@aastar/sdk 0.21.0 → 0.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (102) hide show
  1. package/dist/UserClient-AJOGJXOC.cjs +15 -0
  2. package/dist/{UserClient-FOAOBLGK.cjs.map → UserClient-AJOGJXOC.cjs.map} +1 -1
  3. package/dist/UserClient-Y65JLJ23.js +6 -0
  4. package/dist/{UserClient-BDGP37PK.js.map → UserClient-Y65JLJ23.js.map} +1 -1
  5. package/dist/account.cjs +7 -7
  6. package/dist/account.js +2 -2
  7. package/dist/admin.cjs +3 -3
  8. package/dist/admin.js +2 -2
  9. package/dist/airaccount.cjs +1 -1
  10. package/dist/airaccount.js +1 -1
  11. package/dist/channel.cjs +6 -6
  12. package/dist/channel.js +2 -2
  13. package/dist/{chunk-M5WFKETT.js → chunk-2TS6T2WY.js} +1512 -66
  14. package/dist/chunk-2TS6T2WY.js.map +1 -0
  15. package/dist/{chunk-WR4OZUXR.cjs → chunk-3OIVYXUG.cjs} +6 -6
  16. package/dist/{chunk-WR4OZUXR.cjs.map → chunk-3OIVYXUG.cjs.map} +1 -1
  17. package/dist/{chunk-63JM67L7.cjs → chunk-6ISQM3SF.cjs} +26 -26
  18. package/dist/{chunk-63JM67L7.cjs.map → chunk-6ISQM3SF.cjs.map} +1 -1
  19. package/dist/{chunk-IJN776TA.cjs → chunk-7HO4IUHZ.cjs} +32 -32
  20. package/dist/{chunk-IJN776TA.cjs.map → chunk-7HO4IUHZ.cjs.map} +1 -1
  21. package/dist/{chunk-Z4GZ6DQA.cjs → chunk-7RNOKMAJ.cjs} +9 -9
  22. package/dist/{chunk-Z4GZ6DQA.cjs.map → chunk-7RNOKMAJ.cjs.map} +1 -1
  23. package/dist/{chunk-GAMSWXWI.cjs → chunk-BBZAD5G2.cjs} +33 -17
  24. package/dist/chunk-BBZAD5G2.cjs.map +1 -0
  25. package/dist/{chunk-Y4EJX7UA.cjs → chunk-BLA57KBS.cjs} +12 -12
  26. package/dist/{chunk-Y4EJX7UA.cjs.map → chunk-BLA57KBS.cjs.map} +1 -1
  27. package/dist/{chunk-5JFYTJOE.cjs → chunk-DOVGH7HB.cjs} +4 -4
  28. package/dist/{chunk-5JFYTJOE.cjs.map → chunk-DOVGH7HB.cjs.map} +1 -1
  29. package/dist/{chunk-M7HXR7G5.cjs → chunk-FZLBMUPN.cjs} +5 -5
  30. package/dist/{chunk-M7HXR7G5.cjs.map → chunk-FZLBMUPN.cjs.map} +1 -1
  31. package/dist/{chunk-5NKU5NT5.js → chunk-JCK7VAZF.js} +8 -8
  32. package/dist/{chunk-5NKU5NT5.js.map → chunk-JCK7VAZF.js.map} +1 -1
  33. package/dist/{chunk-EY2AJTGV.js → chunk-LKSQASFZ.js} +3 -3
  34. package/dist/{chunk-EY2AJTGV.js.map → chunk-LKSQASFZ.js.map} +1 -1
  35. package/dist/{chunk-3HZEIFBW.cjs → chunk-MG72SGVS.cjs} +5 -5
  36. package/dist/{chunk-3HZEIFBW.cjs.map → chunk-MG72SGVS.cjs.map} +1 -1
  37. package/dist/{chunk-ENSMYCU6.js → chunk-MQMTICTP.js} +3 -3
  38. package/dist/{chunk-ENSMYCU6.js.map → chunk-MQMTICTP.js.map} +1 -1
  39. package/dist/{chunk-DQBKE4ND.js → chunk-R3N7L7RE.js} +4 -4
  40. package/dist/{chunk-DQBKE4ND.js.map → chunk-R3N7L7RE.js.map} +1 -1
  41. package/dist/{chunk-DEUBKZH5.cjs → chunk-RF3MSLRW.cjs} +16 -16
  42. package/dist/{chunk-DEUBKZH5.cjs.map → chunk-RF3MSLRW.cjs.map} +1 -1
  43. package/dist/{chunk-RXPSL33E.js → chunk-SNVHOCU6.js} +25 -9
  44. package/dist/chunk-SNVHOCU6.js.map +1 -0
  45. package/dist/{chunk-MCALA6WM.js → chunk-T2GF4S3E.js} +6 -6
  46. package/dist/{chunk-MCALA6WM.js.map → chunk-T2GF4S3E.js.map} +1 -1
  47. package/dist/{chunk-CIEYY3A6.cjs → chunk-TS5CXRNI.cjs} +1541 -64
  48. package/dist/chunk-TS5CXRNI.cjs.map +1 -0
  49. package/dist/{chunk-57XLR2NT.js → chunk-UUT246S2.js} +3 -3
  50. package/dist/{chunk-57XLR2NT.js.map → chunk-UUT246S2.js.map} +1 -1
  51. package/dist/{chunk-DF4WVR2H.js → chunk-VUNNHEND.js} +9 -9
  52. package/dist/{chunk-DF4WVR2H.js.map → chunk-VUNNHEND.js.map} +1 -1
  53. package/dist/{chunk-KZERVPUR.js → chunk-XTF6MNIK.js} +3 -3
  54. package/dist/{chunk-KZERVPUR.js.map → chunk-XTF6MNIK.js.map} +1 -1
  55. package/dist/{chunk-E4CQFW75.js → chunk-XZDMKHKG.js} +3 -3
  56. package/dist/{chunk-E4CQFW75.js.map → chunk-XZDMKHKG.js.map} +1 -1
  57. package/dist/core.cjs +295 -171
  58. package/dist/core.d.cts +362 -27
  59. package/dist/core.d.ts +362 -27
  60. package/dist/core.js +1 -1
  61. package/dist/dapp.cjs +5 -5
  62. package/dist/dapp.js +2 -2
  63. package/dist/enduser.cjs +6 -6
  64. package/dist/enduser.js +3 -3
  65. package/dist/identity.cjs +5 -5
  66. package/dist/identity.js +2 -2
  67. package/dist/index.cjs +396 -272
  68. package/dist/index.d.cts +1 -1
  69. package/dist/index.d.ts +1 -1
  70. package/dist/index.js +15 -15
  71. package/dist/kms.cjs +1 -1
  72. package/dist/kms.js +1 -1
  73. package/dist/operator.cjs +6 -6
  74. package/dist/operator.js +2 -2
  75. package/dist/paymaster.cjs +15 -15
  76. package/dist/paymaster.d.cts +13 -0
  77. package/dist/paymaster.d.ts +13 -0
  78. package/dist/paymaster.js +2 -2
  79. package/dist/{src-RSN4U2T2.js → src-MDGW57S5.js} +4 -4
  80. package/dist/src-MDGW57S5.js.map +1 -0
  81. package/dist/src-SCR3OCME.js +5 -0
  82. package/dist/src-SCR3OCME.js.map +1 -0
  83. package/dist/{src-CUHI6G6W.cjs → src-UQ4RDCJG.cjs} +297 -173
  84. package/dist/src-UQ4RDCJG.cjs.map +1 -0
  85. package/dist/{src-KHCWIS4Q.cjs → src-WGYHZSLY.cjs} +17 -17
  86. package/dist/src-WGYHZSLY.cjs.map +1 -0
  87. package/dist/tokens.cjs +3 -3
  88. package/dist/tokens.js +2 -2
  89. package/dist/x402.cjs +25 -25
  90. package/dist/x402.js +2 -2
  91. package/package.json +1 -1
  92. package/dist/UserClient-BDGP37PK.js +0 -6
  93. package/dist/UserClient-FOAOBLGK.cjs +0 -15
  94. package/dist/chunk-CIEYY3A6.cjs.map +0 -1
  95. package/dist/chunk-GAMSWXWI.cjs.map +0 -1
  96. package/dist/chunk-M5WFKETT.js.map +0 -1
  97. package/dist/chunk-RXPSL33E.js.map +0 -1
  98. package/dist/src-CUHI6G6W.cjs.map +0 -1
  99. package/dist/src-KHCWIS4Q.cjs.map +0 -1
  100. package/dist/src-RSN4U2T2.js.map +0 -1
  101. package/dist/src-XCV6BTSV.js +0 -5
  102. package/dist/src-XCV6BTSV.js.map +0 -1
package/dist/{chunk-CIEYY3A6.cjs → chunk-TS5CXRNI.cjs} RENAMED
@@ -36646,6 +36646,12 @@ function abytes(b, ...lengths) {
36646
36646
  if (lengths.length > 0 && !lengths.includes(b.length))
36647
36647
  throw new Error("Uint8Array expected of length " + lengths + ", got length=" + b.length);
36648
36648
  }
36649
+ function ahash(h) {
36650
+ if (typeof h !== "function" || typeof h.create !== "function")
36651
+ throw new Error("Hash should be wrapped by utils.createHasher");
36652
+ anumber(h.outputLen);
36653
+ anumber(h.blockLen);
36654
+ }
36649
36655
  function aexists(instance, checkFinished = true) {
36650
36656
  if (instance.destroyed)
36651
36657
  throw new Error("Hash instance has been destroyed");
@@ -36681,6 +36687,21 @@ function toBytes2(data) {
36681
36687
  abytes(data);
36682
36688
  return data;
36683
36689
  }
36690
+ function concatBytes(...arrays) {
36691
+ let sum = 0;
36692
+ for (let i = 0; i < arrays.length; i++) {
36693
+ const a = arrays[i];
36694
+ abytes(a);
36695
+ sum += a.length;
36696
+ }
36697
+ const res = new Uint8Array(sum);
36698
+ for (let i = 0, pad2 = 0; i < arrays.length; i++) {
36699
+ const a = arrays[i];
36700
+ res.set(a, pad2);
36701
+ pad2 += a.length;
36702
+ }
36703
+ return res;
36704
+ }
36684
36705
  var Hash = class {
36685
36706
  };
36686
36707
  function createHasher(hashCons) {
@@ -36705,9 +36726,9 @@ function randomBytes(bytesLength = 32) {
36705
36726
  function setBigUint64(view, byteOffset, value, isLE) {
36706
36727
  if (typeof view.setBigUint64 === "function")
36707
36728
  return view.setBigUint64(byteOffset, value, isLE);
36708
- const _32n = BigInt(32);
36729
+ const _32n2 = BigInt(32);
36709
36730
  const _u32_max = BigInt(4294967295);
36710
- const wh = Number(value >> _32n & _u32_max);
36731
+ const wh = Number(value >> _32n2 & _u32_max);
36711
36732
  const wl = Number(value & _u32_max);
36712
36733
  const h = isLE ? 4 : 0;
36713
36734
  const l = isLE ? 0 : 4;
@@ -36820,6 +36841,77 @@ var SHA256_IV = /* @__PURE__ */ Uint32Array.from([
36820
36841
  528734635,
36821
36842
  1541459225
36822
36843
  ]);
36844
+ var SHA384_IV = /* @__PURE__ */ Uint32Array.from([
36845
+ 3418070365,
36846
+ 3238371032,
36847
+ 1654270250,
36848
+ 914150663,
36849
+ 2438529370,
36850
+ 812702999,
36851
+ 355462360,
36852
+ 4144912697,
36853
+ 1731405415,
36854
+ 4290775857,
36855
+ 2394180231,
36856
+ 1750603025,
36857
+ 3675008525,
36858
+ 1694076839,
36859
+ 1203062813,
36860
+ 3204075428
36861
+ ]);
36862
+ var SHA512_IV = /* @__PURE__ */ Uint32Array.from([
36863
+ 1779033703,
36864
+ 4089235720,
36865
+ 3144134277,
36866
+ 2227873595,
36867
+ 1013904242,
36868
+ 4271175723,
36869
+ 2773480762,
36870
+ 1595750129,
36871
+ 1359893119,
36872
+ 2917565137,
36873
+ 2600822924,
36874
+ 725511199,
36875
+ 528734635,
36876
+ 4215389547,
36877
+ 1541459225,
36878
+ 327033209
36879
+ ]);
36880
+
36881
+ // ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/_u64.js
36882
+ var U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1);
36883
+ var _32n = /* @__PURE__ */ BigInt(32);
36884
+ function fromBig(n, le = false) {
36885
+ if (le)
36886
+ return { h: Number(n & U32_MASK64), l: Number(n >> _32n & U32_MASK64) };
36887
+ return { h: Number(n >> _32n & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 };
36888
+ }
36889
+ function split(lst, le = false) {
36890
+ const len = lst.length;
36891
+ let Ah = new Uint32Array(len);
36892
+ let Al = new Uint32Array(len);
36893
+ for (let i = 0; i < len; i++) {
36894
+ const { h, l } = fromBig(lst[i], le);
36895
+ [Ah[i], Al[i]] = [h, l];
36896
+ }
36897
+ return [Ah, Al];
36898
+ }
36899
+ var shrSH = (h, _l, s) => h >>> s;
36900
+ var shrSL = (h, l, s) => h << 32 - s | l >>> s;
36901
+ var rotrSH = (h, l, s) => h >>> s | l << 32 - s;
36902
+ var rotrSL = (h, l, s) => h << 32 - s | l >>> s;
36903
+ var rotrBH = (h, l, s) => h << 64 - s | l >>> s - 32;
36904
+ var rotrBL = (h, l, s) => h >>> s - 32 | l << 64 - s;
36905
+ function add(Ah, Al, Bh, Bl) {
36906
+ const l = (Al >>> 0) + (Bl >>> 0);
36907
+ return { h: Ah + Bh + (l / 2 ** 32 | 0) | 0, l: l | 0 };
36908
+ }
36909
+ var add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0);
36910
+ var add3H = (low, Ah, Bh, Ch) => Ah + Bh + Ch + (low / 2 ** 32 | 0) | 0;
36911
+ var add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0);
36912
+ var add4H = (low, Ah, Bh, Ch, Dh) => Ah + Bh + Ch + Dh + (low / 2 ** 32 | 0) | 0;
36913
+ var add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0);
36914
+ var add5H = (low, Ah, Bh, Ch, Dh, Eh) => Ah + Bh + Ch + Dh + Eh + (low / 2 ** 32 | 0) | 0;
36823
36915
 
36824
36916
  // ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/sha2.js
36825
36917
  var SHA256_K = /* @__PURE__ */ Uint32Array.from([
@@ -36959,7 +37051,227 @@ var SHA256 = class extends HashMD {
36959
37051
  clean(this.buffer);
36960
37052
  }
36961
37053
  };
37054
+ var K512 = /* @__PURE__ */ (() => split([
37055
+ "0x428a2f98d728ae22",
37056
+ "0x7137449123ef65cd",
37057
+ "0xb5c0fbcfec4d3b2f",
37058
+ "0xe9b5dba58189dbbc",
37059
+ "0x3956c25bf348b538",
37060
+ "0x59f111f1b605d019",
37061
+ "0x923f82a4af194f9b",
37062
+ "0xab1c5ed5da6d8118",
37063
+ "0xd807aa98a3030242",
37064
+ "0x12835b0145706fbe",
37065
+ "0x243185be4ee4b28c",
37066
+ "0x550c7dc3d5ffb4e2",
37067
+ "0x72be5d74f27b896f",
37068
+ "0x80deb1fe3b1696b1",
37069
+ "0x9bdc06a725c71235",
37070
+ "0xc19bf174cf692694",
37071
+ "0xe49b69c19ef14ad2",
37072
+ "0xefbe4786384f25e3",
37073
+ "0x0fc19dc68b8cd5b5",
37074
+ "0x240ca1cc77ac9c65",
37075
+ "0x2de92c6f592b0275",
37076
+ "0x4a7484aa6ea6e483",
37077
+ "0x5cb0a9dcbd41fbd4",
37078
+ "0x76f988da831153b5",
37079
+ "0x983e5152ee66dfab",
37080
+ "0xa831c66d2db43210",
37081
+ "0xb00327c898fb213f",
37082
+ "0xbf597fc7beef0ee4",
37083
+ "0xc6e00bf33da88fc2",
37084
+ "0xd5a79147930aa725",
37085
+ "0x06ca6351e003826f",
37086
+ "0x142929670a0e6e70",
37087
+ "0x27b70a8546d22ffc",
37088
+ "0x2e1b21385c26c926",
37089
+ "0x4d2c6dfc5ac42aed",
37090
+ "0x53380d139d95b3df",
37091
+ "0x650a73548baf63de",
37092
+ "0x766a0abb3c77b2a8",
37093
+ "0x81c2c92e47edaee6",
37094
+ "0x92722c851482353b",
37095
+ "0xa2bfe8a14cf10364",
37096
+ "0xa81a664bbc423001",
37097
+ "0xc24b8b70d0f89791",
37098
+ "0xc76c51a30654be30",
37099
+ "0xd192e819d6ef5218",
37100
+ "0xd69906245565a910",
37101
+ "0xf40e35855771202a",
37102
+ "0x106aa07032bbd1b8",
37103
+ "0x19a4c116b8d2d0c8",
37104
+ "0x1e376c085141ab53",
37105
+ "0x2748774cdf8eeb99",
37106
+ "0x34b0bcb5e19b48a8",
37107
+ "0x391c0cb3c5c95a63",
37108
+ "0x4ed8aa4ae3418acb",
37109
+ "0x5b9cca4f7763e373",
37110
+ "0x682e6ff3d6b2b8a3",
37111
+ "0x748f82ee5defb2fc",
37112
+ "0x78a5636f43172f60",
37113
+ "0x84c87814a1f0ab72",
37114
+ "0x8cc702081a6439ec",
37115
+ "0x90befffa23631e28",
37116
+ "0xa4506cebde82bde9",
37117
+ "0xbef9a3f7b2c67915",
37118
+ "0xc67178f2e372532b",
37119
+ "0xca273eceea26619c",
37120
+ "0xd186b8c721c0c207",
37121
+ "0xeada7dd6cde0eb1e",
37122
+ "0xf57d4f7fee6ed178",
37123
+ "0x06f067aa72176fba",
37124
+ "0x0a637dc5a2c898a6",
37125
+ "0x113f9804bef90dae",
37126
+ "0x1b710b35131c471b",
37127
+ "0x28db77f523047d84",
37128
+ "0x32caab7b40c72493",
37129
+ "0x3c9ebe0a15c9bebc",
37130
+ "0x431d67c49c100d4c",
37131
+ "0x4cc5d4becb3e42b6",
37132
+ "0x597f299cfc657e2a",
37133
+ "0x5fcb6fab3ad6faec",
37134
+ "0x6c44198c4a475817"
37135
+ ].map((n) => BigInt(n))))();
37136
+ var SHA512_Kh = /* @__PURE__ */ (() => K512[0])();
37137
+ var SHA512_Kl = /* @__PURE__ */ (() => K512[1])();
37138
+ var SHA512_W_H = /* @__PURE__ */ new Uint32Array(80);
37139
+ var SHA512_W_L = /* @__PURE__ */ new Uint32Array(80);
37140
+ var SHA512 = class extends HashMD {
37141
+ constructor(outputLen = 64) {
37142
+ super(128, outputLen, 16, false);
37143
+ this.Ah = SHA512_IV[0] | 0;
37144
+ this.Al = SHA512_IV[1] | 0;
37145
+ this.Bh = SHA512_IV[2] | 0;
37146
+ this.Bl = SHA512_IV[3] | 0;
37147
+ this.Ch = SHA512_IV[4] | 0;
37148
+ this.Cl = SHA512_IV[5] | 0;
37149
+ this.Dh = SHA512_IV[6] | 0;
37150
+ this.Dl = SHA512_IV[7] | 0;
37151
+ this.Eh = SHA512_IV[8] | 0;
37152
+ this.El = SHA512_IV[9] | 0;
37153
+ this.Fh = SHA512_IV[10] | 0;
37154
+ this.Fl = SHA512_IV[11] | 0;
37155
+ this.Gh = SHA512_IV[12] | 0;
37156
+ this.Gl = SHA512_IV[13] | 0;
37157
+ this.Hh = SHA512_IV[14] | 0;
37158
+ this.Hl = SHA512_IV[15] | 0;
37159
+ }
37160
+ // prettier-ignore
37161
+ get() {
37162
+ const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
37163
+ return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl];
37164
+ }
37165
+ // prettier-ignore
37166
+ set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) {
37167
+ this.Ah = Ah | 0;
37168
+ this.Al = Al | 0;
37169
+ this.Bh = Bh | 0;
37170
+ this.Bl = Bl | 0;
37171
+ this.Ch = Ch | 0;
37172
+ this.Cl = Cl | 0;
37173
+ this.Dh = Dh | 0;
37174
+ this.Dl = Dl | 0;
37175
+ this.Eh = Eh | 0;
37176
+ this.El = El | 0;
37177
+ this.Fh = Fh | 0;
37178
+ this.Fl = Fl | 0;
37179
+ this.Gh = Gh | 0;
37180
+ this.Gl = Gl | 0;
37181
+ this.Hh = Hh | 0;
37182
+ this.Hl = Hl | 0;
37183
+ }
37184
+ process(view, offset) {
37185
+ for (let i = 0; i < 16; i++, offset += 4) {
37186
+ SHA512_W_H[i] = view.getUint32(offset);
37187
+ SHA512_W_L[i] = view.getUint32(offset += 4);
37188
+ }
37189
+ for (let i = 16; i < 80; i++) {
37190
+ const W15h = SHA512_W_H[i - 15] | 0;
37191
+ const W15l = SHA512_W_L[i - 15] | 0;
37192
+ const s0h = rotrSH(W15h, W15l, 1) ^ rotrSH(W15h, W15l, 8) ^ shrSH(W15h, W15l, 7);
37193
+ const s0l = rotrSL(W15h, W15l, 1) ^ rotrSL(W15h, W15l, 8) ^ shrSL(W15h, W15l, 7);
37194
+ const W2h = SHA512_W_H[i - 2] | 0;
37195
+ const W2l = SHA512_W_L[i - 2] | 0;
37196
+ const s1h = rotrSH(W2h, W2l, 19) ^ rotrBH(W2h, W2l, 61) ^ shrSH(W2h, W2l, 6);
37197
+ const s1l = rotrSL(W2h, W2l, 19) ^ rotrBL(W2h, W2l, 61) ^ shrSL(W2h, W2l, 6);
37198
+ const SUMl = add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]);
37199
+ const SUMh = add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]);
37200
+ SHA512_W_H[i] = SUMh | 0;
37201
+ SHA512_W_L[i] = SUMl | 0;
37202
+ }
37203
+ let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
37204
+ for (let i = 0; i < 80; i++) {
37205
+ const sigma1h = rotrSH(Eh, El, 14) ^ rotrSH(Eh, El, 18) ^ rotrBH(Eh, El, 41);
37206
+ const sigma1l = rotrSL(Eh, El, 14) ^ rotrSL(Eh, El, 18) ^ rotrBL(Eh, El, 41);
37207
+ const CHIh = Eh & Fh ^ ~Eh & Gh;
37208
+ const CHIl = El & Fl ^ ~El & Gl;
37209
+ const T1ll = add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]);
37210
+ const T1h = add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]);
37211
+ const T1l = T1ll | 0;
37212
+ const sigma0h = rotrSH(Ah, Al, 28) ^ rotrBH(Ah, Al, 34) ^ rotrBH(Ah, Al, 39);
37213
+ const sigma0l = rotrSL(Ah, Al, 28) ^ rotrBL(Ah, Al, 34) ^ rotrBL(Ah, Al, 39);
37214
+ const MAJh = Ah & Bh ^ Ah & Ch ^ Bh & Ch;
37215
+ const MAJl = Al & Bl ^ Al & Cl ^ Bl & Cl;
37216
+ Hh = Gh | 0;
37217
+ Hl = Gl | 0;
37218
+ Gh = Fh | 0;
37219
+ Gl = Fl | 0;
37220
+ Fh = Eh | 0;
37221
+ Fl = El | 0;
37222
+ ({ h: Eh, l: El } = add(Dh | 0, Dl | 0, T1h | 0, T1l | 0));
37223
+ Dh = Ch | 0;
37224
+ Dl = Cl | 0;
37225
+ Ch = Bh | 0;
37226
+ Cl = Bl | 0;
37227
+ Bh = Ah | 0;
37228
+ Bl = Al | 0;
37229
+ const All = add3L(T1l, sigma0l, MAJl);
37230
+ Ah = add3H(All, T1h, sigma0h, MAJh);
37231
+ Al = All | 0;
37232
+ }
37233
+ ({ h: Ah, l: Al } = add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0));
37234
+ ({ h: Bh, l: Bl } = add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0));
37235
+ ({ h: Ch, l: Cl } = add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0));
37236
+ ({ h: Dh, l: Dl } = add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0));
37237
+ ({ h: Eh, l: El } = add(this.Eh | 0, this.El | 0, Eh | 0, El | 0));
37238
+ ({ h: Fh, l: Fl } = add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0));
37239
+ ({ h: Gh, l: Gl } = add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0));
37240
+ ({ h: Hh, l: Hl } = add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0));
37241
+ this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
37242
+ }
37243
+ roundClean() {
37244
+ clean(SHA512_W_H, SHA512_W_L);
37245
+ }
37246
+ destroy() {
37247
+ clean(this.buffer);
37248
+ this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
37249
+ }
37250
+ };
37251
+ var SHA384 = class extends SHA512 {
37252
+ constructor() {
37253
+ super(48);
37254
+ this.Ah = SHA384_IV[0] | 0;
37255
+ this.Al = SHA384_IV[1] | 0;
37256
+ this.Bh = SHA384_IV[2] | 0;
37257
+ this.Bl = SHA384_IV[3] | 0;
37258
+ this.Ch = SHA384_IV[4] | 0;
37259
+ this.Cl = SHA384_IV[5] | 0;
37260
+ this.Dh = SHA384_IV[6] | 0;
37261
+ this.Dl = SHA384_IV[7] | 0;
37262
+ this.Eh = SHA384_IV[8] | 0;
37263
+ this.El = SHA384_IV[9] | 0;
37264
+ this.Fh = SHA384_IV[10] | 0;
37265
+ this.Fl = SHA384_IV[11] | 0;
37266
+ this.Gh = SHA384_IV[12] | 0;
37267
+ this.Gl = SHA384_IV[13] | 0;
37268
+ this.Hh = SHA384_IV[14] | 0;
37269
+ this.Hl = SHA384_IV[15] | 0;
37270
+ }
37271
+ };
36962
37272
  var sha256 = /* @__PURE__ */ createHasher(() => new SHA256());
37273
+ var sha512 = /* @__PURE__ */ createHasher(() => new SHA512());
37274
+ var sha384 = /* @__PURE__ */ createHasher(() => new SHA384());
36963
37275
 
36964
37276
  // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/abstract/utils.js
36965
37277
  var _0n = /* @__PURE__ */ BigInt(0);
@@ -36975,6 +37287,10 @@ function abool(title, value) {
36975
37287
  if (typeof value !== "boolean")
36976
37288
  throw new Error(title + " boolean expected, got " + value);
36977
37289
  }
37290
+ function numberToHexUnpadded(num) {
37291
+ const hex = num.toString(16);
37292
+ return hex.length & 1 ? "0" + hex : hex;
37293
+ }
36978
37294
  function hexToNumber(hex) {
36979
37295
  if (typeof hex !== "string")
36980
37296
  throw new Error("hex string expected, got " + typeof hex);
@@ -37057,7 +37373,7 @@ function ensureBytes(title, hex, expectedLength) {
37057
37373
  throw new Error(title + " of length " + expectedLength + " expected, got " + len);
37058
37374
  return res;
37059
37375
  }
37060
- function concatBytes(...arrays) {
37376
+ function concatBytes2(...arrays) {
37061
37377
  let sum = 0;
37062
37378
  for (let i = 0; i < arrays.length; i++) {
37063
37379
  const a = arrays[i];
@@ -37065,10 +37381,10 @@ function concatBytes(...arrays) {
37065
37381
  sum += a.length;
37066
37382
  }
37067
37383
  const res = new Uint8Array(sum);
37068
- for (let i = 0, pad = 0; i < arrays.length; i++) {
37384
+ for (let i = 0, pad2 = 0; i < arrays.length; i++) {
37069
37385
  const a = arrays[i];
37070
- res.set(a, pad);
37071
- pad += a.length;
37386
+ res.set(a, pad2);
37387
+ pad2 += a.length;
37072
37388
  }
37073
37389
  return res;
37074
37390
  }
@@ -37095,6 +37411,56 @@ function bitGet(n, pos) {
37095
37411
  return n >> BigInt(pos) & _1n;
37096
37412
  }
37097
37413
  var bitMask = (n) => (_1n << BigInt(n)) - _1n;
37414
+ var u8n = (len) => new Uint8Array(len);
