@getcirrus/pds 0.3.0 → 0.4.0

package/dist/cli.js

@@ -11,6 +11,8 @@ import { resolve } from "node:path";
 import { CompositeDidDocumentResolver, DohJsonHandleResolver, PlcDidDocumentResolver, WebDidDocumentResolver } from "@atcute/identity-resolver";
 import pc from "picocolors";
 import { Client, ClientResponseError, ok } from "@atcute/client";
+import "@atcute/bluesky";
+import "@atcute/atproto";
 import { getPdsEndpoint } from "@atcute/identity";
 
 //#region src/cli/utils/wrangler.ts
@@ -955,7 +957,7 @@ function createAuthHandler(baseUrl, token) {
 		});
 	};
 }
-var PDSClient = class {
+var PDSClient = class PDSClient {
 	client;
 	authToken;
 	constructor(baseUrl, authToken) {
@@ -1201,6 +1203,23 @@ var PDSClient = class {
 		}));
 	}
 	/**
+	* Emit identity event to notify relays to refresh handle verification
+	*/
+	async emitIdentity() {
+		const url = new URL("/xrpc/gg.mk.experimental.emitIdentityEvent", this.baseUrl);
+		const headers = {};
+		if (this.authToken) headers["Authorization"] = `Bearer ${this.authToken}`;
+		const res = await fetch(url.toString(), {
+			method: "POST",
+			headers
+		});
+		if (!res.ok) {
+			const errorBody = await res.json().catch(() => ({}));
+			throw new Error(errorBody.message ?? `Request failed: ${res.status}`);
+		}
+		return res.json();
+	}
+	/**
 	* Check if the PDS is reachable
 	*/
 	async healthCheck() {
@@ -1313,8 +1332,78 @@ var PDSClient = class {
 		}
 	}
 	/**
+	* Get a record from the repository
+	*/
+	async getRecord(repo, collection, rkey) {
+		try {
+			return await ok(this.client.get("com.atproto.repo.getRecord", { params: {
+				repo,
+				collection,
+				rkey
+			} }));
+		} catch (err) {
+			if (err instanceof ClientResponseError && err.status === 404) return null;
+			throw err;
+		}
+	}
+	/**
+	* Create or update a record in the repository
+	*/
+	async putRecord(repo, collection, rkey, record) {
+		return ok(this.client.post("com.atproto.repo.putRecord", { input: {
+			repo,
+			collection,
+			rkey,
+			record
+		} }));
+	}
+	/**
+	* Get the user's profile record
+	*/
+	async getProfile(did) {
+		const record = await this.getRecord(did, "app.bsky.actor.profile", "self");
+		if (!record) return null;
+		return record.value;
+	}
+	/**
+	* Create or update the user's profile
+	*/
+	async putProfile(did, profile) {
+		return this.putRecord(did, "app.bsky.actor.profile", "self", {
+			$type: "app.bsky.actor.profile",
+			...profile
+		});
+	}
+	static RELAY_URLS = ["https://relay1.us-west.bsky.network", "https://relay1.us-east.bsky.network"];
+	/**
+	* Get relay's view of this PDS host status from a single relay.
+	* Calls com.atproto.sync.getHostStatus on the relay.
+	*/
+	async getRelayHostStatus(pdsHostname, relayUrl) {
+		try {
+			const url = new URL("/xrpc/com.atproto.sync.getHostStatus", relayUrl);
+			url.searchParams.set("hostname", pdsHostname);
+			const res = await fetch(url.toString());
+			if (!res.ok) return null;
+			return {
+				...await res.json(),
+				relay: relayUrl
+			};
+		} catch {
+			return null;
+		}
+	}
+	/**
+	* Get relay status from all known relays.
+	* Returns results from each relay that responds.
+	*/
+	async getAllRelayHostStatus(pdsHostname) {
+		return (await Promise.all(PDSClient.RELAY_URLS.map((url) => this.getRelayHostStatus(pdsHostname, url)))).filter((r) => r !== null);
+	}
+	/**
 	* Request the relay to crawl this PDS.
 	* This notifies the Bluesky relay that the PDS is active and ready for federation.
+	* Uses bsky.network by default (the main relay endpoint).
 	*/
 	async requestCrawl(pdsHostname, relayUrl = "https://bsky.network") {
 		try {
@@ -1672,24 +1761,261 @@ function showNextSteps(pm, sourceDomain) {
 	]), "Almost there!");
 }
 
+//#endregion
+//#region src/cli/utils/checks.ts
+/**
+* Check that handle resolves to the expected DID
+*/
+async function checkHandleResolution(handle, expectedDid) {
+	const resolvedDid = await resolveHandleToDid(handle);
+	if (!resolvedDid) return {
+		ok: false,
+		message: `@${handle} does not resolve to any DID`,
+		detail: "Update your DNS TXT record or .well-known/atproto-did file"
+	};
+	if (resolvedDid !== expectedDid) return {
+		ok: false,
+		message: `@${handle} resolves to wrong DID`,
+		detail: `Expected: ${expectedDid}\n  Got: ${resolvedDid}`
+	};
+	return {
+		ok: true,
+		message: `@${handle} → ${expectedDid.slice(0, 24)}...`
+	};
+}
+/**
+* Check that handle resolves via DNS and/or HTTP, returning both methods
+*/
+async function checkHandleResolutionDetailed(client, handle, expectedDid) {
+	const [httpDid, dnsDid] = await Promise.all([client.checkHandleViaHttp(handle), client.checkHandleViaDns(handle)]);
+	const httpValid = httpDid === expectedDid;
+	const dnsValid = dnsDid === expectedDid;
+	const methods = [];
+	if (dnsValid) methods.push("DNS");
+	if (httpValid) methods.push("HTTP");
+	return {
+		ok: httpValid || dnsValid,
+		httpDid,
+		dnsDid,
+		methods
+	};
+}
+/**
+* Check that DID document points to the expected PDS endpoint
+*/
+async function checkDidDocument(did, expectedPdsUrl) {
+	const didDoc = await new DidResolver().resolve(did);
+	const expectedEndpoint = expectedPdsUrl.replace(/\/$/, "");
+	if (!didDoc) return {
+		ok: false,
+		message: `Could not resolve DID document for ${did}`,
+		detail: "Make sure your DID is published to the PLC directory or did:web endpoint"
+	};
+	const pdsService = didDoc.service?.find((s) => {
+		return (Array.isArray(s.type) ? s.type : [s.type]).includes("AtprotoPersonalDataServer") || s.id === "#atproto_pds";
+	});
+	if (!pdsService?.serviceEndpoint) return {
+		ok: false,
+		message: "DID document has no PDS service endpoint",
+		detail: "Update your DID document to include an AtprotoPersonalDataServer service"
+	};
+	const actualEndpoint = pdsService.serviceEndpoint.replace(/\/$/, "");
+	if (actualEndpoint !== expectedEndpoint) return {
+		ok: false,
+		message: "DID document points to different PDS",
+		detail: `Expected: ${expectedEndpoint}\n  Got: ${actualEndpoint}`
+	};
+	return {
+		ok: true,
+		message: `PDS endpoint → ${expectedEndpoint}`
+	};
+}
+/**
+* Check that DID resolves and returns the PDS endpoint (simpler version using PDSClient)
+*/
+async function checkDidResolution(client, did, expectedPdsHostname) {
+	const resolved = await client.resolveDid(did);
+	const resolveMethod = did.startsWith("did:plc:") ? "plc.directory" : did.startsWith("did:web:") ? "/.well-known/did.json" : "unknown";
+	if (!resolved.pdsEndpoint) return {
+		ok: false,
+		pdsEndpoint: null,
+		resolveMethod
+	};
+	const expectedEndpoint = `https://${expectedPdsHostname}`;
+	return {
+		ok: resolved.pdsEndpoint === expectedEndpoint || resolved.pdsEndpoint === expectedPdsHostname,
+		pdsEndpoint: resolved.pdsEndpoint,
+		resolveMethod
+	};
+}
+/**
+* Check that all blobs are imported
+*/
+function checkBlobsImported(status) {
+	const missingBlobs = status.expectedBlobs - status.importedBlobs;
+	if (missingBlobs > 0) return {
+		ok: false,
+		message: `${missingBlobs} blob${missingBlobs === 1 ? "" : "s"} missing`,
+		detail: "Run 'pds migrate' to import missing blobs before activating"
+	};
+	return {
+		ok: true,
+		message: `${status.importedBlobs}/${status.expectedBlobs} blobs imported`
+	};
+}
+/**
+* Check that repository data exists and is properly initialised
+*/
+function checkRepoInitialised(status) {
+	if (!status.repoCommit) return {
+		ok: false,
+		message: "No repo data imported",
+		detail: "Run 'pds migrate' to import your repository first"
+	};
+	if (status.indexedRecords === 0) return {
+		ok: false,
+		message: "Repository has no indexed records",
+		detail: "Run 'pds migrate' to import your repository"
+	};
+	return {
+		ok: true,
+		message: `${status.repoBlocks.toLocaleString()} blocks, ${status.indexedRecords.toLocaleString()} records`
+	};
+}
+/**
+* Check that repo is complete for activation (combines blob and repo checks)
+*/
+function checkRepoComplete(status) {
+	const repoCheck = checkRepoInitialised(status);
+	if (!repoCheck.ok) return repoCheck;
+	if (status.expectedBlobs > 0) {
+		const blobCheck = checkBlobsImported(status);
+		if (!blobCheck.ok) return blobCheck;
+	}
+	return {
+		ok: true,
+		message: `${status.repoBlocks} blocks, ${status.importedBlobs} blobs`
+	};
+}
+/**
+* Check if profile is indexed by AppView
+*/
+async function checkAppViewIndexing(client, did) {
+	if (!await client.checkAppViewIndexing(did)) return {
+		ok: false,
+		message: "Profile not found on AppView",
+		detail: "This may be normal for new accounts"
+	};
+	return {
+		ok: true,
+		message: "Profile indexed by AppView"
+	};
+}
+
 //#endregion
 //#region src/cli/commands/activate.ts
 /**
 * Activate account command - enables writes after migration
 */
+/**
+* Run pre-activation checks
+*/
+async function runChecks(handle, did, pdsUrl, status) {
+	const checks = [];
+	p.log.step("Checking handle resolution...");
+	const handleResult = await checkHandleResolution(handle, did);
+	checks.push({
+		name: "Handle",
+		...handleResult
+	});
+	p.log.step("Checking DID document...");
+	const didResult = await checkDidDocument(did, pdsUrl);
+	checks.push({
+		name: "DID",
+		...didResult
+	});
+	p.log.step("Checking repo status...");
+	const repoResult = checkRepoComplete(status);
+	checks.push({
+		name: "Repo",
+		...repoResult
+	});
+	return checks;
+}
+function logCheck(check) {
+	const icon = check.ok ? pc.green("✓") : pc.red("✗");
+	const name = pc.bold(check.name.padEnd(8));
+	console.log(`  ${icon} ${name} ${check.message}`);
+	if (check.detail && !check.ok) for (const line of check.detail.split("\n")) console.log(`             ${pc.dim(line)}`);
+}
+/**
+* Prompt user to create a profile if one doesn't exist
+*/
+async function promptCreateProfile(client, did, handle) {
+	const spinner = p.spinner();
+	spinner.start("Checking profile...");
+	const existingProfile = await client.getProfile(did);
+	spinner.stop(existingProfile ? "Profile found" : "No profile found");
+	if (!existingProfile) {
+		const createProfile = await p.confirm({
+			message: "Create a profile? (recommended for visibility on the network)",
+			initialValue: true
+		});
+		if (p.isCancel(createProfile)) {
+			p.cancel("Cancelled.");
+			process.exit(0);
+		}
+		if (createProfile) {
+			const displayName = await promptText({
+				message: "Display name:",
+				placeholder: handle || "Your Name",
+				validate: (v) => {
+					if (v && v.length > 64) return "Display name must be 64 characters or less";
+				}
+			});
+			const description = await promptText({
+				message: "Bio (optional):",
+				placeholder: "Tell us about yourself",
+				validate: (v) => {
+					if (v && v.length > 256) return "Bio must be 256 characters or less";
+				}
+			});
+			spinner.start("Creating profile...");
+			try {
+				await client.putProfile(did, {
+					displayName: displayName || void 0,
+					description: description || void 0
+				});
+				spinner.stop("Profile created!");
+			} catch (err) {
+				spinner.stop("Failed to create profile");
+				p.log.warn(err instanceof Error ? err.message : "Could not create profile");
+			}
+		}
+	}
+}
 const activateCommand = defineCommand({
 	meta: {
 		name: "activate",
 		description: "Activate your account to enable writes and go live"
 	},
-	args: { dev: {
-		type: "boolean",
-		description: "Target local development server instead of production",
-		default: false
-	} },
+	args: {
+		dev: {
+			type: "boolean",
+			description: "Target local development server instead of production",
+			default: false
+		},
+		yes: {
+			type: "boolean",
+			alias: "y",
+			description: "Skip confirmation prompts",
+			default: false
+		}
+	},
 	async run({ args }) {
 		const pm = detectPackageManager();
 		const isDev = args.dev;
+		const skipConfirm = args.yes;
 		p.intro("🦋 Activate Account");
 		const vars = getVars();
 		let targetUrl;
@@ -1708,11 +2034,17 @@ const activateCommand = defineCommand({
 		};
 		const authToken = config.AUTH_TOKEN;
 		const handle = config.HANDLE;
+		const did = config.DID;
 		if (!authToken) {
 			p.log.error("No AUTH_TOKEN found. Run 'pds init' first.");
 			p.outro("Activation cancelled.");
 			process.exit(1);
 		}
+		if (!handle || !did) {
+			p.log.error("No HANDLE or DID found. Run 'pds init' first.");
+			p.outro("Activation cancelled.");
+			process.exit(1);
+		}
 		const client = new PDSClient(targetUrl, authToken);
 		const spinner = p.spinner();
 		spinner.start(`Checking PDS at ${targetDomain}...`);
@@ -1729,6 +2061,7 @@ const activateCommand = defineCommand({
 		spinner.stop("Account status retrieved");
 		if (status.active) {
 			p.log.info("Your account is already active.");
+			await promptCreateProfile(client, did, handle);
 			const pdsHostname$1 = config.PDS_HOSTNAME;
 			if (pdsHostname$1 && !isDev) {
 				const pingRelay = await p.confirm({
@@ -1740,29 +2073,44 @@ const activateCommand = defineCommand({
 					process.exit(0);
 				}
 				if (pingRelay) {
-					spinner.start("Notifying relay...");
-					if (await client.requestCrawl(pdsHostname$1)) spinner.stop("Relay notified");
-					else spinner.stop("Could not notify relay");
+					spinner.start("Requesting crawl from relay...");
+					if (await client.requestCrawl(pdsHostname$1)) spinner.stop("Crawl requested");
+					else spinner.stop("Could not request crawl");
 				}
 			}
 			p.outro("All good!");
 			return;
 		}
-		p.note([
-			`@${handle || "your-handle"}`,
-			"",
-			"This will enable writes and make your account live.",
-			"Make sure you've:",
-			"  ✓ Updated your DID document to point here",
-			"  ✓ Completed email verification (if required)"
-		].join("\n"), "Ready to go live?");
-		const confirm = await p.confirm({
-			message: "Activate account?",
-			initialValue: true
-		});
-		if (p.isCancel(confirm) || !confirm) {
-			p.cancel("Activation cancelled.");
-			process.exit(0);
+		p.log.info("");
+		p.log.info(pc.bold("Pre-activation checks:"));
+		const checks = await runChecks(handle, did, targetUrl, status);
+		console.log("");
+		for (const check of checks) logCheck(check);
+		console.log("");
+		const hasFailures = checks.some((c) => !c.ok);
+		if (hasFailures) {
+			p.log.warn(pc.yellow("Some checks failed. Activating now may cause issues."));
+			p.log.info("");
+			if (skipConfirm) p.log.info("Proceeding anyway (--yes flag)");
+			else {
+				const proceed = await p.confirm({
+					message: "Proceed with activation anyway?",
+					initialValue: false
+				});
+				if (p.isCancel(proceed) || !proceed) {
+					p.cancel("Activation cancelled. Fix the issues above and try again.");
+					process.exit(0);
+				}
+			}
+		} else if (!skipConfirm) {
+			const confirm = await p.confirm({
+				message: "Activate account?",
+				initialValue: true
+			});
+			if (p.isCancel(confirm) || !confirm) {
+				p.cancel("Activation cancelled.");
+				process.exit(0);
+			}
 		}
 		spinner.start("Activating account...");
 		try {
@@ -1774,17 +2122,54 @@ const activateCommand = defineCommand({
 			p.outro("Activation failed.");
 			process.exit(1);
 		}
+		await promptCreateProfile(client, did, handle);
+		spinner.start("Verifying activation...");
+		if (!(await client.getAccountStatus()).active) {
+			spinner.stop("Verification failed");
+			p.log.error("Account was activated but is not showing as active.");
+			p.log.info("Try running 'pds status' to check the current state.");
+			p.outro("Activation may have failed.");
+			process.exit(1);
+		}
+		spinner.stop("Account is active");
 		const pdsHostname = config.PDS_HOSTNAME;
 		if (pdsHostname && !isDev) {
-			spinner.start("Notifying relay...");
-			if (await client.requestCrawl(pdsHostname)) spinner.stop("Relay notified");
+			spinner.start("Requesting crawl from relay...");
+			if (await client.requestCrawl(pdsHostname)) spinner.stop("Crawl requested");
 			else {
-				spinner.stop("Could not notify relay");
-				p.log.warn("Run 'pds activate' again later to retry notifying the relay.");
+				spinner.stop("Could not request crawl");
+				p.log.warn("Run 'pds activate' again later to retry requesting a crawl.");
 			}
 		}
 		p.log.success("Welcome to the Atmosphere! 🦋");
 		p.log.info("Your account is now live and accepting writes.");
+		if (!hasFailures) {
+			p.log.info("");
+			let shouldEmit = skipConfirm;
+			if (!skipConfirm) {
+				const emitConfirm = await p.confirm({
+					message: "Emit identity event to notify relays?",
+					initialValue: true
+				});
+				shouldEmit = !p.isCancel(emitConfirm) && emitConfirm;
+			}
+			if (shouldEmit) {
+				spinner.start("Emitting identity event...");
+				try {
+					const result = await client.emitIdentity();
+					spinner.stop(`Identity event emitted (seq: ${result.seq})`);
+				} catch (err) {
+					spinner.stop("Failed to emit identity event");
+					p.log.warn(err instanceof Error ? err.message : "Could not emit identity");
+					p.log.info("You can try again later with: pds emit-identity");
+				}
+			} else p.log.info("To notify relays later, run: pds emit-identity");
+		} else {
+			p.log.info("");
+			p.log.info("Some checks failed, so identity was not emitted automatically.");
+			p.log.info("Once your handle and DID are configured correctly, run:");
+			p.log.info("  pds emit-identity");
+		}
 		p.outro("All set!");
 	}
 });
@@ -1796,19 +2181,47 @@ const activateCommand = defineCommand({
 */
 const brightNote = (lines) => lines.map((l) => `\x1b[0m${l}`).join("\n");
 const bold = (text) => pc.bold(text);
+/**
+* Run identity verification checks - for deactivate, we just inform the user
+*/
+async function runIdentityChecks(handle, did, pdsUrl) {
+	const checks = [];
+	p.log.step("Checking handle resolution...");
+	const handleResult = await checkHandleResolution(handle, did);
+	checks.push({
+		name: "Handle resolution",
+		...handleResult
+	});
+	p.log.step("Checking DID document...");
+	const didResult = await checkDidDocument(did, pdsUrl);
+	checks.push({
+		name: "DID document",
+		...didResult
+	});
+	return checks;
+}
 const deactivateCommand = defineCommand({
 	meta: {
 		name: "deactivate",
 		description: "Deactivate your account to enable re-import"
 	},
-	args: { dev: {
-		type: "boolean",
-		description: "Target local development server instead of production",
-		default: false
-	} },
+	args: {
+		dev: {
+			type: "boolean",
+			description: "Target local development server instead of production",
+			default: false
+		},
+		yes: {
+			type: "boolean",
+			alias: "y",
+			description: "Skip confirmation prompts",
+			default: false
+		}
+	},
 	async run({ args }) {
 		const pm = detectPackageManager();
 		const isDev = args.dev;
+		const skipConfirm = args.yes;
 		p.intro("🦋 Deactivate Account");
 		const vars = getVars();
 		let targetUrl;
@@ -1827,11 +2240,17 @@ const deactivateCommand = defineCommand({
 		};
 		const authToken = config.AUTH_TOKEN;
 		const handle = config.HANDLE;
+		const did = config.DID;
 		if (!authToken) {
 			p.log.error("No AUTH_TOKEN found. Run 'pds init' first.");
 			p.outro("Deactivation cancelled.");
 			process.exit(1);
 		}
+		if (!handle || !did) {
+			p.log.error("No HANDLE or DID found. Run 'pds init' first.");
+			p.outro("Deactivation cancelled.");
+			process.exit(1);
+		}
 		const client = new PDSClient(targetUrl, authToken);
 		const spinner = p.spinner();
 		spinner.start(`Checking PDS at ${targetDomain}...`);
@@ -1852,8 +2271,17 @@ const deactivateCommand = defineCommand({
 			p.outro("Already deactivated.");
 			return;
 		}
+		p.log.info("");
+		p.log.info(pc.bold("Current identity status:"));
+		const checks = await runIdentityChecks(handle, did, targetUrl);
+		for (const check of checks) if (check.ok) p.log.success(`${check.name}: ${check.message}`);
+		else {
+			p.log.warn(`${check.name}: ${check.message}`);
+			if (check.detail) p.log.info(`  ${check.detail}`);
+		}
+		p.log.info("");
 		p.note(brightNote([
-			bold(`⚠️  WARNING: This will disable writes for @${handle || "your-handle"}`),
+			bold(`⚠️  WARNING: This will disable writes for @${handle}`),
 			"",
 			"Your account will:",
 			"  • Stop accepting new posts, follows, and other writes",
@@ -1862,13 +2290,15 @@ const deactivateCommand = defineCommand({
 			"",
 			bold("Only deactivate if you need to re-import your data.")
 		]), "Deactivate Account");
-		const confirm = await p.confirm({
-			message: "Are you sure you want to deactivate?",
-			initialValue: false
-		});
-		if (p.isCancel(confirm) || !confirm) {
-			p.cancel("Deactivation cancelled.");
-			process.exit(0);
+		if (!skipConfirm) {
+			const confirm = await p.confirm({
+				message: "Are you sure you want to deactivate?",
+				initialValue: false
+			});
+			if (p.isCancel(confirm) || !confirm) {
+				p.cancel("Deactivation cancelled.");
+				process.exit(0);
+			}
 		}
 		spinner.start("Deactivating account...");
 		try {
@@ -1965,14 +2395,15 @@ const statusCommand = defineCommand({
 		}
 		console.log();
 		console.log(pc.bold("Repository"));
-		if (status.repoCommit && status.indexedRecords > 0) {
+		const repoCheck = checkRepoInitialised(status);
+		if (repoCheck.ok) {
 			const shortCid = status.repoCommit.slice(0, 12) + "..." + status.repoCommit.slice(-4);
 			const shortRev = status.repoRev ? status.repoRev.slice(0, 8) + "..." : "none";
 			console.log(`  ${CHECK} Initialized: ${pc.dim(shortCid)} (rev: ${shortRev})`);
-			console.log(`  ${INFO} ${status.repoBlocks.toLocaleString()} blocks, ${status.indexedRecords.toLocaleString()} records`);
+			console.log(`  ${INFO} ${repoCheck.message}`);
 		} else {
-			console.log(`  ${WARN} Repository empty (no records)`);
-			console.log(pc.dim("      Run 'pds migrate' to import from another PDS"));
+			console.log(`  ${WARN} ${repoCheck.message}`);
+			if (repoCheck.detail) console.log(pc.dim(`      ${repoCheck.detail}`));
 			hasWarnings = true;
 		}
 		console.log();
@@ -1983,18 +2414,14 @@ const statusCommand = defineCommand({
 		}
 		if (handle) console.log(`  ${INFO} Handle: ${pc.cyan(`@${handle}`)}`);
 		if (did) {
-			const resolved = await client.resolveDid(did);
-			const resolveMethod = did.startsWith("did:plc:") ? "plc.directory" : did.startsWith("did:web:") ? "/.well-known/did.json" : "unknown";
-			if (resolved.pdsEndpoint) {
-				const expectedEndpoint = `https://${pdsHostname}`;
-				if (resolved.pdsEndpoint === expectedEndpoint || resolved.pdsEndpoint === pdsHostname) console.log(`  ${CHECK} DID resolves to this PDS (via ${resolveMethod})`);
-				else {
-					console.log(`  ${CROSS} DID resolves to different PDS`);
-					console.log(pc.dim(`      Resolved via: ${resolveMethod}`));
-					console.log(pc.dim(`      Expected: ${expectedEndpoint}`));
-					console.log(pc.dim(`      Got: ${resolved.pdsEndpoint}`));
-					hasErrors = true;
-				}
+			const didCheck = await checkDidResolution(client, did, pdsHostname);
+			if (didCheck.ok) console.log(`  ${CHECK} DID resolves to this PDS (via ${didCheck.resolveMethod})`);
+			else if (didCheck.pdsEndpoint) {
+				console.log(`  ${CROSS} DID resolves to different PDS`);
+				console.log(pc.dim(`      Resolved via: ${didCheck.resolveMethod}`));
+				console.log(pc.dim(`      Expected: https://${pdsHostname}`));
+				console.log(pc.dim(`      Got: ${didCheck.pdsEndpoint}`));
+				hasErrors = true;
 			} else {
 				console.log(`  ${WARN} Could not resolve DID`);
 				if (did.startsWith("did:plc:")) console.log(pc.dim("      Check plc.directory or update DID document"));
@@ -2006,19 +2433,13 @@ const statusCommand = defineCommand({
 			hasWarnings = true;
 		}
 		if (handle) {
-			const [httpDid, dnsDid] = await Promise.all([client.checkHandleViaHttp(handle), client.checkHandleViaDns(handle)]);
-			const httpValid = httpDid === did;
-			const dnsValid = dnsDid === did;
-			if (httpValid || dnsValid) {
-				const methods = [];
-				if (dnsValid) methods.push("DNS");
-				if (httpValid) methods.push("HTTP");
-				console.log(`  ${CHECK} Handle verified via ${methods.join(" + ")}`);
-			} else if (httpDid || dnsDid) {
+			const handleCheck = await checkHandleResolutionDetailed(client, handle, did);
+			if (handleCheck.ok) console.log(`  ${CHECK} Handle verified via ${handleCheck.methods.join(" + ")}`);
+			else if (handleCheck.httpDid || handleCheck.dnsDid) {
 				console.log(`  ${CROSS} Handle resolves to different DID`);
 				console.log(pc.dim(`      Expected: ${did}`));
-				if (httpDid) console.log(pc.dim(`      HTTP well-known: ${httpDid}`));
-				if (dnsDid) console.log(pc.dim(`      DNS TXT: ${dnsDid}`));
+				if (handleCheck.httpDid) console.log(pc.dim(`      HTTP well-known: ${handleCheck.httpDid}`));
+				if (handleCheck.dnsDid) console.log(pc.dim(`      DNS TXT: ${handleCheck.dnsDid}`));
 				hasErrors = true;
 			} else {
 				console.log(`  ${WARN} Handle not resolving`);
@@ -2030,7 +2451,8 @@ const statusCommand = defineCommand({
 		console.log();
 		if (status.expectedBlobs > 0) {
 			console.log(pc.bold("Blobs"));
-			if (status.importedBlobs === status.expectedBlobs) console.log(`  ${CHECK} ${status.importedBlobs}/${status.expectedBlobs} blobs imported`);
+			const blobCheck = checkBlobsImported(status);
+			if (blobCheck.ok) console.log(`  ${CHECK} ${blobCheck.message}`);
 			else {
 				const missing = status.expectedBlobs - status.importedBlobs;
 				console.log(`  ${WARN} ${status.importedBlobs}/${status.expectedBlobs} blobs imported (${missing} missing)`);
@@ -2039,11 +2461,33 @@ const statusCommand = defineCommand({
 			console.log();
 		}
 		console.log(pc.bold("Federation"));
-		if (did) if (await client.checkAppViewIndexing(did)) console.log(`  ${CHECK} Profile indexed by AppView`);
-		else {
-			console.log(`  ${WARN} Profile not found on AppView`);
-			console.log(pc.dim("      This may be normal for new accounts"));
-			hasWarnings = true;
+		if (did) {
+			const appViewCheck = await checkAppViewIndexing(client, did);
+			if (appViewCheck.ok) console.log(`  ${CHECK} ${appViewCheck.message}`);
+			else {
+				console.log(`  ${WARN} ${appViewCheck.message}`);
+				if (appViewCheck.detail) console.log(pc.dim(`      ${appViewCheck.detail}`));
+				hasWarnings = true;
+			}
+		}
+		if (pdsHostname) {
+			const relayStatuses = await client.getAllRelayHostStatus(pdsHostname);
+			const hasActiveRelay = relayStatuses.some((r) => r.status === "active");
+			const hasBannedRelay = relayStatuses.some((r) => r.status === "banned");
+			const needsCrawl = relayStatuses.length === 0 || relayStatuses.every((r) => r.status === "idle" || r.status === "offline");
+			if (relayStatuses.length === 0) console.log(`  ${WARN} No relays have crawled this PDS yet`);
+			else for (const relayStatus of relayStatuses) {
+				const relayName = relayStatus.relay.includes("us-west") ? "us-west" : "us-east";
+				const statusIcon = relayStatus.status === "active" ? CHECK : relayStatus.status === "banned" ? CROSS : WARN;
+				console.log(`  ${statusIcon} Relay ${relayName}: ${relayStatus.status}${relayStatus.accountCount !== void 0 ? ` (${relayStatus.accountCount} accounts, seq: ${relayStatus.seq ?? "none"})` : ""}`);
+			}
+			if (hasBannedRelay && !hasActiveRelay) {
+				console.log(`  ${CROSS} PDS is banned from all relays`);
+				hasErrors = true;
+			} else if (needsCrawl) {
+				console.log(pc.dim("      Run 'pds activate' or 'pds emit-identity' to request a crawl"));
+				hasWarnings = true;
+			}
 		}
 		try {
 			const firehose = await client.getFirehoseStatus();
@@ -2068,6 +2512,80 @@ const statusCommand = defineCommand({
 	}
 });
 
+//#endregion
+//#region src/cli/commands/emit-identity.ts
+/**
+* Emit identity command - notifies relays to refresh handle verification
+*/
+const emitIdentityCommand = defineCommand({
+	meta: {
+		name: "emit-identity",
+		description: "Emit an identity event to notify relays to refresh handle verification"
+	},
+	args: { dev: {
+		type: "boolean",
+		description: "Target local development server instead of production",
+		default: false
+	} },
+	async run({ args }) {
+		const isDev = args.dev;
+		p.intro("🦋 Emit Identity Event");
+		const vars = getVars();
+		let targetUrl;
+		try {
+			targetUrl = getTargetUrl(isDev, vars.PDS_HOSTNAME);
+		} catch (err) {
+			p.log.error(err instanceof Error ? err.message : "Configuration error");
+			p.log.info("Run 'pds init' first to configure your PDS.");
+			process.exit(1);
+		}
+		const targetDomain = getDomain(targetUrl);
+		const wranglerVars = getVars();
+		const config = {
+			...readDevVars(),
+			...wranglerVars
+		};
+		const authToken = config.AUTH_TOKEN;
+		if (!authToken) {
+			p.log.error("No AUTH_TOKEN found. Run 'pds init' first.");
+			p.outro("Cancelled.");
+			process.exit(1);
+		}
+		const client = new PDSClient(targetUrl, authToken);
+		const spinner = p.spinner();
+		spinner.start(`Checking PDS at ${targetDomain}...`);
+		if (!await client.healthCheck()) {
+			spinner.stop(`PDS not responding at ${targetDomain}`);
+			p.log.error(`Your PDS isn't responding at ${targetUrl}`);
+			if (!isDev) p.log.info("Make sure your worker is deployed: wrangler deploy");
+			p.outro("Cancelled.");
+			process.exit(1);
+		}
+		spinner.stop(`Connected to ${targetDomain}`);
+		spinner.start("Emitting identity event...");
+		try {
+			const result = await client.emitIdentity();
+			spinner.stop(`Identity event emitted (seq: ${result.seq})`);
+		} catch (err) {
+			spinner.stop("Failed to emit identity event");
+			p.log.error(err instanceof Error ? err.message : "Could not emit identity event");
+			p.outro("Failed.");
+			process.exit(1);
+		}
+		const pdsHostname = config.PDS_HOSTNAME;
+		if (pdsHostname && !isDev) {
+			spinner.start("Requesting crawl from relay...");
+			if (await client.requestCrawl(pdsHostname)) spinner.stop("Crawl requested");
+			else {
+				spinner.stop("Could not request crawl");
+				p.log.warn("The relay may not pick up the identity change immediately.");
+			}
+		}
+		p.log.success("Relays have been notified to refresh your handle verification.");
+		p.outro("Done!");
+	}
+});
+
 //#endregion
 //#region src/cli/index.ts
 /**
@@ -2085,7 +2603,8 @@ runMain(defineCommand({
 		migrate: migrateCommand,
 		activate: activateCommand,
 		deactivate: deactivateCommand,
-		status: statusCommand
+		status: statusCommand,
+		"emit-identity": emitIdentityCommand
 	}
 }));