feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52) #26

Merged

padreug merged 1 commit from feat/policy-nip42-auth into main

2026-06-18 17:30:12 +00:00

Author	SHA1	Message	Date
Padreug	22678dfb4f	feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52 ) Some checks failed ci.yml / feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52) (pull_request) Failing after 0s Details ci.yml / feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52) (push) Failing after 0s Details bitspire#52 consumer review (2026-06-18) enumerated the kinds the spire signs as its OWN identity and found NIP-42 relay AUTH (kind 22242) missing from SPIRE_POLICY_RULES — a silent bunker reject the moment a relay challenges with AUTH. It must be bunker-signed (AUTH proves control of spire_pubkey, which only the bunker holds; can't use the local client_nsec). Adds 22242. Records the confirmed set in the policy comment: live = 21000 + 30078 + 22242; CLINK 21001-21003 dormant but kept; nip04 unused (v1 path is dead code). New test locks the required-kinds contract so 22242 can't silently regress. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-18 17:29:43 +00:00

Author

SHA1

Message

Date

Padreug

22678dfb4f

feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52 )

ci.yml / feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52) (pull_request) Failing after 0s

Details

ci.yml / feat(pairing): authorize kind-22242 (NIP-42 AUTH) in spire policy (#52) (push) Failing after 0s

Details

bitspire#52 consumer review (2026-06-18) enumerated the kinds the spire
signs as its OWN identity and found NIP-42 relay AUTH (kind 22242) missing
from SPIRE_POLICY_RULES — a silent bunker reject the moment a relay
challenges with AUTH. It must be bunker-signed (AUTH proves control of
spire_pubkey, which only the bunker holds; can't use the local client_nsec).

Adds 22242. Records the confirmed set in the policy comment: live = 21000 +
30078 + 22242; CLINK 21001-21003 dormant but kept; nip04 unused (v1 path is
dead code). New test locks the required-kinds contract so 22242 can't
silently regress.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-18 17:29:43 +00:00