Summary

The Proto RPC is defined in the RegistryServer protobuf service definition but is not implemented on the server side, causing RemoteRegistry.proto() calls to fail with UNIMPLEMENTED. The method was intentionally removed to prevent bypassing RBAC, since a raw passthrough of proxied_registry.proto() returns the entire registry without any permission checks.

Problem

• RemoteRegistry.proto() calls stub.Proto(Empty()) which fails because the server never implements the RPC.
• This breaks any code path that relies on BaseRegistry.proto() when using a remote registry (e.g., cache initialization in CachingRegistry, registry refresh, metrics collection).
• Simply re-adding return self.proxied_registry.proto() would reintroduce the RBAC bypass — all objects (entities, feature views, data sources, permissions, projects, etc.) would be returned regardless of the caller's authorization.

Proposed Solution

Implement RegistryServer.Proto by assembling the RegistryProto response from individual RBAC-filtered list calls, consistent with how every other RPC on RegistryServer enforces permissions:

• Use permitted_resources() with AuthzedAction.DESCRIBE for each object type (projects, entities, data sources, feature views, feature services, saved datasets, permissions, etc.).
• Construct and return a RegistryProto containing only objects the caller is authorized to see.

This ensures:

1. The proto service contract is honored (no UNIMPLEMENTED error).
2. RemoteRegistry works correctly as a BaseRegistry implementation.
3. RBAC is enforced — callers only see objects they have DESCRIBE access to.