Refactor IMP and VCMP errors (#1516)

* refactor IMP errors

* adjust tests

* a bit more test fix

* refactor vcmp errors

* Vc -> VC

* adjust ts-test

* minor comment

* small fix

* update comment

* try to fix test error

* try to forcibly stringify

Author: Kailai-Wang

pallets/identity-management-mock/src/lib.rs

@@ -181,8 +181,8 @@ pub mod pallet {
 		IdentityAlreadyVerified,
 		/// identity not exist when removing an identity
 		IdentityNotExist,
-		/// identity should be disallowed
-		IdentityShouldBeDisallowed,
+		/// creating the prime identity manually is disallowed
+		CreatePrimeIdentityNotAllowed,
 		/// no shielding key for a given AccountId
 		ShieldingKeyNotExist,
 		/// a verification reqeust comes too early
@@ -321,7 +321,7 @@ pub mod pallet {
 						.try_into()
 						.map_err(|_| DispatchError::Other("invalid account id"))?;
 					let user_address: Address32 = address_raw.into();
-					ensure!(user_address != address, Error::<T>::IdentityShouldBeDisallowed);
+					ensure!(user_address != address, Error::<T>::CreatePrimeIdentityNotAllowed);
 				}
 			}
 			let metadata = match encrypted_metadata {

pallets/identity-management/src/lib.rs

@@ -35,8 +35,7 @@
 mod benchmarking;
 #[cfg(test)]
 mod mock;
-
-#[cfg(all(test, feature = "skip-ias-check"))]
+#[cfg(test)]
 mod tests;
 
 pub mod weights;
@@ -50,7 +49,7 @@ use sp_std::vec::Vec;
 #[frame_support::pallet]
 pub mod pallet {
 	use super::{AesOutput, ShardIdentifier, Vec, WeightInfo};
-	use core_primitives::{ErrorString, IMPError};
+	use core_primitives::{ErrorDetail, IMPError};
 	use frame_support::pallet_prelude::*;
 	use frame_system::pallet_prelude::*;
 
@@ -88,24 +87,12 @@ pub mod pallet {
 		// event errors caused by processing in TEE
 		// copied from core_primitives::IMPError, we use events instead of pallet::errors,
 		// see https://github.com/litentry/litentry-parachain/issues/1275
-		DecodeHexFailed { reason: ErrorString },
-		HttpRequestFailed { reason: ErrorString },
-		StfError { reason: ErrorString },
-		CreateIdentityHandlingFailed,
-		RemoveIdentityHandlingFailed,
-		VerifyIdentityHandlingFailed,
-		SetUserShieldingKeyHandlingFailed,
-		InvalidUserShieldingKey,
-		InvalidIdentity,
-		WrongWeb2Handle,
-		UnexpectedMessage,
-		WrongIdentityHandleType,
-		WrongSignatureType,
-		VerifySubstrateSignatureFailed,
-		RecoverSubstratePubkeyFailed,
-		VerifyEvmSignatureFailed,
-		RecoverEvmAddressFailed,
+		SetUserShieldingKeyFailed { detail: ErrorDetail },
+		CreateIdentityFailed { detail: ErrorDetail },
+		RemoveIdentityFailed { detail: ErrorDetail },
+		VerifyIdentityFailed { detail: ErrorDetail },
 		ImportScheduledEnclaveFailed,
+		UnclassifiedError { detail: ErrorDetail },
 	}
 
