v0.2.12 - Command line variables added

v0.2.11 - Picky shit
v0.2.10 - Clean versioning
2025-09-06 07:41:43 -04:00 · 2025-09-06 07:12:47 -04:00 · 2025-09-06 06:25:27 -04:00 · 2025-09-06 06:21:02 -04:00 · 2025-09-06 05:14:03 -04:00 · 2025-09-06 05:11:11 -04:00
20 changed files with 1255 additions and 894 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -2,5 +2,8 @@ nostr_core_lib/
 nips/
 build/
 relay.log
 relay.pid
 Trash/
 src/version.h
 dev-config/
 db/
--- a/28
+++ b/28
@@ -40,14 +40,15 @@ $(NOSTR_CORE_LIB):
 src/version.h:
 	@if [ -d .git ]; then \
 		echo "Generating version.h from git tags..."; \
-		VERSION=$$(git describe --tags --always --dirty 2>/dev/null || echo "unknown"); \
+		RAW_VERSION=$$(git describe --tags --always 2>/dev/null || echo "unknown"); \
-		if echo "$$VERSION" | grep -q "^v[0-9]"; then \
+		if echo "$$RAW_VERSION" | grep -q "^v[0-9]"; then \
-			CLEAN_VERSION=$$(echo "$$VERSION" | sed 's/^v//'); \
+			CLEAN_VERSION=$$(echo "$$RAW_VERSION" | sed 's/^v//' | cut -d- -f1); \
 			VERSION="v$$CLEAN_VERSION"; \
 			MAJOR=$$(echo "$$CLEAN_VERSION" | cut -d. -f1); \
 			MINOR=$$(echo "$$CLEAN_VERSION" | cut -d. -f2); \
-			PATCH=$$(echo "$$CLEAN_VERSION" | cut -d. -f3 | cut -d- -f1); \
+			PATCH=$$(echo "$$CLEAN_VERSION" | cut -d. -f3); \
 		else \
-			CLEAN_VERSION="0.0.0-$$VERSION"; \
+			VERSION="v0.0.0"; \
 			MAJOR=0; MINOR=0; PATCH=0; \
 		fi; \
 		echo "/* Auto-generated version information */" > src/version.h; \
@@ -60,10 +61,10 @@ src/version.h:
 		echo "#define VERSION_PATCH $$PATCH" >> src/version.h; \
 		echo "" >> src/version.h; \
 		echo "#endif /* VERSION_H */" >> src/version.h; \
-		echo "Generated version.h with version: $$VERSION"; \
+		echo "Generated version.h with clean version: $$VERSION"; \
 	elif [ ! -f src/version.h ]; then \
 		echo "Git not available and version.h missing, creating fallback version.h..."; \
-		VERSION="unknown"; \
+		VERSION="v0.0.0"; \
 		echo "/* Auto-generated version information */" > src/version.h; \
 		echo "#ifndef VERSION_H" >> src/version.h; \
 		echo "#define VERSION_H" >> src/version.h; \
@@ -86,18 +87,18 @@ force-version:
 	@$(MAKE) src/version.h
 # Build the relay
-$(TARGET): $(BUILD_DIR) src/version.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
+$(TARGET): $(BUILD_DIR) src/version.h src/sql_schema.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
 	@echo "Compiling C-Relay for architecture: $(ARCH)"
 	$(CC) $(CFLAGS) $(INCLUDES) $(MAIN_SRC) -o $(TARGET) $(NOSTR_CORE_LIB) $(LIBS)
 	@echo "Build complete: $(TARGET)"
 # Build for specific architectures
-x86: $(BUILD_DIR) src/version.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
+x86: $(BUILD_DIR) src/version.h src/sql_schema.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
 	@echo "Building C-Relay for x86_64..."
 	$(CC) $(CFLAGS) $(INCLUDES) $(MAIN_SRC) -o $(BUILD_DIR)/c_relay_x86 $(NOSTR_CORE_LIB) $(LIBS)
 	@echo "Build complete: $(BUILD_DIR)/c_relay_x86"
-arm64: $(BUILD_DIR) src/version.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
+arm64: $(BUILD_DIR) src/version.h src/sql_schema.h $(MAIN_SRC) $(NOSTR_CORE_LIB)
 	@echo "Cross-compiling C-Relay for ARM64..."
 	@if ! command -v aarch64-linux-gnu-gcc >/dev/null 2>&1; then \
 		echo "ERROR: ARM64 cross-compiler not found."; \
@@ -161,10 +162,11 @@ test: $(TARGET)
 	@echo "Running tests..."
 	./tests/1_nip_test.sh
-# Initialize database
+# Initialize database (now handled automatically when server starts)
 init-db:
-	@echo "Initializing database..."
+	@echo "Database initialization is now handled automatically when the server starts."
-	./db/init.sh --force
+	@echo "The schema is embedded in the binary - no external files needed."
 	@echo "To manually recreate database: rm -f db/c_nostr_relay.db && ./build/c_relay_x86"
 # Clean build artifacts
 clean:
--- a/build_and_push.sh
+++ b/build_and_push.sh
@@ -139,6 +139,13 @@ compile_project() {
        print_warning "Clean failed or no Makefile found"
    fi
    # Force regenerate version.h to pick up new tags
    if make force-version > /dev/null 2>&1; then
        print_success "Regenerated version.h"
    else
        print_warning "Failed to regenerate version.h"
    fi
    # Compile the project
    if make > /dev/null 2>&1; then
        print_success "C-Relay compiled successfully"
@@ -229,10 +236,65 @@ git_commit_and_push() {
        exit 1
    fi
-    if git push --tags > /dev/null 2>&1; then
+    # Push only the new tag to avoid conflicts with existing tags
-        print_success "Pushed tags"
+    if git push origin "$NEW_VERSION" > /dev/null 2>&1; then
        print_success "Pushed tag: $NEW_VERSION"
    else
-        print_warning "Failed to push tags"
+        print_warning "Tag push failed, trying force push..."
        if git push --force origin "$NEW_VERSION" > /dev/null 2>&1; then
            print_success "Force-pushed updated tag: $NEW_VERSION"
        else
            print_error "Failed to push tag: $NEW_VERSION"
            exit 1
        fi
    fi
 }
 # Function to commit and push changes without creating a tag (tag already created)
 git_commit_and_push_no_tag() {
    print_status "Preparing git commit..."
    # Stage all changes
    if git add . > /dev/null 2>&1; then
        print_success "Staged all changes"
    else
        print_error "Failed to stage changes"
        exit 1
    fi
    # Check if there are changes to commit
    if git diff --staged --quiet; then
        print_warning "No changes to commit"
    else
        # Commit changes
        if git commit -m "$NEW_VERSION - $COMMIT_MESSAGE" > /dev/null 2>&1; then
            print_success "Committed changes"
        else
            print_error "Failed to commit changes"
            exit 1
        fi
    fi
    # Push changes and tags
    print_status "Pushing to remote repository..."
    if git push > /dev/null 2>&1; then
        print_success "Pushed changes"
    else
        print_error "Failed to push changes"
        exit 1
    fi
    # Push only the new tag to avoid conflicts with existing tags
    if git push origin "$NEW_VERSION" > /dev/null 2>&1; then
        print_success "Pushed tag: $NEW_VERSION"
    else
        print_warning "Tag push failed, trying force push..."
        if git push --force origin "$NEW_VERSION" > /dev/null 2>&1; then
            print_success "Force-pushed updated tag: $NEW_VERSION"
        else
            print_error "Failed to push tag: $NEW_VERSION"
            exit 1
        fi
    fi
 }
@@ -352,14 +414,23 @@ main() {
        # Increment minor version for releases
        increment_version "minor"
-        # Compile project first
+        # Create new git tag BEFORE compilation so version.h picks it up
        if git tag "$NEW_VERSION" > /dev/null 2>&1; then
            print_success "Created tag: $NEW_VERSION"
        else
            print_warning "Tag $NEW_VERSION already exists, removing and recreating..."
            git tag -d "$NEW_VERSION" > /dev/null 2>&1
            git tag "$NEW_VERSION" > /dev/null 2>&1
        fi
        # Compile project first (will now pick up the new tag)
        compile_project
        # Build release binaries
        build_release_binaries
-        # Commit and push
+        # Commit and push (but skip tag creation since we already did it)
-        git_commit_and_push
+        git_commit_and_push_no_tag
        # Create Gitea release with binaries
        create_gitea_release
@@ -376,11 +447,20 @@ main() {
        # Increment patch version for regular commits
        increment_version "patch"
-        # Compile project
+        # Create new git tag BEFORE compilation so version.h picks it up
        if git tag "$NEW_VERSION" > /dev/null 2>&1; then
            print_success "Created tag: $NEW_VERSION"
        else
            print_warning "Tag $NEW_VERSION already exists, removing and recreating..."
            git tag -d "$NEW_VERSION" > /dev/null 2>&1
            git tag "$NEW_VERSION" > /dev/null 2>&1
        fi
        # Compile project (will now pick up the new tag)
        compile_project
-        # Commit and push
+        # Commit and push (but skip tag creation since we already did it)
-        git_commit_and_push
+        git_commit_and_push_no_tag
        print_success "Build and push completed successfully!"
        print_status "Version $NEW_VERSION pushed to repository"
--- a/db/README.md
+++ b/db/README.md
@@ -1,228 +1 @@
-# C Nostr Relay Database
+Only README.md will remain
 This directory contains the SQLite database schema and initialization scripts for the C Nostr Relay implementation.
 ## Files
 - **`schema.sql`** - Complete database schema based on nostr-rs-relay v18
 - **`init.sh`** - Database initialization script
 - **`c_nostr_relay.db`** - SQLite database file (created after running init.sh)
 ## Quick Start
 1. **Initialize the database:**
   ```bash
   cd db
   ./init.sh
   ```
 2. **Force reinitialize (removes existing database):**
   ```bash
   ./init.sh --force
   ```
 3. **Initialize with optimization and info:**
   ```bash
   ./init.sh --info --optimize
   ```
 ## Database Schema
 The schema is fully compatible with the Nostr protocol and includes:
 ### Core Tables
 - **`event`** - Main event storage with all Nostr event data
 - **`tag`** - Denormalized tag index for efficient queries
 - **`user_verification`** - NIP-05 verification tracking
 - **`account`** - User account management (optional)
 - **`invoice`** - Lightning payment tracking (optional)
 ### Key Features
 - ✅ **NIP-01 compliant** - Full basic protocol support
 - ✅ **Replaceable events** - Supports kinds 0, 3, 10000-19999
 - ✅ **Parameterized replaceable** - Supports kinds 30000-39999 with `d` tags
 - ✅ **Event deletion** - NIP-09 soft deletion with `hidden` column
 - ✅ **Event expiration** - NIP-40 automatic cleanup
 - ✅ **Authentication** - NIP-42 client authentication
 - ✅ **NIP-05 verification** - Domain-based identity verification
 - ✅ **Performance optimized** - Comprehensive indexing strategy
 ### Schema Version
 Current version: **v18** (compatible with nostr-rs-relay v18)
 ## Database Structure
 ### Event Storage
 ```sql
 CREATE TABLE event (
    id INTEGER PRIMARY KEY,
    event_hash BLOB NOT NULL,        -- 32-byte SHA256 hash
    first_seen INTEGER NOT NULL,     -- relay receive timestamp
    created_at INTEGER NOT NULL,     -- event creation timestamp
    expires_at INTEGER,              -- NIP-40 expiration
    author BLOB NOT NULL,            -- 32-byte pubkey
    delegated_by BLOB,               -- NIP-26 delegator
    kind INTEGER NOT NULL,           -- event kind
    hidden INTEGER DEFAULT FALSE,   -- soft deletion flag
    content TEXT NOT NULL            -- complete JSON event
 );
 ```
 ### Tag Indexing
 ```sql
 CREATE TABLE tag (
    id INTEGER PRIMARY KEY,
    event_id INTEGER NOT NULL,
    name TEXT,                       -- tag name ("e", "p", etc.)
