pub enum AcdpError {
Show 28 variants
Canonicalization(String),
HashMismatch {
stored: ContentHash,
recomputed: ContentHash,
},
RemoteHashMismatch(String),
DataRefHashMismatch(String),
InvalidSignature(String),
KeyResolution(String),
KeyResolutionUnreachable(String),
KeyNotAuthorized(String),
InvalidBody(String),
MissingField(&'static str),
SchemaViolation(String),
PayloadTooLarge(String),
EmbeddedTooLarge(String),
UnsupportedAlgorithm(String),
NotImplemented(String),
NotFound(String),
NotAuthorized(String),
RateLimited(String),
CursorExpired,
InvalidCursor(String),
SupersededTarget {
reason: SupersessionReason,
message: String,
},
DuplicatePublish(String),
CrossRegistryResolutionFailed(String),
InvalidReceipt(String),
RegistryInternal(String),
Registry(WireError),
Serialization(String),
Http(String),
}Expand description
Top-level error type.
Variants§
Canonicalization(String)
JCS canonicalization failed (input not serializable).
HashMismatch
Stored content_hash did not match the recomputed value
(locally detected during signature verification).
Fields
stored: ContentHashThe hash claimed by the body or request.
recomputed: ContentHashThe hash recomputed by the verifier.
RemoteHashMismatch(String)
Wire code: hash_mismatch. The remote registry rejected a
publish request because its independent hash recomputation did
not match the producer-supplied content_hash. Distinct from
the local AcdpError::HashMismatch variant: this one carries
the registry’s message verbatim and indicates a producer-side
bug (most often canonicalization divergence — see RFC-ACDP-0001
§5.7 and the can-001 conformance fixture).
DataRefHashMismatch(String)
Wire code: data_ref_hash_mismatch. A DataRef’s fetched or decoded
bytes do not match the producer-declared data_ref.content_hash.
The body itself remains cryptographically valid — only the
referenced data has diverged. Distinct from
AcdpError::RemoteHashMismatch / AcdpError::HashMismatch
(body-level ProducerContent failure — the whole body is untrusted)
and AcdpError::InvalidSignature (a key / key-binding problem).
RFC-ACDP-0002 §6.5–6.6, RFC-ACDP-0007 §5.
InvalidSignature(String)
Signature verification failed or signature was malformed.
Wire code: invalid_signature.
KeyResolution(String)
Wire code: key_resolution_failed (HTTP 400).
KeyResolutionUnreachable(String)
Wire code: key_resolution_unreachable (HTTP 502) — transient, may retry.
KeyNotAuthorized(String)
Wire code: key_not_authorized (HTTP 403).
InvalidBody(String)
Producer body could not be parsed.
MissingField(&'static str)
A required field was missing.
SchemaViolation(String)
Schema validation failed (string length, array uniqueness, oneOf, etc).
Wire code: schema_violation.
PayloadTooLarge(String)
Wire code: payload_too_large — request body exceeds the registry limit.
EmbeddedTooLarge(String)
Wire code: embedded_too_large — a single DataRef.embedded.content
exceeds the 64 KB cap.
UnsupportedAlgorithm(String)
Wire code: unsupported_algorithm — the producer used a signature
algorithm the registry does not accept.
NotImplemented(String)
Wire code: not_implemented — endpoint or feature not supported by
this registry.
NotFound(String)
Wire code: not_found.
NotAuthorized(String)
Wire code: not_authorized — the caller is not permitted to access
this resource.
RateLimited(String)
Wire code: rate_limited.
CursorExpired
Wire code: cursor_expired.
InvalidCursor(String)
Wire code: invalid_cursor.
SupersededTarget
Wire code: superseded_target. The supersession target was rejected;
the SupersessionReason disambiguates the cause.
Fields
reason: SupersessionReasonWhy the target was rejected.
DuplicatePublish(String)
Wire code: duplicate_publish — an Idempotency-Key replay produced
a different request body than the original.
CrossRegistryResolutionFailed(String)
Wire code: cross_registry_resolution_failed.
InvalidReceipt(String)
Wire code: invalid_receipt. A registry_receipt failed
verification: bad signature, a cross-check mismatch (ctx_id,
content_hash, key_fingerprint, serving authority), a
malformed shape, or a receipt required by policy but absent.
Permanent — the receipt will not verify on retry.
RegistryInternal(String)
Wire code: internal_error.
Registry(WireError)
Catch-all for WireError codes that have no typed variant in this
version of the library. Forward-compatible: registries may emit
reserved codes (immutable_field, unsupported_embedding_model)
that future ACDP versions add.
Serialization(String)
JSON (de)serialization failed.
Http(String)
HTTP transport error.
Implementations§
Source§impl AcdpError
impl AcdpError
Sourcepub fn is_transient(&self) -> bool
pub fn is_transient(&self) -> bool
Whether this error is plausibly transient and worth retrying
with the same request body (and, if applicable, the same
Idempotency-Key).
Returned by AcdpError::is_transient only for variants whose
wire codes the spec marks retryable: key_resolution_unreachable
(RFC-ACDP-0001 §5.11), rate_limited (RFC-ACDP-0008 §4.3),
cross_registry_resolution_failed (RFC-ACDP-0006 §7), and
internal_error (RFC-ACDP-0007 §5). Generic Http transport
errors are conservatively treated as transient since they
usually mean DNS or TCP-level glitches.
All cryptographic, schema, and authorization errors are NOT transient: a malformed body or invalid signature will not magically validate on retry.
Sourcepub fn from_wire_error(wire: WireError) -> Self
pub fn from_wire_error(wire: WireError) -> Self
Map a wire-protocol crate::wire_error::WireError into a typed
AcdpError.
Codes the library does not yet recognize are returned as
AcdpError::Registry for forward compatibility.
Trait Implementations§
Source§impl Error for AcdpError
impl Error for AcdpError
1.30.0 · Source§fn source(&self) -> Option<&(dyn Error + 'static)>
fn source(&self) -> Option<&(dyn Error + 'static)>
1.0.0 · Source§fn description(&self) -> &str
fn description(&self) -> &str
use the Display impl or to_string()