trac-msb 0.2.9 → 0.2.11

package/src/core/network/protocols/{shared/handlers/RoleOperationHandler.js → legacy/handlers/LegacyRoleOperationHandler.js}

@@ -1,29 +1,29 @@
 import {OperationType} from '../../../../../utils/constants.js';
-import PartialRoleAccess from "../validators/PartialRoleAccess.js";
-import BaseOperationHandler from './base/BaseOperationHandler.js';
+import PartialRoleAccessValidator from "../../shared/validators/PartialRoleAccessValidator.js";
+import BaseStateOperationHandler from './BaseStateOperationHandler.js';
 import {applyStateMessageFactory} from "../../../../../messages/state/applyStateMessageFactory.js";
 import {safeEncodeApplyOperation} from "../../../../../utils/protobuf/operationHelpers.js";
 import {normalizeRoleAccessOperation} from "../../../../../utils/normalizers.js";
+import { publicKeyToAddress } from "../../../../../utils/helpers.js"
+import b4a from "b4a";
 
-class RoleOperationHandler extends BaseOperationHandler {
+class LegacyRoleOperationHandler extends BaseStateOperationHandler {
     #partialRoleAccessValidator;
     #wallet;
     #config;
-    #txPoolService;
 
     /**
      * @param {State} state
      * @param {PeerWallet} wallet
      * @param {TransactionRateLimiterService} rateLimiter
      * @param {TransactionPoolService} txPoolService
-     * @param {object} config
+     * @param {Config} config
      **/
-    constructor(state, wallet, rateLimiter, txPoolService ,config) {
+    constructor(state, wallet, rateLimiter, txPoolService, config) {
         super(state, wallet, rateLimiter, txPoolService, config);
         this.#wallet = wallet;
         this.#config = config;
-        this.#partialRoleAccessValidator = new PartialRoleAccess(state, this.#wallet.address ,this.#config)
-        this.#txPoolService = txPoolService;
+        this.#partialRoleAccessValidator = new PartialRoleAccessValidator(state, this.#wallet.address ,this.#config)
     }
 
     get partialRoleAccessValidator() {
@@ -35,7 +35,8 @@ class RoleOperationHandler extends BaseOperationHandler {
         const isValid = await this.partialRoleAccessValidator.validate(normalizedPartialRoleAccessPayload)
         let completePayload = null
         if (!isValid) {
-            throw new Error("OperationHandler: partial role access payload validation failed.");
+            throw new Error(
+                `OperationHandler: partial role access payload validation failed. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`);
         }
         
         switch (normalizedPartialRoleAccessPayload.type) {
@@ -74,15 +75,21 @@ class RoleOperationHandler extends BaseOperationHandler {
                     )
                 break;
             default:
-                throw new Error("OperationHandler: Assembling complete role access operation failed due to unsupported operation type.");
+                throw new Error(
+                    `OperationHandler: Assembling complete role access operation failed due to unsupported operation type. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+                );
         }
 
         if (!completePayload) {
-            throw new Error("OperationHandler: Assembling complete role access operation failed.");
+            throw new Error(
+                `OperationHandler: Assembling complete role access operation failed. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+            );
         }
 
-        this.#txPoolService.addTransaction(safeEncodeApplyOperation(completePayload))
+        const encodedOperation = safeEncodeApplyOperation(completePayload);
+        const txHash =  b4a.toString(completePayload.rao.tx, 'hex');
+        this.enqueueTransaction(txHash, encodedOperation);
     }
 }
 
-export default RoleOperationHandler;
+export default LegacyRoleOperationHandler;

package/src/core/network/protocols/{shared/handlers/SubnetworkOperationHandler.js → legacy/handlers/LegacySubnetworkOperationHandler.js}

@@ -1,47 +1,49 @@
-import BaseOperationHandler from './base/BaseOperationHandler.js';
+import BaseStateOperationHandler from './BaseStateOperationHandler.js';
 import {
     OperationType
 } from '../../../../../utils/constants.js';
-import PartialBootstrapDeployment from "../validators/PartialBootstrapDeployment.js";
-import PartialTransaction from "../validators/PartialTransaction.js";
+import PartialBootstrapDeploymentValidator from "../../shared/validators/PartialBootstrapDeploymentValidator.js";
+import PartialTransactionValidator from "../../shared/validators/PartialTransactionValidator.js";
 import {applyStateMessageFactory} from "../../../../../messages/state/applyStateMessageFactory.js";
 import {safeEncodeApplyOperation} from "../../../../../utils/protobuf/operationHelpers.js";
 import {
     normalizeBootstrapDeploymentOperation,
     normalizeTransactionOperation
 } from "../../../../../utils/normalizers.js";
+import b4a from "b4a";
+import {publicKeyToAddress} from "../../../../../utils/helpers.js";
 
 
-class SubnetworkOperationHandler extends BaseOperationHandler {
+class LegacySubnetworkOperationHandler extends BaseStateOperationHandler {
     #partialBootstrapDeploymentValidator;
     #partialTransactionValidator;
     #config;
     #wallet;
-    #txPoolService;
 
     /**
      * @param {State} state
      * @param {PeerWallet} wallet
      * @param {TransactionRateLimiterService} rateLimiter
      * @param {TransactionPoolService} txPoolService
-     * @param {object} config
+     * @param {Config} config
      **/
-    constructor( state, wallet, rateLimiter, txPoolService, config) {
+    constructor(state, wallet, rateLimiter, txPoolService, config) {
         super(state, wallet, rateLimiter, txPoolService, config);
         this.#config = config;
         this.#wallet = wallet
-        this.#partialBootstrapDeploymentValidator = new PartialBootstrapDeployment(state, this.#wallet.address, config);
-        this.#partialTransactionValidator = new PartialTransaction(state, this.#wallet.address, config);
-        this.#txPoolService = txPoolService;
+        this.#partialBootstrapDeploymentValidator = new PartialBootstrapDeploymentValidator(state, this.#wallet.address, config);
+        this.#partialTransactionValidator = new PartialTransactionValidator(state, this.#wallet.address, config);
     }
 
-    async handleOperation(payload, connection)  {
+    async handleOperation(payload, connection) {
         if (payload.type === OperationType.TX) {
             await this.#partialTransactionSubHandler(payload, connection);
         } else if (payload.type === OperationType.BOOTSTRAP_DEPLOYMENT) {
             await this.#partialBootstrapDeploymentSubHandler(payload, connection);
         } else {
-            throw new Error('Unsupported operation type for SubnetworkOperationHandler');
+            throw new Error(
+                `Unsupported operation type for LegacySubnetworkOperationHandler. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)} `
+            );
         }
     }
 
@@ -49,10 +51,12 @@ class SubnetworkOperationHandler extends BaseOperationHandler {
         const normalizedPayload = normalizeTransactionOperation(payload, this.#config);
         const isValid = await this.#partialTransactionValidator.validate(normalizedPayload);
         if (!isValid) {
-            throw new Error("SubnetworkHandler: Transaction validation failed.");
+            throw new Error(`
+                SubnetworkHandler: Transaction validation failed. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+            );
         }
 
-        const completeTransactionOperation = await applyStateMessageFactory(this.#wallet,this.#config)
+        const completeTransactionOperation = await applyStateMessageFactory(this.#wallet, this.#config)
             .buildCompleteTransactionOperationMessage(
                 normalizedPayload.address,
                 normalizedPayload.txo.tx,
@@ -64,14 +68,19 @@ class SubnetworkOperationHandler extends BaseOperationHandler {
                 normalizedPayload.txo.bs,
                 normalizedPayload.txo.mbs
             )
-        this.#txPoolService.addTransaction(safeEncodeApplyOperation(completeTransactionOperation));
+        const encodedOperation = safeEncodeApplyOperation(completeTransactionOperation);
+        const txHash = b4a.toString(normalizedPayload.txo.tx, 'hex');
+        this.enqueueTransaction(txHash, encodedOperation);
+
     }
 
     async #partialBootstrapDeploymentSubHandler(payload, connection) {
         const normalizedPayload = normalizeBootstrapDeploymentOperation(payload, this.#config);
         const isValid = await this.#partialBootstrapDeploymentValidator.validate(normalizedPayload);
         if (!isValid) {
-            throw new Error("SubnetworkHandler: Bootstrap deployment validation failed.");
+            throw new Error(
+                `SubnetworkHandler: Bootstrap deployment validation failed. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+            );
         }
 
