Req message validation #195
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ReqMessage subscriptionId, added 0 < #characters < 65 string length constraint NostrUtil, added hexString validations: - non-null - 128-character string length for Signature/SignatureDeserializer - 64-character string length for all others - (lower)case-sensitive JsonParseTest methods for the above JsonParseTest removed EVENT JSON id
|
Hi Nick, I have been busy lately but will merge this in the coming days. |
|
hi, eric. thx for heads up & no rush here, pls lmk if any questions/issues/etc. in the meanwhile, adding SC NIP-09 (deletion events) support as i noticed you've implemented it in nostr-java along with an integration test- which, for the moment- will fail if/when running against SC. will keep you posted when it's available. |
tcheeric
approved these changes
Feb 15, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
hi, eric. REQ message filter/json (plus GenericEvent & PublicKey) validations per NIP-01 specification have been implemented and tested in this PR (with following synopsis for reference) and a note for you at bottom re: NIP-04.
pls advise if any issues i've overlooked/mis-implemented per your understanding/etc.
"ids": , 32-bytes lowercase hex
implementation in:
GenericEvent.setId(), calls HexStringValidator.validateHex()tested in:
JsonParseTest.testReqMessageFilterIdLength()"authors": , 32-bytes lowercase hex
implementation in:
PublicKey(String hexPubKey) calls NostrUtil.hexToBytes(), calls HexStringValidator.validateHex()tested in:
BaseKeyTest.java
"kinds": , integer between 0 and 65535
implementation in:
Kind.valueOf()tested
JsonParseTest.testBaseMessageDecoderKind()"#<single-letter (a-zA-Z)>": <a list of tag values, for #e — a list of event ids, for #p — a list of pubkeys, etc.>,
implementation in:
GenericEvent.setId() calls HexStringValidator.validateHex()PublicKey(String hexPubKey) calls NostrUtil.hexToBytes(), calls HexStringValidator.validateHex()tested in:
JsonParseTest.testReqMessageDecoderETag()JsonParseTest.testReqMessageDecoderPTag()"since": = to this to pass>,
implemented in:
Filters.setSince()tested in:
JsonParseTest.testReqMessageFilterSince()"until": <an integer unix timestamp in seconds. Events must have a created_at <= to this to pass>,
implemented in
Filters.setUntil()tested
JsonParseTest.testReqMessageFilterUntil()"limit":
<subscription_id> non-empty string of max length 64 chars.
implemented in:
ReqMessage ctor(), line 42tested
JsonParseTest.testReqMessageSubscriptionIdLength()not surprisingly, introduction of validations uncovered a few existing/minor issues related to NIP-01 hex-string length requirements. i've fixed the few obvious ones, however, two still exist related to NIP-04, likely ideally addressed by @tcheeric's domain-expertise in this area.
they are readily visible upon running test suite for this branch, reporting incorrect hex-string length error messages that should be a helpful starting point: