diff --git a/common/client-core/src/error.rs b/common/client-core/src/error.rs index cb9b9126a3..653256df1f 100644 --- a/common/client-core/src/error.rs +++ b/common/client-core/src/error.rs @@ -214,6 +214,11 @@ pub enum ClientCoreError { #[error("this client has already registered with gateway {gateway_id}")] AlreadyRegistered { gateway_id: String }, + + #[error( + "fresh registration with gateway {gateway_id} somehow requires an additional key upgrade!" + )] + UnexpectedKeyUpgrade { gateway_id: String }, } /// Set of messages that the client can send to listeners via the task manager diff --git a/common/client-core/src/init/helpers.rs b/common/client-core/src/init/helpers.rs index 74298d0d6d..c6d17fc16d 100644 --- a/common/client-core/src/init/helpers.rs +++ b/common/client-core/src/init/helpers.rs @@ -331,9 +331,13 @@ pub(super) async fn register_with_gateway( } })?; - // we can ignore the authentication result because we have **REGISTERED** a fresh client - // (we didn't have a prior key to upgrade/authenticate with) - assert!(!auth_response.requires_key_upgrade); + // this should NEVER happen, if it did, it means the function was misused, + // because for any fresh **registration**, the derived key is always up to date + if auth_response.requires_key_upgrade { + return Err(ClientCoreError::UnexpectedKeyUpgrade { + gateway_id: gateway_id.to_base58_string(), + }); + } Ok(RegistrationResult { shared_keys: auth_response.initial_shared_key,