Skip to content

Dogfood Wisp as the oprf-unlock test relay (exercise NIP-42 auth + rate limiting) #11

Description

@kwsantiago

Context

tests/oprf-unlock.nix (added in #10) stands up the Nostr coordination relay with services.nostr-rs-relay over plain ws:// (hence the KEEP_ALLOW_WS=1 in the test). That was an expedience choice: nostr-rs-relay ships a nixpkgs module, so it was the fastest path to a green test. The relay there is just a swappable coordination stand-in.

Wisp is privkey's own Nostr relay, and crucially it supports NIP-42 auth and rate limiting ([auth] / [rate_limits]).

Why this matters (beyond dogfooding)

nixos/frost-gate.nix documents the M1 security requirement explicitly: the "no single box can decrypt" property holds only once the external relay authenticates + throttles unlock requests and the box is bound by a real measured-boot PCR policy. nostr-rs-relay cannot exercise that authenticated/throttled path; Wisp can. So switching the test relay to Wisp is both:

  • dogfooding the relay the appliance should actually ship/recommend, and
  • the path to testing the security-meaningful relay behavior (authenticated, rate-limited unlock requests) rather than a plain unauthenticated ws:// stand-in.

Scope

  1. Add Wisp as a flake input; replace the relay node's services.nostr-rs-relay with services.wisp.
  2. Enable NIP-42 auth + rate limiting on the relay node and extend tests/oprf-unlock.nix to exercise the authenticated path (move off plain ws:///KEEP_ALLOW_WS=1 where feasible).

Blocked by

Metadata

Metadata

Assignees

No one assigned

    Labels

    Fields

    No fields configured for Feature.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions