@agenticprimitives/connect-auth 0.1.0-alpha.2

package/dist/methods/passkey.d.ts

@@ -0,0 +1,106 @@
+/**
+ * Passkey (WebAuthn) auth method.
+ *
+ * This module is the home of the WebAuthn ceremony for the agenticprimitives
+ * stack:
+ *   - challenge encoding (32-byte hash → base64url challenge)
+ *   - DER signature parsing → (r, s)
+ *   - low-s normalisation (P-256 group order)
+ *   - WebAuthn `Assertion` struct building from a raw browser response
+ *     (the structured form that `AgentAccount._verifyWebAuthn` consumes)
+ *   - COSE attestation parsing → P-256 (x, y) public key for on-chain
+ *     credential registration via `AgentAccountFactory.createAccountWithPasskey`
+ *
+ * Doctrine: passkey ceremony belongs in connect-auth per the package's
+ * CLAUDE.md. Downstream packages (`agent-account`) consume the
+ * `WebAuthnAssertion` struct produced here and encode it into the
+ * smart-account signature wire format (`0x01 || abi.encode(...)`).
+ *
+ * Ported from smart-agent `packages/sdk/src/{passkey,cose-parse}.ts`
+ * (branch 003-intent-marketplace-proposal) — adapted to agenticprimitives
+ * package boundaries.
+ */
+import type { Hex } from '../types';
+/** secp256r1 (P-256) group order. */
+export declare const P256_N = 115792089210356248762697446949407573529996955224135760342422259061068512044369n;
+export declare function base64urlEncode(bytes: Uint8Array): string;
+export declare function base64urlDecode(s: string): Uint8Array;
+export declare function parseDerSignature(der: Uint8Array): {
+    r: bigint;
+    s: bigint;
+};
+/**
+ * Many WebAuthn authenticators emit high-s signatures (allowed by FIPS
+ * 186-4). The on-chain RIP-7212 precompile accepts both halves, but we
+ * normalise defensively so we stay compatible with stricter off-chain
+ * verifiers.
+ */
+export declare function normaliseLowS(s: bigint): bigint;
+/**
+ * Structured WebAuthn assertion in the shape `AgentAccount._verifyWebAuthn`
+ * consumes (the contract decodes this struct from the signature blob).
+ *
+ * Distinct from `PasskeyAssertion` (in `../types`), which is the
+ * protocol-level raw form returned by `PasskeySigner.assert()`.
+ */
+export interface WebAuthnAssertion {
+    authenticatorData: Hex;
+    clientDataJSON: string;
+    challengeIndex: bigint;
+    typeIndex: bigint;
+    r: bigint;
+    s: bigint;
+    credentialIdDigest: Hex;
+}
+/**
+ * Build a `WebAuthnAssertion` from a raw browser
+ * `navigator.credentials.get()` response.
+ *
+ * @param credentialIdBytes  raw credentialId bytes
+ * @param authenticatorData  response.authenticatorData
+ * @param clientDataJSON     response.clientDataJSON (UTF-8 bytes)
+ * @param derSignature       response.signature (DER ECDSA)
+ */
+export declare function buildWebAuthnAssertion(args: {
+    credentialIdBytes: Uint8Array;
+    authenticatorData: Uint8Array;
+    clientDataJSON: Uint8Array;
+    derSignature: Uint8Array;
+}): WebAuthnAssertion;
+/**
+ * Convert a 32-byte hash to the base64url-encoded challenge string
+ * `navigator.credentials.get({ publicKey: { challenge } })` accepts.
+ */
+export declare function hashToWebAuthnChallenge(hash: Hex): string;
+export interface ParsedAttestation {
+    credentialId: Uint8Array;
+    credentialIdBase64Url: string;
+    pubKeyX: bigint;
+    pubKeyY: bigint;
+    aaguid: Uint8Array;
+    signCount: number;
+    flagAttestedCredentialData: boolean;
+    flagUserPresent: boolean;
+    flagUserVerified: boolean;
+}
+/**
+ * Parse a WebAuthn `attestationObject` (CBOR-encoded) returned by
+ * `navigator.credentials.create()` → P-256 public key (x, y) plus
+ * credentialId, suitable for on-chain registration via
+ * `AgentAccountFactory.createAccountWithPasskey(credentialIdDigest, x, y, salt)`.
+ */
+export declare function parseAttestationObject(attestationObject: Uint8Array): ParsedAttestation;
+export declare function parseAuthData(authData: Uint8Array): ParsedAttestation;
+export interface PasskeySignupInput {
+    label: string;
+    challenge: Hex;
+}
+export declare function beginSignup(_input: {
+    label: string;
+}): Promise<never>;
+export declare function completeSignup(_req: unknown): Promise<never>;
+export declare function beginLogin(_input: {
+    credentialId: string;
+}): Promise<never>;
+export declare function completeLogin(_req: unknown): Promise<never>;
+//# sourceMappingURL=passkey.d.ts.map

package/dist/methods/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/methods/passkey.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAGH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAIpC,qCAAqC;AACrC,eAAO,MAAM,MAAM,kFACkD,CAAC;AAItE,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CASzD;AAED,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,UAAU,CAYrD;AAID,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,UAAU,GAAG;IAAE,CAAC,EAAE,MAAM,CAAC;IAAC,CAAC,EAAE,MAAM,CAAA;CAAE,CAiB3E;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAE/C;AAID;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,kBAAkB,EAAE,GAAG,CAAC;CACzB;AAED;;;;;;;;GAQG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE;IAC3C,iBAAiB,EAAE,UAAU,CAAC;IAC9B,iBAAiB,EAAE,UAAU,CAAC;IAC9B,cAAc,EAAE,UAAU,CAAC;IAC3B,YAAY,EAAE,UAAU,CAAC;CAC1B,GAAG,iBAAiB,CA2BpB;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,GAAG,GAAG,MAAM,CAEzD;AAID,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,UAAU,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B,EAAE,OAAO,CAAC;IACpC,eAAe,EAAE,OAAO,CAAC;IACzB,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CACpC,iBAAiB,EAAE,UAAU,GAC5B,iBAAiB,CAQnB;AAED,wBAAgB,aAAa,CAAC,QAAQ,EAAE,UAAU,GAAG,iBAAiB,CA2CrE;AAID,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,GAAG,CAAC;CAChB;AAED,wBAAsB,WAAW,CAAC,MAAM,EAAE;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAE3E;AAED,wBAAsB,cAAc,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAElE;AAED,wBAAsB,UAAU,CAAC,MAAM,EAAE;IAAE,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAEjF;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAEjE"}

package/dist/methods/passkey.js

@@ -0,0 +1,307 @@
+/**
+ * Passkey (WebAuthn) auth method.
+ *
+ * This module is the home of the WebAuthn ceremony for the agenticprimitives
+ * stack:
+ *   - challenge encoding (32-byte hash → base64url challenge)
+ *   - DER signature parsing → (r, s)
+ *   - low-s normalisation (P-256 group order)
+ *   - WebAuthn `Assertion` struct building from a raw browser response
+ *     (the structured form that `AgentAccount._verifyWebAuthn` consumes)
+ *   - COSE attestation parsing → P-256 (x, y) public key for on-chain
+ *     credential registration via `AgentAccountFactory.createAccountWithPasskey`
+ *
+ * Doctrine: passkey ceremony belongs in connect-auth per the package's
+ * CLAUDE.md. Downstream packages (`agent-account`) consume the
+ * `WebAuthnAssertion` struct produced here and encode it into the
+ * smart-account signature wire format (`0x01 || abi.encode(...)`).
+ *
+ * Ported from smart-agent `packages/sdk/src/{passkey,cose-parse}.ts`
+ * (branch 003-intent-marketplace-proposal) — adapted to agenticprimitives
+ * package boundaries.
