nips/70.md
2024-12-09 10:16:36 -03:00

3.7 KiB

NIP-70

Protected Events

draft optional

When the "-" tag is present, that means the event is "protected".

A protected event is an event that can only be published to relays by its author. This is achieved by relays ensuring that the author is authenticated before publishing their own events or by just rejecting events with ["-"] outright.

The default behavior of a relay MUST be to reject any event that contains ["-"].

Relays that want to accept such events MUST first require that the client perform the NIP-42 AUTH flow and then check if the authenticated client has the same pubkey as the event being published and only accept the event in that case.

The tag

The tag is a simple tag with a single item: ["-"]. It may be added to any event. It should be added to replaceable and addressable events, except for the kind:10002 one.

Example flow

  • User 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 connects to relay wss://example.com:
/* client: */
["EVENT",{"id":"cb8feca582979d91fe90455867b34dbf4d65e4b86e86b3c68c368ca9f9eef6f2","pubkey":"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798","created_at":1707409439,"kind":1,"tags":[["-"]],"content":"hello members of the secret group","sig":"fa163f5cfb75d77d9b6269011872ee22b34fb48d23251e9879bb1e4ccbdd8aaaf4b6dc5f5084a65ef42c52fbcde8f3178bac3ba207de827ec513a6aa39fa684c"}]
/* relay: */
["AUTH", "<challenge>"]
["OK", "cb8feca582979d91fe90455867b34dbf4d65e4b86e86b3c68c368ca9f9eef6f2", false, "auth-required: this event may only be published by its author"]
/* client: */
["AUTH", {}]
["EVENT",{"id":"cb8feca582979d91fe90455867b34dbf4d65e4b86e86b3c68c368ca9f9eef6f2","pubkey":"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798","created_at":1707409439,"kind":1,"tags":[["-"]],"content":"hello members of the secret group","sig":"fa163f5cfb75d77d9b6269011872ee22b34fb48d23251e9879bb1e4ccbdd8aaaf4b6dc5f5084a65ef42c52fbcde8f3178bac3ba207de827ec513a6aa39fa684c"}]
["OK", "cb8feca582979d91fe90455867b34dbf4d65e4b86e86b3c68c368ca9f9eef6f2", true, ""]

Why

There are multiple circumstances in which it would be beneficial to prevent the unlimited spreading of an event through all relays imaginable and restrict some to only a certain demographic or to a semi-closed community relay. Even when the information is public it may make sense to keep it compartimentalized across different relays.

It's also possible to create closed access feeds with this when the publisher has some relationship with the relay and trusts the relay to not release their published events to anyone.

Even though it's ultimately impossible to restrict the spread of information on the internet (for example, one of the members of the closed group may want to take an event intended to be restricted and republish it to other relays), most relays would be happy to not facilitate the acts of these so-called "pirates", in respect to the original decision of the author and therefore gladly reject these republish acts if given the means to.

This NIP gives these authors and relays the means to clearly signal when a given event is not intended to be republished by third parties.

Clearing Protected Events

The kind:20070 ephemeral event asks the tagged relay to delete all of the author's protected events.

Relays MUST require authentication to fulfill the clearing request. Too old kind:20070 events MUST be ignored.

The event is useful to prevent replaceable and addressable events from becoming outdated after an user edits their NIP-65 write relays.

Example:

{
  kind: 20070,
  tags: [
    ["relays", "wss://relay1.example", "wss://relay2.example"]
  ],
  // ...other fields
}