DukeInc/Kez
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Kez/rust/crates/kez-channels/src/bluesky.rs
Tudisco d0db6f00f1 Initial implementation of KEZ — protocol, two impls, and storage server 
KEZ is a portable, decentralized identity graph: a person signs claims
linking their many accounts, publishes those claims in places only the
claimed account can publish to, and anyone can verify the connections
without trusting a central server.

Layout
------
- SPEC.md            Language-agnostic protocol spec (v0.2)
- rust/              Rust implementation: kez-core, kez-channels, kez-cli
- nodejs/            TypeScript port at full parity
- rust-sig-server/   Optional axum + SQLite storage server for sigchains
- crosstest.sh       Cross-implementation interop harness

Capabilities (both implementations, byte-compatible)
----------------------------------------------------
- Two primary-key algorithms: nostr/secp256k1 Schnorr (BIP-340) and
  Ed25519 (RFC 8032). Identifiers: nostr:npub1... and ed25519:<hex>.
- JCS (RFC 8785) canonicalization for everything signed.
- Four proof encodings: JSON envelope, compact (kez:z1:<base64url(zstd(json))>),
  Markdown fence, DNS TXT.
- Five channel plugins (no API keys, no auth needed for any of them):
    dns:        system resolver, _kez.<domain> TXT records
    github:     public gist scan + <user>/<user> profile README fallback
    nostr:      kind-30078 events from default relays
    bluesky:    public AppView author feed
    ap:         WebFinger + actor JSON (alias mastodon:)
- Identical CLI surface:
    kez identity new [--key-type nostr|ed25519]
    kez claim create <subject> (--nsec | --ed25519-seed) [--format ...] [--out ...]
    kez claim dns <domain>     (--nsec | --ed25519-seed)
    kez verify file <path>
    kez verify id <identifier>
    kez sigchain add|revoke|show|export|publish
- Sigchains: append-only signed log per primary, hash-chained per spec §6,
  stored locally at ~/.kez/sigchains/, exportable as JSONL or kez:zc1: bundle.
- Sigchain publish destinations: chain server, web (file dump), DNS (zone
  record print), nostr (kind-30078 wrapping event).

kez-sig-server
--------------
Optional storage tier. Axum + SQLite, single binary, no external deps.

- No auth — the cryptography is the access control. The server validates
  every signature, every seq, every prev hash before storing.
- REST API: POST /v1/sigchains/{scheme}/{id}/events (append signed event,
  201 with new head hash or 4xx); GET /{scheme}/{id} (full chain as JSONL);
  GET /head; GET /healthz.
- Designed for one central instance for now; the design doesn't preclude
  running more later (clients gain a configurable list, verifiers
  reconcile per spec §6.2).
- Channel-based publishing remains the always-available fallback if the
  server is unavailable.

Tests
-----
- rust/                 99 tests
- rust-sig-server/      10 integration tests (real HTTP, real SQLite)
- nodejs/               91 tests (vitest)
- crosstest.sh          19 cross-impl scenarios — proves JCS bytes,
                        Schnorr + Ed25519 sigs, all four claim encodings,
                        and the sigchain JSONL bundle are byte-compatible
                        between Rust and Node in both directions.

What's not done yet
-------------------
- verify id consulting the sigchain for revocations (data path exists,
  just not wired into the verifier output).
- rotate and add_device sigchain ops (types reserved).
- expires_at enforcement during claim verification.
- Typed VerificationStatus.status reflecting the five failure modes.
- Auth-required publishers (GitHub gist, Bluesky, ActivityPub).
2026-05-24 14:41:00 -06:00

