@aastar/sdk 0.24.2 → 0.25.0

package/dist/{chunk-4Q6FADF6.cjs → chunk-6IZASQSB.cjs}

@@ -1,8 +1,8 @@
 'use strict';
 
 var chunkXQROKLZI_cjs = require('./chunk-XQROKLZI.cjs');
-var chunkIB3KOSHW_cjs = require('./chunk-IB3KOSHW.cjs');
-var chunkMXJEULSE_cjs = require('./chunk-MXJEULSE.cjs');
+var chunkKOWTQJIX_cjs = require('./chunk-KOWTQJIX.cjs');
+var chunkG33MXEHU_cjs = require('./chunk-G33MXEHU.cjs');
 var viem = require('viem');
 var axios = require('axios');
 var crypto = require('crypto');
@@ -13,7 +13,7 @@ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 var axios__default = /*#__PURE__*/_interopDefault(axios);
 
 // ../airaccount/src/server/constants/entrypoint.ts
-var CORE_SEPOLIA = chunkMXJEULSE_cjs.CANONICAL_ADDRESSES[11155111];
+var CORE_SEPOLIA = chunkG33MXEHU_cjs.CANONICAL_ADDRESSES[11155111];
 var EntryPointVersion = /* @__PURE__ */ ((EntryPointVersion2) => {
   EntryPointVersion2["V0_6"] = "0.6";
   EntryPointVersion2["V0_7"] = "0.7";
@@ -728,7 +728,7 @@ function toGuardianSpecs(p) {
   return specs;
 }
 function buildFullInitConfig(p) {
-  return chunkIB3KOSHW_cjs.buildInitConfig({
+  return chunkKOWTQJIX_cjs.buildInitConfig({
     guardians: toGuardianSpecs(p),
     dailyLimit: p.dailyLimit,
     ...p.approvedAlgIds ? { approvedAlgIds: p.approvedAlgIds } : {},
@@ -761,7 +761,7 @@ function initConfigFromRecord(record) {
   const guardians = record.guardianSpecs.map(
     (s) => "p256" in s ? { p256: { x: s.p256.x, y: s.p256.y } } : { ecdsa: s.ecdsa }
   );
-  return chunkIB3KOSHW_cjs.buildInitConfig({
+  return chunkKOWTQJIX_cjs.buildInitConfig({
     guardians,
     dailyLimit: record.dailyLimit ? BigInt(record.dailyLimit) : 0n,
     ...record.approvedAlgIds ? { approvedAlgIds: record.approvedAlgIds } : {},
@@ -1109,7 +1109,7 @@ var AccountManager = class {
     this.logger.log(
       `[AccountManager] account created with ${params.p256Guardians.length} P-256 guardian(s): ${accountAddress}`
     );
-    if (chunkIB3KOSHW_cjs.needsValidatorRouter(config.approvedAlgIds)) {
+    if (chunkKOWTQJIX_cjs.needsValidatorRouter(config.approvedAlgIds)) {
       this.logger.log(
         `[AccountManager] account ${accountAddress} approved a router-delegated algorithm (approvedAlgIds=[${config.approvedAlgIds.join(", ")}]); use deployAndWireValidator(userId, { walletClient }) to deploy + setValidator(router) in one call (or ensureValidatorRouter(userId) after a manual deploy) \u2014 required for those algIds to validate.`
       );
@@ -1146,11 +1146,11 @@ var AccountManager = class {
     if (!approvedAlgIds || approvedAlgIds.length === 0) {
       return { set: false, reason: "no approvedAlgIds / not router-delegated" };
     }
-    if (!chunkIB3KOSHW_cjs.needsValidatorRouter(approvedAlgIds)) {
+    if (!chunkKOWTQJIX_cjs.needsValidatorRouter(approvedAlgIds)) {
       return { set: false, reason: "no router-delegated algorithm" };
     }
     const chainId = this.ethereum.getChainId();
-    const canonicalRouter = chunkMXJEULSE_cjs.getCanonicalAddresses(chainId)?.aaStarValidator;
+    const canonicalRouter = chunkG33MXEHU_cjs.getCanonicalAddresses(chainId)?.aaStarValidator;
     const router = opts?.router ?? canonicalRouter;
     if (!router || router.toLowerCase() === viem.zeroAddress) {
       return { set: false, reason: `no canonical validator router for chain ${chainId}` };
@@ -1176,7 +1176,7 @@ var AccountManager = class {
         router
       };
     }
