no need to hide it ... may all us script kiddies become more empowered by this docu-hack

// ------- CHECKLIST.md -----------

# Development Standards Checklist

## Core Philosophy

- [x] Keep it simple: avoid heavy frameworks

- [x] Use specialized nostr utilities over general-purpose frameworks

- Use `nostr-crypto-utils` for core Nostr functionality

- Use `nostr-nsec-seedphrase` for key management

- Use `nostr-websocket-utils` for WebSocket handling (if needed)

- Use `fastify` for HTTPS serving (if needed)

- Use TypeScript for type safety

- [x] Manage dependencies manually - no dependency injection frameworks

- [x] Prefer pure TypeScript solutions

- [x] Only add complexity when absolutely necessary

## Core Requirements

### Module System

- [x] Use ESModules by default

- [ ] Use CommonJS only when absolutely necessary (document why in code comments)

- [x] All new modules must use `import/export` syntax

- [ ] Update existing modules to ESM when touching them

### Code Structure

### Core (/src)

- [x] `/services` - Core Nostr services

- [x] `/nips` - NIP implementations

- [x] `/utils` - Shared utilities

- [ ] `/types` - Core type definitions

### Features

- [ ] Each NIP implementation should be independent

- [ ] Communication via service layer only

- [ ] Self-contained business logic

- [ ] Clear separation between NIPs and services

## Nostr Implementation Requirements

- [ ] Use `nostr-tools` for all Nostr operations

- [ ] Event creation and signing

- [ ] Relay connections

- [ ] Key management

- [ ] Message encryption/decryption

- [ ] Never store raw private keys in code

- [ ] Implement proper key validation

- [ ] Secure relay communications

## Security Requirements

- [ ] All direct messages MUST be encrypted

- [ ] Validate all public keys before use

- [ ] No sensitive data in logs or error messages

- [ ] Implement proper error handling for all Nostr operations

- [ ] Rate limiting for relay connections

- [ ] Proper cleanup of relay connections

## TypeScript Standards

- [ ] Strict type checking enabled

- [ ] No `any` types unless absolutely necessary

- [ ] Interface definitions for all Nostr events

- [ ] Proper error types

- [ ] Type guards where necessary

- [ ] Documentation for public APIs

## Testing Strategy

- [ ] Unit tests for all services

- [ ] Integration tests for Nostr operations

- [ ] Mock relay for testing

- [ ] Test encryption/decryption specifically

- [ ] Test error cases

- [ ] Test relay connection handling

## Implementation Priorities

1. Core Nostr functionality

2. Direct message handling

3. Key management

4. Relay connection management

5. Error handling

6. Testing

## Performance & Reliability

- [ ] Implement connection pooling

- [ ] Handle relay disconnections gracefully

- [ ] Implement retry mechanisms

- [ ] Monitor relay performance

- [ ] Handle concurrent messages

## Documentation

- [ ] API documentation

- [ ] Usage examples

- [ ] Error handling guide

- [ ] Security considerations

- [ ] Implementation notes for each NIP

## Environment Variables

### Development

- [ ] `RELAY_URL` - Nostr relay URL

- [ ] `NODE_ENV=development`

- [ ] `LOG_LEVEL` - Logging verbosity

### Production

- [ ] `RELAY_URL` - Production relay URL

- [ ] `NODE_ENV=production`

- [ ] `LOG_LEVEL=info`