refactor: eliminate local ChittyID generation, enforce service-only minting with circuit breaker

[Copilot]

The worker was generating fallback ChittyIDs locally using hardcoded ERROR_CODES and ENTITY_TYPES, violating the CHARTER requirement that all IDs must originate from centralized services. Additionally, the fallback re-mint path lacked circuit breaker protection, risking unbounded failures.

Changes

• Replaced local fallback ID generation with service delegation

  • Removed generateFallbackErrorId() and associated constants (ERROR_CODES, ENTITY_TYPES)
  • Added requestFallbackIdFromService() that calls fallback.id.chitty.cc/api/fallback
  • Returns structured error object when fallback service is unavailable

• Added circuit breaker and timeout protection

  • Created fetchWithTimeout() using AbortController for configurable timeouts (default 30s)
  • Created fetchWithCircuitBreaker() combining circuit state checks with timeout handling
  • Applied to both primary minting and fallback re-mint paths in /api/validate
  • Integrated PipelineCircuitBreaker for automatic failure tracking and recovery

• Code quality improvements

  • Extracted getCircuitBreaker() helper to eliminate initialization duplication
  • Added JSDoc documentation for all utility functions

Example

Before (local generation):

function generateFallbackErrorId(errorCode, entityType, originalRequest) {
  const sequential = ERROR_CODES[errorCode] || ERROR_CODES.INTERNAL_ERROR;
  const type = ENTITY_TYPES[entityType?.toLowerCase()] || 'T';
  // ... local ID construction
  return `${version}-${region}-${jurisdiction}-${sequential}-${type}-${yearMonth}-${trustLevel}-${checksum}`;
}

After (service delegation):

async function requestFallbackIdFromService(errorCode, entityType, originalRequest, env) {
  const circuitBreaker = getCircuitBreaker(env);
  const response = await fetchWithCircuitBreaker(
    circuitBreaker,
    'fallback-id-service',
    'request-fallback-id',
    `${FALLBACK_ID_SERVICE}/api/fallback`,
    { method: 'POST', body: JSON.stringify({ errorCode, entityType, context }) },
    REQUEST_TIMEOUT
  );
  return result.chittyId;
}

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	chittyid	079f934	Commit Preview URL Branch Preview URL	Jan 25 2026, 07:14 AM

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• sparrow.cloudflare.com
  • Triggering command: /usr/local/bin/node /usr/local/bin/node --no-warnings --experimental-vm-modules /home/REDACTED/work/chittyid/chittyid/node_modules/wrangler/wrangler-dist/cli.js deploy --dry-run (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)