-    const tx = await chunkIB3KOSHW_cjs.airAccountActions(account.address)(walletClient).setValidator({
+    const tx = await chunkKOWTQJIX_cjs.airAccountActions(account.address)(walletClient).setValidator({
       validator: router,
       account: walletClient.account
     });
@@ -1212,7 +1212,7 @@ var AccountManager = class {
     }
     if (!code || code === "0x") {
       const config = initConfigFromRecord(account);
-      deployTx = await chunkIB3KOSHW_cjs.airAccountFactoryActions(account.factoryAddress)(walletClient).createAccount({
+      deployTx = await chunkKOWTQJIX_cjs.airAccountFactoryActions(account.factoryAddress)(walletClient).createAccount({
         owner: account.signerAddress,
         salt: BigInt(account.salt),
         config,
@@ -1616,7 +1616,12 @@ var TransferManager = class {
     );
     const userOpHash = await this.ethereum.getUserOpHash(userOp, version);
     await this.signer.ensureSigner(userId);
-    const assertionCtx = params.passkeyAssertion ? { assertion: params.passkeyAssertion } : void 0;
+    if (params.webAuthnAssertion && params.passkeyAssertion) {
+      throw new Error(
+        "Provide either webAuthnAssertion (preferred) or passkeyAssertion, not both."
+      );
+    }
+    const assertionCtx = params.webAuthnAssertion ? { webAuthnAssertion: params.webAuthnAssertion } : params.passkeyAssertion ? { assertion: params.passkeyAssertion } : void 0;
     let useECDSA = false;
     let isCompositeValidator = false;
     if (version === "0.7" /* V0_7 */ || version === "0.8" /* V0_8 */) {
@@ -1626,6 +1631,11 @@ var TransferManager = class {
         account.address
       ));
     }
+    if (assertionCtx && "webAuthnAssertion" in assertionCtx && !useECDSA && !(params.useAirAccountTiering && this.guardChecker)) {
+      throw new Error(
+        "A one-time webAuthnAssertion cannot authorize the legacy non-tiered BLS dual-sign (two owner signatures, one spent challenge). Use useAirAccountTiering:true (single owner signature), or supply two assertions via the legacy path."
+      );
+    }
     if (useECDSA) {
       const ecdsaSig = await this.signer.signMessage(
         userId,
@@ -2122,7 +2132,7 @@ var BLSSignatureService = class {
     }
     return nodes;
   }
-  async generateBLSSignature(userId, userOpHash, ctx) {
+  async generateBLSSignature(userId, userOpHash, ctx, options) {
     const manager = await this.ensureInitialized();
     const activeNodes = await this.getActiveSignerNodes();
     if (activeNodes.length < 1) {
@@ -2181,11 +2191,7 @@ var BLSSignatureService = class {
         `Wallet address mismatch! Wallet: ${walletAddress}, Expected: ${account.signerAddress}`
       );
     }
-    const aaSignature = await this.signer.signMessage(
-      userId,
-      viem.hexToBytes(userOpHash),
-      ctx
-    );
+    const aaSignature = options?.skipOwnerOpSignature ? "0x" : await this.signer.signMessage(userId, viem.hexToBytes(userOpHash), ctx);
     const messagePointHash = chunkXQROKLZI_cjs.keccak256(messagePoint);
     const messagePointSignature = await this.signer.signMessage(
       userId,
@@ -2202,6 +2208,11 @@ var BLSSignatureService = class {
     };
   }
   async packSignature(blsData) {
+    if (!blsData.aaSignature || blsData.aaSignature === "0x") {
+      throw new Error(
+        "packSignature requires aaSignature; this BLSSignatureData was generated with skipOwnerOpSignature (Tier-2/3 only). Use packCumulativeT2/T3Signature instead."
