@nostrify/policies 0.36.2

package/FiltersPolicy.ts

@@ -0,0 +1,27 @@
+import { matchFilters } from 'nostr-tools';
+
+import { NostrEvent, NostrFilter, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * Reject events which don't match the filters.
+ *
+ * Only messages which **match** the filters are allowed, and all others are dropped.
+ * The filter is a [NIP-01](https://github.com/nostr-protocol/nips/blob/master/01.md) relay filter.
+ *
+ * ```ts
+ * // Only allow kind 1, 3, 5, and 7 events.
+ * new FiltersPolicy([{ kinds: [0, 1, 3, 5, 6, 7] }]);
+ * ```
+ */
+export class FiltersPolicy implements NPolicy {
+  constructor(private filters: NostrFilter[]) {}
+
+  // deno-lint-ignore require-await
+  async call(event: NostrEvent): Promise<NostrRelayOK> {
+    if (matchFilters(this.filters, event)) {
+      return ['OK', event.id, true, ''];
+    }
+
+    return ['OK', event.id, false, "blocked: the event doesn't match the allowed filters"];
+  }
+}

package/HashtagPolicy.test.ts

@@ -0,0 +1,34 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { HashtagPolicy } from './HashtagPolicy.ts';
+
+Deno.test('HashtagPolicy', async () => {
+  const hashtags = ['nsfw'];
+
+  const event1 = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const event2 = finalizeEvent(
+    { kind: 1, content: '', tags: [['t', 'nsfw'], ['t', 'other']], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const event3 = finalizeEvent(
+    { kind: 1, content: 'nsfw', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const event4 = finalizeEvent(
+    { kind: 1, content: '', tags: [['p', 'nsfw'], ['t', 'other']], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  assertEquals((await new HashtagPolicy(hashtags).call(event1))[2], true);
+  assertEquals((await new HashtagPolicy(hashtags).call(event2))[2], false);
+  assertEquals((await new HashtagPolicy([]).call(event2))[2], true);
+  assertEquals((await new HashtagPolicy(hashtags).call(event3))[2], true);
+  assertEquals((await new HashtagPolicy(hashtags).call(event4))[2], true);
+});

package/HashtagPolicy.ts

@@ -0,0 +1,25 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * Reject events containing any of the banned hashtags.
+ *
+ * @example
+ * ```ts
+ * // Reject events with banned hashtags.
+ * HashtagPolicy(['nsfw']);
+ * ```
+ */
+export class HashtagPolicy implements NPolicy {
+  constructor(private hashtags: string[]) {}
+
+  // deno-lint-ignore require-await
+  async call({ id, tags }: NostrEvent): Promise<NostrRelayOK> {
+    for (const [name, value] of tags) {
+      if (name === 't' && this.hashtags.includes(value.toLowerCase())) {
+        return ['OK', id, false, 'blocked: contains a banned hashtag'];
+      }
+    }
+
+    return ['OK', id, true, ''];
+  }
+}

package/HellthreadPolicy.test.ts

@@ -0,0 +1,23 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { HellthreadPolicy } from './HellthreadPolicy.ts';
+
+Deno.test('HellthreadPolicy', async () => {
+  const policy = new HellthreadPolicy({ limit: 1 });
+
+  const okEvent = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const badEvent = finalizeEvent({
+    kind: 1,
+    content: '',
+    tags: [['p'], ['p'], ['p']],
+    created_at: 0,
+  }, generateSecretKey());
+
+  assertEquals((await policy.call(okEvent))[2], true);
+  assertEquals((await policy.call(badEvent))[2], false);
+});

package/HellthreadPolicy.ts

@@ -0,0 +1,27 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/** Policy options for `HellthreadPolicy`. */
+interface HellthreadPolicyOpts {
+  /** Total number of "p" tags a kind 1 note may have before it's rejected. Default: `100` */
+  limit?: number;
+}
+
+/** Basic policy to demonstrate how policies work. Accepts all events. */
+export class HellthreadPolicy implements NPolicy {
+  constructor(private opts: HellthreadPolicyOpts = {}) {}
+
+  // deno-lint-ignore require-await
+  async call({ id, kind, tags }: NostrEvent): Promise<NostrRelayOK> {
+    const { limit = 100 } = this.opts;
+
+    if (kind === 1) {
+      const p = tags.filter((tag) => tag[0] === 'p');
+
+      if (p.length > limit) {
+        return ['OK', id, false, `blocked: rejected due to ${p.length} "p" tags (${limit} is the limit).`];
+      }
+    }
+
+    return ['OK', id, true, ''];
+  }
+}

package/InvertPolicy.test.ts

@@ -0,0 +1,19 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { InvertPolicy } from './InvertPolicy.ts';
+import { NoOpPolicy } from './NoOpPolicy.ts';
+
+Deno.test('InvertPolicy', async () => {
+  const policy = new InvertPolicy(new NoOpPolicy(), 'blocked: inverted');
+
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const [_, _eventId, ok, reason] = await policy.call(event);
+
+  assertEquals(ok, false);
+  assertEquals(reason, 'blocked: inverted');
+});

package/InvertPolicy.ts

@@ -0,0 +1,17 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/** Rejects if the policy passes, passes if the policy rejects. */
+export class InvertPolicy implements NPolicy {
+  constructor(private policy: NPolicy, private reason: string) {}
+
+  async call(event: NostrEvent): Promise<NostrRelayOK> {
+    const result = await this.policy.call(event);
+    const ok = result[2];
+
+    if (ok) {
+      return ['OK', event.id, false, this.reason];
+    } else {
+      return ['OK', event.id, true, ''];
+    }
+  }
+}

package/KeywordPolicy.test.ts

@@ -0,0 +1,28 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { KeywordPolicy } from './KeywordPolicy.ts';
+
+Deno.test('KeywordPolicy', async () => {
+  const words = ['https://t.me/spam', 'hello world'];
+
+  const event1 = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const event2 = finalizeEvent(
+    { kind: 1, content: '🔥🔥🔥 https://t.me/spam 我想死', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const event3 = finalizeEvent(
+    { kind: 1, content: 'hElLo wOrLd!', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  assertEquals((await new KeywordPolicy(words).call(event1))[2], true);
+  assertEquals((await new KeywordPolicy(words).call(event2))[2], false);
+  assertEquals((await new KeywordPolicy([]).call(event2))[2], true);
+  assertEquals((await new KeywordPolicy(words).call(event3))[2], false);
+});

package/KeywordPolicy.ts

@@ -0,0 +1,25 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * Reject events containing any of the strings in its content.
+ *
+ * @example
+ * ```ts
+ * // Reject events with bad words.
+ * KeywordPolicy(['moo', 'oink', 'honk']);
+ * ```
+ */
+export class KeywordPolicy implements NPolicy {
+  constructor(private words: Iterable<string>) {}
+
+  // deno-lint-ignore require-await
+  async call({ id, content }: NostrEvent): Promise<NostrRelayOK> {
+    for (const word of this.words) {
+      if (content.toLowerCase().includes(word.toLowerCase())) {
+        return ['OK', id, false, 'blocked: contains a banned word or phrase'];
+      }
+    }
+
+    return ['OK', id, true, ''];
+  }
+}

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Alex Gleason
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/NoOpPolicy.test.ts

@@ -0,0 +1,18 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { NoOpPolicy } from './NoOpPolicy.ts';
+
+Deno.test('NoOpPolicy', async () => {
+  const policy = new NoOpPolicy();
+
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const [_, eventId, ok] = await policy.call(event);
+
+  assertEquals(eventId, event.id);
+  assertEquals(ok, true);
+});

package/NoOpPolicy.ts

@@ -0,0 +1,9 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/** Basic policy to demonstrate how policies work. Accepts all events. */
+export class NoOpPolicy implements NPolicy {
+  // deno-lint-ignore require-await
+  async call(event: NostrEvent): Promise<NostrRelayOK> {
+    return ['OK', event.id, true, ''];
+  }
+}

package/OpenAIPolicy.test.ts

@@ -0,0 +1,42 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { OpenAIPolicy } from './OpenAIPolicy.ts';
+
+const timeout = 50;
+
+Deno.test('rejects flagged events', async () => {
+  const event = finalizeEvent(
+    { kind: 1, content: 'I want to kill them.', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const fetch = () =>
+    Promise.resolve(
+      new Response(
+        '{"id":"modr-6zvK0JiWLBpJvA5IrJufw8BHPpEpB","model":"text-moderation-004","results":[{"flagged":true,"categories":{"sexual":false,"hate":false,"violence":true,"self-harm":false,"sexual/minors":false,"hate/threatening":false,"violence/graphic":false},"category_scores":{"sexual":9.759669410414062e-07,"hate":0.180674210190773,"violence":0.8864424824714661,"self-harm":1.8088556208439854e-09,"sexual/minors":1.3363569806301712e-08,"hate/threatening":0.003288434585556388,"violence/graphic":3.2010063932830235e-08}}]}',
+      ),
+    );
+
+  assertEquals((await new OpenAIPolicy({ apiKey: '', fetch }).call(event, AbortSignal.timeout(timeout)))[2], false);
+
+  await new Promise((resolve) => setTimeout(resolve, timeout));
+});
+
+Deno.test('accepts unflagged events', async () => {
+  const event = finalizeEvent(
+    { kind: 1, content: 'I want to love them.', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const fetch = () =>
+    Promise.resolve(
+      new Response(
+        '{"id":"modr-6zvS6HoiwBqOQ9VYSggGAAI9vSgWD","model":"text-moderation-004","results":[{"flagged":false,"categories":{"sexual":false,"hate":false,"violence":false,"self-harm":false,"sexual/minors":false,"hate/threatening":false,"violence/graphic":false},"category_scores":{"sexual":1.94798508346139e-06,"hate":2.756592039077077e-07,"violence":1.4010063864589029e-07,"self-harm":3.1806530742528594e-09,"sexual/minors":1.8928545841845335e-08,"hate/threatening":3.1036221769670247e-12,"violence/graphic":1.5348690096672613e-09}}]}',
+      ),
+    );
+
+  assertEquals((await new OpenAIPolicy({ apiKey: '', fetch }).call(event, AbortSignal.timeout(timeout)))[2], false);
+
+  await new Promise((resolve) => setTimeout(resolve, timeout));
+});

package/OpenAIPolicy.ts

@@ -0,0 +1,113 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * OpenAI moderation result.
+ *
+ * https://platform.openai.com/docs/api-reference/moderations/create
+ */
+interface OpenAIModerationResult {
+  id: string;
+  model: string;
+  results: {
+    categories: {
+      'hate': boolean;
+      'hate/threatening': boolean;
+      'self-harm': boolean;
+      'sexual': boolean;
+      'sexual/minors': boolean;
+      'violence': boolean;
+      'violence/graphic': boolean;
+    };
+    category_scores: {
+      'hate': number;
+      'hate/threatening': number;
+      'self-harm': number;
+      'sexual': number;
+      'sexual/minors': number;
+      'violence': number;
+      'violence/graphic': number;
+    };
+    flagged: boolean;
+  }[];
+}
+
+/** Policy options for `OpenAIPolicy`. */
+interface OpenAIPolicyOpts {
+  /**
+   * Callback for fine control over the policy. It contains the event and the OpenAI moderation data.
+   * Implementations should return `true` to **reject** the content, and `false` to accept.
+   */
+  handler?(event: NostrEvent, result: OpenAIModerationResult): boolean;
+  /** Custom endpoint to use instead of `https://api.openai.com/v1/moderations`. */
+  endpoint?: string;
+  /** Custom fetch implementation. */
+  fetch?: typeof fetch;
+  /** Which event kinds to apply the policy to. */
+  kinds?: number[];
+  /** OpenAI API key for making the requests. */
+  apiKey: string;
+}
+
+/**
+ * Passes event content to OpenAI and then rejects flagged events.
+ *
+ * By default, this policy will reject kind 1 events that OpenAI flags.
+ * It's possible to pass a custom handler for more control. An OpenAI API key is required.
+ *
+ * ```ts
+ * // Default handler. It's so strict it's suitable for children.
+ * new OpenAIPolicy({ apiKey: Deno.env.get('OPENAI_API_KEY') });
+ *
+ * // With a custom handler.
+ * new OpenAIPolicy({
+ *   apiKey: Deno.env.get('OPENAI_API_KEY'),
+ *   handler(event, data) {
+ *     // Loop each result.
+ *     return data.results.some((result) => {
+ *       if (result.flagged) {
+ *         const { sexual, violence } = result.categories;
+ *         // Reject only events flagged as sexual and violent.
+ *         return sexual && violence;
+ *       }
+ *     });
+ *   },
+ * });
+ * ```
+ */
+export class OpenAIPolicy implements NPolicy {
+  constructor(private opts: OpenAIPolicyOpts) {}
+
+  async call(event: NostrEvent, signal?: AbortSignal): Promise<NostrRelayOK> {
+    const {
+      handler = (_, { results }) => results.some((r) => r.flagged),
+      endpoint = 'https://api.openai.com/v1/moderations',
+      kinds = [1, 30023],
+      apiKey,
+    } = this.opts;
+
+    if (kinds.includes(event.kind)) {
+      try {
+        const resp = await fetch(endpoint, {
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${apiKey}`,
+          },
+          body: JSON.stringify({
+            input: event.content,
+          }),
+          signal,
+        });
+
+        const result = await resp.json();
+
+        if (handler(event, result)) {
+          return ['OK', event.id, false, 'blocked: content flagged by AI'];
+        }
+      } catch (_) {
+        return ['OK', event.id, false, 'blocked: error analyzing content'];
+      }
+    }
+
+    return ['OK', event.id, true, ''];
+  }
+}

