cerulea/relay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

validate that referenced records exist in commit blocks

Browse source
This commit is contained in:
Charlotte Som 2024-12-02 10:46:03 +00:00
parent 83493bd372
commit a9c51e5447
2 changed files with 29 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -3,11 +3,13 @@
Realtime non-archival relay for third-party AT Proto PDSes.
In the interest of cost control, we are scaling down the network:
- Only PDSes with fewer than 1000 repos are crawled
- We do no backfilling, only current events are relayed to consumers
- Stale data (≈ 24hrs?) is purged from the database [not doing this yet]
The idea is that we can have apps with much larger limits if we scale down the volume of the network.
- Large block sizes
- Large record size limit
- therefore: Large text field in post records, large uploads
@ -20,3 +22,5 @@ The idea is that we can have apps with much larger limits if we scale down the v
- store indexedAt values
- purge based on ttl
- takedowns
- more comprehensive commit validation
- how good can we make this without having the actual repos?

26
src/repo/mod.rs
View file

@ -111,8 +111,32 @@ pub async fn validate_commit(user: &User, commit: &CommitData) -> Result<()> {
&signing_key[..2]
)),
}?;
}
// TODO: dfs for cid from commit.node.data, error if cid is not in any signed root
// verify that referenced records are in commit blocks
if !commit.too_big {
for op in commit.ops.iter() {
match op.action.as_str() {
"create" => {
let Some(cid) = op.cid.as_ref() else {
bail!("create op cid was not set")
};
if !blocks.contains_key(&cid.0) {
bail!("referenced record for create op was not in event blocks");
}
}
"update" => {
let Some(cid) = op.cid.as_ref() else {
bail!("update op cid was not set")
};
if !blocks.contains_key(&cid.0) {
bail!("referenced record for update op was not in event blocks");
}
}
"delete" => {}
_ => bail!("unknown op type"),
}
}
}
Ok(())