@aptos-labs/ts-sdk 5.1.0 → 5.1.1-side-effect-free.0

package/dist/esm/core/crypto/ephemeral.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/ephemeral.ts"],"sourcesContent":["import { Serializer, Deserializer } from \"../../bcs\";\nimport { EphemeralPublicKeyVariant, EphemeralSignatureVariant, HexInput } from \"../../types\";\nimport { PublicKey } from \"./publicKey\";\nimport { Signature } from \"./signature\";\nimport { Ed25519PublicKey, Ed25519Signature } from \"./ed25519\";\nimport { Hex } from \"../hex\";\nimport { AptosConfig } from \"../../api\";\n\n/**\n * Represents ephemeral public keys for Aptos Keyless accounts.\n *\n * These keys are used only temporarily within Keyless accounts and are not utilized as public keys for account identification.\n * @group Implementation\n * @category Serialization\n */\nexport class EphemeralPublicKey extends PublicKey {\n  /**\n   * The public key itself\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly publicKey: PublicKey;\n\n  /**\n   * An enum indicating the scheme of the ephemeral public key\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly variant: EphemeralPublicKeyVariant;\n\n  /**\n   * Creates an instance of EphemeralPublicKey using the provided public key.\n   * This constructor ensures that only supported signature types are accepted.\n   *\n   * @param publicKey - The public key to be used for the ephemeral public key.\n   * @throws Error if the signature type is unsupported.\n   * @group Implementation\n   * @category Serialization\n   */\n  constructor(publicKey: PublicKey) {\n    super();\n    const publicKeyType = publicKey.constructor.name;\n    switch (publicKeyType) {\n      case Ed25519PublicKey.name:\n        this.publicKey = publicKey;\n        this.variant = EphemeralPublicKeyVariant.Ed25519;\n        break;\n      default:\n        throw new Error(`Unsupported key for EphemeralPublicKey - ${publicKeyType}`);\n    }\n  }\n\n  /**\n   * Verifies a signed message using the ephemeral public key.\n   *\n   * @param args - The arguments for the verification.\n   * @param args.message - The message that was signed.\n   * @param args.signature - The signature that was signed by the private key of the ephemeral public key.\n   * @returns true if the signature is valid, otherwise false.\n   * @group Implementation\n   * @category Serialization\n   */\n  verifySignature(args: { message: HexInput; signature: EphemeralSignature }): boolean {\n    const { message, signature } = args;\n    return this.publicKey.verifySignature({ message, signature: signature.signature });\n  }\n\n  async verifySignatureAsync(args: {\n    aptosConfig: AptosConfig;\n    message: HexInput;\n    signature: EphemeralSignature;\n  }): Promise<boolean> {\n    return this.verifySignature(args);\n  }\n\n  /**\n   * Serializes the current instance, specifically handling the Ed25519 signature type.\n   * This function ensures that the signature is properly serialized using the provided serializer.\n   *\n   * @param serializer - The serializer instance used to serialize the signature.\n   * @throws Error if the signature type is unknown.\n   * @group Implementation\n   * @category Serialization\n   */\n  serialize(serializer: Serializer): void {\n    if (this.publicKey instanceof Ed25519PublicKey) {\n      serializer.serializeU32AsUleb128(EphemeralPublicKeyVariant.Ed25519);\n      this.publicKey.serialize(serializer);\n    } else {\n      throw new Error(\"Unknown public key type\");\n    }\n  }\n\n  /**\n   * Deserializes an EphemeralSignature from the provided deserializer.\n   * This function allows you to retrieve an EphemeralSignature based on the deserialized data.\n   *\n   * @param deserializer - The deserializer instance used to read the serialized data.\n   * @group Implementation\n   * @category Serialization\n   */\n  static deserialize(deserializer: Deserializer): EphemeralPublicKey {\n    const index = deserializer.deserializeUleb128AsU32();\n    switch (index) {\n      case EphemeralPublicKeyVariant.Ed25519:\n        return new EphemeralPublicKey(Ed25519PublicKey.deserialize(deserializer));\n      default:\n        throw new Error(`Unknown variant index for EphemeralPublicKey: ${index}`);\n    }\n  }\n\n  /**\n   * Determines if the provided public key is an instance of `EphemeralPublicKey`.\n   *\n   * @param publicKey - The public key to check.\n   * @returns A boolean indicating whether the public key is an ephemeral type.\n   * @group Implementation\n   * @category Serialization\n   */\n  static isPublicKey(publicKey: PublicKey): publicKey is EphemeralPublicKey {\n    return publicKey instanceof EphemeralPublicKey;\n  }\n}\n\n/**\n * Represents ephemeral signatures used in Aptos Keyless accounts.\n *\n * These signatures are utilized within the KeylessSignature framework.\n * @group Implementation\n * @category Serialization\n */\nexport class EphemeralSignature extends Signature {\n  /**\n   * The signature signed by the private key of an EphemeralKeyPair\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly signature: Signature;\n\n  constructor(signature: Signature) {\n    super();\n    const signatureType = signature.constructor.name;\n    switch (signatureType) {\n      case Ed25519Signature.name:\n        this.signature = signature;\n        break;\n      default:\n        throw new Error(`Unsupported signature for EphemeralSignature - ${signatureType}`);\n    }\n  }\n\n  /**\n   * Deserializes an ephemeral signature from a hexadecimal input.