package/PipePolicy.test.ts

@@ -0,0 +1,58 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { NoOpPolicy } from './NoOpPolicy.ts';
+import { PipePolicy } from './PipePolicy.ts';
+import { ReadOnlyPolicy } from './ReadOnlyPolicy.ts';
+
+Deno.test('passes events through multiple policies', async () => {
+  const policy = new PipePolicy([
+    new NoOpPolicy(),
+    new ReadOnlyPolicy(),
+  ]);
+
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const [_, _eventId, ok, reason] = await policy.call(event);
+
+  assertEquals(ok, false);
+  assertEquals(reason, 'blocked: the relay is read-only');
+});
+
+Deno.test('short-circuits on the first reject', async () => {
+  const policy = new PipePolicy([
+    new ReadOnlyPolicy(),
+    new NoOpPolicy(),
+  ]);
+
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const [_, _eventId, ok, reason] = await policy.call(event);
+
+  assertEquals(ok, false);
+  assertEquals(reason, 'blocked: the relay is read-only');
+});
+
+Deno.test('accepts when all policies accept', async () => {
+  const policy = new PipePolicy([
+    new NoOpPolicy(),
+    new NoOpPolicy(),
+    new NoOpPolicy(),
+  ]);
+
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  const [_, _eventId, ok, reason] = await policy.call(event);
+
+  assertEquals(ok, true);
+  assertEquals(reason, '');
+});

package/PipePolicy.ts

@@ -0,0 +1,36 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * Processes events through multiple policies.
+ *
+ * If any policy rejects, the pipeline will stop and return the rejected message.
+ *
+ * ```ts
+ * const policy = new PipePolicy([
+ *   new NoOpPolicy(),
+ *   new FiltersPolicy([{ kinds: [0, 1, 3, 5, 7, 1984, 9734, 9735, 10002] }]),
+ *   new KeywordPolicy(['https://t.me/']),
+ *   new RegexPolicy(/(🟠|🔥|😳)ChtaGPT/i),
+ *   new PubkeyBanPolicy(['e810fafa1e89cdf80cced8e013938e87e21b699b24c8570537be92aec4b12c18']),
+ *   new HellthreadPolicy({ limit: 100 }),
+ *   new AntiDuplicationPolicy({ kv: await Deno.openKv(), expireIn: 60000, minLength: 50 }),
+ * ]);
+ *
+ * const [_, eventId, ok, reason] = await policy.call(event);
+ * ```
+ */
+export class PipePolicy implements NPolicy {
+  constructor(private policies: NPolicy[]) {}
+
+  async call(event: NostrEvent, signal?: AbortSignal): Promise<NostrRelayOK> {
+    for (const policy of this.policies) {
+      const [_, eventId, ok, reason] = await policy.call(event, signal);
+
+      if (!ok) {
+        return [_, eventId, ok, reason];
+      }
+    }
+
+    return ['OK', event.id, true, ''];
+  }
+}

