agent-mesh-protocol 0.6.1

Cryptographic identity types and signed envelopes for agent-mesh.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

//! Crate-wide error type for `agent-mesh-protocol`.
//!
//! Every fallible operation in this crate returns [`Result<T>`] (an
//! alias for `Result<T, MeshError>`). The variants are deliberately
//! coarse — they cover *what* went wrong well enough that the CLI can
//! print a useful message, without forcing every caller to enumerate
//! a giant matrix of internal failure modes.

use thiserror::Error;

/// Errors that can arise from agent-mesh primitives.
#[derive(Debug, Error)]
pub enum MeshError {
    /// Underlying I/O failure (file read/write, permission, etc.).
    #[error("io error: {0}")]
    Io(#[from] std::io::Error),

    /// A key blob (private or public) was malformed or rejected by
    /// the underlying crypto library.
    #[error("invalid key format: {0}")]
    InvalidKey(String),

    /// An ed25519 signature failed to verify against its claimed key
    /// and message.
    #[error("signature verification failed")]
    BadSignature,

    /// A cert chain was structurally valid but semantically wrong —
    /// e.g. the user pubkey didn't sign the embedded metadata.
    #[error("invalid cert chain: {0}")]
    InvalidCertChain(String),

    /// A delegated agent's caveats are not `⊑` its parent's — delegation is
    /// attenuation-only, so a child may never grant more authority than the
    /// parent it chains to.
    #[error(
        "caveat amplification: a delegated agent may not grant more authority than its parent"
    )]
    CaveatAmplification,

    /// A credential or envelope was rejected because it claims an
    /// expired validity window.
    #[error("expired: {0}")]
    Expired(String),

    /// A wire envelope was structurally malformed (wrong shape, wrong
    /// CID, missing fields).
    #[error("malformed envelope: {0}")]
    MalformedEnvelope(String),

    /// A duplicate nonce was observed (replay detection).
    #[error("replay detected: nonce already seen")]
    Replay,

    /// An envelope arrived with the wrong sequence number for its
    /// sender's session.
    #[error("sequence error: expected {expected}, got {actual}")]
    BadSequence { expected: u64, actual: u64 },

    /// A serialization/deserialization failure (hex, serde, etc.).
    #[error("encoding error: {0}")]
    Encoding(String),
}

/// Convenience alias for the crate's `Result` type.
pub type Result<T> = std::result::Result<T, MeshError>;