+4

.gitignore

reviewed

··· 1 1 + .env/ 2 2 + .zig-cache/ 3 3 + zig-out/ 4 4 + *.db

+26

Dockerfile

reviewed

··· 1 1 + FROM --platform=linux/amd64 debian:bookworm-slim AS builder 2 2 + 3 3 + RUN apt-get update && apt-get install -y --no-install-recommends \ 4 4 + ca-certificates curl xz-utils libsqlite3-dev \ 5 5 + && rm -rf /var/lib/apt/lists/* 6 6 + 7 7 + RUN curl -fSL https://ziglang.org/download/0.15.2/zig-x86_64-linux-0.15.2.tar.xz \ 8 8 + | tar xJ -C /opt 9 9 + ENV PATH=/opt/zig-x86_64-linux-0.15.2:$PATH 10 10 + 11 11 + WORKDIR /build 12 12 + COPY build.zig build.zig.zon ./ 13 13 + RUN zig build --fetch-only 2>/dev/null || true 14 14 + 15 15 + COPY src/ src/ 16 16 + RUN zig build -Doptimize=ReleaseSafe 17 17 + 18 18 + FROM --platform=linux/amd64 debian:bookworm-slim 19 19 + RUN apt-get update && apt-get install -y --no-install-recommends \ 20 20 + ca-certificates libsqlite3-0 \ 21 21 + && rm -rf /var/lib/apt/lists/* 22 22 + 23 23 + COPY --from=builder /build/zig-out/bin/labelz /usr/local/bin/labelz 24 24 + 25 25 + EXPOSE 4100 26 26 + ENTRYPOINT ["/usr/local/bin/labelz"]

+94

README.md

reviewed

··· 1 1 + # labelz 2 2 + 3 3 + a live AT Protocol labeler, built on [zat](https://tangled.org/zat.dev/zat). 4 4 + 5 5 + this exists to pressure-test zat as an SDK — jetstream consumption, CBOR encoding, 6 6 + secp256k1 signing, and XRPC serving all running against real network traffic. 7 7 + 8 8 + ## what it does 9 9 + 10 10 + connects to the bluesky jetstream firehose, watches for posts matching keyword rules, 11 11 + signs labels with secp256k1, stores them in SQLite, and serves them over the standard 12 12 + AT Protocol labeler endpoints: 13 13 + 14 14 + - `com.atproto.label.subscribeLabels` — WebSocket event stream 15 15 + - `com.atproto.label.queryLabels` — HTTP query 16 16 + 17 17 + the labeler is registered as a proper AT Protocol identity with a DID, PDS account, 18 18 + and labeler declaration record. 19 19 + 20 20 + **live instance:** [labelz.fly.dev](https://labelz.fly.dev/health) · [DID document](https://plc.directory/did:plc:ugigqebt4sm3n4xpmqvslcyo) · [PDS](https://labelz-pds.nate-8fe.workers.dev/status) 21 21 + 22 22 + ## running 23 23 + 24 24 + ``` 25 25 + LABELZ_DID=did:plc:... LABELZ_SECRET_KEY=<64-hex-chars> zig build run 26 26 + ``` 27 27 + 28 28 + <details> 29 29 + <summary>environment variables</summary> 30 30 + 31 31 + | variable | required | description | 32 32 + |----------|----------|-------------| 33 33 + | `LABELZ_DID` | yes | labeler DID (src field on emitted labels) | 34 34 + | `LABELZ_SECRET_KEY` | yes | secp256k1 secret key, 64 hex chars (32 bytes) | 35 35 + | `LABELZ_PORT` | no | server port (default: 4100) | 36 36 + | `LABELZ_DB` | no | SQLite database path (default: `/data/labelz.db`) | 37 37 + 38 38 + </details> 39 39 + 40 40 + <details> 41 41 + <summary>architecture</summary> 42 42 + 43 43 + ``` 44 44 + jetstream ──→ keyword match ──→ sign (secp256k1) ──→ store (SQLite) 45 45 + │ 46 46 + ┌──────────┴──────────┐ 47 47 + │ │ 48 48 + subscribeLabels (WS) queryLabels (HTTP) 49 49 + ``` 50 50 + 51 51 + source files: 52 52 + 53 53 + - `main.zig` — config, jetstream consumer, keyword matching 54 54 + - `label.zig` — label type, CBOR encoding, signing 55 55 + - `store.zig` — SQLite storage 56 56 + - `server.zig` — XRPC server (WebSocket + HTTP) 57 57 + - `identity.zig` — PLC identity operations (unused at runtime, used for setup) 58 58 + 59 59 + </details> 60 60 + 61 61 + <details> 62 62 + <summary>identity setup</summary> 63 63 + 64 64 + the labeler needs a full AT Protocol identity: a DID registered at plc.directory, 65 65 + a PDS hosting the account, and a labeler declaration record. this was done once 66 66 + using [pds.js](https://tangled.org/chadtmiller.com/pds.js) on cloudflare workers 67 67 + and [goat](https://github.com/bluesky-social/indigo/tree/main/cmd/goat) for PLC operations. 68 68 + 69 69 + the DID document includes both a repo signing key (P-256, used by the PDS) and a 70 70 + label signing key (secp256k1, used by labelz), plus service endpoints for both 71 71 + the PDS and the labeler. 72 72 + 73 73 + see the `justfile` for the operational recipes (`keygen`, `update-did`, `declare`). 74 74 + 75 75 + </details> 76 76 + 77 77 + <details> 78 78 + <summary>deployment</summary> 79 79 + 80 80 + runs on fly.io with a persistent SQLite volume. the Dockerfile does a multi-stage 81 81 + build: debian bookworm with zig 0.15.2 for compilation, slim runtime image with 82 82 + just libsqlite3. 83 83 + 84 84 + ``` 85 85 + fly deploy 86 86 + ``` 87 87 + 88 88 + </details> 89 89 + 90 90 + ## dependencies 91 91 + 92 92 + - [zat](https://tangled.org/zat.dev/zat) — AT Protocol primitives (jetstream, CBOR, crypto, XRPC) 93 93 + - [websocket.zig](https://github.com/zzstoatzz/websocket.zig) — WebSocket client/server 94 94 + - system libsqlite3

+63

build.zig

reviewed

··· 1 1 + const std = @import("std"); 2 2 + 3 3 + pub fn build(b: *std.Build) void { 4 4 + const target = b.standardTargetOptions(.{}); 5 5 + const optimize = b.standardOptimizeOption(.{}); 6 6 + 7 7 + const zat = b.dependency("zat", .{ 8 8 + .target = target, 9 9 + .optimize = optimize, 10 10 + }); 11 11 + const websocket = b.dependency("websocket", .{ 12 12 + .target = target, 13 13 + .optimize = optimize, 14 14 + }); 15 15 + 16 16 + const imports: []const std.Build.Module.Import = &.{ 17 17 + .{ .name = "zat", .module = zat.module("zat") }, 18 18 + .{ .name = "websocket", .module = websocket.module("websocket") }, 19 19 + }; 20 20 + 21 21 + // labelz executable 22 22 + const exe_mod = b.createModule(.{ 23 23 + .root_source_file = b.path("src/main.zig"), 24 24 + .target = target, 25 25 + .optimize = optimize, 26 26 + .imports = imports, 27 27 + }); 28 28 + const exe = b.addExecutable(.{ 29 29 + .name = "labelz", 30 30 + .root_module = exe_mod, 31 31 + }); 32 32 + exe.linkLibC(); 33 33 + exe.linkSystemLibrary("sqlite3"); 34 34 + b.installArtifact(exe); 35 35 + 36 36 + const run_exe = b.addRunArtifact(exe); 37 37 + if (b.args) |args| run_exe.addArgs(args); 38 38 + const run_step = b.step("run", "run the labeler"); 39 39 + run_step.dependOn(&run_exe.step); 40 40 + 41 41 + // tests 42 42 + const test_step = b.step("test", "run unit tests"); 43 43 + const test_files = .{ 44 44 + "src/label.zig", 45 45 + "src/store.zig", 46 46 + "src/server.zig", 47 47 + "src/identity.zig", 48 48 + }; 49 49 + inline for (test_files) |file| { 50 50 + const test_mod = b.createModule(.{ 51 51 + .root_source_file = b.path(file), 52 52 + .target = target, 53 53 + .optimize = optimize, 54 54 + .imports = imports, 55 55 + }); 56 56 + const t = b.addTest(.{ 57 57 + .root_module = test_mod, 58 58 + }); 59 59 + t.linkLibC(); 60 60 + t.linkSystemLibrary("sqlite3"); 61 61 + test_step.dependOn(&b.addRunArtifact(t).step); 62 62 + } 63 63 + }

+21

build.zig.zon

reviewed

··· 1 1 + .{ 2 2 + .name = .labelz, 3 3 + .version = "0.0.1", 4 4 + .fingerprint = 0xcc0dbab526d8712d, 5 5 + .minimum_zig_version = "0.15.0", 6 6 + .dependencies = .{ 7 7 + .zat = .{ 8 8 + .url = "https://tangled.org/zat.dev/zat/archive/v0.2.16.tar.gz", 9 9 + .hash = "zat-0.2.16-5PuC7tjwBADbnwV5y8ztKUHhGHMJHh2HouvoYImnZ7y5", 10 10 + }, 11 11 + .websocket = .{ 12 12 + .url = "https://github.com/zzstoatzz/websocket.zig/archive/395d0f4.tar.gz", 13 13 + .hash = "websocket-0.1.0-ZPISdVJ8AwD7U03ARGgHclzlYSd9GeU91_WDXjRyjYdh", 14 14 + }, 15 15 + }, 16 16 + .paths = .{ 17 17 + "build.zig", 18 18 + "build.zig.zon", 19 19 + "src", 20 20 + }, 21 21 + }

+21

fly.toml

reviewed

··· 1 1 + app = 'labelz' 2 2 + primary_region = 'ord' 3 3 + 4 4 + [build] 5 5 + 6 6 + [http_service] 7 7 + internal_port = 4100 8 8 + force_https = true 9 9 + auto_stop_machines = 'stop' 10 10 + auto_start_machines = true 11 11 + min_machines_running = 1 12 12 + processes = ['app'] 13 13 + 14 14 + [mounts] 15 15 + source = "labelz_data" 16 16 + destination = "/data" 17 17 + 18 18 + [[vm]] 19 19 + memory = '256mb' 20 20 + cpu_kind = 'shared' 21 21 + cpus = 1