+      );
+    }
     const manager = await this.ensureInitialized();
     return manager.packSignature(blsData);
   }
@@ -2231,7 +2242,9 @@ var BLSSignatureService = class {
     if (!p256Signature) {
       throw new Error(`P256 signature required for Tier ${tier}`);
     }
-    const blsData = await this.generateBLSSignature(userId, userOpHash, ctx);
+    const blsData = await this.generateBLSSignature(userId, userOpHash, ctx, {
+      skipOwnerOpSignature: true
+    });
     if (tier === 2) {
       const t2Data = {
         p256Signature,
@@ -2259,6 +2272,84 @@ var BLSSignatureService = class {
     return manager.packCumulativeT3Signature(t3Data);
   }
 };
+var ALG_NAMES = {
+  [chunkXQROKLZI_cjs.ALG_BLS]: "BLS (0x01)",
+  [chunkXQROKLZI_cjs.ALG_ECDSA]: "ECDSA (0x02)",
+  [chunkXQROKLZI_cjs.ALG_P256]: "P256 (0x03)",
+  [chunkXQROKLZI_cjs.ALG_CUMULATIVE_T2]: "Cumulative T2 (0x04)",
+  [chunkXQROKLZI_cjs.ALG_CUMULATIVE_T3]: "Cumulative T3 (0x05)"
+};
+var GuardChecker = class {
+  constructor(ethereum, logger) {
+    this.ethereum = ethereum;
+    this.logger = logger ?? new ConsoleLogger("[GuardChecker]");
+  }
+  logger;
+  /**
+   * Fetch tier limits from an AirAccount contract.
+   */
+  async fetchTierConfig(accountAddress) {
+    const account = this.ethereum.getAccountContract(accountAddress);
+    return readAccountTierLimits(account);
+  }
+  /**
+   * Fetch guard status from the account's GlobalGuard.
+   */
+  async fetchGuardStatus(accountAddress) {
+    const account = this.ethereum.getAccountContract(accountAddress);
+    const guardAddress = await readAccountGuardAddress(account);
+    if (guardAddress === viem.zeroAddress) {
+      return {
+        hasGuard: false,
+        guardAddress: viem.zeroAddress,
+        dailyLimit: 0n,
+        dailyRemaining: 0n
+      };
+    }
+    const guard = viem.getContract({
+      address: guardAddress,
+      abi: viem.parseAbi(GLOBAL_GUARD_ABI),
+      client: this.ethereum.getProvider()
+    });
+    const { dailyLimit, dailyRemaining } = await readGuardDailyAllowance(guard);
+    return {
+      hasGuard: true,
+      guardAddress,
+      dailyLimit,
+      dailyRemaining
+    };
+  }
+  /**
+   * Pre-check a transaction: determine tier, check guard limits and algorithm approval.
+   * Returns errors array (empty = OK to proceed).
+   */
+  async preCheck(accountAddress, value) {
+    const errors = [];
+    const tierConfig = await this.fetchTierConfig(accountAddress);
+    const tier = chunkXQROKLZI_cjs.resolveTier(value, tierConfig);
+    const algId = chunkXQROKLZI_cjs.algIdForTier(tier);
+    const guard = await this.fetchGuardStatus(accountAddress);
+    if (!guard.hasGuard) {
+      return { ok: true, errors: [], tier, algId };
+    }
+    if (guard.dailyLimit > 0n && value > guard.dailyRemaining) {
+      errors.push(
+        `Daily limit exceeded: requesting ${value} wei but only ${guard.dailyRemaining} remaining (limit: ${guard.dailyLimit})`
+      );
+    }
+    const accountContract = this.ethereum.getAccountContract(accountAddress);
+    const isApproved = await readAlgorithmApproved(accountContract, algId);
+    if (!isApproved) {
+      errors.push(
+        `Algorithm ${ALG_NAMES[algId] ?? `0x${algId.toString(16)}`} is not approved by the account`
+      );
+    }
+    if (errors.length > 0) {
+      this.logger.warn(`Pre-check failed for ${accountAddress}: ${errors.join("; ")}`);
+    }
+    return { ok: errors.length === 0, errors, tier, algId };
+  }
+};
 var ERC20_ABI_PARSED = viem.parseAbi(ERC20_ABI);
 var TokenService = class {
   constructor(ethereum) {
@@ -2385,7 +2476,8 @@ var AirAccountServerClient = class {
       this.tokens,
       config.storage,
       config.signer,
-      logger
+      logger,
+      new GuardChecker(this.ethereum, logger)
     );
   }
 };
@@ -2920,84 +3012,6 @@ async function isOapdDeployed(provider, config) {
   const code = await provider.getCode({ address });
   return code !== void 0 && code !== "0x";
 }
-var ALG_NAMES = {
-  [chunkXQROKLZI_cjs.ALG_BLS]: "BLS (0x01)",
-  [chunkXQROKLZI_cjs.ALG_ECDSA]: "ECDSA (0x02)",
-  [chunkXQROKLZI_cjs.ALG_P256]: "P256 (0x03)",
-  [chunkXQROKLZI_cjs.ALG_CUMULATIVE_T2]: "Cumulative T2 (0x04)",
-  [chunkXQROKLZI_cjs.ALG_CUMULATIVE_T3]: "Cumulative T3 (0x05)"
-};
-var GuardChecker = class {
-  constructor(ethereum, logger) {
-    this.ethereum = ethereum;
-    this.logger = logger ?? new ConsoleLogger("[GuardChecker]");
-  }
-  logger;
-  /**
-   * Fetch tier limits from an AirAccount contract.
-   */
-  async fetchTierConfig(accountAddress) {
-    const account = this.ethereum.getAccountContract(accountAddress);
-    return readAccountTierLimits(account);
-  }
-  /**
-   * Fetch guard status from the account's GlobalGuard.
-   */
-  async fetchGuardStatus(accountAddress) {
-    const account = this.ethereum.getAccountContract(accountAddress);
-    const guardAddress = await readAccountGuardAddress(account);
-    if (guardAddress === viem.zeroAddress) {
-      return {
-        hasGuard: false,
-        guardAddress: viem.zeroAddress,
-        dailyLimit: 0n,
-        dailyRemaining: 0n
-      };
-    }
-    const guard = viem.getContract({
-      address: guardAddress,
-      abi: viem.parseAbi(GLOBAL_GUARD_ABI),
-      client: this.ethereum.getProvider()
-    });
-    const { dailyLimit, dailyRemaining } = await readGuardDailyAllowance(guard);
-    return {
-      hasGuard: true,
-      guardAddress,
-      dailyLimit,
-      dailyRemaining
-    };
-  }
-  /**
-   * Pre-check a transaction: determine tier, check guard limits and algorithm approval.
-   * Returns errors array (empty = OK to proceed).
-   */
-  async preCheck(accountAddress, value) {
-    const errors = [];
-    const tierConfig = await this.fetchTierConfig(accountAddress);
-    const tier = chunkXQROKLZI_cjs.resolveTier(value, tierConfig);
-    const algId = chunkXQROKLZI_cjs.algIdForTier(tier);
-    const guard = await this.fetchGuardStatus(accountAddress);
-    if (!guard.hasGuard) {
-      return { ok: true, errors: [], tier, algId };
-    }
-    if (guard.dailyLimit > 0n && value > guard.dailyRemaining) {
-      errors.push(
-        `Daily limit exceeded: requesting ${value} wei but only ${guard.dailyRemaining} remaining (limit: ${guard.dailyLimit})`
-      );
-    }
-    const accountContract = this.ethereum.getAccountContract(accountAddress);
-    const isApproved = await readAlgorithmApproved(accountContract, algId);
-    if (!isApproved) {
-      errors.push(
-        `Algorithm ${ALG_NAMES[algId] ?? `0x${algId.toString(16)}`} is not approved by the account`
-      );
-    }
-    if (errors.length > 0) {
-      this.logger.warn(`Pre-check failed for ${accountAddress}: ${errors.join("; ")}`);
-    }
-    return { ok: errors.length === 0, errors, tier, algId };
-  }
-};
 var FORCE_EXIT_ABI = [
   // ERC-7579 module lifecycle
   "function onInstall(bytes calldata data) external",
@@ -4250,14 +4264,21 @@ async function buildAuthenticationCredential(opts) {
     }
   };
 }
+function commitChallenge(nonceBase64Url, payload) {
+  const nonce = base64UrlDecode(nonceBase64Url);
+  const payloadBytes = typeof payload === "string" ? hexToBytes4(payload) : payload;
+  const committed = crypto.createHash("sha256").update(nonce).update(payloadBytes).digest();
+  return base64UrlEncode(new Uint8Array(committed));
+}
 async function runWebAuthnCeremony(begin, options) {
   const begun = await begin();
-  const challenge = begun?.Options?.challenge;
-  if (!begun?.ChallengeId || !challenge) {
+  const nonce = begun?.Options?.challenge;
+  if (!begun?.ChallengeId || !nonce) {
     throw new Error(
       "WebAuthn ceremony: begin endpoint did not return a ChallengeId + Options.challenge"
     );
   }
+  const challenge = options.payload ? commitChallenge(nonce, options.payload) : nonce;
   const credential = await buildAuthenticationCredential({
     challenge,
     signer: options.signer,
@@ -4583,27 +4604,100 @@ var KmsManager = class {
     return this.client.post("/BeginAuthentication", { KeyId: keyId });
   }
   // ── Factory ─────────────────────────────────────────────────────
+  /**
+   * Create a KMS signer that authorizes each signature with a LEGACY raw passkey
+   * assertion (reusable, no challenge consumption).
