Plc (FSharp.ATProto)

Plc Module

Namespace: FSharp.ATProto.Core
Assembly: FSharp.ATProto.Core.dll

Client for the PLC Directory -- the public ledger for did:plc:* DIDs. Provides read operations (resolve, audit log, export) that require no authentication, and operation construction/signing helpers for DID document updates.

The PLC Directory is a centralized but auditable registry. All read endpoints are public and require only an HttpClient. Write operations (creating or updating DID documents) require signing with a rotation key, but this module does NOT depend on FSharp.ATProto.Crypto directly -- signing is injected via a byte[] -> byte[] function parameter.

Types

Type	Description
AuditEntry	An entry in the PLC audit log, representing one historical operation on a DID.
ExportEntry	An entry in the PLC export stream. Same as AuditEntry but sourced from the global export endpoint rather than a per-DID audit log.
PlcDocument	A resolved DID document from the PLC Directory. This is the W3C DID Document format returned by `GET /{did}`.
PlcError	Error type for PLC Directory operations.
PlcOperation	A PLC operation that creates, updates, or tombstones a DID document. Operations are signed with a rotation key and submitted to the PLC Directory.
PlcOperationType	The type of a PLC operation.
PlcService	A service endpoint entry in a PLC operation. Maps a service identifier (e.g. `"atproto_pds"`) to its type and endpoint URL.

Functions and values

Function or value	Description
`DefaultBaseUrl` Full Usage: `DefaultBaseUrl` Returns: `string`	Default PLC Directory base URL. Returns: `string`
`createGenesisOp rotationKeys verificationMethods alsoKnownAs services` Full Usage: `createGenesisOp rotationKeys verificationMethods alsoKnownAs services` Parameters: rotationKeys : `string list` - The rotation keys (1-5 `did:key` values) that will control this DID. verificationMethods : `Map<string, string>` - Verification methods as a map of key ID to `did:key` value. alsoKnownAs : `string list` - Alternative identifiers (e.g. `["at://handle.bsky.social"]`). services : `Map<string, PlcService>` - Service endpoints keyed by service ID. Returns: `PlcOperation` An unsigned PlcOperation with `prev = None` and `sig = None`.	Create an unsigned genesis operation (the first operation for a new DID). The `prev` field is `None` because there is no prior operation. rotationKeys : `string list` The rotation keys (1-5 `did:key` values) that will control this DID. verificationMethods : `Map<string, string>` Verification methods as a map of key ID to `did:key` value. alsoKnownAs : `string list` Alternative identifiers (e.g. `["at://handle.bsky.social"]`). services : `Map<string, PlcService>` Service endpoints keyed by service ID. Returns: `PlcOperation` An unsigned PlcOperation with `prev = None` and `sig = None`.
`createRotationOp prev rotationKeys verificationMethods alsoKnownAs services` Full Usage: `createRotationOp prev rotationKeys verificationMethods alsoKnownAs services` Parameters: prev : `string` - The CID of the previous operation in the log. rotationKeys : `string list` - The new rotation keys. verificationMethods : `Map<string, string>` - The new verification methods. alsoKnownAs : `string list` - The new alternative identifiers. services : `Map<string, PlcService>` - The new service endpoints. Returns: `PlcOperation` An unsigned PlcOperation with the given `prev` CID.	Create an unsigned rotation (update) operation that modifies the DID document. prev : `string` The CID of the previous operation in the log. rotationKeys : `string list` The new rotation keys. verificationMethods : `Map<string, string>` The new verification methods. alsoKnownAs : `string list` The new alternative identifiers. services : `Map<string, PlcService>` The new service endpoints. Returns: `PlcOperation` An unsigned PlcOperation with the given `prev` CID.
`createTombstoneOp prev` Full Usage: `createTombstoneOp prev` Parameters: prev : `string` - The CID of the previous operation in the log. Returns: `PlcOperation` An unsigned tombstone PlcOperation.	Create an unsigned tombstone operation that deactivates the DID. prev : `string` The CID of the previous operation in the log. Returns: `PlcOperation` An unsigned tombstone PlcOperation.
`export client after count baseUrl` Full Usage: `export client after count baseUrl` Parameters: client : `HttpClient` - An HttpClient for making the request. after : `string option` - Optional cursor (ISO 8601 timestamp) to resume export from. count : `int option` - Optional maximum number of entries to return. baseUrl : `string option` - The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<ExportEntry list, PlcError>>` A list of ExportEntry on success, or a PlcError on failure.	Export operations from the PLC Directory. Calls `GET {baseUrl}/export?after={after}&count={count}`. The export endpoint returns newline-delimited JSON (NDJSON). client : `HttpClient` An HttpClient for making the request. after : `string option` Optional cursor (ISO 8601 timestamp) to resume export from. count : `int option` Optional maximum number of entries to return. baseUrl : `string option` The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<ExportEntry list, PlcError>>` A list of ExportEntry on success, or a PlcError on failure.
`getAuditLog client did baseUrl` Full Usage: `getAuditLog client did baseUrl` Parameters: client : `HttpClient` - An HttpClient for making the request. did : `Did` - The DID to get the audit log for. baseUrl : `string option` - The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<AuditEntry list, PlcError>>` A list of AuditEntry on success, or a PlcError on failure.	Get the audit log for a `did:plc:*` DID. Calls `GET {baseUrl}/{did}/log/audit` on the PLC Directory. Returns the complete history of signed operations for the DID. client : `HttpClient` An HttpClient for making the request. did : `Did` The DID to get the audit log for. baseUrl : `string option` The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<AuditEntry list, PlcError>>` A list of AuditEntry on success, or a PlcError on failure.
`resolve client did baseUrl` Full Usage: `resolve client did baseUrl` Parameters: client : `HttpClient` - An HttpClient for making the request. did : `Did` - The DID to resolve. baseUrl : `string option` - The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<PlcDocument, PlcError>>` The resolved PlcDocument on success, or a PlcError on failure.	Resolve a `did:plc:*` DID to its current DID document. Calls `GET {baseUrl}/{did}` on the PLC Directory. client : `HttpClient` An HttpClient for making the request. did : `Did` The DID to resolve. baseUrl : `string option` The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<PlcDocument, PlcError>>` The resolved PlcDocument on success, or a PlcError on failure.
`serializeForSigning op` Full Usage: `serializeForSigning op` Parameters: op : `PlcOperation` Returns: `byte[]`	Serialize a PLC operation to its canonical JSON bytes for signing. The `sig` field is omitted from the signing input per the PLC spec. op : `PlcOperation` Returns: `byte[]`
`serializeWithSig op` Full Usage: `serializeWithSig op` Parameters: op : `PlcOperation` Returns: `byte[]`	Serialize a PLC operation to JSON bytes including the signature. Used for submitting to the PLC Directory. op : `PlcOperation` Returns: `byte[]`
`signOperation sign op` Full Usage: `signOperation sign op` Parameters: sign : `byte[] -> byte[]` - A signing function that takes raw bytes and returns a 64-byte signature. Typically `Signing.sign keyPair` from the Crypto project. op : `PlcOperation` - The unsigned operation to sign. Returns: `PlcOperation` The operation with the `sig` field populated.	Sign a PLC operation with a rotation key. The sign function should produce a 64-byte compact ECDSA signature (r \|\| s) over the input bytes. The data is the canonical JSON encoding of the operation (without the `sig` field). sign : `byte[] -> byte[]` A signing function that takes raw bytes and returns a 64-byte signature. Typically `Signing.sign keyPair` from the Crypto project. op : `PlcOperation` The unsigned operation to sign. Returns: `PlcOperation` The operation with the `sig` field populated.
`submitOperation client did op baseUrl` Full Usage: `submitOperation client did op baseUrl` Parameters: client : `HttpClient` - An HttpClient for making the request. did : `Did` - The DID to submit the operation for. op : `PlcOperation` - The signed operation to submit. Must have a `Sig` value. baseUrl : `string option` - The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<unit, PlcError>>` `Ok ()` on success, or a PlcError on failure.	Submit a signed PLC operation to the PLC Directory. Calls `POST {baseUrl}/{did}` with the serialized operation as the JSON body. client : `HttpClient` An HttpClient for making the request. did : `Did` The DID to submit the operation for. op : `PlcOperation` The signed operation to submit. Must have a `Sig` value. baseUrl : `string option` The PLC Directory base URL. Defaults to `https://plc.directory`. Returns: `Task<Result<unit, PlcError>>` `Ok ()` on success, or a PlcError on failure.