@private.me/xbind 1.2.15 → 1.2.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +92 -2
- package/dist-standalone/cjs/errors.js +265 -1
- package/dist-standalone/cjs/security-policy.js +55 -14
- package/dist-standalone/cli/init.js +0 -0
- package/dist-standalone/errors.d.ts +4 -0
- package/dist-standalone/errors.js +263 -0
- package/dist-standalone/security-policy.d.ts +8 -4
- package/dist-standalone/security-policy.js +55 -14
- package/package.json +14 -13
- package/share1.dat +0 -0
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
* class-based error for try/catch consumers.
|
|
9
9
|
*/
|
|
10
10
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
-
exports.XBindAgentError = exports.XBindSplitChannelError = exports.XBindKeyAgreementError = exports.XBindRegistryError = exports.XBindTransportError = exports.XBindEnvelopeError = exports.XBindIdentityError = exports.XBindError = void 0;
|
|
11
|
+
exports.XBindBillingError = exports.XBindAgentError = exports.XBindSplitChannelError = exports.XBindKeyAgreementError = exports.XBindRegistryError = exports.XBindTransportError = exports.XBindEnvelopeError = exports.XBindIdentityError = exports.XBindError = void 0;
|
|
12
12
|
exports.createXBindErrorDetail = createXBindErrorDetail;
|
|
13
13
|
exports.toXBindError = toXBindError;
|
|
14
14
|
exports.isXBindError = isXBindError;
|
|
@@ -88,6 +88,14 @@ class XBindAgentError extends XBindError {
|
|
|
88
88
|
}
|
|
89
89
|
}
|
|
90
90
|
exports.XBindAgentError = XBindAgentError;
|
|
91
|
+
/** Billing and payment errors (subscriptions, limits, verification). */
|
|
92
|
+
class XBindBillingError extends XBindError {
|
|
93
|
+
constructor(code, message) {
|
|
94
|
+
super(code, message, `${DOC_BASE}#billing`);
|
|
95
|
+
this.name = "XBindBillingError";
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
exports.XBindBillingError = XBindBillingError;
|
|
91
99
|
/**
|
|
92
100
|
* Create detailed error information for a given error code.
|
|
93
101
|
*
|
|
@@ -119,6 +127,9 @@ const ERROR_DETAILS = {
|
|
|
119
127
|
suggested_action: 'Verify runtime environment supports Web Crypto API and retry key generation',
|
|
120
128
|
severity: 'critical',
|
|
121
129
|
docs: `${DOC_BASE}#identity`,
|
|
130
|
+
aws: 'InternalFailure',
|
|
131
|
+
grpc: 13,
|
|
132
|
+
http: 500,
|
|
122
133
|
},
|
|
123
134
|
SIGN_FAILED: {
|
|
124
135
|
message: 'Signing failed',
|
|
@@ -126,6 +137,9 @@ const ERROR_DETAILS = {
|
|
|
126
137
|
suggested_action: 'Verify private key is valid and properly imported with extractable flag',
|
|
127
138
|
severity: 'high',
|
|
128
139
|
docs: `${DOC_BASE}#identity`,
|
|
140
|
+
aws: 'InternalFailure',
|
|
141
|
+
grpc: 13,
|
|
142
|
+
http: 500,
|
|
129
143
|
},
|
|
130
144
|
VERIFY_FAILED: {
|
|
131
145
|
message: 'Signature verification failed',
|
|
@@ -133,6 +147,9 @@ const ERROR_DETAILS = {
|
|
|
133
147
|
suggested_action: 'Verify sender public key and message integrity before retrying',
|
|
134
148
|
severity: 'critical',
|
|
135
149
|
docs: `${DOC_BASE}#identity`,
|
|
150
|
+
aws: 'InvalidParameterValue',
|
|
151
|
+
grpc: 3,
|
|
152
|
+
http: 400,
|
|
136
153
|
},
|
|
137
154
|
INVALID_DID: {
|
|
138
155
|
message: 'DID format is invalid',
|
|
@@ -141,6 +158,9 @@ const ERROR_DETAILS = {
|
|
|
141
158
|
suggested_action: 'Use validateDID() helper to verify format before processing',
|
|
142
159
|
severity: 'high',
|
|
143
160
|
docs: `${DOC_BASE}#identity`,
|
|
161
|
+
aws: 'InvalidParameterValue',
|
|
162
|
+
grpc: 3,
|
|
163
|
+
http: 400,
|
|
144
164
|
},
|
|
145
165
|
INVALID_KEY_LENGTH: {
|
|
146
166
|
message: 'Key material has incorrect length',
|
|
@@ -148,6 +168,9 @@ const ERROR_DETAILS = {
|
|
|
148
168
|
suggested_action: 'Verify key is exactly 32 bytes and properly base64-decoded',
|
|
149
169
|
severity: 'high',
|
|
150
170
|
docs: `${DOC_BASE}#key-agreement`,
|
|
171
|
+
aws: 'InvalidParameterValue',
|
|
172
|
+
grpc: 3,
|
|
173
|
+
http: 400,
|
|
151
174
|
},
|
|
152
175
|
EXPORT_FAILED: {
|
|
153
176
|
message: 'PKCS8 export failed',
|
|
@@ -155,6 +178,9 @@ const ERROR_DETAILS = {
|
|
|
155
178
|
suggested_action: 'Create key with extractable:true flag and verify Web Crypto API support',
|
|
156
179
|
severity: 'medium',
|
|
157
180
|
docs: `${DOC_BASE}#identity`,
|
|
181
|
+
aws: 'InternalFailure',
|
|
182
|
+
grpc: 13,
|
|
183
|
+
http: 500,
|
|
158
184
|
},
|
|
159
185
|
IMPORT_FAILED: {
|
|
160
186
|
message: 'PKCS8 import failed',
|
|
@@ -162,6 +188,9 @@ const ERROR_DETAILS = {
|
|
|
162
188
|
suggested_action: 'Validate PKCS8 format and verify key data is not corrupted',
|
|
163
189
|
severity: 'high',
|
|
164
190
|
docs: `${DOC_BASE}#identity`,
|
|
191
|
+
aws: 'InvalidParameterValue',
|
|
192
|
+
grpc: 3,
|
|
193
|
+
http: 400,
|
|
165
194
|
},
|
|
166
195
|
// Envelope
|
|
167
196
|
INVALID_VERSION: {
|
|
@@ -171,6 +200,9 @@ const ERROR_DETAILS = {
|
|
|
171
200
|
suggested_action: 'Update SDK or request sender to use compatible version (v1-v4)',
|
|
172
201
|
severity: 'high',
|
|
173
202
|
docs: `${DOC_BASE}#envelope`,
|
|
203
|
+
aws: 'ValidationException',
|
|
204
|
+
grpc: 3,
|
|
205
|
+
http: 400,
|
|
174
206
|
},
|
|
175
207
|
INVALID_ALG: {
|
|
176
208
|
message: 'Unknown encryption algorithm',
|
|
@@ -179,6 +211,9 @@ const ERROR_DETAILS = {
|
|
|
179
211
|
suggested_action: 'Verify sender uses AES-256-GCM algorithm',
|
|
180
212
|
severity: 'high',
|
|
181
213
|
docs: `${DOC_BASE}#envelope`,
|
|
214
|
+
aws: 'ValidationException',
|
|
215
|
+
grpc: 3,
|
|
216
|
+
http: 400,
|
|
182
217
|
},
|
|
183
218
|
INVALID_NONCE: {
|
|
184
219
|
message: 'Nonce is missing or invalid',
|
|
@@ -187,6 +222,9 @@ const ERROR_DETAILS = {
|
|
|
187
222
|
suggested_action: 'Verify nonce is 12 bytes and properly base64-encoded',
|
|
188
223
|
severity: 'critical',
|
|
189
224
|
docs: `${DOC_BASE}#envelope`,
|
|
225
|
+
aws: 'ValidationException',
|
|
226
|
+
grpc: 3,
|
|
227
|
+
http: 400,
|
|
190
228
|
},
|
|
191
229
|
INVALID_FIELDS: {
|
|
192
230
|
message: 'Required envelope fields are missing',
|
|
@@ -194,6 +232,9 @@ const ERROR_DETAILS = {
|
|
|
194
232
|
suggested_action: 'Validate all required envelope fields are present',
|
|
195
233
|
severity: 'high',
|
|
196
234
|
docs: `${DOC_BASE}#envelope`,
|
|
235
|
+
aws: 'ValidationException',
|
|
236
|
+
grpc: 3,
|
|
237
|
+
http: 400,
|
|
197
238
|
},
|
|
198
239
|
ENCRYPT_FAILED: {
|
|
199
240
|
message: 'AES-256-GCM encryption failed',
|
|
@@ -201,6 +242,9 @@ const ERROR_DETAILS = {
|
|
|
201
242
|
suggested_action: 'Verify key is 32 bytes and nonce is 12 bytes before encryption',
|
|
202
243
|
severity: 'high',
|
|
203
244
|
docs: `${DOC_BASE}#envelope`,
|
|
245
|
+
aws: 'InternalFailure',
|
|
246
|
+
grpc: 13,
|
|
247
|
+
http: 500,
|
|
204
248
|
},
|
|
205
249
|
DECRYPT_FAILED: {
|
|
206
250
|
message: 'Decryption failed',
|
|
@@ -208,6 +252,9 @@ const ERROR_DETAILS = {
|
|
|
208
252
|
suggested_action: 'Verify correct key and check ciphertext integrity',
|
|
209
253
|
severity: 'critical',
|
|
210
254
|
docs: `${DOC_BASE}#envelope`,
|
|
255
|
+
aws: 'InternalFailure',
|
|
256
|
+
grpc: 13,
|
|
257
|
+
http: 500,
|
|
211
258
|
},
|
|
212
259
|
PARSE_FAILED: {
|
|
213
260
|
message: 'Envelope deserialization failed',
|
|
@@ -215,6 +262,9 @@ const ERROR_DETAILS = {
|
|
|
215
262
|
suggested_action: 'Validate JSON structure and check for data corruption',
|
|
216
263
|
severity: 'high',
|
|
217
264
|
docs: `${DOC_BASE}#envelope`,
|
|
265
|
+
aws: 'ValidationException',
|
|
266
|
+
grpc: 3,
|
|
267
|
+
http: 400,
|
|
218
268
|
},
|
|
219
269
|
// Transport
|
|
220
270
|
SEND_FAILED: {
|
|
@@ -223,6 +273,9 @@ const ERROR_DETAILS = {
|
|
|
223
273
|
suggested_action: 'Check network connectivity and retry with exponential backoff',
|
|
224
274
|
severity: 'high',
|
|
225
275
|
docs: `${DOC_BASE}#transport`,
|
|
276
|
+
aws: 'ServiceUnavailable',
|
|
277
|
+
grpc: 14,
|
|
278
|
+
http: 503,
|
|
226
279
|
},
|
|
227
280
|
NETWORK_ERROR: {
|
|
228
281
|
message: 'Network request failed',
|
|
@@ -230,6 +283,9 @@ const ERROR_DETAILS = {
|
|
|
230
283
|
suggested_action: 'Verify internet connection and implement exponential backoff retry',
|
|
231
284
|
severity: 'high',
|
|
232
285
|
docs: `${DOC_BASE}#transport`,
|
|
286
|
+
aws: 'ServiceUnavailable',
|
|
287
|
+
grpc: 14,
|
|
288
|
+
http: 503,
|
|
233
289
|
},
|
|
234
290
|
RECIPIENT_UNREACHABLE: {
|
|
235
291
|
message: 'Recipient is unreachable',
|
|
@@ -238,6 +294,9 @@ const ERROR_DETAILS = {
|
|
|
238
294
|
suggested_action: 'Verify recipient is registered with xBind and online',
|
|
239
295
|
severity: 'medium',
|
|
240
296
|
docs: `${DOC_BASE}#transport`,
|
|
297
|
+
aws: 'ServiceUnavailable',
|
|
298
|
+
grpc: 14,
|
|
299
|
+
http: 503,
|
|
241
300
|
},
|
|
242
301
|
TIMEOUT: {
|
|
243
302
|
message: 'Transport operation timed out',
|
|
@@ -245,6 +304,9 @@ const ERROR_DETAILS = {
|
|
|
245
304
|
suggested_action: 'Increase timeout threshold and check network latency',
|
|
246
305
|
severity: 'medium',
|
|
247
306
|
docs: `${DOC_BASE}#transport`,
|
|
307
|
+
aws: 'RequestTimeout',
|
|
308
|
+
grpc: 4,
|
|
309
|
+
http: 408,
|
|
248
310
|
},
|
|
249
311
|
// Registry
|
|
250
312
|
NOT_FOUND: {
|
|
@@ -254,6 +316,9 @@ const ERROR_DETAILS = {
|
|
|
254
316
|
suggested_action: 'Ask recipient to register with xBind',
|
|
255
317
|
severity: 'medium',
|
|
256
318
|
docs: `${DOC_BASE}#registry`,
|
|
319
|
+
aws: 'ResourceNotFoundException',
|
|
320
|
+
grpc: 5,
|
|
321
|
+
http: 404,
|
|
257
322
|
},
|
|
258
323
|
ALREADY_REGISTERED: {
|
|
259
324
|
message: 'Agent is already registered',
|
|
@@ -261,6 +326,9 @@ const ERROR_DETAILS = {
|
|
|
261
326
|
suggested_action: 'Use updateAgent() instead of registerAgent()',
|
|
262
327
|
severity: 'low',
|
|
263
328
|
docs: `${DOC_BASE}#registry`,
|
|
329
|
+
aws: 'ResourceAlreadyExists',
|
|
330
|
+
grpc: 6,
|
|
331
|
+
http: 409,
|
|
264
332
|
},
|
|
265
333
|
REVOKED: {
|
|
266
334
|
message: 'Agent has been revoked from the registry',
|
|
@@ -268,6 +336,9 @@ const ERROR_DETAILS = {
|
|
|
268
336
|
suggested_action: 'Contact registry administrator to resolve revocation',
|
|
269
337
|
severity: 'high',
|
|
270
338
|
docs: `${DOC_BASE}#registry`,
|
|
339
|
+
aws: 'AccessDenied',
|
|
340
|
+
grpc: 7,
|
|
341
|
+
http: 403,
|
|
271
342
|
},
|
|
272
343
|
// Key agreement
|
|
273
344
|
DERIVE_FAILED: {
|
|
@@ -276,6 +347,9 @@ const ERROR_DETAILS = {
|
|
|
276
347
|
suggested_action: 'Verify peer public key is valid X25519 and not corrupted',
|
|
277
348
|
severity: 'high',
|
|
278
349
|
docs: `${DOC_BASE}#key-agreement`,
|
|
350
|
+
aws: 'InternalFailure',
|
|
351
|
+
grpc: 13,
|
|
352
|
+
http: 500,
|
|
279
353
|
},
|
|
280
354
|
KEM_ENCAPSULATE_FAILED: {
|
|
281
355
|
message: 'ML-KEM-768 encapsulation failed',
|
|
@@ -283,6 +357,9 @@ const ERROR_DETAILS = {
|
|
|
283
357
|
suggested_action: 'Verify recipient ML-KEM-768 public key and post-quantum support',
|
|
284
358
|
severity: 'high',
|
|
285
359
|
docs: `${DOC_BASE}#key-agreement`,
|
|
360
|
+
aws: 'InternalFailure',
|
|
361
|
+
grpc: 13,
|
|
362
|
+
http: 500,
|
|
286
363
|
},
|
|
287
364
|
KEM_DECAPSULATE_FAILED: {
|
|
288
365
|
message: 'ML-KEM-768 decapsulation failed',
|
|
@@ -290,6 +367,9 @@ const ERROR_DETAILS = {
|
|
|
290
367
|
suggested_action: 'Verify ciphertext integrity and ML-KEM secret key',
|
|
291
368
|
severity: 'high',
|
|
292
369
|
docs: `${DOC_BASE}#key-agreement`,
|
|
370
|
+
aws: 'InternalFailure',
|
|
371
|
+
grpc: 13,
|
|
372
|
+
http: 500,
|
|
293
373
|
},
|
|
294
374
|
HKDF_FAILED: {
|
|
295
375
|
message: 'HKDF key derivation failed',
|
|
@@ -297,6 +377,9 @@ const ERROR_DETAILS = {
|
|
|
297
377
|
suggested_action: 'Verify shared secrets are valid and SHA-256 is available',
|
|
298
378
|
severity: 'high',
|
|
299
379
|
docs: `${DOC_BASE}#key-agreement`,
|
|
380
|
+
aws: 'InternalFailure',
|
|
381
|
+
grpc: 13,
|
|
382
|
+
http: 500,
|
|
300
383
|
},
|
|
301
384
|
MLKEM_NOT_AVAILABLE: {
|
|
302
385
|
message: 'ML-KEM-768 key not available',
|
|
@@ -311,6 +394,9 @@ const ERROR_DETAILS = {
|
|
|
311
394
|
suggested_action: 'Verify ML-DSA-65 secret key and post-quantum support',
|
|
312
395
|
severity: 'high',
|
|
313
396
|
docs: `${DOC_BASE}#identity`,
|
|
397
|
+
aws: 'InternalFailure',
|
|
398
|
+
grpc: 13,
|
|
399
|
+
http: 500,
|
|
314
400
|
},
|
|
315
401
|
PQ_VERIFY_FAILED: {
|
|
316
402
|
message: 'ML-DSA-65 verification failed',
|
|
@@ -318,6 +404,9 @@ const ERROR_DETAILS = {
|
|
|
318
404
|
suggested_action: 'Verify signer public key and signature format',
|
|
319
405
|
severity: 'high',
|
|
320
406
|
docs: `${DOC_BASE}#identity`,
|
|
407
|
+
aws: 'InvalidParameterValue',
|
|
408
|
+
grpc: 3,
|
|
409
|
+
http: 400,
|
|
321
410
|
},
|
|
322
411
|
// Split-channel
|
|
323
412
|
SPLIT_FAILED: {
|
|
@@ -326,6 +415,9 @@ const ERROR_DETAILS = {
|
|
|
326
415
|
suggested_action: 'Verify threshold parameters and payload size',
|
|
327
416
|
severity: 'high',
|
|
328
417
|
docs: `${DOC_BASE}#split-channel`,
|
|
418
|
+
aws: 'InternalFailure',
|
|
419
|
+
grpc: 13,
|
|
420
|
+
http: 500,
|
|
329
421
|
},
|
|
330
422
|
INSUFFICIENT_SHARES: {
|
|
331
423
|
message: 'Not enough shares to reconstruct',
|
|
@@ -333,6 +425,9 @@ const ERROR_DETAILS = {
|
|
|
333
425
|
suggested_action: 'Collect more shares to meet threshold requirement',
|
|
334
426
|
severity: 'high',
|
|
335
427
|
docs: `${DOC_BASE}#split-channel`,
|
|
428
|
+
aws: 'ValidationException',
|
|
429
|
+
grpc: 3,
|
|
430
|
+
http: 400,
|
|
336
431
|
},
|
|
337
432
|
INCONSISTENT_SHARES: {
|
|
338
433
|
message: 'Shares have mismatched group IDs or lengths',
|
|
@@ -340,6 +435,9 @@ const ERROR_DETAILS = {
|
|
|
340
435
|
suggested_action: 'Verify all shares are from the same split operation',
|
|
341
436
|
severity: 'high',
|
|
342
437
|
docs: `${DOC_BASE}#split-channel`,
|
|
438
|
+
aws: 'ValidationException',
|
|
439
|
+
grpc: 3,
|
|
440
|
+
http: 400,
|
|
343
441
|
},
|
|
344
442
|
HMAC_VERIFICATION_FAILED: {
|
|
345
443
|
message: 'Share HMAC check failed',
|
|
@@ -347,6 +445,9 @@ const ERROR_DETAILS = {
|
|
|
347
445
|
suggested_action: 'Request fresh share from sender',
|
|
348
446
|
severity: 'critical',
|
|
349
447
|
docs: `${DOC_BASE}#split-channel`,
|
|
448
|
+
aws: 'UnauthorizedOperation',
|
|
449
|
+
grpc: 16,
|
|
450
|
+
http: 401,
|
|
350
451
|
},
|
|
351
452
|
UNPAD_FAILED: {
|
|
352
453
|
message: 'Padding removal failed after reconstruction',
|
|
@@ -354,6 +455,9 @@ const ERROR_DETAILS = {
|
|
|
354
455
|
suggested_action: 'Verify reconstruction succeeded and data is valid UTF-8',
|
|
355
456
|
severity: 'high',
|
|
356
457
|
docs: `${DOC_BASE}#split-channel`,
|
|
458
|
+
aws: 'InternalFailure',
|
|
459
|
+
grpc: 13,
|
|
460
|
+
http: 500,
|
|
357
461
|
},
|
|
358
462
|
INVALID_SHARE_DATA: {
|
|
359
463
|
message: 'Share data is malformed',
|
|
@@ -361,6 +465,9 @@ const ERROR_DETAILS = {
|
|
|
361
465
|
suggested_action: 'Verify share is valid base64 and request correctly-formatted share',
|
|
362
466
|
severity: 'high',
|
|
363
467
|
docs: `${DOC_BASE}#split-channel`,
|
|
468
|
+
aws: 'ValidationException',
|
|
469
|
+
grpc: 3,
|
|
470
|
+
http: 400,
|
|
364
471
|
},
|
|
365
472
|
// Xchange
|
|
366
473
|
XCHANGE_KEYGEN_FAILED: {
|
|
@@ -369,6 +476,9 @@ const ERROR_DETAILS = {
|
|
|
369
476
|
suggested_action: 'Verify Web Crypto API available and retry',
|
|
370
477
|
severity: 'high',
|
|
371
478
|
docs: `${DOC_BASE}#xchange`,
|
|
479
|
+
aws: 'InternalFailure',
|
|
480
|
+
grpc: 13,
|
|
481
|
+
http: 500,
|
|
372
482
|
},
|
|
373
483
|
XCHANGE_ENCRYPT_FAILED: {
|
|
374
484
|
message: 'Xchange bundle encryption failed',
|
|
@@ -376,6 +486,9 @@ const ERROR_DETAILS = {
|
|
|
376
486
|
suggested_action: 'Verify payload size and encryption key length',
|
|
377
487
|
severity: 'high',
|
|
378
488
|
docs: `${DOC_BASE}#xchange`,
|
|
489
|
+
aws: 'InternalFailure',
|
|
490
|
+
grpc: 13,
|
|
491
|
+
http: 500,
|
|
379
492
|
},
|
|
380
493
|
XCHANGE_DECRYPT_FAILED: {
|
|
381
494
|
message: 'Xchange bundle decryption failed',
|
|
@@ -383,6 +496,9 @@ const ERROR_DETAILS = {
|
|
|
383
496
|
suggested_action: 'Verify reconstruction completed and decryption key is correct',
|
|
384
497
|
severity: 'high',
|
|
385
498
|
docs: `${DOC_BASE}#xchange`,
|
|
499
|
+
aws: 'InternalFailure',
|
|
500
|
+
grpc: 13,
|
|
501
|
+
http: 500,
|
|
386
502
|
},
|
|
387
503
|
INVALID_BUNDLE: {
|
|
388
504
|
message: 'Xchange bundle is malformed',
|
|
@@ -390,6 +506,9 @@ const ERROR_DETAILS = {
|
|
|
390
506
|
suggested_action: 'Verify bundle size and request correctly-formed bundle',
|
|
391
507
|
severity: 'high',
|
|
392
508
|
docs: `${DOC_BASE}#xchange`,
|
|
509
|
+
aws: 'ValidationException',
|
|
510
|
+
grpc: 3,
|
|
511
|
+
http: 400,
|
|
393
512
|
},
|
|
394
513
|
// Agent (high-level)
|
|
395
514
|
IDENTITY_FAILED: {
|
|
@@ -398,6 +517,9 @@ const ERROR_DETAILS = {
|
|
|
398
517
|
suggested_action: 'Verify Web Crypto API available and retry agent initialization',
|
|
399
518
|
severity: 'critical',
|
|
400
519
|
docs: `${DOC_BASE}#agent`,
|
|
520
|
+
aws: 'InternalFailure',
|
|
521
|
+
grpc: 13,
|
|
522
|
+
http: 500,
|
|
401
523
|
},
|
|
402
524
|
REGISTRATION_FAILED: {
|
|
403
525
|
message: 'Agent registration with trust registry failed',
|
|
@@ -405,6 +527,9 @@ const ERROR_DETAILS = {
|
|
|
405
527
|
suggested_action: 'Verify registry URL and auth token, then retry with exponential backoff',
|
|
406
528
|
severity: 'high',
|
|
407
529
|
docs: `${DOC_BASE}#agent`,
|
|
530
|
+
aws: 'ServiceUnavailable',
|
|
531
|
+
grpc: 14,
|
|
532
|
+
http: 503,
|
|
408
533
|
},
|
|
409
534
|
RECIPIENT_NOT_FOUND: {
|
|
410
535
|
message: 'Recipient agent not found in registry',
|
|
@@ -413,6 +538,9 @@ const ERROR_DETAILS = {
|
|
|
413
538
|
suggested_action: 'Ask recipient to register with xBind',
|
|
414
539
|
severity: 'medium',
|
|
415
540
|
docs: `${DOC_BASE}#agent`,
|
|
541
|
+
aws: 'ResourceNotFoundException',
|
|
542
|
+
grpc: 5,
|
|
543
|
+
http: 404,
|
|
416
544
|
},
|
|
417
545
|
RECIPIENT_REVOKED: {
|
|
418
546
|
message: 'Recipient agent has been revoked',
|
|
@@ -421,6 +549,9 @@ const ERROR_DETAILS = {
|
|
|
421
549
|
suggested_action: 'Inform recipient to contact registry administrator',
|
|
422
550
|
severity: 'high',
|
|
423
551
|
docs: `${DOC_BASE}#agent`,
|
|
552
|
+
aws: 'AccessDenied',
|
|
553
|
+
grpc: 7,
|
|
554
|
+
http: 403,
|
|
424
555
|
},
|
|
425
556
|
KEY_AGREEMENT_FAILED: {
|
|
426
557
|
message: 'ECDH key agreement with recipient failed',
|
|
@@ -428,6 +559,9 @@ const ERROR_DETAILS = {
|
|
|
428
559
|
suggested_action: 'Request fresh key from recipient',
|
|
429
560
|
severity: 'high',
|
|
430
561
|
docs: `${DOC_BASE}#agent`,
|
|
562
|
+
aws: 'InternalFailure',
|
|
563
|
+
grpc: 13,
|
|
564
|
+
http: 500,
|
|
431
565
|
},
|
|
432
566
|
ENVELOPE_FAILED: {
|
|
433
567
|
message: 'Envelope creation failed',
|
|
@@ -435,6 +569,9 @@ const ERROR_DETAILS = {
|
|
|
435
569
|
suggested_action: 'Verify payload size and recipient DID',
|
|
436
570
|
severity: 'high',
|
|
437
571
|
docs: `${DOC_BASE}#agent`,
|
|
572
|
+
aws: 'InternalFailure',
|
|
573
|
+
grpc: 13,
|
|
574
|
+
http: 500,
|
|
438
575
|
},
|
|
439
576
|
VERIFICATION_FAILED: {
|
|
440
577
|
message: 'Incoming envelope verification failed',
|
|
@@ -442,6 +579,9 @@ const ERROR_DETAILS = {
|
|
|
442
579
|
suggested_action: 'Verify sender is in trust registry and not revoked',
|
|
443
580
|
severity: 'critical',
|
|
444
581
|
docs: `${DOC_BASE}#agent`,
|
|
582
|
+
aws: 'UnauthorizedOperation',
|
|
583
|
+
grpc: 16,
|
|
584
|
+
http: 401,
|
|
445
585
|
},
|
|
446
586
|
REPLAY_DETECTED: {
|
|
447
587
|
message: 'Duplicate nonce detected — possible replay attack',
|
|
@@ -449,6 +589,9 @@ const ERROR_DETAILS = {
|
|
|
449
589
|
suggested_action: 'DISCARD MESSAGE and alert user to potential replay attack',
|
|
450
590
|
severity: 'critical',
|
|
451
591
|
docs: `${DOC_BASE}#agent`,
|
|
592
|
+
aws: 'AccessDenied',
|
|
593
|
+
grpc: 7,
|
|
594
|
+
http: 403,
|
|
452
595
|
},
|
|
453
596
|
SCOPE_DENIED: {
|
|
454
597
|
message: 'Sender does not have permission for the requested scope',
|
|
@@ -457,6 +600,9 @@ const ERROR_DETAILS = {
|
|
|
457
600
|
suggested_action: 'Contact registry admin to grant permission',
|
|
458
601
|
severity: 'medium',
|
|
459
602
|
docs: `${DOC_BASE}#agent`,
|
|
603
|
+
aws: 'AccessDenied',
|
|
604
|
+
grpc: 7,
|
|
605
|
+
http: 403,
|
|
460
606
|
},
|
|
461
607
|
RECEIVER_SCOPE_DENIED: {
|
|
462
608
|
message: 'Recipient does not accept messages with this scope',
|
|
@@ -465,6 +611,9 @@ const ERROR_DETAILS = {
|
|
|
465
611
|
suggested_action: 'Ask recipient to enable scope in settings',
|
|
466
612
|
severity: 'medium',
|
|
467
613
|
docs: `${DOC_BASE}#agent`,
|
|
614
|
+
aws: 'AccessDenied',
|
|
615
|
+
grpc: 7,
|
|
616
|
+
http: 403,
|
|
468
617
|
},
|
|
469
618
|
TIMESTAMP_EXPIRED: {
|
|
470
619
|
message: 'Envelope timestamp is outside the allowed window',
|
|
@@ -472,6 +621,110 @@ const ERROR_DETAILS = {
|
|
|
472
621
|
suggested_action: 'Synchronize system clocks using NTP',
|
|
473
622
|
severity: 'medium',
|
|
474
623
|
docs: `${DOC_BASE}#agent`,
|
|
624
|
+
aws: 'RequestExpired',
|
|
625
|
+
grpc: 9,
|
|
626
|
+
http: 412,
|
|
627
|
+
},
|
|
628
|
+
INCOMPATIBLE_VERSION: {
|
|
629
|
+
message: 'Client version is incompatible with server',
|
|
630
|
+
hint: 'Actions: (1) Update xBind SDK to latest version, (2) Check minimum supported version in docs, (3) Verify server API version requirements, (4) Contact support if upgrade not possible',
|
|
631
|
+
suggested_action: 'Update xBind SDK to latest version',
|
|
632
|
+
severity: 'high',
|
|
633
|
+
docs: `${DOC_BASE}#agent`,
|
|
634
|
+
aws: 'ValidationException',
|
|
635
|
+
grpc: 3,
|
|
636
|
+
http: 400,
|
|
637
|
+
},
|
|
638
|
+
FEATURE_NOT_SUPPORTED: {
|
|
639
|
+
message: 'Requested feature is not supported',
|
|
640
|
+
hint: 'Actions: (1) Check feature availability in current plan, (2) Verify SDK version supports feature, (3) Review feature documentation, (4) Consider upgrading plan or SDK version',
|
|
641
|
+
suggested_action: 'Check feature availability in current plan or SDK version',
|
|
642
|
+
severity: 'medium',
|
|
643
|
+
docs: `${DOC_BASE}#agent`,
|
|
644
|
+
aws: 'ValidationException',
