Error Codes

Overview

The goal of all error messages in Daml is to enable users, developers, and operators to act independently on the encountered errors, either manually or with an automated process.

Most errors are a result of request processing. Each error is logged and returned to the user as a failed gRPC response containing the status code, an optional status message and optional metadata. We further enhance this by providing:

  • improved consistency of the returned errors across API endpoints
  • richer error payload format with clearly distinguished machine readable parts to facilitate automated error handling strategies
  • complete inventory of all error codes with an explanation, suggested resolution and other useful information

Glossary

Error

Represents an occurrence of a failure. Consists of:

  • an error code id,
  • a gRPC status code (determined by its error category),
  • an error category,
  • a correlation id,
  • a human readable message,
  • and optional additional metadata.

You can think of it as an instantiation of an error code.

Error Code
Represents a class of failures. Identified by its error code id (we may use error code and error code id interchangeably in this document). Belongs to a single error category.
Error Category
A broad categorization of error codes that you can base your error handling strategies on. Maps to exactly one gRPC status code. We recommend dealing with errors based on their error category. However, if the error category alone is too generic you can act on a particular error code.
Correlation Id
A value that allows the user to clearly identify the request, such that the operator can lookup any log information associated with this error. We use the request’s submission id for correlation id.

Anatomy of an Error

Errors returned to users contain a gRPC status code, a description, and additional machine-readable information represented in the rich gRPC error model.

Error Description

We use the standard gRPC description that additionally adheres to our custom message format:

<ERROR_CODE_ID>(<CATEGORY_ID>,<CORRELATION_ID_PREFIX>):<HUMAN_READABLE_MESSAGE>

The constituent parts are:

  • <ERROR_CODE_ID> - a unique non-empty string containing at most 63 characters: upper-case letters, underscores or digits. Identifies corresponding error code id.
  • <CATEGORY_ID> - a small integer identifying the corresponding error category.
  • <CORRELATION_ID_PREFIX> - a string aimed at identifying originating request. Absence of one is indicated by value 0. If present, it is the first 8 characters of the corresponding request’s submission id. Full correlation id can be found in error’s additional machine readable information (see Additional Machine-Readable Information).
  • : - a colon serves as a separator for the machine and human readable parts of the error description.
  • <HUMAN_READABLE_MESSAGE> - a message targeted at a human reader. Should never be parsed by applications, as the description might change in future releases to improve clarity.

In a concrete example an error description might look like this:

TRANSACTION_NOT_FOUND(11,12345): Transaction not found, or not visible.

Additional Machine-Readable Information

We use following error details:

  • A mandatory com.google.rpc.ErrorInfo containing error code id.
  • A mandatory com.google.rpc.RequestInfo containing (not-truncated) correlation id (or 0 if correlation id is not available).
  • An optional com.google.rpc.RetryInfo containing retry interval with milliseconds resolution.
  • An optional com.google.rpc.ResourceInfo containing information about the resource the failure is based on. Any request that fails due to some well-defined resource issues (such as contract, contract-key, package, party, template, domain, etc.) contains these. Particular resources are implementation specific and vary across ledger implementations.

Many errors will include more information, but there is no guarantee that additional information will be preserved across versions.

Prevent Security Leaks in Error Codes

For any error that could leak information to an attacker, the system returns an error message via the API that contains no valuable information. The log file contains the full error message.

Work With Error Codes

This example shows how a user can extract the relevant error information:

object SampleClientSide {

  import com.google.rpc.ResourceInfo
  import com.google.rpc.{ErrorInfo, RequestInfo, RetryInfo}
  import io.grpc.StatusRuntimeException
  import scala.jdk.CollectionConverters._

  def example(): Unit = {
    try {
      DummmyServer.serviceEndpointDummy()
    } catch {
      case e: StatusRuntimeException =>
        // Converting to a status object.
        val status = io.grpc.protobuf.StatusProto.fromThrowable(e)

        // Extracting gRPC status code.
        assert(status.getCode == io.grpc.Status.Code.ABORTED.value())
        assert(status.getCode == 10)

        // Extracting error message, both
        // machine oriented part: "MY_ERROR_CODE_ID(2,full-cor):",
        // and human oriented part: "A user oriented message".
        assert(status.getMessage == "MY_ERROR_CODE_ID(2,full-cor): A user oriented message")

        // Getting all the details
        val rawDetails: Seq[com.google.protobuf.Any] = status.getDetailsList.asScala.toSeq

        // Extracting error code id, error category id and optionally additional metadata.
        assert {
          rawDetails.collectFirst {
            case any if any.is(classOf[ErrorInfo]) =>
              val v = any.unpack(classOf[ErrorInfo])
              assert(v.getReason == "MY_ERROR_CODE_ID")
              assert(v.getMetadataMap.asScala.toMap == Map("category" -> "2", "foo" -> "bar"))
          }.isDefined
        }

        // Extracting full correlation id, if present.
        assert {
          rawDetails.collectFirst {
            case any if any.is(classOf[RequestInfo]) =>
              val v = any.unpack(classOf[RequestInfo])
              assert(v.getRequestId == "full-correlation-id-123456790")
          }.isDefined
        }

        // Extracting retry information if the error is retryable.
        assert {
          rawDetails.collectFirst {
            case any if any.is(classOf[RetryInfo]) =>
              val v = any.unpack(classOf[RetryInfo])
              assert(v.getRetryDelay.getSeconds == 123, v.getRetryDelay.getSeconds)
              assert(v.getRetryDelay.getNanos == 456 * 1000 * 1000, v.getRetryDelay.getNanos)
          }.isDefined
        }

        // Extracting resource if the error pertains to some well defined resource.
        assert {
          rawDetails.collectFirst {
            case any if any.is(classOf[ResourceInfo]) =>
              val v = any.unpack(classOf[ResourceInfo])
              assert(v.getResourceType == "CONTRACT_ID")
              assert(v.getResourceName == "someContractId")
          }.isDefined
        }
    }
  }
}

Error Codes In Canton Operations

Almost all errors and warnings that can be generated by a Canton-based system are annotated with error codes of the form SOMETHING_NOT_SO_GOOD_HAPPENED(x,c). The upper case string with underscores denotes the unique error id. The parentheses include key additional information. The id together with the extra information is referred to as error-code. The x represents the ErrorCategory used to classify the error, and the c represents the first 8 characters of the correlation id associated with this request, or 0 if no correlation id is given.

The majority of errors in Canton-based systems are a result of request processing and are logged and returned to the user as described above. In other cases, errors occur due to background processes (i.e. network connection issues/transaction confirmation processing). Such errors are only logged.

Generally, we use the following log levels on the server:

  • INFO to log user errors where the error leads to a failure of the request but the system remains healthy.
  • WARN to log degradations of the system or point out unusual behaviour.
  • ERROR to log internal errors where the system does not behave properly and immediate attention is required.

On the client side, failures are considered to be errors and logged as such.

Error Categories

The error categories allow you to group errors such that application logic can be built to automatically deal with errors and decide whether to retry a request or escalate to the operator.

A full list of error categories is documented here.

Machine Readable Information

Every error on the API is constructed to allow automated and manual error handling. First, the error category maps to exactly one gRPC status code. Second, every error description (of the corresponding StatusRuntimeException.Status) starts with the error information (SOMETHING_NOT_SO_GOOD_HAPPENED(CN,x)), separated from a human readable description by a colon (“:”). The rest of the description is targeted to humans and should never be parsed by applications, as the description might change in future releases to improve clarity.

In addition to the status code and the description, the gRPC rich error model is used to convey additional, machine-readable information to the application.

Therefore, to support automatic error processing, an application may:

  • parse the error information from the beginning of the description to obtain the error-id, the error category and the component.
  • use the gRPC-code to get the set of possible error categories.
  • if present, use the ResourceInfo included as Status.details. Any request that fails due to some well-defined resource issues (contract, contract-key, package, party, template, domain) will contain these, calling out on what resource the failure is based on.
  • use the RetryInfo to determine the recommended retry interval (or make this decision based on the category / gRPC code).
  • use the RequestInfo.id as the correlation-id, included as Status.details.
  • use the ErrorInfo.reason as error-id and ErrorInfo.metadata("category") as error category, included as Status.details.

All this information is included in errors that are generated by components under our control and included as Status.details. As with Daml error codes described above, many errors include more information, but there is no guarantee that additional information will be preserved across versions.

Generally, automated error handling can be done on any level (e.g. load balancer using gRPC status codes, application using ErrorCategory or human reacting to error-ids). In most cases it is advisable to deal with errors on a per category basis and deal with error-ids in very specific situations which are application dependent. For example, a command failure with the message “CONTRACT_NOT_FOUND” may be an application failure in case the given application is the only actor on the contracts, whereas a “CONTRACT_NOT_FOUND” message is to be expected in a case where multiple independent actors operate on the ledger state.

Example

If an application submits a Daml transaction that exceeds the size limits enforced on a domain, the command will be rejected. Using the logs of one of our test cases, the participant node will log the following message:

2022-04-26 11:37:54,584 [GracefulRejectsIntegrationTestDefault-env-execution-context-30] INFO  c.d.c.p.p.TransactionProcessingSteps:participant=participant1/domain=da tid:13617c1bda402e54e016a6a17637cb20 - SEQUENCER_REQUEST_FAILED(2,13617c1b): Failed to send command err-context:{location=TransactionProcessingSteps.scala:449, sendError=RequestInvalid(Batch size (85134 bytes) is exceeding maximum size (27000 bytes) for domain da::12201253c344...)}

The machine-readable part of the error message appears as SEQUENCER_REQUEST_FAILED(2,13617c1b), mentioning the error id SEQUENCER_REQUEST_FAILED, the category ContentionOnSharedResources with id=2, and the correlation identifier 13617c1b. Please note that there is no guarantee on the name of the logger that is emitting the given error, as this name is internal and subject to change. The human-readable part of the log message should not be parsed, as we might subsequently improve the text.

The client will receive the error information as a Grpc error:

2022-04-26 11:37:54,923 [ScalaTest-run-running-GracefulRejectsIntegrationTestDefault] ERROR  c.d.c.i.EnterpriseEnvironmentDefinition$$anon$3 - Request failed for participant1.
    GrpcRequestRefusedByServer: ABORTED/SEQUENCER_REQUEST_FAILED(2,13617c1b): Failed to send command
    Request: SubmitAndWaitTransactionTree(actAs = participant1::1220baa5cd30..., commandId = '', workflowId = '', submissionId = '', deduplicationPeriod = None(), ledgerId = 'participant1', commands= ...)
    CorrelationId: 13617c1bda402e54e016a6a17637cb20
    RetryIn: 1 second
    Context: HashMap(participant -> participant1, test -> GracefulRejectsIntegrationTestDefault, domain -> da, sendError -> RequestInvalid(Batch size (85134 bytes) is exceeding maximum size (27000 bytes) for domain da::12201253c344...), definite_answer -> true)

Note that the second log is created by Daml tooling that prints the Grpc Status into the log files during tests. The actual Grpc error would be received by the application and would not be logged by the participant node in the given form.

Error Categories Inventory

The error categories allow you to group errors such that application logic can be built in a sensible way to automatically deal with errors and decide whether to retry a request or escalate to the operator.

TransientServerFailure

Category id: 1

gRPC status code: UNAVAILABLE

Default log level: INFO

Description: One of the services required to process the request was not available.

Resolution: Expectation: transient failure that should be handled by retrying the request with appropriate backoff.

Retry strategy: Retry quickly in load balancer.

ContentionOnSharedResources

Category id: 2

gRPC status code: ABORTED

Default log level: INFO

Description: The request could not be processed due to shared processing resources (e.g. locks or rate limits that replenish quickly) being occupied. If the resource is known (i.e. locked contract), it will be included as a resource info. (Not known resource contentions are e.g. overloaded networks where we just observe timeouts, but can’t pin-point the cause).

Resolution: Expectation: this is processing-flow level contention that should be handled by retrying the request with appropriate backoff.

Retry strategy: Retry quickly (indefinitely or limited), but do not retry in load balancer.

DeadlineExceededRequestStateUnknown

Category id: 3

gRPC status code: DEADLINE_EXCEEDED

Default log level: INFO

Description: The request might not have been processed, as its deadline expired before its completion was signalled. Note that for requests that change the state of the system, this error may be returned even if the request has completed successfully. Note that known and well-defined timeouts are signalled as [[ContentionOnSharedResources]], while this category indicates that the state of the request is unknown.

Resolution: Expectation: the deadline might have been exceeded due to transient resource congestion or due to a timeout in the request processing pipeline being too low. The transient errors might be solved by the application retrying. The non-transient errors will require operator intervention to change the timeouts.

Retry strategy: Retry for a limited number of times with deduplication.

SystemInternalAssumptionViolated

Category id: 4

gRPC status code: INTERNAL

Default log level: ERROR

Description: Request processing failed due to a violation of system internal invariants. This error is exposed on the API with grpc-status INTERNAL without any details for security reasons

Resolution: Expectation: this is due to a bug in the implementation or data corruption in the systems databases. Resolution will require operator intervention, and potentially vendor support.

Retry strategy: Retry after operator intervention.

AuthInterceptorInvalidAuthenticationCredentials

Category id: 6

gRPC status code: UNAUTHENTICATED

Default log level: WARN

Description: The request does not have valid authentication credentials for the operation. This error is exposed on the API with grpc-status UNAUTHENTICATED without any details for security reasons

Resolution: Expectation: this is an application bug, application misconfiguration or ledger-level misconfiguration. Resolution requires application and/or ledger operator intervention.

Retry strategy: Retry after application operator intervention.

InsufficientPermission

Category id: 7

gRPC status code: PERMISSION_DENIED

Default log level: WARN

Description: The caller does not have permission to execute the specified operation. This error is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons

Resolution: Expectation: this is an application bug or application misconfiguration. Resolution requires application operator intervention.

Retry strategy: Retry after application operator intervention.

SecurityAlert

Category id: 5

gRPC status code: INVALID_ARGUMENT

Default log level: WARN

Description: A potential attack or a faulty peer component has been detected. This error is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.

Resolution: Expectation: this can be a severe issue that requires operator attention or intervention, and potentially vendor support. It means that the system has detected invalid information that can be attributed to either faulty or malicious manipulation of data coming from a peer source.

Retry strategy: Errors in this category are non-retryable.

InvalidIndependentOfSystemState

Category id: 8

gRPC status code: INVALID_ARGUMENT

Default log level: INFO

Description: The request is invalid independent of the state of the system.

Resolution: Expectation: this is an application bug or ledger-level misconfiguration (e.g. request size limits). Resolution requires application and/or ledger operator intervention.

Retry strategy: Retry after application operator intervention.

InvalidGivenCurrentSystemStateOther

Category id: 9

gRPC status code: FAILED_PRECONDITION

Default log level: INFO

Description: The mutable state of the system does not satisfy the preconditions required to execute the request. We consider the whole Daml ledger including ledger config, parties, packages, users and command deduplication to be mutable system state. Thus all Daml interpretation errors are reported as this error or one of its specializations.

Resolution: ALREADY_EXISTS and NOT_FOUND are special cases for the existence and non-existence of well-defined entities within the system state; e.g., a .dalf package, contracts ids, contract keys, or a transaction at an offset. OUT_OF_RANGE is a special case for reading past a range. Violations of the Daml ledger model always result in these kinds of errors. Expectation: this is due to application-level bugs, misconfiguration or contention on application-visible resources; and might be resolved by retrying later, or after changing the state of the system. Handling these errors requires an application-specific strategy and/or operator intervention.

Retry strategy: Retry after application operator intervention.

InvalidGivenCurrentSystemStateResourceExists

Category id: 10

gRPC status code: ALREADY_EXISTS

Default log level: INFO

Description: Special type of InvalidGivenCurrentSystemState referring to a well-defined resource.

Resolution: Same as [[InvalidGivenCurrentSystemStateOther]].

Retry strategy: Inspect resource failure and retry after resource failure has been resolved (depends on type of resource and application).

InvalidGivenCurrentSystemStateResourceMissing

Category id: 11

gRPC status code: NOT_FOUND

Default log level: INFO

Description: Special type of InvalidGivenCurrentSystemState referring to a well-defined resource.

Resolution: Same as [[InvalidGivenCurrentSystemStateOther]].

Retry strategy: Inspect resource failure and retry after resource failure has been resolved (depends on type of resource and application).

InvalidGivenCurrentSystemStateSeekAfterEnd

Category id: 12

gRPC status code: OUT_OF_RANGE

Default log level: INFO

Description: This error is only used by the Ledger API server in connection with invalid offsets.

Resolution: Expectation: this error is only used by the Ledger API server in connection with invalid offsets.

Retry strategy: Retry after application operator intervention.

BackgroundProcessDegradationWarning

Category id: 13

gRPC status code: N/A

Default log level: WARN

Description: This error category is used internally to signal to the system operator an internal degradation.

Resolution: Inspect details of the specific error for more information.

Retry strategy: Not an API error, therefore not retryable.

InternalUnsupportedOperation

Category id: 14

gRPC status code: UNIMPLEMENTED

Default log level: ERROR

Description: This error category is used to signal that an unimplemented code-path has been triggered by a client or participant operator request. This error is exposed on the API with grpc-status UNIMPLEMENTED without any details for security reasons

Resolution: This error is caused by a ledger-level misconfiguration or by an implementation bug. Resolution requires participant operator intervention.

Retry strategy: Errors in this category are non-retryable.

Error Codes Inventory - Daml

1. ParticipantErrorGroup

1.1. ParticipantErrorGroup / CommonErrors

Common errors raised in Daml services and components.

