feat: reject NIP-70 protected events

[Anshumancanrock]

Description

Adds rejection logic for NIP-70 protected events in EventMessageHandler.

• Events with a ["-"] tag get rejected with auth-required: this event may only be published by its author (same message the spec uses in its example).
• Kind-6 reposts that embed a protected event in their content are also rejected.
• Placed the check after canAcceptEvent so content-length limits kick in before we JSON.parse repost content.

Related Issue

Part of NIP-70 support. Follows #643 which added the detection utility.

Motivation and Context

NIP-70 says relays MUST reject events with ["-"] by default. Without this, those events just get stored and spread like any other event, which breaks the whole point of the tag. The repost check also covers the case where someone sticks a protected event inside a kind-6 repost body to get around the outer tag check.

How Has This Been Tested?

10 unit tests added to event-message-handler.spec.ts covering:

• Direct protected tag rejection
• Events with no tags / unrelated tags (no false positives)
• Kind-6 repost with embedded protected event
• Kind-6 repost with clean embedded event
• Empty content, invalid JSON content (graceful handling)
• Non-repost kind with JSON content containing ["-"] (should pass through)
• Precedence: a repost that is itself protected hits auth-required before the embed check
• Malformed embedded tags (non-array tags field in parsed JSON)

Screenshots (if appropriate):

N/A

Types of changes

• Non-functional change (docs, style, minor refactor)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my code changes.
• I added a changeset, or this is docs-only and I added an empty changeset.
• All new and existing tests passed.

[changeset-bot]

🦋 Changeset detected

Latest commit: 2fd3301

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
nostream	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Copilot]

Pull request overview

This PR adds enforcement for NIP-70 “protected events” at the relay handler level by rejecting events tagged with ["-"] and rejecting kind-6 reposts whose embedded event includes a protected tag, with accompanying unit tests and a changeset.

Changes:

• Add isProtectedEventBlocked() logic in EventMessageHandler and invoke it after canAcceptEvent.
• Reject kind-6 reposts that embed protected events in their JSON content.
• Add unit tests for direct protected tags, repost-embedded protected tags, and malformed/edge-case content; include a changeset entry.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
src/handlers/event-message-handler.ts	Adds protected-event/repost-embed rejection logic and wires it into message handling.
test/unit/handlers/event-message-handler.spec.ts	Adds unit tests covering protected-tag and repost-embedding behavior plus edge cases.
.changeset/nip70-reject-protected-events.md	Declares a minor release changeset for the new NIP-70 rejection behavior.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coveralls]

Coverage is 67.036% — Anshumancanrock:nip70-reject-protected-events into cameri:main. No base build found for cameri:main.

[cameri]

should we check if embedded is a valid event eventSchema, isEventIdValid() and isEventSignatureValid() before we check if it's protected?

[cameri]

let's log a warning here