@aastar/sdk 0.21.1 → 0.23.0

package/dist/{chunk-M5WFKETT.js → chunk-5G5SB6CP.js}

@@ -1,5 +1,5 @@
 import { TEST_TOKEN_ADDRESSES, COMMUNITY_OWNERS, MONITORING_ADDRESSES, CORE_ADDRESSES, TOKEN_ADDRESSES, TEST_COMMUNITIES, OFFICIAL_ADDRESSES, PAYMASTER_ADDRESSES, TEST_ACCOUNT_ADDRESSES } from './chunk-UCLK6LTB.js';
-import { keccak256, toHex, parseEther, parseAbi, createPublicClient, http, toBytes, decodeFunctionData, decodeAbiParameters, zeroAddress, erc20Abi, formatEther, encodeAbiParameters, parseAbiParameters, encodePacked, concat, numberToHex, isHex, size, isAddress, custom } from 'viem';
+import { keccak256, toHex, parseEther, parseAbi, createPublicClient, http, toBytes, decodeFunctionData, decodeAbiParameters, zeroAddress, erc20Abi, formatEther, encodeAbiParameters, parseAbiParameters, encodePacked, isHex, size, isAddressEqual, concat, numberToHex, pad, sha256 as sha256$1, isAddress, custom } from 'viem';
 import { sepolia, mainnet } from 'viem/chains';
 import * as nc from 'crypto';
 import { getEnsAddress, normalize, getEnsName } from 'viem/ens';
@@ -36624,6 +36624,12 @@ function abytes(b, ...lengths) {
   if (lengths.length > 0 && !lengths.includes(b.length))
     throw new Error("Uint8Array expected of length " + lengths + ", got length=" + b.length);
 }
+function ahash(h) {
+  if (typeof h !== "function" || typeof h.create !== "function")
+    throw new Error("Hash should be wrapped by utils.createHasher");
+  anumber(h.outputLen);
+  anumber(h.blockLen);
+}
 function aexists(instance, checkFinished = true) {
   if (instance.destroyed)
     throw new Error("Hash instance has been destroyed");
@@ -36659,6 +36665,21 @@ function toBytes2(data) {
   abytes(data);
   return data;
 }
+function concatBytes(...arrays) {
+  let sum = 0;
+  for (let i = 0; i < arrays.length; i++) {
+    const a = arrays[i];
+    abytes(a);
+    sum += a.length;
+  }
+  const res = new Uint8Array(sum);
+  for (let i = 0, pad2 = 0; i < arrays.length; i++) {
+    const a = arrays[i];
+    res.set(a, pad2);
+    pad2 += a.length;
+  }
+  return res;
+}
 var Hash = class {
 };
 function createHasher(hashCons) {
@@ -36683,9 +36704,9 @@ function randomBytes(bytesLength = 32) {
 function setBigUint64(view, byteOffset, value, isLE) {
   if (typeof view.setBigUint64 === "function")
     return view.setBigUint64(byteOffset, value, isLE);
-  const _32n = BigInt(32);
+  const _32n2 = BigInt(32);
   const _u32_max = BigInt(4294967295);
-  const wh = Number(value >> _32n & _u32_max);
+  const wh = Number(value >> _32n2 & _u32_max);
   const wl = Number(value & _u32_max);
   const h = isLE ? 4 : 0;
   const l = isLE ? 0 : 4;
@@ -36798,6 +36819,77 @@ var SHA256_IV = /* @__PURE__ */ Uint32Array.from([
   528734635,
   1541459225
 ]);
+var SHA384_IV = /* @__PURE__ */ Uint32Array.from([
+  3418070365,
+  3238371032,
+  1654270250,
+  914150663,
+  2438529370,
+  812702999,
+  355462360,
+  4144912697,
+  1731405415,
+  4290775857,
+  2394180231,
+  1750603025,
+  3675008525,
+  1694076839,
+  1203062813,
+  3204075428
+]);
+var SHA512_IV = /* @__PURE__ */ Uint32Array.from([
+  1779033703,
+  4089235720,
+  3144134277,
+  2227873595,
+  1013904242,
+  4271175723,
+  2773480762,
+  1595750129,
+  1359893119,
+  2917565137,
+  2600822924,
+  725511199,
+  528734635,
+  4215389547,
+  1541459225,
+  327033209
+]);
+
+// ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/_u64.js
+var U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1);
+var _32n = /* @__PURE__ */ BigInt(32);
+function fromBig(n, le = false) {
+  if (le)
+    return { h: Number(n & U32_MASK64), l: Number(n >> _32n & U32_MASK64) };
+  return { h: Number(n >> _32n & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 };
+}
+function split(lst, le = false) {
+  const len = lst.length;
+  let Ah = new Uint32Array(len);
+  let Al = new Uint32Array(len);
+  for (let i = 0; i < len; i++) {
+    const { h, l } = fromBig(lst[i], le);
+    [Ah[i], Al[i]] = [h, l];
+  }
+  return [Ah, Al];
+}
+var shrSH = (h, _l, s) => h >>> s;
+var shrSL = (h, l, s) => h << 32 - s | l >>> s;
+var rotrSH = (h, l, s) => h >>> s | l << 32 - s;
+var rotrSL = (h, l, s) => h << 32 - s | l >>> s;
+var rotrBH = (h, l, s) => h << 64 - s | l >>> s - 32;
+var rotrBL = (h, l, s) => h >>> s - 32 | l << 64 - s;
+function add(Ah, Al, Bh, Bl) {
+  const l = (Al >>> 0) + (Bl >>> 0);
+  return { h: Ah + Bh + (l / 2 ** 32 | 0) | 0, l: l | 0 };
+}
+var add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0);
+var add3H = (low, Ah, Bh, Ch) => Ah + Bh + Ch + (low / 2 ** 32 | 0) | 0;
+var add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0);
+var add4H = (low, Ah, Bh, Ch, Dh) => Ah + Bh + Ch + Dh + (low / 2 ** 32 | 0) | 0;
+var add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0);
+var add5H = (low, Ah, Bh, Ch, Dh, Eh) => Ah + Bh + Ch + Dh + Eh + (low / 2 ** 32 | 0) | 0;
 
 // ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/sha2.js
 var SHA256_K = /* @__PURE__ */ Uint32Array.from([
@@ -36937,7 +37029,227 @@ var SHA256 = class extends HashMD {
     clean(this.buffer);
   }
 };
+var K512 = /* @__PURE__ */ (() => split([
+  "0x428a2f98d728ae22",
+  "0x7137449123ef65cd",
+  "0xb5c0fbcfec4d3b2f",
+  "0xe9b5dba58189dbbc",
+  "0x3956c25bf348b538",
+  "0x59f111f1b605d019",
+  "0x923f82a4af194f9b",
+  "0xab1c5ed5da6d8118",
+  "0xd807aa98a3030242",
+  "0x12835b0145706fbe",
+  "0x243185be4ee4b28c",
+  "0x550c7dc3d5ffb4e2",
+  "0x72be5d74f27b896f",
+  "0x80deb1fe3b1696b1",
+  "0x9bdc06a725c71235",
+  "0xc19bf174cf692694",
+  "0xe49b69c19ef14ad2",
+  "0xefbe4786384f25e3",
+  "0x0fc19dc68b8cd5b5",
+  "0x240ca1cc77ac9c65",
+  "0x2de92c6f592b0275",
+  "0x4a7484aa6ea6e483",
+  "0x5cb0a9dcbd41fbd4",
+  "0x76f988da831153b5",
+  "0x983e5152ee66dfab",
+  "0xa831c66d2db43210",
+  "0xb00327c898fb213f",
+  "0xbf597fc7beef0ee4",
+  "0xc6e00bf33da88fc2",
+  "0xd5a79147930aa725",
+  "0x06ca6351e003826f",
+  "0x142929670a0e6e70",
+  "0x27b70a8546d22ffc",
+  "0x2e1b21385c26c926",
+  "0x4d2c6dfc5ac42aed",
+  "0x53380d139d95b3df",
+  "0x650a73548baf63de",
+  "0x766a0abb3c77b2a8",
+  "0x81c2c92e47edaee6",
+  "0x92722c851482353b",
+  "0xa2bfe8a14cf10364",
+  "0xa81a664bbc423001",
+  "0xc24b8b70d0f89791",
+  "0xc76c51a30654be30",
+  "0xd192e819d6ef5218",
+  "0xd69906245565a910",
+  "0xf40e35855771202a",
+  "0x106aa07032bbd1b8",
+  "0x19a4c116b8d2d0c8",
+  "0x1e376c085141ab53",
+  "0x2748774cdf8eeb99",
+  "0x34b0bcb5e19b48a8",
+  "0x391c0cb3c5c95a63",
+  "0x4ed8aa4ae3418acb",
+  "0x5b9cca4f7763e373",
+  "0x682e6ff3d6b2b8a3",
+  "0x748f82ee5defb2fc",
+  "0x78a5636f43172f60",
+  "0x84c87814a1f0ab72",
+  "0x8cc702081a6439ec",
+  "0x90befffa23631e28",
+  "0xa4506cebde82bde9",
+  "0xbef9a3f7b2c67915",
+  "0xc67178f2e372532b",
+  "0xca273eceea26619c",
+  "0xd186b8c721c0c207",
+  "0xeada7dd6cde0eb1e",
+  "0xf57d4f7fee6ed178",
+  "0x06f067aa72176fba",
+  "0x0a637dc5a2c898a6",
+  "0x113f9804bef90dae",
+  "0x1b710b35131c471b",
+  "0x28db77f523047d84",
+  "0x32caab7b40c72493",
+  "0x3c9ebe0a15c9bebc",
+  "0x431d67c49c100d4c",
+  "0x4cc5d4becb3e42b6",
+  "0x597f299cfc657e2a",
+  "0x5fcb6fab3ad6faec",
+  "0x6c44198c4a475817"
+].map((n) => BigInt(n))))();
+var SHA512_Kh = /* @__PURE__ */ (() => K512[0])();
+var SHA512_Kl = /* @__PURE__ */ (() => K512[1])();
+var SHA512_W_H = /* @__PURE__ */ new Uint32Array(80);
+var SHA512_W_L = /* @__PURE__ */ new Uint32Array(80);
+var SHA512 = class extends HashMD {
+  constructor(outputLen = 64) {
+    super(128, outputLen, 16, false);
+    this.Ah = SHA512_IV[0] | 0;
+    this.Al = SHA512_IV[1] | 0;
+    this.Bh = SHA512_IV[2] | 0;
+    this.Bl = SHA512_IV[3] | 0;
+    this.Ch = SHA512_IV[4] | 0;
+    this.Cl = SHA512_IV[5] | 0;
+    this.Dh = SHA512_IV[6] | 0;
+    this.Dl = SHA512_IV[7] | 0;
+    this.Eh = SHA512_IV[8] | 0;
+    this.El = SHA512_IV[9] | 0;
+    this.Fh = SHA512_IV[10] | 0;
+    this.Fl = SHA512_IV[11] | 0;
+    this.Gh = SHA512_IV[12] | 0;
+    this.Gl = SHA512_IV[13] | 0;
+    this.Hh = SHA512_IV[14] | 0;
+    this.Hl = SHA512_IV[15] | 0;
+  }
+  // prettier-ignore
+  get() {
+    const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
+    return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl];
+  }
+  // prettier-ignore
+  set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) {
+    this.Ah = Ah | 0;
+    this.Al = Al | 0;
+    this.Bh = Bh | 0;
+    this.Bl = Bl | 0;
+    this.Ch = Ch | 0;
+    this.Cl = Cl | 0;
+    this.Dh = Dh | 0;
+    this.Dl = Dl | 0;
+    this.Eh = Eh | 0;
+    this.El = El | 0;
+    this.Fh = Fh | 0;
+    this.Fl = Fl | 0;
+    this.Gh = Gh | 0;
+    this.Gl = Gl | 0;
+    this.Hh = Hh | 0;
+    this.Hl = Hl | 0;
+  }
+  process(view, offset) {
+    for (let i = 0; i < 16; i++, offset += 4) {
+      SHA512_W_H[i] = view.getUint32(offset);
+      SHA512_W_L[i] = view.getUint32(offset += 4);
+    }
+    for (let i = 16; i < 80; i++) {
+      const W15h = SHA512_W_H[i - 15] | 0;
+      const W15l = SHA512_W_L[i - 15] | 0;
