mirror of https://github.com/hzrd149/blossom.git
Merge branch 'master' of https://github.com/quentintaranpino/blossom
This commit is contained in:
Quentin
commit
41cb9c9ef1
12
buds/01.md
12
buds/01.md
|
|
@ -1,8 +1,6 @@
|
|||
BUD-01
|
||||
======
|
||||
# BUD-01
|
||||
|
||||
Server requirements and blob retrieval
|
||||
--------------------------------------
|
||||
## Server requirements and blob retrieval
|
||||
|
||||
`draft` `mandatory`
|
||||
|
||||
|
|
@ -24,6 +22,8 @@ Events MUST have the `content` set to a human readable string explaining to the
|
|||
|
||||
All events MUST have a [NIP-40](https://github.com/nostr-protocol/nips/blob/master/40.md) `expiration` tag set to a unix timestamp at which the event should be considered expired.
|
||||
|
||||
Authorization events MAY have multiple `x` tags for endpoints that require a sha256 hash.
|
||||
|
||||
Example event:
|
||||
|
||||
```json
|
||||
|
|
@ -35,6 +35,7 @@ Example event:
|
|||
"created_at": 1708773959,
|
||||
"tags": [
|
||||
["t", "upload"],
|
||||
// Authorization events MAY have multiple "x" tags
|
||||
["x", "b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553"],
|
||||
["expiration", "1708858680"]
|
||||
],
|
||||
|
|
@ -69,6 +70,7 @@ For HTTP `4xx` and `5xx` status codes servers MUST repond with `Content-Type: ap
|
|||
The `message` field MUST be human readable and should explain the reason for the error. Optionally servers may include other fields for the client with more information about the error
|
||||
|
||||
Example Error response:
|
||||
|
||||
```
|
||||
HTTP/2 401
|
||||
content-type: application/json; charset=utf-8
|
||||
|
|
@ -97,7 +99,7 @@ The server may optionally require authorization when retrieving blobs from the `
|
|||
In this case the server MUST perform additional checks on the authorization event
|
||||
|
||||
1. A `t` tag MUST be present and set to `get`
|
||||
2. The event MUST contain either a `server` tag containing the full URL to the server or MUST contain an `x` tag with the sha256 of the blob being retrieved
|
||||
2. The event MUST contain either a `server` tag containing the full URL to the server or MUST contain at least one `x` tag matching the sha256 hash of the blob being retrieved
|
||||
|
||||
If the client did not send an `Authorization` header the server must respond with the appropriate HTTP status code `401` (Unauthorized)
|
||||
|
||||
|
|
|
|||
30
buds/02.md
30
buds/02.md
|
|
@ -1,8 +1,6 @@
|
|||
BUD-02
|
||||
======
|
||||
# BUD-02
|
||||
|
||||
Blob upload and management
|
||||
--------------------------
|
||||
## Blob upload and management
|
||||
|
||||
`draft` `optional`
|
||||
|
||||
|
|
@ -14,13 +12,25 @@ Defines the `/upload`, `/list` and `DELETE /<sha256>` endpoints
|
|||
|
||||
A blob descriptor is a JSON object containing `url`, `sha256`, `size`, `type`, and `uploaded` fields
|
||||
|
||||
- `url` A public facing url this blob can retrieved from
|
||||
- `url` A publicly accessible URL to the [BUD-01](./01.md#get-sha256---get-blob) `GET /<sha256>` endpoint (optionally with a file extension)
|
||||
- `sha256` The sha256 hash of the blob
|
||||
- `size` The size of the blob in bytes
|
||||
- `type` (optional) The MIME type of the blob
|
||||
- `uploaded` The unix timestamp of when the blob was uploaded to the server
|
||||
|
||||
Servers may include additional fields in the descriptor like `magnet`, `infohash`, or `ipfs` depending on other protocols they support
|
||||
Servers MAY include additional fields in the descriptor like `magnet`, `infohash`, or `ipfs` depending on other protocols they support
|
||||
|
||||
Example:
|
||||
|
||||
```json
|
||||
{
|
||||
