Introduce a concrete exception type for identity-history-not-fetched cases (#7708)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: maxtropets <16566519+maxtropets@users.noreply.github.com>
Co-authored-by: Max <maxtropets@microsoft.com>
Co-authored-by: Max Tropets <maxtropets@gmail.com>
Co-authored-by: Amaury Chamayou <amchamay@microsoft.com>

Author: 3 people

CHANGELOG.md

@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Added
 
+- Added `ccf::IdentityHistoryNotFetched` exception type to distinguish identity-history-fetching errors from other logic errors in the network identity subsystem (#7708).
 - Added `ccf::describe_cose_receipt_v1(receipt)` to obtain COSE receipts with Merkle proof in unprotected header for non-signature TXs, and empty unprotected header for signature TXs (#7700).
 - `NetworkIdentitySubsystemInterface` now exposes `get_trusted_keys()`, returning all trusted network identity keys as a `TrustedKeys` map (#7690).
 

include/ccf/network_identity_interface.h

@@ -5,6 +5,7 @@
 #include "ccf/crypto/ec_public_key.h"
 #include "ccf/node_subsystem_interface.h"
 
+#include <exception>
 #include <map>
 #include <optional>
 #include <string>
@@ -31,6 +32,20 @@ namespace ccf
   /// network identity keys over the history of the service.
   using TrustedKeys = std::map<ccf::SeqNo, ccf::crypto::ECPublicKeyPtr>;
 
+  /// Exception thrown when identity data is requested before the
+  /// asynchronous identity-history-fetching process has completed.
+  struct IdentityHistoryNotFetched : public std::exception
+  {
+    std::string msg;
+
+    IdentityHistoryNotFetched(std::string msg) : msg(std::move(msg)) {}
+
+    [[nodiscard]] const char* what() const noexcept override
+    {
+      return msg.c_str();
+    }
+  };
+
   /// Interface for accessing the network identity subsystem, which manages
   /// the service's cryptographic identity and its historical trusted keys.
   class NetworkIdentitySubsystemInterface : public ccf::AbstractNodeSubSystem
@@ -53,25 +68,27 @@ namespace ccf
     /// or std::nullopt if the chain is not available for the given sequence
     /// number.
     ///
-    /// @throws std::logic_error if endorsement fetching has not completed.
+    /// @throws IdentityHistoryNotFetched if identity history fetching has not
+    /// completed.
     [[nodiscard]] virtual std::optional<CoseEndorsementsChain>
     get_cose_endorsements_chain(ccf::SeqNo seqno) const = 0;
 
     /// Returns the trusted EC public key that was active at the given
     /// sequence number, or nullptr if the sequence number precedes the
     /// earliest known trusted key.
     ///
-    /// @throws std::logic_error if endorsement fetching has not completed
-    /// (i.e. endorsements_fetching_status() != FetchStatus::Done), or if
-    /// no trusted keys have been fetched.
+    /// @throws IdentityHistoryNotFetched if identity history fetching has not
+    /// completed.
+    /// @throws std::logic_error if no trusted keys have been fetched, or if
+    /// internal key resolution is inconsistent.
     [[nodiscard]] virtual ccf::crypto::ECPublicKeyPtr get_trusted_identity_for(
       ccf::SeqNo seqno) const = 0;
 
     /// Returns all trusted network identity keys as a map from sequence
     /// number to EC public key.
     ///
-    /// @throws std::logic_error if endorsement fetching has not completed
-    /// (i.e. endorsements_fetching_status() != FetchStatus::Done).
+    /// @throws IdentityHistoryNotFetched if identity history fetching has not
+    /// completed.
     [[nodiscard]] virtual TrustedKeys get_trusted_keys() const = 0;
   };
 }

src/node/rpc/network_identity_subsystem.h

@@ -144,9 +144,9 @@ namespace ccf
     {
       if (fetch_status.load() != FetchStatus::Done)
       {
-        throw std::logic_error(fmt::format(
-          "COSE endorsements chain requested for seqno {} but endorsement "
-          "fetching has not been completed yet",
+        throw IdentityHistoryNotFetched(fmt::format(
+          "COSE endorsements chain requested for seqno {} but identity "
+          "history fetching has not been completed yet",
           seqno));
       }
 
@@ -186,9 +186,9 @@ namespace ccf
     {
       if (fetch_status.load() != FetchStatus::Done)
       {
-        throw std::logic_error(fmt::format(
-          "Trusted key requested for seqno {} but the fetching has "
-          "not been completed yet",
+        throw IdentityHistoryNotFetched(fmt::format(
+          "Trusted key requested for seqno {} but identity history "
+          "fetching has not been completed yet",
           seqno));
       }
       if (trusted_keys.empty())
@@ -217,8 +217,8 @@ namespace ccf
     {
       if (fetch_status.load() != FetchStatus::Done)
       {
-        throw std::logic_error(
-          "Trusted keys requested but endorsements/key fetching has not "
+        throw IdentityHistoryNotFetched(
+          "Trusted keys requested but identity history fetching has not "
           "completed yet");
       }
       return trusted_keys;