+      const s0h = rotrSH(W15h, W15l, 1) ^ rotrSH(W15h, W15l, 8) ^ shrSH(W15h, W15l, 7);
+      const s0l = rotrSL(W15h, W15l, 1) ^ rotrSL(W15h, W15l, 8) ^ shrSL(W15h, W15l, 7);
+      const W2h = SHA512_W_H[i - 2] | 0;
+      const W2l = SHA512_W_L[i - 2] | 0;
+      const s1h = rotrSH(W2h, W2l, 19) ^ rotrBH(W2h, W2l, 61) ^ shrSH(W2h, W2l, 6);
+      const s1l = rotrSL(W2h, W2l, 19) ^ rotrBL(W2h, W2l, 61) ^ shrSL(W2h, W2l, 6);
+      const SUMl = add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]);
+      const SUMh = add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]);
+      SHA512_W_H[i] = SUMh | 0;
+      SHA512_W_L[i] = SUMl | 0;
+    }
+    let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
+    for (let i = 0; i < 80; i++) {
+      const sigma1h = rotrSH(Eh, El, 14) ^ rotrSH(Eh, El, 18) ^ rotrBH(Eh, El, 41);
+      const sigma1l = rotrSL(Eh, El, 14) ^ rotrSL(Eh, El, 18) ^ rotrBL(Eh, El, 41);
+      const CHIh = Eh & Fh ^ ~Eh & Gh;
+      const CHIl = El & Fl ^ ~El & Gl;
+      const T1ll = add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]);
+      const T1h = add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]);
+      const T1l = T1ll | 0;
+      const sigma0h = rotrSH(Ah, Al, 28) ^ rotrBH(Ah, Al, 34) ^ rotrBH(Ah, Al, 39);
+      const sigma0l = rotrSL(Ah, Al, 28) ^ rotrBL(Ah, Al, 34) ^ rotrBL(Ah, Al, 39);
+      const MAJh = Ah & Bh ^ Ah & Ch ^ Bh & Ch;
+      const MAJl = Al & Bl ^ Al & Cl ^ Bl & Cl;
+      Hh = Gh | 0;
+      Hl = Gl | 0;
+      Gh = Fh | 0;
+      Gl = Fl | 0;
+      Fh = Eh | 0;
+      Fl = El | 0;
+      ({ h: Eh, l: El } = add(Dh | 0, Dl | 0, T1h | 0, T1l | 0));
+      Dh = Ch | 0;
+      Dl = Cl | 0;
+      Ch = Bh | 0;
+      Cl = Bl | 0;
+      Bh = Ah | 0;
+      Bl = Al | 0;
+      const All = add3L(T1l, sigma0l, MAJl);
+      Ah = add3H(All, T1h, sigma0h, MAJh);
+      Al = All | 0;
+    }
+    ({ h: Ah, l: Al } = add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0));
+    ({ h: Bh, l: Bl } = add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0));
+    ({ h: Ch, l: Cl } = add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0));
+    ({ h: Dh, l: Dl } = add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0));
+    ({ h: Eh, l: El } = add(this.Eh | 0, this.El | 0, Eh | 0, El | 0));
+    ({ h: Fh, l: Fl } = add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0));
+    ({ h: Gh, l: Gl } = add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0));
+    ({ h: Hh, l: Hl } = add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0));
+    this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
+  }
+  roundClean() {
+    clean(SHA512_W_H, SHA512_W_L);
+  }
+  destroy() {
+    clean(this.buffer);
+    this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+  }
+};
+var SHA384 = class extends SHA512 {
+  constructor() {
+    super(48);
+    this.Ah = SHA384_IV[0] | 0;
+    this.Al = SHA384_IV[1] | 0;
+    this.Bh = SHA384_IV[2] | 0;
+    this.Bl = SHA384_IV[3] | 0;
+    this.Ch = SHA384_IV[4] | 0;
+    this.Cl = SHA384_IV[5] | 0;
+    this.Dh = SHA384_IV[6] | 0;
+    this.Dl = SHA384_IV[7] | 0;
+    this.Eh = SHA384_IV[8] | 0;
+    this.El = SHA384_IV[9] | 0;
+    this.Fh = SHA384_IV[10] | 0;
+    this.Fl = SHA384_IV[11] | 0;
+    this.Gh = SHA384_IV[12] | 0;
+    this.Gl = SHA384_IV[13] | 0;
+    this.Hh = SHA384_IV[14] | 0;
+    this.Hl = SHA384_IV[15] | 0;
+  }
+};
 var sha256 = /* @__PURE__ */ createHasher(() => new SHA256());
+var sha512 = /* @__PURE__ */ createHasher(() => new SHA512());
+var sha384 = /* @__PURE__ */ createHasher(() => new SHA384());
 
 // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/abstract/utils.js
 var _0n = /* @__PURE__ */ BigInt(0);
@@ -36953,6 +37265,10 @@ function abool(title, value) {
   if (typeof value !== "boolean")
     throw new Error(title + " boolean expected, got " + value);
 }
+function numberToHexUnpadded(num) {
+  const hex = num.toString(16);
+  return hex.length & 1 ? "0" + hex : hex;
+}
 function hexToNumber(hex) {
   if (typeof hex !== "string")
     throw new Error("hex string expected, got " + typeof hex);
@@ -37035,7 +37351,7 @@ function ensureBytes(title, hex, expectedLength) {
     throw new Error(title + " of length " + expectedLength + " expected, got " + len);
   return res;
 }
-function concatBytes(...arrays) {
+function concatBytes2(...arrays) {
   let sum = 0;
   for (let i = 0; i < arrays.length; i++) {
     const a = arrays[i];
@@ -37043,10 +37359,10 @@ function concatBytes(...arrays) {
     sum += a.length;
   }
   const res = new Uint8Array(sum);
-  for (let i = 0, pad = 0; i < arrays.length; i++) {
+  for (let i = 0, pad2 = 0; i < arrays.length; i++) {
     const a = arrays[i];
-    res.set(a, pad);
-    pad += a.length;
+    res.set(a, pad2);
+    pad2 += a.length;
   }
   return res;
 }
@@ -37073,6 +37389,56 @@ function bitGet(n, pos) {
   return n >> BigInt(pos) & _1n;
 }
 var bitMask = (n) => (_1n << BigInt(n)) - _1n;
+var u8n = (len) => new Uint8Array(len);
+var u8fr = (arr) => Uint8Array.from(arr);
+function createHmacDrbg(hashLen, qByteLen, hmacFn) {
+  if (typeof hashLen !== "number" || hashLen < 2)
+    throw new Error("hashLen must be a number");
+  if (typeof qByteLen !== "number" || qByteLen < 2)
+    throw new Error("qByteLen must be a number");
+  if (typeof hmacFn !== "function")
+    throw new Error("hmacFn must be a function");
+  let v = u8n(hashLen);
+  let k = u8n(hashLen);
+  let i = 0;
+  const reset = () => {
+    v.fill(1);
+    k.fill(0);
+    i = 0;
+  };
+  const h = (...b) => hmacFn(k, v, ...b);
+  const reseed = (seed = u8n(0)) => {
+    k = h(u8fr([0]), seed);
+    v = h();
+    if (seed.length === 0)
+      return;
+    k = h(u8fr([1]), seed);
+    v = h();
+  };
+  const gen = () => {
+    if (i++ >= 1e3)
+      throw new Error("drbg: tried 1000 values");
+    let len = 0;
+    const out = [];
+    while (len < qByteLen) {
+      v = h();
+      const sl = v.slice();
+      out.push(sl);
+      len += v.length;
+    }
+    return concatBytes2(...out);
+  };
+  const genUntil = (seed, pred) => {
+    reset();
+    reseed(seed);
+    let res = void 0;
+    while (!(res = pred(gen())))
+      reseed();
+    reset();
+    return res;
+  };
+  return genUntil;
+}
 var validatorFns = {
   bigint: (val) => typeof val === "bigint",
   function: (val) => typeof val === "function",
@@ -37412,22 +37778,22 @@ function expand_message_xmd(msg, DST, lenInBytes, H) {
   abytes2(DST);
   anum(lenInBytes);
   if (DST.length > 255)
-    DST = H(concatBytes(utf8ToBytes2("H2C-OVERSIZE-DST-"), DST));
+    DST = H(concatBytes2(utf8ToBytes2("H2C-OVERSIZE-DST-"), DST));
   const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H;
   const ell = Math.ceil(lenInBytes / b_in_bytes);
   if (lenInBytes > 65535 || ell > 255)
     throw new Error("expand_message_xmd: invalid lenInBytes");
-  const DST_prime = concatBytes(DST, i2osp(DST.length, 1));
+  const DST_prime = concatBytes2(DST, i2osp(DST.length, 1));
   const Z_pad = i2osp(0, r_in_bytes);
   const l_i_b_str = i2osp(lenInBytes, 2);
   const b = new Array(ell);
-  const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
-  b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime));
+  const b_0 = H(concatBytes2(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
+  b[0] = H(concatBytes2(b_0, i2osp(1, 1), DST_prime));
   for (let i = 1; i <= ell; i++) {
     const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime];
-    b[i] = H(concatBytes(...args));
+    b[i] = H(concatBytes2(...args));
   }
-  const pseudo_random_bytes = concatBytes(...b);
+  const pseudo_random_bytes = concatBytes2(...b);
   return pseudo_random_bytes.slice(0, lenInBytes);
 }
 function expand_message_xof(msg, DST, lenInBytes, k, H) {
@@ -37765,6 +38131,12 @@ function validateBasic(curve) {
 }
 
 // ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/abstract/weierstrass.js
+function validateSigVerOpts(opts) {
+  if (opts.lowS !== void 0)
+    abool("lowS", opts.lowS);
+  if (opts.prehash !== void 0)
+    abool("prehash", opts.prehash);
+}
 function validatePointOpts(curve) {
   const opts = validateBasic(curve);
   validateObject(opts, {
@@ -37790,6 +38162,114 @@ function validatePointOpts(curve) {
   }
   return Object.freeze({ ...opts });
 }
+var DERErr = class extends Error {
+  constructor(m = "") {
+    super(m);
+  }
+};
+var DER = {
+  // asn.1 DER encoding utils
+  Err: DERErr,
+  // Basic building block is TLV (Tag-Length-Value)
+  _tlv: {
+    encode: (tag, data) => {
+      const { Err: E } = DER;
+      if (tag < 0 || tag > 256)
+        throw new E("tlv.encode: wrong tag");
+      if (data.length & 1)
+        throw new E("tlv.encode: unpadded data");
+      const dataLen = data.length / 2;
+      const len = numberToHexUnpadded(dataLen);
+      if (len.length / 2 & 128)
+        throw new E("tlv.encode: long form length too big");
+      const lenLen = dataLen > 127 ? numberToHexUnpadded(len.length / 2 | 128) : "";
+      const t = numberToHexUnpadded(tag);
+      return t + lenLen + len + data;
+    },
+    // v - value, l - left bytes (unparsed)
+    decode(tag, data) {
+      const { Err: E } = DER;
+      let pos = 0;
+      if (tag < 0 || tag > 256)
+        throw new E("tlv.encode: wrong tag");
+      if (data.length < 2 || data[pos++] !== tag)
+        throw new E("tlv.decode: wrong tlv");
+      const first = data[pos++];
+      const isLong = !!(first & 128);
+      let length = 0;
+      if (!isLong)
+        length = first;
+      else {
+        const lenLen = first & 127;
+        if (!lenLen)
+          throw new E("tlv.decode(long): indefinite length not supported");
+        if (lenLen > 4)
+          throw new E("tlv.decode(long): byte length is too big");
+        const lengthBytes = data.subarray(pos, pos + lenLen);
+        if (lengthBytes.length !== lenLen)
+          throw new E("tlv.decode: length bytes not complete");
+        if (lengthBytes[0] === 0)
+          throw new E("tlv.decode(long): zero leftmost byte");
+        for (const b of lengthBytes)
+          length = length << 8 | b;
+        pos += lenLen;
+        if (length < 128)
+          throw new E("tlv.decode(long): not minimal encoding");
+      }
+      const v = data.subarray(pos, pos + length);
+      if (v.length !== length)
+        throw new E("tlv.decode: wrong value length");
+      return { v, l: data.subarray(pos + length) };
+    }
+  },
+  // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag,
+  // since we always use positive integers here. It must always be empty:
+  // - add zero byte if exists
+  // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding)
+  _int: {
+    encode(num) {
+      const { Err: E } = DER;
+      if (num < _0n4)
+        throw new E("integer: negative integers are not allowed");
+      let hex = numberToHexUnpadded(num);
+      if (Number.parseInt(hex[0], 16) & 8)
+        hex = "00" + hex;
+      if (hex.length & 1)
+        throw new E("unexpected DER parsing assertion: unpadded hex");
+      return hex;
+    },
+    decode(data) {
+      const { Err: E } = DER;
+      if (data[0] & 128)
+        throw new E("invalid signature integer: negative");
+      if (data[0] === 0 && !(data[1] & 128))
+        throw new E("invalid signature integer: unnecessary leading zero");
+      return bytesToNumberBE(data);
+    }
+  },
+  toSig(hex) {
+    const { Err: E, _int: int, _tlv: tlv } = DER;
+    const data = ensureBytes("signature", hex);
+    const { v: seqBytes, l: seqLeftBytes } = tlv.decode(48, data);
+    if (seqLeftBytes.length)
+      throw new E("invalid signature: left bytes after parsing");
+    const { v: rBytes, l: rLeftBytes } = tlv.decode(2, seqBytes);
+    const { v: sBytes, l: sLeftBytes } = tlv.decode(2, rLeftBytes);
+    if (sLeftBytes.length)
+      throw new E("invalid signature: left bytes after parsing");
+    return { r: int.decode(rBytes), s: int.decode(sBytes) };
+  },
+  hexFromSig(sig) {
+    const { _tlv: tlv, _int: int } = DER;
+    const rs = tlv.encode(2, int.encode(sig.r));
+    const ss = tlv.encode(2, int.encode(sig.s));
+    const seq = rs + ss;
+    return tlv.encode(48, seq);
+  }
+};
+function numToSizedHex(num, size4) {
+  return bytesToHex(numberToBytesBE(num, size4));
+}
 var _0n4 = BigInt(0);
 var _1n4 = BigInt(1);
 var _2n2 = BigInt(2);
@@ -37799,9 +38279,9 @@ function weierstrassPoints(opts) {
   const CURVE = validatePointOpts(opts);
   const { Fp: Fp3 } = CURVE;
   const Fn = Field(CURVE.n, CURVE.nBitLength);
-  const toBytes6 = CURVE.toBytes || ((_c, point, _isCompressed) => {
+  const toBytes7 = CURVE.toBytes || ((_c, point, _isCompressed) => {
     const a = point.toAffine();
-    return concatBytes(Uint8Array.from([4]), Fp3.toBytes(a.x), Fp3.toBytes(a.y));
+    return concatBytes2(Uint8Array.from([4]), Fp3.toBytes(a.x), Fp3.toBytes(a.y));
   });
   const fromBytes = CURVE.fromBytes || ((bytes) => {
     const tail = bytes.subarray(1);
@@ -38179,7 +38659,7 @@ function weierstrassPoints(opts) {
     toRawBytes(isCompressed = true) {
       abool("isCompressed", isCompressed);
       this.assertValidity();
-      return toBytes6(Point, this, isCompressed);
+      return toBytes7(Point, this, isCompressed);
     }
     toHex(isCompressed = true) {
       abool("isCompressed", isCompressed);
@@ -38198,6 +38678,343 @@ function weierstrassPoints(opts) {
     isWithinCurveOrder
   };
 }
+function validateOpts(curve) {
+  const opts = validateBasic(curve);
+  validateObject(opts, {
+    hash: "hash",
+    hmac: "function",
+    randomBytes: "function"
+  }, {
+    bits2int: "function",
+    bits2int_modN: "function",
+    lowS: "boolean"
+  });
+  return Object.freeze({ lowS: true, ...opts });
+}
+function weierstrass(curveDef) {
+  const CURVE = validateOpts(curveDef);
+  const { Fp: Fp3, n: CURVE_ORDER, nByteLength, nBitLength } = CURVE;
+  const compressedLen = Fp3.BYTES + 1;
+  const uncompressedLen = 2 * Fp3.BYTES + 1;
+  function modN(a) {
+    return mod(a, CURVE_ORDER);
+  }
+  function invN(a) {
+    return invert(a, CURVE_ORDER);
+  }
+  const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder } = weierstrassPoints({
+    ...CURVE,
+    toBytes(_c, point, isCompressed) {
+      const a = point.toAffine();
+      const x = Fp3.toBytes(a.x);
+      const cat = concatBytes2;
+      abool("isCompressed", isCompressed);
+      if (isCompressed) {
+        return cat(Uint8Array.from([point.hasEvenY() ? 2 : 3]), x);
+      } else {
+        return cat(Uint8Array.from([4]), x, Fp3.toBytes(a.y));
+      }
+    },
+    fromBytes(bytes) {
+      const len = bytes.length;
+      const head = bytes[0];
+      const tail = bytes.subarray(1);
+      if (len === compressedLen && (head === 2 || head === 3)) {
+        const x = bytesToNumberBE(tail);
+        if (!inRange(x, _1n4, Fp3.ORDER))
+          throw new Error("Point is not on curve");
+        const y2 = weierstrassEquation(x);
+        let y;
+        try {
+          y = Fp3.sqrt(y2);
+        } catch (sqrtError) {
+          const suffix = sqrtError instanceof Error ? ": " + sqrtError.message : "";
+          throw new Error("Point is not on curve" + suffix);
+        }
+        const isYOdd = (y & _1n4) === _1n4;
+        const isHeadOdd = (head & 1) === 1;
+        if (isHeadOdd !== isYOdd)
+          y = Fp3.neg(y);
+        return { x, y };
+      } else if (len === uncompressedLen && head === 4) {
+        const x = Fp3.fromBytes(tail.subarray(0, Fp3.BYTES));
+        const y = Fp3.fromBytes(tail.subarray(Fp3.BYTES, 2 * Fp3.BYTES));
+        return { x, y };
+      } else {
+        const cl = compressedLen;
+        const ul = uncompressedLen;
+        throw new Error("invalid Point, expected length of " + cl + ", or uncompressed " + ul + ", got " + len);
+      }
+    }
+  });
+  function isBiggerThanHalfOrder(number) {
+    const HALF = CURVE_ORDER >> _1n4;
+    return number > HALF;
+  }
+  function normalizeS(s) {
+    return isBiggerThanHalfOrder(s) ? modN(-s) : s;
+  }
+  const slcNum = (b, from, to) => bytesToNumberBE(b.slice(from, to));
+  class Signature {
+    constructor(r, s, recovery) {
+      aInRange("r", r, _1n4, CURVE_ORDER);
+      aInRange("s", s, _1n4, CURVE_ORDER);
+      this.r = r;
+      this.s = s;
+      if (recovery != null)
+        this.recovery = recovery;
+      Object.freeze(this);
+    }
+    // pair (bytes of r, bytes of s)
+    static fromCompact(hex) {
+      const l = nByteLength;
+      hex = ensureBytes("compactSignature", hex, l * 2);
+      return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l));
+    }
+    // DER encoded ECDSA signature
+    // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script
+    static fromDER(hex) {
+      const { r, s } = DER.toSig(ensureBytes("DER", hex));
+      return new Signature(r, s);
+    }
+    /**
+     * @todo remove
+     * @deprecated
+     */
+    assertValidity() {
+    }
+    addRecoveryBit(recovery) {
+      return new Signature(this.r, this.s, recovery);
+    }
+    recoverPublicKey(msgHash) {
+      const { r, s, recovery: rec } = this;
+      const h = bits2int_modN(ensureBytes("msgHash", msgHash));
+      if (rec == null || ![0, 1, 2, 3].includes(rec))
+        throw new Error("recovery id invalid");
+      const radj = rec === 2 || rec === 3 ? r + CURVE.n : r;
+      if (radj >= Fp3.ORDER)
+        throw new Error("recovery id 2 or 3 invalid");
+      const prefix = (rec & 1) === 0 ? "02" : "03";
+      const R = Point.fromHex(prefix + numToSizedHex(radj, Fp3.BYTES));
+      const ir = invN(radj);
+      const u1 = modN(-h * ir);
+      const u2 = modN(s * ir);
+      const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2);
+      if (!Q)
+        throw new Error("point at infinify");
+      Q.assertValidity();
+      return Q;
+    }
+    // Signatures should be low-s, to prevent malleability.