    value TEXT,                      -- tag value
    created_at INTEGER NOT NULL,     -- denormalized for performance
    kind INTEGER NOT NULL            -- denormalized for performance
 );
 ```
 ## Performance Features
 ### Optimized Indexes
 - **Hash-based lookups** - `event_hash_index` for O(1) event retrieval
 - **Author queries** - `author_index`, `author_created_at_index`
 - **Kind filtering** - `kind_index`, `kind_created_at_index`
 - **Tag searching** - `tag_covering_index` for efficient tag queries
 - **Composite queries** - Multi-column indexes for complex filters
 ### Query Optimization
 - **Denormalized tags** - Includes `kind` and `created_at` in tag table
 - **Binary storage** - BLOBs for hex data (pubkeys, hashes)
 - **WAL mode** - Write-Ahead Logging for concurrent access
 - **Automatic cleanup** - Triggers for data integrity
 ## Usage Examples
 ### Basic Operations
 1. **Insert an event:**
   ```sql
   INSERT INTO event (event_hash, first_seen, created_at, author, kind, content)
   VALUES (?, ?, ?, ?, ?, ?);
   ```
 2. **Query by author:**
   ```sql
   SELECT content FROM event 
   WHERE author = ? AND hidden != TRUE
   ORDER BY created_at DESC;
   ```
 3. **Filter by tags:**
   ```sql
   SELECT e.content FROM event e
   JOIN tag t ON e.id = t.event_id
   WHERE t.name = 'p' AND t.value = ? AND e.hidden != TRUE;
   ```
 ### Advanced Queries
 1. **Get replaceable event (latest only):**
   ```sql
   SELECT content FROM event
   WHERE author = ? AND kind = ? AND hidden != TRUE
   ORDER BY created_at DESC LIMIT 1;
   ```
 2. **Tag-based filtering (NIP-01 filters):**
   ```sql
   SELECT e.content FROM event e
   WHERE e.id IN (
     SELECT t.event_id FROM tag t
     WHERE t.name = ? AND t.value IN (?, ?, ?)
   ) AND e.hidden != TRUE;
   ```
 ## Maintenance
 ### Regular Operations
 1. **Check database integrity:**
   ```bash
   sqlite3 c_nostr_relay.db "PRAGMA integrity_check;"
   ```
 2. **Optimize database:**
   ```bash
   sqlite3 c_nostr_relay.db "PRAGMA optimize; VACUUM; ANALYZE;"
   ```
 3. **Clean expired events:**
   ```sql
   DELETE FROM event WHERE expires_at <= strftime('%s', 'now');
   ```
 ### Monitoring
 1. **Database size:**
   ```bash
   ls -lh c_nostr_relay.db
   ```
 2. **Table statistics:**
   ```sql
   SELECT name, COUNT(*) as count FROM (
     SELECT 'events' as name FROM event UNION ALL
     SELECT 'tags' as name FROM tag UNION ALL
     SELECT 'verifications' as name FROM user_verification
   ) GROUP BY name;
   ```
 ## Migration Support
 The schema includes a migration system for future updates:
 ```sql
 CREATE TABLE schema_info (
    version INTEGER PRIMARY KEY,
    applied_at INTEGER NOT NULL,
    description TEXT
 );
 ```
 ## Security Considerations
 1. **Input validation** - Always validate event JSON and signatures
 2. **Rate limiting** - Implement at application level
 3. **Access control** - Use `account` table for permissions
 4. **Backup strategy** - Regular database backups recommended
 ## Compatibility
 - **SQLite version** - Requires SQLite 3.8.0+
 - **nostr-rs-relay** - Schema compatible with v18
 - **NIPs supported** - 01, 02, 05, 09, 10, 11, 26, 40, 42
 - **C libraries** - Compatible with sqlite3 C API
 ## Troubleshooting
 ### Common Issues
 1. **Database locked error:**
   - Ensure proper connection closing in your C code
   - Check for long-running transactions
 2. **Performance issues:**
   - Run `PRAGMA optimize;` regularly
   - Consider `VACUUM` if database grew significantly
 3. **Schema errors:**
   - Verify SQLite version compatibility
   - Check foreign key constraints
 ### Getting Help
 - Check the main project README for C implementation details
 - Review nostr-rs-relay documentation for reference implementation
 - Consult Nostr NIPs for protocol specifications
 ## License
 This database schema is part of the C Nostr Relay project and follows the same license terms.
--- a/db/c_nostr_relay.db
+++ b/db/c_nostr_relay.db
--- a/db/c_nostr_relay.db-shm
+++ b/db/c_nostr_relay.db-shm
--- a/db/c_nostr_relay.db-wal
+++ b/db/c_nostr_relay.db-wal
--- a/db/c_nostr_relay.db.backup.20250905_152104
+++ b/db/c_nostr_relay.db.backup.20250905_152104
--- a/db/init.sh
+++ b/db/init.sh
@@ -1,234 +0,0 @@
 #!/bin/bash
 # C Nostr Relay Database Initialization Script
 # Creates and initializes the SQLite database with proper schema
 set -e  # Exit on any error
 # Configuration
 DB_DIR="$(dirname "$0")"
 DB_NAME="c_nostr_relay.db"
 DB_PATH="${DB_DIR}/${DB_NAME}"
 SCHEMA_FILE="${DB_DIR}/schema.sql"
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 # Logging functions
 log_info() {
    echo -e "${BLUE}[INFO]${NC} $1"
 }
 log_success() {
    echo -e "${GREEN}[SUCCESS]${NC} $1"
 }
 log_warning() {
    echo -e "${YELLOW}[WARNING]${NC} $1"
 }
 log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
 }
 # Check if SQLite3 is installed
 check_sqlite() {
    if ! command -v sqlite3 &> /dev/null; then
        log_error "sqlite3 is not installed. Please install it first:"
        echo "  Ubuntu/Debian: sudo apt-get install sqlite3"
        echo "  CentOS/RHEL:   sudo yum install sqlite"
        echo "  macOS:         brew install sqlite3"
        exit 1
    fi
    local version=$(sqlite3 --version | cut -d' ' -f1)
    log_info "Using SQLite version: $version"
 }
 # Create database directory if it doesn't exist
 create_db_directory() {
    if [ ! -d "$DB_DIR" ]; then
        log_info "Creating database directory: $DB_DIR"
        mkdir -p "$DB_DIR"
    fi
 }
 # Backup existing database if it exists
 backup_existing_db() {
    if [ -f "$DB_PATH" ]; then
        local backup_path="${DB_PATH}.backup.$(date +%Y%m%d_%H%M%S)"
        log_warning "Existing database found. Creating backup: $backup_path"
        cp "$DB_PATH" "$backup_path"
    fi
 }
 # Initialize the database with schema
 init_database() {
    log_info "Initializing database: $DB_PATH"
    if [ ! -f "$SCHEMA_FILE" ]; then
        log_error "Schema file not found: $SCHEMA_FILE"
        exit 1
    fi
    # Remove existing database if --force flag is used
    if [ "$1" = "--force" ] && [ -f "$DB_PATH" ]; then
        log_warning "Force flag detected. Removing existing database."
        rm -f "$DB_PATH"
    fi
    # Create the database and apply schema
    log_info "Applying schema from: $SCHEMA_FILE"
    if sqlite3 "$DB_PATH" < "$SCHEMA_FILE"; then
        log_success "Database schema applied successfully"
    else
        log_error "Failed to apply database schema"
        exit 1
    fi
 }
 # Verify database integrity
 verify_database() {
    log_info "Verifying database integrity..."
    # Check if database file exists and is not empty
    if [ ! -s "$DB_PATH" ]; then
        log_error "Database file is empty or doesn't exist"
        exit 1
    fi
    # Run SQLite integrity check
    local integrity_result=$(sqlite3 "$DB_PATH" "PRAGMA integrity_check;")
    if [ "$integrity_result" = "ok" ]; then
        log_success "Database integrity check passed"
    else
        log_error "Database integrity check failed: $integrity_result"
        exit 1
    fi
    # Verify schema version
    local schema_version=$(sqlite3 "$DB_PATH" "PRAGMA user_version;")
    log_info "Database schema version: $schema_version"
    # Check that main tables exist (including configuration tables)
    local table_count=$(sqlite3 "$DB_PATH" "SELECT count(*) FROM sqlite_master WHERE type='table' AND name IN ('events', 'schema_info', 'server_config');")
    if [ "$table_count" -eq 3 ]; then
        log_success "Core tables created successfully (including configuration tables)"
    else
        log_error "Missing core tables (expected 3, found $table_count)"
        exit 1
    fi
 }
 # Display database information
 show_db_info() {
    log_info "Database Information:"
    echo "  Location: $DB_PATH"
    echo "  Size: $(du -h "$DB_PATH" | cut -f1)"
    log_info "Database Tables:"
    sqlite3 "$DB_PATH" "SELECT name FROM sqlite_master WHERE type='table' ORDER BY name;" | sed 's/^/  - /'
    log_info "Database Indexes:"
    sqlite3 "$DB_PATH" "SELECT name FROM sqlite_master WHERE type='index' AND name NOT LIKE 'sqlite_%' ORDER BY name;" | sed 's/^/  - /'
    log_info "Database Views:"
    sqlite3 "$DB_PATH" "SELECT name FROM sqlite_master WHERE type='view' ORDER BY name;" | sed 's/^/  - /'
 }
 # Run database optimization
 optimize_database() {
    log_info "Running database optimization..."
    sqlite3 "$DB_PATH" "PRAGMA optimize; VACUUM; ANALYZE;"
    log_success "Database optimization completed"
 }
 # Print usage information
 print_usage() {
    echo "Usage: $0 [OPTIONS]"
    echo ""
    echo "Initialize SQLite database for C Nostr Relay"
    echo ""
    echo "Options:"
    echo "  --force     Remove existing database before initialization"
    echo "  --info      Show database information after initialization"
    echo "  --optimize  Run database optimization after initialization"
    echo "  --help      Show this help message"
    echo ""
    echo "Examples:"
    echo "  $0                    # Initialize database (with backup if exists)"
    echo "  $0 --force           # Force reinitialize database"
    echo "  $0 --info --optimize # Initialize with info and optimization"
 }
 # Main execution
 main() {
    local force_flag=false
    local show_info=false
    local optimize=false
    # Parse command line arguments
    while [[ $# -gt 0 ]]; do
        case $1 in
            --force)
                force_flag=true
                shift
                ;;
            --info)
                show_info=true
                shift
                ;;
            --optimize)
                optimize=true
                shift
                ;;
            --help)
                print_usage
                exit 0
                ;;
            *)
                log_error "Unknown option: $1"
                print_usage
                exit 1
                ;;
        esac
    done
    log_info "Starting C Nostr Relay database initialization..."
    # Execute initialization steps
    check_sqlite
    create_db_directory
    if [ "$force_flag" = false ]; then
        backup_existing_db
    fi
    if [ "$force_flag" = true ]; then
        init_database --force
    else
        init_database
    fi
    verify_database
    if [ "$optimize" = true ]; then
        optimize_database
    fi
    if [ "$show_info" = true ]; then
        show_db_info
    fi
    log_success "Database initialization completed successfully!"
    echo ""
    echo "Database ready at: $DB_PATH"
    echo "You can now start your C Nostr Relay application."
 }
 # Execute main function with all arguments
 main "$@"
--- a/db/schema.sql
+++ b/db/schema.sql
@@ -1,299 +0,0 @@
 -- C Nostr Relay Database Schema
 -- SQLite schema for storing Nostr events with JSON tags support
 -- Schema version tracking
 PRAGMA user_version = 3;
 -- Enable foreign key support
 PRAGMA foreign_keys = ON;
 -- Optimize for performance
 PRAGMA journal_mode = WAL;
 PRAGMA synchronous = NORMAL;
 PRAGMA cache_size = 10000;
 -- Core events table with hybrid single-table design
 CREATE TABLE events (
    id TEXT PRIMARY KEY,                -- Nostr event ID (hex string)
    pubkey TEXT NOT NULL,               -- Public key of event author (hex string)
    created_at INTEGER NOT NULL,       -- Event creation timestamp (Unix timestamp)
    kind INTEGER NOT NULL,              -- Event kind (0-65535)
    event_type TEXT NOT NULL CHECK (event_type IN ('regular', 'replaceable', 'ephemeral', 'addressable')),
    content TEXT NOT NULL,              -- Event content (text content only)
    sig TEXT NOT NULL,                  -- Event signature (hex string)
    tags JSON NOT NULL DEFAULT '[]',   -- Event tags as JSON array
    first_seen INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))  -- When relay received event
 );
 -- Core performance indexes
 CREATE INDEX idx_events_pubkey ON events(pubkey);
 CREATE INDEX idx_events_kind ON events(kind);
 CREATE INDEX idx_events_created_at ON events(created_at DESC);
 CREATE INDEX idx_events_event_type ON events(event_type);
 -- Composite indexes for common query patterns
 CREATE INDEX idx_events_kind_created_at ON events(kind, created_at DESC);
 CREATE INDEX idx_events_pubkey_created_at ON events(pubkey, created_at DESC);
 CREATE INDEX idx_events_pubkey_kind ON events(pubkey, kind);
 -- Schema information table
 CREATE TABLE schema_info (
    key TEXT PRIMARY KEY,
    value TEXT NOT NULL,
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))
 );
 -- Insert schema metadata
 INSERT INTO schema_info (key, value) VALUES
    ('version', '3'),
    ('description', 'Hybrid single-table Nostr relay schema with JSON tags and configuration management'),
    ('created_at', strftime('%s', 'now'));
 -- Helper views for common queries
 CREATE VIEW recent_events AS
 SELECT id, pubkey, created_at, kind, event_type, content
 FROM events
 WHERE event_type != 'ephemeral'
 ORDER BY created_at DESC
 LIMIT 1000;
 CREATE VIEW event_stats AS
 SELECT 
    event_type,
    COUNT(*) as count,
    AVG(length(content)) as avg_content_length,
    MIN(created_at) as earliest,
    MAX(created_at) as latest
 FROM events
 GROUP BY event_type;
 -- Optimization: Trigger for automatic cleanup of ephemeral events older than 1 hour
 CREATE TRIGGER cleanup_ephemeral_events
    AFTER INSERT ON events
    WHEN NEW.event_type = 'ephemeral'
 BEGIN
    DELETE FROM events 
    WHERE event_type = 'ephemeral' 
    AND first_seen < (strftime('%s', 'now') - 3600);
 END;
 -- Replaceable event handling trigger
 CREATE TRIGGER handle_replaceable_events
    AFTER INSERT ON events
    WHEN NEW.event_type = 'replaceable'
 BEGIN
    DELETE FROM events 
    WHERE pubkey = NEW.pubkey 
    AND kind = NEW.kind 
    AND event_type = 'replaceable'
    AND id != NEW.id;
 END;
 -- Persistent Subscriptions Logging Tables (Phase 2)
 -- Optional database logging for subscription analytics and debugging
 -- Subscription events log
 CREATE TABLE subscription_events (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    subscription_id TEXT NOT NULL,           -- Subscription ID from client
    client_ip TEXT NOT NULL,                 -- Client IP address
    event_type TEXT NOT NULL CHECK (event_type IN ('created', 'closed', 'expired', 'disconnected')),
    filter_json TEXT,                        -- JSON representation of filters (for created events)
    events_sent INTEGER DEFAULT 0,           -- Number of events sent to this subscription
    created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    ended_at INTEGER,                        -- When subscription ended (for closed/expired/disconnected)
    duration INTEGER                         -- Computed: ended_at - created_at
 );
 -- Subscription metrics summary
 CREATE TABLE subscription_metrics (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    date TEXT NOT NULL,                      -- Date (YYYY-MM-DD)
    total_created INTEGER DEFAULT 0,         -- Total subscriptions created
    total_closed INTEGER DEFAULT 0,          -- Total subscriptions closed
    total_events_broadcast INTEGER DEFAULT 0, -- Total events broadcast
    avg_duration REAL DEFAULT 0,            -- Average subscription duration
    peak_concurrent INTEGER DEFAULT 0,       -- Peak concurrent subscriptions
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    UNIQUE(date)
 );
 -- Event broadcasting log (optional, for detailed analytics)
 CREATE TABLE event_broadcasts (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    event_id TEXT NOT NULL,                  -- Event ID that was broadcast
    subscription_id TEXT NOT NULL,           -- Subscription that received it
    client_ip TEXT NOT NULL,                 -- Client IP
    broadcast_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    FOREIGN KEY (event_id) REFERENCES events(id)
 );
 -- Indexes for subscription logging performance
 CREATE INDEX idx_subscription_events_id ON subscription_events(subscription_id);
 CREATE INDEX idx_subscription_events_type ON subscription_events(event_type);
 CREATE INDEX idx_subscription_events_created ON subscription_events(created_at DESC);
 CREATE INDEX idx_subscription_events_client ON subscription_events(client_ip);
 CREATE INDEX idx_subscription_metrics_date ON subscription_metrics(date DESC);
 CREATE INDEX idx_event_broadcasts_event ON event_broadcasts(event_id);
 CREATE INDEX idx_event_broadcasts_sub ON event_broadcasts(subscription_id);
 CREATE INDEX idx_event_broadcasts_time ON event_broadcasts(broadcast_at DESC);
 -- Trigger to update subscription duration when ended
 CREATE TRIGGER update_subscription_duration
    AFTER UPDATE OF ended_at ON subscription_events
    WHEN NEW.ended_at IS NOT NULL AND OLD.ended_at IS NULL
 BEGIN
    UPDATE subscription_events
    SET duration = NEW.ended_at - NEW.created_at
    WHERE id = NEW.id;
 END;
 -- View for subscription analytics
 CREATE VIEW subscription_analytics AS
 SELECT
    date(created_at, 'unixepoch') as date,
    COUNT(*) as subscriptions_created,
    COUNT(CASE WHEN ended_at IS NOT NULL THEN 1 END) as subscriptions_ended,
    AVG(CASE WHEN duration IS NOT NULL THEN duration END) as avg_duration_seconds,
    MAX(events_sent) as max_events_sent,
    AVG(events_sent) as avg_events_sent,
    COUNT(DISTINCT client_ip) as unique_clients
 FROM subscription_events
 GROUP BY date(created_at, 'unixepoch')
 ORDER BY date DESC;
 -- View for current active subscriptions (from log perspective)
 CREATE VIEW active_subscriptions_log AS
 SELECT
    subscription_id,
    client_ip,
    filter_json,
    events_sent,
    created_at,
    (strftime('%s', 'now') - created_at) as duration_seconds
 FROM subscription_events
 WHERE event_type = 'created'
 AND subscription_id NOT IN (
    SELECT subscription_id FROM subscription_events
    WHERE event_type IN ('closed', 'expired', 'disconnected')
 );
 -- ================================
 -- CONFIGURATION MANAGEMENT TABLES
 -- ================================
 -- Core server configuration table
 CREATE TABLE server_config (
    key TEXT PRIMARY KEY,                    -- Configuration key (unique identifier)
    value TEXT NOT NULL,                     -- Configuration value (stored as string)
    description TEXT,                        -- Human-readable description
    config_type TEXT DEFAULT 'user' CHECK (config_type IN ('system', 'user', 'runtime')),
    data_type TEXT DEFAULT 'string' CHECK (data_type IN ('string', 'integer', 'boolean', 'json')),
    validation_rules TEXT,                   -- JSON validation rules (optional)
    is_sensitive INTEGER DEFAULT 0,          -- 1 if value should be masked in logs
    requires_restart INTEGER DEFAULT 0,      -- 1 if change requires server restart
    created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))
 );
 -- Configuration change history table
 CREATE TABLE config_history (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    config_key TEXT NOT NULL,               -- Key that was changed
    old_value TEXT,                         -- Previous value (NULL for new keys)
    new_value TEXT NOT NULL,                -- New value
    changed_by TEXT DEFAULT 'system',       -- Who made the change (system/admin/user)
    change_reason TEXT,                     -- Optional reason for change
    changed_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    FOREIGN KEY (config_key) REFERENCES server_config(key)
 );
 -- Configuration validation errors log
 CREATE TABLE config_validation_log (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    config_key TEXT NOT NULL,
    attempted_value TEXT,
    validation_error TEXT NOT NULL,
    error_source TEXT DEFAULT 'validation',  -- validation/parsing/constraint
    attempted_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))
 );
 -- Cache for file-based configuration events
 CREATE TABLE config_file_cache (
    file_path TEXT PRIMARY KEY,             -- Full path to config file
    file_hash TEXT NOT NULL,                -- SHA256 hash of file content
    event_id TEXT,                          -- Nostr event ID from file
    event_pubkey TEXT,                      -- Admin pubkey that signed event
    loaded_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),
    validation_status TEXT CHECK (validation_status IN ('valid', 'invalid', 'unverified')),
    validation_error TEXT                   -- Error details if invalid
 );
 -- Performance indexes for configuration tables
 CREATE INDEX idx_server_config_type ON server_config(config_type);
 CREATE INDEX idx_server_config_updated ON server_config(updated_at DESC);
 CREATE INDEX idx_config_history_key ON config_history(config_key);
 CREATE INDEX idx_config_history_time ON config_history(changed_at DESC);
 CREATE INDEX idx_config_validation_key ON config_validation_log(config_key);
 CREATE INDEX idx_config_validation_time ON config_validation_log(attempted_at DESC);
 -- Trigger to update timestamp on configuration changes
 CREATE TRIGGER update_config_timestamp
    AFTER UPDATE ON server_config
 BEGIN
    UPDATE server_config SET updated_at = strftime('%s', 'now') WHERE key = NEW.key;
 END;
 -- Trigger to log configuration changes to history
 CREATE TRIGGER log_config_changes
    AFTER UPDATE ON server_config
    WHEN OLD.value != NEW.value
 BEGIN
    INSERT INTO config_history (config_key, old_value, new_value, changed_by, change_reason)
    VALUES (NEW.key, OLD.value, NEW.value, 'system', 'configuration update');
 END;
 -- Active Configuration View
 CREATE VIEW active_config AS
 SELECT
    key,
    value,
    description,
    config_type,
    data_type,
    requires_restart,
    updated_at
 FROM server_config
 WHERE config_type IN ('system', 'user')
 ORDER BY config_type, key;
 -- Runtime Statistics View
 CREATE VIEW runtime_stats AS
 SELECT
    key,
    value,
    description,
    updated_at
 FROM server_config
 WHERE config_type = 'runtime'
 ORDER BY key;
 -- Configuration Change Summary
 CREATE VIEW recent_config_changes AS
 SELECT
    ch.config_key,
    sc.description,
    ch.old_value,
    ch.new_value,
    ch.changed_by,
    ch.change_reason,
    ch.changed_at
 FROM config_history ch
 JOIN server_config sc ON ch.config_key = sc.key
 ORDER BY ch.changed_at DESC
 LIMIT 50;
 -- Runtime Statistics (initialized by server on startup)
 -- These will be populated when configuration system initializes
--- a/make_and_restart_relay.sh
+++ b/make_and_restart_relay.sh
@@ -32,24 +32,42 @@ if [ "$HELP" = true ]; then
    echo "Usage: $0 [OPTIONS]"
    echo ""
    echo "Options:"
-    echo "  --preserve-config  Keep existing configuration file (don't regenerate)"
+    echo "  --preserve-config, -p  Keep existing configuration file (don't regenerate)"
    echo "  --help, -h         Show this help message"
    echo ""
    echo "Development Setup:"
    echo "  Uses local config directory: ./dev-config/"
    echo "  This avoids conflicts with production instances using ~/.config/c-relay/"
    echo ""
    echo "Default behavior: Automatically regenerates configuration file on each build"
    echo "                 for development purposes"
    exit 0
 fi
-# Handle configuration file regeneration
+# Handle configuration file and database regeneration
-CONFIG_FILE="$HOME/.config/c-relay/c_relay_config_event.json"
+# Use local development config directory to avoid conflicts with production
-if [ "$PRESERVE_CONFIG" = false ] && [ -f "$CONFIG_FILE" ]; then
+DEV_CONFIG_DIR="./dev-config"
-    echo "Removing old configuration file to trigger regeneration..."
