- Move non-NIP-17 admin functions from dm_admin.c to api.c for better architecture
- Add NIP-44 encryption to send_admin_response() for secure admin responses
- Implement SQL query validation and execution with safety limits
- Add unified SQL query handler for admin API
- Fix buffer size for encrypted content to handle larger responses
- Update function declarations and includes across files
- Successfully test frontend query execution through web interface
- **Auth Rules Implementation**: Added blacklist/whitelist enforcement in websockets.c
- Events are now checked against auth_rules table before acceptance
- Blacklist blocks specific pubkeys, whitelist enables allow-only mode
- Made check_database_auth_rules() public for cross-module access
- **Subscription Filtering Fixes**:
- Added missing 'ids' filter support in SQL query building
- Fixed test expectations to not require exact event counts for kind filters
- Improved filter validation and error handling
- **Ephemeral Events Compliance**:
- Modified SQL queries to exclude kinds 20000-29999 from historical queries
- Maintains broadcasting to active subscribers while preventing storage/retrieval
- Ensures NIP-01 compliance for ephemeral event handling
- **Comprehensive Testing**:
- Created white_black_test.sh with full blacklist/whitelist functionality testing
- Tests verify blocked posting for blacklisted users
- Tests verify whitelist-only mode when whitelist rules exist
- Includes proper auth rule clearing between test phases
- **Code Quality**:
- Added proper function declarations to websockets.h
- Improved error handling and logging throughout
- Enhanced test script with clear pass/fail reporting
