oss.sarwagya.wtf

Errors

Every failure is a typed ReceiptError with a stable code.

Everything the library throws is a ReceiptError with a stable code, the operation that failed, a human message, and the native cause when there is one. Verifiers are the exception by design: verifyReceipt and verifyDisclosure return structured reports rather than throwing, because bad proofs are expected traffic — a tamper attempt should not crash your app.

Codes (v0.1)

CodeWhere it comes from
UNSUPPORTEDRuntime lacks a required primitive (Web Crypto).
INVALID_ARGUMENTAn API was called with structurally invalid input.
CANONICALIZATION_FAILEDValue cannot be canonicalized by the requested profile.
UNSUPPORTED_CANONICALIZATIONUnknown profile name.
UNSUPPORTED_ALGORITHMHash/signature algorithm not implemented.
UNSUPPORTED_VERSIONReceipt or disclosure declares a spec version this verifier does not speak.
EMBED_NOT_ALLOWEDPayload asked for mode: "embedded" without embed: true.
PAYLOAD_NOT_COMMITTABLEReference-mode payload without content or precomputed digest.
UNKNOWN_PARENTRecorder was given a parent id it never emitted.
RECEIPT_FINALIZEDAttempted to mutate a finalized receipt.
MALFORMED_RECEIPTStructural or hashlink invariant broken.
MALFORMED_DISCLOSURESame, at the disclosure package layer.
MALFORMED_PROOFInclusion proof shape is invalid.
SIGNING_FAILEDSigner threw or produced no signature.
KEY_IMPORT_FAILEDJWK could not be imported for signing or verification.

Use isReceiptError(err) to narrow safely.

PHI safety

Error messages never contain payload values. The library's own test suite has a permanent assertion for this — a code change that would leak a value into a message fails the build.