This is a lock script code using the same secp256k1 signature verification algorithm as used in bitcoin.
This version is deployed in the Lina and Aggron geneiss block and the source code can be found here.
Requesting index is out of boundary. This typically happens when a transaction has 3 inputs, but you are requesting for the 4th one.
Item missing. When requesting certain optional elements this can happen. For example, some cell might not have type scripts. If the script requires a type script but the prepared transaction doesn't have one, this will be returned.
Secp256k1 data loading error. Right now secp256k1's code and data sections are separated in different cells, if a transaction doesn't include the cell dep used to reference secp256k1's data section, this would be returned.
Secp256k1 encounters an illegal state. Ideally this should not happen, otherwise please fill a bug report.
Secp256k1 encounters an error state. Ideally this should not happen, otherwise please fill a bug report.
Argument length error. If the script receives an invalid length of arguments, this would be returned. Typically this means the lock/type script structure constructed has a problem, or a signature has an incorrect length.
Encoding error. Typically happens when the data fail molecule's parsing checks, or the data passed in surpasses the script's maximum allowed limit.
Syscall error. Happens when a syscall fails to load the requested data. When this happens, it's best to re-check the transaction to make sure it follows the enclosing scripts requirements, typical reasons include invalid cell data length/format, missing type scripts, missing required witnesses, etc.
Secp256k1 fails to recover a public key, please recheck the signature used.
Secp256k1 fails to parse the signature, please recheck to make sure a valid compact signature is used.
Secp256k1 fails to serialize the public key, please also check the signature here.
Script too long. The system script has a fixed upper bound on the accepted serialized script size(32K right now). If your script is too big(for example, an attacker includes too much script arg data), this would be returned.
Witness too long. The system script has a fixed upper bound on the accepted witness size(32K right now). If your witness is too big(for example, an attacker includes too much witness data), this would be returned.
The public key hash calculated from the signature does not match public key hash requested in the script. Note due to the way recoverable signature works, an invalid signature can actual signal this error.