Skip to content

fix: make grant additive + surface real enclave errors#4

Merged
FiscalMindset merged 1 commit into
mainfrom
feat/grant-merge-and-error-surfacing
Jul 1, 2026
Merged

fix: make grant additive + surface real enclave errors#4
FiscalMindset merged 1 commit into
mainfrom
feat/grant-merge-and-error-surfacing

Conversation

@FiscalMindset

@FiscalMindset FiscalMindset commented Jul 1, 2026

Copy link
Copy Markdown
Owner

What & why

Fixes #2 and #3 from my improvement list — two operational gotchas that cost real diagnosis time this week (both hit firsthand).

#2grant no longer clobbers the egress allowlist

T3 replaces allowedHosts on every agent-auth update, so granting hosts one at a time silently dropped earlier ones (they'd start returning egress_denied mid-session). grantEgress now unions new hosts with the previously-granted set (cached per tenant in .blindfold/egress-hosts.json) and sends the full list. grant prints the complete authorized set; grant --replace forces a reset.

Verified: after seeding, granting api.twilio.com alone →

Contract is now authorized to call ALL of: api.github.com, api.stripe.com,
api.twilio.com, generativelanguage.googleapis.com, httpbin.org, s3.us-east-1.amazonaws.com

#3 — the proxy surfaces the real enclave error

Forward failures were swallowed as internal proxy error (a generic 500), hiding the actual cause. The proxy now returns the real T3 error as JSON with an actionable hint.

Verified (hitting an ungranted host):

{
  "error": "blindfold_forward_failed",
  "status": 400,
  "code": "bad_request",
  "detail": "http::call: host/http.egress_denied: host 'api.anthropic.com' is not in the authorised_hosts allowlist",
  "request_id": "4d5fb1df-…",
  "hint": "Egress is not authorized for 'api.anthropic.com'. Run: blindfold grant --host api.anthropic.com …"
}

Hints cover egress_denied, fuel_per_minute (rate limit), secrets-ACL, and JSON-payload. Granted-host happy path unchanged (github → 200).

Notes

  • .blindfold/egress-hosts.json is gitignored. No secrets committed.
  • integration-stack.md gotchas updated to "fixed".

Summary by cubic

Makes egress grants additive and surfaces real enclave errors with clear, actionable hints. Prevents dropped hosts during grants and replaces generic 500s with accurate statuses.

  • Bug Fixes
    • grant now unions new hosts with the cached set per tenant (.blindfold/egress-hosts.json) and sends the full allowlist; prints the complete authorized set; --replace resets.
    • Proxy returns T3 errors as JSON with status, code, detail, request_id, and a hint; maps egress_denied (suggests exact grant), fuel_per_minute (429/retry), secrets ACL (suggests blindfold init), and JSON-payload issues (use query params).
    • Docs updated; the cache file is gitignored.

Written for commit f2db86d. Summary will update on new commits.

Review in cubic

Two operational gotchas that cost real diagnosis time, fixed:

#2 grant no longer clobbers the egress allowlist. T3 replaces allowedHosts on
every agent-auth update, so grantEgress now unions new hosts with the
previously-granted set (cached per tenant in .blindfold/egress-hosts.json) and
sends the full list. `grant` prints the complete authorized set; `--replace`
forces a reset. Verified: granting one new host keeps all prior hosts.

#3 the proxy no longer hides enclave errors behind "internal proxy error". It
now returns the real T3 failure as JSON — status, code, detail, request_id, and
an actionable hint (egress_denied -> exact grant command; fuel_per_minute ->
retry; secrets-ACL -> blindfold init; JSON-payload -> query-string params).
Verified live against an ungranted host; granted-host happy path unchanged.
@FiscalMindset FiscalMindset merged commit ba10e59 into main Jul 1, 2026
3 checks passed
@FiscalMindset FiscalMindset deleted the feat/grant-merge-and-error-surfacing branch July 1, 2026 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants