TODO.md at 204df9d887ca33c2f56c82c50fd69a1bfe599d70 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / TODO.md
at 204df9d887ca33c2f56c82c50fd69a1bfe599d70 10 kB view raw view rendered
  1# PDS Implementation TODOs
  2
  3Lewis' corrected big boy todofile
  4
  5## Server Infrastructure & Proxying
  6- [x] Health Check
  7    - [x] Implement `GET /health` endpoint (returns "OK").
  8    - [x] Implement `GET /xrpc/_health` endpoint (returns "OK").
  9- [x] Server Description
 10    - [x] Implement `com.atproto.server.describeServer` (returns available user domains).
 11- [x] XRPC Proxying
 12    - [x] Implement strict forwarding for all `app.bsky.*` and `chat.bsky.*` requests to an appview.
 13    - [x] Forward auth headers correctly.
 14    - [x] Handle appview errors/timeouts gracefully.
 15
 16## Authentication & Account Management (`com.atproto.server`)
 17- [x] Account Creation
 18    - [x] Implement `com.atproto.server.createAccount`.
 19    - [x] Validate handle format (reject invalid characters).
 20    - [x] Create DID for new user (PLC directory).
 21    - [x] Initialize user repository (Root commit).
 22    - [x] Return access JWT and DID.
 23    - [x] Create DID for new user (did:web).
 24- [x] Session Management
 25    - [x] Implement `com.atproto.server.createSession` (Login).
 26    - [x] Implement `com.atproto.server.getSession`.
 27    - [x] Implement `com.atproto.server.refreshSession`.
 28    - [x] Implement `com.atproto.server.deleteSession` (Logout).
 29    - [x] Implement `com.atproto.server.activateAccount`.
 30    - [x] Implement `com.atproto.server.checkAccountStatus`.
 31    - [x] Implement `com.atproto.server.createAppPassword`.
 32    - [x] Implement `com.atproto.server.createInviteCode`.
 33    - [x] Implement `com.atproto.server.createInviteCodes`.
 34    - [x] Implement `com.atproto.server.deactivateAccount`.
 35    - [x] Implement `com.atproto.server.deleteAccount` (user-initiated, requires password + email token).
 36    - [x] Implement `com.atproto.server.getAccountInviteCodes`.
 37    - [x] Implement `com.atproto.server.getServiceAuth` (Cross-service auth).
 38    - [x] Implement `com.atproto.server.listAppPasswords`.
 39    - [x] Implement `com.atproto.server.requestAccountDelete`.
 40    - [x] Implement `com.atproto.server.requestEmailConfirmation` / `requestEmailUpdate`.
 41    - [x] Implement `com.atproto.server.requestPasswordReset` / `resetPassword`.
 42    - [x] Implement `com.atproto.server.reserveSigningKey`.
 43    - [x] Implement `com.atproto.server.revokeAppPassword`.
 44    - [x] Implement `com.atproto.server.updateEmail`.
 45    - [x] Implement `com.atproto.server.confirmEmail`.
 46
 47## Repository Operations (`com.atproto.repo`)
 48- [x] Record CRUD
 49    - [x] Implement `com.atproto.repo.createRecord`.
 50        - [x] Generate `rkey` (TID) if not provided.
 51        - [x] Handle MST (Merkle Search Tree) insertion.
 52        - [x] **Trigger Firehose Event**.
 53    - [x] Implement `com.atproto.repo.putRecord`.
 54    - [x] Implement `com.atproto.repo.getRecord`.
 55    - [x] Implement `com.atproto.repo.deleteRecord`.
 56    - [x] Implement `com.atproto.repo.listRecords`.
 57    - [x] Implement `com.atproto.repo.describeRepo`.
 58    - [x] Implement `com.atproto.repo.applyWrites` (Batch writes).
 59    - [ ] Implement `com.atproto.repo.importRepo` (Migration).
 60    - [x] Implement `com.atproto.repo.listMissingBlobs`.
 61- [x] Blob Management
 62    - [x] Implement `com.atproto.repo.uploadBlob`.
 63        - [x] Store blob (S3).
 64        - [x] return `blob` ref (CID + MimeType).