\n   * This function allows you to convert a hexadecimal representation of an ephemeral signature into its deserialized form for\n   * further processing.\n   *\n   * @param hexInput - The hexadecimal input representing the ephemeral signature.\n   * @group Implementation\n   * @category Serialization\n   */\n  static fromHex(hexInput: HexInput): EphemeralSignature {\n    const data = Hex.fromHexInput(hexInput);\n    const deserializer = new Deserializer(data.toUint8Array());\n    return EphemeralSignature.deserialize(deserializer);\n  }\n\n  serialize(serializer: Serializer): void {\n    if (this.signature instanceof Ed25519Signature) {\n      serializer.serializeU32AsUleb128(EphemeralSignatureVariant.Ed25519);\n      this.signature.serialize(serializer);\n    } else {\n      throw new Error(\"Unknown signature type\");\n    }\n  }\n\n  static deserialize(deserializer: Deserializer): EphemeralSignature {\n    const index = deserializer.deserializeUleb128AsU32();\n    switch (index) {\n      case EphemeralSignatureVariant.Ed25519:\n        return new EphemeralSignature(Ed25519Signature.deserialize(deserializer));\n      default:\n        throw new Error(`Unknown variant index for EphemeralSignature: ${index}`);\n    }\n  }\n}\n"],"mappings":"AAAA,OAAqB,gBAAAA,MAAoB,YACzC,OAAS,6BAAAC,EAA2B,6BAAAC,MAA2C,cAC/E,OAAS,aAAAC,MAAiB,cAC1B,OAAS,aAAAC,MAAiB,cAC1B,OAAS,oBAAAC,EAAkB,oBAAAC,MAAwB,YACnD,OAAS,OAAAC,MAAW,SAUb,MAAMC,UAA2BL,CAAU,CAwBhD,YAAYM,EAAsB,CAChC,MAAM,EACN,MAAMC,EAAgBD,EAAU,YAAY,KAC5C,OAAQC,EAAe,CACrB,KAAKL,EAAiB,KACpB,KAAK,UAAYI,EACjB,KAAK,QAAUR,EAA0B,QACzC,MACF,QACE,MAAM,IAAI,MAAM,4CAA4CS,CAAa,EAAE,CAC/E,CACF,CAYA,gBAAgBC,EAAqE,CACnF,KAAM,CAAE,QAAAC,EAAS,UAAAC,CAAU,EAAIF,EAC/B,OAAO,KAAK,UAAU,gBAAgB,CAAE,QAAAC,EAAS,UAAWC,EAAU,SAAU,CAAC,CACnF,CAEA,MAAM,qBAAqBF,EAIN,CACnB,OAAO,KAAK,gBAAgBA,CAAI,CAClC,CAWA,UAAUG,EAA8B,CACtC,GAAI,KAAK,qBAAqBT,EAC5BS,EAAW,sBAAsBb,EAA0B,OAAO,EAClE,KAAK,UAAU,UAAUa,CAAU,MAEnC,OAAM,IAAI,MAAM,yBAAyB,CAE7C,CAUA,OAAO,YAAYC,EAAgD,CACjE,MAAMC,EAAQD,EAAa,wBAAwB,EACnD,OAAQC,EAAO,CACb,KAAKf,EAA0B,QAC7B,OAAO,IAAIO,EAAmBH,EAAiB,YAAYU,CAAY,CAAC,EAC1E,QACE,MAAM,IAAI,MAAM,iDAAiDC,CAAK,EAAE,CAC5E,CACF,CAUA,OAAO,YAAYP,EAAuD,CACxE,OAAOA,aAAqBD,CAC9B,CACF,CASO,MAAMS,UAA2Bb,CAAU,CAQhD,YAAYS,EAAsB,CAChC,MAAM,EACN,MAAMK,EAAgBL,EAAU,YAAY,KAC5C,OAAQK,EAAe,CACrB,KAAKZ,EAAiB,KACpB,KAAK,UAAYO,EACjB,MACF,QACE,MAAM,IAAI,MAAM,kDAAkDK,CAAa,EAAE,CACrF,CACF,CAWA,OAAO,QAAQC,EAAwC,CACrD,MAAMC,EAAOb,EAAI,aAAaY,CAAQ,EAChCJ,EAAe,IAAIf,EAAaoB,EAAK,aAAa,CAAC,EACzD,OAAOH,EAAmB,YAAYF,CAAY,CACpD,CAEA,UAAUD,EAA8B,CACtC,GAAI,KAAK,qBAAqBR,EAC5BQ,EAAW,sBAAsBZ,EAA0B,OAAO,EAClE,KAAK,UAAU,UAAUY,CAAU,MAEnC,OAAM,IAAI,MAAM,wBAAwB,CAE5C,CAEA,OAAO,YAAYC,EAAgD,CACjE,MAAMC,EAAQD,EAAa,wBAAwB,EACnD,OAAQC,EAAO,CACb,KAAKd,EAA0B,QAC7B,OAAO,IAAIe,EAAmBX,EAAiB,YAAYS,CAAY,CAAC,EAC1E,QACE,MAAM,IAAI,MAAM,iDAAiDC,CAAK,EAAE,CAC5E,CACF,CACF","names":["Deserializer","EphemeralPublicKeyVariant","EphemeralSignatureVariant","PublicKey","Signature","Ed25519PublicKey","Ed25519Signature","Hex","EphemeralPublicKey","publicKey","publicKeyType","args","message","signature","serializer","deserializer","index","EphemeralSignature","signatureType","hexInput","data"]}

package/dist/esm/core/crypto/federatedKeyless.mjs

@@ -1,2 +1,2 @@
-import{B as a}from"../../chunk-L72TIN7T.mjs";import"../../chunk-2XQKGWHQ.mjs";import"../../chunk-UYVPNUH3.mjs";import"../../chunk-XKUIMGKU.mjs";import"../../chunk-N6YTF76Q.mjs";import"../../chunk-A5L76YP7.mjs";import"../../chunk-I7XT6L7S.mjs";import"../../chunk-5HXLZHDW.mjs";import"../../chunk-G3MHXDYA.mjs";import"../../chunk-JABP65XD.mjs";import"../../chunk-GOXRBEIJ.mjs";import"../../chunk-2PASUPUO.mjs";import"../../chunk-XJJVJOX5.mjs";import"../../chunk-NECL5FCQ.mjs";import"../../chunk-4QMXOWHP.mjs";import"../../chunk-EF4FA5I6.mjs";import"../../chunk-WCMW2L3P.mjs";import"../../chunk-WSR5EBJM.mjs";import"../../chunk-C3Q23D22.mjs";import"../../chunk-QREVMGQZ.mjs";import"../../chunk-V3MBJJTL.mjs";import"../../chunk-ZP4DWSQA.mjs";import"../../chunk-FGFLPH5K.mjs";import"../../chunk-WHSTLR3F.mjs";import"../../chunk-M3AO73ZL.mjs";import"../../chunk-6OWBKU7N.mjs";import"../../chunk-AMXZQPUQ.mjs";import"../../chunk-YOZBVVKL.mjs";import"../../chunk-SJDCGNWU.mjs";import"../../chunk-UL777LTI.mjs";import"../../chunk-7ECCT6PK.mjs";import"../../chunk-4AI7KQQ7.mjs";import"../../chunk-7EER7GWV.mjs";import"../../chunk-QP2BY4PK.mjs";import"../../chunk-HGLO5LDS.mjs";import"../../chunk-CW35YAMN.mjs";import"../../chunk-6WDVDEQZ.mjs";import"../../chunk-RCSJFTST.mjs";import"../../chunk-4RXKALLC.mjs";import"../../chunk-OLILO7VD.mjs";import"../../chunk-7DQDJ2SA.mjs";import"../../chunk-HNBVYE3N.mjs";import"../../chunk-RGKRCZ36.mjs";import"../../chunk-FZY4PMEE.mjs";import"../../chunk-Q4W3WJ2U.mjs";import"../../chunk-TOBQ5UE6.mjs";import"../../chunk-MT2RJ7H3.mjs";import"../../chunk-ORMOQWWH.mjs";import"../../chunk-FD6FGKYY.mjs";import"../../chunk-4WPQQPUF.mjs";import"../../chunk-MCFQE4GC.mjs";import"../../chunk-FLZPUYXQ.mjs";import"../../chunk-EBMEXURY.mjs";import"../../chunk-STY74NUA.mjs";import"../../chunk-IF4UU2MT.mjs";import"../../chunk-56CNRT2K.mjs";import"../../chunk-CIJA7ONS.mjs";import"../../chunk-KDMSOCZY.mjs";export{a as FederatedKeylessPublicKey};
