more verbose error message

src/state.rs

@@ -80,12 +80,20 @@ impl User
     /// Does this user have at least one trusted public key (they have produced a valid signature specified in `id_sig`).
     pub fn is_trusted(&self) -> eyre::Result<bool>
     {
-	for (key, (salt, sig)) in self.pubkey.iter().zip(self.id_sig.iter())
+	for (i, (key, (salt, sig))) in (0..).zip(self.pubkey.iter().zip(self.id_sig.iter()))
 	{
 	    if let Some(sig) = sig {
 		let hash = self.id.hash_with_salt(salt);
-		if sig.verify_slice(hash, key)
-		    .wrap_err(eyre!("Failed to verify signature"))? {
+		if sig.verify_slice(&hash, key)
+		    .with_section(move || format!("{:?}", key).header("Public key was"))
+		    .with_section(move || format!("{:?}", sig).header("Signature was"))
+		    .with_section(move || format!("{:?}", salt).header("Salt was"))
+		    .with_section(move || format!("{:?}", hash).header("Hash was"))
+		    .with_note(|| i.to_string().header("For pubkey"))
+		    .with_note(|| format!("{:?} ({:?})", self.id, self.ident).header("For user"))
+		    .with_warning(|| "This could indicate key or signature corruption. This key or signature may need to be removed.")
+		    .with_suggestion(|| "If the user is unable to produce a verifyable signature for this public key despite haiving access to the private key, the key may be corrupted and may need to be removed and replaced.")
+		    .wrap_err(eyre!("Failed to verify embedded signature of salted+hashed ID to complementary public key"))? {
 			return Ok(true);
 		    }
 	    }