Skip to content

Add timestamp validation for incoming Nostr events #1019

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
j0KZ wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add timestamp validation for incoming Nostr events #1019

j0KZ wants to merge 1 commit into from

Conversation

@j0KZ
Copy link

@j0KZ j0KZ commented Feb 5, 2026

Summary

  • Validates event timestamps to reject clearly invalid events and mitigate replay attacks
  • Different event types have different tolerance windows based on their nature

Validation Rules

Event Type Kind Window Rationale
Ephemeral events 20000-29999 ±1 hour Should be recent, used for presence/chat
Gift wraps (NIP-17) 1059 ±24 hours NIP-17 uses randomized timestamps for privacy
Other events * Future ≤5 min Historical events OK, reject clearly invalid futures

Changes

  • Add hasValidTimestamp() method to NostrEvent struct
  • Validate timestamp in ParsedInbound alongside signature validation
  • Document the validation rules with clear comments

Test plan

  • Verify ephemeral events outside ±1 hour are rejected
  • Verify gift wraps within ±24 hours are accepted
  • Verify events >5 min in the future are rejected
  • Verify historical events (e.g., old text notes) are accepted
  • Verify normal operation of location channels and private messages

🤖 Generated with Claude Code

@j0KZ @claude
Add timestamp validation for incoming Nostr events
4990096 
Validates event timestamps to reject clearly invalid events and mitigate
replay attacks. Different event types have different tolerance windows:

- Ephemeral events (kind 20000-29999): ±1 hour (should be recent)
- Gift wraps (kind 1059): ±24 hours (NIP-17 uses randomized timestamps)
- Other events: reject if >5 minutes in the future (historical events OK)

Changes:
- Add hasValidTimestamp() method to NostrEvent struct
- Validate timestamp in ParsedInbound alongside signature validation
- Document the validation rules with clear comments

This prevents processing of events with clearly malicious or invalid
timestamps while allowing legitimate historical messages and NIP-17
private messages with intentionally randomized timestamps.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@j0KZ