They were one of the first implementations, so they were winging it.
Discussion
Any idea what the issue is? We updated it when they added CLOSED.
When a REQ is sent that requires AUTH and the connection isn’t authenticated, we send an AUTH challenge and a CLOSED with "auth-required: this relay only serves private notes to authenticated users"
I believe that is the expectation in NIP-42 - unless it changed again.
Nothing has changed, this is the correct way.
i think the problem has to do with a misunderstanding of client devs about how sockets work
the socket is a modal interface. it has a state, ready, and there are requests and responses... the way the nip-01 is written this categorization is not clear, so i can understand how this problem arose
it is very clear when you read the code that nostr:nprofile1qyd8wumn8ghj7mr0vd4kymmc9enxjct5dfskvtnrdakj7qg6waehxw309ac8junpd45kgtnxd9shg6npvchxxmmd9uq3kamnwvaz7tmjv4kxz7fwwajhxar9wfhxyarr9e3k7mf0qyfhwumn8ghj7am0wsh82arcduhx7mn99uqzqwlsccluhy6xxsr6l9a9uhhxf75g85g8a709tprjcn4e42h053vac7xr2j wrote for auth - a SOCKET is authed, not a REQUEST
if the client wants to make a request, and for example, the relay says it's "write-restricted" as in nip-11 (i need to add this to realy because i think this is relevant, write-restricted should also be part of the complex of elements in AUTH because what that means is "auth-required" to WRITE.
so i might go further to suggest that in the nip-42 text it should also mention that "restricted-writes" or whatever it is called, indicates that the sockets are modal upon AUTH, as in, when a socket demands AUTH it is because the request is "auth-required" which can be both read (req/count) and write (event)
I think this needs to also touch nip-11 and the "restricted_writes" field
auth required is ambiguous because it can mean both read and write
restricted_writes can be used instead of auth_required to signify that a socket doesn't need to auth to do read (req/count) but requires it for event
- auth_required should be specified to indicate for REQ/COUNT
- restricted_writes should be specified to indicate for EVENT
i am making an update to realy to match this clarification, and i hope there will be a revision to nip-42 to clarify the link to nip-11's limits fields and eliminating any confusion about whether NOTICE should be interpreted by clients
NOTICE is text to show in a relay log for clients. PERIOD.
i have realy send these notices because it is implied that if AUTH has been sent by the relay then AUTH must be sent by client or the socket is ded