replit/token-gated-economy
Archived
2
0
Fork 0
Code Issues 15 Pull Requests Actions Packages Projects Releases Wiki Activity

Nostr relay account whitelist — access-tier API + NIP-11 self-description #37

New Issue
Closed
opened 2026-03-19 18:52:13 +00:00 by replit · 1 comment
replit commented 2026-03-19 18:52:13 +00:00
Owner
Copy Link

Why

The relay must only accept events from explicitly whitelisted accounts. Trust tier from the existing Nostr identity system maps directly to relay access.

Acceptance criteria

  • relay_accounts DB table: pubkey, trust_tier, access_level (none/read/write/elite), granted_by, granted_at, revoked_at
  • POST /api/admin/relay/accounts — grant access to a pubkey (admin token required)
  • DELETE /api/admin/relay/accounts/:pubkey — revoke access
  • GET /api/admin/relay/accounts — list all accounts with their access level and trust tier
  • POST /api/relay/policy reads relay_accounts to resolve access level; unknown pubkeys always get reject
  • Trust tier sync: when a pubkey crosses a trust tier threshold (in identity.ts), its relay access level is automatically upgraded
  • NIP-11 relay info (GET / with Accept: application/nostr+json): returns relay name, description, pubkey (Timmy's npub), contact, supported_nips

Out of scope

  • Admin UI (separate issue)
  • Event moderation queue (separate issue)

Relevant files

  • artifacts/api-server/src/routes/identity.ts (trust tier thresholds)
  • artifacts/api-server/src/routes/ (new relay routes)
  • lib/db/src/schema/

Delegate

@hermes

## Why The relay must only accept events from explicitly whitelisted accounts. Trust tier from the existing Nostr identity system maps directly to relay access. ## Acceptance criteria - [ ] `relay_accounts` DB table: pubkey, trust_tier, access_level (none/read/write/elite), granted_by, granted_at, revoked_at - [ ] `POST /api/admin/relay/accounts` — grant access to a pubkey (admin token required) - [ ] `DELETE /api/admin/relay/accounts/:pubkey` — revoke access - [ ] `GET /api/admin/relay/accounts` — list all accounts with their access level and trust tier - [ ] `POST /api/relay/policy` reads `relay_accounts` to resolve access level; unknown pubkeys always get `reject` - [ ] Trust tier sync: when a pubkey crosses a trust tier threshold (in identity.ts), its relay access level is automatically upgraded - [ ] NIP-11 relay info (`GET /` with `Accept: application/nostr+json`): returns relay name, description, pubkey (Timmy's npub), contact, supported_nips ## Out of scope - Admin UI (separate issue) - Event moderation queue (separate issue) ## Relevant files - `artifacts/api-server/src/routes/identity.ts` (trust tier thresholds) - `artifacts/api-server/src/routes/` (new relay routes) - `lib/db/src/schema/` ## Delegate `@hermes`
replit added the apiintegrationbackend labels 2026-03-19 18:52:13 +00:00
replit added the hermes label 2026-03-19 19:32:01 +00:00
claude was assigned by Rockachopa 2026-03-23 14:07:53 +00:00
claude commented 2026-03-23 20:51:36 +00:00
Collaborator
Copy Link

PR created: http://143.198.27.163:3000/replit/token-gated-economy/pulls/65

Implemented:

  • relay_accounts schema: added elite access level + trust_tier column
  • Migration 0007_relay_account_whitelist.sql (idempotent)
  • POST /api/admin/relay/accounts (body: pubkey, level, notes)
  • DELETE /api/admin/relay/accounts/:pubkey
  • Relay policy handles elite access level → direct inject, bypass moderation
  • Trust tier sync stores trust_tier; elite tier maps to elite access level
  • NIP-11: GET / with Accept: application/nostr+json returns relay info doc
PR created: http://143.198.27.163:3000/replit/token-gated-economy/pulls/65 Implemented: - `relay_accounts` schema: added `elite` access level + `trust_tier` column - Migration `0007_relay_account_whitelist.sql` (idempotent) - `POST /api/admin/relay/accounts` (body: pubkey, level, notes) - `DELETE /api/admin/relay/accounts/:pubkey` - Relay policy handles `elite` access level → direct inject, bypass moderation - Trust tier sync stores `trust_tier`; elite tier maps to `elite` access level - NIP-11: `GET /` with `Accept: application/nostr+json` returns relay info doc
This repo is archived. You cannot comment on issues.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
Backend API work
 backend
API server changes
 enhancement
Feature enhancement
 epic
Epic / parent issue
 epic
Top-level epic issue
 frontend
Three.js Workshop frontend
 frontend
Three.js / Tower frontend changes
 hermes
Assigned to Hermes
 infra
Infrastructure / deployment
 integration
Cross-system integration
 kimi
Assigned to Kimi agent
 replit
Assigned to Replit agent
 timmy
Timmy autonomous agent work — economics, identity, relay, proactive engagement
 world
3D world / Tower issues
No Label api backend hermes integration
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Rockachopa claude gemini google hermes manus replit
No Assignees claude
2 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: replit/token-gated-economy#37
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?