diff --git a/contrib/deterministic-build/requirements.txt b/contrib/deterministic-build/requirements.txt
index 4b0e86eb4..828219c39 100644
--- a/contrib/deterministic-build/requirements.txt
+++ b/contrib/deterministic-build/requirements.txt
@@ -16,8 +16,8 @@ certifi==2025.4.26 \
     --hash=sha256:0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6
 dnspython==2.4.2 \
     --hash=sha256:8dcfae8c7460a2f84b4072e26f1c9f4101ca20c071649cb7c34e8b6a93d58984
-electrum-aionostr==0.0.10 \
-    --hash=sha256:494dd0c260f2957cd6f011a1224e2d0fd021bd94c1e44badfe01d3a3d42fb3af
+electrum-aionostr==0.0.11 \
+    --hash=sha256:0eeb1d01e55d4bab2c116268965a0b2c11490659e969fd864c453104558bcf81
 electrum-ecc==0.0.5 \
     --hash=sha256:f733b8596a0f7b25c8371d08af61ef79c7b871d5b40f05a5b95d2d05eb2fb7d2
 frozenlist==1.6.0 \
diff --git a/contrib/requirements/requirements.txt b/contrib/requirements/requirements.txt
index c10b9e849..4aa09e840 100644
--- a/contrib/requirements/requirements.txt
+++ b/contrib/requirements/requirements.txt
@@ -7,7 +7,7 @@ aiohttp_socks>=0.9.2
 certifi
 jsonpatch
 electrum_ecc>=0.0.4,<0.1
-electrum_aionostr>=0.0.8,<0.1
+electrum_aionostr>=0.0.11,<0.1
 
 # - upper limit to avoid needing hatchling at build-time :/
 #   (however newer versions should work at runtime)
diff --git a/electrum/plugins/nwc/nwcserver.py b/electrum/plugins/nwc/nwcserver.py
index 40be2de85..13257e36c 100644
--- a/electrum/plugins/nwc/nwcserver.py
+++ b/electrum/plugins/nwc/nwcserver.py
@@ -270,7 +270,7 @@ class NWCServer(Logger, EventListener):
         query = {
             "authors": list(self.connections.keys()),  # the pubkeys of the client connections
             "kinds": [self.REQUEST_EVENT_KIND],
-            "limit": 0,
+            "limit": 0,  # requests only new events after creating this subscription
             "since": int(time.time())
         }
         async for event in self.manager.get_events(query, single_event=False, only_stored=False):
@@ -291,8 +291,16 @@ class NWCServer(Logger, EventListener):
                 await self.send_error(event, "NOT_IMPLEMENTED")
                 continue
 
-            if event.created_at < int(time.time()) - 15:
+            # if the request has an explicitly set expiration tag, ignore it if it is expired
+            # otherwise ignore requests older than 30 sec to not handle requests the user may
+            # already expect to have timed out
+            if event.expires_at() is not None:
+                if event.is_expired():
+                    self.logger.debug(f"expired nwc request event: {event.content}")
+                    continue
+            elif event.created_at < int(time.time()) - 30:
                 self.logger.debug(f"old nwc request event: {event.content}")
+                await self.send_error(event, "OTHER", f"not handling too old request")
                 continue
 
             # decrypt the requests content