+ */
+import { keccak256, toHex, toBytes } from 'viem';
+// ─── Constants ───────────────────────────────────────────────────────
+/** secp256r1 (P-256) group order. */
+export const P256_N = 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551n;
+// ─── Base64url codec ─────────────────────────────────────────────────
+export function base64urlEncode(bytes) {
+    let bin = '';
+    for (const b of bytes)
+        bin += String.fromCharCode(b);
+    const b64 = typeof btoa === 'function'
+        ? btoa(bin)
+        : // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            globalThis.Buffer.from(bytes).toString('base64');
+    return b64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+}
+export function base64urlDecode(s) {
+    const padded = s.replace(/-/g, '+').replace(/_/g, '/') +
+        '=='.slice((2 - (s.length & 3)) & 3);
+    const bin = typeof atob === 'function'
+        ? atob(padded)
+        : // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            globalThis.Buffer.from(padded, 'base64').toString('binary');
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++)
+        out[i] = bin.charCodeAt(i);
+    return out;
+}
+// ─── DER signature parsing + low-s normalisation ─────────────────────
+export function parseDerSignature(der) {
+    if (der.length < 8)
+        throw new Error('DER: too short');
+    if (der[0] !== 0x30)
+        throw new Error('DER: missing sequence tag');
+    let i = 2;
+    if (der[i] !== 0x02)
+        throw new Error('DER: missing r tag');
+    i++;
+    const rLen = der[i];
+    i++;
+    const rBytes = der.slice(i, i + rLen);
+    i += rLen;
+    if (der[i] !== 0x02)
+        throw new Error('DER: missing s tag');
+    i++;
+    const sLen = der[i];
+    i++;
+    const sBytes = der.slice(i, i + sLen);
+    i += sLen;
+    return { r: bytesToBigInt(rBytes), s: bytesToBigInt(sBytes) };
+}
+/**
+ * Many WebAuthn authenticators emit high-s signatures (allowed by FIPS
+ * 186-4). The on-chain RIP-7212 precompile accepts both halves, but we
+ * normalise defensively so we stay compatible with stricter off-chain
+ * verifiers.
+ */
+export function normaliseLowS(s) {
+    return s > P256_N / 2n ? P256_N - s : s;
+}
+/**
+ * Build a `WebAuthnAssertion` from a raw browser
+ * `navigator.credentials.get()` response.
+ *
+ * @param credentialIdBytes  raw credentialId bytes
+ * @param authenticatorData  response.authenticatorData
+ * @param clientDataJSON     response.clientDataJSON (UTF-8 bytes)
+ * @param derSignature       response.signature (DER ECDSA)
+ */
+export function buildWebAuthnAssertion(args) {
+    const cdjStr = new TextDecoder().decode(args.clientDataJSON);
+    const cdjBytes = args.clientDataJSON;
+    const typeMarker = new TextEncoder().encode('"type":"webauthn.get"');
+    const typeIndex = findIndex(cdjBytes, typeMarker);
+    if (typeIndex < 0) {
+        throw new Error('clientDataJSON: missing "type":"webauthn.get"');
+    }
+    const challengeMarker = new TextEncoder().encode('"challenge":"');
+    const challengeIndex = findIndex(cdjBytes, challengeMarker);
+    if (challengeIndex < 0) {
+        throw new Error('clientDataJSON: missing "challenge" key');
+    }
+    const { r, s } = parseDerSignature(args.derSignature);
+    return {
+        authenticatorData: toHex(args.authenticatorData),
+        clientDataJSON: cdjStr,
+        challengeIndex: BigInt(challengeIndex),
+        typeIndex: BigInt(typeIndex),
+        r,
+        s: normaliseLowS(s),
+        credentialIdDigest: keccak256(args.credentialIdBytes),
+    };
+}
+/**
+ * Convert a 32-byte hash to the base64url-encoded challenge string
+ * `navigator.credentials.get({ publicKey: { challenge } })` accepts.
+ */
+export function hashToWebAuthnChallenge(hash) {
+    return base64urlEncode(toBytes(hash));
+}
+/**
+ * Parse a WebAuthn `attestationObject` (CBOR-encoded) returned by
+ * `navigator.credentials.create()` → P-256 public key (x, y) plus
+ * credentialId, suitable for on-chain registration via
+ * `AgentAccountFactory.createAccountWithPasskey(credentialIdDigest, x, y, salt)`.