REQUEST_TIME_OUT

Explanation: This rejection is given when a request processing status is not known and a time-out is reached.

Category: DeadlineExceededRequestStateUnknown

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status DEADLINE_EXCEEDED including a detailed error message.

Resolution: Retry for transient problems. If non-transient contact the operator as the time-out limit might be too short.

SERVER_IS_SHUTTING_DOWN

Explanation: This rejection is given when the participant server is shutting down.

Category: TransientServerFailure

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.

Resolution: Contact the participant operator.

SERVICE_INTERNAL_ERROR

Explanation: This error occurs if one of the services encountered an unexpected exception.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Contact support.

SERVICE_NOT_RUNNING

Explanation: This rejection is given when the requested service has already been closed.

Category: TransientServerFailure

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.

Resolution: Retry re-submitting the request. If the error persists, contact the participant operator.

UNSUPPORTED_OPERATION

Explanation: This error category is used to signal that an unimplemented code-path has been triggered by a client or participant operator request.

Category: InternalUnsupportedOperation

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status UNIMPLEMENTED without any details for security reasons.

Resolution: This error is caused by a participant node misconfiguration or by an implementation bug. Resolution requires participant operator intervention.

1.2. ParticipantErrorGroup / IndexErrors

Errors raised by the Participant Index persistence layer.

1.2.1. ParticipantErrorGroup / IndexErrors / DatabaseErrors

INDEX_DB_SQL_NON_TRANSIENT_ERROR

Explanation: This error occurs if a non-transient error arises when executing a query against the index database.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Contact the participant operator.

INDEX_DB_SQL_TRANSIENT_ERROR

Explanation: This error occurs if a transient error arises when executing a query against the index database.

Category: TransientServerFailure

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.

Resolution: Re-submit the request.

1.3. ParticipantErrorGroup / LedgerApiErrors

Errors raised by or forwarded by the Ledger API.

LEDGER_API_INTERNAL_ERROR

Explanation: This error occurs if there was an unexpected error in the Ledger API.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Contact support.

1.3.1. ParticipantErrorGroup / LedgerApiErrors / AdminServices

Errors raised by Ledger API admin services.

CONFIGURATION_ENTRY_REJECTED

Explanation: This rejection is given when a new configuration is rejected.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Fetch newest configuration and/or retry.

1.3.1.1. ParticipantErrorGroup / LedgerApiErrors / AdminServices / IdentityProviderConfigServiceErrorGroup

IDP_CONFIG_ALREADY_EXISTS

Explanation: There already exists an identity provider configuration with the same identity provider id.

Category: InvalidGivenCurrentSystemStateResourceExists

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.

Resolution: Check that you are connecting to the right participant node and the identity provider id is spelled correctly, or use an identity provider that already exists.

IDP_CONFIG_ISSUER_ALREADY_EXISTS

Explanation: There already exists an identity provider configuration with the same issuer.

Category: InvalidGivenCurrentSystemStateResourceExists

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.

Resolution: Check that you are connecting to the right participant node and the identity provider id is spelled correctly, or use an identity provider that already exists.

IDP_CONFIG_NOT_FOUND

Explanation: The identity provider config referred to by the request was not found.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Check that you are connecting to the right participant node and the identity provider config is spelled correctly, or create the configuration.

INVALID_IDENTITY_PROVIDER_UPDATE_REQUEST

Explanation: There was an attempt to update an identity provider config using an invalid update request.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.

1.3.1.2. ParticipantErrorGroup / LedgerApiErrors / AdminServices / PartyManagementServiceErrorGroup

CONCURRENT_PARTY_DETAILS_UPDATE_DETECTED

Explanation: Concurrent updates to a party can be controlled by supplying an update request with a resource version (this is optional). A party’s resource version can be obtained by reading the party on the Ledger API. There was attempt to update a party using a stale resource version, indicating that a different process had updated the party earlier.

Category: ContentionOnSharedResources

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.

Resolution: Read this party again to obtain its most recent state and in particular its most recent resource version. Use the obtained information to build and send a new update request.

INVALID_PARTY_DETAILS_UPDATE_REQUEST

Explanation: There was an attempt to update a party using an invalid update request.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.

PARTY_NOT_FOUND

Explanation: The party referred to by the request was not found.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Check that you are connecting to the right participant node and that the party is spelled correctly.

1.3.1.3. ParticipantErrorGroup / LedgerApiErrors / AdminServices / UserManagementServiceErrorGroup

CONCURRENT_USER_UPDATE_DETECTED

Explanation: Concurrent updates to a user can be controlled by supplying an update request with a resource version (this is optional). A user’s resource version can be obtained by reading the user on the Ledger API. There was attempt to update a user using a stale resource version, indicating that a different process had updated the user earlier.

Category: ContentionOnSharedResources

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.

Resolution: Read this user again to obtain its most recent state and in particular its most recent resource version. Use the obtained information to build and send a new update request.

INVALID_USER_UPDATE_REQUEST

Explanation: There was an attempt to update a user using an invalid update request.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.

TOO_MANY_USER_RIGHTS

Explanation: A user can have only a limited number of user rights. There was an attempt to create a user with too many rights or grant too many rights to a user.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Retry with a smaller number of rights or delete some of the already existing rights of this user. Contact the participant operator if the limit is too low.

USER_ALREADY_EXISTS

Explanation: There already exists a user with the same user-id.

Category: InvalidGivenCurrentSystemStateResourceExists

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.

Resolution: Check that you are connecting to the right participant node and the user-id is spelled correctly, or use the user that already exists.

USER_NOT_FOUND

Explanation: The user referred to by the request was not found.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Check that you are connecting to the right participant node and the user-id is spelled correctly, if yes, create the user.

1.3.2. ParticipantErrorGroup / LedgerApiErrors / AuthorizationChecks

Authentication and authorization errors.

INTERNAL_AUTHORIZATION_ERROR

Explanation: An internal system authorization error occurred.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Contact the participant operator.

PERMISSION_DENIED

Explanation: This rejection is given if the supplied authorization token is not sufficient for the intended command. The exact reason is logged on the participant, but not given to the user for security reasons.

Category: InsufficientPermission

Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons.

Resolution: Inspect your command and your token or ask your participant operator for an explanation why this command failed.

STALE_STREAM_AUTHORIZATION

Explanation: The stream was aborted because the authenticated user’s rights changed, and the user might thus no longer be authorized to this stream.

Category: ContentionOnSharedResources

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.

Resolution: The application should automatically retry fetching the stream. It will either succeed, or fail with an explicit denial of authentication or permission.

UNAUTHENTICATED

Explanation: This rejection is given if the submitted command does not contain a JWT token on a participant enforcing JWT authentication.

Category: AuthInterceptorInvalidAuthenticationCredentials

Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status UNAUTHENTICATED without any details for security reasons.

Resolution: Ask your participant operator to provide you with an appropriate JWT token.

1.3.3. ParticipantErrorGroup / LedgerApiErrors / CommandExecution

Errors raised during the command execution phase of the command submission evaluation.

1.3.3.1. ParticipantErrorGroup / LedgerApiErrors / CommandExecution / Interpreter

Errors raised during the command interpretation phase of the command submission evaluation.

CONTRACT_DOES_NOT_IMPLEMENT_INTERFACE

Explanation: This error occurs when you try to coerce/use a contract via an interface that it does not implement.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Ensure the contract you are calling does implement the interface you are using to do so. Avoid writing LF/low-level interface implementation classes manually.

CONTRACT_DOES_NOT_IMPLEMENT_REQUIRING_INTERFACE

Explanation: This error occurs when you try to create/use a contract that does not implement the requiring interfaces of some other interface that it does implement.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Ensure you implement all required interfaces correctly, and avoid writing LF/low-level interface implementation classes manually.

CONTRACT_ID_COMPARABILITY

Explanation: This error occurs when you attempt to compare a global and local contract ID of the same discriminator.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Avoid constructing contract IDs manually.

CONTRACT_ID_IN_CONTRACT_KEY

Explanation: This error occurs when a contract key contains a contract ID, which is illegal for hashing reasons.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Ensure your contracts key field cannot contain a contract ID.

CONTRACT_NOT_ACTIVE

Explanation: This error occurs if an exercise or fetch happens on a transaction-locally consumed contract.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: This error indicates an application error.

CREATE_EMPTY_CONTRACT_KEY_MAINTAINERS

Explanation: This error occurs when you try to create a contract that has a key, but with empty maintainers.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Check the definition of the contract key’s maintainers, and ensure this list won’t be empty given your creation arguments.

DAML_AUTHORIZATION_ERROR

Explanation: This error occurs if a Daml transaction fails due to an authorization error. An authorization means that the Daml transaction computed a different set of required submitters than you have provided during the submission as actAs parties.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: This error type occurs if there is an application error.

DISCLOSED_CONTRACT_KEY_HASHING_ERROR

Explanation: This error occurs if a user attempts to provide a key hash for a disclosed contract which we have already cached to be different.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Ensure the contract ID and contract payload you have provided in your disclosed contract is correct.

FETCH_EMPTY_CONTRACT_KEY_MAINTAINERS

Explanation: This error occurs when you try to fetch a contract by key, but that key would have empty maintainers.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Check the definition of the contract key’s maintainers, and ensure this list won’t be empty given the contract key you are fetching.

NON_COMPARABLE_VALUES

Explanation: This error occurs when you attempt to compare two values of different types using the built-in comparison types.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Avoid using the low level comparison build, and instead use the Eq class.

TEMPLATE_PRECONDITION_VIOLATED

Explanation: This error occurs when a contract’s pre-condition (the ensure clause) is violated on contract creation.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Ensure the contract argument you are passing into your create doesn’t violate the conditions of the contract.

UNHANDLED_EXCEPTION

Explanation: This error occurs when a user throws an error and does not catch it with try-catch.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Either your error handling in a choice body is insufficient, or you are using a contract incorrectly.

VALUE_NESTING

Explanation: This error occurs when you nest values too deeply.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Restructure your code and reduce value nesting.

WRONGLY_TYPED_CONTRACT

Explanation: This error occurs when you try to fetch/use a contract in some way with a contract ID that doesn’t match the template type on the ledger.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Ensure the contract IDs you are using are of the type we expect on the ledger. Avoid unsafely coercing contract IDs.

1.3.3.1.1. ParticipantErrorGroup / LedgerApiErrors / CommandExecution / Interpreter / LookupErrors

Errors raised in lookups during the command interpretation phase.

CONTRACT_KEY_NOT_FOUND

Explanation: This error occurs if the Daml engine interpreter cannot resolve a contract key to an active contract. This can be caused by either the contract key not being known to the participant, or not being known to the submitting parties or the contract representing an already archived key.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: This error type occurs if there is contention on a contract.

1.3.3.2. ParticipantErrorGroup / LedgerApiErrors / CommandExecution / Preprocessing

Errors raised during command conversion to the internal data representation.

COMMAND_PREPROCESSING_FAILED

Explanation: This error occurs if a command fails during interpreter pre-processing.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect error details and correct your application.

1.3.4. ParticipantErrorGroup / LedgerApiErrors / ConsistencyErrors

Potential consistency errors raised due to race conditions during command submission or returned as submission rejections by the backing ledger.

CONTRACT_NOT_FOUND

Explanation: This error occurs if the Daml engine can not find a referenced contract. This can be caused by either the contract not being known to the participant, or not being known to the submitting parties or already being archived.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: This error type occurs if there is contention on a contract.

DUPLICATE_COMMAND

Explanation: A command with the given command id has already been successfully processed.

Category: InvalidGivenCurrentSystemStateResourceExists

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.

Resolution: The correct resolution depends on the use case. If the error received pertains to a submission retried due to a timeout, do nothing, as the previous command has already been accepted. If the intent is to submit a new command, re-submit using a distinct command id.

DUPLICATE_CONTRACT_KEY

Explanation: This error signals that within the transaction we got to a point where two contracts with the same key were active.

Category: InvalidGivenCurrentSystemStateResourceExists

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.

Resolution: This error indicates an application error.

INCONSISTENT_CONTRACT_KEY

Explanation: An input contract key was re-assigned to a different contract by a concurrent transaction submission.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Retry the transaction submission.

SUBMISSION_ALREADY_IN_FLIGHT

Explanation: Another command submission with the same change ID (application ID, command ID, actAs) is already being processed.

Category: ContentionOnSharedResources

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.

Resolution: Listen to the command completion stream until a completion for the in-flight command submission is published. Alternatively, resubmit the command. If the in-flight submission has finished successfully by then, this will return more detailed information about the earlier one. If the in-flight submission has failed by then, the resubmission will attempt to record the new transaction on the ledger.

1.3.5. ParticipantErrorGroup / LedgerApiErrors / PackageServiceError

Errors raised by the Package Management Service on package uploads.

DAR_NOT_SELF_CONSISTENT

Explanation: This error indicates that the uploaded Dar is broken because it is missing internal dependencies.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Contact the supplier of the Dar.

DAR_VALIDATION_ERROR

Explanation: This error indicates that the validation of the uploaded dar failed.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error message and contact support.

PACKAGE_SERVICE_INTERNAL_ERROR

Explanation: This error indicates an internal issue within the package service.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Inspect the error message and contact support.

1.3.5.1. ParticipantErrorGroup / LedgerApiErrors / PackageServiceError / Reading

Package parsing errors raised during package upload.

INVALID_DAR

Explanation: This error indicates that the supplied dar file was invalid.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error message for details and contact support.

INVALID_ZIP_ENTRY

Explanation: This error indicates that the supplied zipped dar file was invalid.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the error message for details and contact support.

ZIP_BOMB

Explanation: This error indicates that the supplied zipped dar is regarded as zip-bomb.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the dar and contact support.

1.3.6. ParticipantErrorGroup / LedgerApiErrors / RequestValidation

Validation errors raised when evaluating requests in the Ledger API.

INVALID_ARGUMENT

Explanation: This error is emitted when a submitted ledger API command contains an invalid argument.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the reason given and correct your application.

INVALID_DEDUPLICATION_PERIOD

Explanation: This error is emitted when a submitted ledger API command specifies an invalid deduplication period.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Inspect the error message, adjust the value of the deduplication period or ask the participant operator to increase the maximum deduplication period.

INVALID_FIELD

Explanation: This error is emitted when a submitted ledger API command contains a field value that cannot be understood.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the reason given and correct your application.

LEDGER_ID_MISMATCH

Explanation: Every ledger API command contains a ledger-id which is verified against the running ledger. This error indicates that the provided ledger-id does not match the expected one.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Ensure that your application is correctly configured to use the correct ledger.

MISSING_FIELD

Explanation: This error is emitted when a mandatory field is not set in a submitted ledger API command.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Inspect the reason given and correct your application.

NON_HEXADECIMAL_OFFSET

Explanation: The supplied offset could not be converted to a binary offset.

Category: InvalidIndependentOfSystemState

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.

Resolution: Ensure the offset is specified as a hexadecimal string.

OFFSET_AFTER_LEDGER_END

Explanation: This rejection is given when a read request uses an offset beyond the current ledger end.

Category: InvalidGivenCurrentSystemStateSeekAfterEnd

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status OUT_OF_RANGE including a detailed error message.

Resolution: Use an offset that is before the ledger end.

OFFSET_OUT_OF_RANGE

Explanation: This rejection is given when a read request uses an offset invalid in the requests’ context.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Inspect the error message and use a valid offset.

PARTICIPANT_PRUNED_DATA_ACCESSED

Explanation: This rejection is given when a read request tries to access pruned data.

Category: InvalidGivenCurrentSystemStateOther

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.

Resolution: Use an offset that is after the pruning offset.

1.3.6.1. ParticipantErrorGroup / LedgerApiErrors / RequestValidation / NotFound

LEDGER_CONFIGURATION_NOT_FOUND

Explanation: The ledger configuration could not be retrieved. This could happen due to incomplete initialization of the participant or due to an internal system error.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Contact the participant operator.

PACKAGE_NOT_FOUND

Explanation: This rejection is given when a read request tries to access a package which does not exist on the ledger.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Use a package id pertaining to a package existing on the ledger.

TEMPLATES_OR_INTERFACES_NOT_FOUND

Explanation: The queried template or interface ids do not exist.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Use valid template or interface ids in your query or ask the participant operator to upload the package containing the necessary interfaces/templates.

TRANSACTION_NOT_FOUND

Explanation: The transaction does not exist or the requesting set of parties are not authorized to fetch it.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Check the transaction id and verify that the requested transaction is visible to the requesting parties.

1.3.7. ParticipantErrorGroup / LedgerApiErrors / WriteServiceRejections

Generic submission rejection errors returned by the backing ledger’s write service.

DISPUTED

Deprecation: Corresponds to transaction submission rejections that are not produced anymore. Since: 1.18.0

Explanation: An invalid transaction submission was not detected by the participant.

Category: SystemInternalAssumptionViolated

Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.

Resolution: Contact support.

OUT_OF_QUOTA

Deprecation: Corresponds to transaction submission rejections that are not produced anymore. Since: 1.18.0

Explanation: The Participant node did not have sufficient resource quota to submit the transaction.

Category: ContentionOnSharedResources

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.

Resolution: Inspect the error message and retry after after correcting the underlying issue.

PARTY_NOT_KNOWN_ON_LEDGER

Explanation: One or more informee parties have not been allocated.

Category: InvalidGivenCurrentSystemStateResourceMissing

Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.

Resolution: Check that all the informee party identifiers are correct, allocate all the informee parties, request their allocation or wait for them to be allocated before retrying the transaction submission.

