diff --git a/go.mod b/go.mod
index 143c8a2..b1e8ecd 100644
--- a/go.mod
+++ b/go.mod
@@ -5,10 +5,10 @@ go 1.23.1
 require (
 	git.devvul.com/asara/gologger v0.9.0
 	github.com/fiatjaf/eventstore v0.9.1
-	github.com/fiatjaf/khatru v0.8.1
+	github.com/fiatjaf/khatru v0.8.2
 	github.com/jmoiron/sqlx v1.4.0
 	github.com/lib/pq v1.10.9
-	github.com/nbd-wtf/go-nostr v0.37.2
+	github.com/nbd-wtf/go-nostr v0.37.3
 )
 
 require (
diff --git a/go.sum b/go.sum
index 793f4f5..1010d7c 100644
--- a/go.sum
+++ b/go.sum
@@ -19,8 +19,8 @@ github.com/fasthttp/websocket v1.5.7 h1:0a6o2OfeATvtGgoMKleURhLT6JqWPg7fYfWnH4KH
 github.com/fasthttp/websocket v1.5.7/go.mod h1:bC4fxSono9czeXHQUVKxsC0sNjbm7lPJR04GDFqClfU=
 github.com/fiatjaf/eventstore v0.9.1 h1:dLum4W6NOkDXMgckjj5lLfKrRVW8oN3zS7tfbXzGxJg=
 github.com/fiatjaf/eventstore v0.9.1/go.mod h1:h5CdLSF7mEQ7/rWpEABTRIrNuFoSwdQDi/nZkW/vVFU=
-github.com/fiatjaf/khatru v0.8.1 h1:BWAZqwuT0272ZlyzPkuqAA0eGBOs5G3u0Dn1tlWrm6Q=
-github.com/fiatjaf/khatru v0.8.1/go.mod h1:jRmqbbIbEH+y0unt3wMUBwqY/btVussqx5SmBoGhXtg=
+github.com/fiatjaf/khatru v0.8.2 h1:kYfdi4piAS2+/Lqnxzk0IAdjM4PsSK47N9+k5mE18rU=
+github.com/fiatjaf/khatru v0.8.2/go.mod h1:44X/Mcc+2ObOqz+/fDbhAW3BeUEPKxDgrX9St/cXEKc=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
@@ -48,8 +48,8 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
 github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
-github.com/nbd-wtf/go-nostr v0.37.2 h1:42rriFqqz07EdydERwYeQnewl+Rah1Gq46I+Wh0KYYg=
-github.com/nbd-wtf/go-nostr v0.37.2/go.mod h1:TGKGj00BmJRXvRe0LlpDN3KKbELhhPXgBwUEhzu3Oq0=
+github.com/nbd-wtf/go-nostr v0.37.3 h1:p/rrOWhaAk78UCVwzWtTN1C8WbP2k5eQV4HlpEYAeeA=
+github.com/nbd-wtf/go-nostr v0.37.3/go.mod h1:TGKGj00BmJRXvRe0LlpDN3KKbELhhPXgBwUEhzu3Oq0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
diff --git a/nostr/policies.go b/nostr/policies.go
index dcfb177..062b84d 100644
--- a/nostr/policies.go
+++ b/nostr/policies.go
@@ -36,12 +36,15 @@ func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bo
 	// in addition to the registered users, others can use the relay for the following kinds
 	// as long as a registered user is tagged in the `p` tag
 	// 4: nip-04 encrypted dms
+	// 6: nip-18 reposts (kind 1)
 	// 7: nip-25 reactions
 	// 14: nip-17 private dms
+	// 16: nip-18 reposts (generic)
 	// 1059: nip-59 gift wraps
+	// 9802: nip-84 highlights
 	// 24133: nip-46 nostr connect
 	switch event.Kind {
-	case 4, 7, 14, 1059, 24133:
+	case 4, 6, 7, 14, 16, 1059, 9802, 24133:
 		for _, npub := range event.Tags.GetAll([]string{"p"}) {
 			npubs = append(npubs, npub.Value())
 		}
diff --git a/nostr/relay.go b/nostr/relay.go
index f679258..0239eed 100644
--- a/nostr/relay.go
+++ b/nostr/relay.go
@@ -58,14 +58,12 @@ func NewRelay(version string) *khatru.Relay {
 	relay.DeleteEvent = append(relay.DeleteEvent, RelayDb.DeleteEvent)
 
 	// apply policies
-	relay.RejectEvent = append(
-		relay.RejectEvent,
+	relay.RejectEvent = append(relay.RejectEvent,
 		RejectUnregisteredNpubs,
 		policies.ValidateKind,
 	)
 
-	relay.RejectFilter = append(
-		relay.RejectFilter,
+	relay.RejectFilter = append(relay.RejectFilter,
 		policies.RejectKind04Snoopers,
 		policies.NoEmptyFilters,
 		policies.NoComplexFilters,
diff --git a/vendor/github.com/fiatjaf/khatru/adding.go b/vendor/github.com/fiatjaf/khatru/adding.go
index aa232fd..6e33f8b 100644
--- a/vendor/github.com/fiatjaf/khatru/adding.go
+++ b/vendor/github.com/fiatjaf/khatru/adding.go
@@ -11,6 +11,9 @@ import (
 
 // AddEvent sends an event through then normal add pipeline, as if it was received from a websocket.
 func (rl *Relay) AddEvent(ctx context.Context, evt *nostr.Event) (skipBroadcast bool, writeError error) {
+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
 	if evt == nil {
 		return false, errors.New("error: event is nil")
 	}
diff --git a/vendor/github.com/fiatjaf/khatru/handlers.go b/vendor/github.com/fiatjaf/khatru/handlers.go
index 1ffd500..ef87997 100644
--- a/vendor/github.com/fiatjaf/khatru/handlers.go
+++ b/vendor/github.com/fiatjaf/khatru/handlers.go
@@ -3,7 +3,6 @@ package khatru
 import (
 	"context"
 	"crypto/rand"
-	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"net/http"
@@ -128,9 +127,7 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 				switch env := envelope.(type) {
 				case *nostr.EventEnvelope:
 					// check id
-					hash := sha256.Sum256(env.Event.Serialize())
-					id := hex.EncodeToString(hash[:])
-					if id != env.Event.ID {
+					if env.Event.CheckID() {
 						ws.WriteJSON(nostr.OKEnvelope{EventID: env.Event.ID, OK: false, Reason: "invalid: id is computed incorrectly"})
 						return
 					}
diff --git a/vendor/github.com/fiatjaf/khatru/policies/helpers.go b/vendor/github.com/fiatjaf/khatru/policies/helpers.go
index b3bfe70..bae06d3 100644
--- a/vendor/github.com/fiatjaf/khatru/policies/helpers.go
+++ b/vendor/github.com/fiatjaf/khatru/policies/helpers.go
@@ -18,13 +18,12 @@ func startRateLimitSystem[K comparable](
 	go func() {
 		for {
 			time.Sleep(interval)
-			negativeBuckets.Range(func(key K, bucket *atomic.Int32) bool {
+			for key, bucket := range negativeBuckets.Range {
 				newv := bucket.Add(int32(-tokensPerInterval))
 				if newv <= 0 {
 					negativeBuckets.Delete(key)
 				}
-				return true
-			})
+			}
 		}
 	}()
 
diff --git a/vendor/github.com/fiatjaf/khatru/policies/ratelimits.go b/vendor/github.com/fiatjaf/khatru/policies/ratelimits.go
index 6a78e7c..9f9c497 100644
--- a/vendor/github.com/fiatjaf/khatru/policies/ratelimits.go
+++ b/vendor/github.com/fiatjaf/khatru/policies/ratelimits.go
@@ -13,7 +13,11 @@ func EventIPRateLimiter(tokensPerInterval int, interval time.Duration, maxTokens
 	rl := startRateLimitSystem[string](tokensPerInterval, interval, maxTokens)
 