+90

justfile

reviewed

··· 1 1 + # labelz — AT Protocol labeler 2 2 + 3 3 + # --- development --- 4 4 + 5 5 + build: 6 6 + zig build 7 7 + 8 8 + test: 9 9 + zig build test 10 10 + 11 11 + fmt: 12 12 + zig fmt . 13 13 + 14 14 + check: 15 15 + zig fmt --check . 16 16 + zig build test 17 17 + 18 18 + # run locally (requires LABELZ_DID and LABELZ_SECRET_KEY env vars) 19 19 + run *args: 20 20 + LABELZ_DB=labelz.db zig build run -- {{args}} 21 21 + 22 22 + # --- identity setup (one-time, requires goat CLI) --- 23 23 + 24 24 + # step 1: deploy pds.js to cloudflare workers 25 25 + # cd /tmp && git clone https://tangled.org/chadtmiller.com/pds.js && cd pds.js 26 26 + # pnpm install 27 27 + # wrangler secret put PDS_PASSWORD 28 28 + # wrangler secret put JWT_SECRET 29 29 + # wrangler deploy 30 30 + # node scripts/setup.js --pds https://<your-pds>.workers.dev --handle labelz 31 31 + 32 32 + # step 2: generate label signing key 33 33 + keygen: 34 34 + goat key generate -t secp256k1 35 35 + 36 36 + # step 3: add labeler entries to DID doc 37 37 + # (after pds.js setup creates the base DID, update it with labeler fields) 38 38 + # usage: just update-did <did> <label-pubkey> <labeler-url> 39 39 + update-did did label_pubkey labeler_url: 40 40 + #!/usr/bin/env bash 41 41 + set -euo pipefail 42 42 + echo "fetching current PLC data for {{did}}..." 43 43 + goat plc data {{did}} > /tmp/labelz-plc-current.json 44 44 + echo "current DID doc:" 45 45 + cat /tmp/labelz-plc-current.json | python3 -m json.tool 46 46 + echo "" 47 47 + echo "to update, edit the operation JSON to add:" 48 48 + echo ' verificationMethods.atproto_label = "{{label_pubkey}}"' 49 49 + echo ' services.atproto_labeler = {"type":"AtprotoLabeler","endpoint":"{{labeler_url}}"}' 50 50 + echo "" 51 51 + echo "then: goat plc sign --plc-signing-key <rotation-key> updated.json | goat plc submit --genesis -" 52 52 + 53 53 + # step 4: write labeler declaration record 54 54 + # usage: just declare <did> <pds-url> 55 55 + declare did pds_url: 56 56 + #!/usr/bin/env bash 57 57 + set -euo pipefail 58 58 + echo "writing app.bsky.labeler.service/self to {{did}} on {{pds_url}}" 59 59 + goat xrpc procedure {{pds_url}} com.atproto.repo.putRecord \ 60 60 + repo="{{did}}" \ 61 61 + collection="app.bsky.labeler.service" \ 62 62 + rkey="self" \ 63 63 + 'record:={"$type":"app.bsky.labeler.service","policies":{"labelValues":["spam","!warn"],"labelValueDefinitions":[]},"createdAt":"'"$(date -u +%Y-%m-%dT%H:%M:%S.000Z)"'"}' 64 64 + 65 65 + # --- deployment (fly.io) --- 66 66 + 67 67 + deploy: 68 68 + fly deploy 69 69 + 70 70 + logs: 71 71 + fly logs 72 72 + 73 73 + status: 74 74 + fly status 75 75 + 76 76 + secrets-set did secret_key: 77 77 + fly secrets set LABELZ_DID={{did}} LABELZ_SECRET_KEY={{secret_key}} 78 78 + 79 79 + # --- inspection --- 80 80 + 81 81 + # check a DID's current PLC document 82 82 + resolve did: 83 83 + goat resolve {{did}} 84 84 + 85 85 + # query labels from the running labeler 86 86 + query-labels url uri: 87 87 + curl -s "{{url}}/xrpc/com.atproto.label.queryLabels?uriPatterns={{uri}}" | python3 -m json.tool 88 88 + 89 89 + health url: 90 90 + curl -s "{{url}}/health" | python3 -m json.tool