+CONFIG_FILE="$DEV_CONFIG_DIR/c_relay_config_event.json"
-    rm -f "$CONFIG_FILE"
+DB_FILE="./db/c_nostr_relay.db"
-    echo "✓ Configuration file removed - will be regenerated with latest database values"
+
-elif [ "$PRESERVE_CONFIG" = true ] && [ -f "$CONFIG_FILE" ]; then
+# Create development config directory if it doesn't exist
-    echo "Preserving existing configuration file as requested"
+mkdir -p "$DEV_CONFIG_DIR"
-elif [ ! -f "$CONFIG_FILE" ]; then
+
-    echo "No existing configuration file found - will generate new one"
+if [ "$PRESERVE_CONFIG" = false ]; then
    if [ -f "$CONFIG_FILE" ]; then
        echo "Removing old development configuration file to trigger regeneration..."
        rm -f "$CONFIG_FILE"
        echo "✓ Development configuration file removed - will be regenerated with new keys"
    fi
    if [ -f "$DB_FILE" ]; then
        echo "Removing old database to trigger fresh key generation..."
        rm -f "$DB_FILE"*  # Remove db file and any WAL/SHM files
        echo "✓ Database removed - will be recreated with embedded schema and new keys"
    fi
 elif [ "$PRESERVE_CONFIG" = true ]; then
    echo "Preserving existing development configuration and database as requested"
 else
    echo "No existing development configuration or database found - will generate fresh setup"
 fi
 # Build the project first
@@ -107,18 +125,16 @@ fi
 # Clean up PID file
 rm -f relay.pid
-# Initialize database if needed
+# Database initialization is now handled automatically by the relay
-if [ ! -f "./db/c_nostr_relay.db" ]; then
+# when it starts up with embedded schema
-    echo "Initializing database..."
+echo "Database will be initialized automatically on startup if needed"
    ./db/init.sh --force >/dev/null 2>&1
 fi
 # Start relay in background with output redirection
 echo "Starting relay server..."
 echo "Debug: Current processes: $(ps aux | grep 'c_relay_' | grep -v grep || echo 'None')"
-# Start relay in background and capture its PID
+# Start relay in background and capture its PID with development config directory
-$BINARY_PATH > relay.log 2>&1 &
+$BINARY_PATH --config-dir "$DEV_CONFIG_DIR" > relay.log 2>&1 &
 RELAY_PID=$!
 echo "Started with PID: $RELAY_PID"
@@ -137,24 +153,25 @@ if ps -p "$RELAY_PID" >/dev/null 2>&1; then
    # Save PID for debugging
    echo $RELAY_PID > relay.pid
-    # Check if a new private key was generated and display it
+    # Check if new keys were generated and display them
    sleep 1  # Give relay time to write initial logs
-    if grep -q "GENERATED RELAY ADMIN PRIVATE KEY" relay.log 2>/dev/null; then
+    if grep -q "GENERATED RELAY KEYPAIRS" relay.log 2>/dev/null; then
-        echo "=== IMPORTANT: NEW ADMIN PRIVATE KEY GENERATED ==="
+        echo "=== IMPORTANT: NEW KEYPAIRS GENERATED ==="
        echo ""
-        # Extract and display the private key section from the log
+        # Extract and display the keypairs section from the log
-        grep -A 8 -B 2 "GENERATED RELAY ADMIN PRIVATE KEY" relay.log | head -n 12
+        grep -A 12 -B 2 "GENERATED RELAY KEYPAIRS" relay.log | head -n 16
        echo ""
-        echo "⚠️  SAVE THIS PRIVATE KEY SECURELY - IT CONTROLS YOUR RELAY!"
+        echo "⚠️  SAVE THESE PRIVATE KEYS SECURELY - THEY CONTROL YOUR RELAY!"
-        echo "⚠️  This key is also logged in relay.log for reference"
+        echo "⚠️  These keys are also logged in relay.log for reference"
        echo ""
    fi
    echo "=== Relay server running in background ==="
    echo "Development config: $DEV_CONFIG_DIR/"
    echo "To kill relay: pkill -f 'c_relay_'"
    echo "To check status: ps aux | grep c_relay_"
    echo "To view logs: tail -f relay.log"
-    echo "Binary: $BINARY_PATH"
+    echo "Binary: $BINARY_PATH --config-dir $DEV_CONFIG_DIR"
    echo "Ready for Nostr client connections!"
 else
    echo "ERROR: Relay failed to start"
--- a/relay.pid
+++ b/relay.pid
@@ -1 +1 @@
-871512
+913504
--- a/src/config.c
+++ b/src/config.c
@@ -25,6 +25,7 @@ extern void log_error(const char* message);
 // ================================
 // CORE CONFIGURATION FUNCTIONS
 // ================================
 //
 int init_configuration_system(void) {
    log_info("Initializing configuration system...");
@@ -33,16 +34,38 @@ int init_configuration_system(void) {
    memset(&g_config_manager, 0, sizeof(config_manager_t));
    g_config_manager.db = g_db;
-    // Get XDG configuration directory
+    // Check for command line config file override first
-    if (get_xdg_config_dir(g_config_manager.config_dir_path, sizeof(g_config_manager.config_dir_path)) != 0) {
+    const char* config_file_override = getenv(CONFIG_FILE_OVERRIDE_ENV);
-        log_error("Failed to determine XDG configuration directory");
+    if (config_file_override && strlen(config_file_override) > 0) {
-        return -1;
+        // Use specific config file override
        strncpy(g_config_manager.config_file_path, config_file_override,
                sizeof(g_config_manager.config_file_path) - 1);
        g_config_manager.config_file_path[sizeof(g_config_manager.config_file_path) - 1] = '\0';
        // Extract directory from file path for config_dir_path
        char* last_slash = strrchr(g_config_manager.config_file_path, '/');
        if (last_slash) {
            size_t dir_len = last_slash - g_config_manager.config_file_path;
            strncpy(g_config_manager.config_dir_path, g_config_manager.config_file_path, dir_len);
            g_config_manager.config_dir_path[dir_len] = '\0';
        } else {
            // File in current directory
            strcpy(g_config_manager.config_dir_path, ".");
        }
        log_info("Using configuration file from command line override");
    } else {
        // Get XDG configuration directory (with --config-dir override support)
        if (get_xdg_config_dir(g_config_manager.config_dir_path, sizeof(g_config_manager.config_dir_path)) != 0) {
            log_error("Failed to determine configuration directory");
            return -1;
        }
        // Build configuration file path
        snprintf(g_config_manager.config_file_path, sizeof(g_config_manager.config_file_path),
                 "%s/%s", g_config_manager.config_dir_path, CONFIG_FILE_NAME);
    }
    // Build configuration file path
    snprintf(g_config_manager.config_file_path, sizeof(g_config_manager.config_file_path),
             "%s/%s", g_config_manager.config_dir_path, CONFIG_FILE_NAME);
    log_info("Configuration directory: %s");
    printf("  %s\n", g_config_manager.config_dir_path);
    log_info("Configuration file: %s");
@@ -153,7 +176,7 @@ int init_config_database_statements(void) {
    log_info("Initializing configuration database statements...");
    // Prepare statement for getting configuration values
-    const char* get_sql = "SELECT value FROM server_config WHERE key = ?";
+    const char* get_sql = "SELECT value FROM config WHERE key = ?";
    int rc = sqlite3_prepare_v2(g_db, get_sql, -1, &g_config_manager.get_config_stmt, NULL);
    if (rc != SQLITE_OK) {
        log_error("Failed to prepare get_config statement");
@@ -161,7 +184,7 @@ int init_config_database_statements(void) {
    }
    // Prepare statement for setting configuration values
-    const char* set_sql = "INSERT OR REPLACE INTO server_config (key, value, updated_at) VALUES (?, ?, strftime('%s', 'now'))";
+    const char* set_sql = "INSERT OR REPLACE INTO config (key, value, updated_at) VALUES (?, ?, strftime('%s', 'now'))";
    rc = sqlite3_prepare_v2(g_db, set_sql, -1, &g_config_manager.set_config_stmt, NULL);
    if (rc != SQLITE_OK) {
        log_error("Failed to prepare set_config statement");
@@ -241,7 +264,7 @@ int load_config_from_database(void) {
    // Database configuration is already populated by schema defaults
    // This function validates that the configuration tables exist and are accessible
-    const char* test_sql = "SELECT COUNT(*) FROM server_config WHERE config_type IN ('system', 'user')";
+    const char* test_sql = "SELECT COUNT(*) FROM config WHERE config_type IN ('system', 'user')";
    sqlite3_stmt* test_stmt;
    int rc = sqlite3_prepare_v2(g_db, test_sql, -1, &test_stmt, NULL);
@@ -272,13 +295,22 @@ int load_config_from_database(void) {
 // ================================
 int get_xdg_config_dir(char* path, size_t path_size) {
-    const char* xdg_config_home = getenv("XDG_CONFIG_HOME");
+    // Priority 1: Command line --config-dir override
    const char* config_dir_override = getenv(CONFIG_DIR_OVERRIDE_ENV);
    if (config_dir_override && strlen(config_dir_override) > 0) {
        strncpy(path, config_dir_override, path_size - 1);
        path[path_size - 1] = '\0';
        log_info("Using config directory from command line override");
        return 0;
    }
    // Priority 2: XDG_CONFIG_HOME environment variable
    const char* xdg_config_home = getenv("XDG_CONFIG_HOME");
    if (xdg_config_home && strlen(xdg_config_home) > 0) {
        // Use XDG_CONFIG_HOME if set
        snprintf(path, path_size, "%s/%s", xdg_config_home, CONFIG_XDG_DIR_NAME);
    } else {
-        // Fall back to ~/.config
+        // Priority 3: Fall back to ~/.config
        const char* home = getenv("HOME");
        if (!home) {
            log_error("Neither XDG_CONFIG_HOME nor HOME environment variable is set");
@@ -676,7 +708,7 @@ int config_requires_restart(const char* key) {
    if (!key) return 0;
    // Check database for requires_restart flag
-    const char* sql = "SELECT requires_restart FROM server_config WHERE key = ?";
+    const char* sql = "SELECT requires_restart FROM config WHERE key = ?";
    sqlite3_stmt* stmt;
    int rc = sqlite3_prepare_v2(g_db, sql, -1, &stmt, NULL);
@@ -734,6 +766,7 @@ cJSON* create_config_nostr_event(const char* privkey_hex) {
        {"relay_description", "High-performance C Nostr relay with SQLite storage"},
        {"relay_contact", ""},
        {"relay_pubkey", ""},
        {"relay_privkey", ""},
        {"relay_software", "https://git.laantungir.net/laantungir/c-relay.git"},
        {"relay_version", VERSION},
@@ -766,7 +799,7 @@ cJSON* create_config_nostr_event(const char* privkey_hex) {
    int defaults_count = sizeof(defaults) / sizeof(defaults[0]);
    // First try to load from database, fall back to defaults
-    const char* sql = "SELECT key, value FROM server_config WHERE config_type IN ('system', 'user') ORDER BY key";
+    const char* sql = "SELECT key, value FROM config WHERE config_type IN ('system', 'user') ORDER BY key";
    sqlite3_stmt* stmt;
    int rc = sqlite3_prepare_v2(g_db, sql, -1, &stmt, NULL);
@@ -900,6 +933,56 @@ int write_config_event_to_file(const cJSON* event) {