37415
+ var u8fr = (arr) => Uint8Array.from(arr);
37416
+ function createHmacDrbg(hashLen, qByteLen, hmacFn) {
37417
+ if (typeof hashLen !== "number" || hashLen < 2)
37418
+ throw new Error("hashLen must be a number");
37419
+ if (typeof qByteLen !== "number" || qByteLen < 2)
37420
+ throw new Error("qByteLen must be a number");
37421
+ if (typeof hmacFn !== "function")
37422
+ throw new Error("hmacFn must be a function");
37423
+ let v = u8n(hashLen);
37424
+ let k = u8n(hashLen);
37425
+ let i = 0;
37426
+ const reset = () => {
37427
+ v.fill(1);
37428
+ k.fill(0);
37429
+ i = 0;
37430
+ };
37431
+ const h = (...b) => hmacFn(k, v, ...b);
37432
+ const reseed = (seed = u8n(0)) => {
37433
+ k = h(u8fr([0]), seed);
37434
+ v = h();
37435
+ if (seed.length === 0)
37436
+ return;
37437
+ k = h(u8fr([1]), seed);
37438
+ v = h();
37439
+ };
37440
+ const gen = () => {
37441
+ if (i++ >= 1e3)
37442
+ throw new Error("drbg: tried 1000 values");
37443
+ let len = 0;
37444
+ const out = [];
37445
+ while (len < qByteLen) {
37446
+ v = h();
37447
+ const sl = v.slice();
37448
+ out.push(sl);
37449
+ len += v.length;
37450
+ }
37451
+ return concatBytes2(...out);
37452
+ };
37453
+ const genUntil = (seed, pred) => {
37454
+ reset();
37455
+ reseed(seed);
37456
+ let res = void 0;
37457
+ while (!(res = pred(gen())))
37458
+ reseed();
37459
+ reset();
37460
+ return res;
37461
+ };
37462
+ return genUntil;
37463
+ }
37098
37464
  var validatorFns = {
37099
37465
  bigint: (val) => typeof val === "bigint",
37100
37466
  function: (val) => typeof val === "function",
@@ -37434,22 +37800,22 @@ function expand_message_xmd(msg, DST, lenInBytes, H) {
37434
37800
  abytes2(DST);
37435
37801
  anum(lenInBytes);
37436
37802
  if (DST.length > 255)
37437
- DST = H(concatBytes(utf8ToBytes2("H2C-OVERSIZE-DST-"), DST));
37803
+ DST = H(concatBytes2(utf8ToBytes2("H2C-OVERSIZE-DST-"), DST));
37438
37804
  const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H;
37439
37805
  const ell = Math.ceil(lenInBytes / b_in_bytes);
37440
37806
  if (lenInBytes > 65535 || ell > 255)
37441
37807
  throw new Error("expand_message_xmd: invalid lenInBytes");
37442
- const DST_prime = concatBytes(DST, i2osp(DST.length, 1));
37808
+ const DST_prime = concatBytes2(DST, i2osp(DST.length, 1));
37443
37809
  const Z_pad = i2osp(0, r_in_bytes);
37444
37810
  const l_i_b_str = i2osp(lenInBytes, 2);
37445
37811
  const b = new Array(ell);
37446
- const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
37447
- b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime));
37812
+ const b_0 = H(concatBytes2(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
37813
+ b[0] = H(concatBytes2(b_0, i2osp(1, 1), DST_prime));
37448
37814
  for (let i = 1; i <= ell; i++) {
37449
37815
  const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime];
37450
- b[i] = H(concatBytes(...args));
37816
+ b[i] = H(concatBytes2(...args));
37451
37817
  }
37452
- const pseudo_random_bytes = concatBytes(...b);
37818
+ const pseudo_random_bytes = concatBytes2(...b);
37453
37819
  return pseudo_random_bytes.slice(0, lenInBytes);
37454
37820
  }
37455
37821
  function expand_message_xof(msg, DST, lenInBytes, k, H) {
@@ -37787,6 +38153,12 @@ function validateBasic(curve) {
37787
38153
  }
37788
38154
 
37789
38155
  // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/abstract/weierstrass.js
38156
+ function validateSigVerOpts(opts) {
38157
+ if (opts.lowS !== void 0)
38158
+ abool("lowS", opts.lowS);
38159
+ if (opts.prehash !== void 0)
38160
+ abool("prehash", opts.prehash);
38161
+ }
37790
38162
  function validatePointOpts(curve) {
37791
38163
  const opts = validateBasic(curve);
37792
38164
  validateObject(opts, {
@@ -37812,6 +38184,114 @@ function validatePointOpts(curve) {
37812
38184
  }
37813
38185
  return Object.freeze({ ...opts });
37814
38186
  }
38187
+ var DERErr = class extends Error {
38188
+ constructor(m = "") {
38189
+ super(m);
38190
+ }
38191
+ };
38192
+ var DER = {
38193
+ // asn.1 DER encoding utils
38194
+ Err: DERErr,
38195
+ // Basic building block is TLV (Tag-Length-Value)
38196
+ _tlv: {
38197
+ encode: (tag, data) => {
38198
+ const { Err: E } = DER;
38199
+ if (tag < 0 || tag > 256)
38200
+ throw new E("tlv.encode: wrong tag");
38201
+ if (data.length & 1)
38202
+ throw new E("tlv.encode: unpadded data");
38203
+ const dataLen = data.length / 2;
38204
+ const len = numberToHexUnpadded(dataLen);
38205
+ if (len.length / 2 & 128)
38206
+ throw new E("tlv.encode: long form length too big");
38207
+ const lenLen = dataLen > 127 ? numberToHexUnpadded(len.length / 2 | 128) : "";
38208
+ const t = numberToHexUnpadded(tag);
38209
+ return t + lenLen + len + data;
38210
+ },
38211
+ // v - value, l - left bytes (unparsed)
38212
+ decode(tag, data) {
38213
+ const { Err: E } = DER;
38214
+ let pos = 0;
38215
+ if (tag < 0 || tag > 256)
38216
+ throw new E("tlv.encode: wrong tag");
38217
+ if (data.length < 2 || data[pos++] !== tag)
38218
+ throw new E("tlv.decode: wrong tlv");
38219
+ const first = data[pos++];
38220
+ const isLong = !!(first & 128);
38221
+ let length = 0;
38222
+ if (!isLong)
38223
+ length = first;
38224
+ else {
38225
+ const lenLen = first & 127;
38226
+ if (!lenLen)
38227
+ throw new E("tlv.decode(long): indefinite length not supported");
38228
+ if (lenLen > 4)
38229
+ throw new E("tlv.decode(long): byte length is too big");
38230
+ const lengthBytes = data.subarray(pos, pos + lenLen);
38231
+ if (lengthBytes.length !== lenLen)
38232
+ throw new E("tlv.decode: length bytes not complete");
38233
+ if (lengthBytes[0] === 0)
38234
+ throw new E("tlv.decode(long): zero leftmost byte");
38235
+ for (const b of lengthBytes)
38236
+ length = length << 8 | b;
38237
+ pos += lenLen;
38238
+ if (length < 128)
38239
+ throw new E("tlv.decode(long): not minimal encoding");
38240
+ }
38241
+ const v = data.subarray(pos, pos + length);
38242
+ if (v.length !== length)
38243
+ throw new E("tlv.decode: wrong value length");
38244
+ return { v, l: data.subarray(pos + length) };
38245
+ }
38246
+ },
38247
+ // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag,
38248
+ // since we always use positive integers here. It must always be empty:
38249
+ // - add zero byte if exists
38250
+ // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding)
38251
+ _int: {
38252
+ encode(num) {
38253
+ const { Err: E } = DER;
38254
+ if (num < _0n4)
38255
+ throw new E("integer: negative integers are not allowed");
38256
+ let hex = numberToHexUnpadded(num);
38257
+ if (Number.parseInt(hex[0], 16) & 8)
38258
+ hex = "00" + hex;
38259
+ if (hex.length & 1)
38260
+ throw new E("unexpected DER parsing assertion: unpadded hex");
38261
+ return hex;
38262
+ },
38263
+ decode(data) {
38264
+ const { Err: E } = DER;
38265
+ if (data[0] & 128)
38266
+ throw new E("invalid signature integer: negative");
38267
+ if (data[0] === 0 && !(data[1] & 128))
38268
+ throw new E("invalid signature integer: unnecessary leading zero");
38269
+ return bytesToNumberBE(data);
38270
+ }
38271
+ },
38272
+ toSig(hex) {
38273
+ const { Err: E, _int: int, _tlv: tlv } = DER;
38274
+ const data = ensureBytes("signature", hex);
38275
+ const { v: seqBytes, l: seqLeftBytes } = tlv.decode(48, data);
38276
+ if (seqLeftBytes.length)
38277
+ throw new E("invalid signature: left bytes after parsing");
38278
+ const { v: rBytes, l: rLeftBytes } = tlv.decode(2, seqBytes);
38279
+ const { v: sBytes, l: sLeftBytes } = tlv.decode(2, rLeftBytes);
38280
+ if (sLeftBytes.length)
38281
+ throw new E("invalid signature: left bytes after parsing");
38282
+ return { r: int.decode(rBytes), s: int.decode(sBytes) };
38283
+ },
38284
+ hexFromSig(sig) {
38285
+ const { _tlv: tlv, _int: int } = DER;
38286
+ const rs = tlv.encode(2, int.encode(sig.r));
38287
+ const ss = tlv.encode(2, int.encode(sig.s));
38288
+ const seq = rs + ss;
38289
+ return tlv.encode(48, seq);
38290
+ }
38291
+ };
38292
+ function numToSizedHex(num, size4) {
38293
+ return bytesToHex(numberToBytesBE(num, size4));
38294
+ }
37815
38295
  var _0n4 = BigInt(0);
37816
38296
  var _1n4 = BigInt(1);
37817
38297
  var _2n2 = BigInt(2);
@@ -37821,9 +38301,9 @@ function weierstrassPoints(opts) {
37821
38301
  const CURVE = validatePointOpts(opts);
37822
38302
  const { Fp: Fp3 } = CURVE;
37823
38303
  const Fn = Field(CURVE.n, CURVE.nBitLength);
37824
- const toBytes6 = CURVE.toBytes || ((_c, point, _isCompressed) => {
38304
+ const toBytes7 = CURVE.toBytes || ((_c, point, _isCompressed) => {
37825
38305
  const a = point.toAffine();
37826
- return concatBytes(Uint8Array.from([4]), Fp3.toBytes(a.x), Fp3.toBytes(a.y));
38306
+ return concatBytes2(Uint8Array.from([4]), Fp3.toBytes(a.x), Fp3.toBytes(a.y));
37827
38307
  });
37828
38308
  const fromBytes = CURVE.fromBytes || ((bytes) => {
37829
38309
  const tail = bytes.subarray(1);
@@ -38201,7 +38681,7 @@ function weierstrassPoints(opts) {
38201
38681
  toRawBytes(isCompressed = true) {
38202
38682
  abool("isCompressed", isCompressed);
38203
38683
  this.assertValidity();
38204
- return toBytes6(Point, this, isCompressed);
38684
+ return toBytes7(Point, this, isCompressed);
38205
38685
  }
38206
38686
  toHex(isCompressed = true) {
38207
38687
  abool("isCompressed", isCompressed);
@@ -38220,6 +38700,343 @@ function weierstrassPoints(opts) {
38220
38700
  isWithinCurveOrder
38221
38701
  };
38222
38702
  }
38703
+ function validateOpts(curve) {
38704
+ const opts = validateBasic(curve);
38705
+ validateObject(opts, {
38706
+ hash: "hash",
38707
+ hmac: "function",
38708
+ randomBytes: "function"
38709
+ }, {
38710
+ bits2int: "function",
38711
+ bits2int_modN: "function",
38712
+ lowS: "boolean"
38713
+ });
38714
+ return Object.freeze({ lowS: true, ...opts });
38715
+ }
38716
+ function weierstrass(curveDef) {
38717
+ const CURVE = validateOpts(curveDef);
38718
+ const { Fp: Fp3, n: CURVE_ORDER, nByteLength, nBitLength } = CURVE;
38719
+ const compressedLen = Fp3.BYTES + 1;
38720
+ const uncompressedLen = 2 * Fp3.BYTES + 1;
38721
+ function modN(a) {
38722
+ return mod(a, CURVE_ORDER);
38723
+ }
38724
+ function invN(a) {
38725
+ return invert(a, CURVE_ORDER);
38726
+ }
38727
+ const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder } = weierstrassPoints({