 
@@ -85,9 +94,11 @@ class SubnetworkOperationHandler extends BaseOperationHandler {
                 normalizedPayload.bdo.in,
                 normalizedPayload.bdo.is
             )
-        this.#txPoolService.addTransaction(safeEncodeApplyOperation(completeBootstrapDeploymentOperation));
+        const encodedOperation = safeEncodeApplyOperation(completeBootstrapDeploymentOperation);
+        const txHash = b4a.toString(normalizedPayload.bdo.tx, 'hex');
+        this.enqueueTransaction(txHash, encodedOperation);
 
     }
 }
 
-export default SubnetworkOperationHandler;
+export default LegacySubnetworkOperationHandler;

package/src/core/network/protocols/{shared/handlers/TransferOperationHandler.js → legacy/handlers/LegacyTransferOperationHandler.js}

@@ -1,33 +1,36 @@
-import BaseOperationHandler from './base/BaseOperationHandler.js';
+import BaseStateOperationHandler from './BaseStateOperationHandler.js';
 import {OperationType} from '../../../../../utils/constants.js';
-import PartialTransfer from "../validators/PartialTransfer.js";
+import PartialTransferValidator from "../../shared/validators/PartialTransferValidator.js";
 import {normalizeTransferOperation} from "../../../../../utils/normalizers.js"
 import {applyStateMessageFactory} from "../../../../../messages/state/applyStateMessageFactory.js";
 import {safeEncodeApplyOperation} from "../../../../../utils/protobuf/operationHelpers.js";
+import b4a from "b4a";
+import {publicKeyToAddress} from "../../../../../utils/helpers.js";
 
-class TransferOperationHandler extends BaseOperationHandler {
+class LegacyTransferOperationHandler extends BaseStateOperationHandler {
     #partialTransferValidator;
     #config;
     #wallet;
-    #txPoolService;
 
     /**
      * @param {State} state
      * @param {PeerWallet} wallet
      * @param {TransactionRateLimiterService} rateLimiter
-     * @param {object} config
+     * @param {TransactionPoolService} txPoolService
+     * @param {Config} config
      **/
     constructor(state, wallet, rateLimiter, txPoolService, config) {
         super(state, wallet, rateLimiter, txPoolService, config);
         this.#config = config;
         this.#wallet = wallet;
-        this.#partialTransferValidator = new PartialTransfer(state, this.#wallet.address, this.#config);
-        this.#txPoolService = txPoolService;
+        this.#partialTransferValidator = new PartialTransferValidator(state, this.#wallet.address, this.#config);
     }
 
     async handleOperation(payload, connection) {
         if (payload.type !== OperationType.TRANSFER) {
-            throw new Error('Unsupported operation type for TransferOperationHandler');
+            throw new Error(
+                `Unsupported operation type for LegacyTransferOperationHandler. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+            );
         }
         await this.#handleTransfer(payload, connection);
     }
@@ -36,7 +39,9 @@ class TransferOperationHandler extends BaseOperationHandler {
         const normalizedPayload = normalizeTransferOperation(payload, this.#config);
         const isValid = await this.#partialTransferValidator.validate(normalizedPayload);
         if (!isValid) {
-            throw new Error("TransferHandler: Transfer validation failed.");
+            throw new Error(
+                `TransferHandler: Transfer validation failed. Requested by ${publicKeyToAddress(connection.remotePublicKey, this.#config)}`
+            );
         }
 
         const completeTransferOperation = await applyStateMessageFactory(this.#wallet, this.#config)
@@ -49,9 +54,10 @@ class TransferOperationHandler extends BaseOperationHandler {
                 normalizedPayload.tro.am,
                 normalizedPayload.tro.is
             )
-
-        this.#txPoolService.addTransaction(safeEncodeApplyOperation(completeTransferOperation));
+        const encodedOperation = safeEncodeApplyOperation(completeTransferOperation);
+        const txHash =  b4a.toString(normalizedPayload.tro.tx, 'hex');
+        this.enqueueTransaction(txHash, encodedOperation);
     }
 }
 
-export default TransferOperationHandler;
+export default LegacyTransferOperationHandler;

package/src/core/network/protocols/legacy/validators/base/BaseResponse.js

@@ -15,7 +15,7 @@ class BaseResponse {
      * 
      * @param {State} state 
      * @param {PeerWallet} wallet 
-     * @param {object} config
+     * @param {Config} config
      */
     constructor(state, wallet, config) {
         this.#state = state;

package/src/core/network/protocols/shared/errors/SharedValidatorRejectionError.js

