add DecryptionFailed in Event

basfroman · basfroman · commit 9e3998b75782 · 2025-12-03T12:32:44.000-08:00
diff --git a/pallets/shield/src/lib.rs b/pallets/shield/src/lib.rs
@@ -142,6 +142,11 @@ pub mod pallet {
             id: T::Hash,
             reason: DispatchErrorWithPostInfo<PostDispatchInfo>,
         },
+        /// Decryption failed - validator could not decrypt the submission.
+        DecryptionFailed {
+            id: T::Hash,
+            reason: BoundedVec<u8, ConstU32<256>>,
+        },
     }
 
     #[pallet::error]
@@ -404,6 +409,43 @@ pub mod pallet {
                 }
             }
         }
+
+        /// Marks a submission as failed to decrypt and removes it from storage.
+        ///
+        /// Called by the block author when decryption fails at any stage (e.g., ML-KEM decapsulate
+        /// failed, AEAD decrypt failed, invalid ciphertext format, etc.). This allows clients to be
+        /// notified of decryption failures through on-chain events.
+        ///
+        /// # Arguments
+        ///
+        /// * `id` - The wrapper id (hash of (author, commitment, ciphertext))
+        /// * `reason` - Human-readable reason for the decryption failure (e.g., "ML-KEM decapsulate failed")
+        #[pallet::call_index(3)]
+        #[pallet::weight((
+            Weight::from_parts(10_000_000, 0)
+                .saturating_add(T::DbWeight::get().reads(1_u64))
+                .saturating_add(T::DbWeight::get().writes(1_u64)),
+            DispatchClass::Operational,
+            Pays::No
+        ))]
+        pub fn mark_decryption_failed(
+            origin: OriginFor<T>,
+            id: T::Hash,
+            reason: BoundedVec<u8, ConstU32<256>>,
+        ) -> DispatchResult {
+            // Unsigned: only the author node may inject this via ValidateUnsigned.
+            ensure_none(origin)?;
+
+            // Load and consume the submission.
+            let Some(_sub) = Submissions::<T>::take(id) else {
+                return Err(Error::<T>::MissingSubmission.into());
+            };
+
+            // Emit event to notify clients
+            Self::deposit_event(Event::DecryptionFailed { id, reason });
+
+            Ok(())
+        }
     }
 
     impl<T: Config> Pallet<T> {
@@ -448,7 +490,19 @@ pub mod pallet {
                         _ => InvalidTransaction::Call.into(),
                     }
                 }
-
+                Call::mark_decryption_failed { id, .. } => {
+                    match source {
+                        TransactionSource::Local | TransactionSource::InBlock => {
+                            ValidTransaction::with_tag_prefix("mev-shield-failed")
+                                .priority(u64::MAX)
+                                .longevity(64) // long because propagate(false)
+                                .and_provides(id) // dedupe by wrapper id
+                                .propagate(false) // CRITICAL: no gossip, stays on author node
+                                .build()
+                        }
+                        _ => InvalidTransaction::Call.into(),
+                    }
+                }
                 _ => InvalidTransaction::Call.into(),
             }
         }
