bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom

refactor(atproto): remove DID generator (V2.0 uses PDS-managed DIDs)

Remove Coves-side DID generator in favor of PDS-managed DID generation.

Removed Files:
- internal/atproto/did/generator.go
- internal/atproto/did/generator_test.go

Rationale:
V2.0 architecture delegates all DID and key management to the PDS for:
- Bluesky PDS cannot handle record imports created outside the PDS.
- No complex cryptography
- Standard atProto compliance (PDS owns community identity)

The PDS now handles:
- DID generation (did:plc format)
- Signing key generation and storage
- Rotation key generation and storage
- PLC directory registration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

bretton.dev c0707340 eed3b706

options
unified split
Changed files
-207
internal
atproto
did
generator.go
generator_test.go
-80
internal/atproto/did/generator.go 
···

       
1

       

       
-

       
package did


     

       
2

       

       
-

       



     

       
3

       

       
-

       
import (


     

       
4

       

       
-

       
	"crypto/rand"


     

       
5

       

       
-

       
	"encoding/base32"


     

       
6

       

       
-

       
	"fmt"


     

       
7

       

       
-

       
	"strings"


     

       
8

       

       
-

       
)


     

       
9

       

       
-

       



     

       
10

       

       
-

       
// Generator creates DIDs for Coves entities


     

       
11

       

       
-

       
type Generator struct {


     

       
12

       

       
-

       
	plcDirectoryURL string


     

       
13

       

       
-

       
	isDevEnv        bool


     

       
14

       

       
-

       
}


     

       
15

       

       
-

       



     

       
16

       

       
-

       
// NewGenerator creates a new DID generator


     

       
17

       

       
-

       
// isDevEnv: true for local development (no PLC registration), false for production (register with PLC)


     

       
18

       

       
-

       
// plcDirectoryURL: URL for PLC directory (e.g., "https://plc.directory")


     

       
19

       

       
-

       
func NewGenerator(isDevEnv bool, plcDirectoryURL string) *Generator {


     

       
20

       

       
-

       
	return &Generator{


     

       
21

       

       
-

       
		isDevEnv:        isDevEnv,


     

       
22

       

       
-

       
		plcDirectoryURL: plcDirectoryURL,


     

       
23

       

       
-

       
	}


     

       
24

       

       
-

       
}


     

       
25

       

       
-

       



     

       
26

       

       
-

       
// GenerateCommunityDID creates a new random DID for a community


     

       
27

       

       
-

       
// Format: did:plc:{base32-random}


     

       
28

       

       
-

       
//


     

       
29

       

       
-

       
// Dev mode (isDevEnv=true):  Generates did:plc:xxx without registering to PLC


     

       
30

       

       
-

       
// Prod mode (isDevEnv=false): Generates did:plc:xxx AND registers with PLC directory


     

       
31

       

       
-

       
//


     

       
32

       

       
-

       
// See: https://github.com/bluesky-social/did-method-plc


     

       
33

       

       
-

       
func (g *Generator) GenerateCommunityDID() (string, error) {


     

       
34

       

       
-

       
	// Generate 16 random bytes for the DID identifier


     

       
35

       

       
-

       
	randomBytes := make([]byte, 16)


     

       
36

       

       
-

       
	if _, err := rand.Read(randomBytes); err != nil {


     

       
37

       

       
-

       
		return "", fmt.Errorf("failed to generate random DID: %w", err)


     

       
38

       

       
-

       
	}


     

       
39

       

       
-

       



     

       
40

       

       
-

       
	// Encode as base32 (lowercase, no padding) - matches PLC format


     

       
41

       

       
-

       
	encoded := base32.StdEncoding.EncodeToString(randomBytes)


     

       
42

       

       
-

       
	encoded = strings.ToLower(strings.TrimRight(encoded, "="))


     

       
43

       

       
-

       



     

       
44

       

       
-

       
	did := fmt.Sprintf("did:plc:%s", encoded)


     

       
45

       

       
-

       



     

       
46

       

       
-

       
	// TODO: In production (isDevEnv=false), register this DID with PLC directory


     

       
47

       

       
-

       
	// This would involve:


     

       
48

       

       
-

       
	// 1. Generate signing keypair for the DID


     

       
49

       

       
-

       
	// 2. Create DID document with service endpoints


     

       
50

       

       
-

       
	// 3. POST to plcDirectoryURL to register


     

       
51

       

       
-

       
	// 4. Store keypair securely for future DID updates


     

       
52

       

       
-

       
	//


     

       
53

       

       
-

       
	// For now, we just generate the identifier (works fine for local dev)


     

       
54

       

       
-

       
	// Production PLC registration is not yet implemented - DIDs are generated


     

       
55

       

       
-

       
	// locally but not registered with the PLC directory. This is acceptable


     

       
56

       

       
-

       
	// for development and private instances, but production deployments should


     

       
57

       

       
-

       
	// implement full PLC registration to ensure DIDs are globally resolvable.


     

       
58

       

       
-

       
	_ = g.isDevEnv // Acknowledge that isDevEnv will be used when PLC registration is implemented


     

       
59

       

       
-

       



     

       
60

       

       
-

       
	return did, nil


     

       
61

       

       
-

       
}


     

       
62

       

       
-

       



     

       
63

       

       
-

       
// ValidateDID checks if a DID string is properly formatted


     

       
64

       

       
-

       
// Supports did:plc, did:web (for instances)


     

       
65

       

       
-

       
func ValidateDID(did string) bool {


     

       
66

       

       
-

       
	if !strings.HasPrefix(did, "did:") {


     

       
67

       

       
-

       
		return false


     

       
68

       

       
-

       
	}


     

       
69

       

       
-

       



     

       
70

       

       
-

       
	parts := strings.Split(did, ":")


     

       
71

       

       
-

       
	if len(parts) < 3 {


     

       
72

       

       
-

       
		return false


     

       
73

       

       
-

       
	}


     

       
74

       

       
-

       



     

       
75

       

       
-

       
	method := parts[1]


     

       
76

       

       
-

       
	identifier := parts[2]


     

       
77

       

       
-

       



     

       
78

       

       
-

       
	// Basic validation: method and identifier must not be empty


     

       
79

       

       
-

       
	return method != "" && identifier != ""


     

       
80

       

       
-

       
}
-127
internal/atproto/did/generator_test.go 
···

       
1

       

       
-

       
package did


     

       
2

       

       
-

       



     

       
3

       

       
-

       
import (


     

       
4

       

       
-

       
	"strings"


     

       
5

       

       
-

       
	"testing"


     

       
6

       

       
-

       
)


     

       
7

       

       
-

       



     

       
8

       

       
-

       
func TestGenerateCommunityDID(t *testing.T) {


     

       
9

       

       
-

       
	tests := []struct {


     

       
10

       

       
-

       
		name            string


     

       
11

       

       
-

       
		plcDirectoryURL string


     

       
12

       

       
-

       
		want            string


     

       
13

       

       
-

       
		isDevEnv        bool


     

       
14

       

       
-

       
	}{


     

       
15

       

       
-

       
		{


     

       
16

       

       
-

       
			name:            "generates did:plc in dev mode",


     

       
17

       

       
-

       
			isDevEnv:        true,


     

       
18

       

       
-

       
			plcDirectoryURL: "https://plc.directory",


     

       
19

       

       
-

       
			want:            "did:plc:",


     

       
20

       

       
-

       
		},


     

       
21

       

       
-

       
		{


     

       
22

       

       
-

       
			name:            "generates did:plc in prod mode",


     

       
23

       

       
-

       
			isDevEnv:        false,


     

       
24

       

       
-

       
			plcDirectoryURL: "https://plc.directory",


     

       
25

       

       
-

       
			want:            "did:plc:",


     

       
26

       

       
-

       
		},


     

       
27

       

       
-

       
	}


     

       
28

       

       
-

       



     

       
29

       

       
-

       
	for _, tt := range tests {


     

       
30

       

       
-

       
		t.Run(tt.name, func(t *testing.T) {


     

       
31

       

       
-

       
			g := NewGenerator(tt.isDevEnv, tt.plcDirectoryURL)


     

       
32

       

       
-

       
			did, err := g.GenerateCommunityDID()


     

       
33

       

       
-

       
			if err != nil {


     

       
34

       

       
-

       
				t.Fatalf("GenerateCommunityDID() error = %v", err)


     

       
35

       

       
-

       
			}


     

       
36

       

       
-

       



     

       
37

       

       
-

       
			if !strings.HasPrefix(did, tt.want) {


     

       
38

       

       
-

       
				t.Errorf("GenerateCommunityDID() = %v, want prefix %v", did, tt.want)


     

       
39

       

       
-

       
			}


     

       
40

       

       
-

       



     

       
41

       

       
-

       
			// Verify it's a valid DID


     

       
42

       

       
-

       
			if !ValidateDID(did) {


     

       
43

       

       
-

       
				t.Errorf("Generated DID failed validation: %v", did)


     

       
44

       

       
-

       
			}


     

       
45

       

       
-

       
		})


     

       
46

       

       
-

       
	}


     

       
47

       

       
-

       
}


     

       
48

       