@@ -0,0 +1,27 @@
+import {V1ProtocolError} from '../../v1/V1ProtocolError.js';
+
+/**
+ * Shared validator rejection error.
+ *
+ * Used by shared validators in `src/core/network/protocols/shared/validators/**` so they can
+ * reject remote peer input with a stable `resultCode`.
+ *
+ * Note: this currently extends `V1ProtocolError` so the v1 protocol can consistently treat shared
+ * validator rejections as typed protocol errors. Legacy protocol codepaths remain compatible because
+ * this is still an `Error` and preserves `.message`.
+ *
+ * Default `endConnection = true` because shared-validator rejections are typically triggered
+ * by invalid/malicious peer payloads and should terminate the peer connection after responding.
+ */
+export class SharedValidatorRejectionError extends V1ProtocolError {
+    /**
+     * @param {number} resultCode Stable rejection reason (a `ResultCode` value).
+     * @param {string} message Human-readable error message.
+     * @param {boolean} [endConnection=true] Whether the transport should end the connection after responding.
+     */
+    constructor(resultCode, message, endConnection = true) {
+        super(resultCode, message, endConnection);
+    }
+}
+
+export default SharedValidatorRejectionError;

package/src/core/network/protocols/shared/validators/{PartialBootstrapDeployment.js → PartialBootstrapDeploymentValidator.js}

@@ -1,6 +1,8 @@
-import PartialOperation from './base/PartialOperation.js';
+import PartialOperationValidator from './PartialOperationValidator.js';
+import {ResultCode} from "../../../../../utils/constants.js";
+import SharedValidatorRejectionError from '../errors/SharedValidatorRejectionError.js';
 
-class PartialBootstrapDeployment extends PartialOperation {
+class PartialBootstrapDeploymentValidator extends PartialOperationValidator {
     constructor(state, selfAddress , config) {
         super(state, selfAddress , config);
     }
@@ -26,9 +28,12 @@ class PartialBootstrapDeployment extends PartialOperation {
     async validateBootstrapRegistration(payload) {
         const bootstrapString = payload.bdo.bs.toString('hex');
         if (null !== await this.state.getRegisteredBootstrapEntryUnsigned(bootstrapString)) {
-            throw new Error(`Bootstrap with hash ${bootstrapString} already exists in the state. Bootstrap must be unique.`);
+            throw new SharedValidatorRejectionError(
+                ResultCode.BOOTSTRAP_ALREADY_EXISTS,
+                `Bootstrap with hash ${bootstrapString} already exists in the state. Bootstrap must be unique.`
+            );
         }
     }
 }
 
-export default PartialBootstrapDeployment;
+export default PartialBootstrapDeploymentValidator;

package/src/core/network/protocols/shared/validators/{base/PartialOperation.js → PartialOperationValidator.js}

@@ -1,18 +1,19 @@
 import b4a from 'b4a';
 import PeerWallet from 'trac-wallet';
-import Check from '../../../../../../utils/check.js';
-import {bufferToAddress} from "../../../../../state/utils/address.js";
-import {createMessage} from "../../../../../../utils/buffer.js";
-import {OperationType} from "../../../../../../utils/constants.js";
-import {bufferToBigInt} from "../../../../../../utils/amountSerialization.js";
-import {FEE} from "../../../../../state/utils/transaction.js";
-import * as operationsUtils from '../../../../../../utils/applyOperations.js';
+import Check from '../../../../../utils/check.js';
+import {bufferToAddress} from "../../../../state/utils/address.js";
+import {createMessage} from "../../../../../utils/buffer.js";
+import {OperationType, ResultCode} from "../../../../../utils/constants.js";
+import {bufferToBigInt} from "../../../../../utils/amountSerialization.js";
+import {FEE} from "../../../../state/utils/transaction.js";
+import * as operationsUtils from '../../../../../utils/applyOperations.js';
+import SharedValidatorRejectionError from '../errors/SharedValidatorRejectionError.js';
 
 const MAX_AMOUNT = BigInt('0xffffffffffffffffffffffffffffffff');
 const FEE_BIGINT = bufferToBigInt(FEE);
 const PUBLIC_KEY_LENGTH = 32;
 
