Errors are typed in both Python and TypeScript SDKs. Every error carries a stable reason_code string that maps to the HTTP API contract.
Authentication
| Code | HTTP | Class | Meaning | Action |
|---|
AUTH_INVALID_KEY | 401 | OrisAuthError | API key missing or revoked | Re-issue from dashboard |
AUTH_SIGNATURE_INVALID | 401 | OrisAuthError | Ed25519 signature did not verify | Confirm private key + timestamp drift |
AUTH_NONCE_REPLAYED | 409 | OrisAuthError | Nonce reused within 30 s | Generate a fresh nonce |
AUTH_TIMESTAMP_DRIFT | 401 | OrisAuthError | Request timestamp outside 30 s window | Sync system clock |
Policy
| Code | HTTP | Class | Meaning | Action |
|---|
POLICY_AMOUNT_CAP | 403 | OrisPolicyDeny | max_per_tx exceeded | Use escalation or lower amount |
POLICY_DAILY_LIMIT | 403 | OrisPolicyDeny | max_daily exceeded | Wait until daily reset |
POLICY_MONTHLY_LIMIT | 403 | OrisPolicyDeny | max_monthly exceeded | Wait until monthly reset |
POLICY_COUNTERPARTY_NOT_ALLOWED | 403 | OrisPolicyDeny | Destination not in whitelist | Add to whitelist or remove rule |
POLICY_CATEGORY_NOT_ALLOWED | 403 | OrisPolicyDeny | Category not in allowed set | Update policy or use allowed category |
POLICY_ESCALATION_REQUIRED | 202 | OrisPolicyEscalation | Above escalation_threshold | Wait for human approval |
Compliance
| Code | HTTP | Class | Meaning | Action |
|---|
COMPLIANCE_SANCTIONS_HIT | 403 | OrisSanctionsError | Counterparty matched sanctions feed | Block. Do not retry. |
COMPLIANCE_RISK_TIER_BLOCKED | 403 | OrisRiskTierError | Veris returned Blocked tier | Review counterparty + drift signals |
COMPLIANCE_VERIS_TIMEOUT | 503 | OrisServiceError | Veris gRPC unreachable within budget | Retry after backoff |
Revocation
| Code | HTTP | Class | Meaning | Action |
|---|
REVOKED_TIER_1 | 403 | OrisRevocationError | Immediate revocation hit | Operator review required |
REVOKED_TIER_2 | 403 | OrisRevocationError | Behavioral revocation hit | Drift review + remediation |
Verifier
| Code | HTTP | Class | Meaning | Action |
|---|
SIGNATURE_INVALID | 422 | OrisBundleError | Bundle signature did not verify | Re-build the bundle |
BUNDLE_MALFORMED | 422 | OrisBundleError | Canonical bytes do not match schema | Verify canonical encoder version |
BUNDLE_EXPIRED | 422 | OrisBundleError | expires_at in the past | Re-sign with a fresh expiration |
NONCE_REPLAYED | 409 | OrisBundleError | Same nonce submitted twice | Generate fresh nonce |
Network adapter
| Code | HTTP | Class | Meaning | Action |
|---|
NETWORK_UNREACHABLE | 503 | OrisNetworkError | RPC endpoint down | Retry with exponential backoff |
NETWORK_INSUFFICIENT_BALANCE | 422 | OrisNetworkError | Wallet balance too low | Top up the wallet |
NETWORK_GAS_TOO_LOW | 422 | OrisNetworkError | Paymaster rejected | Retry with higher fee tolerance |
Rate limiting
| Code | HTTP | Class | Meaning | Action |
|---|
RATE_LIMIT_PER_KEY | 429 | OrisRateLimitError | Per-key quota exhausted | Back off; respect Retry-After |
RATE_LIMIT_PER_TENANT | 429 | OrisRateLimitError | Tenant-wide quota exhausted | Contact support to lift |
Where to go next
