From 5fe0f260fec77ebcfb61c20d90252348ec6e900a Mon Sep 17 00:00:00 2001
From: fiatjaf <fiatjaf@gmail.com>
Date: Tue, 7 Nov 2023 17:31:33 -0300
Subject: [PATCH] update khatru and eventstore and add filter restrictions.

---
 go.mod   |  2 +-
 go.sum   |  4 ++--
 main.go  | 11 ++++++++++-
 relay.go | 45 ++++++++++++++++++++++++++++++++++++++++++---
 4 files changed, 55 insertions(+), 7 deletions(-)

diff --git a/go.mod b/go.mod
index 1b7acbb..ee8c75c 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ toolchain go1.21.3
 
 require (
 	github.com/fiatjaf/eventstore v0.2.5
-	github.com/fiatjaf/khatru v0.0.7
+	github.com/fiatjaf/khatru v0.0.8
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/nbd-wtf/go-nostr v0.25.3
 	github.com/nbd-wtf/nostr-sdk v0.0.2
diff --git a/go.sum b/go.sum
index 3d7430e..a195f88 100644
--- a/go.sum
+++ b/go.sum
@@ -64,8 +64,8 @@ github.com/fiatjaf/eventstore v0.2.5 h1:vzXxfDoQ7taNGx8jgCHutAtzkz+36ZcMhKpbW7wt
 github.com/fiatjaf/eventstore v0.2.5/go.mod h1:Zx1XqwICh7RxxKLkgc0aXlVo298ABs4W5awP/1/bYYs=
 github.com/fiatjaf/generic-ristretto v0.0.1 h1:LUJSU87X/QWFsBXTwnH3moFe4N8AjUxT+Rfa0+bo6YM=
 github.com/fiatjaf/generic-ristretto v0.0.1/go.mod h1:cvV6ANHDA/GrfzVrig7N7i6l8CWnkVZvtQ2/wk9DPVE=
-github.com/fiatjaf/khatru v0.0.7 h1:seKyq+/3naI8f2l3mLFCHAjpeQm2Vf30CdHdBFNjHRk=
-github.com/fiatjaf/khatru v0.0.7/go.mod h1:gvfXhDel30t84mkWk5aDwBRD1N8py4RixIwGD0i+LMY=
+github.com/fiatjaf/khatru v0.0.8 h1:YhntzSHm8BB1cnkMiWrVgXVZm9ou9+ajsm2W9inOEeM=
+github.com/fiatjaf/khatru v0.0.8/go.mod h1:gvfXhDel30t84mkWk5aDwBRD1N8py4RixIwGD0i+LMY=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
diff --git a/main.go b/main.go
index ba8d515..a9ad7f9 100644
--- a/main.go
+++ b/main.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/fiatjaf/eventstore/badger"
 	"github.com/fiatjaf/khatru"
+	"github.com/fiatjaf/khatru/plugins"
 	"github.com/kelseyhightower/envconfig"
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/rs/zerolog"
@@ -60,9 +61,17 @@ func main() {
 	relay.DeleteEvent = append(relay.DeleteEvent, db.DeleteEvent)
 	relay.RejectEvent = append(relay.RejectEvent,
 		rejectEventsFromUsersNotInWhitelist,
-		restrictToKinds,
+		plugins.RestrictToSpecifiedKinds(supportedKinds...),
 		validateAndFilterReports,
 	)
+	relay.OverwriteFilter = append(relay.OverwriteFilter,
+		plugins.RemoveAllButKinds(supportedKinds...),
+		removeAuthorsNotWhitelisted,
+	)
+	relay.RejectFilter = append(relay.RejectFilter,
+		plugins.NoSearchQueries,
+		discardFiltersWithTooManyAuthors,
+	)
 
 	// load users registry
 	if err := loadWhitelist(); err != nil {
diff --git a/relay.go b/relay.go
index cfc3ee1..062c941 100644
--- a/relay.go
+++ b/relay.go
@@ -3,7 +3,6 @@ package main
 import (
 	"context"
 
-	"github.com/fiatjaf/khatru/plugins"
 	"github.com/nbd-wtf/go-nostr"
 )
 
@@ -18,8 +17,28 @@ func rejectEventsFromUsersNotInWhitelist(ctx context.Context, event *nostr.Event
 	return true, "not authorized"
 }
 
-var restrictToKinds = plugins.RestrictToSpecifiedKinds(
-	0, 1, 3, 5, 6, 8, 16, 1063, 1985, 9735, 10000, 10001, 10002, 30008, 30009, 30311, 31922, 31923, 31924, 31925)
+var supportedKinds = []uint16{
+	0,
+	1,
+	3,
+	5,
+	6,
+	8,
+	16,
+	1063,
+	1985,
+	9735,
+	10000,
+	10001,
+	10002,
+	30008,
+	30009,
+	30311,
+	31922,
+	31923,
+	31924,
+	31925,
+}
 
 func validateAndFilterReports(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
 	if event.Kind == 1985 {
@@ -41,3 +60,23 @@ func validateAndFilterReports(ctx context.Context, event *nostr.Event) (reject b
 
 	return false, ""
 }
+
+func discardFiltersWithTooManyAuthors(ctx context.Context, filter nostr.Filter) (reject bool, msg string) {
+	if len(filter.Authors) > len(whitelist) {
+		return true, "rejecting query with more authors than we even have in the relay"
+	}
+	return false, ""
+}
+
+func removeAuthorsNotWhitelisted(ctx context.Context, filter *nostr.Filter) {
+	if n := len(filter.Authors); n > 0 {
+		newAuthors := make([]string, 0, n)
+		for i := 0; i < n; i++ {
+			k := filter.Authors[i]
+			if _, ok := whitelist[k]; ok {
+				newAuthors = append(newAuthors, k)
+			}
+		}
+		filter.Authors = newAuthors
+	}
+}