aiolabs/nsecbunkerd
8
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity Actions
Pulse Contributors Code frequency Recent commits

2025-06-26 - 2026-06-26
Period: 1 year
1 day 3 days 1 week 1 month 3 months 6 months 1 year

Overview

12 active pull requests
29 active issues
12
Merged pull requests 0
Proposed pull requests 17
Closed issues 29
New issues
Excluding merges, 0 authors have pushed 0 commits to master and 41 commits to all branches. On master, 0 files have changed and there have been 0 additions and 0 deletions.

12 pull requests merged by 1 user

Merged #40 fix(admin): make create_new_key idempotent — never clobber an existing key (#39) 2026-06-21 14:01:48 +00:00

Merged #38 fix(acl): hard-reject a lapsed token binding instead of prompting (#36) 2026-06-21 12:57:47 +00:00

Merged #34 feat(acl): per-rule windowed usage caps enforced live at sign time (#28) 2026-06-21 10:34:23 +00:00

Merged #33 test(acl): DB-backed integration tests for checkIfPubkeyAllowed (#29) 2026-06-19 21:09:42 +00:00

Merged #32 docs: migration & DB-maintenance runbook (never full-wipe nsecbunker.db) 2026-06-19 21:09:27 +00:00

Merged #27 fix(acl): enforce token grant lifecycle live at sign time (#24, #25) 2026-06-19 16:05:19 +00:00

Merged #23 fix(backend): pin per-key kind:24133 subscription to explicit relays (#21) 2026-06-03 17:07:23 +00:00

Merged #22 fix(daemon): keep retrying relay reconnect indefinitely, overriding NDK give-up (#20) 2026-06-03 16:58:48 +00:00

Merged #17 feat(#16): boot-time autounlock of encrypted keys from a configured passphrase source 2026-05-31 13:39:18 +00:00

Merged #15 feat(#14): bump @nostr-dev-kit/ndk 2.8.1 → 3.0.3 + nostr-tools v1 → v2.20 + acl wire-name vocabulary 2026-05-31 11:49:30 +00:00

Merged #13 feat(#11): live-policy auth + 6 companion admin RPCs + Token.revokedAt 2026-05-30 15:25:16 +00:00

Merged #10 fix(#9): close race between create_new_key and NIP-46 connect 2026-05-30 11:23:43 +00:00

17 issues closed from 1 user

Closed #39 create_new_key clobbers an existing key — silent, unrecoverable identity loss on re-pair 2026-06-21 14:01:48 +00:00

Closed #36 ACL: an expired/exhausted bound token should hard-reject (false), not fall through to prompt-admin (undefined) — clients time out instead of re-pairing 2026-06-21 12:57:47 +00:00

Closed #28 Enforce PolicyRule.maxUsageCount live at sign time (needs a durable signing log) 2026-06-21 10:34:23 +00:00

Closed #29 Add a DB-backed test harness + integration tests for checkIfPubkeyAllowed 2026-06-19 21:09:42 +00:00

Closed #12 Trim applyToken SigningCondition fan-out once override layer is rarely-consulted 2026-06-19 20:55:50 +00:00

Closed #25 Design discussion / RFC: enforce token + grant lifecycle at sign time (the root behind #24) 2026-06-19 20:55:39 +00:00

Closed #24 Token expiresAt (TTL) is not enforced post-bind — sign-time ACL ignores it 2026-06-19 20:55:34 +00:00

Closed #21 Per-key Backend kind:24133 subscription sometimes fails to register on relay after a fresh boot 2026-06-03 17:07:23 +00:00

Closed #20 NDK gives up reconnecting to admin relay after ~3 ECONNREFUSED retries — bunker stays disconnected forever 2026-06-03 16:58:48 +00:00

Closed #16 Boot-time autounlock of encrypted keys from a configured passphrase source 2026-05-31 13:39:18 +00:00

Closed #14 Bump @nostr-dev-kit/ndk 2.8.1 → 3.0.3 — unlocks nip44 backend + 2yr of upstream 2026-05-31 11:49:30 +00:00

Closed #11 Permissions are unmodifiable after issue: shift sign-time auth from materialized SigningCondition snapshots to live policy lookup 2026-05-30 15:25:16 +00:00

Closed #9 create_new_key races: backend listener not ready when caller proceeds to NIP-46 connect 2026-05-30 11:23:44 +00:00

Closed #3 @nostr-dev-kit/ndk declared as workspace:* with no workspace setup 2026-05-25 22:34:13 +00:00

Closed #8 startKey passes bech32 nsec to NDKPrivateKeySigner — every newly-created key fails to load 2026-05-25 22:34:13 +00:00