    return 0;
 }
 // Helper function to generate random private key
 int generate_random_private_key(char* privkey_hex, size_t buffer_size) {
    if (!privkey_hex || buffer_size < 65) {
        return -1;
    }
    FILE* urandom = fopen("/dev/urandom", "rb");
    if (!urandom) {
        log_error("Failed to open /dev/urandom for key generation");
        return -1;
    }
    unsigned char privkey_bytes[32];
    if (fread(privkey_bytes, 1, 32, urandom) != 32) {
        log_error("Failed to read random bytes for private key");
        fclose(urandom);
        return -1;
    }
    fclose(urandom);
    // Convert to hex
    nostr_bytes_to_hex(privkey_bytes, 32, privkey_hex);
    return 0;
 }
 // Helper function to derive public key from private key
 int derive_public_key(const char* privkey_hex, char* pubkey_hex, size_t buffer_size) {
    if (!privkey_hex || !pubkey_hex || buffer_size < 65) {
        return -1;
    }
    // Convert hex private key to bytes
    unsigned char privkey_bytes[32];
    if (nostr_hex_to_bytes(privkey_hex, privkey_bytes, 32) != 0) {
        log_error("Failed to convert private key from hex");
        return -1;
    }
    // Generate corresponding public key
    unsigned char pubkey_bytes[32];
    if (nostr_ec_public_key_from_private_key(privkey_bytes, pubkey_bytes) == 0) {
        nostr_bytes_to_hex(pubkey_bytes, 32, pubkey_hex);
        return 0;
    } else {
        log_error("Failed to derive public key from private key");
        return -1;
    }
 }
 int generate_config_file_if_missing(void) {
    // Check if config file already exists
    if (config_file_exists()) {
@@ -909,84 +992,170 @@ int generate_config_file_if_missing(void) {
    log_info("Generating missing configuration file...");
-    // Get private key from environment variable or generate random one
+    // Generate or get admin private key for configuration signing
-    char privkey_hex[65];
+    char admin_privkey_hex[65];
-    const char* env_privkey = getenv(CONFIG_PRIVKEY_ENV);
+    const char* env_admin_privkey = getenv(CONFIG_ADMIN_PRIVKEY_ENV);
-    if (env_privkey && strlen(env_privkey) == 64) {
+    if (env_admin_privkey && strlen(env_admin_privkey) == 64) {
-        // Use provided private key
+        // Use provided admin private key
-        strncpy(privkey_hex, env_privkey, sizeof(privkey_hex) - 1);
+        strncpy(admin_privkey_hex, env_admin_privkey, sizeof(admin_privkey_hex) - 1);
-        privkey_hex[sizeof(privkey_hex) - 1] = '\0';
+        admin_privkey_hex[sizeof(admin_privkey_hex) - 1] = '\0';
-        log_info("Using private key from environment variable");
+        log_info("Using admin private key from environment variable");
    } else {
-        // Generate random private key manually (nostr_core_lib doesn't have a key generation function)
+        // Generate random admin private key
-        FILE* urandom = fopen("/dev/urandom", "rb");
+        if (generate_random_private_key(admin_privkey_hex, sizeof(admin_privkey_hex)) != 0) {
-        if (!urandom) {
+            log_error("Failed to generate admin private key");
            log_error("Failed to open /dev/urandom for key generation");
            return -1;
        }
-        
+        log_info("Generated random admin private key for configuration signing");
        unsigned char privkey_bytes[32];
        if (fread(privkey_bytes, 1, 32, urandom) != 32) {
            log_error("Failed to read random bytes for private key");
            fclose(urandom);
            return -1;
        }
        fclose(urandom);
        // Convert to hex
        nostr_bytes_to_hex(privkey_bytes, 32, privkey_hex);
        // Generate corresponding public key
        char pubkey_hex[65];
        unsigned char pubkey_bytes[32];
        if (nostr_ec_public_key_from_private_key(privkey_bytes, pubkey_bytes) == 0) {
            nostr_bytes_to_hex(pubkey_bytes, 32, pubkey_hex);
        } else {
            log_error("Failed to derive public key from private key");
            return -1;
        }
        log_info("Generated random private key for configuration signing");
        // Print the generated private key prominently for the administrator
        printf("\n");
        printf("=================================================================\n");
        printf("IMPORTANT: GENERATED RELAY ADMIN PRIVATE KEY\n");
        printf("=================================================================\n");
        printf("Private Key: %s\n", privkey_hex);
        printf("Public Key:  %s\n", pubkey_hex);
        printf("\nSAVE THIS PRIVATE KEY SECURELY - IT CONTROLS YOUR RELAY!\n");
        printf("\nTo use this key in future sessions:\n");
        printf("  export %s=%s\n", CONFIG_PRIVKEY_ENV, privkey_hex);
        printf("=================================================================\n");
        printf("\n");
        char warning_msg[256];
        snprintf(warning_msg, sizeof(warning_msg),
                "To use a specific private key, set the %s environment variable", CONFIG_PRIVKEY_ENV);
        log_warning(warning_msg);
    }
-    // Create Nostr event
+    // Generate or get relay private key for relay identity
-    cJSON* event = create_config_nostr_event(privkey_hex);
+    char relay_privkey_hex[65];
-    if (!event) {
+    const char* env_relay_privkey = getenv(CONFIG_RELAY_PRIVKEY_ENV);
-        log_error("Failed to create configuration event");
+    
    if (env_relay_privkey && strlen(env_relay_privkey) == 64) {
        // Use provided relay private key
        strncpy(relay_privkey_hex, env_relay_privkey, sizeof(relay_privkey_hex) - 1);
        relay_privkey_hex[sizeof(relay_privkey_hex) - 1] = '\0';
        log_info("Using relay private key from environment variable");
    } else {
        // Generate random relay private key
        if (generate_random_private_key(relay_privkey_hex, sizeof(relay_privkey_hex)) != 0) {
            log_error("Failed to generate relay private key");
            return -1;
        }
        log_info("Generated random relay private key for relay identity");
    }
    // Derive public keys from private keys
    char admin_pubkey_hex[65];
    char relay_pubkey_hex[65];
    if (derive_public_key(admin_privkey_hex, admin_pubkey_hex, sizeof(admin_pubkey_hex)) != 0) {
        log_error("Failed to derive admin public key");
        return -1;
    }
-    // Extract and store the admin public key in database configuration
+    if (derive_public_key(relay_privkey_hex, relay_pubkey_hex, sizeof(relay_pubkey_hex)) != 0) {
-    cJSON* pubkey_obj = cJSON_GetObjectItem(event, "pubkey");
+        log_error("Failed to derive relay public key");
-    if (pubkey_obj && cJSON_IsString(pubkey_obj)) {
+        return -1;
-        const char* admin_pubkey = cJSON_GetStringValue(pubkey_obj);
+    }
-        if (set_database_config("admin_pubkey", admin_pubkey, "system") == 0) {
+    
-            log_info("Stored admin public key in configuration database");
+    // Display both keypairs prominently for the administrator
-            printf("  Admin Public Key: %s\n", admin_pubkey);
+    printf("\n");
    printf("=================================================================\n");
    printf("IMPORTANT: GENERATED RELAY KEYPAIRS\n");
    printf("=================================================================\n");
    printf("ADMIN KEYS (for configuration signing):\n");
    printf("  Private Key: %s\n", admin_privkey_hex);
    printf("  Public Key:  %s\n", admin_pubkey_hex);
    printf("\nRELAY KEYS (for relay identity):\n");
    printf("  Private Key: %s\n", relay_privkey_hex);
    printf("  Public Key:  %s\n", relay_pubkey_hex);
    printf("\nSAVE THESE PRIVATE KEYS SECURELY!\n");
    printf("\nTo use specific keys in future sessions:\n");
    printf("  export %s=%s\n", CONFIG_ADMIN_PRIVKEY_ENV, admin_privkey_hex);
    printf("  export %s=%s\n", CONFIG_RELAY_PRIVKEY_ENV, relay_privkey_hex);
    printf("=================================================================\n");
    printf("\n");
    // Default configuration values (same as in create_config_nostr_event)
    typedef struct {
        const char* key;
        const char* value;
    } default_config_t;
    static const default_config_t defaults[] = {
        // Administrative settings
        {"admin_enabled", "false"},
        // Server core settings
        {"relay_port", "8888"},
        {"database_path", "db/c_nostr_relay.db"},
        {"max_connections", "100"},
        // NIP-11 Relay Information
        {"relay_name", "C Nostr Relay"},
        {"relay_description", "High-performance C Nostr relay with SQLite storage"},
        {"relay_contact", ""},
        {"relay_software", "https://git.laantungir.net/laantungir/c-relay.git"},
        {"relay_version", VERSION},
        // NIP-13 Proof of Work
        {"pow_enabled", "true"},
        {"pow_min_difficulty", "0"},
        {"pow_mode", "basic"},
        // NIP-40 Expiration Timestamp
        {"expiration_enabled", "true"},
        {"expiration_strict", "true"},
        {"expiration_filter", "true"},
        {"expiration_grace_period", "300"},
        // Subscription limits
        {"max_subscriptions_per_client", "25"},
        {"max_total_subscriptions", "5000"},
        {"max_filters_per_subscription", "10"},
        // Event processing limits
        {"max_event_tags", "100"},
        {"max_content_length", "8196"},
        {"max_message_length", "16384"},
        // Performance settings
        {"default_limit", "500"},
        {"max_limit", "5000"}
    };
    int defaults_count = sizeof(defaults) / sizeof(defaults[0]);
    // Store all three keys and all default configuration values in database
    if (set_database_config("admin_pubkey", admin_pubkey_hex, "system") == 0) {
        log_info("Stored admin public key in configuration database");
    } else {
        log_warning("Failed to store admin public key in database");
    }
    if (set_database_config("relay_privkey", relay_privkey_hex, "system") == 0) {
        log_info("Stored relay private key in configuration database");
    } else {
        log_warning("Failed to store relay private key in database");
    }
    if (set_database_config("relay_pubkey", relay_pubkey_hex, "system") == 0) {
        log_info("Stored relay public key in configuration database");
    } else {
        log_warning("Failed to store relay public key in database");
    }
    // Store all default configuration values
    log_info("Storing default configuration values in database...");
    int stored_count = 0;
    for (int i = 0; i < defaults_count; i++) {