package/PowPolicy.test.ts

@@ -0,0 +1,27 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { PowPolicy } from './PowPolicy.ts';
+
+Deno.test('blocks events without a nonce', async () => {
+  const event = finalizeEvent(
+    { kind: 1, content: '', tags: [], created_at: 0 },
+    generateSecretKey(),
+  );
+
+  assertEquals((await new PowPolicy().call(event))[2], false);
+});
+
+Deno.test('accepts event with sufficient POW', async () => {
+  const event = {
+    id: '000006d8c378af1779d2feebc7603a125d99eca0ccf1085959b307f64e5dd358',
+    tags: [['nonce', '776797', '20']],
+    kind: 1,
+    content: '',
+    pubkey: '',
+    created_at: 0,
+    sig: '',
+  };
+
+  assertEquals((await new PowPolicy().call(event))[2], true);
+});

package/PowPolicy.ts

@@ -0,0 +1,41 @@
+import { NostrEvent, NostrRelayInfo, NostrRelayOK, NPolicy } from '@nostrify/types';
+import { nip13 } from 'nostr-tools';
+
+/** Policy options for `PowPolicy`. */
+interface PowPolicyOpts {
+  /** Events will be rejected if their `id` does not contain at least this many leading 0 bits. Default: `1` */
+  difficulty?: number;
+}
+
+/**
+ * Reject events which don't meet Proof-of-Work ([NIP-13](https://github.com/nostr-protocol/nips/blob/master/13.md)) criteria.
+ *
+ * ```ts
+ * new PowPolicy({ difficulty: 20 });
+ * ```
+ */
+export class PowPolicy implements NPolicy {
+  constructor(private opts: PowPolicyOpts = {}) {}
+
+  // deno-lint-ignore require-await
+  async call({ id, tags }: NostrEvent): Promise<NostrRelayOK> {
+    const { difficulty = 1 } = this.opts;
+
+    const pow = nip13.getPow(id);
+    const nonce = tags.find(([name]) => name === 'nonce');
+
+    if (pow >= difficulty && nonce && Number(nonce[2]) >= difficulty) {
+      return ['OK', id, true, ''];
+    }
+
+    return ['OK', id, false, `pow: insufficient proof-of-work (difficulty ${difficulty})`];
+  }
+
+  get info(): NostrRelayInfo {
+    return {
+      limitation: {
+        min_pow_difficulty: this.opts.difficulty,
+      },
+    };
+  }
+}

package/PubkeyBanPolicy.test.ts

@@ -0,0 +1,17 @@
+import { assertEquals } from '@std/assert';
+import { finalizeEvent, generateSecretKey } from 'nostr-tools';
+
+import { PubkeyBanPolicy } from './PubkeyBanPolicy.ts';
+
+Deno.test('PubkeyBanPolicy', async () => {
+  const [event1, event2, event3] = new Array(3).fill(0).map(() => {
+    return finalizeEvent(
+      { kind: 1, content: '', tags: [], created_at: 0 },
+      generateSecretKey(),
+    );
+  });
+
+  assertEquals((await new PubkeyBanPolicy([]).call(event1))[2], true);
+  assertEquals((await new PubkeyBanPolicy([event2.pubkey, event1.pubkey]).call(event3))[2], true);
+  assertEquals((await new PubkeyBanPolicy([event2.pubkey, event1.pubkey]).call(event2))[2], false);
+});

package/PubkeyBanPolicy.ts

@@ -0,0 +1,24 @@
+import { NostrEvent, NostrRelayOK, NPolicy } from '@nostrify/types';
+
+/**
+ * Ban events from individual pubkeys.
+ *
+ * ```ts
+ * // Ban a specific pubkey.
+ * new PubkeyBanPolicy(['e810fafa1e89cdf80cced8e013938e87e21b699b24c8570537be92aec4b12c18']);
+ * ```
+ */
+export class PubkeyBanPolicy implements NPolicy {
+  constructor(private pubkeys: Iterable<string>) {}
+
+  // deno-lint-ignore require-await
+  async call({ id, pubkey }: NostrEvent): Promise<NostrRelayOK> {
+    for (const p of this.pubkeys) {
+      if (p === pubkey) {
+        return ['OK', id, false, 'blocked: pubkey is banned'];
+      }
+    }
+
+    return ['OK', id, true, ''];
+  }
+}