back round 0 view raw

Maintain PLC DidDocument completeness & integrity during PDS migrations #3

open
opened by casey.nstar.social targeting main from casey.nstar.social/pds-moover: bugfix/plc-migration

The com.atproto.identity.getRecommendedDidCredentials lexicon does not return a comprehensive DidDocument, only changes that need to be made for a migration. Its returned parameters need to be merged with unchanged services, verification methods, and aliases in the user's existing DidDocument: "If using a PDS-managed did:plc, you can edit the parameters to match any additional services or recovery keys".

This change retrieves the user's existing PLC DidDocument and replaces the required services, verification methods, and aliases needed for PDS migration only (via the above lexicon). It doesn't change the user migration experience, aside from assuring no silent (potentially unrecoverable) breakage of non-atproto PDS services or verification methods

options
unified split
Changed files
+37 -6
src
pdsmoover.js
+37 -6
src/pdsmoover.js 
···

       
249

       
 

       
  async signPlcOperation(token) {


     

       
250

       
 

       
    const getDidCredentials =


     

       
251

       
 

       
            await this.newAgent.com.atproto.identity.getRecommendedDidCredentials();


     

       
252

       
-

       
    const rotationKeys = getDidCredentials.data.rotationKeys ?? [];


     

       
253

       
 

       
    if (!rotationKeys) {


     

       
254

       
 

       
      throw new Error('No rotation key provided from the new PDS');


     

       
255

       
 

       
    }


     

       
256

       
-

       
    const credentials = {


     

       
257

       
-

       
      ...getDidCredentials.data,


     

       
258

       
-

       
      rotationKeys: rotationKeys,


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
259

       
 

       
    };


     

       
260

       
 

       



     

       
261

       
-

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
262

       
 

       
    const plcOp = await this.oldAgent.com.atproto.identity.signPlcOperation({


     

       
263

       
 

       
      token: token,


     

       
264

       
-

       
      ...credentials,


     

       

       

       
     

       

       

       
     

       

       

       
     

       
265

       
 

       
    });


     

       
266

       
 

       



     

       
267

       
 

       
    await this.newAgent.com.atproto.identity.submitPlcOperation({


     
···

       
249

       
 

       
  async signPlcOperation(token) {


     

       
250

       
 

       
    const getDidCredentials =


     

       
251

       
 

       
            await this.newAgent.com.atproto.identity.getRecommendedDidCredentials();


     

       
252

       
+

       
    const rotationKeys = getDidCredentials.data.rotationKeys;


     

       
253

       
 

       
    if (!rotationKeys) {


     

       
254

       
 

       
      throw new Error('No rotation key provided from the new PDS');


     

       
255

       
 

       
    }


     

       
256

       
+

       
    const oldDidDoc = await docResolver.resolve(this.oldAgent.did);


     

       
257

       
+

       
    


     

       
258

       
+

       
    // Format the service(s) in the user's DidDocument into the operation syntax


     

       
259

       
+

       
    let oldServices = {};


     

       
260

       
+

       
    for(const service of oldDidDoc.service) {


     

       
261

       
+

       
      const idComponents = service.id.split('#');


     

       
262

       
+

       
      oldServices[idComponents[idComponents.length - 1]] = {


     

       
263

       
+

       
        type: service.type,


     

       
264

       
+

       
        endpoint: service.serviceEndpoint


     

       
265

       
+

       
      };


     

       
266

       
+

       
    };


     

       
267

       
+

       
    // Combine old & new suggested services


     

       
268

       
+

       
    const services = {


     

       
269

       
+

       
      ...oldServices, // Existing services in the user's DidDocument


     

       
270

       
+

       
      ...getDidCredentials.data.services // Service(s) suggested by the new PDS


     

       
271

       
+

       
    };


     

       
272

       
+

       
    


     

       
273

       
+

       
    // Format the verification method(s) in the user's DidDocument into the operation syntax


     

       
274

       
+

       
    let oldVerificationMethods = {};


     

       
275

       
+

       
    for(const verificationMethod of oldDidDoc.verificationMethod) {


     

       
276

       
+

       
      const idComponents = verificationMethod.id.split('#');


     

       
277

       
+

       
      oldVerificationMethods[idComponents[idComponents.length - 1]] = `did:key:${verificationMethod.publicKeyMultibase}` // PLC Operation verification methods are did:keys


     

       
278

       
+

       
    };


     

       
279

       
+

       
    // Combine old & new suggested verification methods


     

       
280

       
+

       
    const verificationMethods = {


     

       
281

       
+

       
      ...oldVerificationMethods,  // Existing verification methods in the user's DidDocument


     

       
282

       
+

       
      ...getDidCredentials.data.verificationMethods // Verification method(s) suggested by the new PDS


     

       
283

       
 

       
    };


     

       
284

       
 

       



     

       
285

       
+

       
    const alsoKnownAs = [


     

       
286

       
+

       
      ...getDidCredentials.data.alsoKnownAs, // Suggested alsoKnownAs goes first (the first entry is the user's primary handle)


     

       
287

       
+

       
      ...oldDidDoc.alsoKnownAs.slice(1) // Pre-existing alsoKnownAs, minus the old primary handle


     

       
288

       
+

       
    ];


     

       
289

       
+

       
    


     

       
290

       
 

       
    const plcOp = await this.oldAgent.com.atproto.identity.signPlcOperation({


     

       
291

       
 

       
      token: token,


     

       
292

       
+

       
      rotationKeys: rotationKeys, // Replace rotation keys


     

       
293

       
+

       
      alsoKnownAs: alsoKnownAs, // Merged alsoKnownAs


     

       
294

       
+

       
      services: services, // Merged services


     

       
295

       
+

       
      verificationMethods: verificationMethods, // Merged verification methods


     

       
296

       
 

       
    });


     

       
297

       
 

       



     

       
298

       
 

       
    await this.newAgent.com.atproto.identity.submitPlcOperation({