        if (set_database_config(defaults[i].key, defaults[i].value, "system") == 0) {
            stored_count++;
        } else {
-            log_warning("Failed to store admin public key in database");
+            log_warning("Failed to store default configuration");
            printf("  Key: %s, Value: %s\n", defaults[i].key, defaults[i].value);
        }
    }
    if (stored_count == defaults_count) {
        log_success("All default configuration values stored successfully");
        printf("  Stored %d configuration entries\n", stored_count);
    } else {
        log_warning("Some default configuration values failed to store");
        printf("  Stored %d of %d configuration entries\n", stored_count, defaults_count);
    }
    // Create Nostr event using admin private key for signing
    cJSON* event = create_config_nostr_event(admin_privkey_hex);
    if (!event) {
        log_error("Failed to create configuration event");
        return -1;
    }
    // Write to file
    int result = write_config_event_to_file(event);
    cJSON_Delete(event);
--- a/src/config.h
+++ b/src/config.h
@@ -12,7 +12,10 @@
 #define CONFIG_DESCRIPTION_MAX_LENGTH 256
 #define CONFIG_XDG_DIR_NAME "c-relay"
 #define CONFIG_FILE_NAME "c_relay_config_event.json"
-#define CONFIG_PRIVKEY_ENV "C_RELAY_CONFIG_PRIVKEY"
+#define CONFIG_ADMIN_PRIVKEY_ENV "C_RELAY_ADMIN_PRIVKEY"
 #define CONFIG_RELAY_PRIVKEY_ENV "C_RELAY_PRIVKEY"
 #define CONFIG_DIR_OVERRIDE_ENV "C_RELAY_CONFIG_DIR_OVERRIDE"
 #define CONFIG_FILE_OVERRIDE_ENV "C_RELAY_CONFIG_FILE_OVERRIDE"
 #define NOSTR_PUBKEY_HEX_LENGTH 64
 #define NOSTR_PRIVKEY_HEX_LENGTH 64
 #define NOSTR_EVENT_ID_HEX_LENGTH 64
@@ -220,4 +223,10 @@ int sign_nostr_event(const cJSON* event, const char* privkey_hex, char* signatur
 // Write configuration event to file
 int write_config_event_to_file(const cJSON* event);
 // Helper function to generate random private key
 int generate_random_private_key(char* privkey_hex, size_t buffer_size);
 // Helper function to derive public key from private key
 int derive_public_key(const char* privkey_hex, char* pubkey_hex, size_t buffer_size);
 #endif // CONFIG_H
--- a/src/main.c
+++ b/src/main.c
@@ -16,6 +16,7 @@
 #include "../nostr_core_lib/nostr_core/nostr_core.h"
 #include "../nostr_core_lib/nostr_core/nip013.h"  // NIP-13: Proof of Work
 #include "config.h"  // Configuration management system
 #include "sql_schema.h"  // Embedded database schema
 // Color constants for logging
 #define RED     "\033[31m"
@@ -1938,7 +1939,7 @@ int validate_event_expiration(cJSON* event, char* error_message, size_t error_si
 /////////////////////////////////////////////////////////////////////////////////////////
 /////////////////////////////////////////////////////////////////////////////////////////
-// Initialize database connection
+// Initialize database connection and schema
 int init_database() {
    // Use configurable database path, falling back to default
    const char* db_path = get_config_value("database_path");
@@ -1955,6 +1956,64 @@ int init_database() {
    char success_msg[256];
    snprintf(success_msg, sizeof(success_msg), "Database connection established: %s", db_path);
    log_success(success_msg);
    // Check if database is already initialized by looking for the events table
    const char* check_sql = "SELECT name FROM sqlite_master WHERE type='table' AND name='events'";
    sqlite3_stmt* check_stmt;
    rc = sqlite3_prepare_v2(g_db, check_sql, -1, &check_stmt, NULL);
    if (rc == SQLITE_OK) {
        int has_events_table = (sqlite3_step(check_stmt) == SQLITE_ROW);
        sqlite3_finalize(check_stmt);
        if (has_events_table) {
            log_info("Database schema already exists, skipping initialization");
            // Log existing schema version if available
            const char* version_sql = "SELECT value FROM schema_info WHERE key = 'version'";
            sqlite3_stmt* version_stmt;
            if (sqlite3_prepare_v2(g_db, version_sql, -1, &version_stmt, NULL) == SQLITE_OK) {
                if (sqlite3_step(version_stmt) == SQLITE_ROW) {
                    const char* db_version = (char*)sqlite3_column_text(version_stmt, 0);
                    char version_msg[256];
                    snprintf(version_msg, sizeof(version_msg), "Existing database schema version: %s",
                             db_version ? db_version : "unknown");
                    log_info(version_msg);
                } else {
                    log_info("Database exists but no version information found");
                }
                sqlite3_finalize(version_stmt);
            }
        } else {
            // Initialize database schema using embedded SQL
            log_info("Initializing database schema from embedded SQL");
            // Execute the embedded schema SQL
            char* error_msg = NULL;
            rc = sqlite3_exec(g_db, EMBEDDED_SCHEMA_SQL, NULL, NULL, &error_msg);
            if (rc != SQLITE_OK) {
                char error_log[512];
                snprintf(error_log, sizeof(error_log), "Failed to initialize database schema: %s",
                         error_msg ? error_msg : "unknown error");
                log_error(error_log);
                if (error_msg) {
                    sqlite3_free(error_msg);
                }
                return -1;
            }
            log_success("Database schema initialized successfully");
            // Log schema version information
            char version_msg[256];
            snprintf(version_msg, sizeof(version_msg), "Database schema version: %s",
                     EMBEDDED_SCHEMA_VERSION);
            log_info(version_msg);
        }
    } else {
        log_error("Failed to check existing database schema");
        return -1;
    }
    return 0;
 }
@@ -2953,13 +3012,22 @@ void print_usage(const char* program_name) {
    printf("C Nostr Relay Server\n");
    printf("\n");
    printf("Options:\n");
-    printf("  -p, --port PORT    Listen port (default: %d)\n", DEFAULT_PORT);
+    printf("  -p, --port PORT       Listen port (default: %d)\n", DEFAULT_PORT);
-    printf("  -h, --help         Show this help message\n");
+    printf("  -c, --config FILE     Configuration file path\n");
    printf("  -d, --config-dir DIR  Configuration directory path\n");
    printf("  -h, --help            Show this help message\n");
    printf("\n");
    printf("Examples:\n");
    printf("  %s --config /path/to/config.json\n", program_name);
    printf("  %s --config-dir ~/.config/c-relay-dev\n", program_name);
    printf("  %s --port 9999 --config-dir /etc/c-relay\n", program_name);
    printf("\n");
 }
 int main(int argc, char* argv[]) {
    int port = DEFAULT_PORT;
    char* config_dir_override = NULL;
    char* config_file_override = NULL;
    // Parse command line arguments
    for (int i = 1; i < argc; i++) {
@@ -2983,6 +3051,20 @@ int main(int argc, char* argv[]) {
                log_error("Port argument requires a value");
                return 1;
            }
        } else if (strcmp(argv[i], "-c") == 0 || strcmp(argv[i], "--config") == 0) {
            if (i + 1 < argc) {
                config_file_override = argv[++i];
            } else {
                log_error("Config file argument requires a value");
                return 1;
            }
        } else if (strcmp(argv[i], "-d") == 0 || strcmp(argv[i], "--config-dir") == 0) {
            if (i + 1 < argc) {
                config_dir_override = argv[++i];
            } else {
                log_error("Config directory argument requires a value");
                return 1;
            }
        } else {
            log_error("Unknown argument");
            print_usage(argv[0]);
@@ -2990,6 +3072,14 @@ int main(int argc, char* argv[]) {
        }
    }
    // Store config overrides in global variables for configuration system access
    if (config_dir_override) {
        setenv("C_RELAY_CONFIG_DIR_OVERRIDE", config_dir_override, 1);
    }
    if (config_file_override) {
        setenv("C_RELAY_CONFIG_FILE_OVERRIDE", config_file_override, 1);
    }
    // Set up signal handlers
    signal(SIGINT, signal_handler);
    signal(SIGTERM, signal_handler);
--- a/src/sql_schema.h
+++ b/src/sql_schema.h
@@ -0,0 +1,313 @@
 /* Embedded SQL Schema for C Nostr Relay
 * Generated from db/schema.sql - Do not edit manually
 * Schema Version: 3
 */
 #ifndef SQL_SCHEMA_H
 #define SQL_SCHEMA_H
 /* Schema version constant */
 #define EMBEDDED_SCHEMA_VERSION "3"
 /* Embedded SQL schema as C string literal */
 static const char* const EMBEDDED_SCHEMA_SQL = 
 "-- C Nostr Relay Database Schema\n\
 -- SQLite schema for storing Nostr events with JSON tags support\n\
 \n\
 -- Schema version tracking\n\
 PRAGMA user_version = 3;\n\
 \n\
 -- Enable foreign key support\n\
 PRAGMA foreign_keys = ON;\n\
 \n\
 -- Optimize for performance\n\
 PRAGMA journal_mode = WAL;\n\
 PRAGMA synchronous = NORMAL;\n\
 PRAGMA cache_size = 10000;\n\
 \n\
 -- Core events table with hybrid single-table design\n\
 CREATE TABLE events (\n\
    id TEXT PRIMARY KEY,                -- Nostr event ID (hex string)\n\
    pubkey TEXT NOT NULL,               -- Public key of event author (hex string)\n\
    created_at INTEGER NOT NULL,       -- Event creation timestamp (Unix timestamp)\n\
    kind INTEGER NOT NULL,              -- Event kind (0-65535)\n\
    event_type TEXT NOT NULL CHECK (event_type IN ('regular', 'replaceable', 'ephemeral', 'addressable')),\n\
    content TEXT NOT NULL,              -- Event content (text content only)\n\
    sig TEXT NOT NULL,                  -- Event signature (hex string)\n\
    tags JSON NOT NULL DEFAULT '[]',   -- Event tags as JSON array\n\
    first_seen INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))  -- When relay received event\n\
 );\n\
 \n\
 -- Core performance indexes\n\
 CREATE INDEX idx_events_pubkey ON events(pubkey);\n\
 CREATE INDEX idx_events_kind ON events(kind);\n\
 CREATE INDEX idx_events_created_at ON events(created_at DESC);\n\
 CREATE INDEX idx_events_event_type ON events(event_type);\n\
 \n\
 -- Composite indexes for common query patterns\n\
 CREATE INDEX idx_events_kind_created_at ON events(kind, created_at DESC);\n\
 CREATE INDEX idx_events_pubkey_created_at ON events(pubkey, created_at DESC);\n\
 CREATE INDEX idx_events_pubkey_kind ON events(pubkey, kind);\n\
 \n\
 -- Schema information table\n\
 CREATE TABLE schema_info (\n\
    key TEXT PRIMARY KEY,\n\
    value TEXT NOT NULL,\n\
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\
 );\n\
 \n\
 -- Insert schema metadata\n\
 INSERT INTO schema_info (key, value) VALUES\n\