+import{AccountPublicKey as o}from"./publicKey";import{Serializer as u}from"../../bcs";import{AnyPublicKeyVariant as c,SigningScheme as a}from"../../types";import{AuthenticationKey as l}from"../authenticationKey";import{AccountAddress as t}from"../accountAddress";import{KeylessPublicKey as r,verifyKeylessSignature as y,verifyKeylessSignatureWithJwkAndConfig as d}from"./keyless";class s extends o{constructor(e,i){super(),this.jwkAddress=t.from(e),this.keylessPublicKey=i}authKey(){const e=new u;return e.serializeU32AsUleb128(c.FederatedKeyless),e.serializeFixedBytes(this.bcsToBytes()),l.fromSchemeAndBytes({scheme:a.SingleKey,input:e.toUint8Array()})}verifySignature(e){try{return d({...e,publicKey:this}),!0}catch{return!1}}serialize(e){this.jwkAddress.serialize(e),this.keylessPublicKey.serialize(e)}static deserialize(e){const i=t.deserialize(e),n=r.deserialize(e);return new s(i,n)}static isPublicKey(e){return e instanceof s}async verifySignatureAsync(e){return y({...e,publicKey:this})}static create(e){return new s(e.jwkAddress,r.create(e))}static fromJwtAndPepper(e){return new s(e.jwkAddress,r.fromJwtAndPepper(e))}static isInstance(e){return"jwkAddress"in e&&e.jwkAddress instanceof t&&"keylessPublicKey"in e&&e.keylessPublicKey instanceof r}}export{s as FederatedKeylessPublicKey};
 //# sourceMappingURL=federatedKeyless.mjs.map

package/dist/esm/core/crypto/federatedKeyless.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/federatedKeyless.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { AccountPublicKey, PublicKey } from \"./publicKey\";\nimport { Deserializer, Serializer } from \"../../bcs\";\nimport { HexInput, AnyPublicKeyVariant, SigningScheme } from \"../../types\";\nimport { AuthenticationKey } from \"../authenticationKey\";\nimport { AccountAddress, AccountAddressInput } from \"../accountAddress\";\nimport {\n  KeylessConfiguration,\n  KeylessPublicKey,\n  KeylessSignature,\n  MoveJWK,\n  verifyKeylessSignature,\n  verifyKeylessSignatureWithJwkAndConfig,\n} from \"./keyless\";\nimport { AptosConfig } from \"../../api\";\nimport { Signature } from \"..\";\n\n/**\n * Represents the FederatedKeylessPublicKey public key\n *\n * These keys use an on-chain address as a source of truth for the JWK used to verify signatures.\n *\n * FederatedKeylessPublicKey authentication key is represented in the SDK as `AnyPublicKey`.\n * @group Implementation\n * @category Serialization\n */\nexport class FederatedKeylessPublicKey extends AccountPublicKey {\n  /**\n   * The address that contains the JWK set to be used for verification.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly jwkAddress: AccountAddress;\n\n  /**\n   * The inner public key which contains the standard Keyless public key.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly keylessPublicKey: KeylessPublicKey;\n\n  constructor(jwkAddress: AccountAddressInput, keylessPublicKey: KeylessPublicKey) {\n    super();\n    this.jwkAddress = AccountAddress.from(jwkAddress);\n    this.keylessPublicKey = keylessPublicKey;\n  }\n\n  /**\n   * Get the authentication key for the federated keyless public key\n   *\n   * @returns AuthenticationKey\n   * @group Implementation\n   * @category Serialization\n   */\n  authKey(): AuthenticationKey {\n    const serializer = new Serializer();\n    serializer.serializeU32AsUleb128(AnyPublicKeyVariant.FederatedKeyless);\n    serializer.serializeFixedBytes(this.bcsToBytes());\n    return AuthenticationKey.fromSchemeAndBytes({\n      scheme: SigningScheme.SingleKey,\n      input: serializer.toUint8Array(),\n    });\n  }\n\n  /**\n   * Verifies a signed data with a public key\n   *\n   * @param args.message message\n   * @param args.signature The signature\n   * @param args.jwk - The JWK to use for verification.\n   * @param args.keylessConfig - The keyless configuration to use for verification.\n   * @returns true if the signature is valid\n   * @group Implementation\n   * @category Serialization\n   */\n  verifySignature(args: {\n    message: HexInput;\n    signature: Signature;\n    jwk: MoveJWK;\n    keylessConfig: KeylessConfiguration;\n  }): boolean {\n    try {\n      verifyKeylessSignatureWithJwkAndConfig({ ...args, publicKey: this });\n      return true;\n    } catch (error) {\n      return false;\n    }\n  }\n\n  serialize(serializer: Serializer): void {\n    this.jwkAddress.serialize(serializer);\n    this.keylessPublicKey.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): FederatedKeylessPublicKey {\n    const jwkAddress = AccountAddress.deserialize(deserializer);\n    const keylessPublicKey = KeylessPublicKey.deserialize(deserializer);\n    return new FederatedKeylessPublicKey(jwkAddress, keylessPublicKey);\n  }\n\n  static isPublicKey(publicKey: PublicKey): publicKey is FederatedKeylessPublicKey {\n    return publicKey instanceof FederatedKeylessPublicKey;\n  }\n\n  /**\n   * Verifies a keyless signature for a given message.  It will fetch the keyless configuration and the JWK to\n   * use for verification from the appropriate network as defined by the aptosConfig.\n   *\n   * @param args.aptosConfig The aptos config to use for fetching the keyless configuration.\n   * @param args.message The message to verify the signature against.\n   * @param args.signature The signature to verify.\n   * @param args.options.throwErrorWithReason Whether to throw an error with the reason for the failure instead of returning false.