Address code review feedback

Copilot · Steake · Copilot · commit f07f0b580d95 · 2025-12-17T07:45:27.000Z
- Fix serialization error handling in proposal ID generation
- Add logging for guardian signature verification failures
- Improve error handling for invalid keys/signatures

Co-authored-by: Steake &lt;530040+Steake@users.noreply.github.com&gt;
diff --git a/crates/bitcell-governance/src/guardian.rs b/crates/bitcell-governance/src/guardian.rs
@@ -106,19 +106,42 @@ impl GuardianSet {
                 // Create PublicKey and Signature from bytes
                 let pubkey = match PublicKey::from_bytes(&guardian.pubkey) {
                     Ok(pk) => pk,
-                    Err(_) => continue,
+                    Err(e) => {
+                        tracing::warn!(
+                            guardian = %hex::encode(&guardian.pubkey),
+                            error = %e,
+                            "Invalid guardian public key"
+                        );
+                        continue;
+                    }
                 };
                 
                 let signature = match Signature::from_bytes(sig_bytes) {
                     Ok(sig) => sig,
-                    Err(_) => continue,
+                    Err(e) => {
+                        tracing::debug!(
+                            error = %e,
+                            "Invalid signature format"
+                        );
+                        continue;
+                    }
                 };
                 
                 // Verify signature
                 if pubkey.verify(message, &signature).is_ok() {
                     signed_guardians.insert(guardian.pubkey);
                     valid_count += 1;
+                    
+                    tracing::debug!(
+                        guardian = %guardian.name,
+                        "Valid guardian signature verified"
+                    );
                     break;
+                } else {
+                    tracing::debug!(
+                        guardian = %guardian.name,
+                        "Signature verification failed for guardian"
+                    );
                 }
             }
         }
diff --git a/crates/bitcell-governance/src/proposal.rs b/crates/bitcell-governance/src/proposal.rs
@@ -17,7 +17,12 @@ impl ProposalId {
     ) -> Self {
         let mut hasher = Sha256::new();
         hasher.update(proposer);
-        hasher.update(&bincode::serialize(proposal_type).unwrap_or_default());
+        
+        // Serialize proposal type - use expect since this should never fail
+        let type_bytes = bincode::serialize(proposal_type)
+            .expect("Failed to serialize proposal type - this is a bug");
+        hasher.update(&type_bytes);
+        
         hasher.update(description.as_bytes());
         hasher.update(&created_at.to_le_bytes());
         