Error Codes Inventory - Canton

1. GrpcErrors

ABORTED_DUE_TO_SHUTDOWN

  • Explanation: This error is returned when processing of the request was aborted due to the node shutting down.
  • Resolution: Retry the request against an active and available node.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: ABORTED_DUE_TO_SHUTDOWN

2. ParticipantErrorGroup

2.1. Errors

ACS_COMMITMENT_INTERNAL_ERROR

  • Explanation: This error indicates that there was an internal error within the ACS commitment processing.
  • Resolution: Inspect error message for details.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side.
  • Scaladocs: ACS_COMMITMENT_INTERNAL_ERROR

2.1.1. MismatchError

ACS_COMMITMENT_ALARM

  • Explanation: The participant has detected that another node is behaving maliciously.
  • Resolution: Contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: ACS_COMMITMENT_ALARM

ACS_COMMITMENT_MISMATCH

  • Explanation: This error indicates that a remote participant has sent a commitment over an ACS for a period which does not match the local commitment. This error occurs if a remote participant has manually changed contracts using repair, or due to byzantine behavior, or due to malfunction of the system. The consequence is that the ledger is forked, and some commands that should pass will not.
  • Resolution: Please contact the other participant in order to check the cause of the mismatch. Either repair the store of this participant or of the counterparty.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: ACS_COMMITMENT_MISMATCH

ACS_MISMATCH_NO_SHARED_CONTRACTS

  • Explanation: This error indicates that a remote participant has sent a commitment over an ACS for a period, while this participant does not think that there is a shared contract state. This error occurs if a remote participant has manually changed contracts using repair, or due to byzantine behavior, or due to malfunction of the system. The consequence is that the ledger is forked, and some commands that should pass will not.
  • Resolution: Please contact the other participant in order to check the cause of the mismatch. Either repair the store of this participant or of the counterparty.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: ACS_MISMATCH_NO_SHARED_CONTRACTS

2.2. LedgerApiErrorGroup

2.2.1. CommandExecutionErrors

FAILED_TO_DETERMINE_LEDGER_TIME

  • Explanation: This error occurs if the participant fails to determine the max ledger time of the used contracts. Most likely, this means that one of the contracts is not active anymore which can happen under contention. It can also happen with contract keys.
  • Resolution: Retry the transaction submission.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: FAILED_TO_DETERMINE_LEDGER_TIME

INTERPRETATION_TIME_EXCEEDED

  • Explanation: This error occurs when the interpretation of a command exceeded the time limit, defined as the maximum time that can be assigned by the ledger when it starts processing the command. It corresponds to the time assigned upon submission by the participant (the ledger time) + a tolerance defined by the ledgerTimeToRecordTimeTolerance ledger configuration parameter. Reasons for exceeding this limit can vary: the participant may be under high load, the command interpretation may be very complex, or even run into an infinite loop due to a mistake in the Daml code.
  • Resolution: Due to the halting problem, we cannot determine whether the interpretation will eventually complete. As a developer: inspect your code for possible non-terminating loops or consider reducing its complexity. As an operator: check and possibly update the resources allocated to the system, as well as the time-related configuration parameters (see “Time on Daml Ledgers” in the “Daml Ledger Model Concepts” doc section and the set_ledger_time_record_time_tolerance console command).
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: INTERPRETATION_TIME_EXCEEDED

2.2.1.1. Package

ALLOWED_LANGUAGE_VERSIONS

  • Explanation: This error indicates that the uploaded DAR is based on an unsupported language version.
  • Resolution: Use a DAR compiled with a language version that this participant supports.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: ALLOWED_LANGUAGE_VERSIONS

PACKAGE_VALIDATION_FAILED

  • Explanation: This error occurs if a package referred to by a command fails validation. This should not happen as packages are validated when being uploaded.
  • Resolution: Contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: PACKAGE_VALIDATION_FAILED

2.2.1.2. Preprocessing

COMMAND_PREPROCESSING_FAILED

  • Explanation: This error occurs if a command fails during interpreter pre-processing.
  • Resolution: Inspect error details and correct your application.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: COMMAND_PREPROCESSING_FAILED

2.2.1.3. Interpreter

CONTRACT_DOES_NOT_IMPLEMENT_INTERFACE

  • Explanation: This error occurs when you try to coerce/use a contract via an interface that it does not implement.
  • Resolution: Ensure the contract you are calling does implement the interface you are using to do so. Avoid writing LF/low-level interface implementation classes manually.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: CONTRACT_DOES_NOT_IMPLEMENT_INTERFACE

CONTRACT_DOES_NOT_IMPLEMENT_REQUIRING_INTERFACE

  • Explanation: This error occurs when you try to create/use a contract that does not implement the requiring interfaces of some other interface that it does implement.
  • Resolution: Ensure you implement all required interfaces correctly, and avoid writing LF/low-level interface implementation classes manually.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: CONTRACT_DOES_NOT_IMPLEMENT_REQUIRING_INTERFACE

CONTRACT_ID_COMPARABILITY

  • Explanation: This error occurs when you attempt to compare a global and local contract ID of the same discriminator.
  • Resolution: Avoid constructing contract IDs manually.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: CONTRACT_ID_COMPARABILITY

CONTRACT_ID_IN_CONTRACT_KEY

  • Explanation: This error occurs when a contract key contains a contract ID, which is illegal for hashing reasons.
  • Resolution: Ensure your contracts key field cannot contain a contract ID.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: CONTRACT_ID_IN_CONTRACT_KEY

CONTRACT_NOT_ACTIVE

  • Explanation: This error occurs if an exercise or fetch happens on a transaction-locally consumed contract.
  • Resolution: This error indicates an application error.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: CONTRACT_NOT_ACTIVE

CREATE_EMPTY_CONTRACT_KEY_MAINTAINERS

  • Explanation: This error occurs when you try to create a contract that has a key, but with empty maintainers.
  • Resolution: Check the definition of the contract key’s maintainers, and ensure this list won’t be empty given your creation arguments.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: CREATE_EMPTY_CONTRACT_KEY_MAINTAINERS

DAML_AUTHORIZATION_ERROR

  • Explanation: This error occurs if a Daml transaction fails due to an authorization error. An authorization means that the Daml transaction computed a different set of required submitters than you have provided during the submission as actAs parties.
  • Resolution: This error type occurs if there is an application error.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DAML_AUTHORIZATION_ERROR

DAML_INTERPRETATION_ERROR

  • Explanation: This error occurs if a Daml transaction fails during interpretation.
  • Resolution: This error type occurs if there is an application error.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DAML_INTERPRETATION_ERROR

DAML_INTERPRETER_INVALID_ARGUMENT

  • Explanation: This error occurs if a Daml transaction fails during interpretation due to an invalid argument.
  • Resolution: This error type occurs if there is an application error.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DAML_INTERPRETER_INVALID_ARGUMENT

DISCLOSED_CONTRACT_KEY_HASHING_ERROR

  • Explanation: This error occurs if a user attempts to provide a key hash for a disclosed contract which we have already cached to be different.
  • Resolution: Ensure the contract ID and contract payload you have provided in your disclosed contract is correct.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DISCLOSED_CONTRACT_KEY_HASHING_ERROR

FETCH_EMPTY_CONTRACT_KEY_MAINTAINERS

  • Explanation: This error occurs when you try to fetch a contract by key, but that key would have empty maintainers.
  • Resolution: Check the definition of the contract key’s maintainers, and ensure this list won’t be empty given the contract key you are fetching.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: FETCH_EMPTY_CONTRACT_KEY_MAINTAINERS

INTERPRETATION_DEV_ERROR

  • Explanation: This error is a catch-all for errors thrown by in-development features, and should never be thrown in production.
  • Resolution: See the error message for details of the specific in-development feature error. If this is production, avoid using development features.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INTERPRETATION_DEV_ERROR

INTERPRETATION_USER_ERROR

  • Explanation: This error occurs when a user calls abort or error on an LF version before native exceptions were introduced.
  • Resolution: Either remove the call to abort, error or perhaps assert, or ensure you are exercising your contract choice as the author expects.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INTERPRETATION_USER_ERROR

NON_COMPARABLE_VALUES

  • Explanation: This error occurs when you attempt to compare two values of different types using the built-in comparison types.
  • Resolution: Avoid using the low level comparison build, and instead use the Eq class.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: NON_COMPARABLE_VALUES

TEMPLATE_PRECONDITION_VIOLATED

  • Explanation: This error occurs when a contract’s pre-condition (the ensure clause) is violated on contract creation.
  • Resolution: Ensure the contract argument you are passing into your create doesn’t violate the conditions of the contract.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: TEMPLATE_PRECONDITION_VIOLATED

UNHANDLED_EXCEPTION

  • Explanation: This error occurs when a user throws an error and does not catch it with try-catch.
  • Resolution: Either your error handling in a choice body is insufficient, or you are using a contract incorrectly.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNHANDLED_EXCEPTION

VALUE_NESTING

  • Explanation: This error occurs when you nest values too deeply.
  • Resolution: Restructure your code and reduce value nesting.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: VALUE_NESTING

WRONGLY_TYPED_CONTRACT

  • Explanation: This error occurs when you try to fetch/use a contract in some way with a contract ID that doesn’t match the template type on the ledger.
  • Resolution: Ensure the contract IDs you are using are of the type we expect on the ledger. Avoid unsafely coercing contract IDs.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: WRONGLY_TYPED_CONTRACT

2.2.1.3.1. LookupErrors

CONTRACT_KEY_NOT_FOUND

  • Explanation: This error occurs if the Daml engine interpreter cannot resolve a contract key to an active contract. This can be caused by either the contract key not being known to the participant, or not being known to the submitting parties or the contract representing an already archived key.
  • Resolution: This error type occurs if there is contention on a contract.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: CONTRACT_KEY_NOT_FOUND

2.2.2. AdminServicesErrorGroup

2.2.2.1. PartyManagementServiceErrors

CONCURRENT_PARTY_DETAILS_UPDATE_DETECTED

  • Explanation: Concurrent updates to a party can be controlled by supplying an update request with a resource version (this is optional). A party’s resource version can be obtained by reading the party on the Ledger API. There was attempt to update a party using a stale resource version, indicating that a different process had updated the party earlier.
  • Resolution: Read this party again to obtain its most recent state and in particular its most recent resource version. Use the obtained information to build and send a new update request.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: CONCURRENT_PARTY_DETAILS_UPDATE_DETECTED

INTERNAL_PARTY_RECORD_ALREADY_EXISTS

  • Explanation: Each on-ledger party known to this participant node can have a participant’s local metadata assigned to it. The local information about a party referred to by this request was found when it should have been not found.
  • Resolution: This error can indicate a problem with the server’s storage or implementation.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNAL_PARTY_RECORD_ALREADY_EXISTS

INTERNAL_PARTY_RECORD_NOT_FOUND

  • Explanation: Each on-ledger party known to this participant node can have a participant’s local metadata assigned to it. The local information about a party referred to by this request was not found when it should have been found.
  • Resolution: This error can indicate a problem with the server’s storage or implementation.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNAL_PARTY_RECORD_NOT_FOUND

INVALID_PARTY_DETAILS_UPDATE_REQUEST

  • Explanation: There was an attempt to update a party using an invalid update request.
  • Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_PARTY_DETAILS_UPDATE_REQUEST

MAX_PARTY_DETAILS_ANNOTATIONS_SIZE_EXCEEDED

  • Explanation: A party can have at most 256kb worth of annotations in total measured in number of bytes in UTF-8 encoding. There was an attempt to allocate or update a party such that this limit would have been exceeded.
  • Resolution: Retry with fewer annotations or delete some of the party’s existing annotations.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: MAX_PARTY_DETAILS_ANNOTATIONS_SIZE_EXCEEDED

PARTY_NOT_FOUND

  • Explanation: The party referred to by the request was not found.
  • Resolution: Check that you are connecting to the right participant node and that the party is spelled correctly.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: PARTY_NOT_FOUND

2.2.2.2. UserManagementServiceErrors

CONCURRENT_USER_UPDATE_DETECTED

  • Explanation: Concurrent updates to a user can be controlled by supplying an update request with a resource version (this is optional). A user’s resource version can be obtained by reading the user on the Ledger API. There was attempt to update a user using a stale resource version, indicating that a different process had updated the user earlier.
  • Resolution: Read this user again to obtain its most recent state and in particular its most recent resource version. Use the obtained information to build and send a new update request.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: CONCURRENT_USER_UPDATE_DETECTED

INVALID_USER_UPDATE_REQUEST

  • Explanation: There was an attempt to update a user using an invalid update request.
  • Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_USER_UPDATE_REQUEST

MAX_USER_ANNOTATIONS_SIZE_EXCEEDED

  • Explanation: A user can have at most 256kb worth of annotations in total measured in number of bytes in UTF-8 encoding. There was an attempt to create or update a user such that this limit would have been exceeded.
  • Resolution: Retry with fewer annotations or delete some of the user’s existing annotations.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: MAX_USER_ANNOTATIONS_SIZE_EXCEEDED

TOO_MANY_USER_RIGHTS

  • Explanation: A user can have only a limited number of user rights. There was an attempt to create a user with too many rights or grant too many rights to a user.
  • Resolution: Retry with a smaller number of rights or delete some of the already existing rights of this user. Contact the participant operator if the limit is too low.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: TOO_MANY_USER_RIGHTS

USER_ALREADY_EXISTS

  • Explanation: There already exists a user with the same user-id.
  • Resolution: Check that you are connecting to the right participant node and the user-id is spelled correctly, or use the user that already exists.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: USER_ALREADY_EXISTS

USER_NOT_FOUND

  • Explanation: The user referred to by the request was not found.
  • Resolution: Check that you are connecting to the right participant node and the user-id is spelled correctly, if yes, create the user.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: USER_NOT_FOUND

2.2.2.3. IdentityProviderConfigServiceErrors

IDP_CONFIG_ALREADY_EXISTS

  • Explanation: There already exists an identity provider configuration with the same identity provider id.
  • Resolution: Check that you are connecting to the right participant node and the identity provider id is spelled correctly, or use an identity provider that already exists.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: IDP_CONFIG_ALREADY_EXISTS

IDP_CONFIG_BY_ISSUER_NOT_FOUND

  • Explanation: The identity provider config referred to by the request was not found.
  • Resolution: Check that you are connecting to the right participant node and the identity provider config is spelled correctly, or create the configuration.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: IDP_CONFIG_BY_ISSUER_NOT_FOUND

IDP_CONFIG_ISSUER_ALREADY_EXISTS

  • Explanation: There already exists an identity provider configuration with the same issuer.
  • Resolution: Check that you are connecting to the right participant node and the identity provider id is spelled correctly, or use an identity provider that already exists.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: IDP_CONFIG_ISSUER_ALREADY_EXISTS

IDP_CONFIG_NOT_FOUND

  • Explanation: The identity provider config referred to by the request was not found.
  • Resolution: Check that you are connecting to the right participant node and the identity provider config is spelled correctly, or create the configuration.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: IDP_CONFIG_NOT_FOUND

INVALID_IDENTITY_PROVIDER_UPDATE_REQUEST

  • Explanation: There was an attempt to update an identity provider config using an invalid update request.
  • Resolution: Inspect the error details for specific information on what made the request invalid. Retry with an adjusted update request.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_IDENTITY_PROVIDER_UPDATE_REQUEST

TOO_MANY_IDENTITY_PROVIDER_CONFIGS

  • Explanation: A system can have only a limited number of identity provider configurations. There was an attempt to create an identity provider configuration.
  • Resolution: Delete some of the already existing identity provider configurations. Contact the participant operator if the limit is too low.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: TOO_MANY_IDENTITY_PROVIDER_CONFIGS

2.2.3. AdminServiceErrors

CONFIGURATION_ENTRY_REJECTED

  • Explanation: This rejection is given when a new configuration is rejected.
  • Resolution: Fetch newest configuration and/or retry.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: CONFIGURATION_ENTRY_REJECTED

INTERNALLY_INVALID_KEY

  • Explanation: A cryptographic key used by the configured system is not valid
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNALLY_INVALID_KEY

PACKAGE_UPLOAD_REJECTED

  • Explanation: This rejection is given when a package upload is rejected.
  • Resolution: Refer to the detailed message of the received error.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PACKAGE_UPLOAD_REJECTED

2.2.4. ConsistencyErrors

CONTRACT_NOT_FOUND

  • Explanation: This error occurs if the Daml engine can not find a referenced contract. This can be caused by either the contract not being known to the participant, or not being known to the submitting parties or already being archived.
  • Resolution: This error type occurs if there is contention on a contract.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: CONTRACT_NOT_FOUND

DISCLOSED_CONTRACT_INVALID

  • Explanation: This error occurs if the disclosed payload or metadata of one of the contracts does not match the actual payload or metadata of the contract.
  • Resolution: Re-submit the command using valid disclosed contract payload and metadata.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DISCLOSED_CONTRACT_INVALID

DUPLICATE_COMMAND

  • Explanation: A command with the given command id has already been successfully processed.
  • Resolution: The correct resolution depends on the use case. If the error received pertains to a submission retried due to a timeout, do nothing, as the previous command has already been accepted. If the intent is to submit a new command, re-submit using a distinct command id.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: DUPLICATE_COMMAND

DUPLICATE_CONTRACT_KEY

  • Explanation: This error signals that within the transaction we got to a point where two contracts with the same key were active.
  • Resolution: This error indicates an application error.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: DUPLICATE_CONTRACT_KEY

INCONSISTENT

  • Explanation: At least one input has been altered by a concurrent transaction submission.
  • Resolution: The correct resolution depends on the business flow, for example it may be possible to proceed without an archived contract as an input, or the transaction submission may be retried to load the up-to-date value of a contract key.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INCONSISTENT