-class PartialOperation {
+class PartialOperationValidator {
     #state;
     #check;
     #config
@@ -36,18 +37,18 @@ class PartialOperation {
     }
 
     async validate(payload) {
-        throw new Error("Method 'validate()' must be implemented.");
+        throw new SharedValidatorRejectionError(ResultCode.UNEXPECTED_ERROR, "Method 'validate()' must be implemented.");
     }
 
     isPayloadSchemaValid(payload) {
         if (!payload || !payload.type) {
-            throw new Error('Payload or payload type is missing.');
+            throw new SharedValidatorRejectionError(ResultCode.TX_INVALID_PAYLOAD, 'Payload or payload type is missing.');
         }
 
         const selectedValidator = this.#selectCheckSchemaValidator(payload.type);
         const isPayloadValid = selectedValidator(payload);
         if (!isPayloadValid) {
-            throw new Error(`Payload is invalid.`);
+            throw new SharedValidatorRejectionError(ResultCode.SCHEMA_VALIDATION_FAILED, 'Payload is invalid.');
         }
     }
 
@@ -64,21 +65,24 @@ class PartialOperation {
             case OperationType.TRANSFER:
                 return this.check.validateTransferOperation.bind(this.check);
             default:
-                throw new Error(`Unknown operation type: ${type}`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.OPERATION_TYPE_UNKNOWN,
+                    `Unknown operation type: ${type}`
+                );
         }
     }
 
     validateRequesterAddress(payload) {
         const incomingAddress = bufferToAddress(payload.address, this.#config.addressPrefix);
         if (!incomingAddress) {
-            throw new Error('Invalid requesting address in payload.');
+            throw new SharedValidatorRejectionError(ResultCode.REQUESTER_ADDRESS_INVALID, 'Invalid requesting address in payload.');
         }
 
         const incomingPublicKey = PeerWallet.decodeBech32mSafe(incomingAddress);
 
         // TODO: We can add check if public key belongs to the Ed25519 curve. Validate signature already checks that but it would be amazing to catch it earlier.
         if (!incomingPublicKey || incomingPublicKey.length !== PUBLIC_KEY_LENGTH) {
-            throw new Error('Invalid requesting public key in payload.');
+            throw new SharedValidatorRejectionError(ResultCode.REQUESTER_PUBLIC_KEY_INVALID, 'Invalid requesting public key in payload.');
         }
     }
 
@@ -127,7 +131,10 @@ class PartialOperation {
                     OperationType.TRANSFER
                 ];
             default:
-                throw new Error(`Unknown operation type: ${payload.type}`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.OPERATION_TYPE_UNKNOWN,
+                    `Unknown operation type: ${payload.type}`
+                );
         }
     }
 
@@ -143,11 +150,14 @@ class PartialOperation {
         const messageHash = await PeerWallet.blake3(message);
         const payloadHash = operation.tx;
         if (!b4a.equals(payloadHash, messageHash)) {
-            throw new Error('Regenerated transaction does not match incoming transaction in payload.');
+            throw new SharedValidatorRejectionError(
+                ResultCode.TX_HASH_MISMATCH,
+                'Regenerated transaction does not match incoming transaction in payload.'
+            );
         }
 
         if (!PeerWallet.verify(incomingSignature, messageHash, incomingPublicKey)) {
-            throw new Error('Invalid signature in payload.');
+            throw new SharedValidatorRejectionError(ResultCode.TX_SIGNATURE_INVALID, 'Invalid signature in payload.');
         }
     }
 
@@ -158,7 +168,7 @@ class PartialOperation {
         const incomingTxv = operation.txv
 
         if (!b4a.equals(currentTxv, incomingTxv)) {
-            throw new Error(`Transaction has expired.`);
+            throw new SharedValidatorRejectionError(ResultCode.TX_EXPIRED, 'Transaction has expired.');
         }
     }
 
@@ -169,7 +179,10 @@ class PartialOperation {
         const txHex = tx.toString('hex');
 
         if (await this.state.get(txHex) !== null) {
-            throw new Error(`Transaction with hash ${txHex} already exists in the state.`);
+            throw new SharedValidatorRejectionError(
+                ResultCode.TX_ALREADY_EXISTS,
+                `Transaction with hash ${txHex} already exists in the state.`
+            );
         }
     }
 
@@ -180,7 +193,10 @@ class PartialOperation {
 
         const condition = va === undefined && vn === undefined && vs === undefined
         if (!condition) {
-            throw new Error('Transfer operation must not be completed already (va, vn, vs must be undefined).');
+            throw new SharedValidatorRejectionError(
+                ResultCode.OPERATION_ALREADY_COMPLETED,
+                'Transfer operation must not be completed already (va, vn, vs must be undefined).'
+            );
         }
     }
 
@@ -194,12 +210,12 @@ class PartialOperation {
         }
 
         if (!requesterEntry) {
-            throw new Error('Requester address not found in state');
+            throw new SharedValidatorRejectionError(ResultCode.REQUESTER_NOT_FOUND, 'Requester address not found in state');
         }
 
         const requesterBalance = bufferToBigInt(requesterEntry.balance);
         if (requesterBalance < FEE_BIGINT) {
-            throw new Error('Insufficient balance to cover transaction fee.');
+            throw new SharedValidatorRejectionError(ResultCode.INSUFFICIENT_FEE_BALANCE, 'Insufficient balance to cover transaction fee.');
         }
     }
 
@@ -209,7 +225,10 @@ class PartialOperation {
         const operation = payload[operationKey];
         const bs = operation.bs;
         if (b4a.equals(this.#config.bootstrap, bs)) {
-            throw new Error(`External bootstrap is the same as MSB bootstrap: ${bs.toString('hex')}`);
+            throw new SharedValidatorRejectionError(
+                ResultCode.EXTERNAL_BOOTSTRAP_EQUALS_MSB_BOOTSTRAP,
+                `External bootstrap is the same as MSB bootstrap: ${bs.toString('hex')}`
+            );
         }
     }
 
@@ -223,10 +242,13 @@ class PartialOperation {
 
         const requesterAddress = bufferToAddress(payload.address, this.#config.addressPrefix);
         if (this.#selfAddress === requesterAddress) {
-            throw new Error('Requester address cannot be the same as the validator wallet address.');
+            throw new SharedValidatorRejectionError(
+                ResultCode.SELF_VALIDATION_FORBIDDEN,
+                'Requester address cannot be the same as the validator wallet address.'
+            );
         }
     }
 
 }
 
-export default PartialOperation;
+export default PartialOperationValidator;

package/src/core/network/protocols/shared/validators/{PartialRoleAccess.js → PartialRoleAccessValidator.js}

@@ -1,10 +1,11 @@
 import b4a from 'b4a';
-import {OperationType} from "../../../../../utils/constants.js";
+import {OperationType, ResultCode} from "../../../../../utils/constants.js";
 import {bufferToAddress} from "../../../../state/utils/address.js";
-import PartialOperation from './base/PartialOperation.js';
+import PartialOperationValidator from './PartialOperationValidator.js';
 import {bufferToBigInt} from "../../../../../utils/amountSerialization.js";
+import SharedValidatorRejectionError from '../errors/SharedValidatorRejectionError.js';
 
-class PartialRoleAccess extends PartialOperation {
+class PartialRoleAccessValidator extends PartialOperationValidator {
     #config;
 
     constructor(state, selfAddress, config) {
@@ -42,17 +43,26 @@ class PartialRoleAccess extends PartialOperation {
             const nodeAddress = bufferToAddress(payload.address, this.#config.addressPrefix);
             const nodeEntry = await this.state.getNodeEntry(nodeAddress);
             if (!nodeEntry) {
-                throw new Error(`Node with address ${nodeAddress} entry does not exist.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_ENTRY_NOT_FOUND,
+                    `Node with address ${nodeAddress} entry does not exist.`
+                );
             }
 
             const isNodeAlreadyWriter = nodeEntry.isWriter;
             if (isNodeAlreadyWriter) {
-                throw new Error(`Node with address ${nodeAddress} is already a writer.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_ALREADY_WRITER,
+                    `Node with address ${nodeAddress} is already a writer.`
+                );
             }
 
             const isNodeWhitelisted = nodeEntry.isWhitelisted;
             if (!isNodeWhitelisted) {
-                throw new Error(`Node with address ${nodeAddress} is not whitelisted.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_NOT_WHITELISTED,
+                    `Node with address ${nodeAddress} is not whitelisted.`
+                );
             }
             return;
 