 	/// delegatees who are authorised to send extrinsics(currently only `create_identity`)
@@ -265,37 +252,18 @@ pub mod pallet {
 		pub fn some_error(origin: OriginFor<T>, error: IMPError) -> DispatchResultWithPostInfo {
 			let _ = T::TEECallOrigin::ensure_origin(origin)?;
 			match error {
-				IMPError::DecodeHexFailed(s) =>
-					Self::deposit_event(Event::DecodeHexFailed { reason: s }),
-				IMPError::HttpRequestFailed(s) =>
-					Self::deposit_event(Event::HttpRequestFailed { reason: s }),
-				IMPError::StfError(s) => Self::deposit_event(Event::StfError { reason: s }),
-				IMPError::InvalidUserShieldingKey =>
-					Self::deposit_event(Event::InvalidUserShieldingKey),
-				IMPError::InvalidIdentity => Self::deposit_event(Event::InvalidIdentity),
-				IMPError::CreateIdentityHandlingFailed =>
-					Self::deposit_event(Event::CreateIdentityHandlingFailed),
-				IMPError::RemoveIdentityHandlingFailed =>
-					Self::deposit_event(Event::RemoveIdentityHandlingFailed),
-				IMPError::VerifyIdentityHandlingFailed =>
-					Self::deposit_event(Event::VerifyIdentityHandlingFailed),
-				IMPError::SetUserShieldingKeyHandlingFailed =>
-					Self::deposit_event(Event::SetUserShieldingKeyHandlingFailed),
-				IMPError::WrongWeb2Handle => Self::deposit_event(Event::WrongWeb2Handle),
-				IMPError::UnexpectedMessage => Self::deposit_event(Event::UnexpectedMessage),
-				IMPError::WrongIdentityHandleType =>
-					Self::deposit_event(Event::WrongIdentityHandleType),
-				IMPError::WrongSignatureType => Self::deposit_event(Event::WrongSignatureType),
-				IMPError::VerifySubstrateSignatureFailed =>
-					Self::deposit_event(Event::VerifySubstrateSignatureFailed),
-				IMPError::RecoverSubstratePubkeyFailed =>
-					Self::deposit_event(Event::RecoverSubstratePubkeyFailed),
-				IMPError::VerifyEvmSignatureFailed =>
-					Self::deposit_event(Event::VerifyEvmSignatureFailed),
-				IMPError::RecoverEvmAddressFailed =>
-					Self::deposit_event(Event::RecoverEvmAddressFailed),
+				IMPError::SetUserShieldingKeyFailed(detail) =>
+					Self::deposit_event(Event::SetUserShieldingKeyFailed { detail }),
+				IMPError::CreateIdentityFailed(detail) =>
+					Self::deposit_event(Event::CreateIdentityFailed { detail }),
+				IMPError::RemoveIdentityFailed(detail) =>
+					Self::deposit_event(Event::RemoveIdentityFailed { detail }),
+				IMPError::VerifyIdentityFailed(detail) =>
+					Self::deposit_event(Event::VerifyIdentityFailed { detail }),
 				IMPError::ImportScheduledEnclaveFailed =>
 					Self::deposit_event(Event::ImportScheduledEnclaveFailed),
+				IMPError::UnclassifiedError(detail) =>
+					Self::deposit_event(Event::UnclassifiedError { detail }),
 			}
 			Ok(Pays::No.into())
 		}

pallets/identity-management/src/tests.rs

@@ -15,13 +15,11 @@
 // along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
 
 use crate::{mock::*, Error, ShardIdentifier};
-use core_primitives::IMPError;
+use core_primitives::{ErrorDetail, IMPError};
 use frame_support::{assert_noop, assert_ok};
 use sp_core::H256;
 
 const TEST_MRENCLAVE: [u8; 32] = [2u8; 32];
-// copied from https://github.com/integritee-network/pallets/blob/5b0706e8b9f726d81d8aff74efbae8e023e783b7/test-utils/src/ias.rs#L147
-const URL: &[u8] = &[119, 115, 58, 47, 47, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 57, 57, 57, 49];
 
 #[test]
 fn set_user_shielding_key_works() {
@@ -121,7 +119,11 @@ fn verify_identity_works() {
 }
 
 #[test]
+#[cfg(feature = "skip-ias-check")]
 fn tee_callback_with_registered_enclave_works() {
+	// copied from https://github.com/integritee-network/pallets/blob/5b0706e8b9f726d81d8aff74efbae8e023e783b7/test-utils/src/ias.rs#L147
+	const URL: &[u8] =
+		&[119, 115, 58, 47, 47, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 57, 57, 57, 49];
 	new_test_ext().execute_with(|| {
 		assert_ok!(Teerex::register_enclave(
 			RuntimeOrigin::signed(1),
@@ -133,17 +135,22 @@ fn tee_callback_with_registered_enclave_works() {
 
 		assert_ok!(IdentityManagement::some_error(
 			RuntimeOrigin::signed(1),
-			IMPError::WrongWeb2Handle
+			IMPError::VerifyIdentityFailed(ErrorDetail::WrongWeb2Handle)
+		));
+		System::assert_last_event(RuntimeEvent::IdentityManagement(
+			crate::Event::VerifyIdentityFailed { detail: ErrorDetail::WrongWeb2Handle },
 		));
-		System::assert_last_event(RuntimeEvent::IdentityManagement(crate::Event::WrongWeb2Handle));
 	});
 }
 
 #[test]
 fn tee_callback_with_unregistered_enclave_fails() {
 	new_test_ext().execute_with(|| {
 		assert_noop!(
-			IdentityManagement::some_error(RuntimeOrigin::signed(1), IMPError::WrongWeb2Handle),
+			IdentityManagement::some_error(
+				RuntimeOrigin::signed(1),
+				IMPError::VerifyIdentityFailed(ErrorDetail::WrongWeb2Handle)
+			),
 			sp_runtime::DispatchError::BadOrigin,
 		);
 	});

pallets/vc-management/src/lib.rs

@@ -48,7 +48,7 @@ pub type VCIndex = H256;
 #[frame_support::pallet]
 pub mod pallet {
 	use super::*;
-	use core_primitives::{ErrorString, VCMPError};
+	use core_primitives::{ErrorDetail, VCMPError};
 	use frame_support::pallet_prelude::*;
 	use frame_system::pallet_prelude::*;
 
