Bugfix/subid cap 64 #159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

alltheseas wants to merge 2 commits into hoytech:master from alltheseas:bugfix/subid-cap-64

alltheseas commented Oct 28, 2025

Summary

enforce the NIP-01 non-empty, ≤64 byte limit inside SubId
shrink MAX_SUBID_SIZE so every subscription constructor shares the same cap

Motivation

Prevent the documented DoS: 10,000 REQs with 100 KB IDs previously consumed ~1
GB of RAM and forced EVENT replies to echo 100 KB; with the cap, worst-case REQs
reserve ~640 KB and replies echo <=64 bytes.

Breaking changes

REQ subscription IDs longer than 64 characters now fail validation per NIP-01;
clients that relied on longer IDs must adjust.

Testing

make test-subid
PATH="$PWD/nostril:$PATH" perl test/writeTest.pl

alltheseas added 2 commits

October 28, 2025 13:15


          Cap subscription IDs at 64 bytes

c579e75


          Add SubId boundary tests

3e31316

Author

alltheseas commented Oct 28, 2025

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet