@livestore/sync-cf 0.4.0-dev.8 → 0.4.0

package/src/cf-worker/shared.ts

@@ -1,26 +1,80 @@
-import type { InvalidPullError, InvalidPushError } from '@livestore/common'
+import type { UnknownError } from '@livestore/common'
 import type { CfTypes } from '@livestore/common-cf'
-import { Effect, type Option, Schema, UrlParams } from '@livestore/utils/effect'
+import { Effect, Schema, UrlParams } from '@livestore/utils/effect'
+
+import type { SearchParams } from '../common/mod.ts'
 import { SearchParamsSchema, SyncMessage } from '../common/mod.ts'
 
-export interface Env {
-  /** Eventlog database */
-  DB: CfTypes.D1Database
-  ADMIN_SECRET: string
+export type Env = {}
+
+/** Headers forwarded from the request to callbacks */
+export type ForwardedHeaders = ReadonlyMap<string, string>
+
+/**
+ * Configuration for forwarding request headers to DO callbacks.
+ * - `string[]`: List of header names to forward (case-insensitive)
+ * - `(request) => Record<string, string>`: Custom extraction function (sync)
+ */
+export type ForwardHeadersOption = readonly string[] | ((request: CfTypes.Request) => Record<string, string>)
+
+/** Context passed to onPush/onPull callbacks */
+export type CallbackContext = {
+  storeId: StoreId
+  payload?: Schema.JsonValue
+  /** Headers forwarded from the request (only present if `forwardHeaders` is configured) */
+  headers?: ForwardedHeaders
 }
 
 export type MakeDurableObjectClassOptions = {
-  onPush?: (
-    message: SyncMessage.PushRequest,
-    context: { storeId: StoreId; payload?: Schema.JsonValue },
-  ) => Effect.SyncOrPromiseOrEffect<void>
-  onPushRes?: (message: SyncMessage.PushAck | InvalidPushError) => Effect.SyncOrPromiseOrEffect<void>
-  onPull?: (
-    message: SyncMessage.PullRequest,
-    context: { storeId: StoreId; payload?: Schema.JsonValue },
-  ) => Effect.SyncOrPromiseOrEffect<void>
-  onPullRes?: (message: SyncMessage.PullResponse | InvalidPullError) => Effect.SyncOrPromiseOrEffect<void>
-  // TODO make storage configurable: D1, DO SQLite, later: external SQLite
+  onPush?: (message: SyncMessage.PushRequest, context: CallbackContext) => Effect.SyncOrPromiseOrEffect<void>
+  onPushRes?: (message: SyncMessage.PushAck | UnknownError) => Effect.SyncOrPromiseOrEffect<void>
+  onPull?: (message: SyncMessage.PullRequest, context: CallbackContext) => Effect.SyncOrPromiseOrEffect<void>
+  onPullRes?: (message: SyncMessage.PullResponse | UnknownError) => Effect.SyncOrPromiseOrEffect<void>
+
+  /**
+   * Forward request headers to `onPush`/`onPull` callbacks for authentication.
+   *
+   * This enables cookie-based or header-based authentication patterns where
+   * you need access to request headers inside the Durable Object.
+   *
+   * @example Forward specific headers by name (case-insensitive)
+   * ```ts
+   * makeDurableObject({
+   *   forwardHeaders: ['cookie', 'authorization'],
+   *   onPush: async (message, { headers }) => {
+   *     const cookie = headers?.get('cookie')
+   *     const session = await validateSession(cookie)
+   *   },
+   * })
+   * ```
+   *
+   * @example Custom extraction function for derived values
+   * ```ts
+   * makeDurableObject({
+   *   forwardHeaders: (request) => ({
+   *     'x-user-id': request.headers.get('x-user-id') ?? '',
+   *     'x-session': request.headers.get('cookie')?.split('session=')[1]?.split(';')[0] ?? '',
+   *   }),
+   *   onPush: async (message, { headers }) => {
+   *     const userId = headers?.get('x-user-id')
+   *   },
+   * })
+   * ```
+   */
+  forwardHeaders?: ForwardHeadersOption
+  /**
+   * Storage engine for event persistence.
+   * - Default: `{ _tag: 'do-sqlite' }` (Durable Object SQLite)
+   * - D1: `{ _tag: 'd1', binding: string }` where `binding` is the D1 binding name in wrangler.toml.
+   *
+   * If omitted, the runtime defaults to DO SQLite. For backwards-compatibility, if an env binding named
+   * `DB` exists and looks like a D1Database, D1 will be used.
+   *
+   * Trade-offs:
+   * - DO SQLite: simpler deploy, data co-located with DO, not externally queryable
+   * - D1: centralized DB, inspectable with DB tools, extra network hop and JSON size limits
+   */
+  storage?: { _tag: 'do-sqlite' } | { _tag: 'd1'; binding: string }
 
   /**
    * Enabled transports for sync backend
@@ -32,6 +86,26 @@ export type MakeDurableObjectClassOptions = {
    */
   enabledTransports?: Set<'http' | 'ws' | 'do-rpc'>
 
+  /**
+   * Custom HTTP response headers for HTTP transport
+   * These headers will be added to all HTTP RPC responses (Pull, Push, Ping)
+   *
+   * @example
+   * ```ts
+   * {
+   *   http: {
+   *     responseHeaders: {
+   *       'Access-Control-Allow-Origin': '*',
+   *       'Cache-Control': 'no-cache'
+   *     }
+   *   }
+   * }
+   * ```
+   */
+  http?: {
+    responseHeaders?: Record<string, string>
+  }
+
   otel?: {
     baseUrl?: string
     serviceName?: string
@@ -42,26 +116,42 @@ export type StoreId = string
 export type DurableObjectId = string
 
 /**
- * Needs to be bumped when the storage format changes (e.g. eventlogTable schema changes)
+ * CRITICAL: Increment this version whenever you modify the database schema structure.
+ *
+ * Bump required when:
+ * - Adding/removing/renaming columns in eventlogTable or contextTable (see sqlite.ts)
+ * - Changing column types or constraints
+ * - Modifying primary keys or indexes
  *
- * Changing this version number will lead to a "soft reset".
+ * Bump NOT required when:
+ * - Changing query patterns, pagination logic, or streaming behavior
+ * - Adding new tables (as long as existing table schemas remain unchanged)
+ * - Updating implementation details in sync-storage.ts
+ *
+ * Impact: Changing this version triggers a "soft reset" - new table names are created
+ * and old data becomes inaccessible (but remains in storage).
  */
 export const PERSISTENCE_FORMAT_VERSION = 7
 
-export const DEFAULT_SYNC_DURABLE_OBJECT_NAME = 'SYNC_BACKEND_DO'
-
 export const encodeOutgoingMessage = Schema.encodeSync(Schema.parseJson(SyncMessage.BackendToClientMessage))
 export const encodeIncomingMessage = Schema.encodeSync(Schema.parseJson(SyncMessage.ClientToBackendMessage))
 
-export const getSyncRequestSearchParams = (request: CfTypes.Request): Option.Option<typeof SearchParamsSchema.Type> => {
+/**
+ * Extracts the LiveStore sync search parameters from a request. Returns
+ * `undefined` when the request does not carry valid sync metadata so callers
+ * can fall back to custom routing.
+ */
+export const matchSyncRequest = (request: CfTypes.Request): SearchParams | undefined => {
   const url = new URL(request.url)
   const urlParams = UrlParams.fromInput(url.searchParams)
   const paramsResult = UrlParams.schemaStruct(SearchParamsSchema)(urlParams).pipe(Effect.option, Effect.runSync)
 
-  return paramsResult
-}
+  if (paramsResult._tag === 'None') {
+    return undefined
+  }
 
-export const PULL_CHUNK_SIZE = 100
+  return paramsResult.value
+}
 
 // RPC subscription storage (TODO refactor)
 export type RpcSubscription = {
@@ -91,5 +181,39 @@ export const WebSocketAttachmentSchema = Schema.parseJson(
     // Different for each websocket connection
     payload: Schema.optional(Schema.JsonValue),
     pullRequestIds: Schema.Array(Schema.String),
+    // Headers forwarded from the initial request (via forwardHeaders option)
+    headers: Schema.optional(Schema.Record({ key: Schema.String, value: Schema.String })),
   }),
 )
+
+/** Helper to extract headers from a request based on the forwardHeaders option */
+export const extractForwardedHeaders = (
+  request: CfTypes.Request,
+  forwardHeaders: ForwardHeadersOption | undefined,
+): Record<string, string> | undefined => {
+  if (forwardHeaders === undefined) {
+    return undefined
+  }
+
+  if (typeof forwardHeaders === 'function') {
+    return forwardHeaders(request)
+  }
+
+  // Array of header names - extract them case-insensitively
+  const result: Record<string, string> = {}
+  for (const name of forwardHeaders) {
+    const value = request.headers.get(name)
+    if (value !== null) {
+      result[name.toLowerCase()] = value
+    }
+  }
+  return Object.keys(result).length > 0 ? result : undefined
+}
+
+/** Convert a headers record to a ReadonlyMap */
+export const headersRecordToMap = (headers: Record<string, string> | undefined): ForwardedHeaders | undefined => {
+  if (headers === undefined) {
+    return undefined
+  }
+  return new Map(Object.entries(headers).map(([key, value]) => [key.toLowerCase(), value]))
+}

package/src/cf-worker/worker.ts

@@ -1,42 +1,16 @@
-import { UnexpectedError } from '@livestore/common'
-import type { Schema } from '@livestore/utils/effect'
-import { Effect } from '@livestore/utils/effect'
+import { env as importedEnv } from 'cloudflare:workers'
+
+import { UnknownError } from '@livestore/common'
+import type { HelperTypes } from '@livestore/common-cf'
+import { Effect, Schema } from '@livestore/utils/effect'
+
 import type { CfTypes, SearchParams } from '../common/mod.ts'
 import type { CfDeclare } from './mod.ts'
-import { DEFAULT_SYNC_DURABLE_OBJECT_NAME, type Env, getSyncRequestSearchParams } from './shared.ts'
+import { type Env, type ForwardedHeaders, matchSyncRequest } from './shared.ts'
 
 // NOTE We need to redeclare runtime types here to avoid type conflicts with the lib.dom Response type.
 declare class Response extends CfDeclare.Response {}
 
-export namespace HelperTypes {
-  type AnyDON = CfTypes.DurableObjectNamespace<undefined>
-
-  type DOKeys<T> = {
-    [K in keyof T]-?: T[K] extends AnyDON ? K : never
-  }[keyof T]
-
-  type NonBuiltins<T> = Omit<T, keyof Env>
-
-  /**
-   * Helper type to extract DurableObject keys from Env to give consumer type safety.
-   *
-   * @example
-   * ```ts
-   *  type PlatformEnv = {
-   *    DB: D1Database
-   *    ADMIN_TOKEN: string
-   *    SYNC_BACKEND_DO: DurableObjectNamespace<SyncBackendDO>
-   * }
-   *  export default makeWorker<PlatformEnv>({
-   *    durableObject: { name: "SYNC_BACKEND_DO" },
-   *    // ^ (property) name?: "SYNC_BACKEND_DO" | undefined
-   *  });
-   */
-  export type ExtractDurableObjectKeys<TEnv = Env> = DOKeys<NonBuiltins<TEnv>> extends never
-    ? string
-    : DOKeys<NonBuiltins<TEnv>>
-}
-
 // HINT: If we ever extend user's custom worker RPC, type T can help here with expected return type safety. Currently unused.
 export type CFWorker<TEnv extends Env = Env, _T extends CfTypes.Rpc.DurableObjectBranded | undefined = undefined> = {
   fetch: <CFHostMetada = unknown>(
@@ -46,64 +20,97 @@ export type CFWorker<TEnv extends Env = Env, _T extends CfTypes.Rpc.DurableObjec
   ) => Promise<CfTypes.Response>
 }
 
-export type MakeWorkerOptions<TEnv extends Env = Env> = {
+/** Context passed to validatePayload callback */
+export type ValidatePayloadContext = {
+  storeId: string
+  /** Request headers (raw, not filtered by forwardHeaders) */
+  headers: ForwardedHeaders
+}
+
+/**
+ * Options accepted by {@link makeWorker}. The Durable Object binding has to be
+ * supplied explicitly so we never fall back to deprecated defaults when Cloudflare config changes.
+ */
+export type MakeWorkerOptions<TEnv extends Env = Env, TSyncPayload = Schema.JsonValue> = {
   /**
-   * Validates the payload during WebSocket connection establishment.
+   * Binding name of the sync Durable Object declared in wrangler config.
+   */
+  syncBackendBinding: HelperTypes.ExtractDurableObjectKeys<TEnv>
+  /**
+   * Optionally pass a schema to decode the client-provided payload into a typed object
+   * before calling {@link validatePayload}. If omitted, the raw JSON value is forwarded.
+   */
+  syncPayloadSchema?: Schema.Schema<TSyncPayload>
+  /**
+   * Validates the (optionally decoded) payload during WebSocket connection establishment.
+   * If {@link syncPayloadSchema} is provided, `payload` will be of the schema's inferred type.
+   *
+   * The context includes request headers for cookie-based or header-based authentication.
+   *
+   * @example Cookie-based authentication
+   * ```ts
+   * validatePayload: async (payload, { storeId, headers }) => {
+   *   const cookie = headers.get('cookie')
+   *   const session = await validateSessionFromCookie(cookie)
+   *   if (!session) throw new Error('Unauthorized')
+   * }
+   * ```
+   *
    * Note: This runs only at connection time, not for individual push events.
-   * For push event validation, use the `onPush` callback in the durable object.
+   * For push event validation, use the `onPush` callback in the Durable Object.
    */
-  validatePayload?: (payload: Schema.JsonValue | undefined, context: { storeId: string }) => void | Promise<void>
+  validatePayload?: (payload: TSyncPayload, context: ValidatePayloadContext) => void | Promise<void>
   /** @default false */
   enableCORS?: boolean
-  durableObject?: {
-    /**
-     * Needs to match the binding name from the wrangler config
-     *
-     * @default 'SYNC_BACKEND_DO'
-     */
-    name?: HelperTypes.ExtractDurableObjectKeys<TEnv>
-  }
 }
 
+/**
+ * Produces a Cloudflare Worker `fetch` handler that delegates sync traffic to the
+ * Durable Object identified by `syncBackendBinding`.
+ *
+ * For more complex setups prefer implementing a custom `fetch` and call {@link handleSyncRequest}
+ * from the branch that handles LiveStore sync requests.
+ */
 export const makeWorker = <
   TEnv extends Env = Env,
   TDurableObjectRpc extends CfTypes.Rpc.DurableObjectBranded | undefined = undefined,
+  TSyncPayload = Schema.JsonValue,
 >(
-  options: MakeWorkerOptions<TEnv> = {},
+  options: MakeWorkerOptions<TEnv, TSyncPayload>,
 ): CFWorker<TEnv, TDurableObjectRpc> => {
   return {
     fetch: async (request, env, _ctx) => {
       const url = new URL(request.url)
 
-      const corsHeaders: CfTypes.HeadersInit = options.enableCORS
-        ? {
-            'Access-Control-Allow-Origin': '*',
-            'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
-            'Access-Control-Allow-Headers': request.headers.get('Access-Control-Request-Headers') ?? '*',
-          }
-        : {}
+      const corsHeaders: CfTypes.HeadersInit =
+        options.enableCORS === true
+          ? {
+              'Access-Control-Allow-Origin': '*',
+              'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+              'Access-Control-Allow-Headers': request.headers.get('Access-Control-Request-Headers') ?? '*',
+            }
+          : {}
 
-      if (request.method === 'OPTIONS' && options.enableCORS) {
+      if (request.method === 'OPTIONS' && options.enableCORS === true) {
         return new Response(null, {
           status: 204,
           headers: corsHeaders,
         })
       }
 
-      const requestParamsResult = getSyncRequestSearchParams(request)
+      const searchParams = matchSyncRequest(request)
 
       // Check if this is a sync request first, before showing info message
-      if (requestParamsResult._tag === 'Some') {
-        return handleSyncRequest<TEnv, TDurableObjectRpc>({
+      if (searchParams !== undefined) {
+        return handleSyncRequest<TEnv, TDurableObjectRpc, unknown, TSyncPayload>({
           request,
-          searchParams: requestParamsResult.value,
+          searchParams,
           env,
           ctx: _ctx,
-          options: {
-            headers: corsHeaders,
-            validatePayload: options.validatePayload,
-            durableObject: options.durableObject,
-          },
+          syncBackendBinding: options.syncBackendBinding,
+          headers: corsHeaders,
+          validatePayload: options.validatePayload,
+          syncPayloadSchema: options.syncPayloadSchema,
         })
       }
 
@@ -129,89 +136,112 @@ export const makeWorker = <
   }
 }
 
+/** Convert CF Request headers to a ForwardedHeaders map */
+const requestHeadersToMap = (request: CfTypes.Request): ForwardedHeaders => {
+  const result = new Map<string, string>()
+  request.headers.forEach((value, key) => {
+    result.set(key.toLowerCase(), value)
+  })
+  return result
+}
+
 /**
- * Handles `/sync` endpoint.
+ * Handles LiveStore sync requests (e.g. with search params `?storeId=...&transport=...`).
  *
- * @example
+ * @example Token-based authentication
  * ```ts
  * const validatePayload = (payload: Schema.JsonValue | undefined, context: { storeId: string }) => {
- *   console.log(`Validating connection for store: ${context.storeId}`)
  *   if (payload?.authToken !== 'insecure-token-change-me') {
  *     throw new Error('Invalid auth token')
  *   }
  * }
+ * ```
  *
- * export default {
- *   fetch: async (request, env, ctx) => {
- *     const requestParamsResult = getSyncRequestSearchParams(request)
- *
- *     // Is LiveStore sync request
- *     if (requestParamsResult._tag === 'Some') {
- *       return handleSyncRequest({
- *         request,
- *         searchParams: requestParamsResult.value,
- *         env,
- *         ctx,
- *         options: { headers: {}, validatePayload }
- *       })
- *     }
- *
- *     return new Response('Invalid path', { status: 400 })
- *   }
+ * @example Cookie-based authentication
+ * ```ts
+ * const validatePayload = async (payload: Schema.JsonValue | undefined, { storeId, headers }) => {
+ *   const cookie = headers.get('cookie')
+ *   const session = await validateSessionFromCookie(cookie)
+ *   if (!session) throw new Error('Unauthorized')
  * }
  * ```
  *
- * @throws {UnexpectedError} If the payload is invalid
+ * @throws {UnknownError} If the payload is invalid
  */
 export const handleSyncRequest = <
   TEnv extends Env = Env,
   TDurableObjectRpc extends CfTypes.Rpc.DurableObjectBranded | undefined = undefined,
   CFHostMetada = unknown,
+  TSyncPayload = Schema.JsonValue,
 >({
   request,
-  searchParams,
-  env,
-  options = {},
+  searchParams: { storeId, payload, transport },
+  env: explicitlyProvidedEnv,
+  syncBackendBinding,
+  headers,
+  validatePayload,
+  syncPayloadSchema,
 }: {
   request: CfTypes.Request<CFHostMetada>
   searchParams: SearchParams
-  env: TEnv
+  env?: TEnv | undefined
   /** Only there for type-level reasons */
   ctx: CfTypes.ExecutionContext
-  options?: {
-    headers?: CfTypes.HeadersInit
-    durableObject?: MakeWorkerOptions<TEnv>['durableObject']
-    validatePayload?: (payload: Schema.JsonValue | undefined, context: { storeId: string }) => void | Promise<void>
-  }
+  /** Binding name of the sync backend Durable Object */
+  syncBackendBinding: MakeWorkerOptions<TEnv, TSyncPayload>['syncBackendBinding']
+  headers?: CfTypes.HeadersInit | undefined
+  validatePayload?: MakeWorkerOptions<TEnv, TSyncPayload>['validatePayload']
+  syncPayloadSchema?: MakeWorkerOptions<TEnv, TSyncPayload>['syncPayloadSchema']
 }): Promise<CfTypes.Response> =>
   Effect.gen(function* () {
-    const { storeId, payload, transport } = searchParams
+    if (validatePayload !== undefined) {
+      // Convert request headers to a Map for the validation context
+      const requestHeaders = requestHeadersToMap(request)
 
-    if (options.validatePayload !== undefined) {
-      const result = yield* Effect.promise(async () => options.validatePayload!(payload, { storeId })).pipe(
-        UnexpectedError.mapToUnexpectedError,
-        Effect.either,
-      )
+      // Always decode with the supplied schema when present, even if payload is undefined.
+      // This ensures required payloads are enforced by the schema.
+      if (syncPayloadSchema !== undefined) {
+        const decodedEither = Schema.decodeUnknownEither(syncPayloadSchema)(payload)
+        if (decodedEither._tag === 'Left') {
+          const message = decodedEither.left.toString()
+          console.error('Invalid payload (decode failed)', message)
+          return new Response(message, { status: 400, ...(headers !== undefined ? { headers } : {}) })
+        }
+
+        const result = yield* Effect.promise(async () =>
+          validatePayload(decodedEither.right, { storeId, headers: requestHeaders }),
+        ).pipe(UnknownError.mapToUnknownError, Effect.either)
 
-      if (result._tag === 'Left') {
-        console.error('Invalid payload', result.left)
-        return new Response(result.left.toString(), { status: 400, headers: options.headers })
+        if (result._tag === 'Left') {
+          console.error('Invalid payload (validation failed)', result.left)
+          return new Response(result.left.toString(), { status: 400, ...(headers !== undefined ? { headers } : {}) })
+        }
+      } else {
+        const result = yield* Effect.promise(async () =>
+          validatePayload(payload as TSyncPayload, { storeId, headers: requestHeaders }),
+        ).pipe(UnknownError.mapToUnknownError, Effect.either)
+
+        if (result._tag === 'Left') {
+          console.error('Invalid payload (validation failed)', result.left)
+          return new Response(result.left.toString(), { status: 400, ...(headers !== undefined ? { headers } : {}) })
+        }
       }
     }
 
-    const durableObjectName = options.durableObject?.name ?? DEFAULT_SYNC_DURABLE_OBJECT_NAME
-    if (!(durableObjectName in env)) {
+    const env = explicitlyProvidedEnv ?? (importedEnv as TEnv)
+
+    if (!(syncBackendBinding in env)) {
       return new Response(
-        `Failed dependency: Required Durable Object binding '${durableObjectName as string}' not available`,
+        `Failed dependency: Required Durable Object binding '${syncBackendBinding as string}' not available`,
         {
           status: 424,
-          headers: options.headers,
+          ...(headers !== undefined ? { headers } : {}),
         },
       )
     }
 
     const durableObjectNamespace = env[
-      durableObjectName as keyof TEnv
+      syncBackendBinding as keyof TEnv
     ] as CfTypes.DurableObjectNamespace<TDurableObjectRpc>
 
     const id = durableObjectNamespace.idFromName(storeId)
@@ -222,7 +252,7 @@ export const handleSyncRequest = <
     if (transport === 'ws' && (upgradeHeader === null || upgradeHeader !== 'websocket')) {
       return new Response('Durable Object expected Upgrade: websocket', {
         status: 426,
-        headers: options?.headers,
+        ...(headers !== undefined ? { headers } : {}),
       })
     }
 

package/src/client/transport/do-rpc-client.ts

@@ -1,7 +1,9 @@
-import { InvalidPullError, InvalidPushError, SyncBackend, UnexpectedError } from '@livestore/common'
+import { SyncBackend, UnknownError } from '@livestore/common'
+import { splitChunkBySize } from '@livestore/common/sync'
 import { type CfTypes, layerProtocolDurableObject } from '@livestore/common-cf'
 import { omit, shouldNeverHappen } from '@livestore/utils'
 import {
+  Chunk,
   Effect,
   identity,
   Layer,
@@ -13,7 +15,9 @@ import {
   Stream,
   SubscriptionRef,
 } from '@livestore/utils/effect'
+
 import type { SyncBackendRpcInterface } from '../../cf-worker/shared.ts'
+import { MAX_DO_RPC_REQUEST_BYTES, MAX_PUSH_EVENTS_PER_REQUEST } from '../../common/constants.ts'
 import { SyncDoRpc } from '../../common/do-rpc-schema.ts'
 import { SyncMessage } from '../../common/mod.ts'
 import type { SyncMetadata } from '../../common/sync-message-types.ts'
@@ -70,9 +74,9 @@ export const makeDoRpcSync =
             })),
           ),
           storeId,
-          rpcContext: options?.live ? { callerContext: durableObjectContext } : undefined,
+          rpcContext: options?.live === true ? { callerContext: durableObjectContext } : undefined,
         }).pipe(
-          options?.live
+          options?.live === true
             ? Stream.concatWithLastElement((res) =>
                 Effect.gen(function* () {
                   if (res._tag === 'None')
@@ -90,30 +94,50 @@ export const makeDoRpcSync =
             : identity,
           Stream.tap((res) => backendIdHelper.lazySet(res.backendId)),
           Stream.map((res) => omit(res, ['backendId'])),
-          Stream.mapError((cause) => (cause._tag === 'InvalidPullError' ? cause : InvalidPullError.make({ cause }))),
+          Stream.mapError((cause) =>
+            cause._tag === 'UnknownError' || cause._tag === 'BackendIdMismatchError'
+              ? cause
+              : new UnknownError({ cause }),
+          ),
           Stream.withSpan('rpc-sync-client:pull'),
         )
 
-      const push: SyncBackend.SyncBackend<{ createdAt: string }>['push'] = (batch) =>
-        Effect.gen(function* () {
+      const push: SyncBackend.SyncBackend<{ createdAt: string }>['push'] = Effect.fn('rpc-sync-client:push')(
+        function* (batch) {
           if (batch.length === 0) {
             return
           }
 
-          yield* rpcClient.SyncDoRpc.Push({ batch, storeId, backendId: backendIdHelper.get() })
-        }).pipe(
-          Effect.mapError((cause) =>
-            cause._tag === 'InvalidPushError'
-              ? cause
-              : InvalidPushError.make({ cause: new UnexpectedError({ cause }) }),
-          ),
-          Effect.withSpan('rpc-sync-client:push'),
-        )
+          const backendId = backendIdHelper.get()
+          const batchChunks = yield* Chunk.fromIterable(batch).pipe(
+            splitChunkBySize({
+              maxItems: MAX_PUSH_EVENTS_PER_REQUEST,
+              maxBytes: MAX_DO_RPC_REQUEST_BYTES,
+              encode: (items) => ({
+                batch: items,
+                storeId,
+                backendId,
+              }),
+            }),
+            Effect.mapError((cause) => new UnknownError({ cause })),
+          )
+
+          for (const chunk of Chunk.toReadonlyArray(batchChunks)) {
+            const chunkArray = Chunk.toReadonlyArray(chunk)
+            yield* rpcClient.SyncDoRpc.Push({ batch: chunkArray, storeId, backendId })
+          }
+        },
+        Effect.mapError((cause) =>
+          cause._tag === 'UnknownError' || cause._tag === 'ServerAheadError' || cause._tag === 'BackendIdMismatchError'
+            ? cause
+            : new UnknownError({ cause }),
+        ),
+      )
 
       const ping: SyncBackend.SyncBackend<{ createdAt: string }>['ping'] = rpcClient.SyncDoRpc.Ping({
         storeId,
         payload,
-      }).pipe(UnexpectedError.mapToUnexpectedError, Effect.withSpan('rpc-sync-client:ping'))
+      }).pipe(UnknownError.mapToUnknownError, Effect.withSpan('rpc-sync-client:ping'))
 
       return SyncBackend.of({
         connect,
@@ -152,7 +176,7 @@ export const makeDoRpcSync =
 export const handleSyncUpdateRpc = (payload: unknown) =>
   Effect.gen(function* () {
     const decodedPayload = yield* Schema.decodeUnknown(ResponseChunkEncoded)(payload)
-    const decoded = yield* Schema.decodeUnknown(SyncMessage.PullResponse)(decodedPayload.values[0]!)
+    const decoded = yield* Schema.decodeUnknown(SyncMessage.PullResponse)(decodedPayload.values[0])
 
     const pullStreamMailbox = requestIdMailboxMap.get(decodedPayload.requestId)