\n   * @returns true if the signature is valid\n   */\n  async verifySignatureAsync(args: {\n    aptosConfig: AptosConfig;\n    message: HexInput;\n    signature: KeylessSignature;\n    options?: { throwErrorWithReason?: boolean };\n  }): Promise<boolean> {\n    return verifyKeylessSignature({\n      ...args,\n      publicKey: this,\n    });\n  }\n\n  /**\n   * Creates a FederatedKeylessPublicKey from the JWT components plus pepper\n   *\n   * @param args.iss the iss of the identity\n   * @param args.uidKey the key to use to get the uidVal in the JWT token\n   * @param args.uidVal the value of the uidKey in the JWT token\n   * @param args.aud the client ID of the application\n   * @param args.pepper The pepper used to maintain privacy of the account\n   * @returns FederatedKeylessPublicKey\n   * @group Implementation\n   * @category Serialization\n   */\n  static create(args: {\n    iss: string;\n    uidKey: string;\n    uidVal: string;\n    aud: string;\n    pepper: HexInput;\n    jwkAddress: AccountAddressInput;\n  }): FederatedKeylessPublicKey {\n    return new FederatedKeylessPublicKey(args.jwkAddress, KeylessPublicKey.create(args));\n  }\n\n  static fromJwtAndPepper(args: {\n    jwt: string;\n    pepper: HexInput;\n    jwkAddress: AccountAddressInput;\n    uidKey?: string;\n  }): FederatedKeylessPublicKey {\n    return new FederatedKeylessPublicKey(args.jwkAddress, KeylessPublicKey.fromJwtAndPepper(args));\n  }\n\n  static isInstance(publicKey: PublicKey) {\n    return (\n      \"jwkAddress\" in publicKey &&\n      publicKey.jwkAddress instanceof AccountAddress &&\n      \"keylessPublicKey\" in publicKey &&\n      publicKey.keylessPublicKey instanceof KeylessPublicKey\n    );\n  }\n}\n"],"mappings":"AAGA,OAAS,oBAAAA,MAAmC,cAC5C,OAAuB,cAAAC,MAAkB,YACzC,OAAmB,uBAAAC,EAAqB,iBAAAC,MAAqB,cAC7D,OAAS,qBAAAC,MAAyB,uBAClC,OAAS,kBAAAC,MAA2C,oBACpD,OAEE,oBAAAC,EAGA,0BAAAC,EACA,0CAAAC,MACK,YAaA,MAAMC,UAAkCT,CAAiB,CAe9D,YAAYU,EAAiCC,EAAoC,CAC/E,MAAM,EACN,KAAK,WAAaN,EAAe,KAAKK,CAAU,EAChD,KAAK,iBAAmBC,CAC1B,CASA,SAA6B,CAC3B,MAAMC,EAAa,IAAIX,EACvB,OAAAW,EAAW,sBAAsBV,EAAoB,gBAAgB,EACrEU,EAAW,oBAAoB,KAAK,WAAW,CAAC,EACzCR,EAAkB,mBAAmB,CAC1C,OAAQD,EAAc,UACtB,MAAOS,EAAW,aAAa,CACjC,CAAC,CACH,CAaA,gBAAgBC,EAKJ,CACV,GAAI,CACF,OAAAL,EAAuC,CAAE,GAAGK,EAAM,UAAW,IAAK,CAAC,EAC5D,EACT,MAAgB,CACd,MAAO,EACT,CACF,CAEA,UAAUD,EAA8B,CACtC,KAAK,WAAW,UAAUA,CAAU,EACpC,KAAK,iBAAiB,UAAUA,CAAU,CAC5C,CAEA,OAAO,YAAYE,EAAuD,CACxE,MAAMJ,EAAaL,EAAe,YAAYS,CAAY,EACpDH,EAAmBL,EAAiB,YAAYQ,CAAY,EAClE,OAAO,IAAIL,EAA0BC,EAAYC,CAAgB,CACnE,CAEA,OAAO,YAAYI,EAA8D,CAC/E,OAAOA,aAAqBN,CAC9B,CAYA,MAAM,qBAAqBI,EAKN,CACnB,OAAON,EAAuB,CAC5B,GAAGM,EACH,UAAW,IACb,CAAC,CACH,CAcA,OAAO,OAAOA,EAOgB,CAC5B,OAAO,IAAIJ,EAA0BI,EAAK,WAAYP,EAAiB,OAAOO,CAAI,CAAC,CACrF,CAEA,OAAO,iBAAiBA,EAKM,CAC5B,OAAO,IAAIJ,EAA0BI,EAAK,WAAYP,EAAiB,iBAAiBO,CAAI,CAAC,CAC/F,CAEA,OAAO,WAAWE,EAAsB,CACtC,MACE,eAAgBA,GAChBA,EAAU,sBAAsBV,GAChC,qBAAsBU,GACtBA,EAAU,4BAA4BT,CAE1C,CACF","names":["AccountPublicKey","Serializer","AnyPublicKeyVariant","SigningScheme","AuthenticationKey","AccountAddress","KeylessPublicKey","verifyKeylessSignature","verifyKeylessSignatureWithJwkAndConfig","FederatedKeylessPublicKey","jwkAddress","keylessPublicKey","serializer","args","deserializer","publicKey"]}

package/dist/esm/core/crypto/hdKey.mjs

@@ -1,2 +1,2 @@
-import{a,b,c,d,e,f,g,h,i,j}from"../../chunk-C3Q23D22.mjs";import"../../chunk-KDMSOCZY.mjs";export{b as APTOS_BIP44_REGEX,a as APTOS_HARDENED_REGEX,h as CKDPriv,d as HARDENED_OFFSET,c as KeyType,g as deriveKey,e as isValidBIP44Path,f as isValidHardenedPath,j as mnemonicToSeed,i as splitPath};
+import{hmac as a}from"@noble/hashes/hmac";import{sha512 as c}from"@noble/hashes/sha512";import*as p from"@scure/bip39";const d=/^m\/44'\/637'\/[0-9]+'\/[0-9]+'\/[0-9]+'?$/,m=/^m\/44'\/637'\/[0-9]+'\/[0-9]+\/[0-9]+$/;var y=(t=>(t.ED25519="ed25519 seed",t))(y||{});const u=2147483648;function D(e){return m.test(e)}function E(e){return d.test(e)}const A=(e,t)=>{const r=a.create(c,e).update(t).digest();return{key:r.slice(0,32),chainCode:r.slice(32)}},f=({key:e,chainCode:t},r)=>{const n=new ArrayBuffer(4);new DataView(n).setUint32(0,r);const i=new Uint8Array(n),o=new Uint8Array([0]),s=new Uint8Array([...o,...e,...i]);return A(t,s)},x=e=>e.replace(/'/g,""),U=e=>e.split("/").slice(1).map(x),h=e=>{const t=e.trim().split(/\s+/).map(r=>r.toLowerCase()).join(" ");return p.mnemonicToSeedSync(t)};export{m as APTOS_BIP44_REGEX,d as APTOS_HARDENED_REGEX,f as CKDPriv,u as HARDENED_OFFSET,y as KeyType,A as deriveKey,D as isValidBIP44Path,E as isValidHardenedPath,h as mnemonicToSeed,U as splitPath};
 //# sourceMappingURL=hdKey.mjs.map

package/dist/esm/core/crypto/hdKey.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/hdKey.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { hmac } from \"@noble/hashes/hmac\";\nimport { sha512 } from \"@noble/hashes/sha512\";\nimport * as bip39 from \"@scure/bip39\";\n\n/**\n * Contains the derived cryptographic key as a Uint8Array.\n * @group Implementation\n * @category Serialization\n */\nexport type DerivedKeys = {\n  key: Uint8Array;\n  chainCode: Uint8Array;\n};\n\n/**\n * Aptos derive path is 637\n * @group Implementation\n * @category Serialization\n */\nexport const APTOS_HARDENED_REGEX = /^m\\/44'\\/637'\\/[0-9]+'\\/[0-9]+'\\/[0-9]+'?$/;\n\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const APTOS_BIP44_REGEX = /^m\\/44'\\/637'\\/[0-9]+'\\/[0-9]+\\/[0-9]+$/;\n\n/**\n * Supported key types and their associated seeds.\n * @group Implementation\n * @category Serialization\n */\nexport enum KeyType {\n  ED25519 = \"ed25519 seed\",\n}\n\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const HARDENED_OFFSET = 0x80000000;\n\n/**\n * Validate a BIP-44 derivation path string to ensure it meets the required format.\n * This function checks if the provided path adheres to the BIP-44 standard for Secp256k1.\n * Parse and validate a path that is compliant to BIP-44 in form m/44'/637'/{account_index}'/{change_index}/{address_index}\n * for Secp256k1\n *\n * Note that for Secp256k1, the last two components must be non-hardened.\n *\n * @param path - The path string to validate (e.g. `m/44'/637'/0'/0/0`).\n * @group Implementation\n * @category Serialization\n */\nexport function isValidBIP44Path(path: string): boolean {\n  return APTOS_BIP44_REGEX.test(path);\n}\n\n/**\n * Aptos derive path is 637\n *\n * Parse and validate a path that is compliant to SLIP-0010 and BIP-44\n * in form m/44'/637'/{account_index}'/{change_index}'/{address_index}'.\n * See SLIP-0010 {@link https://github.com/satoshilabs/slips/blob/master/slip-0044.md}\n * See BIP-44 {@link https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki}\n *\n * Note that for Ed25519, all components must be hardened.\n * This is because non-hardened [PK] derivation would not work due to Ed25519's lack of a key homomorphism.\n * Specifically, you cannot derive the PK associated with derivation path a/b/c given the PK of a/b.\n * This is because the PK in Ed25519 is, more or less, computed as 𝑔𝐻(𝑠𝑘),\n * with the hash function breaking the homomorphism.\n *\n * @param path - The derivation path string to validate (e.g. `m/44'/637'/0'/0'/0'`).\n * @group Implementation\n * @category Serialization\n */\nexport function isValidHardenedPath(path: string): boolean {\n  return APTOS_HARDENED_REGEX.test(path);\n}\n\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const deriveKey = (hashSeed: Uint8Array | string, data: Uint8Array | string): DerivedKeys => {\n  const digest = hmac.create(sha512, hashSeed).update(data).digest();\n  return {\n    key: digest.slice(0, 32),\n    chainCode: digest.slice(32),\n  };\n};\n\n/**\n * Derive a child key from the private key\n * @param key\n * @param chainCode\n * @param index\n * @group Implementation\n * @category Serialization\n */\nexport const CKDPriv = ({ key, chainCode }: DerivedKeys, index: number): DerivedKeys => {\n  const buffer = new ArrayBuffer(4);\n  new DataView(buffer).setUint32(0, index);\n  const indexBytes = new Uint8Array(buffer);\n  const zero = new Uint8Array([0]);\n  const data = new Uint8Array([...zero, ...key, ...indexBytes]);\n  return deriveKey(chainCode, data);\n};\n\nconst removeApostrophes = (val: string): string => val.replace(/'/g, \"\");\n\n/**\n * Splits derive path into segments\n * @param path\n * @group Implementation\n * @category Serialization\n */\nexport const splitPath = (path: string): Array<string> => path.split(\"/\").slice(1).map(removeApostrophes);\n\n/**\n * Normalizes the mnemonic by removing extra whitespace and making it lowercase\n * @param mnemonic the mnemonic seed phrase\n * @group Implementation\n * @category Serialization\n */\nexport const mnemonicToSeed = (mnemonic: string): Uint8Array => {\n  const normalizedMnemonic = mnemonic\n    .trim()\n    .split(/\\s+/)\n    .map((part) => part.toLowerCase())\n    .join(\" \");\n  return bip39.mnemonicToSeedSync(normalizedMnemonic);\n};\n"],"mappings":"AAGA,OAAS,QAAAA,MAAY,qBACrB,OAAS,UAAAC,MAAc,uBACvB,UAAYC,MAAW,eAiBhB,MAAMC,EAAuB,6CAMvBC,EAAoB,0CAO1B,IAAKC,OACVA,EAAA,QAAU,eADAA,OAAA,IAQL,MAAMC,EAAkB,WAcxB,SAASC,EAAiBC,EAAuB,CACtD,OAAOJ,EAAkB,KAAKI,CAAI,CACpC,CAoBO,SAASC,EAAoBD,EAAuB,CACzD,OAAOL,EAAqB,KAAKK,CAAI,CACvC,CAMO,MAAME,EAAY,CAACC,EAA+BC,IAA2C,CAClG,MAAMC,EAASb,EAAK,OAAOC,EAAQU,CAAQ,EAAE,OAAOC,CAAI,EAAE,OAAO,EACjE,MAAO,CACL,IAAKC,EAAO,MAAM,EAAG,EAAE,EACvB,UAAWA,EAAO,MAAM,EAAE,CAC5B,CACF,EAUaC,EAAU,CAAC,CAAE,IAAAC,EAAK,UAAAC,CAAU,EAAgBC,IAA+B,CACtF,MAAMC,EAAS,IAAI,YAAY,CAAC,EAChC,IAAI,SAASA,CAAM,EAAE,UAAU,EAAGD,CAAK,EACvC,MAAME,EAAa,IAAI,WAAWD,CAAM,EAClCE,EAAO,IAAI,WAAW,CAAC,CAAC,CAAC,EACzBR,EAAO,IAAI,WAAW,CAAC,GAAGQ,EAAM,GAAGL,EAAK,GAAGI,CAAU,CAAC,EAC5D,OAAOT,EAAUM,EAAWJ,CAAI,CAClC,EAEMS,EAAqBC,GAAwBA,EAAI,QAAQ,KAAM,EAAE,EAQ1DC,EAAaf,GAAgCA,EAAK,MAAM,GAAG,EAAE,MAAM,CAAC,EAAE,IAAIa,CAAiB,EAQ3FG,EAAkBC,GAAiC,CAC9D,MAAMC,EAAqBD,EACxB,KAAK,EACL,MAAM,KAAK,EACX,IAAKE,GAASA,EAAK,YAAY,CAAC,EAChC,KAAK,GAAG,EACX,OAAOzB,EAAM,mBAAmBwB,CAAkB,CACpD","names":["hmac","sha512","bip39","APTOS_HARDENED_REGEX","APTOS_BIP44_REGEX","KeyType","HARDENED_OFFSET","isValidBIP44Path","path","isValidHardenedPath","deriveKey","hashSeed","data","digest","CKDPriv","key","chainCode","index","buffer","indexBytes","zero","removeApostrophes","val","splitPath","mnemonicToSeed","mnemonic","normalizedMnemonic","part"]}

package/dist/esm/core/crypto/index.mjs

@@ -1,2 +1,2 @@
-import{A as V,B as W,C as X,D as Y,E as Z,F as ca,G as da,H as ea,I as fa,J as ga,K as ha,L as ia,P as ja,Q as ka,R as la,S as ma,T as na,U as oa,a as q,b as r,c as x,d as y,e as z,f as A,g as B,h as C,i as D,j as E,k as F,l as G,m as H,n as I,o as J,p as K,q as L,r as M,s as N,t as O,u as P,v as Q,w as R,x as S,y as T,z as U}from"../../chunk-L72TIN7T.mjs";import"../../chunk-2XQKGWHQ.mjs";import"../../chunk-UYVPNUH3.mjs";import"../../chunk-XKUIMGKU.mjs";import"../../chunk-N6YTF76Q.mjs";import"../../chunk-A5L76YP7.mjs";import{a as _,b as $,c as aa,d as ba}from"../../chunk-I7XT6L7S.mjs";import"../../chunk-5HXLZHDW.mjs";import"../../chunk-G3MHXDYA.mjs";import"../../chunk-JABP65XD.mjs";import{a as s,b as t,c as u,d as v,e as w}from"../../chunk-GOXRBEIJ.mjs";import{a as p}from"../../chunk-2PASUPUO.mjs";import"../../chunk-XJJVJOX5.mjs";import"../../chunk-NECL5FCQ.mjs";import"../../chunk-4QMXOWHP.mjs";import{a as d,b as e}from"../../chunk-EF4FA5I6.mjs";import{a as c}from"../../chunk-WCMW2L3P.mjs";import{a,b}from"../../chunk-WSR5EBJM.mjs";import{a as f,b as g,c as h,d as i,e as j,f as k,g as l,h as m,i as n,j as