+ */
+export function parseAttestationObject(attestationObject) {
+    const top = cborDecode(attestationObject);
+    if (!isMap(top))
+        throw new Error('attestationObject: expected CBOR map');
+    const authData = mapGet(top, 'authData');
+    if (!(authData instanceof Uint8Array)) {
+        throw new Error('attestationObject: missing authData');
+    }
+    return parseAuthData(authData);
+}
+export function parseAuthData(authData) {
+    if (authData.length < 37)
+        throw new Error('authData too short');
+    const flags = authData[32];
+    const signCount = new DataView(authData.buffer, authData.byteOffset + 33, 4).getUint32(0, false);
+    const flagUP = (flags & 0x01) !== 0;
+    const flagUV = (flags & 0x04) !== 0;
+    const flagAT = (flags & 0x40) !== 0;
+    if (!flagAT) {
+        throw new Error('authData: attested credential data flag not set');
+    }
+    if (authData.length < 37 + 16 + 2) {
+        throw new Error('authData too short for attested credential data');
+    }
+    let i = 37;
+    const aaguid = authData.slice(i, i + 16);
+    i += 16;
+    const credIdLen = (authData[i] << 8) | authData[i + 1];
+    i += 2;
+    const credentialId = authData.slice(i, i + credIdLen);
+    i += credIdLen;
+    const cosePubKeyBytes = authData.slice(i);
+    const coseMap = cborDecode(cosePubKeyBytes);
+    if (!isMap(coseMap))
+        throw new Error('COSE_Key: expected map');
+    const x = mapGet(coseMap, -2);
+    const y = mapGet(coseMap, -3);
+    if (!(x instanceof Uint8Array) || !(y instanceof Uint8Array)) {
+        throw new Error('COSE_Key: missing x/y coordinates');
+    }
+    return {
+        credentialId,
+        credentialIdBase64Url: base64urlFromBytes(credentialId),
+        pubKeyX: bytesToBigInt(x),
+        pubKeyY: bytesToBigInt(y),
+        aaguid,
+        signCount,
+        flagAttestedCredentialData: flagAT,
+        flagUserPresent: flagUP,
+        flagUserVerified: flagUV,
+    };
+}
+export async function beginSignup(_input) {
+    throw new Error('connect-auth/passkey: beginSignup not implemented yet.');
+}
+export async function completeSignup(_req) {
+    throw new Error('connect-auth/passkey: completeSignup not implemented yet.');
+}
+export async function beginLogin(_input) {
+    throw new Error('connect-auth/passkey: beginLogin not implemented yet.');
+}
+export async function completeLogin(_req) {
+    throw new Error('connect-auth/passkey: completeLogin not implemented yet.');
+}
+// ─── Private helpers ─────────────────────────────────────────────────
+function bytesToBigInt(b) {
+    let n = 0n;
+    for (const x of b)
+        n = (n << 8n) | BigInt(x);
+    return n;
+}
+function base64urlFromBytes(b) {
+    return base64urlEncode(b);
+}
+function findIndex(haystack, needle) {
+    outer: for (let i = 0; i + needle.length <= haystack.length; i++) {
+        for (let j = 0; j < needle.length; j++) {
+            if (haystack[i + j] !== needle[j])
+                continue outer;
+        }
+        return i;
+    }
+    return -1;
+}
+function isMap(v) {
+    return v instanceof Map;
+}
+function mapGet(m, key) {
+    if (m.has(key))
+        return m.get(key);
+    if (typeof key === 'number') {
+        const bk = BigInt(key);
+        if (m.has(bk))
+            return m.get(bk);
+    }
+    return undefined;
+}
+function cborDecode(bytes) {
+    const reader = {
+        view: new DataView(bytes.buffer, bytes.byteOffset, bytes.byteLength),
+        pos: 0,
+    };
+    return decodeOne(reader);
+    function decodeOne(r) {
+        const first = r.view.getUint8(r.pos++);
+        const major = first >> 5;
+        const minor = first & 0x1f;
+        const len = readLength(r, minor);
+        switch (major) {
+            case 0:
+                return len;
+            case 1:
+                return typeof len === 'bigint'
+                    ? -(len + 1n)
+                    : -len - 1;
+            case 2: {
+                const b = new Uint8Array(r.view.buffer, r.view.byteOffset + r.pos, Number(len));
+                r.pos += Number(len);
+                return b.slice();
+            }
+            case 3: {
+                const b = new Uint8Array(r.view.buffer, r.view.byteOffset + r.pos, Number(len));
+                r.pos += Number(len);
+                return new TextDecoder().decode(b);
+            }
+            case 4: {
+                const out = [];
+                for (let i = 0n; i < BigInt(len); i++)
+                    out.push(decodeOne(r));
+                return out;
+            }
+            case 5: {
+                const m = new Map();
+                for (let i = 0n; i < BigInt(len); i++) {
+                    const k = decodeOne(r);
+                    const v = decodeOne(r);
+                    m.set(k, v);
+                }
+                return m;
+            }
+            case 7:
+                if (minor === 20)
+                    return false;
+                if (minor === 21)
+                    return true;
+                if (minor === 22)
+                    return null;
