User Story
As a Dash Platform user, I want duplicate identity key errors to be caught during validation (returning a proper ConsensusError) rather than during execution (returning a raw internal error), so that my wallet application can display a clear, structured error message.
Problem
validate_unique_identity_public_key_hashes_not_in_state() only checks the unique key hash set via has_any_of_unique_public_key_hashes(). However, the insertion code in insert_unique_public_key_hash_reference_to_identity_operations_v0() checks both unique AND non-unique sets before inserting.
This asymmetry creates a bypass:
- Identity with key K is registered → K goes into the non-unique set
- Another identity tries to register with the same key K
- Pre-validation checks unique set only → K not there → validation passes ✅
- Insertion checks non-unique set → K exists → execution fails 💥
- Error surfaces as
StateTransitionExecutionResult::InternalError(string) instead of a ConsensusError
The SDK client receives a gRPC Internal error with a raw string message instead of a structured ConsensusError::BasicError(DuplicatedIdentityPublicKeyIdBasicError).
Suggested Fix
In packages/rs-drive-abci/src/execution/validation/state_transition/common/validate_unique_identity_public_key_hashes_in_state/v0/mod.rs, extend the validation to also call has_any_of_non_unique_public_key_hashes() (or equivalent) and return a DuplicatedIdentityPublicKeyIdBasicError if the key exists in either set.
Files
| File |
Current behavior |
.../validate_unique_identity_public_key_hashes_in_state/v0/mod.rs |
Only checks unique set |
.../insert_unique_public_key_hash_reference_to_identity/v0/mod.rs |
Checks both unique + non-unique |
Related
🤖 Co-authored by Claudius the Magnificent AI Agent
User Story
As a Dash Platform user, I want duplicate identity key errors to be caught during validation (returning a proper
ConsensusError) rather than during execution (returning a raw internal error), so that my wallet application can display a clear, structured error message.Problem
validate_unique_identity_public_key_hashes_not_in_state()only checks the unique key hash set viahas_any_of_unique_public_key_hashes(). However, the insertion code ininsert_unique_public_key_hash_reference_to_identity_operations_v0()checks both unique AND non-unique sets before inserting.This asymmetry creates a bypass:
StateTransitionExecutionResult::InternalError(string)instead of aConsensusErrorThe SDK client receives a gRPC Internal error with a raw string message instead of a structured
ConsensusError::BasicError(DuplicatedIdentityPublicKeyIdBasicError).Suggested Fix
In
packages/rs-drive-abci/src/execution/validation/state_transition/common/validate_unique_identity_public_key_hashes_in_state/v0/mod.rs, extend the validation to also callhas_any_of_non_unique_public_key_hashes()(or equivalent) and return aDuplicatedIdentityPublicKeyIdBasicErrorif the key exists in either set.Files
.../validate_unique_identity_public_key_hashes_in_state/v0/mod.rs.../insert_unique_public_key_hash_reference_to_identity/v0/mod.rsRelated
🤖 Co-authored by Claudius the Magnificent AI Agent