Skip to main content

agent_mesh_protocol/
error.rs

1//! Crate-wide error type for `agent-mesh-protocol`.
2//!
3//! Every fallible operation in this crate returns [`Result<T>`] (an
4//! alias for `Result<T, MeshError>`). The variants are deliberately
5//! coarse — they cover *what* went wrong well enough that the CLI can
6//! print a useful message, without forcing every caller to enumerate
7//! a giant matrix of internal failure modes.
8
9use thiserror::Error;
10
11/// Errors that can arise from agent-mesh primitives.
12#[derive(Debug, Error)]
13pub enum MeshError {
14    /// Underlying I/O failure (file read/write, permission, etc.).
15    #[error("io error: {0}")]
16    Io(#[from] std::io::Error),
17
18    /// A key blob (private or public) was malformed or rejected by
19    /// the underlying crypto library.
20    #[error("invalid key format: {0}")]
21    InvalidKey(String),
22
23    /// An ed25519 signature failed to verify against its claimed key
24    /// and message.
25    #[error("signature verification failed")]
26    BadSignature,
27
28    /// A cert chain was structurally valid but semantically wrong —
29    /// e.g. the user pubkey didn't sign the embedded metadata.
30    #[error("invalid cert chain: {0}")]
31    InvalidCertChain(String),
32
33    /// A delegated agent's caveats are not `⊑` its parent's — delegation is
34    /// attenuation-only, so a child may never grant more authority than the
35    /// parent it chains to.
36    #[error(
37        "caveat amplification: a delegated agent may not grant more authority than its parent"
38    )]
39    CaveatAmplification,
40
41    /// A credential or envelope was rejected because it claims an
42    /// expired validity window.
43    #[error("expired: {0}")]
44    Expired(String),
45
46    /// A wire envelope was structurally malformed (wrong shape, wrong
47    /// CID, missing fields).
48    #[error("malformed envelope: {0}")]
49    MalformedEnvelope(String),
50
51    /// A duplicate nonce was observed (replay detection).
52    #[error("replay detected: nonce already seen")]
53    Replay,
54
55    /// An envelope arrived with the wrong sequence number for its
56    /// sender's session.
57    #[error("sequence error: expected {expected}, got {actual}")]
58    BadSequence { expected: u64, actual: u64 },
59
60    /// A serialization/deserialization failure (hex, serde, etc.).
61    #[error("encoding error: {0}")]
62    Encoding(String),
63}
64
65/// Convenience alias for the crate's `Result` type.
66pub type Result<T> = std::result::Result<T, MeshError>;