38728
+ ...CURVE,
38729
+ toBytes(_c, point, isCompressed) {
38730
+ const a = point.toAffine();
38731
+ const x = Fp3.toBytes(a.x);
38732
+ const cat = concatBytes2;
38733
+ abool("isCompressed", isCompressed);
38734
+ if (isCompressed) {
38735
+ return cat(Uint8Array.from([point.hasEvenY() ? 2 : 3]), x);
38736
+ } else {
38737
+ return cat(Uint8Array.from([4]), x, Fp3.toBytes(a.y));
38738
+ }
38739
+ },
38740
+ fromBytes(bytes) {
38741
+ const len = bytes.length;
38742
+ const head = bytes[0];
38743
+ const tail = bytes.subarray(1);
38744
+ if (len === compressedLen && (head === 2 || head === 3)) {
38745
+ const x = bytesToNumberBE(tail);
38746
+ if (!inRange(x, _1n4, Fp3.ORDER))
38747
+ throw new Error("Point is not on curve");
38748
+ const y2 = weierstrassEquation(x);
38749
+ let y;
38750
+ try {
38751
+ y = Fp3.sqrt(y2);
38752
+ } catch (sqrtError) {
38753
+ const suffix = sqrtError instanceof Error ? ": " + sqrtError.message : "";
38754
+ throw new Error("Point is not on curve" + suffix);
38755
+ }
38756
+ const isYOdd = (y & _1n4) === _1n4;
38757
+ const isHeadOdd = (head & 1) === 1;
38758
+ if (isHeadOdd !== isYOdd)
38759
+ y = Fp3.neg(y);
38760
+ return { x, y };
38761
+ } else if (len === uncompressedLen && head === 4) {
38762
+ const x = Fp3.fromBytes(tail.subarray(0, Fp3.BYTES));
38763
+ const y = Fp3.fromBytes(tail.subarray(Fp3.BYTES, 2 * Fp3.BYTES));
38764
+ return { x, y };
38765
+ } else {
38766
+ const cl = compressedLen;
38767
+ const ul = uncompressedLen;
38768
+ throw new Error("invalid Point, expected length of " + cl + ", or uncompressed " + ul + ", got " + len);
38769
+ }
38770
+ }
38771
+ });
38772
+ function isBiggerThanHalfOrder(number) {
38773
+ const HALF = CURVE_ORDER >> _1n4;
38774
+ return number > HALF;
38775
+ }
38776
+ function normalizeS(s) {
38777
+ return isBiggerThanHalfOrder(s) ? modN(-s) : s;
38778
+ }
38779
+ const slcNum = (b, from, to) => bytesToNumberBE(b.slice(from, to));
38780
+ class Signature {
38781
+ constructor(r, s, recovery) {
38782
+ aInRange("r", r, _1n4, CURVE_ORDER);
38783
+ aInRange("s", s, _1n4, CURVE_ORDER);
38784
+ this.r = r;
38785
+ this.s = s;
38786
+ if (recovery != null)
38787
+ this.recovery = recovery;
38788
+ Object.freeze(this);
38789
+ }
38790
+ // pair (bytes of r, bytes of s)
38791
+ static fromCompact(hex) {
38792
+ const l = nByteLength;
38793
+ hex = ensureBytes("compactSignature", hex, l * 2);
38794
+ return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l));
38795
+ }
38796
+ // DER encoded ECDSA signature
38797
+ // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script
38798
+ static fromDER(hex) {
38799
+ const { r, s } = DER.toSig(ensureBytes("DER", hex));
38800
+ return new Signature(r, s);
38801
+ }
38802
+ /**
38803
+ * @todo remove
38804
+ * @deprecated
38805
+ */
38806
+ assertValidity() {
38807
+ }
38808
+ addRecoveryBit(recovery) {
38809
+ return new Signature(this.r, this.s, recovery);
38810
+ }
38811
+ recoverPublicKey(msgHash) {
38812
+ const { r, s, recovery: rec } = this;
38813
+ const h = bits2int_modN(ensureBytes("msgHash", msgHash));
38814
+ if (rec == null || ![0, 1, 2, 3].includes(rec))
38815
+ throw new Error("recovery id invalid");
38816
+ const radj = rec === 2 || rec === 3 ? r + CURVE.n : r;
38817
+ if (radj >= Fp3.ORDER)
38818
+ throw new Error("recovery id 2 or 3 invalid");
38819
+ const prefix = (rec & 1) === 0 ? "02" : "03";
38820
+ const R = Point.fromHex(prefix + numToSizedHex(radj, Fp3.BYTES));
38821
+ const ir = invN(radj);
38822
+ const u1 = modN(-h * ir);
38823
+ const u2 = modN(s * ir);
38824
+ const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2);
38825
+ if (!Q)
38826
+ throw new Error("point at infinify");
38827
+ Q.assertValidity();
38828
+ return Q;
38829
+ }
38830
+ // Signatures should be low-s, to prevent malleability.
38831
+ hasHighS() {
38832
+ return isBiggerThanHalfOrder(this.s);
38833
+ }
38834
+ normalizeS() {
38835
+ return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this;
38836
+ }
38837
+ // DER-encoded
38838
+ toDERRawBytes() {
38839
+ return hexToBytes(this.toDERHex());
38840
+ }
38841
+ toDERHex() {
38842
+ return DER.hexFromSig(this);
38843
+ }
38844
+ // padded bytes of r, then padded bytes of s
38845
+ toCompactRawBytes() {
38846
+ return hexToBytes(this.toCompactHex());
38847
+ }
38848
+ toCompactHex() {
38849
+ const l = nByteLength;
38850
+ return numToSizedHex(this.r, l) + numToSizedHex(this.s, l);
38851
+ }
38852
+ }
38853
+ const utils = {
38854
+ isValidPrivateKey(privateKey) {
38855
+ try {
38856
+ normPrivateKeyToScalar(privateKey);
38857
+ return true;
38858
+ } catch (error) {
38859
+ return false;
38860
+ }
38861
+ },
38862
+ normPrivateKeyToScalar,
38863
+ /**
38864
+ * Produces cryptographically secure private key from random of size
38865
+ * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible.
38866
+ */
38867
+ randomPrivateKey: () => {
38868
+ const length = getMinHashLength(CURVE.n);
38869
+ return mapHashToField(CURVE.randomBytes(length), CURVE.n);
38870
+ },
38871
+ /**
38872
+ * Creates precompute table for an arbitrary EC point. Makes point "cached".
38873
+ * Allows to massively speed-up `point.multiply(scalar)`.
38874
+ * @returns cached point
38875
+ * @example
38876
+ * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey));
38877
+ * fast.multiply(privKey); // much faster ECDH now
38878
+ */
38879
+ precompute(windowSize = 8, point = Point.BASE) {
38880
+ point._setWindowSize(windowSize);
38881
+ point.multiply(BigInt(3));
38882
+ return point;
38883
+ }
38884
+ };
38885
+ function getPublicKey(privateKey, isCompressed = true) {
38886
+ return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed);
38887
+ }
38888
+ function isProbPub(item) {
38889
+ if (typeof item === "bigint")
38890
+ return false;
38891
+ if (item instanceof Point)
38892
+ return true;
38893
+ const arr = ensureBytes("key", item);
38894
+ const len = arr.length;
38895
+ const fpl = Fp3.BYTES;
38896
+ const compLen = fpl + 1;
38897
+ const uncompLen = 2 * fpl + 1;
38898
+ if (CURVE.allowedPrivateKeyLengths || nByteLength === compLen) {
38899
+ return void 0;
38900
+ } else {
38901
+ return len === compLen || len === uncompLen;
38902
+ }
38903
+ }
38904
+ function getSharedSecret(privateA, publicB, isCompressed = true) {
38905
+ if (isProbPub(privateA) === true)
38906
+ throw new Error("first arg must be private key");
38907
+ if (isProbPub(publicB) === false)
38908
+ throw new Error("second arg must be public key");
38909
+ const b = Point.fromHex(publicB);
38910
+ return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed);
38911
+ }
38912
+ const bits2int = CURVE.bits2int || function(bytes) {
38913
+ if (bytes.length > 8192)
38914
+ throw new Error("input is too large");
38915
+ const num = bytesToNumberBE(bytes);
38916
+ const delta = bytes.length * 8 - nBitLength;
38917
+ return delta > 0 ? num >> BigInt(delta) : num;
38918
+ };
38919
+ const bits2int_modN = CURVE.bits2int_modN || function(bytes) {
38920
+ return modN(bits2int(bytes));
38921
+ };
38922
+ const ORDER_MASK = bitMask(nBitLength);
38923
+ function int2octets(num) {
38924
+ aInRange("num < 2^" + nBitLength, num, _0n4, ORDER_MASK);
38925
+ return numberToBytesBE(num, nByteLength);
38926
+ }
38927
+ function prepSig(msgHash, privateKey, opts = defaultSigOpts) {
38928
+ if (["recovered", "canonical"].some((k) => k in opts))
38929
+ throw new Error("sign() legacy options not supported");
38930
+ const { hash, randomBytes: randomBytes2 } = CURVE;
38931
+ let { lowS, prehash, extraEntropy: ent } = opts;
38932
+ if (lowS == null)
38933
+ lowS = true;
38934
+ msgHash = ensureBytes("msgHash", msgHash);
38935
+ validateSigVerOpts(opts);
38936
+ if (prehash)
38937
+ msgHash = ensureBytes("prehashed msgHash", hash(msgHash));
38938
+ const h1int = bits2int_modN(msgHash);
38939
+ const d = normPrivateKeyToScalar(privateKey);
38940
+ const seedArgs = [int2octets(d), int2octets(h1int)];
38941
+ if (ent != null && ent !== false) {
38942
+ const e = ent === true ? randomBytes2(Fp3.BYTES) : ent;
38943
+ seedArgs.push(ensureBytes("extraEntropy", e));
38944
+ }
38945
+ const seed = concatBytes2(...seedArgs);
38946
+ const m = h1int;
38947
+ function k2sig(kBytes) {
38948
+ const k = bits2int(kBytes);
38949
+ if (!isWithinCurveOrder(k))
38950
+ return;
38951
+ const ik = invN(k);
38952
+ const q = Point.BASE.multiply(k).toAffine();
38953
+ const r = modN(q.x);
38954
+ if (r === _0n4)
38955
+ return;
38956
+ const s = modN(ik * modN(m + r * d));
38957
+ if (s === _0n4)
38958
+ return;
38959
+ let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n4);
38960
+ let normS = s;
38961
+ if (lowS && isBiggerThanHalfOrder(s)) {
38962
+ normS = normalizeS(s);
38963
+ recovery ^= 1;
38964
+ }
38965
+ return new Signature(r, normS, recovery);
38966
+ }
38967
+ return { seed, k2sig };
38968
+ }
38969
+ const defaultSigOpts = { lowS: CURVE.lowS, prehash: false };
38970
+ const defaultVerOpts = { lowS: CURVE.lowS, prehash: false };
38971
+ function sign(msgHash, privKey, opts = defaultSigOpts) {
38972
+ const { seed, k2sig } = prepSig(msgHash, privKey, opts);
38973
+ const C = CURVE;
38974
+ const drbg = createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac);
38975
+ return drbg(seed, k2sig);
38976
+ }
38977
+ Point.BASE._setWindowSize(8);
38978
+ function verify(signature, msgHash, publicKey, opts = defaultVerOpts) {
38979
+ const sg = signature;
38980
+ msgHash = ensureBytes("msgHash", msgHash);
38981
+ publicKey = ensureBytes("publicKey", publicKey);
38982
+ const { lowS, prehash, format } = opts;
38983
+ validateSigVerOpts(opts);
38984
+ if ("strict" in opts)
38985
+ throw new Error("options.strict was renamed to lowS");
38986
+ if (format !== void 0 && format !== "compact" && format !== "der")
38987
+ throw new Error("format must be compact or der");
38988
+ const isHex4 = typeof sg === "string" || isBytes2(sg);
38989
+ const isObj = !isHex4 && !format && typeof sg === "object" && sg !== null && typeof sg.r === "bigint" && typeof sg.s === "bigint";
38990
+ if (!isHex4 && !isObj)
38991
+ throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");
38992
+ let _sig = void 0;
38993
+ let P;
38994
+ try {
38995
+ if (isObj)
38996
+ _sig = new Signature(sg.r, sg.s);
38997
+ if (isHex4) {
38998
+ try {
38999
+ if (format !== "compact")
39000
+ _sig = Signature.fromDER(sg);
39001
+ } catch (derError) {
39002
+ if (!(derError instanceof DER.Err))
39003
+ throw derError;
39004
+ }
39005
+ if (!_sig && format !== "der")
39006
+ _sig = Signature.fromCompact(sg);
39007
+ }
39008
+ P = Point.fromHex(publicKey);
39009
+ } catch (error) {
39010
+ return false;
39011
+ }
39012
+ if (!_sig)
39013
+ return false;
39014
+ if (lowS && _sig.hasHighS())
39015
+ return false;
39016
+ if (prehash)
39017
+ msgHash = CURVE.hash(msgHash);
39018
+ const { r, s } = _sig;
39019
+ const h = bits2int_modN(msgHash);
39020
+ const is = invN(s);
39021
+ const u1 = modN(h * is);
39022
+ const u2 = modN(r * is);
39023
+ const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine();
39024
+ if (!R)
39025
+ return false;
39026
+ const v = modN(R.x);
39027
+ return v === r;
39028
+ }
39029
+ return {
39030
+ CURVE,
39031
+ getPublicKey,
39032
+ getSharedSecret,
39033
+ sign,
39034
+ verify,
39035
+ ProjectivePoint: Point,
39036
+ Signature,
39037
+ utils
39038
+ };
39039
+ }
38223
39040
  function SWUFpSqrtRatio(Fp3, Z) {
38224
39041
  const q = Fp3.ORDER;
38225
39042
  let l = _0n4;
@@ -38770,7 +39587,7 @@ function tower12(opts) {
38770
39587
  throw new Error("fromBytes invalid length=" + b.length);
38771
39588
  return { c0: Fp3.fromBytes(b.subarray(0, Fp3.BYTES)), c1: Fp3.fromBytes(b.subarray(Fp3.BYTES)) };
38772
39589
  },
38773
- toBytes: ({ c0, c1 }) => concatBytes(Fp3.toBytes(c0), Fp3.toBytes(c1)),
39590
+ toBytes: ({ c0, c1 }) => concatBytes2(Fp3.toBytes(c0), Fp3.toBytes(c1)),
38774
39591
  cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({
38775
39592
  c0: Fp3.cmov(c0, r0, c),
38776
39593
  c1: Fp3.cmov(c1, r1, c)
@@ -38877,7 +39694,7 @@ function tower12(opts) {
38877
39694
  c2: Fp22.fromBytes(b.subarray(2 * Fp22.BYTES))
38878
39695
  };
38879
39696
  },
38880
- toBytes: ({ c0, c1, c2 }) => concatBytes(Fp22.toBytes(c0), Fp22.toBytes(c1), Fp22.toBytes(c2)),
39697
+ toBytes: ({ c0, c1, c2 }) => concatBytes2(Fp22.toBytes(c0), Fp22.toBytes(c1), Fp22.toBytes(c2)),
38881
39698
  cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({
38882
39699
  c0: Fp22.cmov(c0, r0, c),
38883
39700
  c1: Fp22.cmov(c1, r1, c),
@@ -39004,7 +39821,7 @@ function tower12(opts) {
39004
39821
  c1: Fp62.fromBytes(b.subarray(Fp62.BYTES))
39005
39822
  };
39006
39823
  },
39007
- toBytes: ({ c0, c1 }) => concatBytes(Fp62.toBytes(c0), Fp62.toBytes(c1)),
39824
+ toBytes: ({ c0, c1 }) => concatBytes2(Fp62.toBytes(c0), Fp62.toBytes(c1)),
39008
39825
  cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({
39009
39826
  c0: Fp62.cmov(c0, r0, c),
39010
39827
  c1: Fp62.cmov(c1, r1, c)
@@ -39366,14 +40183,14 @@ function signatureG2ToRawBytes(point) {
39366
40183
  point.assertValidity();
39367
40184
  const len = Fp.BYTES;
39368
40185
  if (point.equals(bls12_381.G2.ProjectivePoint.ZERO))
39369
- return concatBytes(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
40186
+ return concatBytes2(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
39370
40187
  const { x, y } = point.toAffine();
39371
40188
  const { re: x0, im: x1 } = Fp2.reim(x);
39372
40189
  const { re: y0, im: y1 } = Fp2.reim(y);
39373
40190
  const tmp = y1 > _0n7 ? y1 * _2n5 : y0 * _2n5;
39374
40191
  const sort = Boolean(tmp / Fp.ORDER & _1n7);
39375
40192
  const z2 = x0;
39376
- return concatBytes(setMask(numberToBytesBE(x1, len), { sort, compressed: true }), numberToBytesBE(z2, len));
40193
+ return concatBytes2(setMask(numberToBytesBE(x1, len), { sort, compressed: true }), numberToBytesBE(z2, len));
39377
40194
  }
39378
40195
  var bls12_381 = bls({
39379
40196
  // Fields
@@ -39462,10 +40279,10 @@ var bls12_381 = bls({
39462
40279
  return setMask(numberToBytesBE(x, Fp.BYTES), { compressed: true, sort });
39463
40280
  } else {
39464
40281
  if (isZero) {
39465
- const x2 = concatBytes(new Uint8Array([64]), new Uint8Array(2 * Fp.BYTES - 1));
40282
+ const x2 = concatBytes2(new Uint8Array([64]), new Uint8Array(2 * Fp.BYTES - 1));
39466
40283
  return x2;
39467
40284
  } else {
39468
- return concatBytes(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES));
40285
+ return concatBytes2(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES));
39469
40286
  }
39470
40287
  }
39471
40288
  },
@@ -39599,15 +40416,15 @@ var bls12_381 = bls({
39599
40416
  const { x, y } = point.toAffine();
39600
40417
  if (isCompressed) {
39601
40418
  if (isZero)
39602
- return concatBytes(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
40419
+ return concatBytes2(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
39603
40420
  const flag = Boolean(y.c1 === _0n7 ? y.c0 * _2n5 / P : y.c1 * _2n5 / P);
39604
- return concatBytes(setMask(numberToBytesBE(x.c1, len), { compressed: true, sort: flag }), numberToBytesBE(x.c0, len));
40421
+ return concatBytes2(setMask(numberToBytesBE(x.c1, len), { compressed: true, sort: flag }), numberToBytesBE(x.c0, len));
39605
40422
  } else {
39606
40423
  if (isZero)
39607
- return concatBytes(new Uint8Array([64]), new Uint8Array(4 * len - 1));
40424
+ return concatBytes2(new Uint8Array([64]), new Uint8Array(4 * len - 1));
39608
40425
  const { re: x0, im: x1 } = Fp2.reim(x);
39609
40426
  const { re: y0, im: y1 } = Fp2.reim(y);
39610
- return concatBytes(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len));
40427
+ return concatBytes2(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len));
39611
40428
  }
39612
40429
  },
39613
40430
  Signature: {
@@ -42083,16 +42900,59 @@ var airAccountFactoryActions = (address) => (client) => ({
42083
42900
  }
42084
42901
  }
42085
42902
  });
42086
-
42087
- // ../core/src/actions/airAccountExtension.ts
42903
+ var GUARDIAN_REMOVAL_NONCE_SLOT = 15n;
42904
+ var TIER_LIMIT_NONCE_SLOT = 16n;
42905
+ var RECOVERY_NONCE_SLOT = 38n;
42906
+ var GUARDIAN_ADDITION_NONCE_SLOT = 39n;
42907
+ var MAX_GUARDIAN_SLOT = 2;
42088
42908
  var V7_ABI = AAStarAirAccountV7ABI;
42089
42909
  var EXT_ABI = AirAccountExtensionABI;
42090
- var BATCH2 = (fn) => {
42091
- throw new AAStarError(
42092
- "E4001" /* NOT_IMPLEMENTED */,
42093
- `${fn} is part of the Batch 2 / P-256 (WebAuthn) guardian feature and is not yet wired into the SDK. The v0.20.0 contract supports it (AirAccountExtension, via the account fallback), but the SDK assertion/payload encoders land in Batch 2.`
42094
- );
42095
- };
42910
+ function feeOverrides(maxFeePerGas, maxPriorityFeePerGas) {
42911
+ return {
42912
+ ...maxFeePerGas !== void 0 ? { maxFeePerGas } : {},
42913
+ ...maxPriorityFeePerGas !== void 0 ? { maxPriorityFeePerGas } : {}
42914
+ };
42915
+ }
42916
+ function validateMixedSigs(signerIdxs, sigs) {
42917
+ validateRequired(signerIdxs, "signerIdxs");
42918
+ validateRequired(sigs, "sigs");
42919
+ if (signerIdxs.length !== sigs.length) {
42920
+ throw new AAStarError(
42921
+ "E1003" /* INVALID_PARAMETER */,
42922
+ `signerIdxs (${signerIdxs.length}) and sigs (${sigs.length}) must have equal length`
42923
+ );
42924
+ }
42925
+ if (signerIdxs.length < 2) {
42926
+ throw new AAStarError(
42927
+ "E1003" /* INVALID_PARAMETER */,
42928
+ `mixed-sig guardian operations require at least RECOVERY_THRESHOLD (2) signatures, got ${signerIdxs.length}`
42929
+ );
42930
+ }
42931
+ const seen = /* @__PURE__ */ new Set();
42932
+ for (const idx of signerIdxs) {
42933
+ if (!Number.isInteger(idx) || idx < 0 || idx > MAX_GUARDIAN_SLOT) {
42934
+ throw new AAStarError(
42935
+ "E1003" /* INVALID_PARAMETER */,
42936
+ `signerIdxs must be integers in 0..${MAX_GUARDIAN_SLOT} (max ${MAX_GUARDIAN_SLOT + 1} guardian slots), got ${idx}`
42937
+ );
42938
+ }
42939
+ if (seen.has(idx)) {
42940
+ throw new AAStarError(
42941
+ "E1003" /* INVALID_PARAMETER */,
42942
+ `signerIdxs must be unique (the contract rejects a duplicate guardian slot via DuplicateGuardianSig), got repeated ${idx}`
42943
+ );
42944
+ }
42945
+ seen.add(idx);
42946
+ }
42947
+ }
42948
+ async function readNonceSlot(client, address, slot, fn) {
42949
+ try {
42950
+ const raw = await client.getStorageAt({ address, slot: viem.numberToHex(slot, { size: 32 }) });
42951
+ return raw && raw !== "0x" ? BigInt(raw) : 0n;
42952
+ } catch (error) {
42953
+ throw AAStarError.fromViemError(error, fn);
42954
+ }
42955
+ }
42096
42956
  var airAccountExtensionActions = (address) => (client) => ({
42097
42957
  // ── Views ─────────────────────────────────────────────────────────────────
42098
42958
  async getRecoveryNonce() {
@@ -42121,34 +42981,222 @@ var airAccountExtensionActions = (address) => (client) => ({
42121
42981
  throw AAStarError.fromViemError(error, "getGuardianP256Key");
42122
42982
  }
42123
42983
  },
42124
- // ── Batch 2 stubs ──────────────────────────────────────────────────────────
42125
- // Each references its ABI functionName so the doc-coverage gate counts the
42126
- // wrapper while the real encoder is deferred to Batch 2.
42127
- async addP256Guardian() {
42128
- return BATCH2("addP256Guardian");
42984
+ // Internal-slot nonce reads (no public getter on-chain). Cross-validated on-chain against
42985
+ // `getRecoveryNonce()` (slot 38) in tests/regression/onchain-evidence/p256-guardian-e2e.ts.
42986
+ getGuardianAdditionNonce() {
42987
+ return readNonceSlot(client, address, GUARDIAN_ADDITION_NONCE_SLOT, "getGuardianAdditionNonce");
42129
42988
  },
42130
- async addP256GuardianWithMixedSigs() {
42131
- return BATCH2("addP256GuardianWithMixedSigs");
42989
+ getGuardianRemovalNonce() {
42990
+ return readNonceSlot(client, address, GUARDIAN_REMOVAL_NONCE_SLOT, "getGuardianRemovalNonce");
42132
42991
  },
42133
- async addGuardianWithMixedSigs() {
42134
- return BATCH2("addGuardianWithMixedSigs");
42992
+ getTierLimitNonce() {
42993
+ return readNonceSlot(client, address, TIER_LIMIT_NONCE_SLOT, "getTierLimitNonce");
42135
42994
  },
42136
- async proposeRecoveryWithSig() {
42137
- return BATCH2("proposeRecoveryWithSig");
42995
+ // ── P-256 / WebAuthn guardian writes ───────────────────────────────────────
42996
+ // Each routes to AirAccountExtension via the account's fallback → delegatecall,
42997
+ // so `address` (the account) is the write target and `functionName` is the EXT fn.
