Tightening Datetime, Record Key, and TID validation #1910
bnewbold
announced in
Dev Announcements
Replies: 2 comments 6 replies
-
I have one question: but why? Aside from |
Beta Was this translation helpful? Give feedback.
6 replies
-
Additionally I believe timestamps should be verifiable to prevent malicious actors and malicious changes. I wrote about this in this discussion. #2166 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The atproto specifications define the syntax of datetimes, record keys, and TIDs in Lexicon schemas (both records and HTTP API endpoints).
However, until now the reference implementation has been somewhat lenient about these fields, which has allowed some non-compliant records and client implementations in to the ecosystem.
We will soon start enforcing the syntax more strictly on Bluesky services, at least for API parameters and new records. Our intention is to not immediately break existing records (and URIs, etc), but to stop the creation of such invalid records rapidly.
Our expectation is that some bots and client may start getting validation errors when these changes roll out. Some particular known issues to look for:
Z
, as in1985-04-12T23:20:50.123Z
. A UTC timezone specification of-00:00
is specifically not allowed in atproto. You can read more about datetime syntax at: https://atproto.com/specs/lexicon#datetime:
. There are some notable existing feeds using invalid characters and we intend not to break them, but new records (such as feeds) won't be allowed. You can read more about record key syntax at: https://atproto.com/specs/record-key#record-key-syntaxAs a resource for developers, we have a set of test vectors (valid and invalid) as simple text files for all of the atproto identifier type: https://github.com/bluesky-social/atproto/tree/main/interop-test-files/syntax
To deal with the existing invalid records, we may try to pull off a bulk graph update (eg, re-writing records); provide some other migration path; slightly loosen the specification; or just accept some small breakage after a transition period.
Some additional validation tightening which are are not enforcing in this iteration, but intend to eventually:
app.bsky.actor.profile
records have record key typeliteral:self
, meaning that the record key is expected to always beself
. In the future, creating a record in that collection with a record key (rkey
) of any other value will be a validation error, the same as having incorrect field types within the record. It would still be possible to disable validation and write a record with such a key, and the repo would otherwise be functional and valid, but the records would valid validation at read time as well.These are nitty-gritty details, but important to ensure consistent inter-operation between different implementations of the protocol.
Beta Was this translation helpful? Give feedback.
All reactions