INCONSISTENT_CONTRACTS

  • Explanation: An input contract has been archived by a concurrent transaction submission.
  • Resolution: The correct resolution depends on the business flow, for example it may be possible to proceed without the archived contract as an input, or a different contract could be used.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INCONSISTENT_CONTRACTS

INCONSISTENT_CONTRACT_KEY

  • Explanation: An input contract key was re-assigned to a different contract by a concurrent transaction submission.
  • Resolution: Retry the transaction submission.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INCONSISTENT_CONTRACT_KEY

INVALID_LEDGER_TIME

  • Explanation: The ledger time of the submission violated some constraint on the ledger time.
  • Resolution: Retry the transaction submission.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INVALID_LEDGER_TIME

SUBMISSION_ALREADY_IN_FLIGHT

  • Explanation: Another command submission with the same change ID (application ID, command ID, actAs) is already being processed.
  • Resolution: Listen to the command completion stream until a completion for the in-flight command submission is published. Alternatively, resubmit the command. If the in-flight submission has finished successfully by then, this will return more detailed information about the earlier one. If the in-flight submission has failed by then, the resubmission will attempt to record the new transaction on the ledger.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: SUBMISSION_ALREADY_IN_FLIGHT

2.2.5. PackageServiceErrors

DAR_NOT_SELF_CONSISTENT

  • Explanation: This error indicates that the uploaded Dar is broken because it is missing internal dependencies.
  • Resolution: Contact the supplier of the Dar.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DAR_NOT_SELF_CONSISTENT

DAR_VALIDATION_ERROR

  • Explanation: This error indicates that the validation of the uploaded dar failed.
  • Resolution: Inspect the error message and contact support.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DAR_VALIDATION_ERROR

PACKAGE_SERVICE_INTERNAL_ERROR

  • Explanation: This error indicates an internal issue within the package service.
  • Resolution: Inspect the error message and contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: PACKAGE_SERVICE_INTERNAL_ERROR

SHUTDOWN_INTERRUPTED_PACKAGE_VETTING

  • Explanation: Package vetting has been aborted because the participant is shutting down.
  • Resolution: Re-submit the vetting request when the participant node is available again.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SHUTDOWN_INTERRUPTED_PACKAGE_VETTING

2.2.5.1. Reading

DAR_PARSE_ERROR

  • Explanation: This error indicates that the content of the Dar file could not be parsed successfully.
  • Resolution: Inspect the error message and contact support.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DAR_PARSE_ERROR

INVALID_DAR

  • Explanation: This error indicates that the supplied dar file was invalid.
  • Resolution: Inspect the error message for details and contact support.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_DAR

INVALID_DAR_FILE_NAME

  • Explanation: This error indicates that the supplied dar file name did not meet the requirements to be stored in the persistence store.
  • Resolution: Inspect error message for details and change the file name accordingly
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_DAR_FILE_NAME

INVALID_LEGACY_DAR

  • Explanation: This error indicates that the supplied zipped dar is an unsupported legacy Dar.
  • Resolution: Please use a more recent dar version.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_LEGACY_DAR

INVALID_ZIP_ENTRY

  • Explanation: This error indicates that the supplied zipped dar file was invalid.
  • Resolution: Inspect the error message for details and contact support.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_ZIP_ENTRY

ZIP_BOMB

  • Explanation: This error indicates that the supplied zipped dar is regarded as zip-bomb.
  • Resolution: Inspect the dar and contact support.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: ZIP_BOMB

2.2.6. WriteServiceRejectionErrors

DISPUTED

  • Explanation: An invalid transaction submission was not detected by the participant.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: DISPUTED

OUT_OF_QUOTA

  • Explanation: The Participant node did not have sufficient resource quota to submit the transaction.
  • Resolution: Inspect the error message and retry after after correcting the underlying issue.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: OUT_OF_QUOTA

PARTY_NOT_KNOWN_ON_LEDGER

  • Explanation: One or more informee parties have not been allocated.
  • Resolution: Check that all the informee party identifiers are correct, allocate all the informee parties, request their allocation or wait for them to be allocated before retrying the transaction submission.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: PARTY_NOT_KNOWN_ON_LEDGER

SUBMITTER_CANNOT_ACT_VIA_PARTICIPANT

  • Explanation: A submitting party is not authorized to act through the participant.
  • Resolution: Contact the participant operator or re-submit with an authorized party.
  • Category: InsufficientPermission
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons.
  • Scaladocs: SUBMITTER_CANNOT_ACT_VIA_PARTICIPANT

SUBMITTING_PARTY_NOT_KNOWN_ON_LEDGER

  • Explanation: The submitting party has not been allocated.
  • Resolution: Check that the party identifier is correct, allocate the submitting party, request its allocation or wait for it to be allocated before retrying the transaction submission.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: SUBMITTING_PARTY_NOT_KNOWN_ON_LEDGER

2.2.6.1. Internal

INTERNALLY_DUPLICATE_KEYS

  • Explanation: The participant didn’t detect an attempt by the transaction submission to use the same key for two active contracts.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNALLY_DUPLICATE_KEYS

INTERNALLY_INCONSISTENT_KEYS

  • Explanation: The participant didn’t detect an inconsistent key usage in the transaction. Within the transaction, an exercise, fetch or lookupByKey failed because the mapping of key -> contract ID was inconsistent with earlier actions.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNALLY_INCONSISTENT_KEYS

2.2.7. AuthorizationChecksErrors

INTERNAL_AUTHORIZATION_ERROR

  • Explanation: An internal system authorization error occurred.
  • Resolution: Contact the participant operator.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNAL_AUTHORIZATION_ERROR

PERMISSION_DENIED

  • Explanation: This rejection is given if the supplied authorization token is not sufficient for the intended command. The exact reason is logged on the participant, but not given to the user for security reasons.
  • Resolution: Inspect your command and your token or ask your participant operator for an explanation why this command failed.
  • Category: InsufficientPermission
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons.
  • Scaladocs: PERMISSION_DENIED

STALE_STREAM_AUTHORIZATION

  • Explanation: The stream was aborted because the authenticated user’s rights changed, and the user might thus no longer be authorized to this stream.
  • Resolution: The application should automatically retry fetching the stream. It will either succeed, or fail with an explicit denial of authentication or permission.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: STALE_STREAM_AUTHORIZATION

UNAUTHENTICATED

  • Explanation: This rejection is given if the submitted command does not contain a JWT token on a participant enforcing JWT authentication.
  • Resolution: Ask your participant operator to provide you with an appropriate JWT token.
  • Category: AuthInterceptorInvalidAuthenticationCredentials
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status UNAUTHENTICATED without any details for security reasons.
  • Scaladocs: UNAUTHENTICATED

2.2.8. RequestValidationErrors

INVALID_ARGUMENT

  • Explanation: This error is emitted when a submitted ledger API command contains an invalid argument.
  • Resolution: Inspect the reason given and correct your application.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_ARGUMENT

INVALID_DEDUPLICATION_PERIOD

  • Explanation: This error is emitted when a submitted ledger API command specifies an invalid deduplication period.
  • Resolution: Inspect the error message, adjust the value of the deduplication period or ask the participant operator to increase the maximum deduplication period.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INVALID_DEDUPLICATION_PERIOD

INVALID_FIELD

  • Explanation: This error is emitted when a submitted ledger API command contains a field value that cannot be understood.
  • Resolution: Inspect the reason given and correct your application.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_FIELD

LEDGER_ID_MISMATCH

  • Explanation: Every ledger API command contains a ledger-id which is verified against the running ledger. This error indicates that the provided ledger-id does not match the expected one.
  • Resolution: Ensure that your application is correctly configured to use the correct ledger.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: LEDGER_ID_MISMATCH

MISSING_FIELD

  • Explanation: This error is emitted when a mandatory field is not set in a submitted ledger API command.
  • Resolution: Inspect the reason given and correct your application.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: MISSING_FIELD

NON_HEXADECIMAL_OFFSET

  • Explanation: The supplied offset could not be converted to a binary offset.
  • Resolution: Ensure the offset is specified as a hexadecimal string.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: NON_HEXADECIMAL_OFFSET

OFFSET_AFTER_LEDGER_END

  • Explanation: This rejection is given when a read request uses an offset beyond the current ledger end.
  • Resolution: Use an offset that is before the ledger end.
  • Category: InvalidGivenCurrentSystemStateSeekAfterEnd
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status OUT_OF_RANGE including a detailed error message.
  • Scaladocs: OFFSET_AFTER_LEDGER_END

OFFSET_OUT_OF_RANGE

  • Explanation: This rejection is given when a read request uses an offset invalid in the requests’ context.
  • Resolution: Inspect the error message and use a valid offset.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: OFFSET_OUT_OF_RANGE

PARTICIPANT_PRUNED_DATA_ACCESSED

  • Explanation: This rejection is given when a read request tries to access pruned data.
  • Resolution: Use an offset that is after the pruning offset.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PARTICIPANT_PRUNED_DATA_ACCESSED

2.2.8.1. NotFound

LEDGER_CONFIGURATION_NOT_FOUND

  • Explanation: The ledger configuration could not be retrieved. This could happen due to incomplete initialization of the participant or due to an internal system error.
  • Resolution: Contact the participant operator.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: LEDGER_CONFIGURATION_NOT_FOUND

PACKAGE_NOT_FOUND

  • Explanation: This rejection is given when a read request tries to access a package which does not exist on the ledger.
  • Resolution: Use a package id pertaining to a package existing on the ledger.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: PACKAGE_NOT_FOUND

TEMPLATES_OR_INTERFACES_NOT_FOUND

  • Explanation: The queried template or interface ids do not exist.
  • Resolution: Use valid template or interface ids in your query or ask the participant operator to upload the package containing the necessary interfaces/templates.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TEMPLATES_OR_INTERFACES_NOT_FOUND

TEMPLATE_NAME_NOT_KNOWN

  • Explanation: The queried template qualified name could not be resolved to a fully-qualified template id.
  • Resolution: Use a valid template qualified name or ask the participant operator to upload the package containing the necessary interfaces/templates.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TEMPLATE_NAME_NOT_KNOWN

TRANSACTION_NOT_FOUND

  • Explanation: The transaction does not exist or the requesting set of parties are not authorized to fetch it.
  • Resolution: Check the transaction id and verify that the requested transaction is visible to the requesting parties.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TRANSACTION_NOT_FOUND

2.3. TransactionErrorGroup

2.3.1. TransactionRoutingError

AUTOMATIC_TRANSFER_FOR_TRANSACTION_FAILED

  • Explanation: This error indicates that the automated transfer could not succeed, as the current topology does not allow the transfer to complete, mostly due to lack of confirmation permissions of the involved parties.
  • Resolution: Inspect the message and your topology and ensure appropriate permissions exist.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: AUTOMATIC_TRANSFER_FOR_TRANSACTION_FAILED

ROUTING_INTERNAL_ERROR

  • Explanation: This error indicates an internal error in the Canton domain router.
  • Resolution: Please contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: ROUTING_INTERNAL_ERROR

UNABLE_TO_GET_TOPOLOGY_SNAPSHOT

  • Explanation: This error indicates that topology information could not be queried.
  • Resolution: Check that the participant is connected to the domain.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNABLE_TO_GET_TOPOLOGY_SNAPSHOT

2.3.1.1. MalformedInputErrors

DISCLOSED_CONTRACT_AUTHENTICATION_FAILED

  • Explanation: A provided disclosed contract could not be authenticated against the provided contract id.
  • Resolution: Ensure that disclosed contracts provided with command submission match the original contract creation content as sourced from the Ledger API. If the problem persists, contact the participant operator.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: DISCLOSED_CONTRACT_AUTHENTICATION_FAILED

INVALID_DISCLOSED_CONTRACT

  • Explanation: A provided disclosed contract could not be processed.
  • Resolution: Ensure that disclosed contracts provided with command submission have an authenticated contract id (i.e. have been created in participant nodes running Canton protocol version 4 or higher) and match the original contract creation format and content as sourced from the Ledger API. If the problem persists, contact the participant operator.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_DISCLOSED_CONTRACT

INVALID_DOMAIN_ALIAS

  • Explanation: The WorkflowID defined in the transaction metadata is not a valid domain alias.
  • Resolution: Check that the workflow ID (if specified) corresponds to a valid domain alias. A typical rejection reason is a too-long domain alias.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: INVALID_DOMAIN_ALIAS

INVALID_DOMAIN_ID

  • Explanation: The WorkflowID defined in the transaction metadata contains an invalid domain id.
  • Resolution: Check that the workflow ID (if specified) corresponds to a valid domain ID after the domain-id: marker string.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: INVALID_DOMAIN_ID

INVALID_PARTY_IDENTIFIER

  • Explanation: The given party identifier is not a valid Canton party identifier.
  • Resolution: Ensure that your commands only refer to correct and valid Canton party identifiers of parties that are properly enabled on the system
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_PARTY_IDENTIFIER

INVALID_SUBMITTER

  • Explanation: The party defined as a submitter can not be parsed into a valid Canton party.
  • Resolution: Check that you only use correctly setup party names in your application.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_SUBMITTER

2.3.1.2. TopologyErrors

INFORMEES_NOT_ACTIVE

  • Explanation: This error indicates that the informees are known, but there is no connected domain on which all the informees are hosted.
  • Resolution: Ensure that there is such a domain, as Canton requires a domain where all informees are present.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INFORMEES_NOT_ACTIVE

NOT_CONNECTED_TO_ALL_CONTRACT_DOMAINS

  • Explanation: This error indicates that the transaction is referring to contracts on domains to which this participant is currently not connected.
  • Resolution: Check the status of your domain connections.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: NOT_CONNECTED_TO_ALL_CONTRACT_DOMAINS

NO_COMMON_DOMAIN

  • Explanation: This error indicates that there is no common domain to which all submitters can submit and all informees are connected.
  • Resolution: Check that your participant node is connected to all domains you expect and check that the parties are hosted on these domains as you expect them to be.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: NO_COMMON_DOMAIN

NO_DOMAIN_FOR_SUBMISSION

  • Explanation: This error indicates that no valid domain was found for submission.
  • Resolution: Check the status of your domain connections, that packages are vetted and that you are connected to domains running recent protocol versions.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: NO_DOMAIN_FOR_SUBMISSION

NO_DOMAIN_ON_WHICH_ALL_SUBMITTERS_CAN_SUBMIT

  • Explanation: This error indicates that a transaction has been sent where the system can not find any active ” + “domain on which this participant can submit in the name of the given set of submitters.
  • Resolution: Ensure that you are connected to a domain where this participant has submission rights. Check that you are actually connected to the domains you expect to be connected and check that your participant node has the submission permission for each submitting party.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: NO_DOMAIN_ON_WHICH_ALL_SUBMITTERS_CAN_SUBMIT

SUBMITTERS_NOT_ACTIVE

  • Explanation: This error indicates that the submitters are known, but there is no connected domain on which all the submitters are hosted.
  • Resolution: Ensure that there is such a domain, as Canton requires a domain where all submitters are present.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SUBMITTERS_NOT_ACTIVE

SUBMITTER_ALWAYS_STAKEHOLDER

  • Explanation: This error indicates that the transaction requires contract transfers for which the submitter must be a stakeholder.
  • Resolution: Check that your participant node is connected to all domains you expect and check that the parties are hosted on these domains as you expect them to be.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SUBMITTER_ALWAYS_STAKEHOLDER

UNKNOWN_CONTRACT_DOMAINS

  • Explanation: This error indicates that the transaction is referring to contracts whose domain is not currently known.
  • Resolution: Ensure all transfer operations on contracts used by the transaction have completed.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNKNOWN_CONTRACT_DOMAINS

UNKNOWN_INFORMEES

  • Explanation: This error indicates that the transaction is referring to some informees that are not known on any connected domain.
  • Resolution: Check the list of submitted informees and check if your participant is connected to the domains you are expecting it to be.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: UNKNOWN_INFORMEES

UNKNOWN_SUBMITTERS

  • Explanation: This error indicates that the transaction is referring to some submitters that are not known on any connected domain.
  • Resolution: Check the list of provided submitters and check if your participant is connected to the domains you are expecting it to be.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: UNKNOWN_SUBMITTERS

2.3.1.3. ConfigurationErrors

INVALID_PRESCRIBED_DOMAIN_ID

  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INVALID_PRESCRIBED_DOMAIN_ID

MULTI_DOMAIN_SUPPORT_NOT_ENABLED

  • Explanation: This error indicates that a transaction has been submitted that requires multi-domain support. Multi-domain support is a preview feature that needs to be enabled explicitly by configuration.
  • Resolution: Set canton.features.enable-preview-commands = yes
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: MULTI_DOMAIN_SUPPORT_NOT_ENABLED

SUBMISSION_DOMAIN_NOT_READY

  • Explanation: This error indicates that the transaction should be submitted to a domain which is not connected or not configured.
  • Resolution: Ensure that the domain specified in the workflowId is correctly connected.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: SUBMISSION_DOMAIN_NOT_READY

2.3.2. SubmissionErrors

CHOSEN_MEDIATOR_IS_INACTIVE

  • Explanation: The mediator chosen for the transaction got deactivated before the request was sequenced.
  • Resolution: Resubmit.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: CHOSEN_MEDIATOR_IS_INACTIVE

CONTRACT_AUTHENTICATION_FAILED

  • Explanation: At least one of the transaction’s input contracts could not be authenticated.
  • Resolution: Retry the submission with correctly authenticated contracts.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: CONTRACT_AUTHENTICATION_FAILED