+                throw new Error('CBOR: unsupported simple/float value');
+            default:
+                throw new Error(`CBOR: unsupported major type ${major}`);
+        }
+    }
+    function readLength(r, minor) {
+        if (minor < 24)
+            return minor;
+        if (minor === 24) {
+            const v = r.view.getUint8(r.pos);
+            r.pos += 1;
+            return v;
+        }
+        if (minor === 25) {
+            const v = r.view.getUint16(r.pos, false);
+            r.pos += 2;
+            return v;
+        }
+        if (minor === 26) {
+            const v = r.view.getUint32(r.pos, false);
+            r.pos += 4;
+            return v;
+        }
+        if (minor === 27) {
+            const hi = r.view.getUint32(r.pos, false);
+            const lo = r.view.getUint32(r.pos + 4, false);
+            r.pos += 8;
+            return (BigInt(hi) << 32n) | BigInt(lo);
+        }
+        throw new Error('CBOR: indefinite-length / reserved length not supported');
+    }
+}
+//# sourceMappingURL=passkey.js.map

package/dist/methods/passkey.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/methods/passkey.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAGjD,wEAAwE;AAExE,qCAAqC;AACrC,MAAM,CAAC,MAAM,MAAM,GACjB,mEAAmE,CAAC;AAEtE,wEAAwE;AAExE,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACrD,MAAM,GAAG,GACP,OAAO,IAAI,KAAK,UAAU;QACxB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QACX,CAAC,CAAC,8DAA8D;YAC7D,UAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChE,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAS;IACvC,MAAM,MAAM,GACV,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvC,MAAM,GAAG,GACP,OAAO,IAAI,KAAK,UAAU;QACxB,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QACd,CAAC,CAAC,8DAA8D;YAC7D,UAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3E,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,wEAAwE;AAExE,MAAM,UAAU,iBAAiB,CAAC,GAAe;IAC/C,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACtD,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAClE,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC3D,CAAC,EAAE,CAAC;IACJ,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAE,CAAC;IACrB,CAAC,EAAE,CAAC;IACJ,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACtC,CAAC,IAAI,IAAI,CAAC;IACV,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC3D,CAAC,EAAE,CAAC;IACJ,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAE,CAAC;IACrB,CAAC,EAAE,CAAC;IACJ,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACtC,CAAC,IAAI,IAAI,CAAC;IACV,OAAO,EAAE,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;AAChE,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,CAAS;IACrC,OAAO,CAAC,GAAG,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC1C,CAAC;AAqBD;;;;;;;;GAQG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAKtC;IACC,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC;IAErC,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;IACrE,MAAM,SAAS,GAAG,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,eAAe,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,SAAS,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAiB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAEtD,OAAO;QACL,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC;QAChD,cAAc,EAAE,MAAM;QACtB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC;QACtC,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC;QAC5B,CAAC;QACD,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC;QACnB,kBAAkB,EAAE,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC;KACtD,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAS;IAC/C,OAAO,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,CAAC;AAgBD;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CACpC,iBAA6B;IAE7B,MAAM,GAAG,GAAG,UAAU,CAAC,iBAAiB,CAAC,CAAC;IAC1C,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IACzE,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,EAAE,UAAU,CAA2B,CAAC;IACnE,IAAI,CAAC,CAAC,QAAQ,YAAY,UAAU,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,aAAa,CAAC,QAAQ,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,QAAoB;IAChD,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,QAAQ,CAAC,EAAE,CAAE,CAAC;IAC5B,MAAM,SAAS,GAAG,IAAI,QAAQ,CAC5B,QAAQ,CAAC,MAAM,EACf,QAAQ,CAAC,UAAU,GAAG,EAAE,EACxB,CAAC,CACF,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACtB,MAAM,MAAM,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,MAAM,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,MAAM,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,IAAI,EAAE,CAAC;IACR,MAAM,SAAS,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;IACzD,CAAC,IAAI,CAAC,CAAC;IACP,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC;IACtD,CAAC,IAAI,SAAS,CAAC;IACf,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,UAAU,CAAC,eAAe,CAAC,CAAC;IAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAA2B,CAAC;IACxD,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAA2B,CAAC;IACxD,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC,EAAE,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IACD,OAAO;QACL,YAAY;QACZ,qBAAqB,EAAE,kBAAkB,CAAC,YAAY,CAAC;QACvD,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;QACzB,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;QACzB,MAAM;QACN,SAAS;QACT,0BAA0B,EAAE,MAAM;QAClC,eAAe,EAAE,MAAM;QACvB,gBAAgB,EAAE,MAAM;KACzB,CAAC;AACJ,CAAC;AASD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAyB;IACzD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,IAAa;IAChD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAgC;IAC/D,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAAa;IAC/C,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;AAC9E,CAAC;AAED,wEAAwE;AAExE,SAAS,aAAa,CAAC,CAAa;IAClC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,MAAM,CAAC,IAAI,CAAC;QAAE,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC7C,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAa;IACvC,OAAO,eAAe,CAAC,CAAC,CAAC,CAAC;AAC5B,CAAC;AAED,SAAS,SAAS,CAAC,QAAoB,EAAE,MAAkB;IACzD,KAAK,EAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACjE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,IAAI,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC;gBAAE,SAAS,KAAK,CAAC;QACpD,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,CAAC,CAAC;AACZ,CAAC;AAgBD,SAAS,KAAK,CAAC,CAAU;IACvB,OAAO,CAAC,YAAY,GAAG,CAAC;AAC1B,CAAC;AAED,SAAS,MAAM,CAAC,CAAU,EAAE,GAAY;IACtC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,UAAU,CAAC,KAAiB;IACnC,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC;QACpE,GAAG,EAAE,CAAC;KACP,CAAC;IACF,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC;IAEzB,SAAS,SAAS,CAAC,CAAkC;QACnD,MAAM,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACvC,MAAM,KAAK,GAAG,KAAK,IAAI,CAAC,CAAC;QACzB,MAAM,KAAK,GAAG,KAAK,GAAG,IAAI,CAAC;QAC3B,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,CAAC;gBACJ,OAAO,GAAsB,CAAC;YAChC,KAAK,CAAC;gBACJ,OAAO,OAAO,GAAG,KAAK,QAAQ;oBAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC;oBACb,CAAC,CAAC,CAAE,GAAc,GAAG,CAAC,CAAC;YAC3B,KAAK,CAAC,CAAC,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,IAAI,UAAU,CACtB,CAAC,CAAC,IAAI,CAAC,MAAM,EACb,CAAC,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,GAAG,EACzB,MAAM,CAAC,GAAG,CAAC,CACZ,CAAC;gBACF,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC;YACnB,CAAC;YACD,KAAK,CAAC,CAAC,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,IAAI,UAAU,CACtB,CAAC,CAAC,IAAI,CAAC,MAAM,EACb,CAAC,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,GAAG,EACzB,MAAM,CAAC,GAAG,CAAC,CACZ,CAAC;gBACF,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACrC,CAAC;YACD,KAAK,CAAC,CAAC,CAAC,CAAC;gBACP,MAAM,GAAG,GAAgB,EAAE,CAAC;gBAC5B,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;oBAAE,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC9D,OAAO,GAAG,CAAC;YACb,CAAC;YACD,KAAK,CAAC,CAAC,CAAC,CAAC;gBACP,MAAM,CAAC,GAAY,IAAI,GAAG,EAAE,CAAC;gBAC7B,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAY,CAAC;oBAClC,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;oBACvB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACd,CAAC;gBACD,OAAO,CAAC,CAAC;YACX,CAAC;YACD,KAAK,CAAC;gBACJ,IAAI,KAAK,KAAK,EAAE;oBAAE,OAAO,KAAK,CAAC;gBAC/B,IAAI,KAAK,KAAK,EAAE;oBAAE,OAAO,IAAI,CAAC;gBAC9B,IAAI,KAAK,KAAK,EAAE;oBAAE,OAAO,IAAI,CAAC;gBAC9B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D;gBACE,MAAM,IAAI,KAAK,CAAC,gCAAgC,KAAK,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,SAAS,UAAU,CACjB,CAAkC,EAClC,KAAa;QAEb,IAAI,KAAK,GAAG,EAAE;YAAE,OAAO,KAAK,CAAC;QAC7B,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YACjB,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACjC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACX,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YACjB,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACzC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACX,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YACjB,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACzC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACX,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YACjB,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC1C,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;YAC9C,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC"}

package/dist/methods/siwe.d.ts

@@ -0,0 +1,92 @@
+import type { Address, Hex } from '@agenticprimitives/types';
+export interface SiweMessageInput {
+    domain: string;
+    address: Address;
+    statement?: string;
+    uri: string;
+    chainId: number;
+    nonce: string;
+    issuedAt?: string;
+    expirationTime?: string;
+}
+export interface SiweParsed {
+    domain: string;
+    address: Address;
+    statement: string | null;
+    uri: string;
+    version: string;
+    chainId: number;
+    nonce: string;
+    issuedAt: string;
+    expirationTime: string | null;
+}
+/** Build an EIP-4361 message string from structured input. */
+export declare function buildMessage(input: SiweMessageInput): string;
+/**
+ * Parse a SIWE message into its fields. Strict: rejects messages that don't
+ * match the EIP-4361 shape we produce. We deliberately don't accept every
+ * valid SIWE message variant — only what we generate.