 65
 66## Sync & Federation (`com.atproto.sync`)
 67- [x] The Firehose (WebSocket)
 68    - [x] Implement `com.atproto.sync.subscribeRepos`.
 69        - [x] Broadcast real-time commit events.
 70        - [x] Handle cursor replay (backfill).
 71- [x] Bulk Export
 72    - [x] Implement `com.atproto.sync.getRepo` (Return full CAR file of repo).
 73    - [x] Implement `com.atproto.sync.getBlocks` (Return specific blocks via CIDs).
 74    - [x] Implement `com.atproto.sync.getLatestCommit`.
 75    - [x] Implement `com.atproto.sync.getRecord` (Sync version, distinct from repo.getRecord).
 76    - [x] Implement `com.atproto.sync.getRepoStatus`.
 77    - [x] Implement `com.atproto.sync.listRepos`.
 78    - [x] Implement `com.atproto.sync.notifyOfUpdate`.
 79- [x] Blob Sync
 80    - [x] Implement `com.atproto.sync.getBlob`.
 81    - [x] Implement `com.atproto.sync.listBlobs`.
 82- [x] Crawler Interaction
 83    - [x] Implement `com.atproto.sync.requestCrawl` (Notify relays to index us).
 84
 85## Identity (`com.atproto.identity`)
 86- [ ] Resolution
 87    - [x] Implement `com.atproto.identity.resolveHandle` (Can be internal or proxy to PLC).
 88    - [x] Implement `com.atproto.identity.updateHandle`.
 89    - [ ] Implement `com.atproto.identity.submitPlcOperation` / `signPlcOperation` / `requestPlcOperationSignature`.
 90    - [x] Implement `com.atproto.identity.getRecommendedDidCredentials`.
 91    - [x] Implement `/.well-known/did.json` (Depends on supporting did:web).
 92
 93## Admin Management (`com.atproto.admin`)
 94- [x] Implement `com.atproto.admin.deleteAccount`.
 95- [x] Implement `com.atproto.admin.disableAccountInvites`.
 96- [x] Implement `com.atproto.admin.disableInviteCodes`.
 97- [x] Implement `com.atproto.admin.enableAccountInvites`.
 98- [x] Implement `com.atproto.admin.getAccountInfo` / `getAccountInfos`.
 99- [x] Implement `com.atproto.admin.getInviteCodes`.
100- [x] Implement `com.atproto.admin.getSubjectStatus`.
101- [x] Implement `com.atproto.admin.sendEmail`.
102- [x] Implement `com.atproto.admin.updateAccountEmail`.
103- [x] Implement `com.atproto.admin.updateAccountHandle`.
104- [x] Implement `com.atproto.admin.updateAccountPassword`.
105- [x] Implement `com.atproto.admin.updateSubjectStatus`.
106
107## Moderation (`com.atproto.moderation`)
108- [x] Implement `com.atproto.moderation.createReport`.
109
110## Temp Namespace (`com.atproto.temp`)
111- [ ] Implement `com.atproto.temp.checkSignupQueue` (signup queue status for gated signups).
112
113## OAuth 2.0 Support
114The reference PDS implements full OAuth 2.0 provider functionality for native app authentication.
115- [ ] OAuth Provider Core
116    - [ ] Implement `/.well-known/oauth-protected-resource` metadata endpoint.
117    - [ ] Implement `/.well-known/oauth-authorization-server` metadata endpoint.
118    - [ ] Implement `/oauth/authorize` authorization endpoint.
119    - [ ] Implement `/oauth/par` Pushed Authorization Request endpoint.
120    - [ ] Implement `/oauth/token` token endpoint.
121    - [ ] Implement `/oauth/jwks` JSON Web Key Set endpoint.
122- [ ] OAuth Database Tables
123    - [ ] Device table for tracking authorized devices.
124    - [ ] Authorization request table.
125    - [ ] Authorized client table.
126    - [ ] Token table for OAuth tokens.
127    - [ ] Used refresh token table.
128- [ ] DPoP (Demonstrating Proof-of-Possession) support.
129- [ ] Client metadata fetching and validation.