o}from"../../chunk-C3Q23D22.mjs";import"../../chunk-QREVMGQZ.mjs";import"../../chunk-V3MBJJTL.mjs";import"../../chunk-ZP4DWSQA.mjs";import"../../chunk-FGFLPH5K.mjs";import"../../chunk-WHSTLR3F.mjs";import"../../chunk-M3AO73ZL.mjs";import"../../chunk-6OWBKU7N.mjs";import"../../chunk-AMXZQPUQ.mjs";import"../../chunk-YOZBVVKL.mjs";import"../../chunk-SJDCGNWU.mjs";import"../../chunk-UL777LTI.mjs";import"../../chunk-7ECCT6PK.mjs";import"../../chunk-4AI7KQQ7.mjs";import"../../chunk-7EER7GWV.mjs";import"../../chunk-QP2BY4PK.mjs";import"../../chunk-HGLO5LDS.mjs";import"../../chunk-CW35YAMN.mjs";import"../../chunk-6WDVDEQZ.mjs";import"../../chunk-RCSJFTST.mjs";import"../../chunk-4RXKALLC.mjs";import"../../chunk-OLILO7VD.mjs";import"../../chunk-7DQDJ2SA.mjs";import"../../chunk-HNBVYE3N.mjs";import"../../chunk-RGKRCZ36.mjs";import"../../chunk-FZY4PMEE.mjs";import"../../chunk-Q4W3WJ2U.mjs";import"../../chunk-TOBQ5UE6.mjs";import"../../chunk-MT2RJ7H3.mjs";import"../../chunk-ORMOQWWH.mjs";import"../../chunk-FD6FGKYY.mjs";import"../../chunk-4WPQQPUF.mjs";import"../../chunk-MCFQE4GC.mjs";import"../../chunk-FLZPUYXQ.mjs";import"../../chunk-EBMEXURY.mjs";import"../../chunk-STY74NUA.mjs";import"../../chunk-IF4UU2MT.mjs";import"../../chunk-56CNRT2K.mjs";import"../../chunk-CIJA7ONS.mjs";import"../../chunk-KDMSOCZY.mjs";export{g as APTOS_BIP44_REGEX,f as APTOS_HARDENED_REGEX,ea as AbstractMultiKey,e as AbstractPublicKey,d as AbstractSignature,b as AccountPublicKey,ca as AnyPublicKey,da as AnySignature,m as CKDPriv,x as EPK_HORIZON_SECS,la as Ed25519PrivateKey,ka as Ed25519PublicKey,ma as Ed25519Signature,K as EphemeralCertificate,q as EphemeralPublicKey,r as EphemeralSignature,W as FederatedKeylessPublicKey,M as Groth16ProofAndStatement,Q as Groth16VerificationKey,L as Groth16Zkp,i as HARDENED_OFFSET,h as KeyType,P as KeylessConfiguration,F as KeylessPublicKey,J as KeylessSignature,y as MAX_AUD_VAL_BYTES,E as MAX_COMMITED_EPK_BYTES,C as MAX_EXTRA_FIELD_BYTES,B as MAX_ISS_VAL_BYTES,D as MAX_JWT_HEADER_B64_BYTES,z as MAX_UID_KEY_BYTES,A as MAX_UID_VAL_BYTES,U as MoveJWK,ha as MultiEd25519PublicKey,ia as MultiEd25519Signature,fa as MultiKey,ga as MultiKeySignature,p as PrivateKey,a as PublicKey,Y as Secp256k1PrivateKey,X as Secp256k1PublicKey,Z as Secp256k1Signature,$ as Secp256r1PrivateKey,_ as Secp256r1PublicKey,ba as Secp256r1Signature,c as Signature,aa as WebAuthnSignature,O as ZeroKnowledgeSig,N as ZkProof,v as bigIntToBytesLE,u as bytesToBigIntLE,l as deriveKey,na as deserializePublicKey,oa as deserializeSignature,I as fetchJWK,S as getIssAudAndUidVal,R as getKeylessConfig,T as getKeylessJWKs,s as hashStrToField,ja as isCanonicalEd25519Signature,j as isValidBIP44Path,k as isValidHardenedPath,o as mnemonicToSeed,t as padAndPackBytesWithLen,V as parseJwtHeader,w as poseidonHash,n as splitPath,G as verifyKeylessSignature,H as verifyKeylessSignatureWithJwkAndConfig};
+export*from"./abstraction";export*from"./ed25519";export*from"./ephemeral";export*from"./federatedKeyless";export*from"./hdKey";export*from"./keyless";export*from"./multiEd25519";export*from"./multiKey";export*from"./poseidon";export*from"./privateKey";export*from"./publicKey";export*from"./secp256k1";export*from"./secp256r1";export*from"./signature";export*from"./singleKey";export*from"./types";export*from"./deserializationUtils";
 //# sourceMappingURL=index.mjs.map

package/dist/esm/core/crypto/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/index.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nexport * from \"./abstraction\";\nexport * from \"./ed25519\";\nexport * from \"./ephemeral\";\nexport * from \"./federatedKeyless\";\nexport * from \"./hdKey\";\nexport * from \"./keyless\";\nexport * from \"./multiEd25519\";\nexport * from \"./multiKey\";\nexport * from \"./poseidon\";\nexport * from \"./privateKey\";\nexport * from \"./publicKey\";\nexport * from \"./secp256k1\";\nexport * from \"./secp256r1\";\nexport * from \"./signature\";\nexport * from \"./singleKey\";\nexport * from \"./types\";\nexport * from \"./deserializationUtils\";\n"],"mappings":"AAGA,WAAc,gBACd,WAAc,YACd,WAAc,cACd,WAAc,qBACd,WAAc,UACd,WAAc,YACd,WAAc,iBACd,WAAc,aACd,WAAc,aACd,WAAc,eACd,WAAc,cACd,WAAc,cACd,WAAc,cACd,WAAc,cACd,WAAc,cACd,WAAc,UACd,WAAc","names":[]}

package/dist/esm/core/crypto/keyless.mjs

@@ -1,2 +1,2 @@
-import{A as y,c as a,d as b,e as c,f as d,g as e,h as f,i as g,j as h,k as i,l as j,m as k,n as l,o as m,p as n,q as o,r as p,s as q,t as r,u as s,v as t,w as u,x as v,y as w,z as x}from"../../chunk-L72TIN7T.mjs";import"../../chunk-2XQKGWHQ.mjs";import"../../chunk-UYVPNUH3.mjs";import"../../chunk-XKUIMGKU.mjs";import"../../chunk-N6YTF76Q.mjs";import"../../chunk-A5L76YP7.mjs";import"../../chunk-I7XT6L7S.mjs";import"../../chunk-5HXLZHDW.mjs";import"../../chunk-G3MHXDYA.mjs";import"../../chunk-JABP65XD.mjs";import"../../chunk-GOXRBEIJ.mjs";import"../../chunk-2PASUPUO.mjs";import"../../chunk-XJJVJOX5.mjs";import"../../chunk-NECL5FCQ.mjs";import"../../chunk-4QMXOWHP.mjs";import"../../chunk-EF4FA5I6.mjs";import"../../chunk-WCMW2L3P.mjs";import"../../chunk-WSR5EBJM.mjs";import"../../chunk-C3Q23D22.mjs";import"../../chunk-QREVMGQZ.mjs";import"../../chunk-V3MBJJTL.mjs";import"../../chunk-ZP4DWSQA.mjs";import"../../chunk-FGFLPH5K.mjs";import"../../chunk-WHSTLR3F.mjs";import"../../chunk-M3AO73ZL.mjs";import"../../chunk-6OWBKU7N.mjs";import"../../chunk-AMXZQPUQ.mjs";import"../../chunk-YOZBVVKL.mjs";import"../../chunk-SJDCGNWU.mjs";import"../../chunk-UL777LTI.mjs";import"../../chunk-7ECCT6PK.mjs";import"../../chunk-4AI7KQQ7.mjs";import"../../chunk-7EER7GWV.mjs";import"../../chunk-QP2BY4PK.mjs";import"../../chunk-HGLO5LDS.mjs";import"../../chunk-CW35YAMN.mjs";import"../../chunk-6WDVDEQZ.mjs";import"../../chunk-RCSJFTST.mjs";import"../../chunk-4RXKALLC.mjs";import"../../chunk-OLILO7VD.mjs";import"../../chunk-7DQDJ2SA.mjs";import"../../chunk-HNBVYE3N.mjs";import"../../chunk-RGKRCZ36.mjs";import"../../chunk-FZY4PMEE.mjs";import"../../chunk-Q4W3WJ2U.mjs";import"../../chunk-TOBQ5UE6.mjs";import"../../chunk-MT2RJ7H3.mjs";import"../../chunk-ORMOQWWH.mjs";import"../../chunk-FD6FGKYY.mjs";import"../../chunk-4WPQQPUF.mjs";import"../../chunk-MCFQE4GC.mjs";import"../../chunk-FLZPUYXQ.mjs";import"../../chunk-EBMEXURY.mjs";import"../../chunk-STY74NUA.mjs";import"../../chunk-IF4UU2MT.mjs";import"../../chunk-56CNRT2K.mjs";import"../../chunk-CIJA7ONS.mjs";import"../../chunk-KDMSOCZY.mjs";export{a