+437

src/identity.zig

reviewed

··· 1 1 + //! PLC identity operations for labeler setup 2 2 + //! 3 3 + //! creates did:plc genesis operations, signs them, derives the DID, 4 4 + //! and submits to plc.directory. extends zat's primitives without 5 5 + //! modifying the zat library itself. 6 6 + 7 7 + const std = @import("std"); 8 8 + const zat = @import("zat"); 9 9 + const cbor = zat.cbor; 10 10 + const Keypair = zat.Keypair; 11 11 + 12 12 + const Sha256 = std.crypto.hash.sha2.Sha256; 13 13 + const Allocator = std.mem.Allocator; 14 14 + const log = std.log.scoped(.identity); 15 15 + 16 16 + pub const GenesisParams = struct { 17 17 + /// handle for alsoKnownAs (without at:// prefix) 18 18 + handle: []const u8, 19 19 + /// PDS endpoint URL 20 20 + pds_endpoint: []const u8, 21 21 + /// labeler endpoint URL 22 22 + labeler_endpoint: []const u8, 23 23 + /// rotation key (controls the DID — keep offline after genesis) 24 24 + rotation_keypair: *const Keypair, 25 25 + /// repo signing key (used by PDS) 26 26 + signing_keypair: *const Keypair, 27 27 + /// label signing key (used to sign labels) 28 28 + label_keypair: *const Keypair, 29 29 + }; 30 30 + 31 31 + /// result of creating a PLC genesis operation 32 32 + pub const GenesisResult = struct { 33 33 + /// the derived did:plc:... string 34 34 + did: []const u8, 35 35 + /// the signed operation as JSON, ready to POST to plc.directory 36 36 + json: []const u8, 37 37 + allocator: Allocator, 38 38 + 39 39 + pub fn deinit(self: *const GenesisResult) void { 40 40 + self.allocator.free(self.did); 41 41 + self.allocator.free(self.json); 42 42 + } 43 43 + }; 44 44 + 45 45 + /// create a signed PLC genesis operation and derive the DID. 46 46 + /// 47 47 + /// the genesis operation establishes a new did:plc identity with: 48 48 + /// - rotation key for DID control 49 49 + /// - #atproto verification method (repo signing) 50 50 + /// - #atproto_label verification method (label signing) 51 51 + /// - #atproto_pds service endpoint 52 52 + /// - #atproto_labeler service endpoint 53 53 + pub fn createGenesis(allocator: Allocator, params: *const GenesisParams) !GenesisResult { 54 54 + // get did:key strings for all three keys 55 55 + const rotation_did_key = try params.rotation_keypair.did(allocator); 56 56 + defer allocator.free(rotation_did_key); 57 57 + const signing_did_key = try params.signing_keypair.did(allocator); 58 58 + defer allocator.free(signing_did_key); 59 59 + const label_did_key = try params.label_keypair.did(allocator); 60 60 + defer allocator.free(label_did_key); 61 61 + 62 62 + // build handle URI: "at://handle" 63 63 + const handle_uri = try std.fmt.allocPrint(allocator, "at://{s}", .{params.handle}); 64 64 + defer allocator.free(handle_uri); 65 65 + 66 66 + // build unsigned operation as DAG-CBOR 67 67 + // top-level keys sorted by length then lex: 68 68 + // prev(4) < type(4) < services(8) < alsoKnownAs(11) < rotationKeys(12) < verificationMethods(19) 69 69 + 70 70 + // nested: services map 71 71 + // atproto_pds(11) < atproto_labeler(15) 72 72 + // each: type(4) < endpoint(8) 73 73 + 74 74 + // nested: verificationMethods map 75 75 + // atproto(7) < atproto_label(13) 76 76 + 77 77 + const unsigned_cbor = try encodeUnsignedOp(allocator, .{ 78 78 + .rotation_did_key = rotation_did_key, 79 79 + .signing_did_key = signing_did_key, 80 80 + .label_did_key = label_did_key, 81 81 + .handle_uri = handle_uri, 82 82 + .pds_endpoint = params.pds_endpoint, 83 83 + .labeler_endpoint = params.labeler_endpoint, 84 84 + }); 85 85 + defer allocator.free(unsigned_cbor); 86 86 + 87 87 + // sign: the ECDSA scheme handles SHA-256 internally 88 88 + const sig = try params.rotation_keypair.sign(unsigned_cbor); 89 89 + 90 90 + // encode signature as base64url (no padding) 91 91 + const sig_b64 = encodeBase64Url(&sig.bytes); 92 92 + 93 93 + // build signed operation CBOR (with sig field) for DID derivation 94 94 + const signed_cbor = try encodeSignedOp(allocator, .{ 95 95 + .rotation_did_key = rotation_did_key, 96 96 + .signing_did_key = signing_did_key, 97 97 + .label_did_key = label_did_key, 98 98 + .handle_uri = handle_uri, 99 99 + .pds_endpoint = params.pds_endpoint, 100 100 + .labeler_endpoint = params.labeler_endpoint, 101 101 + .sig_b64 = sig_b64.constSlice(), 102 102 + }); 103 103 + defer allocator.free(signed_cbor); 104 104 + 105 105 + // derive DID: SHA-256(signed_cbor) → base32lower → truncate to 24 chars 106 106 + var hash: [Sha256.digest_length]u8 = undefined; 107 107 + Sha256.hash(signed_cbor, &hash, .{}); 108 108 + 109 109 + const b32 = try zat.multibase.base32lower.encode(allocator, &hash); 110 110 + defer allocator.free(b32); 111 111 + 112 112 + // b32 has 'b' multibase prefix — skip it, take first 24 chars 113 113 + if (b32.len < 25) return error.Base32TooShort; 114 114 + const did = try std.fmt.allocPrint(allocator, "did:plc:{s}", .{b32[1..25]}); 115 115 + errdefer allocator.free(did); 116 116 + 117 117 + // build JSON for submission to plc.directory 118 118 + const json = try buildGenesisJson(allocator, .{ 119 119 + .rotation_did_key = rotation_did_key, 120 120 + .signing_did_key = signing_did_key, 121 121 + .label_did_key = label_did_key, 122 122 + .handle_uri = handle_uri, 123 123 + .pds_endpoint = params.pds_endpoint, 124 124 + .labeler_endpoint = params.labeler_endpoint, 125 125 + .sig_b64 = sig_b64.constSlice(), 126 126 + }); 127 127 + errdefer allocator.free(json); 128 128 + 129 129 + return .{ 130 130 + .did = did, 131 131 + .json = json, 132 132 + .allocator = allocator, 133 133 + }; 134 134 + } 135 135 + 136 136 + // internal params passed between encoding functions 137 137 + const OpFields = struct { 138 138 + rotation_did_key: []const u8, 139 139 + signing_did_key: []const u8, 140 140 + label_did_key: []const u8, 141 141 + handle_uri: []const u8, 142 142 + pds_endpoint: []const u8, 143 143 + labeler_endpoint: []const u8, 144 144 + sig_b64: []const u8 = "", 145 145 + }; 146 146 + 147 147 + fn encodeUnsignedOp(allocator: Allocator, f: OpFields) ![]u8 { 148 148 + var arena = std.heap.ArenaAllocator.init(allocator); 149 149 + defer arena.deinit(); 150 150 + const alloc = arena.allocator(); 151 151 + 152 152 + const value = try buildOpValue(alloc, f, false); 153 153 + return cbor.encodeAlloc(allocator, value); 154 154 + } 155 155 + 156 156 + fn encodeSignedOp(allocator: Allocator, f: OpFields) ![]u8 { 157 157 + var arena = std.heap.ArenaAllocator.init(allocator); 158 158 + defer arena.deinit(); 159 159 + const alloc = arena.allocator(); 160 160 + 161 161 + const value = try buildOpValue(alloc, f, true); 162 162 + return cbor.encodeAlloc(allocator, value); 163 163 + } 164 164 + 165 165 + fn buildOpValue(alloc: Allocator, f: OpFields, include_sig: bool) !cbor.Value { 166 166 + // service entries: type(4) < endpoint(8) 167 167 + const pds_service = try allocMapEntries(alloc, &.{ 168 168 + .{ .key = "type", .value = .{ .text = "AtprotoPersonalDataServer" } }, 169 169 + .{ .key = "endpoint", .value = .{ .text = f.pds_endpoint } }, 170 170 + }); 171 171 + 172 172 + const labeler_service = try allocMapEntries(alloc, &.{ 173 173 + .{ .key = "type", .value = .{ .text = "AtprotoLabeler" } }, 174 174 + .{ .key = "endpoint", .value = .{ .text = f.labeler_endpoint } }, 175 175 + }); 176 176 + 177 177 + // services map: atproto_pds(11) < atproto_labeler(15) 178 178 + const services = try allocMapEntries(alloc, &.{ 179 179 + .{ .key = "atproto_pds", .value = .{ .map = pds_service } }, 180 180 + .{ .key = "atproto_labeler", .value = .{ .map = labeler_service } }, 181 181 + }); 182 182 + 183 183 + // verificationMethods: atproto(7) < atproto_label(13) 184 184 + const ver_methods = try allocMapEntries(alloc, &.{ 185 185 + .{ .key = "atproto", .value = .{ .text = f.signing_did_key } }, 186 186 + .{ .key = "atproto_label", .value = .{ .text = f.label_did_key } }, 187 187 + }); 188 188 + 189 189 + // alsoKnownAs array 190 190 + const aka_items = try alloc.alloc(cbor.Value, 1); 191 191 + aka_items[0] = .{ .text = f.handle_uri }; 192 192 + 193 193 + // rotationKeys array 194 194 + const rot_items = try alloc.alloc(cbor.Value, 1); 195 195 + rot_items[0] = .{ .text = f.rotation_did_key }; 196 196 + 197 197 + // top-level: sorted by key length then lex 198 198 + // sig(3) < prev(4) < type(4) < services(8) < alsoKnownAs(11) < rotationKeys(12) < verificationMethods(19) 199 199 + var entries_buf: [7]cbor.Value.MapEntry = undefined; 200 200 + var i: usize = 0; 201 201 + 202 202 + if (include_sig) { 203 203 + entries_buf[i] = .{ .key = "sig", .value = .{ .text = f.sig_b64 } }; 204 204 + i += 1; 205 205 + } 206 206 + entries_buf[i] = .{ .key = "prev", .value = .null }; 207 207 + i += 1; 208 208 + entries_buf[i] = .{ .key = "type", .value = .{ .text = "plc_operation" } }; 209 209 + i += 1; 210 210 + entries_buf[i] = .{ .key = "services", .value = .{ .map = services } }; 211 211 + i += 1; 212 212 + entries_buf[i] = .{ .key = "alsoKnownAs", .value = .{ .array = aka_items } }; 213 213 + i += 1; 214 214 + entries_buf[i] = .{ .key = "rotationKeys", .value = .{ .array = rot_items } }; 215 215 + i += 1; 216 216 + entries_buf[i] = .{ .key = "verificationMethods", .value = .{ .map = ver_methods } }; 217 217 + i += 1; 218 218 + 219 219 + const entries = try alloc.alloc(cbor.Value.MapEntry, i); 220 220 + @memcpy(entries, entries_buf[0..i]); 221 221 + 222 222 + return .