relay-pool: add RelayOptions::verify_subscriptions option

yukibtc · yukibtc · commit 8c03d6ddd5a2 · 2025-07-23T10:07:04.000+02:00
Follow-up of 71b4fd7 Pull-Request: #997 Signed-off-by: Yuki Kishimoto <yukikishimoto@protonmail.com>
diff --git a/crates/nostr-relay-pool/CHANGELOG.md b/crates/nostr-relay-pool/CHANGELOG.md
@@ -42,6 +42,7 @@
 
 - Allow putting relays to sleep when idle (https://github.com/rust-nostr/nostr/pull/926)
 - An option to ban relays that send events which don't match the subscription filter (https://github.com/rust-nostr/nostr/pull/981)
+- Add `RelayOptions::verify_subscriptions` option (https://github.com/rust-nostr/nostr/pull/997)
 
 ## v0.42.0 - 2025/05/20
 
diff --git a/crates/nostr-relay-pool/src/relay/inner.rs b/crates/nostr-relay-pool/src/relay/inner.rs
@@ -1116,22 +1116,36 @@ impl InnerRelay {
             }
         }
 
-        // Check if the subscription id exist and verify if the event matches the subscription filter.
-        match self.subscription(&subscription_id).await {
-            Some(filter) => {
-                // Skip NIP-50 extensions since they're unsupported
-                const MATCH_EVENT_OPTS: MatchEventOptions = MatchEventOptions::new().nip50(false);
-
-                // If the "ban relay on mismatch" option is enabled, check if the filter matches the event.
-                if self.opts.ban_relay_on_mismatch && !filter.match_event(&event, MATCH_EVENT_OPTS)
-                {
-                    // Filter doesn't match the event, ban the relay.
-                    self.ban();
-                    return Err(Error::FilterMismatch);
+        // Check if subscription must be verified
+        if self.opts.verify_subscriptions {
+            // NOTE: here we don't use the `self.subscription(id)` to avoid an unnecessary clone of the filter!
+
+            // Acquire read lock
+            let subscriptions = self.atomic.subscriptions.read().await;
+
+            // Check if the subscription id exist and verify if the event matches the subscription filter.
+            match subscriptions.get(&subscription_id) {
+                Some(SubscriptionData { filter, .. }) => {
+                    // Skip NIP-50 matches since they may create issues and ban non-malicious relays.
+                    const MATCH_EVENT_OPTS: MatchEventOptions =
+                        MatchEventOptions::new().nip50(false);
+
+                    // Check if the filter matches the event
+                    if !filter.match_event(&event, MATCH_EVENT_OPTS) {
+                        // Ban the relay
+                        if self.opts.ban_relay_on_mismatch {
+                            self.ban();
+                        }
+
+                        return Err(Error::FilterMismatch);
+                    }
+
+                    // TODO: check filter limit: if eose is not received and the filter has a limit, check how many events have been received.
+                    // TODO: use atomics (AtomicBool and AtomicUsize) for this, to avoid acquiring the RwLock as write.
+                }
+                None => {
+                    return Err(Error::SubscriptionNotFound);
                 }
-            }
-            None => {
-                return Err(Error::SubscriptionNotFound);
             }
         }
 
diff --git a/crates/nostr-relay-pool/src/relay/mod.rs b/crates/nostr-relay-pool/src/relay/mod.rs
@@ -1183,7 +1183,12 @@ mod tests {
         let mock = MockRelay::run_with_opts(opts).await.unwrap();
         let url = RelayUrl::parse(&mock.url()).unwrap();
 
-        let relay: Relay = new_relay(url, RelayOptions::default().ban_relay_on_mismatch(true));
+        let relay: Relay = new_relay(
+            url,
+            RelayOptions::default()
+                .verify_subscriptions(true)
+                .ban_relay_on_mismatch(true),
+        );
 
         assert_eq!(relay.status(), RelayStatus::Initialized);
 
@@ -1212,7 +1217,12 @@ mod tests {
         let mock = MockRelay::run_with_opts(opts).await.unwrap();
         let url = RelayUrl::parse(&mock.url()).unwrap();
 
-        let relay = new_relay(url, RelayOptions::default().ban_relay_on_mismatch(true));
+        let relay = new_relay(
+            url,
+            RelayOptions::default()
+                .verify_subscriptions(true)
+                .ban_relay_on_mismatch(true),
+        );
 
         assert_eq!(relay.status(), RelayStatus::Initialized);
 
diff --git a/crates/nostr-relay-pool/src/relay/options.rs b/crates/nostr-relay-pool/src/relay/options.rs
@@ -23,6 +23,7 @@ pub struct RelayOptions {
     pub(super) idle_timeout: Duration,
     pub(super) retry_interval: Duration,
     pub(super) adjust_retry_interval: bool,
+    pub(super) verify_subscriptions: bool,
     pub(super) ban_relay_on_mismatch: bool,
     pub(super) limits: RelayLimits,
     pub(super) max_avg_latency: Option<Duration>,
@@ -39,6 +40,7 @@ impl Default for RelayOptions {
             idle_timeout: Duration::from_secs(300),
             retry_interval: DEFAULT_RETRY_INTERVAL,
             adjust_retry_interval: true,
+            verify_subscriptions: false,
             ban_relay_on_mismatch: false,
             limits: RelayLimits::default(),
             max_avg_latency: None,
@@ -115,6 +117,12 @@ impl RelayOptions {
         self
     }
 
+    /// Verify that received events belong to a subscription and match the filter.
+    pub fn verify_subscriptions(mut self, enable: bool) -> Self {
+        self.verify_subscriptions = enable;
+        self
+    }
+
     /// If true, ban a relay when it sends an event that doesn't match the subscription filter.
     pub fn ban_relay_on_mismatch(mut self, ban_relay: bool) -> Self {
         self.ban_relay_on_mismatch = ban_relay;
