@alteran/astro 0.3.9 → 0.6.1

package/src/pages/xrpc/com.atproto.identity.requestPlcOperationSignature.ts

@@ -1,5 +1,5 @@
 import type { APIContext } from 'astro';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { AuthTokenExpiredError, expiredToken, isAuthorized, unauthorized } from '../../lib/auth';
 
 export const prerender = false;
 
@@ -15,8 +15,15 @@ export const prerender = false;
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
 
-  if (!(await isAuthorized(request, env))) {
-    return unauthorized();
+  try {
+    if (!(await isAuthorized(request, env))) {
+      return unauthorized();
+    }
+  } catch (error) {
+    if (error instanceof AuthTokenExpiredError) {
+      return expiredToken();
+    }
+    throw error;
   }
 
   return new Response(null, { status: 200 });

package/src/pages/xrpc/com.atproto.identity.resolveHandle.ts

@@ -1,4 +1,5 @@
 import type { APIContext } from 'astro';
+import { getAppViewConfig } from '../../lib/appview';
 
 export const prerender = false;
 
@@ -10,8 +11,8 @@ export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
   const handle = url.searchParams.get('handle');
-  const configuredHandle = env.PDS_HANDLE || 'user.example.com';
-  const did = env.PDS_DID || 'did:example:single-user';
+  const configuredHandle = String(env.PDS_HANDLE || 'user.example.com');
+  const did = String(env.PDS_DID || 'did:example:single-user');
 
   if (!handle) {
     return new Response(
@@ -20,8 +21,8 @@ export async function GET({ locals, url }: APIContext) {
     );
   }
 
-  // Single-user PDS: only resolve if handle matches configured handle
-  if (handle === configuredHandle) {
+  // Single-user PDS: resolve the local configured handle directly
+  if (handle.toLowerCase() === configuredHandle.toLowerCase()) {
     return new Response(
       JSON.stringify({ did }),
       {
@@ -31,8 +32,38 @@ export async function GET({ locals, url }: APIContext) {
     );
   }
 
-  return new Response(
-    JSON.stringify({ error: 'HandleNotFound' }),
-    { status: 404, headers: { 'Content-Type': 'application/json' } }
-  );
-}
+  // For non-local handles, mirror upstream PDS behavior:
+  // proxy the resolution to the configured AppView (or api.bsky.app by default).
+  try {
+    const app = getAppViewConfig(env);
+    const base = app?.url || 'https://api.bsky.app';
+    const upstream = new URL('/xrpc/com.atproto.identity.resolveHandle', base);
+    upstream.searchParams.set('handle', handle);
+
+    const response = await fetch(upstream.toString(), {
+      headers: { accept: 'application/json' },
+    });
+
+    if (response.ok) {
+      // Pass through upstream JSON (e.g. { did })
+      return new Response(await response.text(), {
+        status: 200,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    }
+
+    // Map upstream failures to the standard InvalidRequest shape used by PDS
+    const text = await response.text().catch(() => '');
+    const body = text ? (() => { try { return JSON.parse(text); } catch { return null; } })() : null;
+    const message = body?.message || 'Unable to resolve handle';
+    return new Response(
+      JSON.stringify({ error: 'InvalidRequest', message }),
+      { status: 400, headers: { 'Content-Type': 'application/json' } }
+    );
+  } catch {
+    return new Response(
+      JSON.stringify({ error: 'InvalidRequest', message: 'Unable to resolve handle' }),
+      { status: 400, headers: { 'Content-Type': 'application/json' } }
+    );
+  }
+}

package/src/pages/xrpc/com.atproto.identity.signPlcOperation.ts

@@ -1,5 +1,5 @@
 import type { APIContext } from 'astro';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { AuthTokenExpiredError, expiredToken, isAuthorized, unauthorized } from '../../lib/auth';
 import { resolveSecret } from '../../lib/secrets';
 
 export const prerender = false;
@@ -15,7 +15,14 @@ export const prerender = false;
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
 
-  if (!(await isAuthorized(request, env))) return unauthorized();
+  try {
+    if (!(await isAuthorized(request, env))) return unauthorized();
+  } catch (error) {
+    if (error instanceof AuthTokenExpiredError) {
+      return expiredToken();
+    }
+    throw error;
+  }
 
   try {
     const body = await request.json() as {
@@ -36,53 +43,58 @@ export async function POST({ locals, request }: APIContext) {
       return jsonErr(400, 'InvalidRequest', 'PDS_DID is not configured');
     }
 
-    // Load PLC rotation key (hex-encoded secp256k1 private key).
-    // MUST be the rotation key currently present in the PLC document.
-    const privHex = ((await resolveSecret(env.PDS_PLC_ROTATION_KEY as any)) || '').trim();
+    const privHex = ((await resolveSecret(env.PDS_PLC_ROTATION_KEY)) || '').trim();
     if (!privHex) {
       return jsonErr(500, 'ServerMisconfigured', 'PDS_PLC_ROTATION_KEY is not configured');
     }
-    // Lazy-load deps compatible with Workers runtime
     const { Secp256k1Keypair } = await import('@atproto/crypto');
-    const dagCbor: any = await import('@ipld/dag-cbor');
+    const dagCbor = await import('@ipld/dag-cbor');
     const { sha256 } = await import('multiformats/hashes/sha2');
     const { CID } = await import('multiformats/cid');
-    const u8a: any = await import('uint8arrays');
+    const u8a = await import('uint8arrays');
 
     const signer = await Secp256k1Keypair.import(privHex);
 
-    // Fetch last op for prev CID
-    const lastRes = await fetch(`https://plc.directory/${encodeURIComponent(did)}/log/last`);
-    if (!lastRes.ok) {
-      const text = await lastRes.text();
-      return jsonErr(lastRes.status, 'PlcFetchFailed', `Failed to fetch last op: ${text}`);
+    const lastResponse = await fetch(`https://plc.directory/${encodeURIComponent(did)}/log/last`);
+    if (!lastResponse.ok) {
+      const text = await lastResponse.text();
+      return jsonErr(lastResponse.status, 'PlcFetchFailed', `Failed to fetch last op: ${text}`);
     }
-    const lastOp = await lastRes.json();
-    if ((lastOp as any)?.type === 'plc_tombstone') {
+    const lastOp = (await lastResponse.json()) as { type?: string };
+    if (lastOp?.type === 'plc_tombstone') {
       return jsonErr(400, 'DidTombstoned', 'DID is tombstoned');
     }
     const lastOpCbor = dagCbor.encode(lastOp);
     const mh = await sha256.digest(lastOpCbor);
     const prevCid = CID.createV1(dagCbor.code, mh);
 
-    // Fetch current document data as defaults and to verify rotation key
-    const dataRes = await fetch(`https://plc.directory/${encodeURIComponent(did)}/data`);
-    if (!dataRes.ok) {
-      const text = await dataRes.text();
-      return jsonErr(dataRes.status, 'PlcFetchFailed', `Failed to fetch document data: ${text}`);
+    const dataResponse = await fetch(`https://plc.directory/${encodeURIComponent(did)}/data`);
+    if (!dataResponse.ok) {
+      const text = await dataResponse.text();
+      return jsonErr(dataResponse.status, 'PlcFetchFailed', `Failed to fetch document data: ${text}`);
     }
-    const doc = (await dataRes.json()) as any;
+    type PlcDoc = {
+      rotationKeys?: string[];
+      alsoKnownAs?: string[];
+      verificationMethods?: Record<string, string>;
+      services?: Record<string, { type?: string; endpoint?: string }>;
+    };
+    const doc = (await dataResponse.json()) as PlcDoc;
 
     const rotationKeys = body.rotationKeys ?? doc.rotationKeys ?? [];
     const alsoKnownAs = body.alsoKnownAs ?? doc.alsoKnownAs ?? [];
     const verificationMethods = body.verificationMethods ?? doc.verificationMethods ?? {};
-    const services = body.services ?? doc.services ?? {};
+    const services = (body.services ?? doc.services ?? {}) as Record<
+      string,
+      { type?: string; endpoint?: string }
+    >;
 
-    if (!services.atproto_pds || typeof services.atproto_pds !== 'object') {
+    const pdsService = services.atproto_pds;
+    if (!pdsService || typeof pdsService !== 'object') {
       return jsonErr(400, 'InvalidRequest', 'Missing atproto_pds service in PLC operation');
     }
-    if (!services.atproto_pds.type) {
-      services.atproto_pds.type = 'AtprotoPersonalDataServer';
+    if (!pdsService.type) {
+      pdsService.type = 'AtprotoPersonalDataServer';
     }
 
     const unsignedOp = {
@@ -96,10 +108,9 @@ export async function POST({ locals, request }: APIContext) {
 
     const bytes = dagCbor.encode(unsignedOp);
     const sig = await signer.sign(bytes);
-    const sigB64 = (u8a.toString as any)(sig, 'base64url');
+    const sigB64 = u8a.toString(sig, 'base64url');
     const operation = { ...unsignedOp, sig: sigB64 };
 
-    // sanity: ensure our configured rotation key is included
     const signerDid = (await (await import('@atproto/crypto')).Secp256k1Keypair.import(privHex)).did();
     if (!rotationKeys.includes(signerDid)) {
       return jsonErr(
@@ -113,9 +124,10 @@ export async function POST({ locals, request }: APIContext) {
       status: 200,
       headers: { 'Content-Type': 'application/json' },
     });
-  } catch (error: any) {
+  } catch (error) {
     console.error('signPlcOperation error:', error);
-    return jsonErr(500, 'InternalServerError', error?.message || 'Failed to sign PLC operation');
+    const message = error instanceof Error ? error.message : 'Failed to sign PLC operation';
+    return jsonErr(500, 'InternalServerError', message);
   }
 }
 

package/src/pages/xrpc/com.atproto.identity.submitPlcOperation.ts

@@ -1,5 +1,6 @@
 import type { APIContext } from 'astro';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { errorMessage } from '../../lib/errors';
+import { AuthTokenExpiredError, expiredToken, isAuthorized, unauthorized } from '../../lib/auth';
 import { resolveSecret } from '../../lib/secrets';
 
 export const prerender = false;
@@ -14,7 +15,14 @@ export const prerender = false;
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
 
-  if (!(await isAuthorized(request, env))) return unauthorized();
+  try {
+    if (!(await isAuthorized(request, env))) return unauthorized();
+  } catch (error) {
+    if (error instanceof AuthTokenExpiredError) {
+      return expiredToken();
+    }
+    throw error;
+  }
 
   try {
     const body = await request.json() as { operation?: any };
@@ -30,7 +38,13 @@ export async function POST({ locals, request }: APIContext) {
       );
     }
 
-    const did = (await resolveSecret(env.PDS_DID)) ?? 'did:example:single-user';
+    const did = await resolveSecret(env.PDS_DID);
+    if (!did) {
+      return new Response(
+        JSON.stringify({ error: 'InvalidRequest', message: 'PDS_DID is not configured' }),
+        { status: 400, headers: { 'Content-Type': 'application/json' } }
+      );
+    }
 
     console.log('Submitting PLC operation:', {
       did,
@@ -78,14 +92,14 @@ export async function POST({ locals, request }: APIContext) {
       JSON.stringify({ success: true }),
       { status: 200, headers: { 'Content-Type': 'application/json' } }
     );
-  } catch (error: any) {
+  } catch (error) {
     console.error('Submit PLC operation error:', error);
     return new Response(
       JSON.stringify({
         error: 'InternalServerError',
-        message: error.message || 'Failed to submit PLC operation'
+        message: errorMessage(error) || 'Failed to submit PLC operation'
       }),
       { status: 500, headers: { 'Content-Type': 'application/json' } }
     );
   }
-}
+}

package/src/pages/xrpc/com.atproto.identity.updateHandle.ts

@@ -11,7 +11,7 @@ export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
 
   try {
-    const body = await readJson(request);
+    const body = (await readJson(request)) as { handle?: string };
     const { handle } = body;
 
     if (!handle) {

package/src/pages/xrpc/com.atproto.repo.applyWrites.ts

@@ -2,9 +2,13 @@ import type { APIContext } from 'astro';
 import { RepoManager } from '../../services/repo-manager';
 import { readJson } from '../../lib/util';
 import { bumpRoot } from '../../db/repo';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { verifyResourceRequestHybrid, dpopResourceUnauthorized, handleResourceAuthError } from '../../lib/oauth/resource';
 import { isAccountActive } from '../../db/dal';
 import { checkRate } from '../../lib/ratelimit';
+import { notifySequencer } from '../../lib/sequencer';
+import { encodeBlocksForCommit } from '../../services/car';
+import { CID } from 'multiformats/cid';
+import { putRecord as dalPutRecord } from '../../db/dal';
 
 export const prerender = false;
 
@@ -14,10 +18,17 @@ export const prerender = false;
  */
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
-  if (!(await isAuthorized(request, env))) return unauthorized();
+  try {
+    const auth = await verifyResourceRequestHybrid(env, request);
+    if (!auth) return dpopResourceUnauthorized(env);
+  } catch (error) {
+    const handled = await handleResourceAuthError(env, error);
+    if (handled) return handled;
+    throw error;
+  }
 
   // Check if account is active
-  const did = env.PDS_DID ?? 'did:example:single-user';
+  const did = env.PDS_DID as string;
   const active = await isAccountActive(env, did);
   if (!active) {
     return new Response(
@@ -33,7 +44,12 @@ export async function POST({ locals, request }: APIContext) {
   if (rateLimitResponse) return rateLimitResponse;
 
   try {
-    const body = await readJson(request);
+    const body = (await readJson(request)) as {
+      repo?: string;
+      writes?: unknown[];
+      validate?: boolean;
+      swapCommit?: string;
+    };
     const { repo, writes, validate = true, swapCommit } = body;
 
     if (!writes || !Array.isArray(writes)) {
@@ -44,34 +60,107 @@ export async function POST({ locals, request }: APIContext) {
     }
 
     const repoManager = new RepoManager(env);
-    const results = [];
+    const pdsDid = typeof env.PDS_DID === 'string' ? env.PDS_DID : '';
+    type WriteResult = { $type: string; uri?: string; cid?: string; validationStatus?: string };
+    const results: WriteResult[] = [];
+    // Accumulate ops and new MST blocks for this batch
+    const opsForCommit: { action: 'create'|'update'|'delete'; path: string; cid: import('multiformats/cid').CID | null }[] = [];
+    const newMstBlocksAll: Array<[import('multiformats/cid').CID, Uint8Array]> = [];
+    let firstPrevMst: import('multiformats/cid').CID | null = null;
+    let lastMst: import('../../lib/mst').MST | null = null;
 
+    type WriteOperation = {
+      $type?: string;
+      collection?: string;
+      rkey?: string;
+      value?: Record<string, unknown>;
+    };
     // Apply all writes atomically
-    for (const write of writes) {
+    for (const rawWrite of writes) {
+      const write = rawWrite as WriteOperation;
       const { $type, collection, rkey, value } = write;
+      if (typeof collection !== 'string' || typeof rkey !== 'string') {
+        return new Response(
+          JSON.stringify({
+            error: 'InvalidRequest',
+            message: 'collection and rkey are required strings on every write',
+          }),
+          { status: 400, headers: { 'Content-Type': 'application/json' } },
+        );
+      }
 
       if ($type === 'com.atproto.repo.applyWrites#create') {
-        const { mst, recordCid } = await repoManager.addRecord(collection, rkey, value);
+        const { mst, recordCid, prevMstRoot, newMstBlocks } = await repoManager.addRecord(collection, rkey, value);
+        if (!firstPrevMst) firstPrevMst = prevMstRoot;
+        lastMst = mst;
+        opsForCommit.push({ action: 'create', path: `${collection}/${rkey}`, cid: recordCid });
+        for (const [cid, bytes] of newMstBlocks) newMstBlocksAll.push([cid, bytes]);
+        // Persist JSON for local reads
+        await dalPutRecord(env, {
+          uri: `at://${pdsDid}/${collection}/${rkey}`,
+          did: pdsDid,
+          cid: recordCid.toString(),
+          json: JSON.stringify(value),
+        });
         results.push({
+          $type: 'com.atproto.repo.applyWrites#createResult',
           uri: `at://${repo}/${collection}/${rkey}`,
           cid: recordCid.toString(),
+          validationStatus: 'valid',
         });
       } else if ($type === 'com.atproto.repo.applyWrites#update') {
-        const { mst, recordCid } = await repoManager.updateRecord(collection, rkey, value);
+        const { mst, recordCid, prevMstRoot, newMstBlocks } = await repoManager.updateRecord(collection, rkey, value);
+        if (!firstPrevMst) firstPrevMst = prevMstRoot;
+        lastMst = mst;
+        opsForCommit.push({ action: 'update', path: `${collection}/${rkey}`, cid: recordCid });
+        for (const [cid, bytes] of newMstBlocks) newMstBlocksAll.push([cid, bytes]);
+        await dalPutRecord(env, {
+          uri: `at://${pdsDid}/${collection}/${rkey}`,
+          did: pdsDid,
+          cid: recordCid.toString(),
+          json: JSON.stringify(value),
+        });
         results.push({
+          $type: 'com.atproto.repo.applyWrites#updateResult',
           uri: `at://${repo}/${collection}/${rkey}`,
           cid: recordCid.toString(),
+          validationStatus: 'valid',
         });
       } else if ($type === 'com.atproto.repo.applyWrites#delete') {
-        await repoManager.deleteRecord(collection, rkey);
+        const { mst, prevMstRoot, newMstBlocks } = await repoManager.deleteRecord(collection, rkey);
+        if (!firstPrevMst) firstPrevMst = prevMstRoot;
+        lastMst = mst;
+        opsForCommit.push({ action: 'delete', path: `${collection}/${rkey}`, cid: null });
+        for (const [cid, bytes] of newMstBlocks) newMstBlocksAll.push([cid, bytes]);
         results.push({
-          uri: `at://${repo}/${collection}/${rkey}`,
+          $type: 'com.atproto.repo.applyWrites#deleteResult',
         });
       }
     }
 
     // Bump repo root to create new commit
-    const { commitCid, rev } = await bumpRoot(env);
+    const currentRoot = lastMst ? await lastMst.getPointer() : undefined;
+    const { commitCid, rev, commitData, sig, blocks } = await bumpRoot(env, firstPrevMst ?? undefined, currentRoot, {
+      ops: opsForCommit,
+      newMstBlocks: newMstBlocksAll,
+    });
+
+    // Notify sequencer about the commit for firehose
+    try {
+      // Prefer commitData/sig/blocks returned by bumpRoot (authoritative)
+      await notifySequencer(env, {
+        did: pdsDid,
+        commitCid,
+        rev,
+        data: commitData,
+        sig,
+        ops: opsForCommit,
+        ...(blocks ? { blocks } : {}),
+      });
+    } catch (error) {
+      console.error('Failed to notify sequencer:', error);
+      // Don't fail the request if sequencer notification fails
+    }
 
     return new Response(
       JSON.stringify({
@@ -85,6 +174,7 @@ export async function POST({ locals, request }: APIContext) {
     );
   } catch (error) {
     console.error('applyWrites error:', error);
+    console.error('Error stack:', error instanceof Error ? error.stack : 'No stack');
     return new Response(
       JSON.stringify({ error: 'InternalServerError', message: String(error) }),
       { status: 500, headers: { 'Content-Type': 'application/json' } }

package/src/pages/xrpc/com.atproto.repo.createRecord.ts

@@ -1,5 +1,6 @@
 import type { APIContext } from 'astro';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { errorCode, errorMessage } from '../../lib/errors';
+import { verifyResourceRequestHybrid, dpopResourceUnauthorized, handleResourceAuthError } from '../../lib/oauth/resource';
 import { checkRate } from '../../lib/ratelimit';
 import { readJsonBounded } from '../../lib/util';
 import { RepoManager } from '../../services/repo-manager';
@@ -9,7 +10,14 @@ export const prerender = false;
 
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
-  if (!(await isAuthorized(request, env))) return unauthorized();
+  try {
+    const auth = await verifyResourceRequestHybrid(env, request);
+    if (!auth) return dpopResourceUnauthorized(env);
+  } catch (error) {
+    const handled = await handleResourceAuthError(env, error);
+    if (handled) return handled;
+    throw error;
+  }
 
   const rateLimitResponse = await checkRate(env, request, 'writes');
   if (rateLimitResponse) return rateLimitResponse;
@@ -17,28 +25,50 @@ export async function POST({ locals, request }: APIContext) {
   let body: any;
   try {
     body = await readJsonBounded(env, request);
-  } catch (e: any) {
-    if (e?.code === 'PayloadTooLarge') {
+  } catch (e) {
+    if (errorCode(e) === 'PayloadTooLarge') {
       return new Response(JSON.stringify({ error: 'PayloadTooLarge' }), { status: 413 });
     }
     return new Response(JSON.stringify({ error: 'BadRequest' }), { status: 400 });
   }
-  const { collection, rkey, record } = body ?? {};
+  const { collection, rkey } = body ?? {};
+  let { record } = body ?? {};
   if (!collection || !record) return new Response(JSON.stringify({ error: 'BadRequest' }), { status: 400 });
 
+  // Minimal schema alignment for app.bsky.feed.post: ensure required fields
+  if (collection === 'app.bsky.feed.post' && record && typeof record === 'object') {
+    if (typeof record.text !== 'string') {
+      record.text = '';
+    }
+    if (typeof record.createdAt !== 'string') {
+      record.createdAt = new Date().toISOString();
+    }
+  }
+
   const repo = new RepoManager(env);
-  const commit = await repo.createRecord(collection, record, rkey);
+  const result = await repo.createRecord(collection, record, rkey);
   await notifySequencer(env, {
-    did: env.PDS_DID ?? 'did:example:single-user',
-    commitCid: commit.commitCid,
-    rev: commit.rev,
-    data: commit.commitData,
-    sig: commit.sig,
-    ops: commit.ops,
-    blocks: commit.blocks
+    did: env.PDS_DID as string,
+    commitCid: result.commitCid,
+    rev: result.rev,
+    data: result.commitData,
+    sig: result.sig,
+    ops: result.ops,
+    blocks: result.blocks
   });
 
-  return new Response(JSON.stringify(commit), {
+  // Conform to official PDS response schema
+  const out = {
+    uri: result.uri,
+    cid: result.cid,
+    commit: {
+      cid: result.commitCid,
+      rev: result.rev,
+    },
+    validationStatus: 'unknown' as const,
+  };
+
+  return new Response(JSON.stringify(out), {
     headers: { 'Content-Type': 'application/json' },
   });
 }

package/src/pages/xrpc/com.atproto.repo.deleteRecord.ts

@@ -1,15 +1,24 @@
 import type { APIContext } from 'astro';
-import { isAuthorized, unauthorized } from '../../lib/auth';
+import { errorCode, errorMessage } from '../../lib/errors';
+import { verifyResourceRequestHybrid, dpopResourceUnauthorized, handleResourceAuthError } from '../../lib/oauth/resource';
 import { checkRate } from '../../lib/ratelimit';
 import { readJsonBounded } from '../../lib/util';
 import { RepoManager } from '../../services/repo-manager';
+import { bumpRoot } from '../../db/repo';
 import { notifySequencer } from '../../lib/sequencer';
 
 export const prerender = false;
 
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
-  if (!(await isAuthorized(request, env))) return unauthorized();
+  try {
+    const auth = await verifyResourceRequestHybrid(env, request);
+    if (!auth) return dpopResourceUnauthorized(env);
+  } catch (error) {
+    const handled = await handleResourceAuthError(env, error);
+    if (handled) return handled;
+    throw error;
+  }
 
   const rateLimitResponse = await checkRate(env, request, 'writes');
   if (rateLimitResponse) return rateLimitResponse;
@@ -17,8 +26,8 @@ export async function POST({ locals, request }: APIContext) {
   let body: any;
   try {
     body = await readJsonBounded(env, request);
-  } catch (e: any) {
-    if (e?.code === 'PayloadTooLarge') {
+  } catch (e) {
+    if (errorCode(e) === 'PayloadTooLarge') {
       return new Response(JSON.stringify({ error: 'PayloadTooLarge' }), { status: 413 });
     }
     return new Response(JSON.stringify({ error: 'BadRequest' }), { status: 400 });
@@ -27,18 +36,37 @@ export async function POST({ locals, request }: APIContext) {
   if (!collection || !rkey) return new Response(JSON.stringify({ error: 'BadRequest' }), { status: 400 });
 
   const repo = new RepoManager(env);
-  const commit = await repo.deleteRecord(collection, rkey);
+  // Perform the delete in the MST, gather prev/new roots & new blocks
+  const { mst, prevMstRoot, uri, newMstBlocks } = await repo.deleteRecord(collection, rkey);
+
+  // Build ops & bump the repo root to create a signed commit
+  const currentRoot = await mst.getPointer();
+  const opsForCommit = [{ action: 'delete' as const, path: `${collection}/${rkey}`, cid: null }];
+  const { commitCid, rev, commitData, sig, blocks } = await bumpRoot(env, prevMstRoot ?? undefined, currentRoot, {
+    ops: opsForCommit,
+    newMstBlocks: Array.from(newMstBlocks),
+  });
+
+  // Notify sequencer with a complete payload matching handleCommitNotification
   await notifySequencer(env, {
-    did: env.PDS_DID ?? 'did:example:single-user',
-    commitCid: commit.commitCid,
-    rev: commit.rev,
-    data: commit.commitData,
-    sig: commit.sig,
-    ops: commit.ops,
-    blocks: commit.blocks
+    did: env.PDS_DID as string,
+    commitCid,
+    rev,
+    data: commitData,
+    sig,
+    ops: opsForCommit,
+    blocks,
   });
 
-  return new Response(JSON.stringify(commit), {
+  // Respond with official schema
+  const out = {
+    commit: {
+      cid: commitCid,
+      rev,
+    },
+  };
+
+  return new Response(JSON.stringify(out), {
     headers: { 'Content-Type': 'application/json' },
   });
 }

package/src/pages/xrpc/com.atproto.repo.describeRepo.ts

@@ -10,8 +10,8 @@ export const prerender = false;
 export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
-  const repo = url.searchParams.get('repo') || env.PDS_DID || 'did:example:single-user';
-  const did = env.PDS_DID || 'did:example:single-user';
+  const repo = url.searchParams.get('repo') || (env.PDS_DID as string);
+  const did = env.PDS_DID as string;
   const handle = env.PDS_HANDLE || 'user.example.com';
 
   // Get repo root to check if repo exists