+ */
+export declare function parseMessage(text: string): SiweParsed;
+export interface SiweVerifyResult {
+    ok: true;
+    address: Address;
+    parsed: SiweParsed;
+}
+export interface SiweVerifyError {
+    ok: false;
+    reason: string;
+}
+/**
+ * Pure parse-and-validate — checks version, domain, nonce, expiration,
+ * and computes the EIP-191 digest. Does NOT verify the signature.
+ *
+ * Used by `verify` (ECDSA path) and `verifyOnchain` (ERC-1271/6492 path).
+ * Splitting this out lets callers verify signatures against a contract
+ * (e.g. `UniversalSignatureValidator`) without re-implementing the SIWE
+ * field validation.
+ */
+export declare function parseAndValidate(message: string, opts?: {
+    now?: () => number;
+    allowedDomains?: string[];
+    expectedNonce?: string;
+}): {
+    ok: true;
+    parsed: SiweParsed;
+    digest: Uint8Array;
+} | SiweVerifyError;
+/**
+ * Verify a SIWE message via a caller-supplied async signature verifier
+ * (typically `verifyUserSignature` from `./verify-signature`, which calls
+ * the on-chain `UniversalSignatureValidator`).
+ *
+ * Per spec 130 and the `demo-a2a is signer-agnostic` doctrine: when the
+ * SIWE `address` is a smart account, this is how we verify — the
+ * validator dispatches between ECDSA / ERC-1271 / ERC-6492 on-chain,
+ * supporting EOA-owned, passkey-owned, and counterfactual accounts
+ * without the caller branching on signer type.
+ */
+export declare function verifyOnchain(message: string, signature: Hex, signatureVerifier: (args: {
+    signer: Address;
+    hash: Hex;
+    signature: Hex;
+}) => Promise<boolean>, opts?: {
+    now?: () => number;
+    allowedDomains?: string[];
+    expectedNonce?: string;
+}): Promise<SiweVerifyResult | SiweVerifyError>;
+/**
+ * Legacy ECDSA-only SIWE verifier. Recovers the signer address from the
+ * 65-byte signature and compares against the message's `address` field.
+ *
+ * Prefer `verifyOnchain` for new code — it goes through the universal
+ * validator and works for both EOA-owned and smart-account-owned
+ * (passkey, multisig, etc.) signers. Kept here for backward compat with
+ * the existing `verify` tests and the EOA-only siwe verifier path.
+ */
+export declare function verify(message: string, signature: Hex, opts?: {
+    now?: () => number;
+    allowedDomains?: string[];
+    expectedNonce?: string;
+}): SiweVerifyResult | SiweVerifyError;
+//# sourceMappingURL=siwe.d.ts.map

package/dist/methods/siwe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"siwe.d.ts","sourceRoot":"","sources":["../../src/methods/siwe.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,0BAA0B,CAAC;AAE7D,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,8DAA8D;AAC9D,wBAAgB,YAAY,CAAC,KAAK,EAAE,gBAAgB,GAAG,MAAM,CAoB5D;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,CA6CrD;AA0BD,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,IAAI,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,UAAU,CAAC;CACpB;AACD,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GAC/E;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,UAAU,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,GAAG,eAAe,CA4BxE;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,GAAG,EACd,iBAAiB,EAAE,CAAC,IAAI,EAAE;IACxB,MAAM,EAAE,OAAO,CAAC;IAChB,IAAI,EAAE,GAAG,CAAC;IACV,SAAS,EAAE,GAAG,CAAC;CAChB,KAAK,OAAO,CAAC,OAAO,CAAC,EACtB,IAAI,CAAC,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GAC/E,OAAO,CAAC,gBAAgB,GAAG,eAAe,CAAC,CAsB7C;AAED;;;;;;;;GAQG;AACH,wBAAgB,MAAM,CACpB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,GAAG,EACd,IAAI,CAAC,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GAC/E,gBAAgB,GAAG,eAAe,CAcpC"}