@@ -60,24 +70,33 @@ class PartialRoleAccess extends PartialOperation {
             const nodeAddress = bufferToAddress(payload.address, this.#config.addressPrefix);
             const nodeEntry = await this.state.getNodeEntry(nodeAddress);
             if (!nodeEntry) {
-                throw new Error(`Node with address ${nodeAddress} entry does not exist.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_ENTRY_NOT_FOUND,
+                    `Node with address ${nodeAddress} entry does not exist.`
+                );
             }
 
             const isAlreadyWriter = nodeEntry.isWriter;
             if (!isAlreadyWriter) {
-                throw new Error(`Node with address ${nodeAddress} is not a writer.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_NOT_WRITER,
+                    `Node with address ${nodeAddress} is not a writer.`
+                );
             }
 
             const isAlreadyIndexer = nodeEntry.isIndexer;
             if (isAlreadyIndexer) {
-                throw new Error(`Node with address ${nodeAddress} is an indexer.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_NODE_IS_INDEXER,
+                    `Node with address ${nodeAddress} is an indexer.`
+                );
             }
             return;
 
         } else if (type === OperationType.ADMIN_RECOVERY) {
             const adminEntry = await this.state.getAdminEntry();
             if (!adminEntry) {
-                throw new Error('Admin entry does not exist.');
+                throw new SharedValidatorRejectionError(ResultCode.ROLE_ADMIN_ENTRY_MISSING, 'Admin entry does not exist.');
             }
 
             const adminAddressBuffer = payload.address;
@@ -87,20 +106,29 @@ class PartialRoleAccess extends PartialOperation {
                 !b4a.equals(payload.rao.iw, adminEntry.wk)
             );
             if (!isRecoveryCase) {
-                throw new Error(`Node with address ${adminAddress} is not a valid recovery case.`);
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_INVALID_RECOVERY_CASE,
+                    `Node with address ${adminAddress} is not a valid recovery case.`
+                );
             }
 
             return;
         }
 
-        throw new Error(`Unknown role access operation type: ${type}`);
+        throw new SharedValidatorRejectionError(
+            ResultCode.ROLE_UNKNOWN_OPERATION,
+            `Unknown role access operation type: ${type}`
+        );
     }
 
     async validateWriterKey(payload) {
         const requesterAddress = bufferToAddress(payload.address, this.#config.addressPrefix);
         const nodeEntry = await this.state.getNodeEntry(requesterAddress);
         if (!nodeEntry) {
-            throw new Error(`Node entry not found for address ${requesterAddress}`);
+            throw new SharedValidatorRejectionError(
+                ResultCode.REQUESTER_NOT_FOUND,
+                `Node entry not found for address ${requesterAddress}`
+            );
         }
 
         const writerKey = payload.rao.iw.toString('hex');
@@ -111,7 +139,10 @@ class PartialRoleAccess extends PartialOperation {
             const isOwner = b4a.equals(addressFromRegisteredWritingKey, payload.address);
 
             if (!isCurrentWk || !isOwner) {
-                throw new Error('Invalid writer key: either not owned by requester or different from assigned key');
+                throw new SharedValidatorRejectionError(
+                    ResultCode.ROLE_INVALID_WRITER_KEY,
+                    'Invalid writer key: either not owned by requester or different from assigned key'
+                );
             }
         }
     }
@@ -126,15 +157,18 @@ class PartialRoleAccess extends PartialOperation {
         }
 
         if (!requesterEntry) {
-            throw new Error('Requester address not found in state');
+            throw new SharedValidatorRejectionError(ResultCode.REQUESTER_NOT_FOUND, 'Requester address not found in state');
         }
         const requesterBalance = bufferToBigInt(requesterEntry.balance);
 
         const requiredBalance = this.fee * 11n;
         if (requesterBalance < requiredBalance) {
-            throw new Error('Insufficient requester balance to cover role access operation FEE.');
+            throw new SharedValidatorRejectionError(
+                ResultCode.ROLE_INSUFFICIENT_FEE_BALANCE,
+                'Insufficient requester balance to cover role access operation FEE.'
+            );
         }
     }
 }
 
-export default PartialRoleAccess;
+export default PartialRoleAccessValidator;