diff --git a/76.md b/76.md index 10f7cd4d..3a49700c 100644 --- a/76.md +++ b/76.md @@ -12,26 +12,28 @@ Events with an `rp` or `prp` require AUTH to be downloaded. ## Read Permission -The `rp` tag accepts a list of pubkeys +The `rp` tag takes a pubkey. Multiple `rp` tags represent a logical OR. ```json -["rp", "<pubkey1>", "<pubkey2>", "<pubkey3>"] +["rp", "<pubkey1>"] +["rp", "<pubkey2>"] +["rp", "<pubkey3>"] ``` Relays MUST check if the authed user is one of the keys in the `rp` before sending the event to the client. ## Probabilistic Read Permissions -Probabilistic permissions use bloom filters that include a set of pubkeys. They are represented by a colon-separated value with: -1. the size of the bit array +Probabilistic permissions use bloom filters of a set of authorized pubkeys. They are represented by a colon-separated value with: +1. the number of bits in the bit array 2. the number of hashing rounds used by the filter 3. the bit array in Base64. ```json -["prp", "<BitArray Size>:<Rounds>:<base64>"] +["prp", "<bits>:<rounds>:<base64>"] ``` -Bloom filters MUST use `SHA-256` functions of the key + iterating index as the pseudocode below: +Bloom filters MUST use `SHA256` functions of the key + iterating index as the pseudocode below demonstrates: ```js class BloomFilter(size: Int, rounds: Int, buffer: ByteArray) { @@ -74,6 +76,8 @@ class BloomFilter(size: Int, rounds: Int, buffer: ByteArray) { Relays MUST check if the authed user is in the filter before returning the event. +Multiple `prp` tags represent a logical OR. + ### Test cases The filter below has 100 bits, with 10 rounds of hashes that should be able to match 10,000,000 keys without a single false positive.