I think I'm going to change chorus to send "CLOSED: auth-required" upon ANY event needing redaction from the results. It is too complicated with various existing clients to silently redact or signal redaction, and many expect this "auth-required" signal to know they need to AUTH. For a long time I thought giving people partial results was at least a little bit helpful, now I think it is harmful.
If you think I'm wrong please stop me.
I like the idea of giving clients partial results, but I'm starting to think its too complicated to communicate.
I haven's spent much brainpower on it, but isn't partial results the default? In my mind it's ok if relays withhold some events without telling the user, because no relay has a complete dataset. Communicating that that's happening, and how to get around that is harder, but maybe a job for LIMITS or nip 11 or something.
I'm having this kind of failure with nostr-sdk (rust):
client: REQ sub1
relay: AUTH
relay: EOSE sub1 (no events, all redacted, but stays open due to nature of the filter)
client: CLOSE sub1
client disconnects and fails to return the event.
The client has a signer that is allowed to read the event, but it is not using it because it looks to the client like it wasn't there and the client was never informed that maybe it was redacted.
Ah, I see, the client would have to block on auth in order to make sure it got the maximum results. Hmm
yeah, its quite insane.. glad to see someone thinking about how to do auth in a client because i think the big pushers of partial/redacted just didnt want to implement auth at all. so it remains open for them while everything gets more complicated on the auth side.
IMO nip-98 on the connection right at the start or no beans
Let's give this attempt to Sam Brown
https://video.nostr.build/213ae8554d76b225821e51a7e481fa9b87fab4dde8e3a9ec1b2996a632156147.webm
one possible cleaner way is if you really want to have free public access, AND auth access, just run each mode as a separate relay. if a relay says nip11 auth required, then its dont even bother connecting unless you are gonna auth.