{ .map = entries }; 223 223 + } 224 224 + 225 225 + fn allocMapEntries(alloc: Allocator, comptime_entries: []const cbor.Value.MapEntry) ![]const cbor.Value.MapEntry { 226 226 + const entries = try alloc.alloc(cbor.Value.MapEntry, comptime_entries.len); 227 227 + @memcpy(entries, comptime_entries); 228 228 + return entries; 229 229 + } 230 230 + 231 231 + /// encode 64 bytes as base64url (no padding). max output = 86 chars. 232 232 + const Base64UrlResult = struct { 233 233 + buf: [88]u8 = undefined, 234 234 + len: usize = 0, 235 235 + 236 236 + fn constSlice(self: *const Base64UrlResult) []const u8 { 237 237 + return self.buf[0..self.len]; 238 238 + } 239 239 + }; 240 240 + 241 241 + fn encodeBase64Url(input: []const u8) Base64UrlResult { 242 242 + const encoder = std.base64.url_safe_no_pad.Encoder; 243 243 + var result: Base64UrlResult = .{}; 244 244 + result.len = encoder.calcSize(input.len); 245 245 + _ = encoder.encode(result.buf[0..result.len], input); 246 246 + return result; 247 247 + } 248 248 + 249 249 + fn buildGenesisJson(allocator: Allocator, f: OpFields) ![]u8 { 250 250 + var buf: std.ArrayList(u8) = .{}; 251 251 + errdefer buf.deinit(allocator); 252 252 + const w = buf.writer(allocator); 253 253 + 254 254 + try w.writeAll("{"); 255 255 + try w.writeAll("\"type\":\"plc_operation\""); 256 256 + try w.writeAll(",\"rotationKeys\":[\""); 257 257 + try w.writeAll(f.rotation_did_key); 258 258 + try w.writeAll("\"]"); 259 259 + try w.writeAll(",\"verificationMethods\":{"); 260 260 + try w.writeAll("\"atproto\":\""); 261 261 + try w.writeAll(f.signing_did_key); 262 262 + try w.writeAll("\",\"atproto_label\":\""); 263 263 + try w.writeAll(f.label_did_key); 264 264 + try w.writeAll("\"}"); 265 265 + try w.writeAll(",\"alsoKnownAs\":[\""); 266 266 + try w.writeAll(f.handle_uri); 267 267 + try w.writeAll("\"]"); 268 268 + try w.writeAll(",\"services\":{"); 269 269 + try w.writeAll("\"atproto_pds\":{\"type\":\"AtprotoPersonalDataServer\",\"endpoint\":\""); 270 270 + try w.writeAll(f.pds_endpoint); 271 271 + try w.writeAll("\"}"); 272 272 + try w.writeAll(",\"atproto_labeler\":{\"type\":\"AtprotoLabeler\",\"endpoint\":\""); 273 273 + try w.writeAll(f.labeler_endpoint); 274 274 + try w.writeAll("\"}"); 275 275 + try w.writeAll("}"); 276 276 + try w.writeAll(",\"prev\":null"); 277 277 + try w.writeAll(",\"sig\":\""); 278 278 + try w.writeAll(f.sig_b64); 279 279 + try w.writeAll("\"}"); 280 280 + 281 281 + return try buf.toOwnedSlice(allocator); 282 282 + } 283 283 + 284 284 + // === tests === 285 285 + 286 286 + test "genesis operation round-trip" { 287 287 + const allocator = std.testing.allocator; 288 288 + 289 289 + // use same key for all three roles (fine for testing) 290 290 + var rotation_kp = try Keypair.fromSecretKey(.secp256k1, .{ 291 291 + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 292 292 + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 293 293 + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 294 294 + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 295 295 + }); 296 296 + var signing_kp = rotation_kp; 297 297 + var label_kp = rotation_kp; 298 298 + 299 299 + const params = GenesisParams{ 300 300 + .handle = "test-labeler.example.com", 301 301 + .pds_endpoint = "https://pds.example.com", 302 302 + .labeler_endpoint = "https://labeler.example.com", 303 303 + .rotation_keypair = &rotation_kp, 304 304 + .signing_keypair = &signing_kp, 305 305 + .label_keypair = &label_kp, 306 306 + }; 307 307 + 308 308 + const result = try createGenesis(allocator, &params); 309 309 + defer result.deinit(); 310 310 + 311 311 + // DID should start with "did:plc:" and be 32 chars total 312 312 + try std.testing.expect(std.mem.startsWith(u8, result.did, "did:plc:")); 313 313 + try std.testing.expectEqual(@as(usize, 32), result.did.len); 314 314 + 315 315 + // DID suffix should only contain base32lower chars (a-z, 2-7) 316 316 + for (result.did[8..]) |c| { 317 317 + try std.testing.expect((c >= 'a' and c <= 'z') or (c >= '2' and c <= '7')); 318 318 + } 319 319 + 320 320 + // JSON should contain expected fields 321 321 + try std.testing.expect(std.mem.indexOf(u8, result.json, "\"type\":\"plc_operation\"") != null); 322 322 + try std.testing.expect(std.mem.indexOf(u8, result.json, "\"prev\":null") != null); 323 323 + try std.testing.expect(std.mem.indexOf(u8, result.json, "\"sig\":\"") != null); 324 324 + try std.testing.expect(std.mem.indexOf(u8, result.json, "AtprotoLabeler") != null); 325 325 + try std.testing.expect(std.mem.indexOf(u8, result.json, "AtprotoPersonalDataServer") != null); 326 326 + try std.testing.expect(std.mem.indexOf(u8, result.json, "test-labeler.example.com") != null); 327 327 + } 328 328 + 329 329 + test "genesis is deterministic" { 330 330 + const allocator = std.testing.allocator; 331 331 + 332 332 + var rotation_kp = try Keypair.fromSecretKey(.secp256k1, .{ 333 333 + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 334 334 + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 335 335 + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 336 336 + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 337 337 + }); 338 338 + var signing_kp = rotation_kp; 339 339 + var label_kp = rotation_kp; 340 340 + 341 341 + const params = GenesisParams{ 342 342 + .handle = "test.example.com", 343 343 + .pds_endpoint = "https://pds.example.com", 344 344 + .labeler_endpoint = "https://labeler.example.com", 345 345 + .rotation_keypair = &rotation_kp, 346 346 + .signing_keypair = &signing_kp, 347 347 + .label_keypair = &label_kp, 348 348 + }; 349 349 + 350 350 + const r1 = try createGenesis(allocator, &params); 351 351 + defer r1.deinit(); 352 352 + const r2 = try createGenesis(allocator, &params); 353 353 + defer r2.deinit(); 354 354 + 355 355 + // same keys + same params = same DID 356 356 + try std.testing.expectEqualStrings(r1.did, r2.did); 357 357 + try std.testing.expectEqualStrings(r1.json, r2.json); 358 358 + } 359 359 + 360 360 + test "genesis unsigned CBOR key ordering" { 361 361 + const allocator = std.testing.allocator; 362 362 + 363 363 + const cbor_bytes = try encodeUnsignedOp(allocator, .{ 364 364 + .rotation_did_key = "did:key:zTest", 365 365 + .signing_did_key = "did:key:zTest", 366 366 + .label_did_key = "did:key:zTest", 367 367 + .handle_uri = "at://test.example.com", 368 368 + .pds_endpoint = "https://pds.example.com", 369 369 + .labeler_endpoint = "https://labeler.example.com", 370 370 + }); 371 371 + defer allocator.free(cbor_bytes); 372 372 + 373 373 + // decode and check key ordering 374 374 + var arena = std.heap.ArenaAllocator.init(allocator); 375 375 + defer arena.deinit(); 376 376 + const decoded = try cbor.decodeAll(arena.allocator(), cbor_bytes); 377 377 + 378 378 + const entries = decoded.map; 379 379 + try std.testing.expectEqual(@as(usize, 6), entries.len); 380 380 + 381 381 + // DAG-CBOR: sorted by length then lex 382 382 + try std.testing.expectEqualStrings("prev", entries[0].key); // 4 383 383 + try std.testing.expectEqualStrings("type", entries[1].key); // 4 384 384 + try std.testing.expectEqualStrings("services", entries[2].key); // 8 385 385 + try std.testing.expectEqualStrings("alsoKnownAs", entries[3].key); // 11 386 386 + try std.testing.expectEqualStrings("rotationKeys", entries[4].key); // 12 387 387 + try std.testing.expectEqualStrings("verificationMethods", entries[5].key); // 19 388 388 + 389 389 + // prev should be null 390 390 + try std.testing.expectEqual(cbor.Value.null, entries[0].value); 391 391 + 392 392 + // type should be "plc_operation" 393 393 + try std.testing.expectEqualStrings("plc_operation", entries[1].value.text); 394 394 + } 395 395 + 396 396 + test "base64url encoding" { 397 397 + // test with known values 398 398 + const sig = [_]u8{0xaa} ** 64; 399 399 + const result = encodeBase64Url(&sig); 400 400 + try std.testing.expectEqual(@as(usize, 86), result.len); 401 401 + // base64url has no + or / characters 402 402 + for (result.constSlice()) |c| { 403 403 + try std.testing.expect(c != '+' and c != '/'); 404 404 + } 405 405 + } 406 406 + 407 407 + test "genesis JSON structure" { 408 408 + const allocator = std.testing.allocator; 409 409 + 410 410 + const json = try buildGenesisJson(allocator, .{ 411 411 + .rotation_did_key = "did:key:zRotation", 412 412 + .signing_did_key = "did:key:zSigning", 413 413 + .label_did_key = "did:key:zLabel", 414 414 + .handle_uri = "at://test.example.com", 415 415 + .pds_endpoint = "https://pds.example.com", 416 416 + .labeler_endpoint = "https://labeler.example.com", 417 417 + .sig_b64 = "dGVzdHNpZw", 418 418 + }); 419 419 + defer allocator.free(json); 420 420 + 421 421 + // parse to verify it's valid JSON 422 422 + const parsed = try std.json.parseFromSlice(std.json.Value, allocator, json, .{}); 423 423 + defer parsed.deinit(); 424 424 + 425 425 + const root = parsed.value.object; 426 426 + try std.testing.expectEqualStrings("plc_operation", root.get("type").?.string); 427 427 + try std.testing.expect(root.get("prev").?.null == {}); 428 428 + try std.testing.expectEqualStrings("dGVzdHNpZw", root.get("sig").?.string); 429 429 + 430 430 + const rotation_keys = root.get("rotationKeys").?.array; 431 431 + try std.testing.expectEqual(@as(usize, 1), rotation_keys.items.len); 432 432 + try std.testing.expectEqualStrings("did:key:zRotation", rotation_keys.items[0].string); 433 433 + 434 434 + const services = root.get("services").?.object; 435 435 + try std.testing.expectEqualStrings("AtprotoPersonalDataServer", services.get("atproto_pds").?.object.get("type").?.string); 436 436 + try std.testing.expectEqualStrings("AtprotoLabeler", services.get("atproto_labeler").?.object.get("type").?.string); 437 437 + }

+325

src/label.zig

reviewed

··· 1 1 + //! AT Protocol label type with CBOR encoding and signing 2 2 + //! 3 3 + //! implements com.atproto.label.defs#label: 4 4 + //! encode label (sans sig) as deterministic DAG-CBOR, 5 5 + //! ECDSA sign (scheme handles SHA-256 internally), attach sig bytes. 6 6 + 7 7 + const std = @import("std"); 8 8 + const zat = @import("zat"); 9 9 + const cbor = zat.cbor; 10 10 + const Keypair = zat.Keypair; 11 11 + 12 12 + const Allocator = std.mem.Allocator; 13 13 + 14 14 + pub const Label = struct { 15 15 + ver: u8 = 1, 16 16 + src: []const u8, // labeler DID 17 17 + uri: []const u8, // subject (at:// URI or DID) 18 18 + cid: ?[]const u8 = null, // optional, pins to record version 19 19 + val: []const u8, // label value (max 128 bytes) 20 20 + neg: bool = false, // negates previous label 21 21 + cts: []const u8, // created-at ISO 8601 22 22 + exp: ?[]const u8 = null, // optional expiration 23 23 + sig: ?[]const u8 = null, // filled after signing 24 24 + 25 25 + /// encode the label (without sig) as deterministic DAG-CBOR. 26 26 + /// caller owns the returned slice. 27 27 + pub fn encodeUnsigned(self: *const Label, allocator: Allocator) ![]u8 { 28 28 + var entries: [9]cbor.Value.MapEntry = undefined; 29 29 + const n = self.fillEntries(&entries, false); 30 30 + return cbor.encodeAlloc(allocator, .{ .map = entries[0..n] }); 31 31 + } 32 32 + 33 33 + /// sign this label: CBOR-encode (sans sig) → ECDSA sign (scheme hashes internally). 34 34 + /// returns the raw signature bytes (64 bytes, r||s). 35 35 + /// does NOT mutate self — caller should set self.sig. 36 36 + pub fn computeSignature(self: *const Label, allocator: Allocator, keypair: *const Keypair) !zat.jwt.Signature { 37 37 + const unsigned_bytes = try self.encodeUnsigned(allocator); 38 38 + defer allocator.free(unsigned_bytes); 39 39 + 40 40 + return keypair.sign(unsigned_bytes); 41 41 + } 42 42 + 43 43 + /// encode the full label (with sig) as deterministic DAG-CBOR. 44 44 + /// self.sig must be set before calling this. 45 45 + pub fn encodeSigned(self: *const Label, allocator: Allocator) ![]u8 { 46 46 + std.debug.assert(self.sig != null); 47 47 + var entries: [9]cbor.Value.MapEntry = undefined; 48 48 + const n = self.fillEntries(&entries, true); 49 49 + return cbor.encodeAlloc(allocator, .{ .map = entries[0..n] }); 50 50 + } 51 51 + 52 52 + /// sign and return a fully-encoded signed label. 53 53 + /// sets self.sig as a side effect. 54 54 + pub fn signAndEncode(self: *Label, allocator: Allocator, keypair: *const Keypair, sig_buf: *[64]u8) ![]u8 { 55 55 + const sig = try self.computeSignature(allocator, keypair); 56 56 + sig_buf.* = sig.bytes; 57 57 + self.sig = sig_buf; 58 58 + return self.encodeSigned(allocator); 59 59 + } 60 60 + 61 61 + /// fill entries buffer with CBOR map entries. returns number of entries written. 62 62 + /// entries buffer must be at least 9 elements. the returned slice is valid 63 63 + /// as long as the buffer and self are alive. 64 64 + fn fillEntries(self: *const Label, entries: *[9]cbor.Value.MapEntry, include_sig: bool) usize { 65 65 + var i: usize = 0; 66 66 + 67 67 + if (self.cid) |ci| { 68 68 + entries[i] = .{ .key = "cid", .value = .{ .text = ci } }; 69 69 + i += 1; 70 70 + } 71 71 + entries[i] = .{ .key = "cts", .value = .{ .text = self.cts } }; 72 72 + i += 1; 73 73 + if (self.exp) |e| { 74 74 + entries[i] = .{ .key = "exp", .value = .{ .text = e } }; 75 75 + i += 1; 76 76 + } 77 77 + if (self.neg) { 78 78 + entries[i] = .{ .key = "neg", .value = .{ .boolean = true } }; 79 79 + i += 1; 80 80 + } 81 81 + if (include_sig) { 82 82 + if (self.sig) |s| { 83 83 + entries[i] = .{ .key = "sig", .value = .{ .bytes = s } }; 84 84 + i += 1; 85 85 + } 86 86 + } 87 87 + entries[i] = .{ .key = "src", .value = .{ .text = self.src } }; 88 88 + i += 1; 89 89 + entries[i] = .{ .key = "uri", .value = .{ .text = self.uri } }; 90 90 + i += 1; 91 91 + entries[i] = .{ .key = "val", .value = .{ .text = self.val } }; 92 92 + i += 1; 93 93 + entries[i] = .{ .key = "ver", .value = .{ .unsigned = self.ver } }; 94 94 + i += 1; 95 95 + 96 96 + return i; 97 97 + } 98 98 + }; 99 99 + 100 100 + /// encode an XRPC event stream frame: header CBOR || payload CBOR. 101 101 + /// used for both subscribeLabels and firehose-style event streams. 102 102 + pub fn encodeEventFrame(allocator: Allocator, op: i64, frame_type: ?[]const u8, payload: cbor.Value) ![]u8 { 103 103 + // header: {op: <int>, t?: <string>} 104 104 + var header_entries: [2]cbor.Value.MapEntry = undefined; 105 105 + var h_count: usize = 0; 106 106 + 107 107 + if (op >= 0) { 108 108 + header_entries[h_count] = .{ .key = "op", .value = .{ .unsigned = @intCast(op) } }; 109 109 + } else { 110 110 + header_entries[h_count] = .{ .key = "op", .value = .{ .negative = op } }; 111 111 + } 112 112 + h_count += 1; 113 113 + 114 114 + if (frame_type) |t| { 115 115 + header_entries[h_count] = .{ .key = "t", .value = .{ .text = t } }; 116 116 + h_count += 1; 117 117 + } 118 118 + 119 119 + const header: cbor.Value = .{ .map = header_entries[0..h_count] }; 120 120 + 121 121 + const header_bytes = try cbor.encodeAlloc(allocator, header); 122 122 + defer allocator.free(header_bytes); 123 123 + const payload_bytes = try cbor.encodeAlloc(allocator, payload); 124 124 + defer allocator.free(payload_bytes); 125 125 + 126 126 + const frame = try allocator.alloc(u8, header_bytes.len + payload_bytes.len); 127 127 + @memcpy(frame[0..header_bytes.len], header_bytes); 128 128 + @memcpy(frame[header_bytes.len..], payload_bytes); 129 129 + return frame; 130 130 + } 131 131 + 132 132 + // === tests === 133 133 + 134 134 + test "label unsigned CBOR round-trip" { 135 135 + const allocator = std.testing.allocator; 136 136 + 137 137 + const label = Label{ 138 138 + .src = "did:plc:test123", 139 139 + .uri = "at://did:plc:user/app.bsky.feed.post/abc", 140 140 + .val = "spam", 141 141 + .cts = "2024-01-01T00:00:00.000Z", 142 142 + }; 143 143 + 144 144 + const encoded = try label.encodeUnsigned(allocator); 145 145 + defer allocator.free(encoded); 146 146 + 147 147 + // decode and verify fields 148 148 + var arena = std.heap.ArenaAllocator.init(allocator); 149 149 + defer arena.deinit(); 150 150 + const decoded = try cbor.decodeAll(arena.allocator(), encoded); 151 151 + 152 152 + try std.testing.expectEqualStrings("did:plc:test123", decoded.getString("src").?); 153 153 + try std.testing.expectEqualStrings("at://did:plc:user/app.bsky.feed.post/abc", decoded.getString("uri").?); 154 154 + try std.testing.expectEqualStrings("spam", decoded.getString("val").?); 155 155 + try std.testing.expectEqualStrings("2024-01-01T00:00:00.000Z", decoded.getString("cts").?); 156 156 + try std.testing.expectEqual(@as(u64, 1), decoded.getUint("ver").?); 157 157 + // neg=false should be omitted 158 158 + try std.testing.expect(decoded.get("neg") == null); 159 159 + // sig should be omitted in unsigned encoding 160 160 + try std.testing.expect(decoded.get("sig") == null); 161 161 + } 162 162 + 163 163 + test "label with optional fields" { 164 164 + const allocator = std.testing.allocator; 165 165 + 166 166 + const label = Label{ 167 167 + .src = "did:plc:labeler", 168 168 + .uri = "did:plc:subject", 169 169 + .val = "!warn", 170 170 + .neg = true, 171 171 + .cts = "2024-06-15T12:00:00.000Z", 172 172 + .exp = "2025-06-15T12:00:00.000Z", 173 173 + .cid = "bafyreitest", 174 174 + }; 175 175 + 176 176 + const encoded = try label.encodeUnsigned(allocator); 177 177 + defer allocator.free(encoded); 178 178 + 179 179 + var arena = std.heap.ArenaAllocator.init(allocator); 180 180 + defer arena.deinit(); 181 181 + const decoded = try cbor.decodeAll(arena.allocator(), encoded); 182 182 + 183 183 + try std.testing.expectEqual(true, decoded.getBool("neg").?); 184 184 + try std.testing.expectEqualStrings("2025-06-15T12:00:00.000Z", decoded.getString("exp").?); 185 185 + try std.testing.expectEqualStrings("bafyreitest", decoded.getString("cid").?); 186 186 + } 187 187 + 188 188 + test "label sign and verify" { 189 189 + const allocator = std.testing.allocator; 190 190 + 191 191 + const keypair = try Keypair.fromSecretKey(.secp256k1, .{ 192 192 + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 193 193 + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 194 194 + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 195 195 + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 196 196 + }); 197 197 + 198 198 + var label = Label{ 199 199 + .src = "did:plc:test", 200 200 + .uri = "at://did:plc:user/app.bsky.feed.post/abc", 201 201 + .val = "spam", 202 202 + .cts = "2024-01-01T00:00:00.000Z", 203 203 + }; 204 204 + 205 205 + var sig_buf: [64]u8 = undefined; 206 206 + const encoded = try label.signAndEncode(allocator, &keypair, &sig_buf); 207 207 + defer allocator.free(encoded); 208 208 + 209 209 + // decode and check sig is present 210 210 + var arena = std.heap.ArenaAllocator.init(allocator); 211 211 + defer arena.deinit(); 212 212 + const decoded = try cbor.decodeAll(arena.allocator(), encoded); 213 213 + const sig_bytes = decoded.getBytes("sig").?; 214 214 + try std.testing.expectEqual(@as(usize, 64), sig_bytes.len); 215 215 + 216 216 + // verify the signature: re-encode unsigned, verify (scheme hashes internally) 217 217 + const unsigned = try label.encodeUnsigned(allocator); 218 218 + defer allocator.free(unsigned); 219 219 + 220 220 + const pk = try keypair.publicKey(); 221 221 + try zat.jwt.verifySecp256k1(unsigned, sig_bytes, &pk); 222 222 + } 223 223 + 224 224 + test "label deterministic encoding" { 225 225 + const allocator = std.testing.allocator; 226 226 + 227 227 + const label = Label{ 228 228 + .src = "did:plc:test", 229 229 + .uri = "at://did:plc:user/app.bsky.feed.post/abc", 230 230 + .val = "spam", 231 231 + .cts = "2024-01-01T00:00:00.000Z", 232 232 + }; 233 233 + 234 234 + const enc1 = try label.encodeUnsigned(allocator); 235 235 + defer allocator.free(enc1); 236 236 + const enc2 = try label.encodeUnsigned(allocator); 237 237 + defer allocator.free(enc2); 238 238 + 239 239 + try std.testing.expectEqualSlices(u8, enc1, enc2); 240 240 + } 241 241 + 242 242 + test "label DAG-CBOR key ordering" { 243 243 + const allocator = std.testing.allocator; 244 244 + 245 245 + // with all fields: keys should be sorted by length then lex 246 246 + // 3-char: cid, cts, exp, neg, sig, src, uri, val, ver 247 247 + // all same length (3) → sorted lex: cid, cts, exp, neg, sig, src, uri, val, ver 248 248 + const label = Label{ 249 249 + .src = "did:plc:labeler", 250 250 + .uri = "did:plc:subject", 251 251 + .val = "test", 252 252 + .neg = true, 253 253 + .cts = "2024-01-01T00:00:00.000Z", 254 254 + .exp = "2025-01-01T00:00:00.000Z", 255 255 + .cid = "bafytest", 256 256 + .sig = &(.{0xaa} ** 64), 257 257 + }; 258 258 + 259 259 + const encoded = try label.encodeSigned(allocator); 260 260 + defer allocator.free(encoded); 261 261 + 262 262 + var arena = std.heap.ArenaAllocator.init(allocator); 263 263 + defer arena.deinit(); 264 264 + const decoded = try cbor.decodeAll(arena.allocator(), encoded); 265 265 + 266 266 + // verify map key order 267 267 + const entries = decoded.map; 268 268 + try std.testing.expectEqualStrings("cid", entries[0].key); 269 269 + try std.testing.expectEqualStrings("cts", entries[1].key); 270 270 + try std.testing.expectEqualStrings("exp", entries[2].key); 271 271 + try std.testing.expectEqualStrings("neg", entries[3].key); 272 272 + try std.testing.expectEqualStrings("sig", entries[4].key); 273 273 + try std.testing.expectEqualStrings("src", entries[5].key); 274 274 + try std.testing.expectEqualStrings("uri", entries[6].key); 275 275 + try std.testing.expectEqualStrings("val", entries[7].key); 276 276 + try std.testing.expectEqualStrings("ver", entries[8].key); 277 277 + } 278 278 + 279 279 + test "encode event frame" { 280 280 + const allocator = std.testing.allocator; 281 281 + 282 282 + // simple labels frame: {op: 1, t: "#labels"} + {seq: 1, labels: [...]} 283 283 + const payload: cbor.Value = .{ .map = &.{ 284 284 + .{ .key = "seq", .value = .{ .unsigned = 42 } }, 285 285 + } }; 286 286 + 287 287 + const frame = try encodeEventFrame(allocator, 1, "#labels", payload); 288 288 + defer allocator.free(frame); 289 289 + 290 290 + // decode header 291 291 + var arena = std.heap.ArenaAllocator.init(allocator); 292 292 + defer arena.deinit(); 293 293 + const alloc = arena.allocator(); 294 294 + 295 295 + const header_result = try cbor.decode(alloc, frame); 296 296 + try std.testing.expectEqual(@as(u64, 1), header_result.value.getUint("op").?); 297 297 + try std.testing.expectEqualStrings("#labels", header_result.value.getString("t").?); 298 298 + 299 299 + // decode payload 300 300 + const payload_decoded = try cbor.decodeAll(alloc, frame[header_result.consumed..]); 301 301 + try std.testing.expectEqual(@as(u64, 42), payload_decoded.getUint("seq").?); 302 302 + } 303 303 + 304 304 + test "encode error frame" { 305 305 + const allocator = std.testing.allocator; 306 306 + 307 307 + const payload: cbor.Value = .{ .map = &.{ 308 308 + .{ .key = "error", .value = .{ .text = "FutureCursor" } }, 309 309 + .{ .key = "message", .value = .{ .text = "cursor is in the future" } }, 310 310 + } }; 311 311 + 312 312 + const frame = try encodeEventFrame(allocator, -1, null, payload); 313 313 + defer allocator.free(frame); 314 314 + 315 315 + var arena = std.heap.ArenaAllocator.init(allocator); 316 316 + defer arena.deinit(); 317 317 + const alloc = arena.allocator(); 318 318 + 319 319 + const header_result = try cbor.decode(alloc, frame); 320 320 + try std.testing.expectEqual(@as(i64, -1), header_result.value.getInt("op").?); 321 321 + try std.testing.expect(header_result.value.getString("t") == null); 322 322 + 323 323 + const payload_decoded = try cbor.decodeAll(alloc, frame[header_result.consumed..]); 324 324 + try std.testing.expectEqualStrings("FutureCursor", payload_decoded.getString("error").?); 325 325 + }