+    hasHighS() {
+      return isBiggerThanHalfOrder(this.s);
+    }
+    normalizeS() {
+      return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this;
+    }
+    // DER-encoded
+    toDERRawBytes() {
+      return hexToBytes(this.toDERHex());
+    }
+    toDERHex() {
+      return DER.hexFromSig(this);
+    }
+    // padded bytes of r, then padded bytes of s
+    toCompactRawBytes() {
+      return hexToBytes(this.toCompactHex());
+    }
+    toCompactHex() {
+      const l = nByteLength;
+      return numToSizedHex(this.r, l) + numToSizedHex(this.s, l);
+    }
+  }
+  const utils = {
+    isValidPrivateKey(privateKey) {
+      try {
+        normPrivateKeyToScalar(privateKey);
+        return true;
+      } catch (error) {
+        return false;
+      }
+    },
+    normPrivateKeyToScalar,
+    /**
+     * Produces cryptographically secure private key from random of size
+     * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible.
+     */
+    randomPrivateKey: () => {
+      const length = getMinHashLength(CURVE.n);
+      return mapHashToField(CURVE.randomBytes(length), CURVE.n);
+    },
+    /**
+     * Creates precompute table for an arbitrary EC point. Makes point "cached".
+     * Allows to massively speed-up `point.multiply(scalar)`.
+     * @returns cached point
+     * @example
+     * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey));
+     * fast.multiply(privKey); // much faster ECDH now
+     */
+    precompute(windowSize = 8, point = Point.BASE) {
+      point._setWindowSize(windowSize);
+      point.multiply(BigInt(3));
+      return point;
+    }
+  };
+  function getPublicKey(privateKey, isCompressed = true) {
+    return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed);
+  }
+  function isProbPub(item) {
+    if (typeof item === "bigint")
+      return false;
+    if (item instanceof Point)
+      return true;
+    const arr = ensureBytes("key", item);
+    const len = arr.length;
+    const fpl = Fp3.BYTES;
+    const compLen = fpl + 1;
+    const uncompLen = 2 * fpl + 1;
+    if (CURVE.allowedPrivateKeyLengths || nByteLength === compLen) {
+      return void 0;
+    } else {
+      return len === compLen || len === uncompLen;
+    }
+  }
+  function getSharedSecret(privateA, publicB, isCompressed = true) {
+    if (isProbPub(privateA) === true)
+      throw new Error("first arg must be private key");
+    if (isProbPub(publicB) === false)
+      throw new Error("second arg must be public key");
+    const b = Point.fromHex(publicB);
+    return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed);
+  }
+  const bits2int = CURVE.bits2int || function(bytes) {
+    if (bytes.length > 8192)
+      throw new Error("input is too large");
+    const num = bytesToNumberBE(bytes);
+    const delta = bytes.length * 8 - nBitLength;
+    return delta > 0 ? num >> BigInt(delta) : num;
+  };
+  const bits2int_modN = CURVE.bits2int_modN || function(bytes) {
+    return modN(bits2int(bytes));
+  };
+  const ORDER_MASK = bitMask(nBitLength);
+  function int2octets(num) {
+    aInRange("num < 2^" + nBitLength, num, _0n4, ORDER_MASK);
+    return numberToBytesBE(num, nByteLength);
+  }
+  function prepSig(msgHash, privateKey, opts = defaultSigOpts) {
+    if (["recovered", "canonical"].some((k) => k in opts))
+      throw new Error("sign() legacy options not supported");
+    const { hash, randomBytes: randomBytes2 } = CURVE;
+    let { lowS, prehash, extraEntropy: ent } = opts;
+    if (lowS == null)
+      lowS = true;
+    msgHash = ensureBytes("msgHash", msgHash);
+    validateSigVerOpts(opts);
+    if (prehash)
+      msgHash = ensureBytes("prehashed msgHash", hash(msgHash));
+    const h1int = bits2int_modN(msgHash);
+    const d = normPrivateKeyToScalar(privateKey);
+    const seedArgs = [int2octets(d), int2octets(h1int)];
+    if (ent != null && ent !== false) {
+      const e = ent === true ? randomBytes2(Fp3.BYTES) : ent;
+      seedArgs.push(ensureBytes("extraEntropy", e));
+    }
+    const seed = concatBytes2(...seedArgs);
+    const m = h1int;
+    function k2sig(kBytes) {
+      const k = bits2int(kBytes);
+      if (!isWithinCurveOrder(k))
+        return;
+      const ik = invN(k);
+      const q = Point.BASE.multiply(k).toAffine();
+      const r = modN(q.x);
+      if (r === _0n4)
+        return;
+      const s = modN(ik * modN(m + r * d));
+      if (s === _0n4)
+        return;
+      let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n4);
+      let normS = s;
+      if (lowS && isBiggerThanHalfOrder(s)) {
+        normS = normalizeS(s);
+        recovery ^= 1;
+      }
+      return new Signature(r, normS, recovery);
+    }
+    return { seed, k2sig };
+  }
+  const defaultSigOpts = { lowS: CURVE.lowS, prehash: false };
+  const defaultVerOpts = { lowS: CURVE.lowS, prehash: false };
+  function sign(msgHash, privKey, opts = defaultSigOpts) {
+    const { seed, k2sig } = prepSig(msgHash, privKey, opts);
+    const C = CURVE;
+    const drbg = createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac);
+    return drbg(seed, k2sig);
+  }
+  Point.BASE._setWindowSize(8);
+  function verify(signature, msgHash, publicKey, opts = defaultVerOpts) {
+    const sg = signature;
+    msgHash = ensureBytes("msgHash", msgHash);
+    publicKey = ensureBytes("publicKey", publicKey);
+    const { lowS, prehash, format } = opts;
+    validateSigVerOpts(opts);
+    if ("strict" in opts)
+      throw new Error("options.strict was renamed to lowS");
+    if (format !== void 0 && format !== "compact" && format !== "der")
+      throw new Error("format must be compact or der");
+    const isHex4 = typeof sg === "string" || isBytes2(sg);
+    const isObj = !isHex4 && !format && typeof sg === "object" && sg !== null && typeof sg.r === "bigint" && typeof sg.s === "bigint";
+    if (!isHex4 && !isObj)
+      throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");
+    let _sig = void 0;
+    let P;
+    try {
+      if (isObj)
+        _sig = new Signature(sg.r, sg.s);
+      if (isHex4) {
+        try {
+          if (format !== "compact")
+            _sig = Signature.fromDER(sg);
+        } catch (derError) {
+          if (!(derError instanceof DER.Err))
+            throw derError;
+        }
+        if (!_sig && format !== "der")
+          _sig = Signature.fromCompact(sg);
+      }
+      P = Point.fromHex(publicKey);
+    } catch (error) {
+      return false;
+    }
+    if (!_sig)
+      return false;
+    if (lowS && _sig.hasHighS())
+      return false;
+    if (prehash)
+      msgHash = CURVE.hash(msgHash);
+    const { r, s } = _sig;
+    const h = bits2int_modN(msgHash);
+    const is = invN(s);
+    const u1 = modN(h * is);
+    const u2 = modN(r * is);
+    const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine();
+    if (!R)
+      return false;
+    const v = modN(R.x);
+    return v === r;
+  }
+  return {
+    CURVE,
+    getPublicKey,
+    getSharedSecret,
+    sign,
+    verify,
+    ProjectivePoint: Point,
+    Signature,
+    utils
+  };
+}
 function SWUFpSqrtRatio(Fp3, Z) {
   const q = Fp3.ORDER;
   let l = _0n4;
@@ -38748,7 +39565,7 @@ function tower12(opts) {
         throw new Error("fromBytes invalid length=" + b.length);
       return { c0: Fp3.fromBytes(b.subarray(0, Fp3.BYTES)), c1: Fp3.fromBytes(b.subarray(Fp3.BYTES)) };
     },
-    toBytes: ({ c0, c1 }) => concatBytes(Fp3.toBytes(c0), Fp3.toBytes(c1)),
+    toBytes: ({ c0, c1 }) => concatBytes2(Fp3.toBytes(c0), Fp3.toBytes(c1)),
     cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({
       c0: Fp3.cmov(c0, r0, c),
       c1: Fp3.cmov(c1, r1, c)
@@ -38855,7 +39672,7 @@ function tower12(opts) {
         c2: Fp22.fromBytes(b.subarray(2 * Fp22.BYTES))
       };
     },
-    toBytes: ({ c0, c1, c2 }) => concatBytes(Fp22.toBytes(c0), Fp22.toBytes(c1), Fp22.toBytes(c2)),
+    toBytes: ({ c0, c1, c2 }) => concatBytes2(Fp22.toBytes(c0), Fp22.toBytes(c1), Fp22.toBytes(c2)),
     cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({
       c0: Fp22.cmov(c0, r0, c),
       c1: Fp22.cmov(c1, r1, c),
@@ -38982,7 +39799,7 @@ function tower12(opts) {
         c1: Fp62.fromBytes(b.subarray(Fp62.BYTES))
       };
     },
-    toBytes: ({ c0, c1 }) => concatBytes(Fp62.toBytes(c0), Fp62.toBytes(c1)),
+    toBytes: ({ c0, c1 }) => concatBytes2(Fp62.toBytes(c0), Fp62.toBytes(c1)),
     cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({
       c0: Fp62.cmov(c0, r0, c),
       c1: Fp62.cmov(c1, r1, c)
@@ -39344,14 +40161,14 @@ function signatureG2ToRawBytes(point) {
   point.assertValidity();
   const len = Fp.BYTES;
   if (point.equals(bls12_381.G2.ProjectivePoint.ZERO))
-    return concatBytes(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
+    return concatBytes2(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
   const { x, y } = point.toAffine();
   const { re: x0, im: x1 } = Fp2.reim(x);
   const { re: y0, im: y1 } = Fp2.reim(y);
   const tmp = y1 > _0n7 ? y1 * _2n5 : y0 * _2n5;
   const sort = Boolean(tmp / Fp.ORDER & _1n7);
   const z2 = x0;
-  return concatBytes(setMask(numberToBytesBE(x1, len), { sort, compressed: true }), numberToBytesBE(z2, len));
+  return concatBytes2(setMask(numberToBytesBE(x1, len), { sort, compressed: true }), numberToBytesBE(z2, len));
 }
 var bls12_381 = bls({
   // Fields
@@ -39440,10 +40257,10 @@ var bls12_381 = bls({
         return setMask(numberToBytesBE(x, Fp.BYTES), { compressed: true, sort });
       } else {
         if (isZero) {
-          const x2 = concatBytes(new Uint8Array([64]), new Uint8Array(2 * Fp.BYTES - 1));
+          const x2 = concatBytes2(new Uint8Array([64]), new Uint8Array(2 * Fp.BYTES - 1));
           return x2;
         } else {
-          return concatBytes(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES));
+          return concatBytes2(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES));
         }
       }
     },
@@ -39577,15 +40394,15 @@ var bls12_381 = bls({
       const { x, y } = point.toAffine();
       if (isCompressed) {
         if (isZero)
-          return concatBytes(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
+          return concatBytes2(COMPRESSED_ZERO, numberToBytesBE(_0n7, len));
         const flag = Boolean(y.c1 === _0n7 ? y.c0 * _2n5 / P : y.c1 * _2n5 / P);
-        return concatBytes(setMask(numberToBytesBE(x.c1, len), { compressed: true, sort: flag }), numberToBytesBE(x.c0, len));
+        return concatBytes2(setMask(numberToBytesBE(x.c1, len), { compressed: true, sort: flag }), numberToBytesBE(x.c0, len));
       } else {
         if (isZero)
-          return concatBytes(new Uint8Array([64]), new Uint8Array(4 * len - 1));
+          return concatBytes2(new Uint8Array([64]), new Uint8Array(4 * len - 1));
         const { re: x0, im: x1 } = Fp2.reim(x);
         const { re: y0, im: y1 } = Fp2.reim(y);
-        return concatBytes(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len));
+        return concatBytes2(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len));
       }
     },
     Signature: {
@@ -42061,16 +42878,59 @@ var airAccountFactoryActions = (address) => (client) => ({
     }
   }
 });
-
-// ../core/src/actions/airAccountExtension.ts
+var GUARDIAN_REMOVAL_NONCE_SLOT = 15n;
+var TIER_LIMIT_NONCE_SLOT = 16n;
+var RECOVERY_NONCE_SLOT = 38n;
+var GUARDIAN_ADDITION_NONCE_SLOT = 39n;
+var MAX_GUARDIAN_SLOT = 2;
 var V7_ABI = AAStarAirAccountV7ABI;
 var EXT_ABI = AirAccountExtensionABI;
-var BATCH2 = (fn) => {
-  throw new AAStarError(
-    "E4001" /* NOT_IMPLEMENTED */,
-    `${fn} is part of the Batch 2 / P-256 (WebAuthn) guardian feature and is not yet wired into the SDK. The v0.20.0 contract supports it (AirAccountExtension, via the account fallback), but the SDK assertion/payload encoders land in Batch 2.`
-  );
-};
+function feeOverrides(maxFeePerGas, maxPriorityFeePerGas) {
+  return {
+    ...maxFeePerGas !== void 0 ? { maxFeePerGas } : {},
+    ...maxPriorityFeePerGas !== void 0 ? { maxPriorityFeePerGas } : {}
+  };
+}
+function validateMixedSigs(signerIdxs, sigs) {
+  validateRequired(signerIdxs, "signerIdxs");
+  validateRequired(sigs, "sigs");
+  if (signerIdxs.length !== sigs.length) {
+    throw new AAStarError(
+      "E1003" /* INVALID_PARAMETER */,
+      `signerIdxs (${signerIdxs.length}) and sigs (${sigs.length}) must have equal length`
+    );
+  }
+  if (signerIdxs.length < 2) {
+    throw new AAStarError(
+      "E1003" /* INVALID_PARAMETER */,
+      `mixed-sig guardian operations require at least RECOVERY_THRESHOLD (2) signatures, got ${signerIdxs.length}`
+    );
+  }
+  const seen = /* @__PURE__ */ new Set();
+  for (const idx of signerIdxs) {
+    if (!Number.isInteger(idx) || idx < 0 || idx > MAX_GUARDIAN_SLOT) {
+      throw new AAStarError(
+        "E1003" /* INVALID_PARAMETER */,
+        `signerIdxs must be integers in 0..${MAX_GUARDIAN_SLOT} (max ${MAX_GUARDIAN_SLOT + 1} guardian slots), got ${idx}`
+      );
+    }
+    if (seen.has(idx)) {
+      throw new AAStarError(
+        "E1003" /* INVALID_PARAMETER */,
+        `signerIdxs must be unique (the contract rejects a duplicate guardian slot via DuplicateGuardianSig), got repeated ${idx}`
+      );
+    }
+    seen.add(idx);
+  }
+}
+async function readNonceSlot(client, address, slot, fn) {
+  try {
+    const raw = await client.getStorageAt({ address, slot: numberToHex(slot, { size: 32 }) });
+    return raw && raw !== "0x" ? BigInt(raw) : 0n;
+  } catch (error) {
+    throw AAStarError.fromViemError(error, fn);
+  }
+}
 var airAccountExtensionActions = (address) => (client) => ({
   // ── Views ─────────────────────────────────────────────────────────────────
   async getRecoveryNonce() {
@@ -42099,34 +42959,222 @@ var airAccountExtensionActions = (address) => (client) => ({
       throw AAStarError.fromViemError(error, "getGuardianP256Key");
     }
   },
-  // ── Batch 2 stubs ──────────────────────────────────────────────────────────
-  // Each references its ABI functionName so the doc-coverage gate counts the
-  // wrapper while the real encoder is deferred to Batch 2.
-  async addP256Guardian() {
-    return BATCH2("addP256Guardian");
+  // Internal-slot nonce reads (no public getter on-chain). Cross-validated on-chain against
+  // `getRecoveryNonce()` (slot 38) in tests/regression/onchain-evidence/p256-guardian-e2e.ts.
+  getGuardianAdditionNonce() {
+    return readNonceSlot(client, address, GUARDIAN_ADDITION_NONCE_SLOT, "getGuardianAdditionNonce");
   },
-  async addP256GuardianWithMixedSigs() {
-    return BATCH2("addP256GuardianWithMixedSigs");
+  getGuardianRemovalNonce() {
+    return readNonceSlot(client, address, GUARDIAN_REMOVAL_NONCE_SLOT, "getGuardianRemovalNonce");
   },
-  async addGuardianWithMixedSigs() {
-    return BATCH2("addGuardianWithMixedSigs");
+  getTierLimitNonce() {
+    return readNonceSlot(client, address, TIER_LIMIT_NONCE_SLOT, "getTierLimitNonce");
   },
-  async proposeRecoveryWithSig() {
-    return BATCH2("proposeRecoveryWithSig");
+  // ── P-256 / WebAuthn guardian writes ───────────────────────────────────────
+  // Each routes to AirAccountExtension via the account's fallback → delegatecall,
+  // so `address` (the account) is the write target and `functionName` is the EXT fn.
+  async addP256Guardian({ x, y, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(x, "x");
+      validateRequired(y, "y");
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "addP256Guardian",
+        args: [x, y],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "addP256Guardian");
+    }
   },
-  async approveRecoveryWithSig() {
-    return BATCH2("approveRecoveryWithSig");
+  async addP256GuardianWithMixedSigs({ x, y, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(x, "x");
+      validateRequired(y, "y");
+      validateMixedSigs(signerIdxs, sigs);
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "addP256GuardianWithMixedSigs",
+        args: [x, y, signerIdxs, sigs],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "addP256GuardianWithMixedSigs");
+    }
   },
-  async cancelRecoveryWithSig() {
-    return BATCH2("cancelRecoveryWithSig");
+  async addGuardianWithMixedSigs({ guardian, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(guardian, "guardian");
+      validateMixedSigs(signerIdxs, sigs);
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "addGuardianWithMixedSigs",
+        args: [guardian, signerIdxs, sigs],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "addGuardianWithMixedSigs");
+    }
   },
-  async removeGuardianWithMixedSigs() {
-    return BATCH2("removeGuardianWithMixedSigs");
+  async proposeRecoveryWithSig({ newOwner, gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(newOwner, "newOwner");
+      validateRequired(gIdx, "gIdx");
+      validateRequired(sig, "sig");
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "proposeRecoveryWithSig",
+        args: [newOwner, gIdx, sig],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "proposeRecoveryWithSig");
+    }
   },
-  async modifyTierLimitsWithMixedGuardians() {
-    return BATCH2("modifyTierLimitsWithMixedGuardians");
+  async approveRecoveryWithSig({ gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(gIdx, "gIdx");
+      validateRequired(sig, "sig");
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "approveRecoveryWithSig",
+        args: [gIdx, sig],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "approveRecoveryWithSig");
+    }
+  },
+  async cancelRecoveryWithSig({ gIdx, sig, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(gIdx, "gIdx");
+      validateRequired(sig, "sig");
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "cancelRecoveryWithSig",
+        args: [gIdx, sig],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "cancelRecoveryWithSig");
+    }
+  },
+  async removeGuardianWithMixedSigs({ index, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(index, "index");
+      validateMixedSigs(signerIdxs, sigs);
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "removeGuardianWithMixedSigs",
+        args: [index, signerIdxs, sigs],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "removeGuardianWithMixedSigs");
+    }
+  },
+  async modifyTierLimitsWithMixedGuardians({ tier1, tier2, deadline, signerIdxs, sigs, account, maxFeePerGas, maxPriorityFeePerGas }) {
+    try {
+      validateRequired(tier1, "tier1");
+      validateRequired(tier2, "tier2");
+      validateRequired(deadline, "deadline");
+      validateMixedSigs(signerIdxs, sigs);
+      return await client.writeContract({
+        address,
+        abi: EXT_ABI,
+        functionName: "modifyTierLimitsWithMixedGuardians",
+        args: [tier1, tier2, deadline, signerIdxs, sigs],
+        account,
+        chain: client.chain,
+        ...feeOverrides(maxFeePerGas, maxPriorityFeePerGas)
+      });
+    } catch (error) {
+      throw AAStarError.fromViemError(error, "modifyTierLimitsWithMixedGuardians");
+    }
   }
 });
+var ZERO_ADDRESS2 = "0x0000000000000000000000000000000000000000";
+var ZERO32 = `0x${"00".repeat(32)}`;
+var P256_GUARDIAN_SENTINEL = "0x0000000000000000000000000000000000007026";
+var ALG_ECDSA = 2;
+var ALG_PASSKEY_P256 = 3;
+function isZero32(v) {
+  return /^0x0*$/.test(v);
+}
+function buildInitConfig(params) {
+  const specs = params.guardians ?? [];
+  if (specs.length > 3) {
+    throw new AAStarError("E1003" /* INVALID_PARAMETER */, `at most 3 guardians are supported, got ${specs.length}`);
+  }
+  if (params.dailyLimit <= 0n) {
+    throw new AAStarError("E1003" /* INVALID_PARAMETER */, "dailyLimit must be > 0 to enable the on-chain GUARD");
+  }
+  const guardians = [ZERO_ADDRESS2, ZERO_ADDRESS2, ZERO_ADDRESS2];
+  const guardianP256X = [ZERO32, ZERO32, ZERO32];
+  const guardianP256Y = [ZERO32, ZERO32, ZERO32];
+  let hasP256 = false;
+  specs.forEach((spec, i) => {
+    const hasEcdsa = spec.ecdsa !== void 0 && spec.ecdsa !== ZERO_ADDRESS2;
+    const hasP256Key = spec.p256 !== void 0;
+    if (hasEcdsa && hasP256Key) {
+      throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}]: supply exactly one of { ecdsa, p256 }, not both`);
+    }
+    if (!hasEcdsa && !hasP256Key) {
+      throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}]: supply one of { ecdsa, p256 }`);
+    }
+    if (hasP256Key) {
+      const { x, y } = spec.p256;
+      if (!isHex(x) || size(x) !== 32 || !isHex(y) || size(y) !== 32) {
+        throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].p256: x and y must each be 32-byte hex values`);
+      }
+      if (isZero32(x) || isZero32(y)) {
+        throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].p256: x and y must be non-zero (all-or-nothing per the contract)`);
+      }
+      guardians[i] = ZERO_ADDRESS2;
+      guardianP256X[i] = x;
+      guardianP256Y[i] = y;
+      hasP256 = true;
+    } else {
+      const ecdsa = spec.ecdsa;
+      if (isAddressEqual(ecdsa, P256_GUARDIAN_SENTINEL)) {
+        throw new AAStarError("E1003" /* INVALID_PARAMETER */, `guardian[${i}].ecdsa: the P-256 sentinel ${P256_GUARDIAN_SENTINEL} is not a valid ECDSA guardian`);
+      }
+      guardians[i] = ecdsa;
+    }
+  });
+  const approvedAlgIds = params.approvedAlgIds ?? (hasP256 ? [ALG_ECDSA, ALG_PASSKEY_P256] : [ALG_ECDSA]);
+  return {
+    guardians,
+    guardianP256X,
+    guardianP256Y,
+    dailyLimit: params.dailyLimit,
+    approvedAlgIds,
+    minDailyLimit: params.minDailyLimit ?? 0n,
+    initialTokens: params.initialTokens ?? [],
+    initialTokenConfigs: params.initialTokenConfigs ?? []
+  };
+}
 
 // ../core/src/actions/agentRegistry.ts
 var ABI4 = AgentRegistryABI;
@@ -42561,28 +43609,28 @@ function encodeDVTVerifierProof(nodeIds, blsSig) {
   const sig = encodeG2Point(blsSig);
   return concat([...ids, sig]);
 }
-function normalizeP256(p256) {
-  if (typeof p256 === "string") {
-    if (!isHex(p256) || size(p256) !== 64) {
+function normalizeP256(p2562) {
+  if (typeof p2562 === "string") {
+    if (!isHex(p2562) || size(p2562) !== 64) {
       throw new Error("encodeDVTAccountSignature: p256 bytes form must be a 64-byte (r\u2016s) hex value");
     }
-    return p256;
+    return p2562;
   }
-  if (!isHex(p256.r) || size(p256.r) !== 32) {
+  if (!isHex(p2562.r) || size(p2562.r) !== 32) {
     throw new Error("encodeDVTAccountSignature: p256.r must be a 32-byte hex value");
   }
-  if (!isHex(p256.s) || size(p256.s) !== 32) {
+  if (!isHex(p2562.s) || size(p2562.s) !== 32) {
     throw new Error("encodeDVTAccountSignature: p256.s must be a 32-byte hex value");
   }
-  return concat([p256.r, p256.s]);
+  return concat([p2562.r, p2562.s]);
 }
 function encodeDVTAccountSignature(params) {
-  const { tier, p256, nodeIds, blsSig, guardianSig } = params;
+  const { tier, p256: p2562, nodeIds, blsSig, guardianSig } = params;
   if (tier !== DVT_TIER_T2 && tier !== DVT_TIER_T3) {
     throw new Error(`encodeDVTAccountSignature: tier must be 0x04 (T2) or 0x05 (T3), got ${tier}`);
   }
   const tierByte = numberToHex(tier, { size: 1 });
-  const p256Bytes = normalizeP256(p256);
+  const p256Bytes = normalizeP256(p2562);
   const ids = validateNodeIds(nodeIds, "encodeDVTAccountSignature");
   const nodeIdsLength = numberToHex(ids.length, { size: 32 });
   const sig = encodeG2Point(blsSig);
@@ -42627,6 +43675,402 @@ function hashToFieldU0U1(message) {
     u1c1b: u1c1.b
   };
 }
+
+// ../../node_modules/.pnpm/@noble+hashes@1.8.0/node_modules/@noble/hashes/esm/hmac.js
+var HMAC = class extends Hash {
+  constructor(hash, _key) {
+    super();
+    this.finished = false;
+    this.destroyed = false;
+    ahash(hash);
+    const key = toBytes2(_key);
+    this.iHash = hash.create();
+    if (typeof this.iHash.update !== "function")
+      throw new Error("Expected instance of class which extends utils.Hash");
+    this.blockLen = this.iHash.blockLen;
+    this.outputLen = this.iHash.outputLen;
+    const blockLen = this.blockLen;
+    const pad2 = new Uint8Array(blockLen);
+    pad2.set(key.length > blockLen ? hash.create().update(key).digest() : key);
+    for (let i = 0; i < pad2.length; i++)
+      pad2[i] ^= 54;
+    this.iHash.update(pad2);
+    this.oHash = hash.create();
+    for (let i = 0; i < pad2.length; i++)
+      pad2[i] ^= 54 ^ 92;
+    this.oHash.update(pad2);
+    clean(pad2);
+  }
+  update(buf) {
+    aexists(this);
+    this.iHash.update(buf);
+    return this;
+  }
+  digestInto(out) {
+    aexists(this);
+    abytes(out, this.outputLen);
+    this.finished = true;
+    this.iHash.digestInto(out);
+    this.oHash.update(out);
+    this.oHash.digestInto(out);
+    this.destroy();
+  }
+  digest() {
+    const out = new Uint8Array(this.oHash.outputLen);
+    this.digestInto(out);
+    return out;
+  }
+  _cloneInto(to) {
+    to || (to = Object.create(Object.getPrototypeOf(this), {}));
+    const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this;
+    to = to;
+    to.finished = finished;
+    to.destroyed = destroyed;
+    to.blockLen = blockLen;
+    to.outputLen = outputLen;
+    to.oHash = oHash._cloneInto(to.oHash);
+    to.iHash = iHash._cloneInto(to.iHash);
+    return to;
+  }
+  clone() {
+    return this._cloneInto();
+  }
+  destroy() {
+    this.destroyed = true;
+    this.oHash.destroy();
+    this.iHash.destroy();
+  }
+};
+var hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest();
+hmac.create = (hash, key) => new HMAC(hash, key);
+
+// ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/_shortw_utils.js
+function getHash(hash) {
+  return {
+    hash,
+    hmac: (key, ...msgs) => hmac(hash, key, concatBytes(...msgs)),
+    randomBytes
+  };
+}
+function createCurve(curveDef, defHash) {
+  const create = (hash) => weierstrass({ ...curveDef, ...getHash(hash) });
+  return { ...create(defHash), create };
+}
+
+// ../../node_modules/.pnpm/@noble+curves@1.9.1/node_modules/@noble/curves/esm/nist.js
+var Fp256 = Field(BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"));
+var p256_a = Fp256.create(BigInt("-3"));
+var p256_b = BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
+var p256 = createCurve({
+  a: p256_a,
+  b: p256_b,
+  Fp: Fp256,
+  n: BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),
+  Gx: BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),
+  Gy: BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"),
+  h: BigInt(1),
+  lowS: false
+}, sha256);
+var Fp384 = Field(BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"));
+var p384_a = Fp384.create(BigInt("-3"));
+var p384_b = BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef");
+createCurve({
+  a: p384_a,
+  b: p384_b,
+  Fp: Fp384,
+  n: BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),
+  Gx: BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),
+  Gy: BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"),
+  h: BigInt(1),
+  lowS: false
+}, sha384);
+var Fp521 = Field(BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
+var p521_a = Fp521.create(BigInt("-3"));
+var p521_b = BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00");
+createCurve({
+  a: p521_a,
+  b: p521_b,
+  Fp: Fp521,
+  n: BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),
+  Gx: BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),
+  Gy: BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"),
+  h: BigInt(1),
+  lowS: false,
+  allowedPrivateKeyLengths: [130, 131, 132]
+  // P521 keys are variable-length. Normalize to 132b
+}, sha512);
+
+// ../core/src/crypto/p256Guardian.ts
+var GUARDIAN_SIG_VERSION = 4;
+var P256_GUARDIAN_DOMAIN = "P256_GUARDIAN";
+var WEBAUTHN_GET_CHALLENGE_PREFIX = '{"type":"webauthn.get","challenge":"';
+var PREFIX_LEN = 36;
+var CHALLENGE_B64_LEN = 43;
+var P256_GUARDIAN_SENTINEL2 = "0x0000000000000000000000000000000000007026";
+var SECP256R1_N = 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551n;
+var SECP256R1_N_OVER_2 = SECP256R1_N >> 1n;
+var B64URL_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+function base64UrlEncode(bytes) {
+  let out = "";
+  let i = 0;
+  for (; i + 3 <= bytes.length; i += 3) {
+    const n = bytes[i] << 16 | bytes[i + 1] << 8 | bytes[i + 2];
+    out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63] + B64URL_ALPHABET[n >> 6 & 63] + B64URL_ALPHABET[n & 63];
+  }
+  const rem = bytes.length - i;
+  if (rem === 1) {
+    const n = bytes[i] << 16;
+    out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63];
