We use AUTH on many of our relays for different reasons.
nostr.wine - AUTH only for kind 4 REQs to protect DM metadata
filter.nostr.wine - paid proxy relay service, AUTH on connect for access control
creatr.nostr.wine - patreon relay with granular event access control, AUTH on connect
inbox.nostr.wine - special purpose access control relay for DMs, giftwraps, and NWC events. AUTH on any REQ. Events can be sent without AUTH as long as the tagged pubkey has a registered inbox.
Do you do the CLOSED+auth-required flow on all of these?
Yes
so a relay can preempt auth by sending a closed on connect and then following with an auth? nostr:nprofile1qyv8wumn8ghj7cm9d3kxzu3wdehhxarj9emkjmn99uq3wamnwvaz7tmfde3x77pwdehhxarj9emkjmn99uq3jamnwvaz7tmhv4kxxmmdv5hxummnw3ezuamfdejj7qpq8kzz4lkdtc5n729kvfunxuz287uvu9f64ywhjz43ra482t2y5sksgzn4gz also, is this how you get #coracle to do it (i tried triggering auth on connect with auth required but it sounds like i need to send closed first? kinda weird tho)
I have different auth flows for different relays. Nostr.wine doesn’t AUTH until the client makes a REQ that requires it. It sends CLOSED with auth-required to that REQ.
Filter.nostr.wine just sends an AUTH on connect. If you ignore it and send REQs it returns CLOSED+auth-required.
This guy is building the relay infrastructure I always imagined would happen.
I'm just worried that clients are not yet ready to interact with such a great amount of power.