130
131## PDS-Level App Endpoints
132These endpoints need to be implemented at the PDS level (not just proxied to appview).
133
134### Actor (`app.bsky.actor`)
135- [ ] Implement `app.bsky.actor.getPreferences` (user preferences storage).
136- [ ] Implement `app.bsky.actor.putPreferences` (update user preferences).
137- [ ] Implement `app.bsky.actor.getProfile` (PDS-level with proxy fallback).
138- [ ] Implement `app.bsky.actor.getProfiles` (PDS-level with proxy fallback).
139
140### Feed (`app.bsky.feed`)
141These are implemented at PDS level to enable local-first reads:
142- [ ] Implement `app.bsky.feed.getTimeline` (PDS-level with proxy).
143- [ ] Implement `app.bsky.feed.getAuthorFeed` (PDS-level with proxy).
144- [ ] Implement `app.bsky.feed.getActorLikes` (PDS-level with proxy).
145- [ ] Implement `app.bsky.feed.getPostThread` (PDS-level with proxy).
146- [ ] Implement `app.bsky.feed.getFeed` (PDS-level with proxy).
147
148### Notification (`app.bsky.notification`)
149- [ ] Implement `app.bsky.notification.registerPush` (push notification registration).
150
151## Deprecated Sync Endpoints (for compatibility)
152- [ ] Implement `com.atproto.sync.getCheckout` (deprecated, still needed for compatibility).
153- [ ] Implement `com.atproto.sync.getHead` (deprecated, still needed for compatibility).
154
155## Misc HTTP Endpoints
156- [ ] Implement `/robots.txt` endpoint.
157
158## Record Schema Validation
159- [ ] Handle this generically.
160
161## Preference Storage
162User preferences (for app.bsky.actor.getPreferences/putPreferences):
163- [ ] Create preferences table for storing user app preferences.
164- [ ] Implement `app.bsky.actor.getPreferences` handler (read from postgres, proxy fallback).
165- [ ] Implement `app.bsky.actor.putPreferences` handler (write to postgres).
166
167## Infrastructure & Core Components
168- [x] Sequencer (Event Log)
169    - [x] Implement a `Sequencer` (backed by `repo_seq` table).
170    - [x] Implement event formatting (`commit`, `handle`, `identity`, `account`).
171    - [x] Implement database polling / event emission mechanism.
172    - [x] Implement cursor-based event replay (`requestSeqRange`).
173- [x] Repo Storage & Consistency (in postgres)
174    - [x] Implement `RepoStorage` for postgres (replaces per-user SQLite).
175        - [x] Read/Write IPLD blocks to `blocks` table (global deduplication).
176        - [x] Manage Repo Root in `repos` table.
177    - [x] Implement Atomic Repo Transactions.
178        - [x] Ensure `blocks` write, `repo_root` update, `records` index update, and `sequencer` event are committed in a single transaction.
179    - [ ] Implement concurrency control (row-level locking on `repos` table) to prevent concurrent writes to the same repo.
180- [ ] DID Cache
181    - [ ] Implement caching layer for DID resolution (Redis or in-memory).
182    - [ ] Handle cache invalidation/expiry.
183- [ ] Background Jobs
184    - [ ] Implement `Crawlers` service (debounce notifications to relays).
185- [x] Notification Service
186    - [x] Queue-based notification system with database table
187    - [x] Background worker polling for pending notifications
188    - [x] Extensible sender trait for multiple channels
189    - [x] Email sender via OS sendmail/msmtp
190    - [ ] Discord bot sender
191    - [ ] Telegram bot sender
192    - [ ] Signal bot sender
193    - [x] Helper functions for common notification types (welcome, password reset, email verification, etc.)
194- [ ] Image Processing
195    - [ ] Implement image resize/formatting pipeline (for blob uploads).
196- [x] IPLD & MST
197    - [x] Implement Merkle Search Tree logic for repo signing.
198    - [x] Implement CAR (Content Addressable Archive) encoding/decoding.
199- [ ] Validation
200    - [ ] DID PLC Operations (Sign rotation keys).
201- [ ] Fix any remaining TODOs in the code, everywhere, full stop.
202