seperate kind and key whitelists

app/static/examples/config.example.yml

@@ -4,11 +4,14 @@ mongodb:
 
 server:
   port: ":8080" # Port for the server to listen on
-whitelist:
+pubkey_whitelist:
   enabled: false
   pubkeys: #["3fe0ab6cbdb7ee27148202249e3fb3b89423c6f6cda6ef43ea5057c3d93088e4",
   #"cac0e43235806da094f0787a5b04e29ad04cb1a3c7ea5cf61edc1c338734082b"]
   npubs: #["npub18ls2km9aklhzw9yzqgjfu0anhz2z83hkeknw7sl22ptu8kfs3rjq54am44"]
+kind_whitelist:
+  enabled: false
+  kinds: #[0, 1]
 rate_limit:
   ws_limit: 100 # Global rate limit for WebSocket messages (50 messages per second)
   ws_burst: 200 # Global burst limit for WebSocket messages (allows a burst of 100 messages)

config/types/serverConfig.go

@@ -8,6 +8,7 @@ type ServerConfig struct {
 	Server struct {
 		Port string `yaml:"port"`
 	} `yaml:"server"`
-	RateLimit RateLimitConfig `yaml:"rate_limit"`
+	RateLimit       RateLimitConfig       `yaml:"rate_limit"`
-	Whitelist WhitelistConfig `yaml:"whitelist"`
+	PubkeyWhitelist PubkeyWhitelistConfig `yaml:"pubkey_whitelist"`
+	KindWhitelist   KindWhitelistConfig   `yaml:"kind_whitelist"`
 }

config/types/whitelistKindConfig.go

@@ -0,0 +1,6 @@
+package config
+
+type KindWhitelistConfig struct {
+	Enabled bool     `yaml:"enabled"`
+	Kinds   []string `yaml:"kinds"`
+}

config/types/whitelistPubkeyConfig.go

@@ -1,6 +1,6 @@
 package config
 
-type WhitelistConfig struct {
+type PubkeyWhitelistConfig struct {
 	Enabled bool     `yaml:"enabled"`
 	Pubkeys []string `yaml:"pubkeys"`
 	Npubs   []string `yaml:"npubs"`

server/handlers/event.go

@@ -9,6 +9,7 @@ import (
 	"grain/server/handlers/kinds"
 	"grain/server/handlers/response"
 	"grain/server/utils"
+	"strconv"
 
 	relay "grain/server/types"
 
@@ -59,9 +60,15 @@ func HandleKind(ctx context.Context, evt relay.Event, ws *websocket.Conn, eventS
 	rateLimiter := config.GetRateLimiter()
 	sizeLimiter := config.GetSizeLimiter()
 
-	// Check whitelist
+	// Check if the kind is whitelisted
-	if !isWhitelisted(evt.PubKey) {
+	if config.GetConfig().KindWhitelist.Enabled && !isKindWhitelisted(evt.Kind) {
-		response.SendOK(ws, evt.ID, false, "not allowed: pubkey is not whitelisted")
+		response.SendOK(ws, evt.ID, false, "not allowed: event kind is not whitelisted")
+		return
+	}
+
+	// Check pubkey/npub whitelist only if the kind is not whitelisted
+	if config.GetConfig().PubkeyWhitelist.Enabled && !isPubKeyWhitelisted(evt.PubKey) {
+		response.SendOK(ws, evt.ID, false, "not allowed: pubkey or npub is not whitelisted")
 		return
 	}
 
@@ -129,21 +136,21 @@ func determineCategory(kind int) string {
 }
 
 // Helper function to check if a pubkey or npub is whitelisted
-func isWhitelisted(pubKey string) bool {
+func isPubKeyWhitelisted(pubKey string) bool {
 	cfg := config.GetConfig()
-	if !cfg.Whitelist.Enabled {
+	if !cfg.PubkeyWhitelist.Enabled {
 		return true
 	}
 
 	// Check pubkeys
-	for _, whitelistedKey := range cfg.Whitelist.Pubkeys {
+	for _, whitelistedKey := range cfg.PubkeyWhitelist.Pubkeys {
 		if pubKey == whitelistedKey {
 			return true
 		}
 	}
 
 	// Check npubs
-	for _, npub := range cfg.Whitelist.Npubs {
+	for _, npub := range cfg.PubkeyWhitelist.Npubs {
 		decodedPubKey, err := utils.DecodeNpub(npub)
 		if err != nil {
 			fmt.Println("Error decoding npub:", err)
@@ -156,3 +163,24 @@ func isWhitelisted(pubKey string) bool {
 
 	return false
 }
+
+func isKindWhitelisted(kind int) bool {
+	cfg := config.GetConfig()
+	if !cfg.KindWhitelist.Enabled {
+		return true
+	}
+
+	// Check event kinds
+	for _, whitelistedKindStr := range cfg.KindWhitelist.Kinds {
+		whitelistedKind, err := strconv.Atoi(whitelistedKindStr)
+		if err != nil {
+			fmt.Println("Error converting whitelisted kind to int:", err)
+			continue
+		}
+		if kind == whitelistedKind {
+			return true
+		}
+	}
+
+	return false
+}