|
|
645
|
+
grpc: 12,
|
|
646
|
+
http: 501,
|
|
647
|
+
},
|
|
648
|
+
QUOTA_EXCEEDED: {
|
|
649
|
+
message: 'Operation quota exceeded',
|
|
650
|
+
hint: 'Actions: (1) Check current usage against plan limits, (2) Implement rate limiting and backoff, (3) Upgrade to higher tier plan, (4) Wait for quota reset period',
|
|
651
|
+
suggested_action: 'Implement rate limiting or upgrade plan',
|
|
652
|
+
severity: 'medium',
|
|
653
|
+
docs: `${DOC_BASE}#agent`,
|
|
654
|
+
aws: 'ThrottlingException',
|
|
655
|
+
grpc: 8,
|
|
656
|
+
http: 429,
|
|
657
|
+
},
|
|
658
|
+
ACCOUNT_SUSPENDED: {
|
|
659
|
+
message: 'Account has been suspended',
|
|
660
|
+
hint: 'Actions: (1) Contact support to determine suspension reason, (2) Review terms of service compliance, (3) Resolve any payment or policy issues, (4) Request account reactivation',
|
|
661
|
+
suggested_action: 'Contact support to resolve suspension',
|
|
662
|
+
severity: 'critical',
|
|
663
|
+
docs: `${DOC_BASE}#agent`,
|
|
664
|
+
aws: 'AccessDeniedException',
|
|
665
|
+
grpc: 7,
|
|
666
|
+
http: 403,
|
|
667
|
+
},
|
|
668
|
+
ACCOUNT_NOT_FOUND: {
|
|
669
|
+
message: 'Account does not exist',
|
|
670
|
+
hint: 'Actions: (1) Verify account identifier is correct, (2) Check if account was deleted, (3) Confirm registration completed successfully, (4) Create new account if needed',
|
|
671
|
+
suggested_action: 'Verify account identifier or create new account',
|
|
672
|
+
severity: 'high',
|
|
673
|
+
docs: `${DOC_BASE}#agent`,
|
|
674
|
+
aws: 'ResourceNotFoundException',
|
|
675
|
+
grpc: 5,
|
|
676
|
+
http: 404,
|
|
677
|
+
},
|
|
678
|
+
// Billing & Payment
|
|
679
|
+
BILLING_FAILURE: {
|
|
680
|
+
message: 'Billing operation failed',
|
|
681
|
+
hint: 'Actions: (1) Verify payment method is valid and not expired, (2) Check Stripe account status, (3) Review billing logs for specific error, (4) Contact support if issue persists',
|
|
682
|
+
suggested_action: 'Verify payment method and check billing logs',
|
|
683
|
+
severity: 'high',
|
|
684
|
+
docs: `${DOC_BASE}#billing`,
|
|
685
|
+
aws: 'RequestLimitExceeded',
|
|
686
|
+
grpc: 8,
|
|
687
|
+
http: 402,
|
|
688
|
+
},
|
|
689
|
+
PAYMENT_REQUIRED: {
|
|
690
|
+
message: 'Payment required to access this resource',
|
|
691
|
+
hint: 'Actions: (1) Add payment method in account settings, (2) Subscribe to appropriate tier, (3) Verify billing information is current, (4) Check account status',
|
|
692
|
+
suggested_action: 'Add payment method and subscribe to access this resource',
|
|
693
|
+
severity: 'medium',
|
|
694
|
+
docs: `${DOC_BASE}#billing`,
|
|
695
|
+
aws: 'AccessDenied',
|
|
696
|
+
grpc: 7,
|
|
697
|
+
http: 402,
|
|
698
|
+
},
|
|
699
|
+
SUBSCRIPTION_REQUIRED: {
|
|
700
|
+
message: 'Valid subscription required',
|
|
701
|
+
hint: 'Actions: (1) Subscribe to a paid tier in account settings, (2) Verify subscription is active and not expired, (3) Check billing status, (4) Review subscription features',
|
|
702
|
+
suggested_action: 'Subscribe to a paid tier to access this feature',
|
|
703
|
+
severity: 'medium',
|
|
704
|
+
docs: `${DOC_BASE}#billing`,
|
|
705
|
+
aws: 'AccessDenied',
|
|
706
|
+
grpc: 7,
|
|
707
|
+
http: 403,
|
|
708
|
+
},
|
|
709
|
+
TIER_LIMIT_EXCEEDED: {
|
|
710
|
+
message: 'Current tier usage limit exceeded',
|
|
711
|
+
hint: 'Actions: (1) Upgrade to higher tier for increased limits, (2) Check current usage vs tier limits, (3) Wait for limit reset (typically monthly), (4) Review tier comparison chart',
|
|
712
|
+
suggested_action: 'Upgrade to higher tier or wait for limit reset',
|
|
713
|
+
severity: 'medium',
|
|
714
|
+
docs: `${DOC_BASE}#billing`,
|
|
715
|
+
aws: 'RequestLimitExceeded',
|
|
716
|
+
grpc: 8,
|
|
717
|
+
http: 403,
|
|
718
|
+
},
|
|
719
|
+
VERIFICATION_REQUIRED: {
|
|
720
|
+
message: 'Account verification required',
|
|
721
|
+
hint: 'Actions: (1) Complete email verification, (2) Verify payment method, (3) Complete identity verification if required, (4) Check account verification status in settings',
|
|
722
|
+
suggested_action: 'Complete account verification steps in settings',
|
|
723
|
+
severity: 'high',
|
|
724
|
+
docs: `${DOC_BASE}#billing`,
|
|
725
|
+
aws: 'AccessDenied',
|
|
726
|
+
grpc: 7,
|
|
727
|
+
http: 403,
|
|
475
728
|
},
|
|
476
729
|
};
|
|
477
730
|
/** Error messages keyed by code. Includes what happened and what to do next. */
|
|
@@ -533,6 +786,17 @@ const ERROR_MESSAGES = {
|
|
|
533
786
|
SCOPE_DENIED: [XBindAgentError, 'Sender does not have permission for the requested scope. Actions: (1) Check sender scope in registry, (2) Contact admin to grant, (3) Verify scope value.'],
|
|
534
787
|
RECEIVER_SCOPE_DENIED: [XBindAgentError, 'Recipient does not accept messages with this scope. Actions: (1) Check recipient receive scope settings, (2) Ask to enable scope, (3) Verify registry entry.'],
|
|
535
788
|
TIMESTAMP_EXPIRED: [XBindAgentError, 'Envelope timestamp is outside the allowed window. Actions: (1) Synchronize system clocks (NTP), (2) Check time difference, (3) Verify no time drift.'],
|
|
789
|
+
INCOMPATIBLE_VERSION: [XBindAgentError, 'Client version is incompatible with server. Actions: (1) Update xBind SDK to latest version, (2) Check minimum supported version, (3) Contact support if upgrade not possible.'],
|
|
790
|
+
FEATURE_NOT_SUPPORTED: [XBindAgentError, 'Requested feature is not supported. Actions: (1) Check feature availability in plan, (2) Verify SDK version, (3) Consider upgrading plan.'],
|
|
791
|
+
QUOTA_EXCEEDED: [XBindAgentError, 'Operation quota exceeded. Actions: (1) Check usage against plan limits, (2) Implement rate limiting, (3) Upgrade plan, (4) Wait for quota reset.'],
|
|
792
|
+
ACCOUNT_SUSPENDED: [XBindAgentError, 'Account has been suspended. Actions: (1) Contact support for suspension reason, (2) Review terms compliance, (3) Resolve payment/policy issues.'],
|
|
793
|
+
ACCOUNT_NOT_FOUND: [XBindAgentError, 'Account does not exist. Actions: (1) Verify account identifier, (2) Check if account was deleted, (3) Create new account if needed.'],
|
|
794
|
+
// Billing & Payment
|
|
795
|
+
BILLING_FAILURE: [XBindBillingError, 'Billing operation failed. Actions: (1) Verify payment method is valid and not expired, (2) Check Stripe account status, (3) Review billing logs, (4) Contact support if issue persists.'],
|
|
796
|
+
PAYMENT_REQUIRED: [XBindBillingError, 'Payment required to access this resource. Actions: (1) Add payment method in account settings, (2) Subscribe to appropriate tier, (3) Verify billing information is current.'],
|
|
797
|
+
SUBSCRIPTION_REQUIRED: [XBindBillingError, 'Valid subscription required. Actions: (1) Subscribe to a paid tier in account settings, (2) Verify subscription is active and not expired, (3) Check billing status.'],
|
|
798
|
+
TIER_LIMIT_EXCEEDED: [XBindBillingError, 'Current tier usage limit exceeded. Actions: (1) Upgrade to higher tier for increased limits, (2) Check current usage vs tier limits, (3) Wait for limit reset (typically monthly).'],
|
|
799
|
+
VERIFICATION_REQUIRED: [XBindBillingError, 'Account verification required. Actions: (1) Complete email verification, (2) Verify payment method, (3) Complete identity verification if required, (4) Check account verification status in settings.'],
|
|
536
800
|
};
|
|
537
801
|
/**
|
|
538
802
|
* Convert a string error code to a typed XBindError instance.
|