feat: add NIP-42 client authentication

[Anshumancanrock]

Description

First of two PRs for NIP-42. This one just adds the types, constants and schema.

• added EventKinds.AUTH (22242), EventTags.Challenge and EventTags.AuthRelay to constants/base.ts
• added MessageType.AUTH, AuthMessage and AuthChallengeMessage to @types/messages.ts
• added authMessageSchema to message-schema.ts and wired it into the main messageSchema union
• added createAuthChallengeMessage helper to utils/messages.ts

The handler, WebSocket wiring and session state are in the follow-up PR.

Related Issue

Closes #619

Motivation and Context

Needed a clean base before touching the adapter. Keeping the type changes separate makes the actual handler PR much easier to review.

How Has This Been Tested?

Added schema unit tests for the new authMessageSchema. All 1265 tests pass, lint and tsc clean.

Types of changes

• Non-functional change (docs, style, minor refactor)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my code changes.
• I added a changeset, or this is docs-only and I added an empty changeset.
• All new and existing tests passed.

[changeset-bot]

🦋 Changeset detected

Latest commit: 4348096

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
nostream	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coveralls]

coverage: 65.108% (+0.001%) from 65.107% — Anshumancanrock:add-nip-42 into cameri:main

[Copilot]

Pull request overview

Adds initial NIP-42 client authentication support to the WebSocket layer so connections can be associated with authenticated pubkeys (enabling future pubkey-based rate limiting/access control).

Changes:

• Send an ["AUTH", <challenge>] message on WebSocket connection and track per-connection authenticated pubkeys.
• Add AuthMessageHandler and wire it into message parsing/dispatch; block kind 22242 from the normal EVENT pipeline.
• Extend schemas/types/utilities and add unit tests + changeset for the new AUTH message flow.

Reviewed changes

Copilot reviewed 14 out of 14 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
src/adapters/web-socket-adapter.ts	Generates/sends NIP-42 challenge on connect; tracks authenticated pubkeys per connection.
src/handlers/auth-message-handler.ts	Implements NIP-42 verification and emits OK results; records authenticated pubkeys on success.
src/handlers/event-message-handler.ts	Rejects kind 22242 published via EVENT to keep auth events out of storage.
src/factories/message-handler-factory.ts	Routes AUTH messages to AuthMessageHandler.
src/schemas/message-schema.ts	Adds Zod schema for incoming AUTH messages.
src/utils/messages.ts	Adds helper to create AUTH challenge messages.
src/constants/base.ts	Introduces EventKinds.AUTH and NIP-42 tag constants.
src/@types/messages.ts	Adds AUTH message types and includes them in Incoming/Outgoing unions.
src/@types/adapters.ts	Extends adapter interface with challenge/authenticated-pubkeys accessors.
test/unit/handlers/auth-message-handler.spec.ts	New unit tests covering auth validation success/failure cases.
test/unit/adapters/web-socket-adapter.spec.ts	Tests for challenge emission + challenge/pubkey tracking APIs.
test/unit/schemas/message-schema.spec.ts	Adds schema validation coverage for AUTH message shape.
test/unit/factories/message-handler-factory.spec.ts	Ensures factory returns AuthMessageHandler for AUTH.
.changeset/add-nip-42-auth.md	Declares a minor release for the new feature.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Anshumancanrock]

Hi @cameri , I stripped this one back to just the base types/constants. Will drop the handler logic in a follow-up. Thanks !

[Anshumancanrock]

Hi @cameri, Could you please merge this PR? I'd like to open the next one after it's merged.