 	return func(ctx context.Context, _ *nostr.Event) (reject bool, msg string) {
-		return rl(khatru.GetIP(ctx)), "rate-limited: slow down, please"
+		ip := khatru.GetIP(ctx)
+		if ip == "" {
+			return false, ""
+		}
+		return rl(ip), "rate-limited: slow down, please"
 	}
 }
 
diff --git a/vendor/github.com/fiatjaf/khatru/policies/sane_defaults.go b/vendor/github.com/fiatjaf/khatru/policies/sane_defaults.go
index 4230b14..249b14f 100644
--- a/vendor/github.com/fiatjaf/khatru/policies/sane_defaults.go
+++ b/vendor/github.com/fiatjaf/khatru/policies/sane_defaults.go
@@ -13,7 +13,6 @@ func ApplySaneDefaults(relay *khatru.Relay) {
 	)
 
 	relay.RejectFilter = append(relay.RejectFilter,
-		NoEmptyFilters,
 		NoComplexFilters,
 		FilterIPRateLimiter(20, time.Minute, 100),
 	)
diff --git a/vendor/github.com/fiatjaf/khatru/utils.go b/vendor/github.com/fiatjaf/khatru/utils.go
index 4060764..4745cd1 100644
--- a/vendor/github.com/fiatjaf/khatru/utils.go
+++ b/vendor/github.com/fiatjaf/khatru/utils.go
@@ -41,7 +41,12 @@ func GetAuthed(ctx context.Context) string {
 }
 
 func GetIP(ctx context.Context) string {
-	return GetIPFromRequest(GetConnection(ctx).Request)
+	conn := GetConnection(ctx)
+	if conn == nil {
+		return ""
+	}
+
+	return GetIPFromRequest(conn.Request)
 }
 
 func GetSubscriptionID(ctx context.Context) string {
diff --git a/vendor/github.com/nbd-wtf/go-nostr/relay.go b/vendor/github.com/nbd-wtf/go-nostr/relay.go
index ca86a1c..1ffb1fe 100644
--- a/vendor/github.com/nbd-wtf/go-nostr/relay.go
+++ b/vendor/github.com/nbd-wtf/go-nostr/relay.go
@@ -182,6 +182,10 @@ func (r *Relay) ConnectWithTLS(ctx context.Context, tlsConfig *tls.Config) error
 
 		// stop the ticker
 		ticker.Stop()
+
+		// nil the connection
+		r.Connection = nil
+
 		// close all subscriptions
 		r.Subscriptions.Range(func(_ string, sub *Subscription) bool {
 			go sub.Unsub()
@@ -520,7 +524,6 @@ func (r *Relay) Close() error {
 	}
 
 	err := r.Connection.Close()
-	r.Connection = nil
 	if err != nil {
 		return err
 	}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index ddfc179..af306dc 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -26,8 +26,8 @@ github.com/fasthttp/websocket
 ## explicit; go 1.23.0
 github.com/fiatjaf/eventstore
 github.com/fiatjaf/eventstore/postgresql
-# github.com/fiatjaf/khatru v0.8.1
-## explicit; go 1.23
+# github.com/fiatjaf/khatru v0.8.2
+## explicit; go 1.23.0
 github.com/fiatjaf/khatru
 github.com/fiatjaf/khatru/policies
 # github.com/gobwas/httphead v0.1.0
@@ -73,7 +73,7 @@ github.com/mattn/go-colorable
 # github.com/mattn/go-isatty v0.0.20
 ## explicit; go 1.15
 github.com/mattn/go-isatty
-# github.com/nbd-wtf/go-nostr v0.37.2
+# github.com/nbd-wtf/go-nostr v0.37.3
 ## explicit; go 1.23.0
 github.com/nbd-wtf/go-nostr
 github.com/nbd-wtf/go-nostr/nip11