smokesignal.events / quickdid
QuickDID is a high-performance AT Protocol identity resolution service written in Rust. It provides handle-to-DID resolution with Redis-backed caching and queue processing.
fork atom
Rust 92.8%
Shell 3.8%
HTML 2.4%
Dockerfile 0.4%
Other 0.6%
58 1 5

Clone this repository

https://tangled.org/smokesignal.events/quickdid
git@tangled.org:smokesignal.events/quickdid

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
README.md

QuickDID#

QuickDID is a high-performance AT Protocol identity resolution service written in Rust. It provides blazing-fast handle-to-DID resolution with intelligent caching strategies, supporting in-memory, Redis-backed, and SQLite-backed persistent caching with binary serialization for optimal storage efficiency. The service includes proactive cache refreshing to maintain optimal performance and comprehensive metrics support for production monitoring.

Built following the 12-factor app methodology with minimal dependencies and optimized for production use, QuickDID delivers exceptional performance while maintaining a lean footprint. Configuration is handled exclusively through environment variables, with only --version and --help command-line arguments supported.

⚠️ Production Disclaimer#

This project is a release candidate and has not been fully vetted for production use. While it includes comprehensive error handling and has been designed with production features in mind, more thorough testing is necessary before deploying in critical environments. Use at your own risk and conduct appropriate testing for your use case.

Performance#

QuickDID is designed for high throughput and low latency:

  • Binary serialization reduces cache storage by ~40% compared to JSON
  • Rate limiting protects upstream services from being overwhelmed
  • Work shedding in SQLite queue adapter prevents unbounded growth
  • Configurable TTLs allow fine-tuning cache freshness vs. performance
  • Connection pooling for Redis minimizes connection overhead

Features#

  • Fast Handle Resolution: Resolves AT Protocol handles to DIDs using DNS TXT records and HTTP well-known endpoints
  • Bidirectional Caching: Supports both handle-to-DID and DID-to-handle lookups with automatic cache synchronization
  • Multi-Layer Caching: Flexible caching with three tiers:
    • In-memory caching with configurable TTL (default: 600 seconds)
    • Redis-backed persistent caching (default: 90-day TTL)
    • SQLite-backed persistent caching (default: 90-day TTL)
  • Jetstream Consumer: Real-time cache updates from AT Protocol firehose:
    • Processes Account and Identity events
    • Automatically purges deleted/deactivated accounts
    • Updates handle-to-DID mappings in real-time
    • Comprehensive metrics for event processing
    • Automatic reconnection with backoff
  • HTTP Caching: Client-side caching support with:
    • ETag generation with configurable seed for cache invalidation
    • Cache-Control headers with max-age, stale-while-revalidate, and stale-if-error directives
    • CORS headers for cross-origin requests
  • Rate Limiting: Semaphore-based concurrency control with optional timeout to protect upstream services
  • Binary Serialization: Compact storage format reduces cache size by ~40% compared to JSON
  • Queue Processing: Asynchronous handle resolution with multiple adapters:
    • MPSC (in-memory, default)
    • Redis (distributed)
    • SQLite (persistent with work shedding)
    • No-op (testing)
  • Metrics & Monitoring:
    • StatsD metrics support for counters, gauges, and timings
    • Resolution timing measurements
    • Jetstream event processing metrics
    • Configurable tags for environment/service identification
    • Integration guides for Telegraf and TimescaleDB
    • Configurable bind address for StatsD UDP socket (IPv4/IPv6)
  • Proactive Cache Refresh:
    • Automatically refreshes cache entries before expiration
    • Configurable refresh threshold
    • Prevents cache misses for frequently accessed handles
    • Metrics tracking for refresh operations
  • Queue Deduplication:
    • Redis-based deduplication for queue items
    • Prevents duplicate handle resolution work
    • Configurable TTL for deduplication keys
  • Cache Management APIs:
    • purge method for removing entries by handle or DID
    • set method for manually updating handle-to-DID mappings
    • Chainable operations across resolver layers
  • AT Protocol Compatible: Implements XRPC endpoints for seamless integration with AT Protocol infrastructure
  • Comprehensive Error Handling: Structured errors with unique identifiers (e.g., error-quickdid-config-1), health checks, and graceful shutdown
  • 12-Factor App: Environment-based configuration following cloud-native best practices
  • Minimal Dependencies: Optimized dependency tree for faster compilation and reduced attack surface

Building#

Prerequisites#

  • Rust 1.70 or later
  • Redis (optional, for persistent caching and distributed queuing)
  • SQLite 3.35+ (optional, for single-instance persistent caching)

Build Commands#

# Clone the repository
git clone https://github.com/yourusername/quickdid.git
cd quickdid

# Build the project
cargo build --release

# Run tests
cargo test

# Run with debug logging
RUST_LOG=debug cargo run

Minimum Configuration#

QuickDID requires minimal configuration to run. Configuration is validated at startup, and the service will exit with specific error codes if validation fails.

Required#

  • HTTP_EXTERNAL: External hostname for service endpoints (e.g., localhost:3007)

Example Minimal Setup#

HTTP_EXTERNAL=localhost:3007 cargo run

Static Files#

QuickDID serves static files from the www directory by default. This includes:

  • Landing page (index.html)
  • AT Protocol well-known files (.well-known/atproto-did and .well-known/did.json)

Generate the .well-known files for your deployment:

HTTP_EXTERNAL=your-domain.com ./generate-wellknown.sh

This will start QuickDID with:

  • HTTP server on port 8080 (default)
  • In-memory caching only (600-second TTL default)
  • MPSC queue adapter for async processing
  • Default worker ID: "worker1"
  • Connection to plc.directory for DID resolution
  • Rate limiting disabled (default)

Optional Configuration#

For production deployments, consider these additional environment variables:

Network & Service#

  • HTTP_PORT: Server port (default: 8080)
  • PLC_HOSTNAME: PLC directory hostname (default: plc.directory)
  • USER_AGENT: HTTP User-Agent for outgoing requests
  • DNS_NAMESERVERS: Custom DNS servers (comma-separated)

Caching#

  • REDIS_URL: Redis connection URL (e.g., redis://localhost:6379)
  • SQLITE_URL: SQLite database URL (e.g., sqlite:./quickdid.db)
  • CACHE_TTL_MEMORY: In-memory cache TTL in seconds (default: 600)
  • CACHE_TTL_REDIS: Redis cache TTL in seconds (default: 7776000 = 90 days)
  • CACHE_TTL_SQLITE: SQLite cache TTL in seconds (default: 7776000 = 90 days)

Queue Processing#

  • QUEUE_ADAPTER: Queue type - 'mpsc', 'redis', 'sqlite', 'noop', or 'none' (default: mpsc)
  • QUEUE_WORKER_ID: Worker identifier (default: worker1)
  • QUEUE_BUFFER_SIZE: MPSC queue buffer size (default: 1000)
  • QUEUE_REDIS_PREFIX: Redis key prefix for queues (default: queue:handleresolver:)
  • QUEUE_REDIS_TIMEOUT: Redis blocking timeout in seconds (default: 5)
  • QUEUE_REDIS_DEDUP_ENABLED: Enable queue deduplication (default: false)
  • QUEUE_REDIS_DEDUP_TTL: TTL for deduplication keys in seconds (default: 60)
  • QUEUE_SQLITE_MAX_SIZE: Max SQLite queue size for work shedding (default: 10000)

Rate Limiting#

  • RESOLVER_MAX_CONCURRENT: Maximum concurrent handle resolutions (default: 0 = disabled)
  • RESOLVER_MAX_CONCURRENT_TIMEOUT_MS: Timeout for acquiring rate limit permit in ms (default: 0 = no timeout)

HTTP Cache Control#

  • CACHE_MAX_AGE: Max-age for Cache-Control header in seconds (default: 86400)
  • CACHE_STALE_IF_ERROR: Stale-if-error directive in seconds (default: 172800)
  • CACHE_STALE_WHILE_REVALIDATE: Stale-while-revalidate in seconds (default: 86400)
  • CACHE_MAX_STALE: Max-stale directive in seconds (default: 86400)
  • ETAG_SEED: Seed value for ETag generation (default: application version)

Metrics#

  • METRICS_ADAPTER: Metrics adapter type - 'noop' or 'statsd' (default: noop)
  • METRICS_STATSD_HOST: StatsD host and port (required when METRICS_ADAPTER=statsd)
  • METRICS_STATSD_BIND: Bind address for StatsD UDP socket (default: [::]:0 for IPv6, can use 0.0.0.0:0 for IPv4)
  • METRICS_PREFIX: Prefix for all metrics (default: quickdid)
  • METRICS_TAGS: Comma-separated tags (e.g., env:prod,service:quickdid)

Proactive Refresh#

  • PROACTIVE_REFRESH_ENABLED: Enable proactive cache refreshing (default: false)
  • PROACTIVE_REFRESH_THRESHOLD: Refresh when TTL remaining is below this threshold (0.0-1.0, default: 0.8)

Jetstream Consumer#

  • JETSTREAM_ENABLED: Enable Jetstream consumer for real-time cache updates (default: false)
  • JETSTREAM_HOSTNAME: Jetstream WebSocket hostname (default: jetstream.atproto.tools)

Static Files#

  • STATIC_FILES_DIR: Directory for serving static files (default: www)

Logging#

  • RUST_LOG: Logging level (e.g., debug, info, warn, error)

Production Examples#

Redis-based with Metrics and Jetstream (Multi-instance/HA)#

HTTP_EXTERNAL=quickdid.example.com \
HTTP_PORT=3000 \
REDIS_URL=redis://localhost:6379 \
CACHE_TTL_REDIS=86400 \
QUEUE_ADAPTER=redis \
QUEUE_WORKER_ID=prod-worker-1 \
RESOLVER_MAX_CONCURRENT=100 \
RESOLVER_MAX_CONCURRENT_TIMEOUT_MS=5000 \
METRICS_ADAPTER=statsd \
METRICS_STATSD_HOST=localhost:8125 \
METRICS_PREFIX=quickdid \
METRICS_TAGS=env:prod,service:quickdid \
CACHE_MAX_AGE=86400 \
JETSTREAM_ENABLED=true \
JETSTREAM_HOSTNAME=jetstream.atproto.tools \
RUST_LOG=info \
./target/release/quickdid

SQLite-based (Single-instance)#

HTTP_EXTERNAL=quickdid.example.com \
HTTP_PORT=3000 \
SQLITE_URL=sqlite:./quickdid.db \
CACHE_TTL_SQLITE=86400 \
QUEUE_ADAPTER=sqlite \
QUEUE_SQLITE_MAX_SIZE=10000 \
RESOLVER_MAX_CONCURRENT=50 \
RUST_LOG=info \
./target/release/quickdid

Architecture#

QuickDID uses a layered architecture for optimal performance:

Request → Cache Layer → Proactive Refresh → Rate Limiter → Base Resolver → DNS/HTTP
           ↓                  ↓                 ↓               ↓
        Memory/Redis/    Background         Semaphore      AT Protocol
          SQLite         Refresher         (optional)     Infrastructure
             ↑                                                  
       Jetstream Consumer ← Real-time Updates from AT Protocol Firehose

Cache Priority#

QuickDID checks caches in this order:

  1. Redis (if configured) - Best for distributed deployments
  2. SQLite (if configured) - Best for single-instance with persistence
  3. In-memory (fallback) - Always available

Real-time Cache Updates#

When Jetstream is enabled, QuickDID maintains cache consistency by:

  • Processing Account events to purge deleted/deactivated accounts
  • Processing Identity events to update handle-to-DID mappings
  • Automatically reconnecting with exponential backoff on connection failures
  • Tracking metrics for successful and failed event processing

Deployment Strategies#

  • Single-instance: Use SQLite for both caching and queuing
  • Multi-instance/HA: Use Redis for distributed caching and queuing
  • Development: Use in-memory caching with MPSC queuing
  • Real-time sync: Enable Jetstream consumer for live cache updates

API Endpoints#

  • GET /_health - Health check endpoint
  • GET /xrpc/com.atproto.identity.resolveHandle - Resolve handle to DID
  • GET /.well-known/atproto-did - Serve DID document for the service
  • OPTIONS /* - CORS preflight support for all endpoints

Docker Deployment#

QuickDID can be deployed using Docker. See the production deployment guide for detailed Docker and Docker Compose configurations.

Quick Docker Setup#

# Build the image
docker build -t quickdid:latest .

# Run with environment file
docker run -d \
  --name quickdid \
  --env-file .env \
  -p 8080:8080 \
  quickdid:latest

Documentation#

Railway Deployment#

QuickDID includes Railway deployment resources in the railway-resources/ directory for easy deployment with metrics support via Telegraf. See the deployment configurations for one-click deployment options.

License#

This project is open source and available under the MIT License.

Copyright (c) 2025 Nick Gerakines

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.