+   *
+   * @deprecated The KMS (v0.20.0+) rejects legacy raw passkey assertions for
+   * signing/mutating operations (`/SignHash` → 400, "no challenge binding —
+   * replayable"), unless `KMS_ALLOW_LEGACY_PASSKEY=1` is set on the KMS (test
+   * only). Prefer {@link createKmsSignerWithCeremony}, which runs a one-time
+   * challenge-bound WebAuthn ceremony per signature.
+   */
   createKmsSigner(keyId, address, assertionProvider) {
     this.ensureEnabled();
-    return new KmsSigner(keyId, address, this, assertionProvider);
+    return new KmsSigner(keyId, address, this, { mode: "legacy", assertionProvider });
+  }
+  /**
+   * Create a KMS signer that authorizes each signature with a one-time,
+   * challenge-bound WebAuthn ceremony (production-safe; replay-protected).
+   *
+   * Every `signMessage` call runs a FRESH ceremony (BeginAuthentication →
+   * authenticator assertion → `/SignHash` with the `WebAuthn` field), because the
+   * KMS consumes the challenge atomically (one challenge ⇒ one signature). A
+   * Tier-2/3 BLS transfer that needs N owner signatures therefore triggers N
+   * ceremonies — see {@link BLSSignatureService} (which now skips the unused
+   * userOpHash owner-ECDSA for tiered signatures, so Tier-2 needs only one).
+   *
+   * @param ceremonySigner authenticator that signs the WebAuthn challenge
+   *   (a browser passkey on the client, or {@link P256PasskeySigner} server-side).
+   */
+  createKmsSignerWithCeremony(keyId, address, ceremonySigner, ceremonyOptions, commitPayload = false) {
+    this.ensureEnabled();
+    return new KmsSigner(keyId, address, this, {
+      mode: "ceremony",
+      ceremonySigner,
+      ceremonyOptions,
+      commitPayload
+    });
   }
 };
 var KmsSigner = class {
-  constructor(keyId, _address, kmsManager, assertionProvider) {
+  constructor(keyId, _address, kmsManager, auth) {
     this.keyId = keyId;
     this._address = _address;
     this.kmsManager = kmsManager;
-    this.assertionProvider = assertionProvider;
+    this.auth = auth;
   }
   async getAddress() {
     return this._address;
   }
-  async signMessage(message) {
+  /**
+   * EIP-191 personal-sign over a digest. A string is hashed as UTF-8 text, a byte
+   * array as raw bytes — byte-identical to ethers `hashMessage`.
+   *
+   * @param webAuthnAssertion OPTIONAL pre-built, one-time ceremony assertion. Use
+   *   this in server flows where the passkey lives on the USER's device: the
+   *   frontend runs the BeginAuthentication ceremony and the backend forwards the
+   *   resulting `{ ChallengeId, Credential }` here. When supplied it takes
+   *   precedence over the signer's baked-in auth mode. Each assertion is one-time
+   *   (the KMS consumes the challenge), so a caller that needs N signatures must
+   *   supply N distinct assertions.
+   *
+   *   WYSIWYS (AirAccount #68): the frontend MUST build the assertion over the
+   *   payload-committed challenge `commitChallenge(nonce, hashOf(message))`, not the
+   *   raw nonce — otherwise a compromised host could swap the signed payload. The
+   *   raw-nonce assertion only works while the KMS runs in transition mode. (The
+   *   signer's own ceremony mode does this automatically.)
+   */
+  async signMessage(message, webAuthnAssertion) {
     const messageHash = hashMessage(message);
-    const assertion = await this.assertionProvider();
-    const signResponse = await this.kmsManager.signHash(messageHash, assertion, {
-      Address: this._address
-    });
+    const target = { Address: this._address };
+    if (webAuthnAssertion) {
+      const signResponse2 = await this.kmsManager.signHashWithWebAuthn(
+        messageHash,
+        webAuthnAssertion.ChallengeId,
+        webAuthnAssertion.Credential,
+        target
+      );
+      return "0x" + signResponse2.Signature;
+    }
+    if (this.auth.mode === "ceremony") {
+      const assertion2 = await this.kmsManager.runAuthenticationCeremony(
+        this.keyId,
+        this.auth.ceremonySigner,
+        this.auth.commitPayload ? { ...this.auth.ceremonyOptions, payload: messageHash } : this.auth.ceremonyOptions
+      );
+      const signResponse2 = await this.kmsManager.signHashWithWebAuthn(
+        messageHash,
+        assertion2.ChallengeId,
+        assertion2.Credential,
+        target
+      );
+      return "0x" + signResponse2.Signature;
+    }
+    const assertion = await this.auth.assertionProvider();
+    const signResponse = await this.kmsManager.signHash(messageHash, assertion, target);
     return "0x" + signResponse.Signature;
   }
 };
@@ -4989,6 +5083,37 @@ var LocalWalletSigner = class {
     return { address: this.account.address };
   }
 };
+
+// ../airaccount/src/server/adapters/kms-signer-adapter.ts
+var KmsSignerAdapter = class {
+  constructor(kms, resolveKey) {
+    this.kms = kms;
+    this.resolveKey = resolveKey;
+  }
+  async getAddress(userId) {
+    return (await this.resolveKey(userId)).address;
+  }
+  async ensureSigner(userId) {
+    return { address: (await this.resolveKey(userId)).address };
+  }
+  async signMessage(userId, message, ctx) {
+    const { address } = await this.resolveKey(userId);
+    const hash = hashMessage(message);
+    const target = { Address: address };
+    if (ctx && "webAuthnAssertion" in ctx) {
+      const { ChallengeId, Credential } = ctx.webAuthnAssertion;
+      const res = await this.kms.signHashWithWebAuthn(hash, ChallengeId, Credential, target);
+      return "0x" + res.Signature;
+    }
+    if (ctx && "assertion" in ctx) {
+      const res = await this.kms.signHash(hash, ctx.assertion, target);
+      return "0x" + res.Signature;
+    }
+    throw new Error(
+      "KmsSignerAdapter: KMS signing requires an auth context \u2014 pass a one-time WebAuthnCeremonyContext { webAuthnAssertion } (preferred)."
+    );
+  }
+};
 /*! Bundled license information:
 
 @noble/curves/nist.js:
@@ -5041,6 +5166,7 @@ exports.KmsMonitorService = KmsMonitorService;
 exports.KmsPaymentSigner = KmsPaymentSigner;
 exports.KmsSessionService = KmsSessionService;
 exports.KmsSigner = KmsSigner;
+exports.KmsSignerAdapter = KmsSignerAdapter;
 exports.L2_TYPE = L2_TYPE;
 exports.LocalWalletSigner = LocalWalletSigner;
 exports.MAX_GUARDIANS = MAX_GUARDIANS;
@@ -5076,6 +5202,7 @@ exports.buildClientDataJSON = buildClientDataJSON;
 exports.buildFullInitConfig = buildFullInitConfig;
 exports.buildInstallModuleHash = buildInstallModuleHash;
 exports.buildUninstallModuleHash = buildUninstallModuleHash;
+exports.commitChallenge = commitChallenge;
 exports.computeOapdSalt = computeOapdSalt;
 exports.erc8004AddressesForChain = erc8004AddressesForChain;
 exports.getOapdAddress = getOapdAddress;
@@ -5095,5 +5222,5 @@ exports.serializeGuardianSpecs = serializeGuardianSpecs;
 exports.toGuardianSpecs = toGuardianSpecs;
 exports.validateConfig = validateConfig;
 exports.wrapExecuteUserOp = wrapExecuteUserOp;
-//# sourceMappingURL=chunk-4Q6FADF6.cjs.map
-//# sourceMappingURL=chunk-4Q6FADF6.cjs.map
+//# sourceMappingURL=chunk-6IZASQSB.cjs.map
+//# sourceMappingURL=chunk-6IZASQSB.cjs.map