Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tinfoil.sh/llms.txt

Use this file to discover all available pages before exploring further.

API Errors

Since the Tinfoil SDK wraps the OpenAI client, standard API errors (AuthenticationError, RateLimitError, etc.) pass through unchanged. The SDK re-exports them so you can import and catch them directly. See the OpenAI error documentation for details.

Example: handling an AuthenticationError

import { TinfoilAI, AuthenticationError } from "tinfoil";

const client = new TinfoilAI({
  apiKey: "tk_invalid_key",
});

try {
  await client.chat.completions.create({
    model: "<MODEL_NAME>",
    messages: [{ role: "user", content: "Hello!" }],
  });
} catch (err) {
  if (err instanceof AuthenticationError) {
    console.error("Invalid API key:", err.status, err.message);
  }
}

Client Errors

The SDK verifies attestations, pins certificates, and encrypts payloads before any data leaves your machine. It retries transient failures automatically, but errors that persist will surface to your code as one of two typed errors. 
TinfoilError (base)
├── ConfigurationError  — Client misconfigured
└── AttestationError    — Attestation verification failed
All errors extend TinfoilError, which extends the native Error class. Each error includes a message string and an optional cause property containing the underlying error.
ErrorCauseWhat to do
ConfigurationErrorBad or missing client optionsFix your code. Retrying will not help.
AttestationErrorAttestation verification failedRetry. If it persists, it may indicate a genuine security issue.
In practice, you typically only need to distinguish ConfigurationError (a bug in your code) from transient errors: 
import { TinfoilAI, ConfigurationError, TinfoilError } from "tinfoil";

try {
  const completion = await client.chat.completions.create({
    model: "<MODEL_NAME>",
    messages: [{ role: "user", content: "Hello!" }],
  });
} catch (err) {
  if (err instanceof ConfigurationError) {
    // Fix your config and create a new client
  } else if (err instanceof TinfoilError) {
    // Transient or security error — you can retry or surface to the user
    console.error(err.message, err.cause); // cause has the underlying error
  }
}
The Rust SDK exposes one additional discriminator beyond the cross-language taxonomy: is_fetch() returns true for transport-level failures fetching attestation materials (network, HTTP, GitHub API), while is_attestation() is reserved for verification failures (signature, certificate, measurement mismatch). is_retryable() is is_fetch() plus the retryable subset of upstream API errors.