DOMAIN_BACKPRESSURE

  • Explanation: This error occurs when the sequencer refuses to accept a command due to backpressure.
  • Resolution: Wait a bit and retry, preferably with some backoff factor.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: DOMAIN_BACKPRESSURE

DOMAIN_WITHOUT_MEDIATOR

  • Explanation: The participant routed the transaction to a domain without an active mediator.
  • Resolution: Add a mediator to the domain.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: DOMAIN_WITHOUT_MEDIATOR

MALFORMED_REQUEST

  • Explanation: This error has not yet been properly categorised into sub-error codes.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: MALFORMED_REQUEST

NOT_SEQUENCED_TIMEOUT

  • Explanation: This error occurs when the transaction was not sequenced within the pre-defined max-sequencing time and has therefore timed out. The max-sequencing time is derived from the transaction’s ledger time via the ledger time model skews.
  • Resolution: Resubmit if the delay is caused by high load. If the command requires substantial processing on the participant, specify a higher minimum ledger time with the command submission so that a higher max sequencing time is derived. Alternatively, you can increase the dynamic domain parameter ledgerTimeRecordTimeTolerance.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: NOT_SEQUENCED_TIMEOUT

PACKAGE_NOT_VETTED_BY_RECIPIENTS

  • Explanation: This error occurs if a transaction was submitted referring to a package that a receiving participant has not vetted. Any transaction view can only refer to packages that have explicitly been approved by the receiving participants.
  • Resolution: Ensure that the receiving participant uploads and vets the respective package.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PACKAGE_NOT_VETTED_BY_RECIPIENTS

PARTICIPANT_OVERLOADED

  • Explanation: The participant has rejected all incoming commands during a configurable grace period.
  • Resolution: Configure more restrictive resource limits (enterprise only). Change applications to submit commands at a lower rate. Configure a higher value for myParticipant.parameters.warnIfOverloadedFor.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: PARTICIPANT_OVERLOADED

SEQUENCER_REQUEST_FAILED

  • Explanation: This error occurs when the command cannot be sent to the domain.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: SEQUENCER_REQUEST_FAILED

SUBMISSION_DURING_SHUTDOWN

  • Explanation: This error occurs when a command is submitted while the system is performing a shutdown.
  • Resolution: Assuming that the participant will restart or failover eventually, retry in a couple of seconds.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: SUBMISSION_DURING_SHUTDOWN

UNKNOWN_CONTRACT_DOMAIN

  • Explanation: This error occurs if a transaction was submitted referring to a contract that is not known on the domain. This can occur in case of race conditions between a transaction and an archival or transfer-out.
  • Resolution: Check domain for submission and/or re-submit the transaction.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNKNOWN_CONTRACT_DOMAIN

2.3.3. SyncServiceInjectionError

COMMAND_INJECTION_FAILURE

  • Explanation: This errors occurs if an internal error results in an exception.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: COMMAND_INJECTION_FAILURE

NODE_IS_PASSIVE_REPLICA

  • Explanation: This error results if a command is submitted to the passive replica.
  • Resolution: Send the command to the active replica.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: NODE_IS_PASSIVE_REPLICA

NOT_CONNECTED_TO_ANY_DOMAIN

  • Explanation: This errors results if a command is submitted to a participant that is not connected to any domain.
  • Resolution: Connect your participant to the domain where the given parties are hosted.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: NOT_CONNECTED_TO_ANY_DOMAIN

2.3.4. LocalReject

2.3.4.1. MalformedRejects

LOCAL_VERDICT_BAD_ROOT_HASH_MESSAGES

  • Explanation: This rejection is made by a participant if a transaction does not contain valid root hash messages.
  • Resolution: This indicates a race condition due to a in-flight topology change, or malicious or faulty behaviour.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: LOCAL_VERDICT_BAD_ROOT_HASH_MESSAGES

LOCAL_VERDICT_CREATES_EXISTING_CONTRACTS

  • Explanation: This error indicates that the transaction would create already existing contracts.
  • Resolution: This error indicates either faulty or malicious behaviour.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: LOCAL_VERDICT_CREATES_EXISTING_CONTRACTS

LOCAL_VERDICT_FAILED_MODEL_CONFORMANCE_CHECK

  • Explanation: This rejection is made by a participant if a transaction fails a model conformance check.
  • Resolution: This indicates either malicious or faulty behaviour.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: LOCAL_VERDICT_FAILED_MODEL_CONFORMANCE_CHECK

LOCAL_VERDICT_MALFORMED_PAYLOAD

  • Explanation: This rejection is made by a participant if a view of the transaction is malformed.
  • Resolution: This indicates either malicious or faulty behaviour.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: LOCAL_VERDICT_MALFORMED_PAYLOAD

LOCAL_VERDICT_MALFORMED_REQUEST

  • Explanation: This rejection is made by a participant if a request is malformed.
  • Resolution: Please contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: LOCAL_VERDICT_MALFORMED_REQUEST

2.3.4.2. ConsistencyRejections

LOCAL_VERDICT_DUPLICATE_KEY

  • Explanation: If the participant provides unique contract key support, this error will indicate that a transaction would create a unique key which already exists.
  • Resolution: It depends on your use case and application whether and when retrying makes sense or not.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_DUPLICATE_KEY

LOCAL_VERDICT_INACTIVE_CONTRACTS

  • Explanation: The transaction is referring to contracts that have either been previously archived, transferred to another domain, or do not exist.
  • Resolution: Inspect your contract state and try a different transaction.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_INACTIVE_CONTRACTS

LOCAL_VERDICT_INCONSISTENT_KEY

  • Explanation: If the participant provides unique contract key support, this error will indicate that a transaction expected a key to be unallocated, but a contract for the key already exists.
  • Resolution: It depends on your use case and application whether and when retrying makes sense or not.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_INCONSISTENT_KEY

LOCAL_VERDICT_LOCKED_CONTRACTS

  • Explanation: The transaction is referring to locked contracts which are in the process of being created, transferred, or archived by another transaction. If the other transaction fails, this transaction could be successfully retried.
  • Resolution: Retry the transaction
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_LOCKED_CONTRACTS

LOCAL_VERDICT_LOCKED_KEYS

  • Explanation: The transaction is referring to locked keys which are in the process of being modified by another transaction.
  • Resolution: Retry the transaction
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_LOCKED_KEYS

2.3.4.3. TimeRejects

LOCAL_VERDICT_LEDGER_TIME_OUT_OF_BOUND

  • Explanation: This error is thrown if the ledger time and the record time differ more than permitted. This can happen in an overloaded system due to high latencies or for transactions with long interpretation times.
  • Resolution: For long-running transactions, specify a ledger time with the command submission or adjust the dynamic domain parameter ledgerTimeRecordTimeTolerance (and possibly the participant and mediator reaction timeout). For short-running transactions, simply retry.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_LEDGER_TIME_OUT_OF_BOUND

LOCAL_VERDICT_SUBMISSION_TIME_OUT_OF_BOUND

  • Explanation: This error is thrown if the submission time and the record time differ more than permitted. This can happen in an overloaded system due to high latencies or for transactions with long interpretation times.
  • Resolution: For long-running transactions, adjust the ledger time bounds used with the command submission. For short-running transactions, simply retry.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_SUBMISSION_TIME_OUT_OF_BOUND

LOCAL_VERDICT_TIMEOUT

  • Explanation: This rejection is sent if the participant locally determined a timeout.
  • Resolution: In the first instance, resubmit your transaction. If the rejection still appears spuriously, consider increasing the participantResponseTimeout or mediatorReactionTimeout values in the DynamicDomainParameters. If the rejection appears unrelated to timeout settings, validate that the sequencer and mediator function correctly.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: LOCAL_VERDICT_TIMEOUT

2.3.4.4. TransferInRejects

TRANSFER_IN_ALREADY_COMPLETED

  • Explanation: This rejection is emitted by a participant if a transfer-in has already been completed.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: TRANSFER_IN_ALREADY_COMPLETED

TRANSFER_IN_CONTRACT_ALREADY_ACTIVE

  • Explanation: This rejection is emitted by a participant if a transfer-in has already been made by another entity.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: TRANSFER_IN_CONTRACT_ALREADY_ACTIVE

TRANSFER_IN_CONTRACT_ALREADY_ARCHIVED

  • Explanation: This rejection is emitted by a participant if a transfer would be invoked on an already archived contract.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TRANSFER_IN_CONTRACT_ALREADY_ARCHIVED

TRANSFER_IN_CONTRACT_IS_LOCKED

  • Explanation: This rejection is emitted by a participant if a transfer-in is referring to an already locked contract.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: TRANSFER_IN_CONTRACT_IS_LOCKED

2.3.4.5. TransferOutRejects

TRANSFER_OUT_ACTIVENESS_CHECK_FAILED

  • Explanation: Activeness check failed for transfer out submission. This rejection occurs if the contract to be transferred has already been transferred or is currently locked (due to a competing transaction) on domain.
  • Resolution: Depending on your use-case and your expectation, retry the transaction.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TRANSFER_OUT_ACTIVENESS_CHECK_FAILED

2.3.5. CommandDeduplicationError

MALFORMED_DEDUPLICATION_OFFSET

  • Explanation: The specified deduplication offset is syntactically malformed.
  • Resolution: Use a deduplication offset that was produced by this participant node.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: MALFORMED_DEDUPLICATION_OFFSET

2.4. SyncServiceError

PARTY_ALLOCATION_WITHOUT_CONNECTED_DOMAIN

  • Explanation: The participant is not connected to a domain and can therefore not allocate a party because the party notification is configured as party-notification.type = via-domain.
  • Resolution: Connect the participant to a domain first or change the participant’s party notification config to eager.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PARTY_ALLOCATION_WITHOUT_CONNECTED_DOMAIN

SYNC_SERVICE_ALARM

  • Explanation: The participant has detected that another node is behaving maliciously.
  • Resolution: Contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: SYNC_SERVICE_ALARM

SYNC_SERVICE_ALREADY_ADDED

  • Explanation: This error results on an attempt to register a new domain under an alias already in use.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: SYNC_SERVICE_ALREADY_ADDED

SYNC_SERVICE_DOMAIN_BECAME_PASSIVE

  • Explanation: This error is logged when a sync domain is disconnected because the participant became passive.
  • Resolution: Fail over to the active participant replica.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: SYNC_SERVICE_DOMAIN_BECAME_PASSIVE

SYNC_SERVICE_DOMAIN_DISABLED_US

  • Explanation: This error is logged when the synchronization service shuts down because the remote domain has disabled this participant.
  • Resolution: Contact the domain operator and inquire why you have been booted out.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SYNC_SERVICE_DOMAIN_DISABLED_US

SYNC_SERVICE_DOMAIN_DISCONNECTED

  • Explanation: This error is logged when a sync domain is unexpectedly disconnected from the Canton sync service (after having previously been connected)
  • Resolution: Please contact support and provide the failure reason.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: SYNC_SERVICE_DOMAIN_DISCONNECTED

SYNC_SERVICE_DOMAIN_MUST_BE_OFFLINE

  • Explanation: This error is emitted when an operation is attempted such as repair that requires the domain connection to be disconnected and clean.
  • Resolution: Disconnect the domain before attempting the command.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SYNC_SERVICE_DOMAIN_MUST_BE_OFFLINE

SYNC_SERVICE_DOMAIN_STATUS_NOT_ACTIVE

  • Explanation: This error is logged when a sync domain has a non-active status.
  • Resolution: If you attempt to connect to a domain that has either been migrated off or has a pending migration, this error will be emitted. Please complete the migration before attempting to connect to it.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SYNC_SERVICE_DOMAIN_STATUS_NOT_ACTIVE

SYNC_SERVICE_INTERNAL_ERROR

  • Explanation: This error indicates an internal issue.
  • Resolution: Please contact support and provide the failure reason.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: SYNC_SERVICE_INTERNAL_ERROR

SYNC_SERVICE_UNKNOWN_DOMAIN

  • Explanation: This error results if a domain connectivity command is referring to a domain alias that has not been registered.
  • Resolution: Please confirm the domain alias is correct, or configure the domain before (re)connecting.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: SYNC_SERVICE_UNKNOWN_DOMAIN

2.4.1. SyncDomainMigrationError

BROKEN_DOMAIN_MIGRATION

  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: BROKEN_DOMAIN_MIGRATION

INVALID_DOMAIN_MIGRATION_REQUEST

  • Explanation: This error results when invalid arguments are passed to the migration command.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INVALID_DOMAIN_MIGRATION_REQUEST

2.4.2. DomainRegistryError

DOMAIN_REGISTRY_INTERNAL_ERROR

  • Explanation: This error indicates that there has been an internal error noticed by Canton.
  • Resolution: Contact support and provide the failure reason.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: DOMAIN_REGISTRY_INTERNAL_ERROR

TOPOLOGY_CONVERSION_ERROR

  • Explanation: This error indicates that there was an error converting topology transactions during connecting to a domain.
  • Resolution: Contact the operator of the topology management for this node.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TOPOLOGY_CONVERSION_ERROR

2.4.2.1. ConfigurationErrors

CANNOT_ISSUE_DOMAIN_TRUST_CERTIFICATE

  • Explanation: This error indicates that the participant can not issue a domain trust certificate. Such a certificate is necessary to become active on a domain. Therefore, it must be present in the authorized store of the participant topology manager.
  • Resolution: Manually upload a valid domain trust certificate for the given domain or upload the necessary certificates such that participant can issue such certificates automatically.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: CANNOT_ISSUE_DOMAIN_TRUST_CERTIFICATE

DOMAIN_PARAMETERS_CHANGED

  • Explanation: Error indicating that the domain parameters have been changed, while this isn’t supported yet.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_PARAMETERS_CHANGED

INCOMPATIBLE_UNIQUE_CONTRACT_KEYS_MODE

  • Explanation: This error indicates that the domain this participant is trying to connect to is a domain where unique contract keys are supported, while this participant is already connected to other domains. Multiple domains and unique contract keys are mutually exclusive features.
  • Resolution: Use isolated participants for domains that require unique keys.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INCOMPATIBLE_UNIQUE_CONTRACT_KEYS_MODE

INVALID_DOMAIN_CONNECTION

  • Explanation: This error indicates there is a validation error with the configured connections for the domain
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INVALID_DOMAIN_CONNECTION

MISCONFIGURED_STATIC_DOMAIN_PARAMETERS

  • Explanation: This error indicates that the participant is configured to connect to multiple domain sequencers but their static domain parameters are different from other sequencers.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: MISCONFIGURED_STATIC_DOMAIN_PARAMETERS

SEQUENCERS_FROM_DIFFERENT_DOMAINS_ARE_CONFIGURED

  • Explanation: This error indicates that the participant is configured to connect to multiple domain sequencers from different domains.
  • Resolution: Carefully verify the connection settings.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCERS_FROM_DIFFERENT_DOMAINS_ARE_CONFIGURED

2.4.2.2. HandshakeErrors

DOMAIN_ALIAS_DUPLICATION

  • Explanation: This error indicates that the domain alias was previously used to connect to a domain with a different domain id. This is a known situation when an existing participant is trying to connect to a freshly re-initialised domain.
  • Resolution: Carefully verify the connection settings.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_ALIAS_DUPLICATION

DOMAIN_CRYPTO_HANDSHAKE_FAILED

  • Explanation: This error indicates that the domain is using crypto settings which are either not supported or not enabled on this participant.
  • Resolution: Consult the error message and adjust the supported crypto schemes of this participant.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_CRYPTO_HANDSHAKE_FAILED

DOMAIN_HANDSHAKE_FAILED

  • Explanation: This error indicates that the participant to domain handshake has failed.
  • Resolution: Inspect the provided reason for more details and contact support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_HANDSHAKE_FAILED

DOMAIN_ID_MISMATCH

  • Explanation: This error indicates that the domain-id does not match the one that the participant expects. If this error happens on a first connect, then the domain id defined in the domain connection settings does not match the remote domain. If this happens on a reconnect, then the remote domain has been reset for some reason.
  • Resolution: Carefully verify the connection settings.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_ID_MISMATCH

SERVICE_AGREEMENT_ACCEPTANCE_FAILED

  • Explanation: This error indicates that the domain requires the participant to accept a service agreement before connecting to it.
  • Resolution: Use the commands $participant.domains.get_agreement and $participant.domains.accept_agreement to accept the agreement.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SERVICE_AGREEMENT_ACCEPTANCE_FAILED

2.4.2.3. ConnectionErrors

DOMAIN_IS_NOT_AVAILABLE

  • Explanation: This error results if the GRPC connection to the domain service fails with GRPC status UNAVAILABLE.
  • Resolution: Check your connection settings and ensure that the domain can really be reached.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: DOMAIN_IS_NOT_AVAILABLE

FAILED_TO_CONNECT_TO_SEQUENCER

  • Explanation: This error indicates that the participant failed to connect to the sequencer.
  • Resolution: Inspect the provided reason.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: FAILED_TO_CONNECT_TO_SEQUENCER

FAILED_TO_CONNECT_TO_SEQUENCERS

  • Explanation: This error indicates that the participant failed to connect to the sequencers.
  • Resolution: Inspect the provided reason.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: FAILED_TO_CONNECT_TO_SEQUENCERS

GRPC_CONNECTION_FAILURE

  • Explanation: This error indicates that the participant failed to connect due to a general GRPC error.
  • Resolution: Inspect the provided reason and contact support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: GRPC_CONNECTION_FAILURE

