bretton.dev
code
Clone this repository
https://tangled.org/bretton.dev/coves
git@knot.bretton.dev:bretton.dev/coves
For self-hosted knots, clone URLs may differ based on your setup.
Product requirements document covering:
- Feature overview and goals
- Architecture decisions (V1: instance-scoped)
- atProto federation design
- Data model and relationships
- API specifications
- Future roadmap (V2: community-owned, V3: full federation)
Test coverage:
- Repository layer: CRUD, subscriptions, search, pagination
- Consumer layer: Event handling, idempotency, filtering
- E2E: Write-forward → PDS → Firehose → Consumer → AppView → XRPC
E2E test validates:
- Full atProto write-forward architecture
- Real PDS integration (not mocked)
- Jetstream consumer indexing
- All XRPC HTTP endpoints
- Data consistency across layers
Test cleanup:
- Removed duplicate writeforward_test.go
- Removed incomplete xrpc_e2e_test.go
- Removed manual real_pds_test.go
- Kept only essential, non-overlapping tests
All tests passing ✅
- Initialize DID generator with PLC directory config
- Create Communities service with PDS connection
- Authenticate instance DID with PDS for write-forward
- Register XRPC HTTP routes
- Add graceful handling for PDS auth failures
Environment variables:
- IS_DEV_ENV: Enable dev mode (mock DID generation)
- PLC_DIRECTORY_URL: PLC directory endpoint
- PDS_URL: Personal Data Server URL
- PDS_INSTANCE_HANDLE: Instance handle for auth
- PDS_INSTANCE_PASSWORD: Instance password for auth
Endpoints implemented:
- GET /xrpc/social.coves.community.get - Retrieve by DID or handle
- GET /xrpc/social.coves.community.list - List with filters
- GET /xrpc/social.coves.community.search - Full-text search
- POST /xrpc/social.coves.community.create - Create community
- POST /xrpc/social.coves.community.subscribe - Subscribe to feed
- POST /xrpc/social.coves.community.unsubscribe - Unsubscribe
Security notes:
- TODO(Communities-OAuth): Authentication currently client-controlled
- MUST integrate OAuth middleware before production
- Authorization enforced at service layer
- Proper error mapping to HTTP status codes
Handles community events from firehose:
- Create/Update/Delete community profiles
- Subscribe/Unsubscribe events
- Uses atomic transaction methods for consistency
Key features:
- Idempotent event handling for replay safety
- Extracts community DID from record (not repo owner)
- Uses SubscribeWithCount for atomic count updates
- Proper error handling with graceful degradation
- Logs all indexed events for observability
Database schema:
- communities table with pg_trgm indexes for fuzzy search
- community_subscriptions with composite index for lookups
- community_memberships with reputation tracking
- community_moderation (V2 prepared)
Repository features:
- Atomic SubscribeWithCount/UnsubscribeWithCount transactions
- Idempotent operations for Jetstream replay safety
- Full-text search with relevance filtering (>0.2 threshold)
- Pagination and filtering support
- Proper error handling with domain error mapping
Performance optimizations:
- Composite index on (user_did, community_did) for subscription lookups
- GIN indexes for trigram similarity search
- GREATEST(0, count - 1) prevents negative counts