feat: rename allowed_pubkeys to allowed_npubs with normalization

- Config now accepts npub format only (human-readable)
- Automatically converts npubs to hex pubkeys at load time
- Updated InterceptorOptions.AllowedPubkeys -> AllowedNpubs
- Added validation to reject hex format in config (npub only)
- Updated documentation to clarify npub-only config
- Added comprehensive tests for npub normalization

Config is for humans (npub), internal code uses hex pubkeys.

1 files changed, 8 insertions, 4 deletions

diff --git a/internal/config/README.md b/internal/config/README.md
index 79e1b89..dbb8760 100644
--- a/internal/config/README.md
+++ b/internal/config/README.md
@@ -90,9 +90,13 @@ auth:
   # Timestamp window in seconds for replay protection
   timestamp_window: 60
 
-  # Allowed pubkeys (optional, whitelist)
+  # Allowed npubs (optional, whitelist)
   # If empty, all valid signatures are accepted
-  allowed_pubkeys: []
+  # Use npub format only (e.g., npub1...)
+  allowed_npubs: []
+  # Example:
+  # allowed_npubs:
+  #   - npub1a2b3c4d5e6f...
 
   # Skip authentication for these methods
   skip_methods:
@@ -217,8 +221,8 @@ Examples:
 Complex types:
 
 ```bash
-# Lists (comma-separated)
-export MUXSTR_AUTH_ALLOWED_PUBKEYS="pubkey1,pubkey2,pubkey3"
+# Lists (comma-separated, npub format)
+export MUXSTR_AUTH_ALLOWED_NPUBS="npub1...,npub1...,npub1..."
 
 # Durations
 export MUXSTR_SERVER_READ_TIMEOUT="30s"