@@ -107,22 +107,10 @@ pub mod pallet {
 		// a Schema is revoked
 		SchemaRevoked { account: T::AccountId, shard: ShardIdentifier, index: SchemaIndex },
 		// event errors caused by processing in TEE
-		// copied from core_primitives::IMPError, we use events instead of pallet::errors,
+		// copied from core_primitives::VCMPError, we use events instead of pallet::errors,
 		// see https://github.com/litentry/litentry-parachain/issues/1275
-		HttpRequestFailed { reason: ErrorString },
-		RequestVCHandlingFailed,
-		StfError { reason: ErrorString },
-		ParseError,
-		Assertion1Failed,
-		Assertion2Failed,
-		Assertion3Failed,
-		Assertion4Failed,
-		Assertion5Failed,
-		Assertion6Failed,
-		Assertion7Failed,
-		Assertion8Failed,
-		Assertion10Failed,
-		Assertion11Failed,
+		RequestVCFailed { assertion: Assertion, detail: ErrorDetail },
+		UnclassifiedError { detail: ErrorDetail },
 	}
 
 	#[pallet::error]
@@ -213,22 +201,10 @@ pub mod pallet {
 		pub fn some_error(origin: OriginFor<T>, error: VCMPError) -> DispatchResultWithPostInfo {
 			let _ = T::TEECallOrigin::ensure_origin(origin)?;
 			match error {
-				VCMPError::HttpRequestFailed(s) =>
-					Self::deposit_event(Event::HttpRequestFailed { reason: s }),
-				VCMPError::RequestVCHandlingFailed =>
-					Self::deposit_event(Event::RequestVCHandlingFailed),
-				VCMPError::StfError(s) => Self::deposit_event(Event::StfError { reason: s }),
-				VCMPError::ParseError => Self::deposit_event(Event::ParseError),
-				VCMPError::Assertion1Failed => Self::deposit_event(Event::Assertion1Failed),
-				VCMPError::Assertion2Failed => Self::deposit_event(Event::Assertion2Failed),
-				VCMPError::Assertion3Failed => Self::deposit_event(Event::Assertion3Failed),
-				VCMPError::Assertion4Failed => Self::deposit_event(Event::Assertion4Failed),
-				VCMPError::Assertion5Failed => Self::deposit_event(Event::Assertion5Failed),
-				VCMPError::Assertion6Failed => Self::deposit_event(Event::Assertion6Failed),
-				VCMPError::Assertion7Failed => Self::deposit_event(Event::Assertion7Failed),
-				VCMPError::Assertion8Failed => Self::deposit_event(Event::Assertion8Failed),
-				VCMPError::Assertion10Failed => Self::deposit_event(Event::Assertion10Failed),
-				VCMPError::Assertion11Failed => Self::deposit_event(Event::Assertion11Failed),
+				VCMPError::RequestVCFailed(assertion, detail) =>
+					Self::deposit_event(Event::RequestVCFailed { assertion, detail }),
+				VCMPError::UnclassifiedError(detail) =>
+					Self::deposit_event(Event::UnclassifiedError { detail }),
 			}
 			Ok(Pays::No.into())
 		}

primitives/core/src/assertion.rs

@@ -22,26 +22,26 @@ use codec::{Decode, Encode, MaxEncodedLen};
 use scale_info::TypeInfo;
 use sp_runtime::{traits::ConstU32, BoundedVec};
 
-// pub type Balance = u128;
 type MaxStringLength = ConstU32<64>;
 pub type ParameterString = BoundedVec<u8, MaxStringLength>;
 pub type Network = BoundedVec<u8, MaxStringLength>;
 pub type AssertionNetworks = BoundedVec<Network, MaxStringLength>;
 
+#[rustfmt::skip]
 #[derive(Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen)]
 pub enum Assertion {
 	A1,
-	A2(ParameterString),                                   // (guild_id)
-	A3(ParameterString, ParameterString, ParameterString), // (guild_id, channel_id, role_id)
-	A4(Balance),                                           // (minimum_amount)
-	A5(ParameterString, ParameterString),                  // (twitter_account, tweet_id)
+	A2(ParameterString),                                    // (guild_id)
+	A3(ParameterString, ParameterString, ParameterString),  // (guild_id, channel_id, role_id)
+	A4(Balance),                                            // (minimum_amount)
+	A5(ParameterString, ParameterString),                   // (twitter_account, tweet_id)
 	A6,
-	A7(Balance),           // (minimum_amount)
-	A8(AssertionNetworks), // litentry, litmus, polkadot, kusama, khala, ethereum
+	A7(Balance),                                            // (minimum_amount)
+	A8(AssertionNetworks),                                  // litentry, litmus, polkadot, kusama, khala, ethereum
 	A9,
-	A10(Balance), // (minimum_amount)
-	A11(Balance), // (minimum_amount)
-	A13(u32),     // (Karma_amount) - TODO: unsupported
+	A10(Balance),                                           // (minimum_amount)
+	A11(Balance),                                           // (minimum_amount)
+	A13(u32),                                               // (Karma_amount) - TODO: unsupported
 }
 
 pub const ASSERTION_NETWORKS: [&str; 6] =

primitives/core/src/error.rs

@@ -14,42 +14,54 @@
 // You should have received a copy of the GNU General Public License
 // along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
 
+use crate::Assertion;
 use codec::{Decode, Encode, MaxEncodedLen};
 use scale_info::TypeInfo;
 use sp_runtime::{traits::ConstU32, BoundedVec};
 
 pub type MaxStringLength = ConstU32<100>;
 pub type ErrorString = BoundedVec<u8, MaxStringLength>;
 
-// Identity Management Pallet Error
 #[derive(Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen)]
-pub enum IMPError {
-	// UTF8Error,
-	DecodeHexFailed(ErrorString),
-	HttpRequestFailed(ErrorString),
-	// tee stf error
+pub enum ErrorDetail {
+	// error when importing the parentchain blocks and executing indirect calls
+	ImportError,
+	// generic error when executing STF, the `ErrorString` should indicate the actual reasons
 	StfError(ErrorString),
-	// schedued encalve import error
-	ImportScheduledEnclaveFailed,
-	// Indirect call handling errors when importing parachain blocks
-	CreateIdentityHandlingFailed,
-	RemoveIdentityHandlingFailed,
-	VerifyIdentityHandlingFailed,
-	SetUserShieldingKeyHandlingFailed,
-
-	// identity verification errors
-	InvalidUserShieldingKey,
+	// error when sending stf request to the receiver
+	SendStfRequestFailed,
+	ChallengeCodeNotFound,
+	UserShieldingKeyNotFound,
+	// generic parse error, can be caused by UTF8/JSON serde..
+	ParseError,
+	// errors when verifying identities
+	DecodeHexPayloadFailed(ErrorString),
+	HttpRequestFailed(ErrorString),
 	InvalidIdentity,
 	WrongWeb2Handle,
 	UnexpectedMessage,
-	WrongIdentityHandleType,
 	WrongSignatureType,
 	VerifySubstrateSignatureFailed,
-	RecoverSubstratePubkeyFailed,
 	VerifyEvmSignatureFailed,
 	RecoverEvmAddressFailed,
 }
 
+// Identity Management Pallet Error
+#[derive(Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen)]
+pub enum IMPError {
+	// errors when executing individual error
+	SetUserShieldingKeyFailed(ErrorDetail),
+	CreateIdentityFailed(ErrorDetail),
+	RemoveIdentityFailed(ErrorDetail),
+	VerifyIdentityFailed(ErrorDetail),
+	// scheduled encalve import error
+	ImportScheduledEnclaveFailed,
+
+	// should be unreached, but just to be on the safe side
+	// we should classify the error if we ever get this
+	UnclassifiedError(ErrorDetail),
+}
+
 impl frame_support::traits::PalletError for IMPError {
 	// max_encoded_len
 	const MAX_ENCODED_SIZE: usize = 1;
@@ -58,22 +70,8 @@ impl frame_support::traits::PalletError for IMPError {
 // Verified Credential(VC) Management Pallet Error
 #[derive(Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen)]
 pub enum VCMPError {
-	HttpRequestFailed(ErrorString),
-	// Indirect call handling errors when importing parachain blocks
-	RequestVCHandlingFailed,
-	// tee stf error
-	StfError(ErrorString),
-	// UTF8Error
-	ParseError,
-	// Assertion
-	Assertion1Failed,
-	Assertion2Failed,
-	Assertion3Failed,
-	Assertion4Failed,
-	Assertion5Failed,
-	Assertion6Failed,
-	Assertion7Failed,
-	Assertion8Failed,
-	Assertion10Failed,
-	Assertion11Failed,
+	RequestVCFailed(Assertion, ErrorDetail),
+	// should be unreached, but just to be on the safe side
+	// we should classify the error if we ever get this
+	UnclassifiedError(ErrorDetail),
 }