Error Codes Reference

Canonical error codes and verdicts used across the Truthlock platform. These codes are stable and can be used for programmatic error handling.

Verification Verdicts

Verdict	CLI Exit	Description
VALID	0	Attestation verified successfully
ALTERED	10	Payload hash does not match
REVOKED	11	Attestation has been revoked
KEY_COMPROMISED	12	Signing key marked as compromised
KEY_EXPIRED	13	Signing key has expired
LOG_PROOF_FAILED	14	Transparency log proof verification failed
SIGNATURE_INVALID	15	Cryptographic signature verification failed

API Error Codes

Code	HTTP	Description
INVALID_INPUT	400	Request validation failed
NOT_FOUND	404	Resource not found
UNAUTHORIZED	401	Authentication required
FORBIDDEN	403	Permission denied
CONFLICT	409	Resource state conflict
ISSUER_NOT_TRUSTED	403	Issuer must be in trusted status
KEY_INACTIVE	400	Signing key is not active
POLICY_VIOLATION	403	Request violates active policy

Error Response Format

{
  "code": "ISSUER_NOT_TRUSTED",
  "message": "Issuer must be in trusted status to mint attestations",
  "details": {
    "issuer_id": "uuid",
    "current_status": "pending"
  },
  "trace_id": "abc123xyz"
}

Canonical Enums

Algorithm

Ed25519
P-256
P-384

Issuer Status

pending
trusted
suspended
revoked

Trust Tier

self_issued
verified_org
regulated_issuer

Key Status

ACTIVE
DISABLED
EXPIRED
COMPROMISED

Attestation Status

ACTIVE
REVOKED
SUPERSEDED

Risk Rating

unknown
low
medium
high
critical