159 lines
5.0 KiB
Rust
Raw Permalink Blame History

//! Bluesky channel: queries the public AppView (no auth) for the user's
//! recent posts and tries each post's text as a KEZ proof.
//!
//! Endpoint: `GET https://public.api.bsky.app/xrpc/app.bsky.feed.getAuthorFeed?actor=<handle>&limit=100`
//!
//! Each post in the feed has `post.record.text`. We feed that text through
//! the standard proof parser, which handles Markdown-fenced, compact, and
//! JSON forms uniformly.
use async_trait::async_trait;
use kez_core::Identity;
use reqwest::Client;
use serde_json::Value;
use crate::{Channel, ChannelError, ChannelHit, ChannelResult, parse_and_verify_for};
const DEFAULT_APPVIEW: &str = "https://public.api.bsky.app";
const USER_AGENT: &str = "kez-channels/0.1 (+https://example.invalid/kez)";
#[derive(Clone)]
pub struct BlueskyChannel {
client: Client,
appview_base: String,
}
impl BlueskyChannel {
pub fn new() -> anyhow::Result<Self> {
let client = Client::builder().user_agent(USER_AGENT).build()?;
Ok(Self::with_base(client, DEFAULT_APPVIEW.to_owned()))
}
/// For tests / custom AppViews.
pub fn with_base(client: Client, appview_base: String) -> Self {
Self {
client,
appview_base,
}
}
}
#[async_trait]
impl Channel for BlueskyChannel {
fn system(&self) -> &'static str {
"bluesky"
}
async fn fetch_and_verify(&self, identity: &Identity) -> ChannelResult<ChannelHit> {
let actor = identity.value();
if actor.is_empty() {
return Err(ChannelError::Other(anyhow::anyhow!(
"bluesky identity has empty handle"
)));
}
let url = author_feed_url(&self.appview_base, actor);
let resp = self
.client
.get(&url)
.send()
.await
.map_err(|e| ChannelError::Unreachable(format!("GET {url}: {e}")))?
.error_for_status()
.map_err(|e| ChannelError::Unreachable(format!("GET {url}: {e}")))?;
let body: Value = resp
.json()
.await
.map_err(|e| ChannelError::Other(anyhow::anyhow!("parse feed: {e}")))?;
let candidates = extract_post_texts(&body);
let mut last_error: Option<ChannelError> = None;
for text in candidates {
match parse_and_verify_for(&text, identity) {
Ok(hit) => return Ok(hit),
Err(err) => last_error = Some(err),
}
}
Err(last_error.unwrap_or_else(|| ChannelError::NotFound(identity.clone())))
}
}
/// Pure: build the `getAuthorFeed` URL.
pub fn author_feed_url(base: &str, actor: &str) -> String {
// We URL-encode minimally; AppView is forgiving with handles and
// reqwest will re-quote anything truly malformed.
format!("{base}/xrpc/app.bsky.feed.getAuthorFeed?actor={actor}&limit=100")
}
/// Pure: pull every post's text out of a `getAuthorFeed` response body.
/// Skips posts without text (reposts, replies-only structures, etc.).
pub fn extract_post_texts(body: &Value) -> Vec<String> {
let Some(feed) = body.get("feed").and_then(|f| f.as_array()) else {
return Vec::new();
};
let mut out = Vec::new();
for item in feed {
let Some(text) = item
.get("post")
.and_then(|p| p.get("record"))
.and_then(|r| r.get("text"))
.and_then(|t| t.as_str())
else {
continue;
};
if text.trim().is_empty() {
continue;
}
out.push(text.to_owned());
}
out
}
#[cfg(test)]
mod tests {
use super::*;
use serde_json::json;
#[test]
fn author_feed_url_includes_actor_and_limit() {
let url = author_feed_url("https://public.api.bsky.app", "jason.bsky.social");
assert_eq!(
url,
"https://public.api.bsky.app/xrpc/app.bsky.feed.getAuthorFeed?actor=jason.bsky.social&limit=100"
);
}
#[test]
fn extract_post_texts_pulls_from_feed_items() {
let body = json!({
"feed": [
{ "post": { "record": { "text": "hello" } } },
{ "post": { "record": { "text": "kez:z1:abc" } } },
{ "post": { "record": {} } }, // no text
{ "no_post_field": true },
]
});
let texts = extract_post_texts(&body);
assert_eq!(texts, vec!["hello".to_owned(), "kez:z1:abc".to_owned()]);
}
#[test]
fn extract_post_texts_skips_blank_and_whitespace() {
let body = json!({
"feed": [
{ "post": { "record": { "text": " " } } },
{ "post": { "record": { "text": "" } } },
{ "post": { "record": { "text": "real" } } },
]
});
assert_eq!(extract_post_texts(&body), vec!["real".to_owned()]);
}
#[test]
fn extract_post_texts_handles_missing_feed() {
assert!(extract_post_texts(&json!({})).is_empty());
assert!(extract_post_texts(&json!({ "feed": "not an array" })).is_empty());
}
}
Reference in New Issue View Git Blame Copy Permalink