From 779ac4f8052b1ae789458a7909170cd531d21365 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kyle=20=F0=9F=90=86?= Date: Thu, 16 Jul 2026 12:08:32 -0400 Subject: [PATCH] keep-nip46: surface malformed register_wallet hmac hex as InvalidInput --- keep-nip46/src/client.rs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/keep-nip46/src/client.rs b/keep-nip46/src/client.rs index 57baad45..d7e1f2cc 100644 --- a/keep-nip46/src/client.rs +++ b/keep-nip46/src/client.rs @@ -366,8 +366,12 @@ impl Nip46Client { } let decode_result = hex::decode(hex_str.trim()); hex_str.zeroize(); + // Malformed hex (odd length, non-hex chars) is an untrusted-input + // validation failure, same class as the too-long / wrong-length + // checks around it; surface it as InvalidInput so callers can + // handle all three consistently, not as a StorageErr. let decoded = decode_result.map_err(|e| { - StorageError::invalid_format(format!("register_wallet hmac hex: {e}")) + KeepError::InvalidInput(format!("register_wallet hmac hex: {e}")) })?; if decoded.len() != HMAC_SHA256_LEN { return Err(KeepError::InvalidInput(format!(