"url": "https://cdn.example.com/b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553.pdf",
|
||||
"sha256": "b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553",
|
||||
"size": 184292,
|
||||
"type": "application/pdf",
|
||||
"uploaded": 1725105921
|
||||
}
|
||||
```
|
||||
|
||||
## PUT /upload - Upload Blob
|
||||
|
||||
|
|
@ -37,7 +47,7 @@ Servers MAY reject an upload for any reason and should respond with the appropri
|
|||
Servers MUST accept an authorization event when uploading blobs and should perform additional checks
|
||||
|
||||
1. The `t` tag MUST be set to `upload`
|
||||
2. The `x` tag MUST be present and set to the sha256 hash of the blob
|
||||
2. MUST contain at least one `x` tag matching the sha256 hash of the blob being uploaded
|
||||
|
||||
Example Authorization event:
|
||||
|
||||
|
|
@ -103,7 +113,11 @@ Servers MUST accept an authorization event when deleting blobs
|
|||
Servers should perform additional checks on the authorization event
|
||||
|
||||
1. The `t` tag must be set to `delete`
|
||||
2. A `x` tag must be present and set to the sha256 hash of the blob being deleted
|
||||
2. MUST contain at least one `x` tag matching the sha256 hash of the blob being deleted
|
||||
|
||||
When multiple `x` tags are present on the authorization event the server MUST only delete the blob listed in the URL.
|
||||
|
||||
**Multiple `x` tags MUST NOT be interpreted as the user requesting a bulk delete.**
|
||||
|
||||
Example Authorization event:
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
BUD-03
|
||||
======
|
||||
# BUD-03
|
||||
|
||||
User Server List
|
||||
-------------------------
|
||||
## User Server List
|
||||
|
||||
`draft` `optional`
|
||||
|
||||
|
|
@ -73,6 +71,6 @@ Once the client discovers that the URL `https://cdn.broken-domain.com/b1674191a8
|
|||
1. Get the SHA256 has from the URL
|
||||
2. Look for the authors server list `kind:10063`
|
||||
3. If found, Attempt to retrieve the blob from each `server` listed started with the first
|
||||
3. If not found, the client MAY fallback to using a well-known popular blossom server to retrieve the blob
|
||||
4. If not found, the client MAY fallback to using a well-known popular blossom server to retrieve the blob
|
||||
|
||||
This ensures clients can quickly find missing blobs using the users list of trusted servers.
|
||||
|
|
|
|||
14
buds/04.md
14
buds/04.md
|
|
@ -1,8 +1,6 @@
|
|||
BUD-04
|
||||
======
|
||||
# BUD-04
|
||||
|
||||
Mirroring blobs
|
||||
---------------
|
||||
## Mirroring blobs
|
||||
|
||||
`draft` `optional`
|
||||
|
||||
|
|
@ -16,12 +14,16 @@ Clients MUST pass the URL of the remote blob as a stringified JSON object in the
|
|||
|
||||
```json
|
||||
// request body
|
||||
{ "url": "https://cdn.satellite.earth/b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553.pdf" }
|
||||
{
|
||||
"url": "https://cdn.satellite.earth/b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553.pdf"
|
||||
}
|
||||
```
|
||||
|
||||
Clients MUST set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required)
|
||||
|
||||
The `/mirror` endpoint MUST download the blob from the specified URL and verify the sha256 hash matches the `x` tag in the upload authorization event
|
||||
The `/mirror` endpoint MUST download the blob from the specified URL and verify that there is at least one `x` tag in the authorization event matching the sha256 hash of the download blob
|
||||
|
||||
**Multiple `x` tags MUST NOT be interpreted as the user requesting a bulk mirror.**
|
||||
|
||||
The endpoint MUST return a [Blob Descriptor](#blob-descriptor) if the mirroring was successful or an error object if it was not
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue