Document ohttp relay best practice in payjoin lib

[bc1cindy]

adds the OHTTP relay random selection guidance to the lib API surface, where wallet developers read it

part of #1328

[coveralls]

Coverage Report for CI Build 25828093688

Coverage remained the same at 85.294%

Details

• Coverage remained the same as the base build.
• Patch coverage: No coverable lines changed in this PR.
• No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.

---

Coverage Stats

Relevant Lines:	13668
Covered Lines:	11658
Line Coverage:	85.29%
Coverage Strength:	395.81 hits per line

---

💛 - Coveralls

[nothingmuch]

the explanation of the problem needs to be clarified, but also i think just the top level module docs are enough, duplicating text usually leads to inconsistencies down the line especially when that duplication is spread out

[bc1cindy]

added doc about the health check practice

[bc1cindy]

thank you guys for the review @arminsabouri @zealsham @nothingmuch

got it

ready for re-review

[nothingmuch]

a potentially more privacy preserving health check would be to create a fake session:

• use two relays to GET and shortly therafter POST a dummy request to yourself., simulating two clients that are online

• or do a POST first, alternating with a GET for the next check, simulating sleepy clients

such checks would be less fingerprintable than the existing ones, and would confirm the directory is forwarding messages correctly.

it would mess with the statistics gathered (e.g. unique shortids, etc), but that's something we can correct for if we know that there are reasonable limits on how much clients do this

[nothingmuch]

not related but with #1450, key consistency should be checked as well.

[bc1cindy]

ok

once key rotation lands (#1449), the same fetch_ohttp_keys response carries both reachability and freshness info (compare returned keyid to cached)

this section should expand to cover that