It’d be helpful if the error message when a Git fetch is not allowed would say why it’s not allowed.

I had trouble syncing a private repository to another node. The other node was allowed (rad id --allow), but syncing did not work. On the other noee:

Jun 30 06:55:05 ci-private radicle-node[40057]: 2025-06-30T06:55:05.145+03:00 ERROR service  Fetch failed for rad:z26CwmuqeJnrL4RgkUSH3YMPgSYqG from z6MkgEMYod7Hxfy9qCvDv5hYHkZ4ciWmLFgfvm3Wn1b2w2FV: failed to perform fetch handshake

On the node of the delegate:

Peer z6MkvZwc7WFtLNMyYnupJLbuKrveZiNWeqLZrnwfvKpaCR2U failed to fetch rad:z26CwmuqeJnrL4RgkUSH3YMPgSYqG from us: z6MkvZwc7WFtLNMyYnupJLbuKrveZiNWeqLZrnwfvKpaCR2U is not authorized to fetch rad:z26CwmuqeJnrL4RgkUSH3YMPgSYqG

After inspecting the actual code in heartwood (is_authorized in crates/radicle-node/src/worker.rs, line 281 at commit 570bfc3bbd7692f7aa4fa28fae0ccd5c348b5532) is realized that the problem may be the seeding policy, not just whether the other node is allowed.

I ran rad seed rad:z26CwmuqeJnrL4RgkUSH3YMPgSYqG on the delegate node and this solved the problem.

I don’t know why the seeding policy changed. I don’t now have a way to check what it was.

Would it be possible to change the error to say “Not allowed because seeding policy is blocked” (or whatever) or “Not allowed because repository is private and other node is not allowed to see it”, in the local node log? The other node does not need to be told the detailed reason: that might help an attacker attack more smartly.