+256

src/main.zig

reviewed

··· 1 1 + //! labelz — AT Protocol labeler built on zat 2 2 + //! 3 3 + //! subscribes to jetstream, applies keyword-based labels, 4 4 + //! signs with secp256k1, stores in SQLite, and serves 5 5 + //! subscribeLabels (WS) + queryLabels (HTTP). 6 6 + 7 7 + const std = @import("std"); 8 8 + const websocket = @import("websocket"); 9 9 + const zat = @import("zat"); 10 10 + const label_mod = @import("label.zig"); 11 11 + const store_mod = @import("store.zig"); 12 12 + const server_mod = @import("server.zig"); 13 13 + 14 14 + const Label = label_mod.Label; 15 15 + const Keypair = zat.Keypair; 16 16 + const JetstreamClient = zat.JetstreamClient; 17 17 + const Allocator = std.mem.Allocator; 18 18 + const log = std.log.scoped(.labelz); 19 19 + 20 20 + const Config = struct { 21 21 + /// labeler DID (src field on labels) 22 22 + did: []const u8, 23 23 + /// secret key bytes (32 bytes, hex-encoded in env) 24 24 + secret_key: [32]u8, 25 25 + /// port for XRPC server 26 26 + port: u16 = 4100, 27 27 + /// SQLite database path 28 28 + db_path: [*:0]const u8 = "labelz.db", 29 29 + /// collections to watch 30 30 + collections: []const []const u8 = &.{"app.bsky.feed.post"}, 31 31 + /// keyword → label value rules 32 32 + rules: []const Rule = &default_rules, 33 33 + }; 34 34 + 35 35 + pub const Rule = struct { 36 36 + keyword: []const u8, 37 37 + label_val: []const u8, 38 38 + }; 39 39 + 40 40 + const default_rules = [_]Rule{ 41 41 + .{ .keyword = "#labelz-test", .label_val = "spam" }, 42 42 + .{ .keyword = "zat-labeler-test", .label_val = "!warn" }, 43 43 + }; 44 44 + 45 45 + const ServerType = server_mod.Server; 46 46 + 47 47 + const EventHandler = struct { 48 48 + allocator: Allocator, 49 49 + config: *const Config, 50 50 + keypair: *const Keypair, 51 51 + store: *store_mod.Store, 52 52 + server: *ServerType, 53 53 + 54 54 + pub fn onEvent(self: *EventHandler, event: zat.JetstreamEvent) void { 55 55 + switch (event) { 56 56 + .commit => |commit| self.handleCommit(commit), 57 57 + else => {}, 58 58 + } 59 59 + } 60 60 + 61 61 + pub fn onError(_: *EventHandler, err: anyerror) void { 62 62 + log.err("jetstream: {s}", .{@errorName(err)}); 63 63 + } 64 64 + 65 65 + pub fn onConnect(_: *EventHandler, host: []const u8) void { 66 66 + log.info("connected to {s}", .{host}); 67 67 + } 68 68 + 69 69 + fn handleCommit(self: *EventHandler, commit: zat.jetstream.CommitEvent) void { 70 70 + if (commit.operation != .create) return; 71 71 + 72 72 + const record = commit.record orelse return; 73 73 + const text = zat.json.getString(record, "text") orelse return; 74 74 + 75 75 + for (self.config.rules) |rule| { 76 76 + if (containsIgnoreCase(text, rule.keyword)) { 77 77 + self.emitLabel(commit, rule.label_val); 78 78 + return; // one label per record 79 79 + } 80 80 + } 81 81 + } 82 82 + 83 83 + fn emitLabel(self: *EventHandler, commit: zat.jetstream.CommitEvent, val: []const u8) void { 84 84 + // build subject URI: at://{did}/{collection}/{rkey} 85 85 + var uri_buf: [512]u8 = undefined; 86 86 + const uri = std.fmt.bufPrint(&uri_buf, "at://{s}/{s}/{s}", .{ 87 87 + commit.did, commit.collection, commit.rkey, 88 88 + }) catch return; 89 89 + 90 90 + var ts_buf: [32]u8 = undefined; 91 91 + const cts = nowIso8601(&ts_buf); 92 92 + 93 93 + var label = Label{ 94 94 + .src = self.config.did, 95 95 + .uri = uri, 96 96 + .val = val, 97 97 + .cts = cts, 98 98 + }; 99 99 + 100 100 + var sig_buf: [64]u8 = undefined; 101 101 + const encoded = label.signAndEncode(self.allocator, self.keypair, &sig_buf) catch |err| { 102 102 + log.err("sign failed: {s}", .{@errorName(err)}); 103 103 + return; 104 104 + }; 105 105 + defer self.allocator.free(encoded); 106 106 + 107 107 + const seq = self.store.insert(&label, encoded) catch |err| { 108 108 + log.err("store failed: {s}", .{@errorName(err)}); 109 109 + return; 110 110 + }; 111 111 + 112 112 + log.info("label seq={d} val={s} uri={s}", .{ seq, val, uri }); 113 113 + self.server.broadcast(seq, encoded); 114 114 + } 115 115 + }; 116 116 + 117 117 + pub fn main() !void { 118 118 + var gpa: std.heap.GeneralPurposeAllocator(.{}) = .init; 119 119 + defer _ = gpa.deinit(); 120 120 + const allocator = gpa.allocator(); 121 121 + 122 122 + const config = try loadConfig(); 123 123 + 124 124 + var keypair = try Keypair.fromSecretKey(.secp256k1, config.secret_key); 125 125 + var store = try store_mod.Store.init(config.db_path); 126 126 + defer store.deinit(); 127 127 + 128 128 + var server = ServerType.init(allocator, &store); 129 129 + defer server.deinit(); 130 130 + 131 131 + // start XRPC server in background thread 132 132 + const WsHandler = server_mod.Handler(ServerType); 133 133 + var ws_server = try websocket.Server(WsHandler).init(allocator, .{ 134 134 + .port = config.port, 135 135 + .address = "0.0.0.0", 136 136 + .max_conn = 256, 137 137 + .max_message_size = 64 * 1024, 138 138 + }); 139 139 + 140 140 + const server_thread = try ws_server.listenInNewThread(&server); 141 141 + defer server_thread.detach(); 142 142 + 143 143 + log.info("labeler serving on :{d}", .{config.port}); 144 144 + log.info("DID: {s}", .{config.did}); 145 145 + log.info("rules: {d} keyword rules active", .{config.rules.len}); 146 146 + 147 147 + // start jetstream consumer (blocks forever) 148 148 + var client = JetstreamClient.init(allocator, .{ 149 149 + .wanted_collections = config.collections, 150 150 + }); 151 151 + 152 152 + var handler = EventHandler{ 153 153 + .allocator = allocator, 154 154 + .config = &config, 155 155 + .keypair = &keypair, 156 156 + .store = &store, 157 157 + .server = &server, 158 158 + }; 159 159 + 160 160 + client.subscribe(&handler); 161 161 + } 162 162 + 163 163 + fn loadConfig() !Config { 164 164 + const did = std.posix.getenv("LABELZ_DID") orelse { 165 165 + log.err("LABELZ_DID environment variable required", .{}); 166 166 + return error.MissingConfig; 167 167 + }; 168 168 + 169 169 + const key_hex = std.posix.getenv("LABELZ_SECRET_KEY") orelse { 170 170 + log.err("LABELZ_SECRET_KEY environment variable required (64 hex chars)", .{}); 171 171 + return error.MissingConfig; 172 172 + }; 173 173 + 174 174 + if (key_hex.len != 64) { 175 175 + log.err("LABELZ_SECRET_KEY must be 64 hex characters (32 bytes)", .{}); 176 176 + return error.InvalidConfig; 177 177 + } 178 178 + 179 179 + var secret_key: [32]u8 = undefined; 180 180 + _ = std.fmt.hexToBytes(&secret_key, key_hex) catch { 181 181 + log.err("LABELZ_SECRET_KEY invalid hex", .{}); 182 182 + return error.InvalidConfig; 183 183 + }; 184 184 + 185 185 + const port: u16 = if (std.posix.getenv("LABELZ_PORT")) |p| 186 186 + std.fmt.parseInt(u16, p, 10) catch 4100 187 187 + else 188 188 + 4100; 189 189 + 190 190 + const db_path: [*:0]const u8 = if (std.posix.getenv("LABELZ_DB")) |p| 191 191 + @ptrCast(p.ptr) 192 192 + else 193 193 + "/data/labelz.db"; 194 194 + 195 195 + return .{ 196 196 + .did = did, 197 197 + .secret_key = secret_key, 198 198 + .port = port, 199 199 + .db_path = db_path, 200 200 + }; 201 201 + } 202 202 + 203 203 + fn containsIgnoreCase(haystack: []const u8, needle: []const u8) bool { 204 204 + if (needle.len > haystack.len) return false; 205 205 + if (needle.len == 0) return true; 206 206 + 207 207 + const end = haystack.len - needle.len + 1; 208 208 + for (0..end) |i| { 209 209 + var match = true; 210 210 + for (needle, 0..) |nc, j| { 211 211 + if (std.ascii.toLower(haystack[i + j]) != std.ascii.toLower(nc)) { 212 212 + match = false; 213 213 + break; 214 214 + } 215 215 + } 216 216 + if (match) return true; 217 217 + } 218 218 + return false; 219 219 + } 220 220 + 221 221 + fn nowIso8601(buf: *[32]u8) []const u8 { 222 222 + const ts = std.time.timestamp(); 223 223 + const epoch: std.time.epoch.EpochSeconds = .{ .secs = @intCast(ts) }; 224 224 + const day = epoch.getDaySeconds(); 225 225 + const yd = epoch.getEpochDay().calculateYearDay(); 226 226 + const md = yd.calculateMonthDay(); 227 227 + 228 228 + return std.fmt.bufPrint(buf, "{d:0>4}-{d:0>2}-{d:0>2}T{d:0>2}:{d:0>2}:{d:0>2}.000Z", .{ 229 229 + yd.year, 230 230 + md.month.numeric(), 231 231 + md.day_index + 1, 232 232 + day.getHoursIntoDay(), 233 233 + day.getMinutesIntoHour(), 234 234 + day.getSecondsIntoMinute(), 235 235 + }) catch "1970-01-01T00:00:00.000Z"; 236 236 + } 237 237 + 238 238 + // === tests === 239 239 + 240 240 + test "containsIgnoreCase" { 241 241 + try std.testing.expect(containsIgnoreCase("Hello World", "hello")); 242 242 + try std.testing.expect(containsIgnoreCase("this is SPAM", "spam")); 243 243 + try std.testing.expect(containsIgnoreCase("🚨 alert!", "🚨")); 244 244 + try std.testing.expect(!containsIgnoreCase("nothing here", "spam")); 245 245 + try std.testing.expect(containsIgnoreCase("", "")); 246 246 + try std.testing.expect(!containsIgnoreCase("", "x")); 247 247 + } 248 248 + 249 249 + test "nowIso8601 produces valid format" { 250 250 + var buf: [32]u8 = undefined; 251 251 + const ts = nowIso8601(&buf); 252 252 + // should look like 2024-01-01T00:00:00.000Z 253 253 + try std.testing.expectEqual(@as(usize, 24), ts.len); 254 254 + try std.testing.expectEqual(@as(u8, 'T'), ts[10]); 255 255 + try std.testing.expectEqual(@as(u8, 'Z'), ts[23]); 256 256 + }

