Enum FailureReason 

pub enum FailureReason {
    Decode {
        message: String,
    },
    UnknownEventSchemaVersion {
        observed: u16,
        expected: u16,
    },
    PostCutoverV2AuditDispatchUnsupported {
        observed: u16,
        event_type: EventType,
    },
    Orphan {
        observed_prev: Option<String>,
        expected_prev: Option<String>,
    },
    HashBreak {
        which: HashKind,
        observed: String,
        expected: String,
    },
    OrdinalGap {
        trace_id: String,
        observed: u64,
        expected: u64,
    },
    MissingSignature,
    BadSignature {
        key_id: String,
        message: String,
    },
    UnknownAttestationSchemaVersion {
        observed: u16,
        expected: u16,
    },
    RotationEnvelopeRejected {
        message: String,
    },
}

What broke at a given row.

Variants

Decode

Row could not be parsed as an cortex_core::Event. Subsequent chain checks for this row are skipped.

Fields

message: String

Underlying serde error message.

UnknownEventSchemaVersion

Row’s semantic event schema version is not supported by this audit verifier. Unknown event schema versions fail closed instead of being silently verified under v1 hash framing.

Fields

observed: u16

Version observed on the row.

expected: u16

Version this build can verify.

PostCutoverV2AuditDispatchUnsupported

Row declares schema v2 but is not the supported schema_migration.v1_to_v2 boundary row. Retained for compatibility with archived Lane S2 reports produced before generic post-cutover v2 Event-wire dispatch landed.

Fields

observed: u16

Version observed on the row.

event_type: EventType

Event type observed on the unsupported schema v2 row.

Orphan

Row’s prev_event_hash does not point at the previous row’s event_hash.

Fields

observed_prev: Option<String>

What prev_event_hash says.

expected_prev: Option<String>

What it should have been.

HashBreak

Hash recompute failed.

Fields

which: HashKind

Which hash failed.

observed: String

Stored value on disk.

expected: String

Recomputed value.

OrdinalGap

An external ordinal stream had a gap or duplicate at this row. Not produced by the JSONL-only audit today; reserved for the SQL-aware audit pass.

Fields

trace_id: String

Trace this ordinal belongs to.

observed: u64

Observed ordinal.

expected: u64

Expected ordinal.

MissingSignature

Row carries no Ed25519 crate::signed_row::RowSignature but the signed-chain verifier (verify_signed_chain) requires every row to be signed (Lane 3.D.6, ADR 0010 §1 “Single asymmetric trust domain”). Pre-3.D.6 unsigned rows surface here.

BadSignature

Row’s Ed25519 signature did not verify under the active operator public key. Could indicate tampering, signature lift across keys, or a stale row whose prev_signature no longer matches the chain.

Fields

key_id: String

key_id declared on the row’s signature.

message: String

Free-form reason from the verifier (malformed bytes, signature did not verify, etc.).

UnknownAttestationSchemaVersion

Row’s crate::signed_row::RowSignature::schema_version does not match cortex_core::canonical::SCHEMA_VERSION_ATTESTATION. Verifiers fail closed on unknown attestation schema versions per ADR 0010 §1b.

Fields

observed: u16

Version observed on the row.

expected: u16

Version this build understands.

RotationEnvelopeRejected

An identity.rotate row’s embedded rotation envelope did not verify under the currently-active operator public key. The verifier rejects the rotation and continues with the prior key, so any subsequent rows signed by the proposed-but-unauthorized new key will themselves fail with Self::BadSignature.

Fields

message: String

Reason the embedded envelope failed to verify.

Implementations

impl FailureReason

pub fn invariant(&self) -> Option<&'static str>

Stable invariant name for failure kinds that have operator-facing invariant contracts.

Trait Implementations

impl Clone for FailureReason

fn clone(&self) -> FailureReason

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for FailureReason

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for FailureReason

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for FailureReason

fn eq(&self, other: &FailureReason) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for FailureReason

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for FailureReason

impl StructuralPartialEq for FailureReason