+  } else if (rem === 2) {
+    const n = bytes[i] << 16 | bytes[i + 1] << 8;
+    out += B64URL_ALPHABET[n >> 18 & 63] + B64URL_ALPHABET[n >> 12 & 63] + B64URL_ALPHABET[n >> 6 & 63];
+  }
+  return out;
+}
+function buildP256GuardianChallenge(params) {
+  const version = params.version ?? GUARDIAN_SIG_VERSION;
+  return keccak256(
+    encodeAbiParameters(
+      [
+        { type: "uint8" },
+        { type: "uint256" },
+        { type: "address" },
+        { type: "string" },
+        { type: "string" },
+        { type: "bytes" }
+      ],
+      [version, BigInt(params.chainId), params.account, P256_GUARDIAN_DOMAIN, params.opLabel, params.opData]
+    )
+  );
+}
+function opDataRecovery(nonce, newOwner) {
+  return encodeAbiParameters([{ type: "uint256" }, { type: "address" }], [nonce, newOwner]);
+}
+function opDataAddP256Guardian(nonce, x, y) {
+  return encodeAbiParameters(
+    [{ type: "uint256" }, { type: "bytes32" }, { type: "bytes32" }],
+    [nonce, toBytes32(x, "x"), toBytes32(y, "y")]
+  );
+}
+function opDataAddGuardian(nonce, guardian) {
+  return encodeAbiParameters([{ type: "uint256" }, { type: "address" }], [nonce, guardian]);
+}
+function opDataRemoveGuardian(nonce, index, guardianToRemove, p256X, p256Y) {
+  return encodeAbiParameters(
+    [{ type: "uint256" }, { type: "uint8" }, { type: "address" }, { type: "bytes32" }, { type: "bytes32" }],
+    [nonce, index, guardianToRemove, toBytes32(p256X, "p256X"), toBytes32(p256Y, "p256Y")]
+  );
+}
+function opDataModifyTierLimits(nonce, tier1, tier2, deadline) {
+  return encodeAbiParameters(
+    [{ type: "uint256" }, { type: "uint256" }, { type: "uint256" }, { type: "uint256" }],
+    [nonce, tier1, tier2, deadline]
+  );
+}
+function buildProposeRecoveryChallenge(p) {
+  return buildP256GuardianChallenge({ ...p, opLabel: "PROPOSE_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
+}
+function buildApproveRecoveryChallenge(p) {
+  return buildP256GuardianChallenge({ ...p, opLabel: "APPROVE_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
+}
+function buildCancelRecoveryChallenge(p) {
+  return buildP256GuardianChallenge({ ...p, opLabel: "CANCEL_RECOVERY", opData: opDataRecovery(p.nonce, p.newOwner) });
+}
+function buildAddP256GuardianChallenge(p) {
+  return buildP256GuardianChallenge({ ...p, opLabel: "ADD_P256_GUARDIAN", opData: opDataAddP256Guardian(p.nonce, p.x, p.y) });
+}
+function buildAddGuardianChallenge(p) {
+  return buildP256GuardianChallenge({ ...p, opLabel: "ADD_GUARDIAN", opData: opDataAddGuardian(p.nonce, p.guardian) });
+}
+function buildRemoveGuardianChallenge(p) {
+  return buildP256GuardianChallenge({
+    ...p,
+    opLabel: "REMOVE_GUARDIAN",
+    opData: opDataRemoveGuardian(p.nonce, p.index, p.guardianToRemove, p.p256X, p.p256Y)
+  });
+}
+function buildModifyTierLimitsChallenge(p) {
+  return buildP256GuardianChallenge({
+    ...p,
+    opLabel: "MODIFY_TIER_LIMITS",
+    opData: opDataModifyTierLimits(p.nonce, p.tier1, p.tier2, p.deadline)
+  });
+}
+function scalarToBigInt(v, name) {
+  if (typeof v === "bigint") return v;
+  if (v instanceof Uint8Array) return BigInt(toHex(v));
+  if (isHex(v)) return BigInt(v);
+  throw new Error(`encodeWebAuthnAssertion: ${name} must be a hex string, Uint8Array, or bigint`);
+}
+function toBytes32(v, name) {
+  if (!isHex(v)) throw new Error(`${name} must be a 0x-hex value`);
+  if (size(v) > 32) throw new Error(`${name} must be at most 32 bytes`);
+  return pad(v, { size: 32 });
+}
+function asBytes(v, name) {
+  if (v instanceof Uint8Array) return v;
+  if (typeof v === "string" && isHex(v)) return toBytes(v);
+  if (typeof v === "string") return new TextEncoder().encode(v);
+  throw new Error(`${name} must be hex, bytes, or a string`);
+}
+function encodeWebAuthnAssertion(params) {
+  const authData = asBytes(params.authenticatorData, "authenticatorData");
+  if (authData.length < 37) {
+    throw new Error(`encodeWebAuthnAssertion: authenticatorData must be >= 37 bytes, got ${authData.length}`);
+  }
+  if ((authData[32] & 1) === 0) {
+    throw new Error("encodeWebAuthnAssertion: authenticatorData UP (User Present) flag (byte 32, bit 0) must be set");
+  }
+  const cdj = asBytes(params.clientDataJSON, "clientDataJSON");
+  const prefixBytes = new TextEncoder().encode(WEBAUTHN_GET_CHALLENGE_PREFIX);
+  if (cdj.length < PREFIX_LEN + CHALLENGE_B64_LEN + 1) {
+    throw new Error(
+      `encodeWebAuthnAssertion: clientDataJSON too short (${cdj.length} bytes) \u2014 expected at least prefix(${PREFIX_LEN}) + base64url(challenge)(${CHALLENGE_B64_LEN}) + closing quote`
+    );
+  }
+  for (let i = 0; i < PREFIX_LEN; i++) {
+    if (cdj[i] !== prefixBytes[i]) {
+      throw new Error(
+        `encodeWebAuthnAssertion: clientDataJSON must start with the exact prefix ${JSON.stringify(WEBAUTHN_GET_CHALLENGE_PREFIX)} (the contract rejects any other prefix)`
+      );
+    }
+  }
+  if (cdj[PREFIX_LEN + CHALLENGE_B64_LEN] !== 34) {
+    throw new Error(
+      "encodeWebAuthnAssertion: the base64url(challenge) slot is not exactly 43 chars (no closing quote at the expected position) \u2014 clientDataJSON is malformed for the contract"
+    );
+  }
+  const prefix = cdj.slice(0, PREFIX_LEN);
+  const suffix = cdj.slice(PREFIX_LEN + CHALLENGE_B64_LEN);
+  const r = scalarToBigInt(params.r, "r");
+  let s = scalarToBigInt(params.s, "s");
+  if (s > SECP256R1_N_OVER_2) s = SECP256R1_N - s;
+  return encodeAbiParameters(
+    [{ type: "bytes" }, { type: "bytes" }, { type: "bytes" }, { type: "bytes32" }, { type: "bytes32" }],
+    [toHex(authData), toHex(prefix), toHex(suffix), numberToHex(r, { size: 32 }), numberToHex(s, { size: 32 })]
+  );
+}
+function decodeWebAuthnAssertion(sig) {
+  const [authenticatorData, clientDataJSONPrefix, clientDataJSONSuffix, r, s] = decodeAbiParameters(
+    [{ type: "bytes" }, { type: "bytes" }, { type: "bytes" }, { type: "bytes32" }, { type: "bytes32" }],
+    sig
+  );
+  return { authenticatorData, clientDataJSONPrefix, clientDataJSONSuffix, r, s };
+}
+function decompressP256Point(compressed) {
+  const lib = p256;
+  const Point = lib.Point ?? lib.ProjectivePoint;
+  if (!Point) throw new Error("coseToP256XY: @noble/curves p256 point class unavailable for decompression");
+  const pt = Point.fromHex(compressed);
+  const uncompressed = pt.toBytes ? pt.toBytes(false) : pt.toRawBytes(false);
+  return uncompressed;
+}
+function coseToP256XY(cosePublicKey) {
+  const bytes = cosePublicKey instanceof Uint8Array ? cosePublicKey : toBytes(cosePublicKey);
+  if (bytes.length === 65 && bytes[0] === 4) {
+    return { x: toHex(bytes.slice(1, 33)), y: toHex(bytes.slice(33, 65)) };
+  }
+  if (bytes.length === 33 && (bytes[0] === 2 || bytes[0] === 3)) {
+    const uncompressed = decompressP256Point(bytes);
+    return { x: toHex(uncompressed.slice(1, 33)), y: toHex(uncompressed.slice(33, 65)) };
+  }
+  const map = decodeCoseMap(bytes);
+  const kty = map.get(1);
+  const crv = map.get(-1);
+  if (kty !== 2n) {
+    throw new Error(`coseToP256XY: COSE key type (label 1) must be present and 2 (EC2), got ${String(kty)}`);
+  }
+  if (crv !== 1n) {
+    throw new Error(`coseToP256XY: COSE curve (label -1) must be present and 1 (P-256), got ${String(crv)}`);
+  }
+  const x = map.get(-2);
+  const y = map.get(-3);
+  if (!(x instanceof Uint8Array) || !(y instanceof Uint8Array)) {
+    throw new Error("coseToP256XY: COSE key missing the -2 (x) / -3 (y) coordinate byte strings");
+  }
+  if (x.length !== 32 || y.length !== 32) {
+    throw new Error(`coseToP256XY: P-256 coordinates must be 32 bytes (got x=${x.length}, y=${y.length})`);
+  }
+  return { x: toHex(x), y: toHex(y) };
+}
+function decodeCoseMap(buf) {
+  let pos = 0;
+  function readArgument(ai) {
+    if (ai < 24) return ai;
+    if (ai === 24) return buf[pos++];
+    if (ai === 25) {
+      const v = buf[pos] << 8 | buf[pos + 1];
+      pos += 2;
+      return v;
+    }
+    if (ai === 26) {
+      const v = buf[pos] * 16777216 + (buf[pos + 1] << 16) + (buf[pos + 2] << 8) + buf[pos + 3];
+      pos += 4;
+      return v;
+    }
+    throw new Error("decodeCoseMap: unsupported CBOR argument size (64-bit values not supported for COSE keys)");
+  }
+  function readItem() {
+    const ib2 = buf[pos++];
+    const major = ib2 >> 5;
+    const ai = ib2 & 31;
+    switch (major) {
+      case 0:
+        return BigInt(readArgument(ai));
+      case 1:
+        return BigInt(-1 - readArgument(ai));
+      case 2: {
+        const len = readArgument(ai);
+        const out = buf.slice(pos, pos + len);
+        pos += len;
+        return out;
+      }
+      default:
+        throw new Error(`decodeCoseMap: unsupported CBOR major type ${major} in COSE key`);
+    }
+  }
+  const ib = buf[pos++];
+  if (ib >> 5 !== 5) throw new Error("coseToP256XY: input is not a CBOR map (COSE_Key)");
+  const n = readArgument(ib & 31);
+  const map = /* @__PURE__ */ new Map();
+  for (let i = 0; i < n; i++) {
+    const key = readItem();
+    const val = readItem();
+    if (typeof key === "bigint") map.set(Number(key), val);
+  }
+  return map;
+}
+function signP256GuardianAssertion(params) {
+  const priv = params.privateKey instanceof Uint8Array ? params.privateKey : toBytes(params.privateKey);
+  const rpId = params.rpId ?? "airaccount.example";
+  const origin = params.origin ?? "https://airaccount.example";
+  const flags = params.flags ?? 5;
+  const signCount = params.signCount ?? 0;
+  const challengeBytes = toBytes(params.challenge);
+  if (challengeBytes.length !== 32) throw new Error("signP256GuardianAssertion: challenge must be 32 bytes");
+  const challengeB64 = base64UrlEncode(challengeBytes);
+  const clientDataJSONStr = `${WEBAUTHN_GET_CHALLENGE_PREFIX}${challengeB64}","origin":"${origin}","crossOrigin":false}`;
+  const clientDataJSON = new TextEncoder().encode(clientDataJSONStr);
+  const rpIdHash = toBytes(sha256$1(new TextEncoder().encode(rpId)));
+  const authData = new Uint8Array(37);
+  authData.set(rpIdHash, 0);
+  authData[32] = flags & 255;
+  new DataView(authData.buffer).setUint32(33, signCount >>> 0, false);
+  const clientDataHash = toBytes(sha256$1(clientDataJSON));
+  const message = new Uint8Array(authData.length + clientDataHash.length);
+  message.set(authData, 0);
+  message.set(clientDataHash, authData.length);
+  const signature = p256.sign(message, priv, { prehash: true, lowS: true });
+  const r = numberToHex(signature.r, { size: 32 });
+  const s = numberToHex(signature.s, { size: 32 });
+  const sig = encodeWebAuthnAssertion({ authenticatorData: authData, clientDataJSON, r, s });
+  return { sig, authenticatorData: toHex(authData), clientDataJSON: toHex(clientDataJSON), r, s };
+}
+function p256GuardianPublicKey(privateKey) {
+  const priv = privateKey instanceof Uint8Array ? privateKey : toBytes(privateKey);
+  const pub = p256.getPublicKey(priv, false);
+  return coseToP256XY(pub);
+}
 var DEFAULT_ADMIN_ROLE = "0x0000000000000000000000000000000000000000000000000000000000000000";
 var ROLE_COMMUNITY = keccak256(toHex("COMMUNITY"));
 var ROLE_ENDUSER = keccak256(toHex("ENDUSER"));
@@ -43060,9 +44504,11 @@ function makeMainnetClient(rpcUrl) {
 @noble/curves/esm/abstract/bls.js:
 @noble/curves/esm/abstract/tower.js:
 @noble/curves/esm/bls12-381.js:
+@noble/curves/esm/_shortw_utils.js:
+@noble/curves/esm/nist.js:
   (*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
 */
 
-export { AASTAR_COMMUNITY, AAStarAirAccountFactoryV7ABI, AAStarAirAccountFactoryV7Artifact, AAStarAirAccountV7ABI, AAStarAirAccountV7Artifact, AAStarBLSAggregatorABI, AAStarBLSAggregatorArtifact, AAStarBLSAlgorithmABI, AAStarBLSAlgorithmArtifact, AAStarValidatorABI, AAStarValidatorArtifact, ALL_ROLES, AgentRegistryABI, AgentRegistryArtifact, AirAccountDelegateABI, AirAccountDelegateArtifact, AirAccountExtensionABI, AirAccountExtensionArtifact, AuthorizationState, BLSAggregatorABI, BLSAggregatorArtifact, BLSHelpers, BLSSigner, BLSValidatorABI, BLSValidatorArtifact, BLS_POP_DST, BRANDING, BREAD_COMMUNITY, BaseClient, BundlerClient, COMMUNITIES, CONTRACTS, CONTRACT_METADATA, CalldataParserRegistryABI, CalldataParserRegistryArtifact, ContractConfigManager, DEFAULT_ADMIN_ROLE, DVTValidatorABI, DVTValidatorArtifact, DVT_TIER_T2, DVT_TIER_T3, EntryPointABI, EntryPointArtifact, EntryPointVersion, ForceExitModuleABI, ForceExitModuleArtifact, GTokenABI, GTokenArtifact, GTokenAuthorizationABI, GTokenAuthorizationArtifact, GTokenStakingABI, GTokenStakingArtifact, INITIAL_ROLE_STAKES, LINKS, MicroPaymentChannelABI, MicroPaymentChannelArtifact, MySBTABI, MySBTArtifact, NETWORKS, NodeType, PaymasterABI, PaymasterArtifact, PaymasterFactoryABI, PaymasterFactoryArtifact, PolicyDecision, PolicyRegistryABI, PolicyRegistryArtifact, ROLE_ANODE, ROLE_COMMUNITY, ROLE_DVT, ROLE_ENDUSER, ROLE_KMS, ROLE_NAMES, ROLE_PAYMASTER_AOA, ROLE_PAYMASTER_SUPER, ROLE_PERMISSION_LEVELS, RegistryABI, RegistryArtifact, ReputationSystemABI, ReputationSystemArtifact, RequirementChecker, RolePermissionLevel, SEPOLIA_CONTRACTS, SEPOLIA_V2_VERSIONS, SepoliaFaucetAPI, SessionKeyValidatorABI, SessionKeyValidatorArtifact, SimpleAccountABI, SimpleAccountArtifact, SimpleAccountFactoryABI, SimpleAccountFactoryArtifact, StateValidator, SuperPaymasterABI, SuperPaymasterArtifact, V2_SUMMARY, X402FacilitatorABI, X402FacilitatorArtifact, accountActions, accountFactoryActions, agentActions, agentRegistryActions, aggregatorActions, airAccountActions, airAccountExtensionActions, airAccountFactoryActions, blsAlgorithmActions, channelActions, createAAStarPublicClient, createHeliosTransport, dvtActions, encodeDVTAccountSignature, encodeDVTVerifierProof, encodeG2Point, entryPointActions, forceExitActions, gTokenActions, gTokenAuthorizationActions, getAddressUrl, getAllCommunityConfigs, getAllV2Contracts, getBlockExplorer, getChainId, getCommunities, getCommunity, getCommunityConfig, getContract, getContractNetworks, getContracts, getCoreContracts, getDeploymentDate, getEntryPoint, getNetwork, getPaymasterV4_1, getRoleName, getRpcUrl, getSimpleAccountFactory, getSuperPaymasterV2, getTestAccounts, getTestTokenContracts, getTokenContracts, getTxUrl, getV2ContractByAddress, getV2ContractByName, getV2ContractsByDate, hashToFieldU0U1, isContractNetworkSupported, isRegisteredCommunity, isV2Contract, lookupAddress, paymasterActions, paymasterFactoryActions, policyRegistryActions, registryActions, reputationActions, resolveEns, resolveEnsVerified, sbtActions, sessionKeyValidatorActions, stakingActions, superPaymasterActions, tokenActions, x402Actions, x402IsNonceUsed, x402NonceKey, xPNTsFactoryABI, xPNTsFactoryActions, xPNTsFactoryArtifact, xPNTsTokenABI, xPNTsTokenActions, xPNTsTokenArtifact };
-//# sourceMappingURL=chunk-M5WFKETT.js.map
-//# sourceMappingURL=chunk-M5WFKETT.js.map
+export { AASTAR_COMMUNITY, AAStarAirAccountFactoryV7ABI, AAStarAirAccountFactoryV7Artifact, AAStarAirAccountV7ABI, AAStarAirAccountV7Artifact, AAStarBLSAggregatorABI, AAStarBLSAggregatorArtifact, AAStarBLSAlgorithmABI, AAStarBLSAlgorithmArtifact, AAStarValidatorABI, AAStarValidatorArtifact, ALL_ROLES, AgentRegistryABI, AgentRegistryArtifact, AirAccountDelegateABI, AirAccountDelegateArtifact, AirAccountExtensionABI, AirAccountExtensionArtifact, AuthorizationState, BLSAggregatorABI, BLSAggregatorArtifact, BLSHelpers, BLSSigner, BLSValidatorABI, BLSValidatorArtifact, BLS_POP_DST, BRANDING, BREAD_COMMUNITY, BaseClient, BundlerClient, COMMUNITIES, CONTRACTS, CONTRACT_METADATA, CalldataParserRegistryABI, CalldataParserRegistryArtifact, ContractConfigManager, DEFAULT_ADMIN_ROLE, DVTValidatorABI, DVTValidatorArtifact, DVT_TIER_T2, DVT_TIER_T3, EntryPointABI, EntryPointArtifact, EntryPointVersion, ForceExitModuleABI, ForceExitModuleArtifact, GTokenABI, GTokenArtifact, GTokenAuthorizationABI, GTokenAuthorizationArtifact, GTokenStakingABI, GTokenStakingArtifact, GUARDIAN_ADDITION_NONCE_SLOT, GUARDIAN_REMOVAL_NONCE_SLOT, GUARDIAN_SIG_VERSION, INITIAL_ROLE_STAKES, LINKS, MAX_GUARDIAN_SLOT, MicroPaymentChannelABI, MicroPaymentChannelArtifact, MySBTABI, MySBTArtifact, NETWORKS, NodeType, P256_GUARDIAN_DOMAIN, P256_GUARDIAN_SENTINEL2 as P256_GUARDIAN_SENTINEL, PaymasterABI, PaymasterArtifact, PaymasterFactoryABI, PaymasterFactoryArtifact, PolicyDecision, PolicyRegistryABI, PolicyRegistryArtifact, RECOVERY_NONCE_SLOT, ROLE_ANODE, ROLE_COMMUNITY, ROLE_DVT, ROLE_ENDUSER, ROLE_KMS, ROLE_NAMES, ROLE_PAYMASTER_AOA, ROLE_PAYMASTER_SUPER, ROLE_PERMISSION_LEVELS, RegistryABI, RegistryArtifact, ReputationSystemABI, ReputationSystemArtifact, RequirementChecker, RolePermissionLevel, SECP256R1_N, SECP256R1_N_OVER_2, SEPOLIA_CONTRACTS, SEPOLIA_V2_VERSIONS, SepoliaFaucetAPI, SessionKeyValidatorABI, SessionKeyValidatorArtifact, SimpleAccountABI, SimpleAccountArtifact, SimpleAccountFactoryABI, SimpleAccountFactoryArtifact, StateValidator, SuperPaymasterABI, SuperPaymasterArtifact, TIER_LIMIT_NONCE_SLOT, V2_SUMMARY, WEBAUTHN_GET_CHALLENGE_PREFIX, X402FacilitatorABI, X402FacilitatorArtifact, accountActions, accountFactoryActions, agentActions, agentRegistryActions, aggregatorActions, airAccountActions, airAccountExtensionActions, airAccountFactoryActions, base64UrlEncode, blsAlgorithmActions, buildAddGuardianChallenge, buildAddP256GuardianChallenge, buildApproveRecoveryChallenge, buildCancelRecoveryChallenge, buildInitConfig, buildModifyTierLimitsChallenge, buildP256GuardianChallenge, buildProposeRecoveryChallenge, buildRemoveGuardianChallenge, channelActions, coseToP256XY, createAAStarPublicClient, createHeliosTransport, decodeWebAuthnAssertion, dvtActions, encodeDVTAccountSignature, encodeDVTVerifierProof, encodeG2Point, encodeWebAuthnAssertion, entryPointActions, forceExitActions, gTokenActions, gTokenAuthorizationActions, getAddressUrl, getAllCommunityConfigs, getAllV2Contracts, getBlockExplorer, getChainId, getCommunities, getCommunity, getCommunityConfig, getContract, getContractNetworks, getContracts, getCoreContracts, getDeploymentDate, getEntryPoint, getNetwork, getPaymasterV4_1, getRoleName, getRpcUrl, getSimpleAccountFactory, getSuperPaymasterV2, getTestAccounts, getTestTokenContracts, getTokenContracts, getTxUrl, getV2ContractByAddress, getV2ContractByName, getV2ContractsByDate, hashToFieldU0U1, isContractNetworkSupported, isRegisteredCommunity, isV2Contract, lookupAddress, opDataAddGuardian, opDataAddP256Guardian, opDataModifyTierLimits, opDataRecovery, opDataRemoveGuardian, p256GuardianPublicKey, paymasterActions, paymasterFactoryActions, policyRegistryActions, registryActions, reputationActions, resolveEns, resolveEnsVerified, sbtActions, sessionKeyValidatorActions, signP256GuardianAssertion, stakingActions, superPaymasterActions, tokenActions, x402Actions, x402IsNonceUsed, x402NonceKey, xPNTsFactoryABI, xPNTsFactoryActions, xPNTsFactoryArtifact, xPNTsTokenABI, xPNTsTokenActions, xPNTsTokenArtifact };
+//# sourceMappingURL=chunk-5G5SB6CP.js.map
+//# sourceMappingURL=chunk-5G5SB6CP.js.map