+376

src/server.zig

reviewed

··· 1 1 + //! XRPC server for AT Protocol labeler 2 2 + //! 3 3 + //! serves two endpoints: 4 4 + //! - com.atproto.label.subscribeLabels (WebSocket, CBOR-framed event stream) 5 5 + //! - com.atproto.label.queryLabels (HTTP GET, JSON response) 6 6 + 7 7 + const std = @import("std"); 8 8 + const websocket = @import("websocket"); 9 9 + const zat = @import("zat"); 10 10 + const cbor = zat.cbor; 11 11 + const label_mod = @import("label.zig"); 12 12 + const store_mod = @import("store.zig"); 13 13 + 14 14 + const Allocator = std.mem.Allocator; 15 15 + const log = std.log.scoped(.server); 16 16 + 17 17 + pub const Server = struct { 18 18 + allocator: Allocator, 19 19 + store: *store_mod.Store, 20 20 + subscribers: std.ArrayList(*Subscriber), 21 21 + mutex: std.Thread.Mutex = .{}, 22 22 + 23 23 + pub fn init(allocator: Allocator, store: *store_mod.Store) Server { 24 24 + return .{ 25 25 + .allocator = allocator, 26 26 + .store = store, 27 27 + .subscribers = .{}, 28 28 + }; 29 29 + } 30 30 + 31 31 + pub fn deinit(self: *Server) void { 32 32 + self.subscribers.deinit(self.allocator); 33 33 + } 34 34 + 35 35 + /// broadcast a new label to all connected subscribers. 36 36 + /// called after a label is stored. 37 37 + pub fn broadcast(self: *Server, seq: i64, encoded_label: []const u8) void { 38 38 + const frame = self.buildLabelsFrame(seq, encoded_label) catch |err| { 39 39 + log.err("failed to build frame: {s}", .{@errorName(err)}); 40 40 + return; 41 41 + }; 42 42 + defer self.allocator.free(frame); 43 43 + 44 44 + self.mutex.lock(); 45 45 + defer self.mutex.unlock(); 46 46 + 47 47 + var i: usize = 0; 48 48 + while (i < self.subscribers.items.len) { 49 49 + const sub = self.subscribers.items[i]; 50 50 + sub.conn.writeBin(frame) catch { 51 51 + // subscriber disconnected, remove 52 52 + log.info("subscriber disconnected, removing", .{}); 53 53 + _ = self.subscribers.swapRemove(i); 54 54 + continue; 55 55 + }; 56 56 + i += 1; 57 57 + } 58 58 + } 59 59 + 60 60 + fn buildLabelsFrame(self: *Server, seq: i64, encoded_label: []const u8) ![]u8 { 61 61 + // payload: {seq: <int>, labels: [<encoded label as bytes>]} 62 62 + // we re-decode the stored CBOR to embed it as a CBOR value in the frame. 63 63 + var arena = std.heap.ArenaAllocator.init(self.allocator); 64 64 + defer arena.deinit(); 65 65 + const alloc = arena.allocator(); 66 66 + 67 67 + const label_value = try cbor.decodeAll(alloc, encoded_label); 68 68 + 69 69 + const labels_array = try alloc.alloc(cbor.Value, 1); 70 70 + labels_array[0] = label_value; 71 71 + 72 72 + const entries = try alloc.alloc(cbor.Value.MapEntry, 2); 73 73 + entries[0] = .{ .key = "labels", .value = .{ .array = labels_array } }; 74 74 + entries[1] = .{ .key = "seq", .value = .{ .unsigned = @intCast(seq) } }; 75 75 + 76 76 + const payload: cbor.Value = .{ .map = entries }; 77 77 + 78 78 + return label_mod.encodeEventFrame(self.allocator, 1, "#labels", payload); 79 79 + } 80 80 + 81 81 + /// add a subscriber connection. 82 82 + pub fn addSubscriber(self: *Server, conn: *websocket.Conn, cursor: ?i64) void { 83 83 + const sub = self.allocator.create(Subscriber) catch return; 84 84 + sub.* = .{ .conn = conn }; 85 85 + 86 86 + // backfill from cursor 87 87 + if (cursor) |cur| { 88 88 + self.backfill(conn, cur) catch |err| { 89 89 + log.err("backfill failed: {s}", .{@errorName(err)}); 90 90 + }; 91 91 + } 92 92 + 93 93 + self.mutex.lock(); 94 94 + defer self.mutex.unlock(); 95 95 + self.subscribers.append(self.allocator, sub) catch { 96 96 + self.allocator.destroy(sub); 97 97 + }; 98 98 + } 99 99 + 100 100 + /// remove a subscriber connection. 101 101 + pub fn removeSubscriber(self: *Server, conn: *websocket.Conn) void { 102 102 + self.mutex.lock(); 103 103 + defer self.mutex.unlock(); 104 104 + 105 105 + for (self.subscribers.items, 0..) |sub, i| { 106 106 + if (sub.conn == conn) { 107 107 + self.allocator.destroy(sub); 108 108 + _ = self.subscribers.swapRemove(i); 109 109 + return; 110 110 + } 111 111 + } 112 112 + } 113 113 + 114 114 + fn backfill(self: *Server, conn: *websocket.Conn, cursor: i64) !void { 115 115 + const latest = self.store.latestSeq(); 116 116 + 117 117 + // check if cursor is in the future 118 118 + if (cursor > latest) { 119 119 + const frame = try label_mod.encodeEventFrame(self.allocator, -1, null, .{ .map = &.{ 120 120 + .{ .key = "error", .value = .{ .text = "FutureCursor" } }, 121 121 + .{ .key = "message", .value = .{ .text = "cursor is in the future" } }, 122 122 + } }); 123 123 + defer self.allocator.free(frame); 124 124 + conn.writeBin(frame) catch return; 125 125 + return; 126 126 + } 127 127 + 128 128 + // send outdated cursor info if needed (cursor=0 means "from beginning", not outdated) 129 129 + if (cursor > 0) { 130 130 + const info_frame = try label_mod.encodeEventFrame(self.allocator, 1, "#info", .{ .map = &.{ 131 131 + .{ .key = "message", .value = .{ .text = "OutdatedCursor" } }, 132 132 + .{ .key = "name", .value = .{ .text = "OutdatedCursor" } }, 133 133 + } }); 134 134 + defer self.allocator.free(info_frame); 135 135 + conn.writeBin(info_frame) catch return; 136 136 + } 137 137 + 138 138 + // send stored labels in batches 139 139 + var cur = cursor; 140 140 + while (true) { 141 141 + const labels = self.store.queryByCursor(self.allocator, cur, 100) catch return; 142 142 + defer { 143 143 + for (labels) |item| { 144 144 + self.allocator.free(item.label.src); 145 145 + self.allocator.free(item.label.uri); 146 146 + self.allocator.free(item.label.val); 147 147 + self.allocator.free(item.label.cts); 148 148 + self.allocator.free(item.encoded); 149 149 + if (item.label.sig) |s| self.allocator.free(s); 150 150 + if (item.label.cid) |ci| self.allocator.free(ci); 151 151 + if (item.label.exp) |e| self.allocator.free(e); 152 152 + } 153 153 + self.allocator.free(labels); 154 154 + } 155 155 + 156 156 + if (labels.len == 0) break; 157 157 + 158 158 + for (labels) |stored| { 159 159 + const frame = self.buildLabelsFrame(stored.seq, stored.encoded) catch continue; 160 160 + defer self.allocator.free(frame); 161 161 + conn.writeBin(frame) catch return; 162 162 + } 163 163 + 164 164 + cur = labels[labels.len - 1].seq; 165 165 + } 166 166 + } 167 167 + 168 168 + /// handle an HTTP request (non-WebSocket). 169 169 + pub fn handleHttp( 170 170 + self: *Server, 171 171 + conn: *websocket.Conn, 172 172 + method: []const u8, 173 173 + url: []const u8, 174 174 + ) void { 175 175 + // split path and query 176 176 + const qmark = std.mem.indexOfScalar(u8, url, '?'); 177 177 + const path = url[0..(qmark orelse url.len)]; 178 178 + const query = if (qmark) |q| url[q + 1 ..] else ""; 179 179 + 180 180 + if (std.mem.eql(u8, method, "GET") and 181 181 + std.mem.eql(u8, path, "/xrpc/com.atproto.label.queryLabels")) 182 182 + { 183 183 + self.handleQueryLabels(conn, query); 184 184 + } else if (std.mem.eql(u8, method, "GET") and std.mem.eql(u8, path, "/health")) { 185 185 + httpRespond(conn, "200 OK", "application/json", "{\"status\":\"ok\"}"); 186 186 + } else { 187 187 + httpRespond(conn, "404 Not Found", "application/json", 188 188 + \\{"error":"NotFound","message":"endpoint not found"} 189 189 + ); 190 190 + } 191 191 + } 192 192 + 193 193 + fn handleQueryLabels(self: *Server, conn: *websocket.Conn, query: []const u8) void { 194 194 + // parse uriPatterns param 195 195 + const uri = queryParam(query, "uriPatterns") orelse { 196 196 + httpRespond(conn, "400 Bad Request", "application/json", 197 197 + \\{"error":"InvalidRequest","message":"uriPatterns parameter required"} 198 198 + ); 199 199 + return; 200 200 + }; 201 201 + 202 202 + const labels = self.store.queryBySubject(self.allocator, uri) catch { 203 203 + httpRespond(conn, "500 Internal Server Error", "application/json", 204 204 + \\{"error":"InternalError","message":"database query failed"} 205 205 + ); 206 206 + return; 207 207 + }; 208 208 + defer { 209 209 + for (labels) |item| { 210 210 + self.allocator.free(item.label.src); 211 211 + self.allocator.free(item.label.uri); 212 212 + self.allocator.free(item.label.val); 213 213 + self.allocator.free(item.label.cts); 214 214 + self.allocator.free(item.encoded); 215 215 + if (item.label.sig) |s| self.allocator.free(s); 216 216 + if (item.label.cid) |ci| self.allocator.free(ci); 217 217 + if (item.label.exp) |e| self.allocator.free(e); 218 218 + } 219 219 + self.allocator.free(labels); 220 220 + } 221 221 + 222 222 + // build JSON response 223 223 + var buf: std.ArrayList(u8) = .{}; 224 224 + defer buf.deinit(self.allocator); 225 225 + const w = buf.writer(self.allocator); 226 226 + 227 227 + w.writeAll("{\"labels\":[") catch return; 228 228 + 229 229 + for (labels, 0..) |stored, i| { 230 230 + if (i > 0) w.writeByte(',') catch return; 231 231 + writeJsonLabel(w, &stored) catch return; 232 232 + } 233 233 + 234 234 + w.writeAll("]}") catch return; 235 235 + 236 236 + httpRespond(conn, "200 OK", "application/json", buf.items); 237 237 + } 238 238 + }; 239 239 + 240 240 + const Subscriber = struct { 241 241 + conn: *websocket.Conn, 242 242 + }; 243 243 + 244 244 + /// websocket handler for subscribeLabels 245 245 + pub fn Handler(comptime ServerT: type) type { 246 246 + return struct { 247 247 + server: *ServerT, 248 248 + conn: *websocket.Conn, 249 249 + cursor: ?i64 = null, 250 250 + 251 251 + const Self = @This(); 252 252 + 253 253 + pub fn init(handshake: *const websocket.Handshake, conn: *websocket.Conn, ctx: *ServerT) !Self { 254 254 + _ = handshake; 255 255 + return .{ 256 256 + .server = ctx, 257 257 + .conn = conn, 258 258 + }; 259 259 + } 260 260 + 261 261 + pub fn afterInit(self: *Self, _: *ServerT) !void { 262 262 + self.server.addSubscriber(self.conn, self.cursor); 263 263 + } 264 264 + 265 265 + pub fn clientMessage(_: *Self, _: []const u8) !void { 266 266 + // labeler is write-only to subscribers 267 267 + } 268 268 + 269 269 + pub fn close(self: *Self) void { 270 270 + self.server.removeSubscriber(self.conn); 271 271 + } 272 272 + 273 273 + pub fn httpFallback(conn: *websocket.Conn, method: []const u8, url: []const u8, _: []const u8, _: *const websocket.Handshake.KeyValue, ctx_ptr: ?*anyopaque) void { 274 274 + const ctx: *ServerT = @ptrCast(@alignCast(ctx_ptr.?)); 275 275 + ctx.handleHttp(conn, method, url); 276 276 + } 277 277 + }; 278 278 + } 279 279 + 280 280 + // === HTTP helpers === 281 281 + 282 282 + fn httpRespond(conn: *websocket.Conn, status: []const u8, content_type: []const u8, body: []const u8) void { 283 283 + var buf: [512]u8 = undefined; 284 284 + const header = std.fmt.bufPrint(&buf, "HTTP/1.1 {s}\r\nContent-Type: {s}\r\nContent-Length: {d}\r\nAccess-Control-Allow-Origin: *\r\n\r\n", .{ 285 285 + status, content_type, body.len, 286 286 + }) catch return; 287 287 + conn.writeFramed(header) catch return; 288 288 + if (body.len > 0) conn.writeFramed(body) catch return; 289 289 + } 290 290 + 291 291 + fn queryParam(query: []const u8, name: []const u8) ?[]const u8 { 292 292 + var it = std.mem.splitScalar(u8, query, '&'); 293 293 + while (it.next()) |pair| { 294 294 + const eq = std.mem.indexOfScalar(u8, pair, '=') orelse continue; 295 295 + if (std.mem.eql(u8, pair[0..eq], name)) { 296 296 + return pair[eq + 1 ..]; 297 297 + } 298 298 + } 299 299 + return null; 300 300 + } 301 301 + 302 302 + fn writeJsonLabel(w: anytype, stored: *const store_mod.StoredLabel) !void { 303 303 + const lbl = &stored.label; 304 304 + try w.writeAll("{"); 305 305 + try w.print("\"ver\":{d}", .{lbl.ver}); 306 306 + try w.writeAll(",\"src\":\""); 307 307 + try w.writeAll(lbl.src); 308 308 + try w.writeAll("\",\"uri\":\""); 309 309 + try w.writeAll(lbl.uri); 310 310 + try w.writeByte('"'); 311 311 + 312 312 + if (lbl.cid) |cid| { 313 313 + try w.writeAll(",\"cid\":\""); 314 314 + try w.writeAll(cid); 315 315 + try w.writeByte('"'); 316 316 + } 317 317 + 318 318 + try w.writeAll(",\"val\":\""); 319 319 + try w.writeAll(lbl.val); 320 320 + try w.writeAll("\",\"cts\":\""); 321 321 + try w.writeAll(lbl.cts); 322 322 + try w.writeByte('"'); 323 323 + 324 324 + if (lbl.neg) try w.writeAll(",\"neg\":true"); 325 325 + if (lbl.exp) |exp| { 326 326 + try w.writeAll(",\"exp\":\""); 327 327 + try w.writeAll(exp); 328 328 + try w.writeByte('"'); 329 329 + } 330 330 + 331 331 + // sig as base64 332 332 + if (lbl.sig) |sig| { 333 333 + try w.writeAll(",\"sig\":\""); 334 334 + const encoder = std.base64.standard.Encoder; 335 335 + var b64_buf: [88]u8 = undefined; // 64 bytes → 88 chars 336 336 + const b64_len = encoder.calcSize(sig.len); 337 337 + const b64 = encoder.encode(b64_buf[0..b64_len], sig); 338 338 + try w.writeAll(b64); 339 339 + try w.writeByte('"'); 340 340 + } 341 341 + 342 342 + try w.writeByte('}'); 343 343 + } 344 344 + 345 345 + // === tests === 346 346 + 347 347 + test "query param parsing" { 348 348 + try std.testing.expectEqualStrings("hello", queryParam("foo=hello&bar=world", "foo").?); 349 349 + try std.testing.expectEqualStrings("world", queryParam("foo=hello&bar=world", "bar").?); 350 350 + try std.testing.expect(queryParam("foo=hello", "bar") == null); 351 351 + try std.testing.expect(queryParam("", "foo") == null); 352 352 + } 353 353 + 354 354 + test "event frame structure" { 355 355 + const allocator = std.testing.allocator; 356 356 + 357 357 + const payload: cbor.Value = .{ .map = &.{ 358 358 + .{ .key = "seq", .value = .{ .unsigned = 1 } }, 359 359 + .{ .key = "labels", .value = .{ .array = &.{} } }, 360 360 + } }; 361 361 + 362 362 + const frame = try label_mod.encodeEventFrame(allocator, 1, "#labels", payload); 363 363 + defer allocator.free(frame); 364 364 + 365 365 + // verify we can decode header + payload from the frame 366 366 + var arena = std.heap.ArenaAllocator.init(allocator); 367 367 + defer arena.deinit(); 368 368 + const alloc = arena.allocator(); 369 369 + 370 370 + const header = try cbor.decode(alloc, frame); 371 371 + try std.testing.expectEqual(@as(u64, 1), header.value.getUint("op").?); 372 372 + try std.testing.expectEqualStrings("#labels", header.value.getString("t").?); 373 373 + 374 374 + const body = try cbor.decodeAll(alloc, frame[header.consumed..]); 375 375 + try std.testing.expectEqual(@as(u64, 1), body.getUint("seq").?); 376 376 + }