PARTICIPANT_IS_NOT_ACTIVE

  • Explanation: This error indicates that the connecting participant has either not yet been activated by the domain operator. If the participant was previously successfully connected to the domain, then this error indicates that the domain operator has deactivated the participant.
  • Resolution: Contact the domain operator and inquire the permissions your participant node has on the given domain.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PARTICIPANT_IS_NOT_ACTIVE

2.4.3. TrafficControlError

TRAFFIC_CONTROL_DOMAIN_ID_NOT_FOUND

  • Explanation: This error indicates that no available domain with that id could be found, and therefore no traffic state could be retrieved.
  • Resolution: Ensure that the participant is connected to the domain with the provided id.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: TRAFFIC_CONTROL_DOMAIN_ID_NOT_FOUND

TRAFFIC_CONTROL_STATE_NOT_FOUND

  • Explanation: This error indicates that the participant does not have a traffic state.
  • Resolution: Ensure that the the participant is connected to a domain with traffic control enabled, and that it has received at least one event from the domain since its connection.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TRAFFIC_CONTROL_STATE_NOT_FOUND

2.5. AdminWorkflowServices

CAN_NOT_AUTOMATICALLY_VET_ADMIN_WORKFLOW_PACKAGE

  • Explanation: This error indicates that the admin workflow package could not be vetted. The admin workflows is a set of packages that are pre-installed and can be used for administrative processes. The error can happen if the participant is initialised manually but is missing the appropriate signing keys or certificates in order to issue new topology transactions within the participants namespace. The admin workflows can not be used until the participant has vetted the package.
  • Resolution: This error can be fixed by ensuring that an appropriate vetting transaction is issued in the name of this participant and imported into this participant node. If the corresponding certificates have been added after the participant startup, then this error can be fixed by either restarting the participant node, issuing the vetting transaction manually or re-uploading the Dar (leaving the vetAllPackages argument as true)
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: CAN_NOT_AUTOMATICALLY_VET_ADMIN_WORKFLOW_PACKAGE

2.6. RepairServiceError

CONTRACT_PURGE_ERROR

  • Explanation: A contract cannot be purged due to an error.
  • Resolution: Retry after operator intervention.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: CONTRACT_PURGE_ERROR

CONTRACT_SERIALIZATION_ERROR

  • Explanation: A contract cannot be serialized due to an error.
  • Resolution: Retry after operator intervention.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: CONTRACT_SERIALIZATION_ERROR

IMPORT_ACS_ERROR

  • Explanation: Import Acs has failed.
  • Resolution: Retry after operator intervention.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: IMPORT_ACS_ERROR

INCONSISTENT_ACS_SNAPSHOT

  • Explanation: The ACS snapshot cannot be returned because it contains inconsistencies. This is likely due to the request happening concurrently with pruning.
  • Resolution: Retry the operation
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: INCONSISTENT_ACS_SNAPSHOT

INVALID_ACS_SNAPSHOT_TIMESTAMP

  • Explanation: The participant does not support serving an ACS snapshot at the requested timestamp, likely because some concurrent processing has not yet finished.
  • Resolution: Make sure that the specified timestamp has been obtained from the participant in some way. If so, retry after a bit (possibly repeatedly).
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: INVALID_ACS_SNAPSHOT_TIMESTAMP

INVALID_ARGUMENT_REPAIR

  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_ARGUMENT_REPAIR

UNAVAILABLE_ACS_SNAPSHOT

  • Explanation: The participant does not support serving an ACS snapshot at the requested timestamp because its database has already been pruned, e.g., by the continuous background pruning process.
  • Resolution: The snapshot at the requested timestamp is no longer available. Pick a more recent timestamp if possible.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNAVAILABLE_ACS_SNAPSHOT

UNSUPPORTED_PROTOCOL_VERSION_PARTICIPANT

  • Explanation: The participant does not support the requested protocol version.
  • Resolution: Specify a protocol version that the participant supports or upgrade the participant to a release that supports the requested protocol version.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: UNSUPPORTED_PROTOCOL_VERSION_PARTICIPANT

2.7. CantonPackageServiceError

DAR_NOT_FOUND

  • Explanation: The hash specified in the request does not match a DAR stored on the participant.
  • Resolution: Check the provided hash and re-try the operation.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: DAR_NOT_FOUND

PACKAGE_MISSING_DEPENDENCIES

  • Explanation: An operation could not be executed due to a missing package dependency.
  • Resolution: Fix the broken dependency state by re-uploading the missing package and retry the operation.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: PACKAGE_MISSING_DEPENDENCIES

PACKAGE_OR_DAR_REMOVAL_ERROR

  • Explanation: Errors raised by the Package Service on package removal.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PACKAGE_OR_DAR_REMOVAL_ERROR

2.8. LedgerApiErrors

HEAP_MEMORY_OVER_LIMIT

  • Explanation: This error happens when the JVM heap memory pool exceeds a pre-configured limit.
  • Resolution: The following actions can be taken: 1. Review the historical use of heap space by inspecting the metric given in the message. 2. Review the current heap space limits configured in the rate limiting configuration. 3. Try to space out requests that are likely to require a large amount of memory to process.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: HEAP_MEMORY_OVER_LIMIT

LEDGER_API_INTERNAL_ERROR

  • Explanation: This error occurs if there was an unexpected error in the Ledger API.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: LEDGER_API_INTERNAL_ERROR

MAXIMUM_NUMBER_OF_STREAMS

  • Explanation: This error happens when the number of concurrent gRPC streaming requests exceeds the configured limit.
  • Resolution: The following actions can be taken: 1. Review the historical need for concurrent streaming by inspecting the metric given in the message. 2. Review the maximum streams limit configured in the rate limiting configuration. 3. Try to space out streaming requests such that they do not need to run in parallel with each other.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: MAXIMUM_NUMBER_OF_STREAMS

PARTICIPANT_BACKPRESSURE

  • Explanation: This error occurs when a participant rejects a command due to excessive load. Load can be caused by the following factors: 1. when commands are submitted to the participant through its Ledger API, 2. when the participant receives requests from other participants through a connected domain.
  • Resolution: Wait a bit and retry, preferably with some backoff factor. If possible, ask other participants to send fewer requests; the domain operator can enforce this by imposing a rate limit.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: PARTICIPANT_BACKPRESSURE

THREADPOOL_OVERLOADED

  • Explanation: This happens when the rate of submitted gRPC requests requires more CPU or database power than is available.
  • Resolution: The following actions can be taken: Here the ‘queue size’ for the threadpool is considered as reported by the executor itself. 1. Review the historical ‘queue size’ growth by inspecting the metric given in the message. 2. Review the maximum ‘queue size’ limits configured in the rate limiting configuration. 3. Try to space out requests that are likely to require a lot of CPU or database power.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: THREADPOOL_OVERLOADED

2.9. IndexErrors

2.9.1. DatabaseErrors

INDEX_DB_INVALID_RESULT_SET

  • Explanation: This error occurs if the result set returned by a query against the Index database is invalid.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INDEX_DB_INVALID_RESULT_SET

INDEX_DB_SQL_NON_TRANSIENT_ERROR

  • Explanation: This error occurs if a non-transient error arises when executing a query against the index database.
  • Resolution: Contact the participant operator.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INDEX_DB_SQL_NON_TRANSIENT_ERROR

INDEX_DB_SQL_TRANSIENT_ERROR

  • Explanation: This error occurs if a transient error arises when executing a query against the index database.
  • Resolution: Re-submit the request.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: INDEX_DB_SQL_TRANSIENT_ERROR

2.10. PruningServiceError

INTERNAL_PRUNING_ERROR

  • Explanation: Pruning has failed because of an internal server error.
  • Resolution: Identify the error in the server log.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: INTERNAL_PRUNING_ERROR

NON_CANTON_OFFSET

  • Explanation: The supplied offset has an unexpected lengths.
  • Resolution: Ensure the offset has originated from this participant and is 9 bytes in length.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: NON_CANTON_OFFSET

PRUNING_NOT_SUPPORTED_IN_COMMUNITY_EDITION

  • Explanation: Pruning is not supported in the Community Edition.
  • Resolution: Upgrade to the Enterprise Edition.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PRUNING_NOT_SUPPORTED_IN_COMMUNITY_EDITION

SHUTDOWN_INTERRUPTED_PRUNING

  • Explanation: Pruning has been aborted because the participant is shutting down.
  • Resolution: After the participant is restarted, the participant ensures that it is in a consistent state. Therefore no intervention is necessary. After the restart, pruning can be invoked again as usual to prune the participant up to the desired offset.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SHUTDOWN_INTERRUPTED_PRUNING

UNSAFE_TO_PRUNE

  • Explanation: Pruning is not possible at the specified offset at the current time.
  • Resolution: Specify a lower offset or retry pruning after a while. Generally, you can only prune older events. In particular, the events must be older than the sum of mediator reaction timeout and participant timeout for every domain. And, you can only prune events that are older than the deduplication time configured for this participant. Therefore, if you observe this error, you either just prune older events or you adjust the settings for this participant. The error details field safe_offset contains the highest offset that can currently be pruned, if any.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNSAFE_TO_PRUNE

2.11. ParticipantReplicationServiceError

PARTICIPANT_REPLICATION_INTERNAL_ERROR

  • Explanation: Internal error emitted upon internal participant replication errors
  • Resolution: Contact support
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: PARTICIPANT_REPLICATION_INTERNAL_ERROR

PARTICIPANT_REPLICATION_NOT_SUPPORTED_BY_STORAGE

  • Explanation: Error emitted if the supplied storage configuration does not support replication.
  • Resolution: Use a participant storage backend supporting replication.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PARTICIPANT_REPLICATION_NOT_SUPPORTED_BY_STORAGE

2.12. CommonErrors

REQUEST_DEADLINE_EXCEEDED

  • Explanation: The request has not been submitted for processing as its predefined deadline has expired.
  • Resolution: Retry the request with a greater deadline.
  • Category: DeadlineExceededRequestStateUnknown
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status DEADLINE_EXCEEDED including a detailed error message.
  • Scaladocs: REQUEST_DEADLINE_EXCEEDED

REQUEST_TIME_OUT

  • Explanation: This rejection is given when a request processing status is not known and a time-out is reached.
  • Resolution: Retry for transient problems. If non-transient contact the operator as the time-out limit might be too short.
  • Category: DeadlineExceededRequestStateUnknown
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status DEADLINE_EXCEEDED including a detailed error message.
  • Scaladocs: REQUEST_TIME_OUT

SERVER_IS_SHUTTING_DOWN

  • Explanation: This rejection is given when the participant server is shutting down.
  • Resolution: Contact the participant operator.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: SERVER_IS_SHUTTING_DOWN

SERVICE_INTERNAL_ERROR

  • Explanation: This error occurs if one of the services encountered an unexpected exception.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: SERVICE_INTERNAL_ERROR

SERVICE_NOT_RUNNING

  • Explanation: This rejection is given when the requested service has already been closed.
  • Resolution: Retry re-submitting the request. If the error persists, contact the participant operator.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: SERVICE_NOT_RUNNING

UNSUPPORTED_OPERATION

  • Explanation: This error category is used to signal that an unimplemented code-path has been triggered by a client or participant operator request.
  • Resolution: This error is caused by a participant node misconfiguration or by an implementation bug. Resolution requires participant operator intervention.
  • Category: InternalUnsupportedOperation
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status UNIMPLEMENTED without any details for security reasons.
  • Scaladocs: UNSUPPORTED_OPERATION

3. EthereumErrors

3.1. ConfigurationErrors

AHEAD_OF_HEAD

  • Explanation: This warning is logged on startup if the sequencer is configured to only start reading from a block that wasn’t mined yet by the blockchain (e.g. sequencer is supposed to start reading from block 500, but the latest block is only 100). This is likely due to a misconfiguration.
  • Resolution: This issue frequently occurs when the blockchain is reset but the sequencer database configuration is not updated or the sequencer database (which persists the last block that was read by the sequencer) is not reset. Validate these settings and ensure that the sequencer is still reading from the same blockchain.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: AHEAD_OF_HEAD

ATTEMPT_TO_CHANGE_IMMUTABLE_VALUE

  • Explanation: The sequencer smart contract has detected that a value that is immutable after being set for the first time (either the signing tolerance or the topology manager ID) was attempted to be changed. Most frequently this error occurs during testing when a Canton Ethereum sequencer process without persistence is restarted while pointing to the same smart sequencer contract. An Ethereum sequencer attempts to set the topology manager ID during initialization, however, without persistence the topology manager ID is randomly regenerated on the restart which leads to the sequencer attempting to change the topology manager ID in the sequencer smart contract.
  • Resolution: Deploy a new instance of the sequencer contract and configure the Ethereum sequencer to use that instance. If the errors occur because an Ethereum sequencer process is restarted without persistence, deploy a fresh instance of the sequencer contract and configure persistence for restarts.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: ATTEMPT_TO_CHANGE_IMMUTABLE_VALUE

BESU_VERSION_MISMATCH

  • Explanation: This error is logged when the sequencer detects that the version of the Besu client it connects to is not what is expected / supported.
  • Resolution: Either deploy the documented required version or set canton.parameters.non-standard-config = true.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: BESU_VERSION_MISMATCH

ETHEREUM_CANT_QUERY_VERSION

  • Explanation: As one of the first steps when initializing a Besu sequencer, Canton attempts to query the version (attribute) of the Sequencer.sol contract.
  • Resolution: Usually, the root cause of this is a deployment or configuration problem. Ensure that a Sequencer.sol contract is deployed on the configured address on the latest block when attempting to initialize the Canton Besu sequencer node. If this error persists, a malicious user may be attempting to interfere with the Ethereum network.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: ETHEREUM_CANT_QUERY_VERSION

MANY_BLOCKS_BEHIND_HEAD

  • Explanation: This error is logged when the sequencer is currently processing blocks that are very far behind the head of the blockchain of the connected Ethereum network. The Ethereum sequencer won’t observe new transactions in the blockchain until it has caught up to the head. This may take a long time depending on the blockchain length and number of Canton transaction in the blocks. Empirically, we have observed that the Canton sequencer processes roughly 500 empty blocks/second. This may vary strongly for non-empty blocks. The sequencer logs once it has caught up to within blocksBehindBlockchainHead blocks behind the blockchain head.
  • Resolution: Wait until the sequencer has caught up to the head of the blockchain. Alternatively, consider changing the configuration of block-to-read-from of the Ethereum sequencer when initializing it against an Ethereum network that already mined a lot of blocks.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: MANY_BLOCKS_BEHIND_HEAD

NOT_FREE_GAS_NETWORK

  • Explanation: This error is logged when during setup the sequencer detects that it isn’t connected to a free-gas network. This usually leads to transactions silently being dropped by Ethereum nodes. You should only use a non-free-gas network, if you have configured an Ethereum wallet for the sequencer to use and have given it gas.
  • Resolution: Change the configuration of the Ethereum network to a free-gas network.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: NOT_FREE_GAS_NETWORK

WRONG_EVM_BYTECODE

  • Explanation: Canton validates on startup that the configured address on the blockchain contains the EVM bytecode of the sequencer smart contract in the latest block. This error indicates that no bytecode or the wrong bytecode was found. This is a serious error and means that the sequencer can’t sequence events.
  • Resolution: This frequently error occurs when updating the Canton system without updating the sequencer contract deployed on the blockchain. Validate that the sequencer contract corresponding to the current Canton release is deployed in the latest blockchain blocks on the configured address. Another common reason for this error is that the wrong contract address was configured.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: WRONG_EVM_BYTECODE

3.2. TransactionErrors

ETHEREUM_TRANSACTION_INVALID

  • Explanation: This error happens when the Sequencer Ethereum application reads a transaction from the blockchain which is malformed (e.g, invalid member, arguments aren’t parseable or too large). This could happen if a malicious or faulty Ethereum Sequencer node is placing faulty data on the blockchain.
  • Resolution: Generally, Canton should recover automatically from this error. The faulty transactions are simply skipped by all non-malicious/non-faulty sequencers in a deterministic way, so the integrity of the event stream across sequencer nodes should be maintained. If you continue to see this error, investigate whether some of the sequencer nodes in the network are misbehaving.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: ETHEREUM_TRANSACTION_INVALID

ETHEREUM_TRANSACTION_RECEIPT_FETCHING_FAILED

  • Explanation: This error occurs when the Ethereum sequencer attempts to fetch the transaction receipt for a previously submitted transaction but receives an exception. Usually, this is caused by network errors, the Ethereum client node being overloaded or the Ethereum sequencer reaching its transactionReceiptPollingAttempts for a given transaction. The fetching of transaction receipts of submitted transactions is separate from the Ethereum sequencer’s read-stream used to ingest new transactions. Thus, in this sense, this error is purely informative and can be caused by transient issues (such as a transient network outage). Note, that the Canton nonce manager refreshes his cache whenever this error occurs which may unblock stuck transactions with a too-high nonce.
  • Resolution: Usually, this error should resolve by itself. If you frequently see this error, ensure that the Ethereum account of the Ethereum sequencer is used by no one else and that the Ethereum client doesn’t drop submitted transactions through being overloaded or reaching a full txpool. If this errors keeps occurring, please contact support.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: ETHEREUM_TRANSACTION_RECEIPT_FETCHING_FAILED

ETHEREUM_TRANSACTION_SUBMISSION_FAILED

  • Explanation: This error is logged when the Sequencer Ethereum application receives an error when attempting to submit a transaction to the transaction pool of the Ethereum client. Common causes for this are network errors, or when the Ethereum account of the Sequencer Ethereum application is used by another application. Less commonly, this error might also indirectly be caused if the transaction pool of the Ethereum client is full or flushed.
  • Resolution: Generally, Canton should recover automatically from this error. If you continue to see this error, investigate possible root causes such as poor network connections, if the Ethereum wallet of the Ethereum Sequencer application is being reused by another application, and the health of the Ethereum client.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: ETHEREUM_TRANSACTION_SUBMISSION_FAILED

4. TopologyManagementErrorGroup

4.1. TopologyManagerError

DUPLICATE_TOPOLOGY_TRANSACTION

  • Explanation: This error indicates that a transaction has already been added previously.
  • Resolution: Nothing to do as the transaction is already registered. Note however that a revocation is ” + final. If you want to re-enable a statement, you need to re-issue an new transaction.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: DUPLICATE_TOPOLOGY_TRANSACTION

ILLEGAL_REMOVAL_OF_DOMAIN_TRUST_CERTIFICATE

  • Explanation: This error indicates that a participant is trying to rescind their domain trust certificate while still being hosting parties.
  • Resolution: The participant should work with the owners of the parties mentioned in the parties field in the error details metadata to get itself removed from the list of hosting participants of those parties.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: ILLEGAL_REMOVAL_OF_DOMAIN_TRUST_CERTIFICATE

INCREASE_OF_LEDGER_TIME_RECORD_TIME_TOLERANCE

  • Explanation: This error indicates that it has been attempted to increase the ledgerTimeRecordTimeTolerance domain parameter in an insecure manner. Increasing this parameter may disable security checks and can therefore be a security risk.
  • Resolution: Make sure that the new value of ledgerTimeRecordTimeTolerance is at most half of the mediatorDeduplicationTimeout domain parameter. Use myDomain.service.set_ledger_time_record_time_tolerance for securely increasing ledgerTimeRecordTimeTolerance. Alternatively, add the force = true flag to your command, if security is not a concern for you. The security checks will be effective again after twice the new value of ledgerTimeRecordTimeTolerance. Using force = true is safe upon domain bootstrapping.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INCREASE_OF_LEDGER_TIME_RECORD_TIME_TOLERANCE

INSUFFICIENT_KEYS

  • Explanation: This error indicates that members referenced in a topology transaction have not declared at least one signing key or at least 1 encryption key or both.
  • Resolution: Ensure that all members referenced in the topology transaction have declared at least one signing key and at least one encryption key, then resubmit the failed transaction. The metadata details of this error contain the members with the missing keys in the field members.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: INSUFFICIENT_KEYS

INVALID_DOMAIN

  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_DOMAIN

INVALID_THRESHOLD

  • Explanation: This error indicates that a threshold in the submitted transaction was higher than the number of members that would have to satisfy that threshold.
  • Resolution: Submit the topology transaction with a lower threshold. The metadata details of this error contain the expected maximum in the field expectedMaximum.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_THRESHOLD

INVALID_TOPOLOGY_TX_SIGNATURE_ERROR

  • Explanation: This error indicates that the uploaded signed transaction contained an invalid signature.
  • Resolution: Ensure that the transaction is valid and uses a crypto version understood by this participant.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_TOPOLOGY_TX_SIGNATURE_ERROR

INVALID_TRAFFIC_LIMIT

  • Explanation: This error indicates that the attempted update of the extra traffic limits for a particular member failed because the new limit is lower than the current limit.
  • Resolution: Extra traffic limits can only be increased. Submit the topology transaction with a higher limit. The metadata details of this error contain the expected minimum value in the field expectedMinimum.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: INVALID_TRAFFIC_LIMIT

NO_APPROPRIATE_SIGNING_KEY_IN_STORE

  • Explanation: This error results if the topology manager did not find a secret key in its store to authorize a certain topology transaction.
  • Resolution: Inspect your topology transaction and your secret key store and check that you have the appropriate certificates and keys to issue the desired topology transaction. If the list of candidates is empty, then you are missing the certificates.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: NO_APPROPRIATE_SIGNING_KEY_IN_STORE

NO_CORRESPONDING_ACTIVE_TX_TO_REVOKE

  • Explanation: This error indicates that the attempt to add a removal transaction was rejected, as the mapping / element affecting the removal did not exist.
  • Resolution: Inspect the topology state and ensure the mapping and the element id of the active transaction you are trying to revoke matches your revocation arguments.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: NO_CORRESPONDING_ACTIVE_TX_TO_REVOKE

PUBLIC_KEY_NOT_IN_STORE

  • Explanation: This error indicates that a command contained a fingerprint referring to a public key not being present in the public key store.
  • Resolution: Upload the public key to the public key store using $node.keys.public.load(.) before retrying.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PUBLIC_KEY_NOT_IN_STORE

REMOVING_KEY_DANGLING_TRANSACTIONS_MUST_BE_FORCED

  • Explanation: This error indicates that the attempted key removal would create dangling topology transactions, making the node unusable.
  • Resolution: Add the force = true flag to your command if you are really sure what you are doing.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: REMOVING_KEY_DANGLING_TRANSACTIONS_MUST_BE_FORCED

REMOVING_LAST_KEY_MUST_BE_FORCED

  • Explanation: This error indicates that the attempted key removal would remove the last valid key of the given entity, making the node unusable.
  • Resolution: Add the force = true flag to your command if you are really sure what you are doing.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: REMOVING_LAST_KEY_MUST_BE_FORCED

SECRET_KEY_NOT_IN_STORE

  • Explanation: This error indicates that the secret key with the respective fingerprint can not be found.
  • Resolution: Ensure you only use fingerprints of secret keys stored in your secret key store.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SECRET_KEY_NOT_IN_STORE

SERIAL_MISMATCH

  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SERIAL_MISMATCH

TOPOLOGY_MANAGER_ALARM

  • Explanation: The topology manager has received a malformed message from another node.
  • Resolution: Inspect the error message for details.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: TOPOLOGY_MANAGER_ALARM

TOPOLOGY_MANAGER_INTERNAL_ERROR

  • Explanation: This error indicates that there was an internal error within the topology manager.
  • Resolution: Inspect error message for details.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: TOPOLOGY_MANAGER_INTERNAL_ERROR

TOPOLOGY_MAPPING_ALREADY_EXISTS

  • Explanation: This error indicates that a topology transaction would create a state that already exists and has been authorized with the same key.
  • Resolution: Your intended change is already in effect.
  • Category: InvalidGivenCurrentSystemStateResourceExists
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ALREADY_EXISTS including a detailed error message.
  • Scaladocs: TOPOLOGY_MAPPING_ALREADY_EXISTS

TOPOLOGY_TRANSACTION_NOT_FOUND

  • Explanation: This error indicates that a topology transaction could not be found.
  • Resolution: The topology transaction either has been rejected, is not valid anymore, is not yet valid, or does not yet exist.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: TOPOLOGY_TRANSACTION_NOT_FOUND

UNAUTHORIZED_TOPOLOGY_TRANSACTION

  • Explanation: This error indicates that the attempt to add a transaction was rejected, as the signing key is not authorized within the current state.
  • Resolution: Inspect the topology state and ensure that valid namespace or identifier delegations of the signing key exist or upload them before adding this transaction.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: UNAUTHORIZED_TOPOLOGY_TRANSACTION

UNKNOWN_MEMBERS

  • Explanation: This error indicates that the topology transaction references members that are currently unknown.
  • Resolution: Wait for the onboarding of the members to be become active or remove the unknown members from the topology transaction. The metadata details of this error contain the unknown member in the field members.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: UNKNOWN_MEMBERS

4.1.1. DomainTopologyManagerError

ALIEN_DOMAIN_ENTITIES

  • Explanation: This error is returned if a transaction attempts to add keys for alien domain manager or sequencer entities to this domain topology manager.
  • Resolution: Use a participant topology manager if you want to manage foreign domain keys
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: ALIEN_DOMAIN_ENTITIES

FAILED_TO_ADD_MEMBER

  • Explanation: This error indicates an external issue with the member addition hook.
  • Resolution: Consult the error details.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: FAILED_TO_ADD_MEMBER

MALICOUS_OR_FAULTY_ONBOARDING_REQUEST

  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: MALICOUS_OR_FAULTY_ONBOARDING_REQUEST

PARTICIPANT_NOT_INITIALIZED

  • Explanation: This error is returned if a domain topology manager attempts to activate a participant without having all necessary data, such as keys or domain trust certificates.
  • Resolution: Register the necessary keys or trust certificates and try again.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: PARTICIPANT_NOT_INITIALIZED

WRONG_DOMAIN

  • Explanation: This error is returned if a transaction restricted to a domain should be added to another domain.
  • Resolution: Recreate the content of the transaction with a correct domain identifier.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: WRONG_DOMAIN

WRONG_PROTOCOL_VERSION

  • Explanation: This error is returned if a transaction has a protocol version different than the one spoken on the domain.
  • Resolution: Recreate the transaction with a correct protocol version.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: WRONG_PROTOCOL_VERSION

4.1.2. ParticipantTopologyManagerError

CANNOT_VET_DUE_TO_MISSING_PACKAGES

  • Explanation: This error indicates that a package vetting command failed due to packages not existing locally. This can be due to either the packages not being present or their dependencies being missing. When vetting a package, the package must exist on the participant, as otherwise the participant will not be able to process a transaction relying on a particular package.
  • Resolution: Ensure that the package exists locally before issuing such a transaction.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: CANNOT_VET_DUE_TO_MISSING_PACKAGES

DANGEROUS_KEY_USE_COMMAND_REQUIRES_FORCE

  • Explanation: This error indicates that a dangerous owner to key mapping authorization was rejected. This is the case if a command is run that could break a participant. If the command was run to assign a key for the given participant, then the command was rejected because the key is not in the participants private store. If the command is run on a participant to issue transactions for another participant, then such commands must be run with force, as they are very dangerous and could easily break the participant. As an example, if we assign an encryption key to a participant that the participant does not have, then the participant will be unable to process an incoming transaction. Therefore we must be very careful to not create such situations.
  • Resolution: Set force=true if you really know what you are doing.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DANGEROUS_KEY_USE_COMMAND_REQUIRES_FORCE

DANGEROUS_VETTING_COMMANDS_REQUIRE_FORCE

  • Explanation: This error indicates that a dangerous package vetting command was rejected. This is the case if a vetting command, if not run correctly, could potentially lead to a ledger fork. The vetting authorization checks the participant for the presence of the given set of packages (including their dependencies) and allows only to vet for the given participant id. In rare cases where a more centralised topology manager is used, this behaviour can be overridden with force. However, if a package is vetted but not present on the participant, the participant will refuse to process any transaction of the given domain until the problematic package has been uploaded.
  • Resolution: Set force=true if you really know what you are doing.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DANGEROUS_VETTING_COMMANDS_REQUIRE_FORCE

DEPENDENCIES_NOT_VETTED

  • Explanation: This error indicates a vetting request failed due to dependencies not being vetted. On every vetting request, the set supplied packages is analysed for dependencies. The system requires that not only the main packages are vetted explicitly but also all dependencies. This is necessary as not all participants are required to have the same packages installed and therefore not every participant can resolve the dependencies implicitly.
  • Resolution: Vet the dependencies first and then repeat your attempt.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DEPENDENCIES_NOT_VETTED

DISABLE_PARTY_WITH_ACTIVE_CONTRACTS_REQUIRES_FORCE

  • Explanation: This error indicates that a dangerous PartyToParticipant mapping deletion was rejected. If the command is run and there are active contracts where the party is a stakeholder these contracts will become inoperable and will never get pruned, leaking storage.
  • Resolution: Set force=true if you really know what you are doing.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DISABLE_PARTY_WITH_ACTIVE_CONTRACTS_REQUIRES_FORCE

UNINITIALIZED_PARTICIPANT

  • Explanation: This error indicates that a request involving topology management was attempted on a participant that is not yet initialised. During initialisation, only namespace and identifier delegations can be managed.
  • Resolution: Initialise the participant and retry.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: UNINITIALIZED_PARTICIPANT

4.1.3. Domain

DOMAIN_NODE_INITIALISATION_FAILED

  • Explanation: This error indicates that the initialisation of a domain node failed due to invalid arguments.
  • Resolution: Consult the error details.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: DOMAIN_NODE_INITIALISATION_FAILED

4.1.3.1. GrpcSequencerAuthenticationService

CLIENT_AUTHENTICATION_FAULTY

  • Explanation: This error indicates that a client failed to authenticate with the sequencer due to a reason possibly pointing out to faulty or malicious behaviour. The message is logged on the server in order to support an operator to provide explanations to clients struggling to connect.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: CLIENT_AUTHENTICATION_FAULTY

CLIENT_AUTHENTICATION_REJECTED

  • Explanation: This error indicates that a client failed to authenticate with the sequencer. The message is logged on the server in order to support an operator to provide explanations to clients struggling to connect.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side.
  • Scaladocs: CLIENT_AUTHENTICATION_REJECTED

4.2. DomainTopologySender

TOPOLOGY_DISPATCHING_DEGRADATION

  • Explanation: This warning occurs when the topology dispatcher experiences timeouts while trying to register topology transactions.
  • Resolution: This error should normally self-recover due to retries. If issue persist, contact support and investigate system state.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: TOPOLOGY_DISPATCHING_DEGRADATION

TOPOLOGY_DISPATCHING_INTERNAL_ERROR

  • Explanation: This error is emitted if there is a fundamental, un-expected situation during topology dispatching. In such a situation, the topology state of a newly onboarded participant or of all domain members might become outdated
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: TOPOLOGY_DISPATCHING_INTERNAL_ERROR

5. ConfigErrors

CANNOT_PARSE_CONFIG_FILES

  • Explanation: This error is usually thrown because a config file doesn’t contain configs in valid HOCON format. The most common cause of an invalid HOCON format is a forgotten bracket.
  • Resolution: Make sure that all files are in valid HOCON format.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: CANNOT_PARSE_CONFIG_FILES

CANNOT_READ_CONFIG_FILES

  • Explanation: This error is usually thrown when Canton can’t find a given configuration file.
  • Resolution: Make sure that the path and name of all configuration files is correctly specified.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: CANNOT_READ_CONFIG_FILES

CONFIG_SUBSTITUTION_ERROR

  • Resolution: A common cause of this error is attempting to use an environment variable that isn’t defined within a config-file.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: CONFIG_SUBSTITUTION_ERROR

CONFIG_VALIDATION_ERROR

  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: CONFIG_VALIDATION_ERROR

GENERIC_CONFIG_ERROR

  • Resolution: In general, this can be one of many errors since this is the ‘miscellaneous category’ of configuration errors. One of the more common errors in this category is an ‘unknown key’ error. This error usually means that a keyword that is not valid (e.g. it may have a typo ‘bort’ instead of ‘port’), or that a valid keyword at the wrong part of the configuration hierarchy was used (e.g. to enable database replication for a participant, the correct configuration is canton.participants.participant2.replication.enabled = true and not canton.participants.replication.enabled = true). Please refer to the scaladoc of either CantonEnterpriseConfig or CantonCommunityConfig (depending on whether the community or enterprise version is used) to find the valid configuration keywords and the correct position in the configuration hierarchy.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: GENERIC_CONFIG_ERROR

NO_CONFIG_FILES

  • Category: InvalidIndependentOfSystemState
  • Conveyance: Config errors are logged and output to stdout if starting Canton with a given configuration fails
  • Scaladocs: NO_CONFIG_FILES

6. CommandErrors

CONSOLE_COMMAND_INTERNAL_ERROR

CONSOLE_COMMAND_TIMED_OUT

  • Category: SystemInternalAssumptionViolated
  • Conveyance: These errors are shown as errors on the console.
  • Scaladocs: CONSOLE_COMMAND_TIMED_OUT

NODE_NOT_STARTED

  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: These errors are shown as errors on the console.
  • Scaladocs: NODE_NOT_STARTED

7. DatabaseStorageError

DB_CONNECTION_LOST

  • Explanation: This error indicates that the connection to the database has been lost.
  • Resolution: Inspect error message for details.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: DB_CONNECTION_LOST

DB_STORAGE_DEGRADATION

  • Explanation: This error indicates that degradation of database storage components.
  • Resolution: This error indicates performance degradation. The error occurs when a database task has been rejected, typically due to having a too small task queue. The task will be retried after a delay. If this error occurs frequently, however, you may want to consider increasing the task queue. (Config parameter: canton.<path-to-my-node>.storage.config.queueSize).
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: DB_STORAGE_DEGRADATION

8. HandshakeErrors

DEPRECATED_PROTOCOL_VERSION

  • Explanation: This error is logged or returned if a participant or domain are using deprecated protocol versions. Deprecated protocol versions might not be secure anymore.
  • Resolution: Migrate to a new domain that uses the most recent protocol version.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: DEPRECATED_PROTOCOL_VERSION

9. EnvelopeOpenerError

EVENT_DESERIALIZATION_ERROR

  • Explanation: This error indicates that the sequencer client was unable to parse a message. This indicates that the message has been created by a bogus or malicious sender. The message will be dropped.
  • Resolution: If no other errors are reported, Canton has recovered automatically. You should still consider to start an investigation to understand why the sender has sent an invalid message.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: EVENT_DESERIALIZATION_ERROR

10. FabricErrors

10.1. ConfigurationErrors

FABRIC_AHEAD_OF_HEAD

  • Explanation: This warning is logged on startup if the sequencer is configured to only start reading from a block that wasn’t ordered yet by the blockchain (e.g. sequencer is supposed to start reading from block 500, but the latest block is only 100). This is likely due to a misconfiguration.
  • Resolution: This issue frequently occurs when the blockchain is reset but the sequencer database configuration is not updated or the sequencer database (which persists the last block that was read by the sequencer) is not reset. Validate these settings and ensure that the sequencer is still reading from the same blockchain.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: FABRIC_AHEAD_OF_HEAD

FABRIC_MANY_BLOCKS_BEHIND_HEAD

  • Explanation: This error is logged when the sequencer is currently processing blocks that are very far behind the head of the blockchain of the connected Fabric network. The Fabric sequencer won’t observe new transactions in the blockchain until it has caught up to the head. This may take a long time depending on the blockchain length and number of Canton transaction in the blocks. Empirically, we have observed that the Canton sequencer processes roughly 500 empty blocks/second. This may vary strongly for non-empty blocks.
  • Resolution: Change the configuration of startBlockHeight for the Fabric sequencer when working with an existing (not fresh) Fabric network. Alternatively, wait until the sequencer has caught up to the head of the blockchain.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: FABRIC_MANY_BLOCKS_BEHIND_HEAD

10.2. TransactionErrors

FABRIC_TRANSACTION_INVALID

  • Explanation: This error happens when the Sequencer Fabric application reads a transaction from the blockchain which is malformed (e.g, missing arguments, arguments aren’t parseable or too large). This could happen if a malicious or faulty Fabric Sequencer node is placing faulty data on the blockchain.
  • Resolution: Generally, Canton should recover automatically from this error. The faulty transactions are simply skipped by all non-malicious/non-faulty sequencers in a deterministic way, so the integrity of the event stream across sequencer nodes should be maintained. If you continue to see this error, investigate whether some of the sequencer nodes in the network are misbehaving.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: FABRIC_TRANSACTION_INVALID

FABRIC_TRANSACTION_PROPOSAL_SUBMISSION_FAILED

  • Explanation: An error happened with the Fabric transaction proposal submissions possibly due to some of the peers being down or due to network issues. Thus won’t stop the transaction workflow, because there might still be enough successful responses to satisfy the endorsement policy. Therefore the transaction might still go through successfully despite this being logged.
  • Resolution: Generally, Canton should recover automatically from this error. If you continue to see this error, investigate possible root causes such as poor network connections, if the Fabric sequencer is properly configured with enough peers and if they are running.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: FABRIC_TRANSACTION_PROPOSAL_SUBMISSION_FAILED

FABRIC_TRANSACTION_SUBMISSION_FAILED

  • Explanation: This error is logged when the Sequencer Fabric application receives an error during any of the transaction flow steps that prevents the submission of a transaction over the Fabric client. Common causes for this are network errors, peers that are down or that there aren’t enough configured endorsers.
  • Resolution: Generally, Canton should recover automatically from this error. If you continue to see this error, investigate possible root causes such as poor network connections, if the Fabric sequencer is properly configured with enough peers and if they are running.
  • Category: TransientServerFailure
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status UNAVAILABLE including a detailed error message.
  • Scaladocs: FABRIC_TRANSACTION_SUBMISSION_FAILED

11. SequencerError

INVALID_ACKNOWLEDGEMENT_SIGNATURE

  • Explanation: This error indicates that the sequencer has detected an invalid acknowledgement request signature. This most likely indicates that the request is bogus and has been created by a malicious sequencer. So it will not get processed.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_ACKNOWLEDGEMENT_SIGNATURE

INVALID_ACKNOWLEDGEMENT_TIMESTAMP

  • Explanation: This error indicates that the member has acknowledged a timestamp that is after the events it has received. This violates the sequencing protocol.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_ACKNOWLEDGEMENT_TIMESTAMP

INVALID_ENVELOPE_SIGNATURE

  • Explanation: This error indicates that the sequencer has detected an invalid envelope signature in the submission request. This most likely indicates that the request is bogus and has been created by a malicious sequencer. So it will not get processed.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_ENVELOPE_SIGNATURE

INVALID_LEDGER_EVENT

  • Explanation: The sequencer has detected that some event that was placed on the ledger cannot be parsed. This may be due to some sequencer node acting maliciously or faulty. The event is ignored and processing continues as usual.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_LEDGER_EVENT

INVALID_SEQUENCER_PRUNING_REQUEST_ON_CHAIN

  • Explanation: This error indicates that some sequencer node has distributed an invalid sequencer pruning request via the blockchain. Either the sequencer nodes got out of sync or one of the sequencer nodes is buggy. The sequencer node will stop processing to prevent the danger of severe data corruption.
  • Resolution: Stop using the domain involving the sequencer nodes. Contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_SEQUENCER_PRUNING_REQUEST_ON_CHAIN

INVALID_SUBMISSION_REQUEST_SIGNATURE

  • Explanation: This error indicates that the sequencer has detected an invalid submission request signature. This most likely indicates that the request is bogus and has been created by a malicious sequencer. So it will not get processed.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: INVALID_SUBMISSION_REQUEST_SIGNATURE

MAX_REQUEST_SIZE_EXCEEDED

  • Explanation: This error means that the request size has exceeded the configured value maxRequestSize.
  • Resolution: Send smaller requests or increase the maxRequestSize in the domain parameters
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: MAX_REQUEST_SIZE_EXCEEDED

MAX_SEQUENCING_TIME_EXCEEDED

  • Explanation: This error indicates that a request was not sequenced because the sequencing time would exceed the max-sequencing-time of the request. This error usually happens if either a participant or mediator node is too slowly responding to requests, or if it is catching up after some downtime. In rare cases, it can happen if the sequencer nodes are massively overloaded. If it happens repeatedly, this information might indicate that there is a problem with the respective participant or mediator node.
  • Resolution: Inspect the time difference between sequenced and max-sequencing-time. If the time difference is large, then some remote node is catching up but sending messages during catch-up. If the difference is not too large, then the submitting node or this sequencer node might be overloaded.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side.
  • Scaladocs: MAX_SEQUENCING_TIME_EXCEEDED

MISSING_SUBMISSION_REQUEST_SIGNATURE_TIMESTAMP

  • Explanation: This error indicates that the sequencer has detected that the signed submission request being processed is missing a signature timestamp. It indicates that the sequencer node that placed the request is not following the protocol as there should always be a defined timestamp. This request will not get processed.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: MISSING_SUBMISSION_REQUEST_SIGNATURE_TIMESTAMP

MULTIPLE_MEDIATOR_RECIPIENTS

  • Explanation: This error indicates that the participant is trying to send envelopes to multiple mediators or mediator groups in the same submission request. This most likely indicates that the request is bogus and has been created by a malicious sequencer. So it will not get processed.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: MULTIPLE_MEDIATOR_RECIPIENTS

PAYLOAD_TO_EVENT_TIME_BOUND_EXCEEDED

  • Explanation: This warning indicates that the time difference between storing the payload and writing the” event exceeded the configured time bound, which resulted in the message to be discarded. This can happen during some failure event on the database which causes unexpected delay between these two database operations. (The two events need to be sufficiently close together to support pruning of payloads by timestamp).
  • Resolution: The submitting node will usually retry the command, but you should check the health of the sequencer node, in particular with respect to database processing.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: PAYLOAD_TO_EVENT_TIME_BOUND_EXCEEDED

12. EnterpriseGrpcVaultServiceError

INVALID_KMS_KEY_ID

  • Explanation: Selected KMS key id is invalid
  • Resolution: Specify a valid key id and retry.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: INVALID_KMS_KEY_ID

NO_ENCRYPTED_PRIVATE_KEY_STORE_ERROR

  • Explanation: Node is not running an encrypted private store
  • Resolution: Verify that an encrypted store and KMS config are set for this node.
  • Category: InternalUnsupportedOperation
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status UNIMPLEMENTED without any details for security reasons.
  • Scaladocs: NO_ENCRYPTED_PRIVATE_KEY_STORE_ERROR

REGISTER_KMS_KEY_INTERNAL_ERROR

  • Explanation: Internal error emitted upon failing to register a KMS key in Canton
  • Resolution: Contact support
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: REGISTER_KMS_KEY_INTERNAL_ERROR

WRAPPER_KEY_ALREADY_IN_USE_ERROR

  • Explanation: Selected wrapper key id for rotation is already in use
  • Resolution: Select a different key id and retry.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: WRAPPER_KEY_ALREADY_IN_USE_ERROR

WRAPPER_KEY_DISABLED_OR_DELETED_ERROR

  • Explanation: Selected wrapper key id for rotation cannot be used because key is disabled or set to be deleted
  • Resolution: Specify a key id from an active key and retry.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: WRAPPER_KEY_DISABLED_OR_DELETED_ERROR

WRAPPER_KEY_NOT_EXIST_ERROR

  • Explanation: Selected wrapper key id for rotation does not match any existing KMS key
  • Resolution: Specify a key id that matches an existing KMS key and retry.
  • Category: InvalidGivenCurrentSystemStateResourceMissing
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status NOT_FOUND including a detailed error message.
  • Scaladocs: WRAPPER_KEY_NOT_EXIST_ERROR

WRAPPER_KEY_ROTATION_INTERNAL_ERROR

  • Explanation: Internal error emitted upon internal wrapper key rotation errors
  • Resolution: Contact support
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: WRAPPER_KEY_ROTATION_INTERNAL_ERROR

13. MediatorError

MEDIATOR_INTERNAL_ERROR

  • Explanation: Request processing failed due to a violation of internal invariants. It indicates a bug at the mediator.
  • Resolution: Contact support.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: MEDIATOR_INTERNAL_ERROR

MEDIATOR_INVALID_MESSAGE

  • Explanation: The mediator has received an invalid message (request or response). The message will be discarded. As a consequence, the underlying request may be rejected. No corruption of the ledger is to be expected. This error is to be expected after a restart or failover of a mediator.
  • Resolution: Address the cause of the error. Let the submitter retry the command.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level WARN on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: MEDIATOR_INVALID_MESSAGE

MEDIATOR_RECEIVED_MALFORMED_MESSAGE

  • Explanation: The mediator has received a malformed message. This may occur due to a bug at the sender of the message. The message will be discarded. As a consequence, the underlying request may be rejected. No corruption of the ledger is to be expected.
  • Resolution: Contact support.
  • Category: SecurityAlert
  • Conveyance: This error is logged with log-level WARN on the server side. It is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
  • Scaladocs: MEDIATOR_RECEIVED_MALFORMED_MESSAGE

MEDIATOR_SAYS_TX_TIMED_OUT

  • Explanation: This rejection indicates that the transaction has been rejected by the mediator as it didn’t receive enough confirmations within the participant response timeout. The field “unresponsiveParties” in the error info contains the comma-separated list of parties that failed to send a response within the participant response timeout. This field is only present since protocol version 6
  • Resolution: Check that all involved participants are available and not overloaded.
  • Category: ContentionOnSharedResources
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status ABORTED including a detailed error message.
  • Scaladocs: MEDIATOR_SAYS_TX_TIMED_OUT

14. ProtoDeserializationError

PROTO_DESERIALIZATION_FAILURE

  • Explanation: This error indicates that an incoming administrative command could not be processed due to a malformed message.
  • Resolution: Inspect the error details and correct your application
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: PROTO_DESERIALIZATION_FAILURE

15. SequencerErrors

SEQUENCER_AGGREGATE_SUBMISSION_ALREADY_SENT

  • Explanation: This error occurs when the sequencer has already sent out the aggregate submission for the request.
  • Resolution: This is expected to happen during operation of a system with aggregate submissions enabled. No action required.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_AGGREGATE_SUBMISSION_ALREADY_SENT

SEQUENCER_AGGREGATE_SUBMISSION_STUFFING

  • Explanation: This error occurs when the sequencer already received the same submission request from the same sender.
  • Resolution: This error indicates that an aggregate submission has already been accepted by the sequencer and for some reason there is a repeated submission. This is likely caused by retrying a submission. This can usually be ignored.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_AGGREGATE_SUBMISSION_STUFFING

SEQUENCER_MAX_SEQUENCING_TIME_TOO_FAR

  • Explanation: Maximum sequencing time on the submission request is exceeding the maximum allowed interval into the future. Could be result of a concurrent dynamic domain parameter change for sequencerAggregateSubmissionTimeout.
  • Resolution: In case there was a recent concurrent dynamic domain parameter change, simply retry the submission. Otherwise this error code indicates a bug in Canton (a faulty node behaviour). Please contact customer support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_MAX_SEQUENCING_TIME_TOO_FAR

SEQUENCER_NOT_ENOUGH_TRAFFIC_CREDIT

  • Explanation: Sequencer has refused a submission request due to insufficient credits in the sender’s traffic balance.
  • Resolution: Acquire more traffic credits with the system by topping up traffic credits for the sender.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_NOT_ENOUGH_TRAFFIC_CREDIT

SEQUENCER_SIGNING_TIMESTAMP_AFTER_SEQUENCING_TIMESTAMP

  • Explanation: Timestamp of the signing key on the submission request is later than the sequencing time.
  • Resolution: This indicates a bug in Canton (a faulty node behaviour). Please contact customer support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_SIGNING_TIMESTAMP_AFTER_SEQUENCING_TIMESTAMP

SEQUENCER_SIGNING_TIMESTAMP_MISSING

  • Explanation: Timestamp of the signing key is missing on the submission request.
  • Resolution: This indicates a bug in Canton (a faulty node behaviour). Please contact customer support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_SIGNING_TIMESTAMP_MISSING

SEQUENCER_SIGNING_TIMESTAMP_TOO_EARLY

  • Explanation: Timestamp of the signing key on the submission request is earlier than allowed by the dynamic domain parameters.
  • Resolution: This indicates a bug in Canton (a faulty node behaviour). Please contact customer support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_SIGNING_TIMESTAMP_TOO_EARLY

SEQUENCER_SUBMISSION_REQUEST_MALFORMED

  • Explanation: This error occurs when the sequencer cannot parse the submission request.
  • Resolution: This usually indicates a misconfiguration of the system components or an application bug and requires operator intervention.
  • Category: InvalidIndependentOfSystemState
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status INVALID_ARGUMENT including a detailed error message.
  • Scaladocs: SEQUENCER_SUBMISSION_REQUEST_MALFORMED

SEQUENCER_SUBMISSION_REQUEST_REFUSED

  • Explanation: This error occurs when the sequencer cannot accept submission request due to the current state of the system.
  • Resolution: This usually indicates a misconfiguration of the system components or an application bug and requires operator intervention. Please refer to a specific error message to understand the exact cause.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_SUBMISSION_REQUEST_REFUSED

SEQUENCER_TOMBSTONE_PERSISTED

  • Explanation: An onboarded sequencer has put a tombstone in place of an event with a timestamp older than the sequencer signing key.
  • Resolution: Clients should connect to another sequencer with older event history to consume the tombstoned events before reconnecting to the recently onboarded sequencer.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_TOMBSTONE_PERSISTED

SEQUENCER_UNKNOWN_RECIPIENTS

  • Explanation: This error happens when a submission request specifies nodes that are not known to the sequencer.
  • Resolution: This indicates a bug in Canton (a faulty node behaviour). Please contact customer support.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_UNKNOWN_RECIPIENTS

16. ResilientSequencerSubscription

SEQUENCER_FORK_DETECTED

  • Explanation: This error is logged when a sequencer client determined a ledger fork, where a sequencer node responded with different events for the same timestamp / counter. Whenever a client reconnects to a domain, it will start with the last message received and compare whether that last message matches the one it received previously. If not, it will report with this error. A ledger fork should not happen in normal operation. It can happen if the backups have been taken in a wrong order and e.g. the participant was more advanced than the sequencer.
  • Resolution: You can recover by restoring the system with a correctly ordered backup. Please consult the respective sections in the manual.
  • Category: SystemInternalAssumptionViolated
  • Conveyance: This error is logged with log-level ERROR on the server side. It is exposed on the API with grpc-status INTERNAL without any details for security reasons.
  • Scaladocs: SEQUENCER_FORK_DETECTED

SEQUENCER_SUBSCRIPTION_LOST

  • Explanation: This warning is logged when a sequencer subscription is interrupted. The system will keep on retrying to reconnect indefinitely.
  • Resolution: Monitor the situation and contact the server operator if the issues does not resolve itself automatically.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: SEQUENCER_SUBSCRIPTION_LOST

17. SequencerSubscriptionError

SEQUENCER_TOMBSTONE_ENCOUNTERED

  • Explanation: This error indicates that a sequencer subscription to a recently onboarded sequencer attempted to read an event replaced with a tombstone. A tombstone occurs if the timestamp associated with the event predates the validity of the sequencer’s signing key. This error results in the sequencer client disconnecting from the sequencer.
  • Resolution: Connect to another sequencer with older event history to consume the tombstoned events before reconnecting to the recently onboarded sequencer.
  • Category: InvalidGivenCurrentSystemStateOther
  • Conveyance: This error is logged with log-level INFO on the server side and exposed on the API with grpc-status FAILED_PRECONDITION including a detailed error message.
  • Scaladocs: SEQUENCER_TOMBSTONE_ENCOUNTERED

18. Clock

SYSTEM_CLOCK_RUNNING_BACKWARDS

  • Explanation: This error is emitted if the unique time generation detects that the host system clock is lagging behind the unique time source by more than a second. This can occur if the system processes more than 2e6 events per second (unlikely) or when the underlying host system clock is running backwards.
  • Resolution: Inspect your host system. Generally, the unique time source is not negatively affected by a clock moving backwards and will keep functioning. Therefore, this message is just a warning about something strange being detected.
  • Category: BackgroundProcessDegradationWarning
  • Conveyance: This error is logged with log-level WARN on the server side.
  • Scaladocs: SYSTEM_CLOCK_RUNNING_BACKWARDS