`!admin debug get-signing-keys` returns unhelpful error when run with no arguments #1458

New issue

Open

opened 2026-02-25 18:26:00 +00:00 by ginger · 1 comment

ginger commented

2026-02-25 18:26:00 +00:00

Owner

https://matrix.to/#/#continuwuity:continuwuity.org/$j3rk666MxnS0KwDHwA7fiMArORHhLkye8WbMvH1ijew

This command defaults to querying the local server's remote signing key cache for its own keys, which will always(?) fail. The server name argument should probably be required and error out if the local server's own name is given.

https://matrix.to/#/#continuwuity:continuwuity.org/$j3rk666MxnS0KwDHwA7fiMArORHhLkye8WbMvH1ijew This command defaults to querying the local server's remote signing key cache for its own keys, which will always(?) fail. The server name argument should probably be required and error out if the local server's own name is given.

ginger added the

labels

2026-02-25 18:26:00 +00:00

spaetz commented

2026-02-26 12:54:30 +00:00

"No notary could find our signing key" (or similar). On a 2nd glance, looking a the code, it seems that it does try to get the signing keys locally when there is no notary server configured. Not sure what the most useful behavior should be.

    !admin debug get-signing-keys

ServerSigningKeys {
    server_name: "sspaeth.de",
    verify_keys: {
        "ed25519:Krr0OT": VerifyKey {
            key: "Xn5LAj1Ru9s+IEUMBukuzOMTyjFVg+4Z9HZQz1jteVQ",
        },
        "ed25519:a_gvih": VerifyKey {
            key: "zeW/gHT+Kjt+eLBpsutVEwBx/OqEiOqdHOecZIyAdfs",
        },
        "ed25519:vmOIWsdz": VerifyKey {
            key: "ZoGCs4X8RPwZ/Jhr4VHBoLBywQGRpXBu5uorBtDU4rM",
        },
    },
    old_verify_keys: {},
    signatures: Signatures(
        {},
    ),
    valid_until_ts: 2026-02-25T19:09:06.790,
}

I was just trying to "fix" this by simply erroring out when no argument is given. However, there is actually useful output now when I call it without server argument. It verifies that my keys are available for the notary servers. (example output below). So, the only output that might be a bit more useful is that the error message could be a bit more useful, `no entry in db` (or similar), such as: "No notary could find our signing key" (or similar). On a 2nd glance, looking a [the code](https://forgejo.ellis.link/continuwuation/continuwuity/src/commit/8ce83a8a1426aa50989a54b30a8fc6f5470d352f/src/admin/debug/commands.rs#L685), it seems that it does try to get the signing keys locally when there is no notary server configured. Not sure what the most useful behavior should be. ``` !admin debug get-signing-keys ServerSigningKeys { server_name: "sspaeth.de", verify_keys: { "ed25519:Krr0OT": VerifyKey { key: "Xn5LAj1Ru9s+IEUMBukuzOMTyjFVg+4Z9HZQz1jteVQ", }, "ed25519:a_gvih": VerifyKey { key: "zeW/gHT+Kjt+eLBpsutVEwBx/OqEiOqdHOecZIyAdfs", }, "ed25519:vmOIWsdz": VerifyKey { key: "ZoGCs4X8RPwZ/Jhr4VHBoLBywQGRpXBu5uorBtDU4rM", }, }, old_verify_keys: {}, signatures: Signatures( {}, ), valid_until_ts: 2026-02-25T19:09:06.790, } ```