    ('version', '3'),\n\
    ('description', 'Hybrid single-table Nostr relay schema with JSON tags and configuration management'),\n\
    ('created_at', strftime('%s', 'now'));\n\
 \n\
 -- Helper views for common queries\n\
 CREATE VIEW recent_events AS\n\
 SELECT id, pubkey, created_at, kind, event_type, content\n\
 FROM events\n\
 WHERE event_type != 'ephemeral'\n\
 ORDER BY created_at DESC\n\
 LIMIT 1000;\n\
 \n\
 CREATE VIEW event_stats AS\n\
 SELECT \n\
    event_type,\n\
    COUNT(*) as count,\n\
    AVG(length(content)) as avg_content_length,\n\
    MIN(created_at) as earliest,\n\
    MAX(created_at) as latest\n\
 FROM events\n\
 GROUP BY event_type;\n\
 \n\
 -- Optimization: Trigger for automatic cleanup of ephemeral events older than 1 hour\n\
 CREATE TRIGGER cleanup_ephemeral_events\n\
    AFTER INSERT ON events\n\
    WHEN NEW.event_type = 'ephemeral'\n\
 BEGIN\n\
    DELETE FROM events \n\
    WHERE event_type = 'ephemeral' \n\
    AND first_seen < (strftime('%s', 'now') - 3600);\n\
 END;\n\
 \n\
 -- Replaceable event handling trigger\n\
 CREATE TRIGGER handle_replaceable_events\n\
    AFTER INSERT ON events\n\
    WHEN NEW.event_type = 'replaceable'\n\
 BEGIN\n\
    DELETE FROM events \n\
    WHERE pubkey = NEW.pubkey \n\
    AND kind = NEW.kind \n\
    AND event_type = 'replaceable'\n\
    AND id != NEW.id;\n\
 END;\n\
 \n\
 -- Persistent Subscriptions Logging Tables (Phase 2)\n\
 -- Optional database logging for subscription analytics and debugging\n\
 \n\
 -- Subscription events log\n\
 CREATE TABLE subscription_events (\n\
    id INTEGER PRIMARY KEY AUTOINCREMENT,\n\
    subscription_id TEXT NOT NULL,           -- Subscription ID from client\n\
    client_ip TEXT NOT NULL,                 -- Client IP address\n\
    event_type TEXT NOT NULL CHECK (event_type IN ('created', 'closed', 'expired', 'disconnected')),\n\
    filter_json TEXT,                        -- JSON representation of filters (for created events)\n\
    events_sent INTEGER DEFAULT 0,           -- Number of events sent to this subscription\n\
    created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    ended_at INTEGER,                        -- When subscription ended (for closed/expired/disconnected)\n\
    duration INTEGER                         -- Computed: ended_at - created_at\n\
 );\n\
 \n\
 -- Subscription metrics summary\n\
 CREATE TABLE subscription_metrics (\n\
    id INTEGER PRIMARY KEY AUTOINCREMENT,\n\
    date TEXT NOT NULL,                      -- Date (YYYY-MM-DD)\n\
    total_created INTEGER DEFAULT 0,         -- Total subscriptions created\n\
    total_closed INTEGER DEFAULT 0,          -- Total subscriptions closed\n\
    total_events_broadcast INTEGER DEFAULT 0, -- Total events broadcast\n\
    avg_duration REAL DEFAULT 0,            -- Average subscription duration\n\
    peak_concurrent INTEGER DEFAULT 0,       -- Peak concurrent subscriptions\n\
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    UNIQUE(date)\n\
 );\n\
 \n\
 -- Event broadcasting log (optional, for detailed analytics)\n\
 CREATE TABLE event_broadcasts (\n\
    id INTEGER PRIMARY KEY AUTOINCREMENT,\n\
    event_id TEXT NOT NULL,                  -- Event ID that was broadcast\n\
    subscription_id TEXT NOT NULL,           -- Subscription that received it\n\
    client_ip TEXT NOT NULL,                 -- Client IP\n\
    broadcast_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    FOREIGN KEY (event_id) REFERENCES events(id)\n\
 );\n\
 \n\
 -- Indexes for subscription logging performance\n\
 CREATE INDEX idx_subscription_events_id ON subscription_events(subscription_id);\n\
 CREATE INDEX idx_subscription_events_type ON subscription_events(event_type);\n\
 CREATE INDEX idx_subscription_events_created ON subscription_events(created_at DESC);\n\
 CREATE INDEX idx_subscription_events_client ON subscription_events(client_ip);\n\
 \n\
 CREATE INDEX idx_subscription_metrics_date ON subscription_metrics(date DESC);\n\
 \n\
 CREATE INDEX idx_event_broadcasts_event ON event_broadcasts(event_id);\n\
 CREATE INDEX idx_event_broadcasts_sub ON event_broadcasts(subscription_id);\n\
 CREATE INDEX idx_event_broadcasts_time ON event_broadcasts(broadcast_at DESC);\n\
 \n\
 -- Trigger to update subscription duration when ended\n\
 CREATE TRIGGER update_subscription_duration\n\
    AFTER UPDATE OF ended_at ON subscription_events\n\
    WHEN NEW.ended_at IS NOT NULL AND OLD.ended_at IS NULL\n\
 BEGIN\n\
    UPDATE subscription_events\n\
    SET duration = NEW.ended_at - NEW.created_at\n\
    WHERE id = NEW.id;\n\
 END;\n\
 \n\
 -- View for subscription analytics\n\
 CREATE VIEW subscription_analytics AS\n\
 SELECT\n\
    date(created_at, 'unixepoch') as date,\n\
    COUNT(*) as subscriptions_created,\n\
    COUNT(CASE WHEN ended_at IS NOT NULL THEN 1 END) as subscriptions_ended,\n\
    AVG(CASE WHEN duration IS NOT NULL THEN duration END) as avg_duration_seconds,\n\
    MAX(events_sent) as max_events_sent,\n\
    AVG(events_sent) as avg_events_sent,\n\
    COUNT(DISTINCT client_ip) as unique_clients\n\
 FROM subscription_events\n\
 GROUP BY date(created_at, 'unixepoch')\n\
 ORDER BY date DESC;\n\
 \n\
 -- View for current active subscriptions (from log perspective)\n\
 CREATE VIEW active_subscriptions_log AS\n\
 SELECT\n\
    subscription_id,\n\
    client_ip,\n\
    filter_json,\n\
    events_sent,\n\
    created_at,\n\
    (strftime('%s', 'now') - created_at) as duration_seconds\n\
 FROM subscription_events\n\
 WHERE event_type = 'created'\n\
 AND subscription_id NOT IN (\n\
    SELECT subscription_id FROM subscription_events\n\
    WHERE event_type IN ('closed', 'expired', 'disconnected')\n\
 );\n\
 \n\
 -- ================================\n\
 -- CONFIGURATION MANAGEMENT TABLES\n\
 -- ================================\n\
 \n\
 -- Core server configuration table\n\
 CREATE TABLE config (\n\
    key TEXT PRIMARY KEY,                    -- Configuration key (unique identifier)\n\
    value TEXT NOT NULL,                     -- Configuration value (stored as string)\n\
    description TEXT,                        -- Human-readable description\n\
    config_type TEXT DEFAULT 'user' CHECK (config_type IN ('system', 'user', 'runtime')),\n\
    data_type TEXT DEFAULT 'string' CHECK (data_type IN ('string', 'integer', 'boolean', 'json')),\n\
    validation_rules TEXT,                   -- JSON validation rules (optional)\n\
    is_sensitive INTEGER DEFAULT 0,          -- 1 if value should be masked in logs\n\
    requires_restart INTEGER DEFAULT 0,      -- 1 if change requires server restart\n\
    created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\
 );\n\
 \n\
 -- Configuration change history table\n\
 CREATE TABLE config_history (\n\
    id INTEGER PRIMARY KEY AUTOINCREMENT,\n\
    config_key TEXT NOT NULL,               -- Key that was changed\n\
    old_value TEXT,                         -- Previous value (NULL for new keys)\n\
    new_value TEXT NOT NULL,                -- New value\n\
    changed_by TEXT DEFAULT 'system',       -- Who made the change (system/admin/user)\n\
    change_reason TEXT,                     -- Optional reason for change\n\
    changed_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    FOREIGN KEY (config_key) REFERENCES config(key)\n\
 );\n\
 \n\
 -- Configuration validation errors log\n\
 CREATE TABLE config_validation_log (\n\
    id INTEGER PRIMARY KEY AUTOINCREMENT,\n\
    config_key TEXT NOT NULL,\n\
    attempted_value TEXT,\n\
    validation_error TEXT NOT NULL,\n\
    error_source TEXT DEFAULT 'validation',  -- validation/parsing/constraint\n\
    attempted_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\
 );\n\
 \n\
 -- Cache for file-based configuration events\n\
 CREATE TABLE config_file_cache (\n\
    file_path TEXT PRIMARY KEY,             -- Full path to config file\n\
    file_hash TEXT NOT NULL,                -- SHA256 hash of file content\n\
    event_id TEXT,                          -- Nostr event ID from file\n\
    event_pubkey TEXT,                      -- Admin pubkey that signed event\n\
    loaded_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\
    validation_status TEXT CHECK (validation_status IN ('valid', 'invalid', 'unverified')),\n\
    validation_error TEXT                   -- Error details if invalid\n\
 );\n\
 \n\
 -- Performance indexes for configuration tables\n\
 CREATE INDEX idx_config_type ON config(config_type);\n\
 CREATE INDEX idx_config_updated ON config(updated_at DESC);\n\
 CREATE INDEX idx_config_history_key ON config_history(config_key);\n\
 CREATE INDEX idx_config_history_time ON config_history(changed_at DESC);\n\
 CREATE INDEX idx_config_validation_key ON config_validation_log(config_key);\n\
 CREATE INDEX idx_config_validation_time ON config_validation_log(attempted_at DESC);\n\
 \n\
 -- Trigger to update timestamp on configuration changes\n\
 CREATE TRIGGER update_config_timestamp\n\
    AFTER UPDATE ON config\n\
 BEGIN\n\
    UPDATE config SET updated_at = strftime('%s', 'now') WHERE key = NEW.key;\n\
 END;\n\
 \n\
 -- Trigger to log configuration changes to history\n\
 CREATE TRIGGER log_config_changes\n\
    AFTER UPDATE ON config\n\
    WHEN OLD.value != NEW.value\n\
 BEGIN\n\
    INSERT INTO config_history (config_key, old_value, new_value, changed_by, change_reason)\n\
    VALUES (NEW.key, OLD.value, NEW.value, 'system', 'configuration update');\n\
 END;\n\
 \n\
 -- Active Configuration View\n\
 CREATE VIEW active_config AS\n\
 SELECT\n\
    key,\n\
    value,\n\
    description,\n\
    config_type,\n\
    data_type,\n\
    requires_restart,\n\
    updated_at\n\
 FROM config\n\
 WHERE config_type IN ('system', 'user')\n\
 ORDER BY config_type, key;\n\
 \n\
 -- Runtime Statistics View\n\
 CREATE VIEW runtime_stats AS\n\
 SELECT\n\
    key,\n\
    value,\n\
    description,\n\
    updated_at\n\
 FROM config\n\
 WHERE config_type = 'runtime'\n\
 ORDER BY key;\n\
 \n\
 -- Configuration Change Summary\n\
 CREATE VIEW recent_config_changes AS\n\
 SELECT\n\
    ch.config_key,\n\
    sc.description,\n\
    ch.old_value,\n\
    ch.new_value,\n\
    ch.changed_by,\n\
    ch.change_reason,\n\
    ch.changed_at\n\
 FROM config_history ch\n\
 JOIN config sc ON ch.config_key = sc.key\n\
 ORDER BY ch.changed_at DESC\n\
 LIMIT 50;\n\
 \n\
 -- Runtime Statistics (initialized by server on startup)\n\
 -- These will be populated when configuration system initializes";
 #endif /* SQL_SCHEMA_H */
--- a/systemd/README.md
+++ b/systemd/README.md
@@ -0,0 +1,217 @@
 # C-Relay Systemd Service
 This directory contains files for running C-Relay as a Linux systemd service.
 ## Files
 - **`c-relay.service`** - Systemd service unit file
 - **`install-systemd.sh`** - Installation script (run as root)
 - **`uninstall-systemd.sh`** - Uninstallation script (run as root)
 - **`README.md`** - This documentation file
 ## Quick Start
 ### 1. Build the relay
 ```bash
 # From the project root directory
 make
 ```
 ### 2. Install as systemd service
 ```bash
 # Run the installation script as root
 sudo ./systemd/install-systemd.sh
 ```
 ### 3. Start the service
 ```bash
 sudo systemctl start c-relay
 ```
 ### 4. Check status
 ```bash
 sudo systemctl status c-relay
 ```
 ## Service Details
 ### Installation Location
 - **Binary**: `/opt/c-relay/c_relay_x86`
 - **Database**: `/opt/c-relay/db/`
 - **Service File**: `/etc/systemd/system/c-relay.service`
 ### User Account
 - **User**: `c-relay` (system user, no shell access)
 - **Group**: `c-relay`
 - **Home Directory**: `/opt/c-relay`
 ### Network Configuration
 - **Default Port**: 8888
 - **Default Host**: 127.0.0.1 (localhost only)
 - **WebSocket Endpoint**: `ws://127.0.0.1:8888`
 ## Configuration
 ### Environment Variables
 Edit `/etc/systemd/system/c-relay.service` to configure:
 ```ini
 Environment=C_RELAY_CONFIG_PRIVKEY=your_private_key_here
 Environment=C_RELAY_PORT=8888
 Environment=C_RELAY_HOST=0.0.0.0
 ```
 After editing, reload and restart:
 ```bash
 sudo systemctl daemon-reload
 sudo systemctl restart c-relay
 ```
 ### Security Settings
 The service runs with enhanced security:
 - Runs as unprivileged `c-relay` user
 - No new privileges allowed
 - Protected system directories
 - Private temporary directory
 - Limited file access (only `/opt/c-relay/db` writable)
 - Network restrictions to IPv4/IPv6 only
 ## Service Management
 ### Basic Commands
 ```bash
 # Start service
 sudo systemctl start c-relay
 # Stop service
 sudo systemctl stop c-relay
 # Restart service
 sudo systemctl restart c-relay
 # Enable auto-start on boot
 sudo systemctl enable c-relay
 # Disable auto-start on boot
 sudo systemctl disable c-relay
 # Check service status
 sudo systemctl status c-relay
 # View logs (live)
 sudo journalctl -u c-relay -f
 # View logs (last 100 lines)
 sudo journalctl -u c-relay -n 100
 ```
 ### Log Management
 Logs are handled by systemd's journal:
 ```bash
 # View all logs
 sudo journalctl -u c-relay
 # View logs from today
 sudo journalctl -u c-relay --since today
 # View logs with timestamps
 sudo journalctl -u c-relay --since "1 hour ago" --no-pager
 ```
 ## Database Management
 The database is automatically created on first run. Location: `/opt/c-relay/db/c_nostr_relay.db`
 ### Backup Database
 ```bash
 sudo cp /opt/c-relay/db/c_nostr_relay.db /opt/c-relay/db/backup-$(date +%Y%m%d).db
 ```
 ### Reset Database
 ```bash
 sudo systemctl stop c-relay
 sudo rm /opt/c-relay/db/c_nostr_relay.db*
 sudo systemctl start c-relay
 ```
 ## Updating the Service
 ### Update Binary
 1. Build new version: `make`
 2. Stop service: `sudo systemctl stop c-relay`
 3. Replace binary: `sudo cp build/c_relay_x86 /opt/c-relay/`
 4. Set permissions: `sudo chown c-relay:c-relay /opt/c-relay/c_relay_x86`
 5. Start service: `sudo systemctl start c-relay`
 ### Update Service File
 1. Stop service: `sudo systemctl stop c-relay`
 2. Copy new service file: `sudo cp systemd/c-relay.service /etc/systemd/system/`
 3. Reload systemd: `sudo systemctl daemon-reload`
 4. Start service: `sudo systemctl start c-relay`
 ## Uninstallation
 Run the uninstall script to completely remove the service:
 ```bash
 sudo ./systemd/uninstall-systemd.sh
 ```
 This will:
 - Stop and disable the service
 - Remove the systemd service file
 - Optionally remove the installation directory
 - Optionally remove the `c-relay` user account
 ## Troubleshooting
 ### Service Won't Start
 ```bash
 # Check detailed status
 sudo systemctl status c-relay -l
 # Check logs for errors
 sudo journalctl -u c-relay --no-pager -l
 ```
 ### Permission Issues
 ```bash
 # Fix ownership of installation directory
 sudo chown -R c-relay:c-relay /opt/c-relay
 # Ensure binary is executable
 sudo chmod +x /opt/c-relay/c_relay_x86
 ```
 ### Port Already in Use
 ```bash
 # Check what's using port 8888
 sudo netstat -tulpn | grep :8888
 # Or with ss command
 sudo ss -tulpn | grep :8888
 ```
 ### Database Issues
 ```bash
 # Check database file permissions
 ls -la /opt/c-relay/db/
 # Check database integrity
 sudo -u c-relay sqlite3 /opt/c-relay/db/c_nostr_relay.db "PRAGMA integrity_check;"
 ```
 ## Custom Configuration
 For advanced configurations, you can:
 1. Modify the service file for different ports or settings
 2. Use environment files: `/etc/systemd/system/c-relay.service.d/override.conf`
 3. Configure log rotation with journald settings
 4. Set up reverse proxy (nginx/apache) for HTTPS support
 ## Security Considerations
 - The service runs as a non-root user with minimal privileges
 - Database directory is only writable by the c-relay user
 - Consider firewall rules for the relay port
 - For internet-facing relays, use reverse proxy with SSL/TLS
 - Monitor logs for suspicious activity
--- a/systemd/c-relay.service
+++ b/systemd/c-relay.service
@@ -0,0 +1,43 @@
 [Unit]
 Description=C Nostr Relay Server
 Documentation=https://github.com/your-repo/c-relay
 After=network.target
 Wants=network-online.target
 [Service]
 Type=simple
 User=c-relay
 Group=c-relay
 WorkingDirectory=/opt/c-relay
 ExecStart=/opt/c-relay/c_relay_x86
 Restart=always
 RestartSec=5
 StandardOutput=journal
 StandardError=journal
 SyslogIdentifier=c-relay
 # Security settings
 NoNewPrivileges=true
 ProtectSystem=strict
 ProtectHome=true
 ReadWritePaths=/opt/c-relay/db
 PrivateTmp=true
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectControlGroups=true
 # Network security
 PrivateNetwork=false
 RestrictAddressFamilies=AF_INET AF_INET6
 # Resource limits
 LimitNOFILE=65536
 LimitNPROC=4096
 # Environment variables (optional)
 Environment=C_RELAY_CONFIG_PRIVKEY=
 Environment=C_RELAY_PORT=8888
 Environment=C_RELAY_HOST=127.0.0.1
 [Install]
 WantedBy=multi-user.target
--- a/systemd/install-systemd.sh
+++ b/systemd/install-systemd.sh
@@ -0,0 +1,92 @@
 #!/bin/bash
 # C-Relay Systemd Service Installation Script
 # This script installs the C-Relay as a systemd service
 set -e
 # Configuration
 INSTALL_DIR="/opt/c-relay"
 SERVICE_NAME="c-relay"
 SERVICE_FILE="c-relay.service"
 BINARY_NAME="c_relay_x86"
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 NC='\033[0m' # No Color
 echo -e "${GREEN}=== C-Relay Systemd Service Installation ===${NC}"
 # Check if running as root
 if [[ $EUID -ne 0 ]]; then
   echo -e "${RED}Error: This script must be run as root${NC}"
   echo "Usage: sudo ./install-systemd.sh"
   exit 1
 fi
 # Check if binary exists (script is in systemd/ subdirectory)
 if [ ! -f "../build/$BINARY_NAME" ]; then
    echo -e "${RED}Error: Binary ../build/$BINARY_NAME not found${NC}"
    echo "Please run 'make' from the project root directory first"
    exit 1
 fi
 # Check if service file exists
 if [ ! -f "$SERVICE_FILE" ]; then
    echo -e "${RED}Error: Service file $SERVICE_FILE not found${NC}"
    exit 1
 fi
 # Create c-relay user if it doesn't exist
 if ! id "c-relay" &>/dev/null; then
    echo -e "${YELLOW}Creating c-relay user...${NC}"
    useradd --system --shell /bin/false --home-dir $INSTALL_DIR --create-home c-relay
 else
    echo -e "${GREEN}User c-relay already exists${NC}"
 fi
 # Create installation directory
 echo -e "${YELLOW}Creating installation directory...${NC}"
 mkdir -p $INSTALL_DIR
 mkdir -p $INSTALL_DIR/db
 # Copy binary
 echo -e "${YELLOW}Installing binary...${NC}"
 cp ../build/$BINARY_NAME $INSTALL_DIR/
 chmod +x $INSTALL_DIR/$BINARY_NAME
 # Set permissions
 echo -e "${YELLOW}Setting permissions...${NC}"
 chown -R c-relay:c-relay $INSTALL_DIR
 # Install systemd service
 echo -e "${YELLOW}Installing systemd service...${NC}"
 cp $SERVICE_FILE /etc/systemd/system/
 systemctl daemon-reload
 # Enable service
 echo -e "${YELLOW}Enabling service...${NC}"
 systemctl enable $SERVICE_NAME
 echo -e "${GREEN}=== Installation Complete ===${NC}"
 echo
 echo -e "${GREEN}Next steps:${NC}"
 echo "1. Configure environment variables in /etc/systemd/system/$SERVICE_FILE if needed"
 echo "2. Start the service: sudo systemctl start $SERVICE_NAME"
 echo "3. Check status: sudo systemctl status $SERVICE_NAME"
 echo "4. View logs: sudo journalctl -u $SERVICE_NAME -f"
 echo
 echo -e "${GREEN}Service commands:${NC}"
 echo "  Start:   sudo systemctl start $SERVICE_NAME"
 echo "  Stop:    sudo systemctl stop $SERVICE_NAME"
 echo "  Restart: sudo systemctl restart $SERVICE_NAME"
 echo "  Status:  sudo systemctl status $SERVICE_NAME"
 echo "  Logs:    sudo journalctl -u $SERVICE_NAME"
 echo
 echo -e "${GREEN}Installation directory: $INSTALL_DIR${NC}"
 echo -e "${GREEN}Service file: /etc/systemd/system/$SERVICE_FILE${NC}"
 echo
 echo -e "${YELLOW}Note: The relay will run on port 8888 by default${NC}"
 echo -e "${YELLOW}Database will be created automatically in $INSTALL_DIR/db/${NC}"
--- a/systemd/uninstall-systemd.sh
+++ b/systemd/uninstall-systemd.sh
@@ -0,0 +1,86 @@
 #!/bin/bash
 # C-Relay Systemd Service Uninstallation Script
 # This script removes the C-Relay systemd service
 set -e
 # Configuration
 INSTALL_DIR="/opt/c-relay"
 SERVICE_NAME="c-relay"
 SERVICE_FILE="c-relay.service"
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 NC='\033[0m' # No Color
 echo -e "${GREEN}=== C-Relay Systemd Service Uninstallation ===${NC}"
 # Check if running as root
 if [[ $EUID -ne 0 ]]; then
   echo -e "${RED}Error: This script must be run as root${NC}"
   echo "Usage: sudo ./uninstall-systemd.sh"
   exit 1
 fi
 # Stop service if running
 echo -e "${YELLOW}Stopping service...${NC}"
 if systemctl is-active --quiet $SERVICE_NAME; then
    systemctl stop $SERVICE_NAME
    echo -e "${GREEN}Service stopped${NC}"
 else
    echo -e "${GREEN}Service was not running${NC}"
 fi
 # Disable service if enabled
 echo -e "${YELLOW}Disabling service...${NC}"
 if systemctl is-enabled --quiet $SERVICE_NAME; then
    systemctl disable $SERVICE_NAME
    echo -e "${GREEN}Service disabled${NC}"
 else
    echo -e "${GREEN}Service was not enabled${NC}"
 fi
 # Remove systemd service file
 echo -e "${YELLOW}Removing service file...${NC}"
 if [ -f "/etc/systemd/system/$SERVICE_FILE" ]; then
    rm /etc/systemd/system/$SERVICE_FILE
    systemctl daemon-reload
    echo -e "${GREEN}Service file removed${NC}"
 else
    echo -e "${GREEN}Service file was not found${NC}"
 fi
 # Ask about removing installation directory
 echo
 echo -e "${YELLOW}Do you want to remove the installation directory $INSTALL_DIR? (y/N)${NC}"
 read -r response
 if [[ "$response" =~ ^([yY][eE][sS]|[yY])$ ]]; then
    echo -e "${YELLOW}Removing installation directory...${NC}"
    rm -rf $INSTALL_DIR
    echo -e "${GREEN}Installation directory removed${NC}"
 else
    echo -e "${GREEN}Installation directory preserved${NC}"
 fi
 # Ask about removing c-relay user
 echo
 echo -e "${YELLOW}Do you want to remove the c-relay user? (y/N)${NC}"
 read -r response
 if [[ "$response" =~ ^([yY][eE][sS]|[yY])$ ]]; then
    echo -e "${YELLOW}Removing c-relay user...${NC}"
    if id "c-relay" &>/dev/null; then
        userdel c-relay
        echo -e "${GREEN}User c-relay removed${NC}"
    else
        echo -e "${GREEN}User c-relay was not found${NC}"
    fi
 else
    echo -e "${GREEN}User c-relay preserved${NC}"
 fi
 echo
 echo -e "${GREEN}=== Uninstallation Complete ===${NC}"
 echo -e "${GREEN}C-Relay systemd service has been removed${NC}"
Author	SHA1	Message	Date
Your Name	6d9b4efb7e	v0.2.12 - Command line variables added	2025-09-06 07:41:43 -04:00
Your Name	6f51f445b7	v0.2.11 - Picky shit	2025-09-06 07:12:47 -04:00
Your Name	6de9518de7	v0.2.10 - Clean versioning	2025-09-06 06:25:27 -04:00
Your Name	517cc020c7	v0.2.9 - Embedded sql schema into app	2025-09-06 06:21:02 -04:00
Your Name	2c699652b0	v0.2.8 - Almost Final test of fixed versioning system	2025-09-06 05:14:03 -04:00
Your Name	2e4ffc0e79	Add force push for updated tags	2025-09-06 05:11:11 -04:00
Your Name	70c91ec858	Fix version.h generation timing in build script	2025-09-06 05:09:35 -04:00
Your Name	b7c4609c2d	Fix tag push failure in build script	2025-09-06 05:06:03 -04:00