shared database for local event comparison during negentropy sync | 125 | /// * `database` - Shared database for local event comparison during negentropy sync |
| 125 | pub fn new_with_database(url: String, database: SharedDatabase) -> Self { | 126 | /// * `keys` - Cryptographic keys for NIP-42 authentication (typically the relay operator's keys) |
| 127 | pub fn new_with_database(url: String, database: SharedDatabase, keys: Keys) -> Self { | ||
| 126 | let normalized_url = Self::normalize_url(&url); | 128 | let normalized_url = Self::normalize_url(&url); |
| 127 | let client = Client::default(); | 129 | let client = Client::new(keys); |
| 128 | Self { | 130 | Self { |
| 129 | url: normalized_url, | 131 | url: normalized_url, |
| 130 | client, | 132 | client, |
| @@ -553,19 +555,22 @@ mod tests { | |||
| 553 | 555 | ||
| 554 | #[test] | 556 | #[test] |
| 555 | fn test_new_normalizes_url() { | 557 | fn test_new_normalizes_url() { |
| 556 | let conn = RelayConnection::new("relay.example.com".to_string()); | 558 | let keys = Keys::generate(); |
| 559 | let conn = RelayConnection::new("relay.example.com".to_string(), keys); | ||
| 557 | assert_eq!(conn.url(), "wss://relay.example.com"); | 560 | assert_eq!(conn.url(), "wss://relay.example.com"); |
| 558 | } | 561 | } |
| 559 | 562 | ||
| 560 | #[test] | 563 | #[test] |
| 561 | fn test_new_preserves_wss_scheme() { | 564 | fn test_new_preserves_wss_scheme() { |
| 562 | let conn = RelayConnection::new("wss://relay.example.com".to_string()); | 565 | let keys = Keys::generate(); |
| 566 | let conn = RelayConnection::new("wss://relay.example.com".to_string(), keys); | ||
| 563 | assert_eq!(conn.url(), "wss://relay.example.com"); | 567 | assert_eq!(conn.url(), "wss://relay.example.com"); |
| 564 | } | 568 | } |
| 565 | 569 | ||
| 566 | #[test] | 570 | #[test] |
| 567 | fn test_new_preserves_ws_scheme() { | 571 | fn test_new_preserves_ws_scheme() { |
| 568 | let conn = RelayConnection::new("ws://relay.example.com".to_string()); | 572 | let keys = Keys::generate(); |
| 573 | let conn = RelayConnection::new("ws://relay.example.com".to_string(), keys); | ||
| 569 | assert_eq!(conn.url(), "ws://relay.example.com"); | 574 | assert_eq!(conn.url(), "ws://relay.example.com"); |
| 570 | } | 575 | } |
| 571 | 576 | ||
| @@ -573,7 +578,8 @@ mod tests { | |||
| 573 | fn test_new_with_database_normalizes_url() { | 578 | fn test_new_with_database_normalizes_url() { |
| 574 | // This test just verifies the URL normalization works | 579 | // This test just verifies the URL normalization works |
| 575 | // We can't easily test with_database without a real database | 580 | // We can't easily test with_database without a real database |
| 576 | let conn = RelayConnection::new("git.shakespeare.diy".to_string()); | 581 | let keys = Keys::generate(); |
| 582 | let conn = RelayConnection::new("git.shakespeare.diy".to_string(), keys); | ||
| 577 | assert_eq!(conn.url(), "wss://git.shakespeare.diy"); | 583 | assert_eq!(conn.url(), "wss://git.shakespeare.diy"); |
| 578 | } | 584 | } |
| 579 | 585 | ||