as EPK_HORIZON_SECS,n as EphemeralCertificate,p as Groth16ProofAndStatement,t as Groth16VerificationKey,o as Groth16Zkp,s as KeylessConfiguration,i as KeylessPublicKey,m as KeylessSignature,b as MAX_AUD_VAL_BYTES,h as MAX_COMMITED_EPK_BYTES,f as MAX_EXTRA_FIELD_BYTES,e as MAX_ISS_VAL_BYTES,g as MAX_JWT_HEADER_B64_BYTES,c as MAX_UID_KEY_BYTES,d as MAX_UID_VAL_BYTES,x as MoveJWK,r as ZeroKnowledgeSig,q as ZkProof,l as fetchJWK,v as getIssAudAndUidVal,u as getKeylessConfig,w as getKeylessJWKs,y as parseJwtHeader,j as verifyKeylessSignature,k as verifyKeylessSignatureWithJwkAndConfig};
+import{jwtDecode as N}from"jwt-decode";import{sha3_256 as oe}from"@noble/hashes/sha3";import{AccountPublicKey as ne}from"./publicKey";import{Signature as G}from"./signature";import{Deserializer as C,Serializable as K,Serializer as M}from"../../bcs";import{Hex as w,hexToAsciiString as ae}from"../hex";import{EphemeralCertificateVariant as O,AnyPublicKeyVariant as ce,SigningScheme as le,ZkpVariant as L}from"../../types";import{EphemeralPublicKey as B,EphemeralSignature as H}from"./ephemeral";import{bigIntToBytesLE as Y,bytesToBigIntLE as R,hashStrToField as g,padAndPackBytesWithLen as pe,poseidonHash as U}from"./poseidon";import{AuthenticationKey as ue}from"../authenticationKey";import{Proof as ye}from"./proof";import{Ed25519PublicKey as Z,Ed25519Signature as de}from"./ed25519";import{getAptosFullNode as v}from"../../client";import{memoizeAsync as he}from"../../utils/memoize";import{AccountAddress as F}from"../accountAddress";import{base64UrlToBytes as ge,getErrorMessage as me,nowInSeconds as fe}from"../../utils";import{KeylessError as c,KeylessErrorType as l}from"../../errors";import{bn254 as d}from"@noble/curves/bn254";import{bytesToNumberBE as we}from"@noble/curves/abstract/utils";import{FederatedKeylessPublicKey as xe}from"./federatedKeyless";import{encode as be}from"js-base64";import{generateSigningMessage as Se}from"../..";const Ae=1e7,V=120,Ee=30,Ke=330,Pe=120,Ie=350,ke=300,ve=93,h=class h extends ne{constructor(e,t){super();const r=w.fromHexInput(t).toUint8Array();if(r.length!==h.ID_COMMITMENT_LENGTH)throw new Error(`Id Commitment length in bytes should be ${h.ID_COMMITMENT_LENGTH}`);this.iss=e,this.idCommitment=r}authKey(){const e=new M;return e.serializeU32AsUleb128(ce.Keyless),e.serializeFixedBytes(this.bcsToBytes()),ue.fromSchemeAndBytes({scheme:le.SingleKey,input:e.toUint8Array()})}verifySignature(e){try{return $({...e,publicKey:this}),!0}catch(t){if(t instanceof c)return!1;throw t}}async verifySignatureAsync(e){return _e({...e,publicKey:this})}serialize(e){e.serializeStr(this.iss),e.serializeBytes(this.idCommitment)}static deserialize(e){const t=e.deserializeStr(),r=e.deserializeBytes();return new h(t,r)}static load(e){const t=e.deserializeStr(),r=e.deserializeBytes();return new h(t,r)}static isPublicKey(e){return e instanceof h}static create(e){return X(e),new h(e.iss,X(e))}static fromJwtAndPepper(e){const{jwt:t,pepper:r,uidKey:i="sub"}=e,s=N(t);if(typeof s.iss!="string")throw new Error("iss was not found");if(typeof s.aud!="string")throw new Error("aud was not found or an array of values");const o=s[i];return h.create({iss:s.iss,uidKey:i,uidVal:o,aud:s.aud,pepper:r})}static isInstance(e){return"iss"in e&&typeof e.iss=="string"&&"idCommitment"in e&&e.idCommitment instanceof Uint8Array}};h.ID_COMMITMENT_LENGTH=32;let P=h;async function _e(a){const{aptosConfig:e,publicKey:t,message:r,signature:i,jwk:s,keylessConfig:o=await Ge({aptosConfig:e}),options:n}=a;try{if(!(i instanceof A))throw c.fromErrorType({type:l.SIGNATURE_TYPE_INVALID,details:"Not a keyless signature"});return $({message:r,publicKey:t,signature:i,jwk:s||await ze({aptosConfig:e,publicKey:t,kid:i.getJwkKid()}),keylessConfig:o}),!0}catch(p){if(n?.throwErrorWithReason)throw p;return!1}}function $(a){const{publicKey:e,message:t,signature:r,keylessConfig:i,jwk:s}=a,{verificationKey:o,maxExpHorizonSecs:n,trainingWheelsPubkey:p}=i;if(!(r instanceof A))throw c.fromErrorType({type:l.SIGNATURE_TYPE_INVALID,details:"Not a keyless signature"});if(!(r.ephemeralCertificate.signature instanceof b))throw c.fromErrorType({type:l.SIGNATURE_TYPE_INVALID,details:"Unsupported ephemeral certificate variant"});const u=r.ephemeralCertificate.signature;if(!(u.proof.proof instanceof S))throw c.fromErrorType({type:l.SIGNATURE_TYPE_INVALID,details:"Unsupported proof variant for ZeroKnowledgeSig"});const y=u.proof.proof;if(r.expiryDateSecs<fe())throw c.fromErrorType({type:l.SIGNATURE_EXPIRED,details:"The expiryDateSecs is in the past"});if(u.expHorizonSecs>n)throw c.fromErrorType({type:l.MAX_EXPIRY_HORIZON_EXCEEDED});if(!r.ephemeralPublicKey.verifySignature({message:t,signature:r.ephemeralSignature}))throw c.fromErrorType({type:l.EPHEMERAL_SIGNATURE_VERIFICATION_FAILED});const f=Te({publicKey:e,signature:r,jwk:s,keylessConfig:i});if(!o.verifyProof({publicInputsHash:f,groth16Proof:y}))throw c.fromErrorType({type:l.PROOF_VERIFICATION_FAILED});if(p){if(!u.trainingWheelsSignature)throw c.fromErrorType({type:l.TRAINING_WHEELS_SIGNATURE_MISSING});const E=new W(y,f);if(!p.verifySignature({message:E.hash(),signature:u.trainingWheelsSignature}))throw c.fromErrorType({type:l.TRAINING_WHEELS_SIGNATURE_VERIFICATION_FAILED})}}function Te(a){const{publicKey:e,signature:t,jwk:r,keylessConfig:i}=a,s=e instanceof P?e:e.keylessPublicKey;if(!