42998
+ async addP256Guardian({ x, y, account, maxFeePerGas, maxPriorityFeePerGas }) {
42999
+ try {
43000
+ validateRequired(x, "x");
43001
+ validateRequired(y, "y");
43002
+ return await client.writeContract({
43003
+ address,
43004
+ abi: EXT_ABI,
43005
+ functionName: "addP256Guardian",
43006
+ args: [x, y],
43007
+ account,
43008
+ chain: client.chain,
43009
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43010
+ });
43011
+ } catch (error) {
43012
+ throw AAStarError.fromViemError(error, "addP256Guardian");
43013
+ }
42138
43014
  },
42139
- async approveRecoveryWithSig() {
42140
- return BATCH2("approveRecoveryWithSig");
43015
+ async addP256GuardianWithMixedSigs({ x, y, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
43016
+ try {
43017
+ validateRequired(x, "x");
43018
+ validateRequired(y, "y");
43019
+ validateMixedSigs(signerIdxs, sigs);
43020
+ return await client.writeContract({
43021
+ address,
43022
+ abi: EXT_ABI,
43023
+ functionName: "addP256GuardianWithMixedSigs",
43024
+ args: [x, y, signerIdxs, sigs],
43025
+ account,
43026
+ chain: client.chain,
43027
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43028
+ });
43029
+ } catch (error) {
43030
+ throw AAStarError.fromViemError(error, "addP256GuardianWithMixedSigs");
43031
+ }
42141
43032
  },
42142
- async cancelRecoveryWithSig() {
42143
- return BATCH2("cancelRecoveryWithSig");
43033
+ async addGuardianWithMixedSigs({ guardian, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
43034
+ try {
43035
+ validateRequired(guardian, "guardian");
43036
+ validateMixedSigs(signerIdxs, sigs);
43037
+ return await client.writeContract({
43038
+ address,
43039
+ abi: EXT_ABI,
43040
+ functionName: "addGuardianWithMixedSigs",
43041
+ args: [guardian, signerIdxs, sigs],
43042
+ account,
43043
+ chain: client.chain,
43044
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43045
+ });
43046
+ } catch (error) {
43047
+ throw AAStarError.fromViemError(error, "addGuardianWithMixedSigs");
43048
+ }
42144
43049
  },
42145
- async removeGuardianWithMixedSigs() {
42146
- return BATCH2("removeGuardianWithMixedSigs");
43050
+ async proposeRecoveryWithSig({ newOwner, gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
43051
+ try {
43052
+ validateRequired(newOwner, "newOwner");
43053
+ validateRequired(gIdx, "gIdx");
43054
+ validateRequired(sig, "sig");
43055
+ return await client.writeContract({
43056
+ address,
43057
+ abi: EXT_ABI,
43058
+ functionName: "proposeRecoveryWithSig",
43059
+ args: [newOwner, gIdx, sig],
43060
+ account,
43061
+ chain: client.chain,
43062
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43063
+ });
43064
+ } catch (error) {
43065
+ throw AAStarError.fromViemError(error, "proposeRecoveryWithSig");
43066
+ }
42147
43067
  },
42148
- async modifyTierLimitsWithMixedGuardians() {
42149
- return BATCH2("modifyTierLimitsWithMixedGuardians");
43068
+ async approveRecoveryWithSig({ gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
43069
+ try {
43070
+ validateRequired(gIdx, "gIdx");
43071
+ validateRequired(sig, "sig");
43072
+ return await client.writeContract({
43073
+ address,
43074
+ abi: EXT_ABI,
43075
+ functionName: "approveRecoveryWithSig",
43076
+ args: [gIdx, sig],
43077
+ account,
43078
+ chain: client.chain,
43079
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43080
+ });
43081
+ } catch (error) {
43082
+ throw AAStarError.fromViemError(error, "approveRecoveryWithSig");
43083
+ }
43084
+ },
43085
+ async cancelRecoveryWithSig({ gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
43086
+ try {
43087
+ validateRequired(gIdx, "gIdx");
43088
+ validateRequired(sig, "sig");
43089
+ return await client.writeContract({
43090
+ address,
43091
+ abi: EXT_ABI,
43092
+ functionName: "cancelRecoveryWithSig",
43093
+ args: [gIdx, sig],
43094
+ account,
43095
+ chain: client.chain,
43096
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43097
+ });
43098
+ } catch (error) {
43099
+ throw AAStarError.fromViemError(error, "cancelRecoveryWithSig");
43100
+ }
43101
+ },
43102
+ async removeGuardianWithMixedSigs({ index, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
43103
+ try {
43104
+ validateRequired(index, "index");
43105
+ validateMixedSigs(signerIdxs, sigs);
43106
+ return await client.writeContract({
43107
+ address,
43108
+ abi: EXT_ABI,
43109
+ functionName: "removeGuardianWithMixedSigs",
43110
+ args: [index, signerIdxs, sigs],
43111
+ account,
43112
+ chain: client.chain,
43113
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43114
+ });
43115
+ } catch (error) {
43116
+ throw AAStarError.fromViemError(error, "removeGuardianWithMixedSigs");
43117
+ }
43118
+ },
43119
+ async modifyTierLimitsWithMixedGuardians({ tier1, tier2, deadline, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
43120
+ try {
43121
+ validateRequired(tier1, "tier1");
43122
+ validateRequired(tier2, "tier2");
43123
+ validateRequired(deadline, "deadline");
43124
+ validateMixedSigs(signerIdxs, sigs);
43125
+ return await client.writeContract({
43126
+ address,
43127
+ abi: EXT_ABI,
43128
+ functionName: "modifyTierLimitsWithMixedGuardians",
43129
+ args: [tier1, tier2, deadline, signerIdxs, sigs],
43130
+ account,
43131
+ chain: client.chain,
43132
+ ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
43133
+ });
43134
+ } catch (error) {
43135
+ throw AAStarError.fromViemError(error, "modifyTierLimitsWithMixedGuardians");
43136
+ }
42150
43137
  }
42151
43138
  });
43139
+ var ZERO_ADDRESS2 = "0x0000000000000000000000000000000000000000";
43140
+ var ZERO32 = `0x${"00".repeat(32)}`;
43141
+ var P256_GUARDIAN_SENTINEL = "0x0000000000000000000000000000000000007026";
43142
+ var ALG_ECDSA = 2;
43143
+ var ALG_PASSKEY_P256 = 1;
43144
+ function isZero32(v) {
43145
+ return /^0x0*$/.test(v);
43146
+ }
43147
+ function buildInitConfig(params) {
43148
+ const specs = params.guardians ?? [];
43149
+ if (specs.length > 3) {
43150
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `at most 3 guardians are supported, got ${specs.length}`);
43151
+ }
43152
+ if (params.dailyLimit <= 0n) {
43153
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, "dailyLimit must be > 0 to enable the on-chain GUARD");
43154
+ }
43155
+ const guardians = [ZERO_ADDRESS2, ZERO_ADDRESS2, ZERO_ADDRESS2];
43156
+ const guardianP256X = [ZERO32, ZERO32, ZERO32];
43157
+ const guardianP256Y = [ZERO32, ZERO32, ZERO32];
43158
+ let hasP256 = false;
43159
+ specs.forEach((spec, i) => {
43160
+ const hasEcdsa = spec.ecdsa !== void 0 && spec.ecdsa !== ZERO_ADDRESS2;
43161
+ const hasP256Key = spec.p256 !== void 0;
43162
+ if (hasEcdsa && hasP256Key) {
43163
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}]: supply exactly one of { ecdsa, p256 }, not both`);
43164
+ }
43165
+ if (!hasEcdsa && !hasP256Key) {
43166
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}]: supply one of { ecdsa, p256 }`);
43167
+ }
43168
+ if (hasP256Key) {
43169
+ const { x, y } = spec.p256;
43170
+ if (!viem.isHex(x) || viem.size(x) !== 32 || !viem.isHex(y) || viem.size(y) !== 32) {
43171
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].p256: x and y must each be 32-byte hex values`);
43172
+ }
43173
+ if (isZero32(x) || isZero32(y)) {
43174
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].p256: x and y must be non-zero (all-or-nothing per the contract)`);
43175
+ }
43176
+ guardians[i] = ZERO_ADDRESS2;
43177
+ guardianP256X[i] = x;
43178
+ guardianP256Y[i] = y;
43179
+ hasP256 = true;
43180
+ } else {
43181
+ const ecdsa = spec.ecdsa;
43182
+ if (viem.isAddressEqual(ecdsa, P256_GUARDIAN_SENTINEL)) {
43183
+ throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].ecdsa: the P-256 sentinel ${P256_GUARDIAN_SENTINEL} is not a valid ECDSA guardian`);
43184
+ }
43185
+ guardians[i] = ecdsa;
43186
+ }
43187
+ });
43188
+ const approvedAlgIds = params.approvedAlgIds ?? (hasP256 ? [ALG_ECDSA, ALG_PASSKEY_P256] : [ALG_ECDSA]);
43189
+ return {
43190
+ guardians,
43191
+ guardianP256X,
43192
+ guardianP256Y,
43193
+ dailyLimit: params.dailyLimit,
43194
+ approvedAlgIds,
43195
+ minDailyLimit: params.minDailyLimit ?? 0n,
43196
+ initialTokens: params.initialTokens ?? [],
43197
+ initialTokenConfigs: params.initialTokenConfigs ?? []
43198
+ };
43199
+ }
42152
43200
 
42153
43201
  // ../core/src/actions/agentRegistry.ts
42154
43202
  var ABI4 = AgentRegistryABI;
@@ -42583,28 +43631,28 @@ function encodeDVTVerifierProof(nodeIds, blsSig) {
42583
43631
  const sig = encodeG2Point(blsSig);
42584
43632
  return viem.concat([...ids, sig]);
42585
43633
  }
42586
- function normalizeP256(p256) {
42587
- if (typeof p256 === "string") {
42588
- if (!viem.isHex(p256) || viem.size(p256) !== 64) {
43634
+ function normalizeP256(p2562) {
43635
+ if (typeof p2562 === "string") {
43636
+ if (!viem.isHex(p2562) || viem.size(p2562) !== 64) {
42589
43637
  throw new Error("encodeDVTAccountSignature: p256 bytes form must be a 64-byte (r\u2016s) hex value");
42590
43638
  }
42591
- return p256;
43639
+ return p2562;
42592
43640
  }
42593
- if (!viem.isHex(p256.r) || viem.size(p256.r) !== 32) {
43641
+ if (!viem.isHex(p2562.r) || viem.size(p2562.r) !== 32) {
42594
43642
  throw new Error("encodeDVTAccountSignature: p256.r must be a 32-byte hex value");
42595
43643
  }
42596
- if (!viem.isHex(p256.s) || viem.size(p256.s) !== 32) {
43644
+ if (!viem.isHex(p2562.s) || viem.size(p2562.s) !== 32) {
42597
43645
  throw new Error("encodeDVTAccountSignature: p256.s must be a 32-byte hex value");
42598
43646
  }
42599
- return viem.concat([p256.r, p256.s]);
43647
+ return viem.concat([p2562.r, p2562.s]);
42600
43648
  }
42601
43649
  function encodeDVTAccountSignature(params) {
42602
- const { tier, p256, nodeIds, blsSig, guardianSig } = params;
43650
+ const { tier, p256: p2562, nodeIds, blsSig, guardianSig } = params;
42603
43651
  if (tier !== DVT_TIER_T2 && tier !== DVT_TIER_T3) {
42604
43652
  throw new Error(`encodeDVTAccountSignature: tier must be 0x04 (T2) or 0x05 (T3), got ${tier}`);
42605
43653
  }
42606
43654
  const tierByte = viem.numberToHex(tier, { size: 1 });
42607
- const p256Bytes = normalizeP256(p256);
43655
+ const p256Bytes = normalizeP256(p2562);
42608
43656
  const ids = validateNodeIds(nodeIds, "encodeDVTAccountSignature");
42609
43657
  const nodeIdsLength = viem.numberToHex(ids.length, { size: 32 });
42610
43658
  const sig = encodeG2Point(blsSig);
@@ -42649,6 +43697,402 @@ function hashToFieldU0U1(message) {
42649
43697
  u1c1b: u1c1.b
42650
43698
  };
42651
43699
  }
43700
+
43701
+ // ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/hmac.js
43702
+ var HMAC = class extends Hash {
43703
+ constructor(hash, _key) {
43704
+ super();
43705
+ this.finished = false;
43706
+ this.destroyed = false;
43707
+ ahash(hash);
43708
+ const key = toBytes2(_key);
43709
+ this.iHash = hash.create();
43710
+ if (typeof this.iHash.update !== "function")
43711
+ throw new Error("Expected instance of class which extends utils.Hash");
43712
+ this.blockLen = this.iHash.blockLen;
43713
+ this.outputLen = this.iHash.outputLen;
43714
+ const blockLen = this.blockLen;
43715
+ const pad2 = new Uint8Array(blockLen);
43716
+ pad2.set(key.length > blockLen ? hash.create().update(key).digest() : key);
43717
+ for (let i = 0; i < pad2.length; i++)
43718
+ pad2[i] ^= 54;
43719
+ this.iHash.update(pad2);
43720
+ this.oHash = hash.create();
43721
+ for (let i = 0; i < pad2.length; i++)
43722
+ pad2[i] ^= 54 ^ 92;
43723
+ this.oHash.update(pad2);
43724
+ clean(pad2);
43725
+ }
43726
+ update(buf) {
43727
+ aexists(this);
43728
+ this.iHash.update(buf);
43729
+ return this;
43730
+ }
43731
+ digestInto(out) {
43732
+ aexists(this);
43733
+ abytes(out, this.outputLen);
43734
+ this.finished = true;
43735
+ this.iHash.digestInto(out);
43736
+ this.oHash.update(out);
43737
+ this.oHash.digestInto(out);
43738
+ this.destroy();
43739
+ }
43740