       
-

       



     

       
49

       

       
-

       
func TestGenerateCommunityDID_Uniqueness(t *testing.T) {


     

       
50

       

       
-

       
	g := NewGenerator(true, "https://plc.directory")


     

       
51

       

       
-

       



     

       
52

       

       
-

       
	// Generate 100 DIDs and ensure they're all unique


     

       
53

       

       
-

       
	dids := make(map[string]bool)


     

       
54

       

       
-

       
	for i := 0; i < 100; i++ {


     

       
55

       

       
-

       
		did, err := g.GenerateCommunityDID()


     

       
56

       

       
-

       
		if err != nil {


     

       
57

       

       
-

       
			t.Fatalf("GenerateCommunityDID() error = %v", err)


     

       
58

       

       
-

       
		}


     

       
59

       

       
-

       



     

       
60

       

       
-

       
		if dids[did] {


     

       
61

       

       
-

       
			t.Errorf("Duplicate DID generated: %v", did)


     

       
62

       

       
-

       
		}


     

       
63

       

       
-

       
		dids[did] = true


     

       
64

       

       
-

       
	}


     

       
65

       

       
-

       
}


     

       
66

       

       
-

       



     

       
67

       

       
-

       
func TestValidateDID(t *testing.T) {


     

       
68

       

       
-

       
	tests := []struct {


     

       
69

       

       
-

       
		name string


     

       
70

       

       
-

       
		did  string


     

       
71

       

       
-

       
		want bool


     

       
72

       

       
-

       
	}{


     

       
73

       

       
-

       
		{


     

       
74

       

       
-

       
			name: "valid did:plc",


     

       
75

       

       
-

       
			did:  "did:plc:z72i7hdynmk6r22z27h6tvur",


     

       
76

       

       
-

       
			want: true,


     

       
77

       

       
-

       
		},


     

       
78

       

       
-

       
		{


     

       
79

       

       
-

       
			name: "valid did:plc with base32",


     

       
80

       

       
-

       
			did:  "did:plc:abc123xyz",


     

       
81

       

       
-

       
			want: true,


     

       
82

       

       
-

       
		},


     

       
83

       

       
-

       
		{


     

       
84

       

       
-

       
			name: "valid did:web",


     

       
85

       

       
-

       
			did:  "did:web:coves.social",


     

       
86

       

       
-

       
			want: true,


     

       
87

       

       
-

       
		},


     

       
88

       

       
-

       
		{


     

       
89

       

       
-

       
			name: "valid did:web with path",


     

       
90

       

       
-

       
			did:  "did:web:coves.social:community:gaming",


     

       
91

       

       
-

       
			want: true,


     

       
92

       

       
-

       
		},


     

       
93

       

       
-

       
		{


     

       
94

       

       
-

       
			name: "invalid: missing prefix",


     

       
95

       

       
-

       
			did:  "plc:abc123",


     

       
96

       

       
-

       
			want: false,


     

       
97

       

       
-

       
		},


     

       
98

       

       
-

       
		{


     

       
99

       

       
-

       
			name: "invalid: missing method",


     

       
100

       

       
-

       
			did:  "did::abc123",


     

       
101

       

       
-

       
			want: false,


     

       
102

       

       
-

       
		},


     

       
103

       

       
-

       
		{


     

       
104

       

       
-

       
			name: "invalid: missing identifier",


     

       
105

       

       
-

       
			did:  "did:plc:",


     

       
106

       

       
-

       
			want: false,


     

       
107

       

       
-

       
		},


     

       
108

       

       
-

       
		{


     

       
109

       

       
-

       
			name: "invalid: only did",


     

       
110

       

       
-

       
			did:  "did:",


     

       
111

       

       
-

       
			want: false,


     

       
112

       

       
-

       
		},


     

       
113

       

       
-

       
		{


     

       
114

       

       
-

       
			name: "invalid: empty string",


     

       
115

       

       
-

       
			did:  "",


     

       
116

       

       
-

       
			want: false,


     

       
117

       

       
-

       
		},


     

       
118

       

       
-

       
	}


     

       
119

       

       
-

       



     

       
120

       

       
-

       
	for _, tt := range tests {


     

       
121

       

       
-

       
		t.Run(tt.name, func(t *testing.T) {


     

       
122

       

       
-

       
			if got := ValidateDID(tt.did); got != tt.want {


     

       
123

       

       
-

       
				t.Errorf("ValidateDID(%v) = %v, want %v", tt.did, got, tt.want)


     

       
124

       

       
-

       
			}


     

       
125

       

       
-

       
		})


     

       
126

       

       
-

       
	}


     

       
127

       

       
-

       
}