This glossary defines the ubiquitous language used throughout the ORLY codebase. All contributors should use these terms consistently in code, comments, and documentation.
A Nostr event as defined in NIP-01. The fundamental unit of data in the Nostr protocol. Contains: id, pubkey, created_at, kind, tags, content, sig.
git.mleku.dev/mleku/nostr/encoders/eventevent.EA monotonically increasing 40-bit identifier assigned to each event upon storage. Used for efficient range queries, synchronization, and garbage collection ordering.
pkg/database/indexes/types.Uint40A 32-byte secp256k1 public key identifying a Nostr user. Stored as binary internally, displayed as 64-character lowercase hex or bech32 npub format externally.
git.mleku.dev/mleku/nostr/types.PubkeyThe permission tier granted to a pubkey. Determines what operations are allowed.
| Level | Description |
|---|---|
none | No access, authentication required |
read | Read-only access (REQ allowed, EVENT denied) |
write | Read and write access |
admin | Write + import/export + arbitrary delete |
owner | Admin + wipe + system configuration |
blocked | IP address blocked |
banned | Pubkey banned |
pkg/interfaces/acl/acl.go constantsThe authorization system that determines access levels for pubkeys and IP addresses. Supports multiple modes with different authorization strategies.
pkg/acl/pkg/interfaces/acl/acl.goThe event processing pipeline transforms incoming WebSocket messages into stored events. Each stage has distinct responsibilities and produces typed results.
Raw JSON → Validation → Authorization → Routing → Processing → Delivery
The process of verifying event structure, signature, and protocol compliance.
Checks performed:
pkg/event/validation/validation.Result with Valid, Code, MsgThe decision process determining if an event is allowed based on ACL and policy. Returns a structured decision with access level and deny reason.
pkg/event/authorization/authorization.Decision with Allowed, AccessLevel, DenyReason, RequireAuthDispatching events to specialized handlers based on event kind. Determines whether events should be processed normally, delivered ephemerally, or handled specially.
Examples:
pkg/event/routing/routing.Result with Action, ErrorThe final stage: persisting events, running post-save hooks, and delivering to subscribers. Handles deduplication, replaceable event logic, and event delivery.
pkg/event/processing/processing.Result with Saved, Duplicate, Blocked, ErrorOpen relay - all pubkeys have write access by default.
No authentication required unless explicitly configured via ORLY_AUTH_REQUIRED.
pkg/acl/none.goWhitelist based on admin/owner follow lists (kind 3 events). Followed pubkeys get write access; others get read-only or denied based on configuration. Supports progressive throttling for non-followed users.
pkg/acl/follows.goORLY_ACL_MODE=followsFine-grained control via NIP-86 management API. Supports pubkey bans, event bans, IP blocks, kind restrictions, and custom rules. All management operations require NIP-98 HTTP authentication.
pkg/acl/managed.goORLY_ACL_MODE=managedCurator-based content moderation system. Curators can approve/reject events from non-followed users. Events from non-curated users are held pending approval.
pkg/acl/curating.goORLY_ACL_MODE=curatingChallenge-response authentication for WebSocket connections. Used to verify pubkey ownership before granting elevated access.
Flow:
pkg/protocol/auth/Events with - (protected) tag that can only be replaced/deleted by the author.
Prevents relays from accepting replacements from unauthorized pubkeys.
["-"] in tags arrayInvite-based membership system for restricted relays. Supports join requests, leave requests, and membership tracking.
| Kind | Purpose |
|---|---|
| 28934 | Join request with invite code |
| 28936 | Leave request |
| 8000 | Member added (relay-published) |
pkg/protocol/nip43/HTTP JSON-RPC API for relay administration. Requires NIP-98 HTTP authentication with admin/owner access level.
/api/v1/managementapp/handle-nip86.goSet reconciliation protocol for efficient relay-to-relay synchronization. Uses negentropy algorithm to identify missing events with minimal bandwidth.
pkg/sync/negentropy/The event delivery system that sends events to subscribers. Composed of multiple publisher implementations (socket, internal, etc.).
pkg/protocol/publish/pkg/interfaces/publisher/publisher.goExternal event processing plugin (JavaScript/Rhai script). Can accept, reject, or shadow-reject events before normal processing.
| Action | Effect |
|---|---|
| accept | Event proceeds to normal processing |
| reject | Event rejected with error message |
| shadowReject | Event appears accepted but is not stored |
app/sprocket.goRule-based event filtering system configured via JSON or kind 30078 events. Evaluates events against configurable rules for allow/deny decisions.
pkg/policy/~/.config/orly/policy.jsonPID controller-based adaptive throttling system. Adjusts delays based on system load (memory pressure, write throughput).
pkg/ratelimit/pkg/interfaces/loadmonitor/Process lifecycle manager for split IPC mode deployment. Manages database, ACL, sync, and relay processes with dependency ordering.
cmd/orly-launcher/supervisor.goStack-allocated event reference with fixed-size ID and pubkey arrays. 80 bytes total, fits in cache line, safe for concurrent use. Immutable - all fields are unexported with accessor methods.
type EventRef struct {
id ntypes.EventID // 32 bytes
pub ntypes.Pubkey // 32 bytes
ts int64 // 8 bytes
ser uint64 // 8 bytes
}
pkg/interfaces/store/store_interface.goEvent reference with slice-based fields for backward compatibility.
Mutable - use ToEventRef() for safe concurrent access.
type IdPkTs struct {
Id []byte // Event ID
Pub []byte // Pubkey
Ts int64 // Timestamp
Ser uint64 // Serial number
}
pkg/interfaces/store/store_interface.goAuthorization result carrying allowed status, access level, and context. Used to communicate authorization outcomes through the pipeline.
pkg/event/authorization/authorization.goValidation outcome with Valid bool, ReasonCode enum, and message string. Codes: ReasonNone, ReasonBlocked, ReasonInvalid, ReasonError.
pkg/event/validation/validation.goProcessing outcome indicating whether event was saved, duplicate, or blocked. Includes error field for unexpected failures.
pkg/event/processing/processing.goNote: "Subscription" has two distinct meanings in the codebase:
An active filter receiving matching events in real-time.
Created via REQ envelope, cancelled via CLOSE envelope.
Stored in Listener.subscriptions map with cancel function.
app/listener.go subscriptions fieldPaid access tier granting elevated permissions for a time period. Managed via NWC payments or manual extension.
pkg/database/interface.go Subscription typeEvent aggregator that fetches events from external relays. Subscribes to events for followed pubkeys on configured relay lists.
pkg/spider/Peer-to-peer replication between relay instances. Multiple implementations: negentropy, cluster, distributed, relaygroup.
pkg/sync/Group of relay instances sharing events via HTTP-based pull replication. Membership tracked via kind 39108 events.
pkg/sync/cluster/Configuration of relay sets for synchronized operation. Tracked via kind 39105 events.
pkg/sync/relaygroup/A pluggable implementation of a core interface. Selected at runtime via configuration or command-line flags.
Examples:
// Check if driver is available
database.HasDriver("badger")
// Create instance from driver
db := database.NewFromDriver("badger", config)
pkg/database/, pkg/acl/, pkg/sync/Last updated: 2026-01-24 Based on ORLY codebase v0.56.4