+ digest() {
43741
+ const out = new Uint8Array(this.oHash.outputLen);
43742
+ this.digestInto(out);
43743
+ return out;
43744
+ }
43745
+ _cloneInto(to) {
43746
+ to || (to = Object.create(Object.getPrototypeOf(this), {}));
43747
+ const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this;
43748
+ to = to;
43749
+ to.finished = finished;
43750
+ to.destroyed = destroyed;
43751
+ to.blockLen = blockLen;
43752
+ to.outputLen = outputLen;
43753
+ to.oHash = oHash._cloneInto(to.oHash);
43754
+ to.iHash = iHash._cloneInto(to.iHash);
43755
+ return to;
43756
+ }
43757
+ clone() {
43758
+ return this._cloneInto();
43759
+ }
43760
+ destroy() {
43761
+ this.destroyed = true;
43762
+ this.oHash.destroy();
43763
+ this.iHash.destroy();
43764
+ }
43765
+ };
43766
+ var hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest();
43767
+ hmac.create = (hash, key) => new HMAC(hash, key);
43768
+
43769
+ // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/_shortw_utils.js
43770
+ function getHash(hash) {
43771
+ return {
43772
+ hash,
43773
+ hmac: (key, ...msgs) => hmac(hash, key, concatBytes(...msgs)),
43774
+ randomBytes
43775
+ };
43776
+ }
43777
+ function createCurve(curveDef, defHash) {
43778
+ const create = (hash) => weierstrass({ ...curveDef, ...getHash(hash) });
43779
+ return { ...create(defHash), create };
43780
+ }
43781
+
43782
+ // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/nist.js
43783
+ var Fp256 = Field(BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"));
43784
+ var p256_a = Fp256.create(BigInt("-3"));
43785
+ var p256_b = BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
43786
+ var p256 = createCurve({
43787
+ a: p256_a,
43788
+ b: p256_b,
43789
+ Fp: Fp256,
43790
+ n: BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),
43791
+ Gx: BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),
43792
+ Gy: BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"),
43793
+ h: BigInt(1),
43794
+ lowS: false
43795
+ }, sha256);
43796
+ var Fp384 = Field(BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"));
43797
+ var p384_a = Fp384.create(BigInt("-3"));
43798
+ var p384_b = BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef");
43799
+ createCurve({
43800
+ a: p384_a,
43801
+ b: p384_b,
43802
+ Fp: Fp384,
43803
+ n: BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),
43804
+ Gx: BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),
43805
+ Gy: BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"),
43806
+ h: BigInt(1),
43807
+ lowS: false
43808
+ }, sha384);
43809
+ var Fp521 = Field(BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
43810
+ var p521_a = Fp521.create(BigInt("-3"));
43811
+ var p521_b = BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00");
43812
+ createCurve({
43813
+ a: p521_a,
43814
+ b: p521_b,
43815
+ Fp: Fp521,
43816
+ n: BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),
43817
+ Gx: BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),
43818
+ Gy: BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"),
43819
+ h: BigInt(1),
43820
+ lowS: false,
43821
+ allowedPrivateKeyLengths: [130, 131, 132]
43822
+ // P521 keys are variable-length. Normalize to 132b
43823
+ }, sha512);
43824
+
43825
+ // ../core/src/crypto/p256Guardian.ts
43826
+ var GUARDIAN_SIG_VERSION = 4;
43827
+ var P256_GUARDIAN_DOMAIN = "P256_GUARDIAN";
43828
+ var WEBAUTHN_GET_CHALLENGE_PREFIX = '{"type":"webauthn.get","challenge":"';
43829
+ var PREFIX_LEN = 36;
43830
+ var CHALLENGE_B64_LEN = 43;
43831
+ var P256_GUARDIAN_SENTINEL2 = "0x0000000000000000000000000000000000007026";
43832
+ var SECP256R1_N = 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551n;
43833
+ var SECP256R1_N_OVER_2 = SECP256R1_N >> 1n;
43834
+ var B64URL_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
43835
+ function base64UrlEncode(bytes) {
43836
+ let out = "";
43837
+ let i = 0;
43838
+ for (; i + 3 <= bytes.length; i += 3) {
43839
+ const n = bytes[i] << 16 | bytes[i + 1] << 8 | bytes[i + 2];
43840
+ out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63] + B64URL_ALPHABET[n >> 6 & 63] + B64URL_ALPHABET[n & 63];
43841
+ }
43842
+ const rem = bytes.length - i;
43843
+ if (rem === 1) {
43844
+ const n = bytes[i] << 16;
43845
+ out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63];
43846
+ } else if (rem === 2) {
43847
+ const n = bytes[i] << 16 | bytes[i + 1] << 8;
43848
+ out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63] + B64URL_ALPHABET[n >> 6 & 63];
43849
+ }
43850
+ return out;
43851
+ }
43852
+ function buildP256GuardianChallenge(params) {
43853
+ const version = params.version ?? GUARDIAN_SIG_VERSION;
43854
+ return viem.keccak256(
43855
+ viem.encodeAbiParameters(
43856
+ [
43857
+ { type: "uint8" },
43858
+ { type: "uint256" },
43859
+ { type: "address" },
43860
+ { type: "string" },
43861
+ { type: "string" },
43862
+ { type: "bytes" }
43863
+ ],
43864
+ [version, BigInt(params.chainId), params.account, P256_GUARDIAN_DOMAIN, params.opLabel, params.opData]
43865
+ )
43866
+ );
43867
+ }
43868
+ function opDataRecovery(nonce, newOwner) {
43869
+ return viem.encodeAbiParameters([{ type: "uint256" }, { type: "address" }], [nonce, newOwner]);
43870
+ }
43871
+ function opDataAddP256Guardian(nonce, x, y) {
43872
+ return viem.encodeAbiParameters(
43873
+ [{ type: "uint256" }, { type: "bytes32" }, { type: "bytes32" }],
43874
+ [nonce, toBytes32(x, "x"), toBytes32(y, "y")]
43875
+ );
43876
+ }
43877
+ function opDataAddGuardian(nonce, guardian) {
43878
+ return viem.encodeAbiParameters([{ type: "uint256" }, { type: "address" }], [nonce, guardian]);
43879
+ }
43880
+ function opDataRemoveGuardian(nonce, index, guardianToRemove, p256X, p256Y) {
43881
+ return viem.encodeAbiParameters(
43882
+ [{ type: "uint256" }, { type: "uint8" }, { type: "address" }, { type: "bytes32" }, { type: "bytes32" }],
43883
+ [nonce, index, guardianToRemove, toBytes32(p256X, "p256X"), toBytes32(p256Y, "p256Y")]
43884
+ );
43885
+ }
43886
+ function opDataModifyTierLimits(nonce, tier1, tier2, deadline) {
43887
+ return viem.encodeAbiParameters(
43888
+ [{ type: "uint256" }, { type: "uint256" }, { type: "uint256" }, { type: "uint256" }],
43889
+ [nonce, tier1, tier2, deadline]
43890
+ );
43891
+ }
43892
+ function buildProposeRecoveryChallenge(p) {
43893
+ return buildP256GuardianChallenge({ ...p, opLabel: "PROPOSE_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
43894
+ }
43895
+ function buildApproveRecoveryChallenge(p) {
43896
+ return buildP256GuardianChallenge({ ...p, opLabel: "APPROVE_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
43897
+ }
43898
+ function buildCancelRecoveryChallenge(p) {
43899
+ return buildP256GuardianChallenge({ ...p, opLabel: "CANCEL_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
43900
+ }
43901
+ function buildAddP256GuardianChallenge(p) {
43902
+ return buildP256GuardianChallenge({ ...p, opLabel: "ADD_P256_GUARDIAN", opData: opDataAddP256Guardian(p.nonce, p.x, p.y) });
43903
+ }
43904
+ function buildAddGuardianChallenge(p) {
43905
+ return buildP256GuardianChallenge({ ...p, opLabel: "ADD_GUARDIAN", opData: opDataAddGuardian(p.nonce, p.guardian) });
43906
+ }
43907
+ function buildRemoveGuardianChallenge(p) {
43908
+ return buildP256GuardianChallenge({
43909
+ ...p,
43910
+ opLabel: "REMOVE_GUARDIAN",
43911
+ opData: opDataRemoveGuardian(p.nonce, p.index, p.guardianToRemove, p.p256X, p.p256Y)
43912
+ });
43913
+ }
43914
+ function buildModifyTierLimitsChallenge(p) {
43915
+ return buildP256GuardianChallenge({
43916
+ ...p,
43917
+ opLabel: "MODIFY_TIER_LIMITS",
43918
+ opData: opDataModifyTierLimits(p.nonce, p.tier1, p.tier2, p.deadline)
43919
+ });
43920
+ }
43921
+ function scalarToBigInt(v, name) {
43922
+ if (typeof v === "bigint") return v;
43923
+ if (v instanceof Uint8Array) return BigInt(viem.toHex(v));
43924
+ if (viem.isHex(v)) return BigInt(v);
43925
+ throw new Error(`encodeWebAuthnAssertion: ${name} must be a hex string, Uint8Array, or bigint`);
43926
+ }
43927
+ function toBytes32(v, name) {
43928
+ if (!viem.isHex(v)) throw new Error(`${name} must be a 0x-hex value`);
43929
+ if (viem.size(v) > 32) throw new Error(`${name} must be at most 32 bytes`);
43930
+ return viem.pad(v, { size: 32 });
43931
+ }
43932
+ function asBytes(v, name) {
43933
+ if (v instanceof Uint8Array) return v;
43934
+ if (typeof v === "string" && viem.isHex(v)) return viem.toBytes(v);
43935
+ if (typeof v === "string") return new TextEncoder().encode(v);
43936
+ throw new Error(`${name} must be hex, bytes, or a string`);
43937
+ }
43938
+ function encodeWebAuthnAssertion(params) {
43939
+ const authData = asBytes(params.authenticatorData, "authenticatorData");
43940
+ if (authData.length < 37) {
43941
+ throw new Error(`encodeWebAuthnAssertion: authenticatorData must be >= 37 bytes, got ${authData.length}`);
43942
+ }
43943
+ if ((authData[32] & 1) === 0) {
43944
+ throw new Error("encodeWebAuthnAssertion: authenticatorData UP (User Present) flag (byte 32, bit 0) must be set");
43945
+ }
43946
+ const cdj = asBytes(params.clientDataJSON, "clientDataJSON");
43947
+ const prefixBytes = new TextEncoder().encode(WEBAUTHN_GET_CHALLENGE_PREFIX);
43948
+ if (cdj.length < PREFIX_LEN + CHALLENGE_B64_LEN + 1) {
43949
+ throw new Error(
43950
+ `encodeWebAuthnAssertion: clientDataJSON too short (${cdj.length} bytes) \u2014 expected at least prefix(${PREFIX_LEN}) + base64url(challenge)(${CHALLENGE_B64_LEN}) + closing quote`
43951
+ );
43952
+ }
43953
+ for (let i = 0; i < PREFIX_LEN; i++) {
43954
+ if (cdj[i] !== prefixBytes[i]) {
43955
+ throw new Error(
43956
+ `encodeWebAuthnAssertion: clientDataJSON must start with the exact prefix ${JSON.stringify(WEBAUTHN_GET_CHALLENGE_PREFIX)} (the contract rejects any other prefix)`
43957
+ );
43958
+ }
43959
+ }
43960
+ if (cdj[PREFIX_LEN + CHALLENGE_B64_LEN] !== 34) {
43961
+ throw new Error(
43962
+ "encodeWebAuthnAssertion: the base64url(challenge) slot is not exactly 43 chars (no closing quote at the expected position) \u2014 clientDataJSON is malformed for the contract"
43963
+ );
43964
+ }
43965
+ const prefix = cdj.slice(0, PREFIX_LEN);
43966
+ const suffix = cdj.slice(PREFIX_LEN + CHALLENGE_B64_LEN);
43967
+ const r = scalarToBigInt(params.r, "r");
43968
+ let s = scalarToBigInt(params.s, "s");
43969
+ if (s > SECP256R1_N_OVER_2) s = SECP256R1_N - s;
43970
+ return viem.encodeAbiParameters(
43971
+ [{ type: "bytes" }, { type: "bytes" }, { type: "bytes" }, { type: "bytes32" }, { type: "bytes32" }],
43972
+ [viem.toHex(authData), viem.toHex(prefix), viem.toHex(suffix), viem.numberToHex(r, { size: 32 }), viem.numberToHex(s, { size: 32 })]
43973
+ );
43974
+ }
43975
+ function decodeWebAuthnAssertion(sig) {
43976
+ const [authenticatorData, clientDataJSONPrefix, clientDataJSONSuffix, r, s] = viem.decodeAbiParameters(
43977
+ [{ type: "bytes" }, { type: "bytes" }, { type: "bytes" }, { type: "bytes32" }, { type: "bytes32" }],
43978
+ sig
43979
+ );
43980
+ return { authenticatorData, clientDataJSONPrefix, clientDataJSONSuffix, r, s };
43981
+ }
43982
+ function decompressP256Point(compressed) {
43983
+ const lib = p256;
43984
+ const Point = lib.Point ?? lib.ProjectivePoint;
43985
+ if (!Point) throw new Error("coseToP256XY: @noble/curves p256 point class unavailable for decompression");
43986
+ const pt = Point.fromHex(compressed);
43987
+ const uncompressed = pt.toBytes ? pt.toBytes(false) : pt.toRawBytes(false);
43988
+ return uncompressed;
43989
+ }
43990
+ function coseToP256XY(cosePublicKey) {
43991
+ const bytes = cosePublicKey instanceof Uint8Array ? cosePublicKey : viem.toBytes(cosePublicKey);
43992
+ if (bytes.length === 65 && bytes[0] === 4) {
43993
+ return { x: viem.toHex(bytes.slice(1, 33)), y: viem.toHex(bytes.slice(33, 65)) };
43994
+ }
43995
+ if (bytes.length === 33 && (bytes[0] === 2 || bytes[0] === 3)) {
43996
+ const uncompressed = decompressP256Point(bytes);
43997
+ return { x: viem.toHex(uncompressed.slice(1, 33)), y: viem.toHex(uncompressed.slice(33, 65)) };
43998
+ }
43999
+ const map = decodeCoseMap(bytes);
44000
+ const kty = map.get(1);
44001
+ const crv = map.get(-1);
44002
+ if (kty !== 2n) {
44003
+ throw new Error(`coseToP256XY: COSE key type (label 1) must be present and 2 (EC2), got ${String(kty)}`);
44004
+ }
44005
+ if (crv !== 1n) {
44006
+ throw new Error(`coseToP256XY: COSE curve (label -1) must be present and 1 (P-256), got ${String(crv)}`);
44007
+ }
44008
+ const x = map.get(-2);
44009
+ const y = map.get(-3);
44010
+ if (!(x instanceof Uint8Array) || !(y instanceof Uint8Array)) {
44011
+ throw new Error("coseToP256XY: COSE key missing the -2 (x) / -3 (y) coordinate byte strings");
44012
+ }
44013
+ if (x.length !== 32 || y.length !== 32) {
44014
+ throw new Error(`coseToP256XY: P-256 coordinates must be 32 bytes (got x=${x.length}, y=${y.length})`);
44015
+ }
44016
+ return { x: viem.toHex(x), y: viem.toHex(y) };
44017
+ }
44018
+ function decodeCoseMap(buf) {
44019
+ let pos = 0;
44020
+ function readArgument(ai) {
44021
+ if (ai < 24) return ai;
44022
+ if (ai === 24) return buf[pos++];
44023
+ if (ai === 25) {
44024
+ const v = buf[pos] << 8 | buf[pos + 1];
44025
+ pos += 2;
44026
+ return v;
44027
+ }
44028
+ if (ai === 26) {
44029
+ const v = buf[pos] * 16777216 + (buf[pos + 1] << 16) + (buf[pos + 2] << 8) + buf[pos + 3];
44030
+ pos += 4;
44031
+ return v;
44032
+ }
44033
+ throw new Error("decodeCoseMap: unsupported CBOR argument size (64-bit values not supported for COSE keys)");
44034
+ }
44035
+ function readItem() {
44036
+ const ib2 = buf[pos++];
44037
+ const major = ib2 >> 5;
44038
+ const ai = ib2 & 31;
44039
+ switch (major) {
44040
+ case 0:
44041
+ return BigInt(readArgument(ai));
44042
+ case 1:
44043
+ return BigInt(-1 - readArgument(ai));
44044
+ case 2: {
44045
+ const len = readArgument(ai);
44046
+ const out = buf.slice(pos, pos + len);
44047
+ pos += len;
44048
+ return out;
44049
+ }
44050
+ default:
44051
+ throw new Error(`decodeCoseMap: unsupported CBOR major type ${major} in COSE key`);
44052
+ }
44053
+ }
44054
+ const ib = buf[pos++];
44055
+ if (ib >> 5 !== 5) throw new Error("coseToP256XY: input is not a CBOR map (COSE_Key)");
44056
+ const n = readArgument(ib & 31);
44057
+ const map = /* @__PURE__ */ new Map();
44058
+ for (let i = 0; i < n; i++) {
44059
+ const key = readItem();
44060
+ const val = readItem();
44061
+ if (typeof key === "bigint") map.set(Number(key), val);
44062
+ }
44063
+ return map;
44064
+ }
44065
+ function signP256GuardianAssertion(params) {
44066
+ const priv = params.privateKey instanceof Uint8Array ? params.privateKey : viem.toBytes(params.privateKey);
44067
+ const rpId = params.rpId ?? "airaccount.example";
44068
+ const origin = params.origin ?? "https://airaccount.example";
44069
+ const flags = params.flags ?? 5;
44070
+ const signCount = params.signCount ?? 0;
44071
+ const challengeBytes = viem.toBytes(params.challenge);
44072
+ if (challengeBytes.length !== 32) throw new Error("signP256GuardianAssertion: challenge must be 32 bytes");
44073
+ const challengeB64 = base64UrlEncode(challengeBytes);
44074
+ const clientDataJSONStr = `${WEBAUTHN_GET_CHALLENGE_PREFIX}${challengeB64}","origin":"${origin}","crossOrigin":false}`;
44075
+ const clientDataJSON = new TextEncoder().encode(clientDataJSONStr);
44076
+ const rpIdHash = viem.toBytes(viem.sha256(new TextEncoder().encode(rpId)));
44077
+ const authData = new Uint8Array(37);
44078
+ authData.set(rpIdHash, 0);
44079
+ authData[32] = flags & 255;
44080
+ new DataView(authData.buffer).setUint32(33, signCount >>> 0, false);
44081
+ const clientDataHash = viem.toBytes(viem.sha256(clientDataJSON));
44082
+ const message = new Uint8Array(authData.length + clientDataHash.length);
44083
+ message.set(authData, 0);
44084
+ message.set(clientDataHash, authData.length);
44085
+ const signature = p256.sign(message, priv, { prehash: true, lowS: true });
44086
+ const r = viem.numberToHex(signature.r, { size: 32 });
44087
+ const s = viem.numberToHex(signature.s, { size: 32 });
44088
+ const sig = encodeWebAuthnAssertion({ authenticatorData: authData, clientDataJSON, r, s });
44089
+ return { sig, authenticatorData: viem.toHex(authData), clientDataJSON: viem.toHex(clientDataJSON), r, s };
44090
+ }
44091
+ function p256GuardianPublicKey(privateKey) {
44092
+ const priv = privateKey instanceof Uint8Array ? privateKey : viem.toBytes(privateKey);
44093
+ const pub = p256.getPublicKey(priv, false);
44094
+ return coseToP256XY(pub);
44095
+ }
42652
44096
  var DEFAULT_ADMIN_ROLE = "0x0000000000000000000000000000000000000000000000000000000000000000";
42653
44097
  var ROLE_COMMUNITY = viem.keccak256(viem.toHex("COMMUNITY"));
42654
44098
  var ROLE_ENDUSER = viem.keccak256(viem.toHex("ENDUSER"));
@@ -43082,6 +44526,8 @@ function makeMainnetClient(rpcUrl) {
43082
44526
  @noble/curves/esm/abstract/bls.js:
43083
44527
  @noble/curves/esm/abstract/tower.js:
43084
44528
  @noble/curves/esm/bls12-381.js:
44529
+ @noble/curves/esm/_shortw_utils.js:
44530
+ @noble/curves/esm/nist.js:
43085
44531
  (*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
43086
44532
  */
43087
44533
 
@@ -43137,14 +44583,20 @@ exports.GTokenAuthorizationABI = GTokenAuthorizationABI;
43137
44583
  exports.GTokenAuthorizationArtifact = GTokenAuthorizationArtifact;
43138
44584
  exports.GTokenStakingABI = GTokenStakingABI;
43139
44585
  exports.GTokenStakingArtifact = GTokenStakingArtifact;
44586
+ exports.GUARDIAN_ADDITION_NONCE_SLOT = GUARDIAN_ADDITION_NONCE_SLOT;
44587
+ exports.GUARDIAN_REMOVAL_NONCE_SLOT = GUARDIAN_REMOVAL_NONCE_SLOT;
44588
+ exports.GUARDIAN_SIG_VERSION = GUARDIAN_SIG_VERSION;
43140
44589
  exports.INITIAL_ROLE_STAKES = INITIAL_ROLE_STAKES;
43141
44590
  exports.LINKS = LINKS;
44591
+ exports.MAX_GUARDIAN_SLOT = MAX_GUARDIAN_SLOT;
43142
44592
  exports.MicroPaymentChannelABI = MicroPaymentChannelABI;
43143
44593
  exports.MicroPaymentChannelArtifact = MicroPaymentChannelArtifact;
43144
44594
  exports.MySBTABI = MySBTABI;
43145
44595
  exports.MySBTArtifact = MySBTArtifact;
43146
44596
  exports.NETWORKS = NETWORKS;
43147
44597
  exports.NodeType = NodeType;
44598
+ exports.P256_GUARDIAN_DOMAIN = P256_GUARDIAN_DOMAIN;
44599
+ exports.P256_GUARDIAN_SENTINEL = P256_GUARDIAN_SENTINEL2;
43148
44600
  exports.PaymasterABI = PaymasterABI;
43149
44601
  exports.PaymasterArtifact = PaymasterArtifact;
43150
44602
  exports.PaymasterFactoryABI = PaymasterFactoryABI;
@@ -43152,6 +44604,7 @@ exports.PaymasterFactoryArtifact = PaymasterFactoryArtifact;
43152
44604
  exports.PolicyDecision = PolicyDecision;
43153
44605
  exports.PolicyRegistryABI = PolicyRegistryABI;
43154
44606
  exports.PolicyRegistryArtifact = PolicyRegistryArtifact;
44607
+ exports.RECOVERY_NONCE_SLOT = RECOVERY_NONCE_SLOT;
43155
44608
  exports.ROLE_ANODE = ROLE_ANODE;
43156
44609
  exports.ROLE_COMMUNITY = ROLE_COMMUNITY;
43157
44610
  exports.ROLE_DVT = ROLE_DVT;
@@ -43167,6 +44620,8 @@ exports.ReputationSystemABI = ReputationSystemABI;
43167
44620
  exports.ReputationSystemArtifact = ReputationSystemArtifact;
43168
44621
  exports.RequirementChecker = RequirementChecker;
43169
44622
  exports.RolePermissionLevel = RolePermissionLevel;
44623
+ exports.SECP256R1_N = SECP256R1_N;
44624
+ exports.SECP256R1_N_OVER_2 = SECP256R1_N_OVER_2;
43170
44625
  exports.SEPOLIA_CONTRACTS = SEPOLIA_CONTRACTS;
43171
44626
  exports.SEPOLIA_V2_VERSIONS = SEPOLIA_V2_VERSIONS;
43172
44627
  exports.SepoliaFaucetAPI = SepoliaFaucetAPI;
@@ -43179,7 +44634,9 @@ exports.SimpleAccountFactoryArtifact = SimpleAccountFactoryArtifact;
43179
44634
  exports.StateValidator = StateValidator;
43180
44635
  exports.SuperPaymasterABI = SuperPaymasterABI;
43181
44636
  exports.SuperPaymasterArtifact = SuperPaymasterArtifact;
44637
+ exports.TIER_LIMIT_NONCE_SLOT = TIER_LIMIT_NONCE_SLOT;
43182
44638
  exports.V2_SUMMARY = V2_SUMMARY;
44639
+ exports.WEBAUTHN_GET_CHALLENGE_PREFIX = WEBAUTHN_GET_CHALLENGE_PREFIX;
43183
44640
  exports.X402FacilitatorABI = X402FacilitatorABI;
43184
44641
  exports.X402FacilitatorArtifact = X402FacilitatorArtifact;
43185
44642
  exports.accountActions = accountActions;
@@ -43190,14 +44647,27 @@ exports.aggregatorActions = aggregatorActions;
43190
44647
  exports.airAccountActions = airAccountActions;
43191
44648
  exports.airAccountExtensionActions = airAccountExtensionActions;
43192
44649
  exports.airAccountFactoryActions = airAccountFactoryActions;
44650
+ exports.base64UrlEncode = base64UrlEncode;
43193
44651
  exports.blsAlgorithmActions = blsAlgorithmActions;
44652
+ exports.buildAddGuardianChallenge = buildAddGuardianChallenge;
44653
+ exports.buildAddP256GuardianChallenge = buildAddP256GuardianChallenge;
44654
+ exports.buildApproveRecoveryChallenge = buildApproveRecoveryChallenge;
44655
+ exports.buildCancelRecoveryChallenge = buildCancelRecoveryChallenge;
44656
+ exports.buildInitConfig = buildInitConfig;
44657
+ exports.buildModifyTierLimitsChallenge = buildModifyTierLimitsChallenge;
44658
+ exports.buildP256GuardianChallenge = buildP256GuardianChallenge;
44659
+ exports.buildProposeRecoveryChallenge = buildProposeRecoveryChallenge;
44660
+ exports.buildRemoveGuardianChallenge = buildRemoveGuardianChallenge;
43194
44661
  exports.channelActions = channelActions;
44662
+ exports.coseToP256XY = coseToP256XY;
43195
44663
  exports.createAAStarPublicClient = createAAStarPublicClient;
43196
44664
  exports.createHeliosTransport = createHeliosTransport;
44665
+ exports.decodeWebAuthnAssertion = decodeWebAuthnAssertion;
43197
44666
  exports.dvtActions = dvtActions;
43198
44667
  exports.encodeDVTAccountSignature = encodeDVTAccountSignature;
43199
44668
  exports.encodeDVTVerifierProof = encodeDVTVerifierProof;
43200
44669
  exports.encodeG2Point = encodeG2Point;
44670
+ exports.encodeWebAuthnAssertion = encodeWebAuthnAssertion;
43201
44671
  exports.entryPointActions = entryPointActions;
43202
44672
  exports.forceExitActions = forceExitActions;
43203
44673
  exports.gTokenActions = gTokenActions;
@@ -43234,6 +44704,12 @@ exports.isContractNetworkSupported = isContractNetworkSupported;
43234
44704
  exports.isRegisteredCommunity = isRegisteredCommunity;
43235
44705
  exports.isV2Contract = isV2Contract;
43236
44706
  exports.lookupAddress = lookupAddress;
44707
+ exports.opDataAddGuardian = opDataAddGuardian;
44708
+ exports.opDataAddP256Guardian = opDataAddP256Guardian;
44709
+ exports.opDataModifyTierLimits = opDataModifyTierLimits;
44710
+ exports.opDataRecovery = opDataRecovery;
44711
+ exports.opDataRemoveGuardian = opDataRemoveGuardian;
44712
+ exports.p256GuardianPublicKey = p256GuardianPublicKey;
43237
44713
  exports.paymasterActions = paymasterActions;
43238
44714
  exports.paymasterFactoryActions = paymasterFactoryActions;
43239
44715
  exports.policyRegistryActions = policyRegistryActions;
@@ -43243,6 +44719,7 @@ exports.resolveEns = resolveEns;
43243
44719
  exports.resolveEnsVerified = resolveEnsVerified;
43244
44720
  exports.sbtActions = sbtActions;
43245
44721
  exports.sessionKeyValidatorActions = sessionKeyValidatorActions;
44722
+ exports.signP256GuardianAssertion = signP256GuardianAssertion;
43246
44723
  exports.stakingActions = stakingActions;
43247
44724
  exports.superPaymasterActions = superPaymasterActions;
43248
44725
  exports.tokenActions = tokenActions;
@@ -43255,5 +44732,5 @@ exports.xPNTsFactoryArtifact = xPNTsFactoryArtifact;
43255
44732
  exports.xPNTsTokenABI = xPNTsTokenABI;
43256
44733
  exports.xPNTsTokenActions = xPNTsTokenActions;
43257
44734
  exports.xPNTsTokenArtifact = xPNTsTokenArtifact;
43258
- //# sourceMappingURL=chunk-CIEYY3A6.cjs.map
43259
- //# sourceMappingURL=chunk-CIEYY3A6.cjs.map
44735
+ //# sourceMappingURL=chunk-TS5CXRNI.cjs.map
44736
+ //# sourceMappingURL=chunk-TS5CXRNI.cjs.map