+333

src/store.zig

reviewed

··· 1 1 + //! SQLite-backed label store 2 2 + //! 3 3 + //! stores signed labels with auto-incrementing sequence numbers. 4 4 + //! supports cursor-based retrieval for subscribeLabels backfill 5 5 + //! and subject-filtered queries for queryLabels. 6 6 + 7 7 + const std = @import("std"); 8 8 + const c = @cImport(@cInclude("sqlite3.h")); 9 9 + const label_mod = @import("label.zig"); 10 10 + const Label = label_mod.Label; 11 11 + 12 12 + const Allocator = std.mem.Allocator; 13 13 + const log = std.log.scoped(.store); 14 14 + 15 15 + pub const StoredLabel = struct { 16 16 + seq: i64, 17 17 + label: Label, 18 18 + /// pre-encoded signed CBOR (stored as blob, avoids re-encoding) 19 19 + encoded: []const u8, 20 20 + }; 21 21 + 22 22 + pub const Store = struct { 23 23 + db: *c.sqlite3, 24 24 + insert_stmt: *c.sqlite3_stmt, 25 25 + query_cursor_stmt: *c.sqlite3_stmt, 26 26 + query_subject_stmt: *c.sqlite3_stmt, 27 27 + latest_seq_stmt: *c.sqlite3_stmt, 28 28 + 29 29 + pub fn init(path: [*:0]const u8) !Store { 30 30 + var db: ?*c.sqlite3 = null; 31 31 + if (c.sqlite3_open(path, &db) != c.SQLITE_OK) { 32 32 + if (db) |d| log.err("sqlite open: {s}", .{c.sqlite3_errmsg(d)}); 33 33 + return error.SqliteOpen; 34 34 + } 35 35 + 36 36 + const d = db.?; 37 37 + 38 38 + // WAL mode for concurrent reads during writes 39 39 + if (execSimple(d, "PRAGMA journal_mode=WAL") != c.SQLITE_OK) return error.SqlitePragma; 40 40 + 41 41 + // create table 42 42 + if (execSimple(d, 43 43 + \\CREATE TABLE IF NOT EXISTS labels ( 44 44 + \\ seq INTEGER PRIMARY KEY AUTOINCREMENT, 45 45 + \\ src TEXT NOT NULL, 46 46 + \\ uri TEXT NOT NULL, 47 47 + \\ cid TEXT, 48 48 + \\ val TEXT NOT NULL, 49 49 + \\ neg INTEGER NOT NULL DEFAULT 0, 50 50 + \\ cts TEXT NOT NULL, 51 51 + \\ exp TEXT, 52 52 + \\ sig BLOB NOT NULL, 53 53 + \\ encoded BLOB NOT NULL 54 54 + \\) 55 55 + ) != c.SQLITE_OK) return error.SqliteSchema; 56 56 + 57 57 + // index on uri for queryLabels filtering 58 58 + if (execSimple(d, 59 59 + \\CREATE INDEX IF NOT EXISTS idx_labels_uri ON labels(uri) 60 60 + ) != c.SQLITE_OK) return error.SqliteSchema; 61 61 + 62 62 + return .{ 63 63 + .db = d, 64 64 + .insert_stmt = try prepare(d, 65 65 + \\INSERT INTO labels (src, uri, cid, val, neg, cts, exp, sig, encoded) 66 66 + \\VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9) 67 67 + ), 68 68 + .query_cursor_stmt = try prepare(d, 69 69 + \\SELECT seq, src, uri, cid, val, neg, cts, exp, sig, encoded 70 70 + \\FROM labels WHERE seq > ?1 ORDER BY seq ASC LIMIT ?2 71 71 + ), 72 72 + .query_subject_stmt = try prepare(d, 73 73 + \\SELECT seq, src, uri, cid, val, neg, cts, exp, sig, encoded 74 74 + \\FROM labels WHERE uri = ?1 ORDER BY seq ASC 75 75 + ), 76 76 + .latest_seq_stmt = try prepare(d, 77 77 + \\SELECT COALESCE(MAX(seq), 0) FROM labels 78 78 + ), 79 79 + }; 80 80 + } 81 81 + 82 82 + pub fn deinit(self: *Store) void { 83 83 + _ = c.sqlite3_finalize(self.insert_stmt); 84 84 + _ = c.sqlite3_finalize(self.query_cursor_stmt); 85 85 + _ = c.sqlite3_finalize(self.query_subject_stmt); 86 86 + _ = c.sqlite3_finalize(self.latest_seq_stmt); 87 87 + _ = c.sqlite3_close(self.db); 88 88 + } 89 89 + 90 90 + /// insert a signed label, returns the assigned sequence number. 91 91 + pub fn insert(self: *Store, lbl: *const Label, encoded: []const u8) !i64 { 92 92 + const stmt = self.insert_stmt; 93 93 + defer _ = c.sqlite3_reset(stmt); 94 94 + 95 95 + bindText(stmt, 1, lbl.src); 96 96 + bindText(stmt, 2, lbl.uri); 97 97 + if (lbl.cid) |cid| bindText(stmt, 3, cid) else _ = c.sqlite3_bind_null(stmt, 3); 98 98 + bindText(stmt, 4, lbl.val); 99 99 + _ = c.sqlite3_bind_int(stmt, 5, @intFromBool(lbl.neg)); 100 100 + bindText(stmt, 6, lbl.cts); 101 101 + if (lbl.exp) |exp| bindText(stmt, 7, exp) else _ = c.sqlite3_bind_null(stmt, 7); 102 102 + if (lbl.sig) |sig| { 103 103 + _ = c.sqlite3_bind_blob(stmt, 8, sig.ptr, @intCast(sig.len), c.SQLITE_STATIC); 104 104 + } else { 105 105 + return error.UnsignedLabel; 106 106 + } 107 107 + _ = c.sqlite3_bind_blob(stmt, 9, encoded.ptr, @intCast(encoded.len), c.SQLITE_STATIC); 108 108 + 109 109 + if (c.sqlite3_step(stmt) != c.SQLITE_DONE) { 110 110 + log.err("sqlite insert: {s}", .{c.sqlite3_errmsg(self.db)}); 111 111 + return error.SqliteInsert; 112 112 + } 113 113 + 114 114 + return c.sqlite3_last_insert_rowid(self.db); 115 115 + } 116 116 + 117 117 + /// get labels after a cursor (sequence number), up to limit. 118 118 + pub fn queryByCursor(self: *Store, allocator: Allocator, cursor: i64, limit: i64) ![]StoredLabel { 119 119 + const stmt = self.query_cursor_stmt; 120 120 + defer _ = c.sqlite3_reset(stmt); 121 121 + 122 122 + _ = c.sqlite3_bind_int64(stmt, 1, cursor); 123 123 + _ = c.sqlite3_bind_int64(stmt, 2, limit); 124 124 + 125 125 + return self.collectRows(allocator, stmt); 126 126 + } 127 127 + 128 128 + /// get labels for a specific subject URI. 129 129 + pub fn queryBySubject(self: *Store, allocator: Allocator, uri: []const u8) ![]StoredLabel { 130 130 + const stmt = self.query_subject_stmt; 131 131 + defer _ = c.sqlite3_reset(stmt); 132 132 + 133 133 + bindText(stmt, 1, uri); 134 134 + 135 135 + return self.collectRows(allocator, stmt); 136 136 + } 137 137 + 138 138 + /// get the latest sequence number (0 if empty). 139 139 + pub fn latestSeq(self: *Store) i64 { 140 140 + defer _ = c.sqlite3_reset(self.latest_seq_stmt); 141 141 + if (c.sqlite3_step(self.latest_seq_stmt) == c.SQLITE_ROW) { 142 142 + return c.sqlite3_column_int64(self.latest_seq_stmt, 0); 143 143 + } 144 144 + return 0; 145 145 + } 146 146 + 147 147 + fn collectRows(self: *Store, allocator: Allocator, stmt: *c.sqlite3_stmt) ![]StoredLabel { 148 148 + _ = self; 149 149 + var results: std.ArrayList(StoredLabel) = .{}; 150 150 + errdefer { 151 151 + for (results.items) |item| { 152 152 + allocator.free(item.encoded); 153 153 + } 154 154 + results.deinit(allocator); 155 155 + } 156 156 + 157 157 + while (c.sqlite3_step(stmt) == c.SQLITE_ROW) { 158 158 + const encoded_ptr = c.sqlite3_column_blob(stmt, 9); 159 159 + const encoded_len: usize = @intCast(c.sqlite3_column_bytes(stmt, 9)); 160 160 + 161 161 + const encoded = try allocator.alloc(u8, encoded_len); 162 162 + if (encoded_ptr) |ptr| { 163 163 + @memcpy(encoded, @as([*]const u8, @ptrCast(ptr))[0..encoded_len]); 164 164 + } 165 165 + 166 166 + const sig_ptr = c.sqlite3_column_blob(stmt, 8); 167 167 + const sig_len: usize = @intCast(c.sqlite3_column_bytes(stmt, 8)); 168 168 + var sig_slice: ?[]const u8 = null; 169 169 + if (sig_ptr != null and sig_len > 0) { 170 170 + const sig_copy = try allocator.alloc(u8, sig_len); 171 171 + @memcpy(sig_copy, @as([*]const u8, @ptrCast(sig_ptr.?))[0..sig_len]); 172 172 + sig_slice = sig_copy; 173 173 + } 174 174 + 175 175 + try results.append(allocator, .{ 176 176 + .seq = c.sqlite3_column_int64(stmt, 0), 177 177 + .label = .{ 178 178 + .src = try dupeColumnText(allocator, stmt, 1), 179 179 + .uri = try dupeColumnText(allocator, stmt, 2), 180 180 + .cid = try dupeColumnTextOpt(allocator, stmt, 3), 181 181 + .val = try dupeColumnText(allocator, stmt, 4), 182 182 + .neg = c.sqlite3_column_int(stmt, 5) != 0, 183 183 + .cts = try dupeColumnText(allocator, stmt, 6), 184 184 + .exp = try dupeColumnTextOpt(allocator, stmt, 7), 185 185 + .sig = sig_slice, 186 186 + }, 187 187 + .encoded = encoded, 188 188 + }); 189 189 + } 190 190 + 191 191 + return try results.toOwnedSlice(allocator); 192 192 + } 193 193 + }; 194 194 + 195 195 + fn execSimple(db: *c.sqlite3, sql: [*:0]const u8) c_int { 196 196 + return c.sqlite3_exec(db, sql, null, null, null); 197 197 + } 198 198 + 199 199 + fn prepare(db: *c.sqlite3, sql: [*:0]const u8) !*c.sqlite3_stmt { 200 200 + var stmt: ?*c.sqlite3_stmt = null; 201 201 + if (c.sqlite3_prepare_v2(db, sql, -1, &stmt, null) != c.SQLITE_OK) { 202 202 + log.err("sqlite prepare: {s}", .{c.sqlite3_errmsg(db)}); 203 203 + return error.SqlitePrepare; 204 204 + } 205 205 + return stmt.?; 206 206 + } 207 207 + 208 208 + fn bindText(stmt: *c.sqlite3_stmt, col: c_int, text: []const u8) void { 209 209 + _ = c.sqlite3_bind_text(stmt, col, text.ptr, @intCast(text.len), c.SQLITE_STATIC); 210 210 + } 211 211 + 212 212 + fn dupeColumnText(allocator: Allocator, stmt: *c.sqlite3_stmt, col: c_int) ![]const u8 { 213 213 + const ptr = c.sqlite3_column_text(stmt, col); 214 214 + const len: usize = @intCast(c.sqlite3_column_bytes(stmt, col)); 215 215 + if (ptr == null or len == 0) return try allocator.dupe(u8, ""); 216 216 + const slice = @as([*]const u8, @ptrCast(ptr.?))[0..len]; 217 217 + return try allocator.dupe(u8, slice); 218 218 + } 219 219 + 220 220 + fn dupeColumnTextOpt(allocator: Allocator, stmt: *c.sqlite3_stmt, col: c_int) !?[]const u8 { 221 221 + if (c.sqlite3_column_type(stmt, col) == c.SQLITE_NULL) return null; 222 222 + return try dupeColumnText(allocator, stmt, col); 223 223 + } 224 224 + 225 225 + // === tests === 226 226 + 227 227 + test "store insert and query by cursor" { 228 228 + var store = try Store.init(":memory:"); 229 229 + defer store.deinit(); 230 230 + 231 231 + const allocator = std.testing.allocator; 232 232 + 233 233 + var label1 = Label{ 234 234 + .src = "did:plc:labeler", 235 235 + .uri = "at://did:plc:user1/app.bsky.feed.post/aaa", 236 236 + .val = "spam", 237 237 + .cts = "2024-01-01T00:00:00.000Z", 238 238 + .sig = &(.{0xaa} ** 64), 239 239 + }; 240 240 + const seq1 = try store.insert(&label1, "encoded1"); 241 241 + 242 242 + var label2 = Label{ 243 243 + .src = "did:plc:labeler", 244 244 + .uri = "at://did:plc:user2/app.bsky.feed.post/bbb", 245 245 + .val = "impersonation", 246 246 + .cts = "2024-01-01T00:01:00.000Z", 247 247 + .sig = &(.{0xbb} ** 64), 248 248 + }; 249 249 + const seq2 = try store.insert(&label2, "encoded2"); 250 250 + 251 251 + try std.testing.expect(seq2 > seq1); 252 252 + try std.testing.expectEqual(seq2, store.latestSeq()); 253 253 + 254 254 + // query from cursor=0 should return both 255 255 + const all = try store.queryByCursor(allocator, 0, 100); 256 256 + defer { 257 257 + for (all) |item| { 258 258 + allocator.free(item.label.src); 259 259 + allocator.free(item.label.uri); 260 260 + allocator.free(item.label.val); 261 261 + allocator.free(item.label.cts); 262 262 + allocator.free(item.encoded); 263 263 + if (item.label.sig) |s| allocator.free(s); 264 264 + } 265 265 + allocator.free(all); 266 266 + } 267 267 + try std.testing.expectEqual(@as(usize, 2), all.len); 268 268 + 269 269 + // query from cursor=seq1 should return only the second 270 270 + const after = try store.queryByCursor(allocator, seq1, 100); 271 271 + defer { 272 272 + for (after) |item| { 273 273 + allocator.free(item.label.src); 274 274 + allocator.free(item.label.uri); 275 275 + allocator.free(item.label.val); 276 276 + allocator.free(item.label.cts); 277 277 + allocator.free(item.encoded); 278 278 + if (item.label.sig) |s| allocator.free(s); 279 279 + } 280 280 + allocator.free(after); 281 281 + } 282 282 + try std.testing.expectEqual(@as(usize, 1), after.len); 283 283 + try std.testing.expectEqualStrings("impersonation", after[0].label.val); 284 284 + } 285 285 + 286 286 + test "store query by subject" { 287 287 + var store = try Store.init(":memory:"); 288 288 + defer store.deinit(); 289 289 + 290 290 + const allocator = std.testing.allocator; 291 291 + 292 292 + const target_uri = "at://did:plc:user1/app.bsky.feed.post/aaa"; 293 293 + var label1 = Label{ 294 294 + .src = "did:plc:labeler", 295 295 + .uri = target_uri, 296 296 + .val = "spam", 297 297 + .cts = "2024-01-01T00:00:00.000Z", 298 298 + .sig = &(.{0xaa} ** 64), 299 299 + }; 300 300 + _ = try store.insert(&label1, "e1"); 301 301 + 302 302 + var label2 = Label{ 303 303 + .src = "did:plc:labeler", 304 304 + .uri = "at://did:plc:other/app.bsky.feed.post/bbb", 305 305 + .val = "nsfw", 306 306 + .cts = "2024-01-01T00:00:01.000Z", 307 307 + .sig = &(.{0xbb} ** 64), 308 308 + }; 309 309 + _ = try store.insert(&label2, "e2"); 310 310 + 311 311 + const results = try store.queryBySubject(allocator, target_uri); 312 312 + defer { 313 313 + for (results) |item| { 314 314 + allocator.free(item.label.src); 315 315 + allocator.free(item.label.uri); 316 316 + allocator.free(item.label.val); 317 317 + allocator.free(item.label.cts); 318 318 + allocator.free(item.encoded); 319 319 + if (item.label.sig) |s| allocator.free(s); 320 320 + } 321 321 + allocator.free(results); 322 322 + } 323 323 + 324 324 + try std.testing.expectEqual(@as(usize, 1), results.len); 325 325 + try std.testing.expectEqualStrings("spam", results[0].label.val); 326 326 + } 327 327 + 328 328 + test "store empty returns zero seq" { 329 329 + var store = try Store.init(":memory:"); 330 330 + defer store.deinit(); 331 331 + 332 332 + try std.testing.expectEqual(@as(i64, 0), store.latestSeq()); 333 333 + }