Closed #4 pingOrDie self-watchdog false-positives → bunker exits every 30s on non-public relays 2026-05-25 22:34:13 +00:00

Closed #1 Dockerfile uses npm install but project declares workspace:* deps (pnpm-only) 2026-05-25 22:34:13 +00:00

29 issues created by 1 user

Opened #1 Dockerfile uses npm install but project declares workspace:* deps (pnpm-only) 2026-05-25 21:51:24 +00:00

Opened #2 pnpm-lock.yaml is out of date vs package.json — frozen install fails 2026-05-25 21:51:39 +00:00

Opened #3 @nostr-dev-kit/ndk declared as workspace:* with no workspace setup 2026-05-25 21:52:01 +00:00

Opened #4 pingOrDie self-watchdog false-positives → bunker exits every 30s on non-public relays 2026-05-25 21:52:33 +00:00

Opened #5 getKeys throws on passphrase-encrypted entries — nip19.decode({iv, data}) fails 2026-05-25 21:55:14 +00:00

Opened #6 Docker Hub image pablof7z/nsecbunkerd:latest is arm64-only — fails on amd64 hosts 2026-05-25 21:56:06 +00:00

Opened #7 Investigate NDK echo issue — RPC responses unreliably reach client subscriptions on custom relays 2026-05-25 21:57:14 +00:00

Opened #8 startKey passes bech32 nsec to NDKPrivateKeySigner — every newly-created key fails to load 2026-05-25 22:30:43 +00:00

Opened #9 create_new_key races: backend listener not ready when caller proceeds to NIP-46 connect 2026-05-30 08:42:56 +00:00

Opened #11 Permissions are unmodifiable after issue: shift sign-time auth from materialized SigningCondition snapshots to live policy lookup 2026-05-30 10:40:29 +00:00

Opened #12 Trim applyToken SigningCondition fan-out once override layer is rarely-consulted 2026-05-30 11:21:08 +00:00

Opened #14 Bump @nostr-dev-kit/ndk 2.8.1 → 3.0.3 — unlocks nip44 backend + 2yr of upstream 2026-05-31 09:57:05 +00:00

Opened #16 Boot-time autounlock of encrypted keys from a configured passphrase source 2026-05-31 13:27:32 +00:00

Opened #18 relayConnectionWatchdog: make threshold + poll-interval env-configurable + add soft-fail mode (don't process.exit on transient partitions) 2026-05-31 17:22:58 +00:00

Opened #19 deps: refresh runtime deps to current stable (pnpm, prisma, nodejs, NDK, fastify, …) 2026-06-03 13:10:05 +00:00

Opened #20 NDK gives up reconnecting to admin relay after ~3 ECONNREFUSED retries — bunker stays disconnected forever 2026-06-03 16:22:31 +00:00

Opened #21 Per-key Backend kind:24133 subscription sometimes fails to register on relay after a fresh boot 2026-06-03 16:23:31 +00:00

Opened #24 Token expiresAt (TTL) is not enforced post-bind — sign-time ACL ignores it 2026-06-18 21:38:56 +00:00

Opened #25 Design discussion / RFC: enforce token + grant lifecycle at sign time (the root behind #24) 2026-06-19 06:49:30 +00:00

Opened #26 NDK NIP-46 backend: get_public_key bypasses the permit callback — pubkey disclosure is ungated/unauditable through our ACL seam 2026-06-19 12:41:41 +00:00

Opened #28 Enforce PolicyRule.maxUsageCount live at sign time (needs a durable signing log) 2026-06-19 13:29:51 +00:00

Opened #29 Add a DB-backed test harness + integration tests for checkIfPubkeyAllowed 2026-06-19 13:30:02 +00:00

Opened #30 flake devShell exports prisma-engines 7.x — breaks prisma migrate/validate in the dev shell 2026-06-19 13:30:21 +00:00

Opened #31 Remove the redundant, always-failing npm run prisma:migrate step in start.js 2026-06-19 16:32:56 +00:00

Opened #35 SigningLog retention/pruning — the usage-cap log grows unbounded 2026-06-20 19:52:43 +00:00

Opened #36 ACL: an expired/exhausted bound token should hard-reject (false), not fall through to prompt-admin (undefined) — clients time out instead of re-pairing 2026-06-21 09:56:00 +00:00

Opened #37 SigningLog retention/prune reaper (unbounded growth from #28 usage caps) 2026-06-21 10:35:20 +00:00

Opened #39 create_new_key clobbers an existing key — silent, unrecoverable identity loss on re-pair 2026-06-21 13:51:39 +00:00

Opened #41 Watchdog reconnect re-opens the socket but never replays subscriptions → bunker goes silently deaf after a relay flap 2026-06-23 22:19:02 +00:00