(t.ephemeralCertificate.signature instanceof b))throw new Error("Signature is not a ZeroKnowledgeSig");const o=t.ephemeralCertificate.signature,n=[];return n.push(...pe(t.ephemeralPublicKey.toUint8Array(),i.maxCommitedEpkBytes)),n.push(R(s.idCommitment)),n.push(t.expiryDateSecs),n.push(o.expHorizonSecs),n.push(g(s.iss,i.maxIssValBytes)),o.extraField?(n.push(1n),n.push(g(o.extraField,i.maxExtraFieldBytes))):(n.push(0n),n.push(g(" ",i.maxExtraFieldBytes))),n.push(g(be(t.jwtHeader,!0)+".",i.maxJwtHeaderB64Bytes)),n.push(r.toScalar()),o.overrideAudVal?(n.push(g(o.overrideAudVal,V)),n.push(1n)):(n.push(g("",V)),n.push(0n)),U(n)}async function ze(a){const{aptosConfig:e,publicKey:t,kid:r}=a,i=t instanceof P?t:t.keylessPublicKey,{iss:s}=i;let o;const n=t instanceof xe?t.jwkAddress:void 0;try{o=await He({aptosConfig:e,jwkAddr:n})}catch(y){throw c.fromErrorType({type:l.FULL_NODE_JWKS_LOOKUP_ERROR,error:y,details:`Failed to fetch ${n?"Federated":"Patched"}JWKs ${n?`for address ${n}`:"0x1"}`})}const p=o.get(s);if(p===void 0)throw c.fromErrorType({type:l.INVALID_JWT_ISS_NOT_RECOGNIZED,details:`JWKs for issuer ${s} not found.`});const u=p.find(y=>y.kid===r);if(u===void 0)throw c.fromErrorType({type:l.INVALID_JWT_JWK_NOT_FOUND,details:`JWK with kid '${r}' for issuer '${s}' not found.`});return u}function X(a){const{uidKey:e,uidVal:t,aud:r,pepper:i}=a,s=[R(w.fromHexInput(i).toUint8Array()),g(r,V),g(t,Ke),g(e,Ee)];return Y(U(s),P.ID_COMMITMENT_LENGTH)}class A extends G{constructor(e){super();const{jwtHeader:t,ephemeralCertificate:r,expiryDateSecs:i,ephemeralPublicKey:s,ephemeralSignature:o}=e;this.jwtHeader=t,this.ephemeralCertificate=r,this.expiryDateSecs=i,this.ephemeralPublicKey=s,this.ephemeralSignature=o}getJwkKid(){return Ue(this.jwtHeader).kid}serialize(e){this.ephemeralCertificate.serialize(e),e.serializeStr(this.jwtHeader),e.serializeU64(this.expiryDateSecs),this.ephemeralPublicKey.serialize(e),this.ephemeralSignature.serialize(e)}static deserialize(e){const t=_.deserialize(e),r=e.deserializeStr(),i=e.deserializeU64(),s=B.deserialize(e),o=H.deserialize(e);return new A({jwtHeader:r,expiryDateSecs:Number(i),ephemeralCertificate:t,ephemeralPublicKey:s,ephemeralSignature:o})}static getSimulationSignature(){return new A({jwtHeader:"{}",ephemeralCertificate:new _(new b({proof:new T(new S({a:new Uint8Array(32),b:new Uint8Array(64),c:new Uint8Array(32)}),L.Groth16),expHorizonSecs:0}),O.ZkProof),expiryDateSecs:0,ephemeralPublicKey:new B(new Z(new Uint8Array(32))),ephemeralSignature:new H(new de(new Uint8Array(64)))})}static isSignature(e){return e instanceof A}}class _ extends G{constructor(e,t){super(),this.signature=e,this.variant=t}toUint8Array(){return this.signature.toUint8Array()}serialize(e){e.serializeU32AsUleb128(this.variant),this.signature.serialize(e)}static deserialize(e){const t=e.deserializeUleb128AsU32();switch(t){case O.ZkProof:return new _(b.deserialize(e),t);default:throw new Error(`Unknown variant index for EphemeralCertificate: ${t}`)}}}const I=class I extends K{constructor(e){if(super(),this.data=w.fromHexInput(e).toUint8Array(),this.data.length!==32)throw new Error("Input needs to be 32 bytes")}serialize(e){e.serializeFixedBytes(this.data)}static deserialize(e){const t=e.deserializeFixedBytes(32);return new I(t)}toArray(){const e=this.toProjectivePoint();return[e.x.toString(),e.y.toString(),e.pz.toString()]}toProjectivePoint(){const e=new Uint8Array(this.data);e.reverse();const t=(e[0]&128)>>7,{Fp:r}=d.fields,i=r.create(J(e)),s=r.sqrt(r.add(r.pow(i,3n),I.B)),o=r.neg(s),n=s>o==(t===1)?s:o;return d.G1.ProjectivePoint.fromAffine({x:i,y:n})}};I.B=d.fields.Fp.create(3n);let m=I;function J(a){if(a.length!==32)throw new Error("Input should be 32 bytes");const e=new Uint8Array(a);return e[0]=e[0]&63,we(e)}const k=class k extends K{constructor(e){if(super(),this.data=w.fromHexInput(e).toUint8Array(),this.data.length!==64)throw new Error("Input needs to be 64 bytes")}serialize(e){e.serializeFixedBytes(this.data)}static deserialize(e){const t=e.deserializeFixedBytes(64);return new k(t)}toArray(){const e=this.toProjectivePoint();return[[e.x.c0.toString(),e.x.c1.toString()],[e.y.c0.toString(),e.y.c1.toString()],[e.pz.c0.toString(),e.pz.c1.toString()]]}toProjectivePoint(){const e=new Uint8Array(this.data),t=e.slice(0,32).reverse(),r=e.slice(32,64).reverse(),i=(r[0]&128)>>7,{Fp2:s}=d.fields,o=s.fromBigTuple([J(t),J(r)]),n=s.sqrt(s.add(s.pow(o,3n),k.B)),p=s.neg(n),y=(n.c1>p.c1||n.c1===p.c1&&n.c0>p.c0)===(i===1)?n:p;return d.G2.ProjectivePoint.fromAffine({x:o,y})}};k.B=d.fields.Fp2.fromBigTuple([19485874751759354771024239261021720505790618469301721065564631296452457478373n,266929791119991161246907387137283842545076965332900288569378510910307636690n]);let x=k;class S extends ye{constructor(e){super();const{a:t,b:r,c:i}=e;this.a=new m(t),this.b=new x(r),this.c=new m(i)}serialize(e){this.a.serialize(e),this.b.serialize(e),this.c.serialize(e)}static deserialize(e){const t=m.deserialize(e).bcsToBytes(),r=x.deserialize(e).bcsToBytes(),i=m.deserialize(e).bcsToBytes();return new S({a:t,b:r,c:i})}toSnarkJsJson(){return{protocol:"groth16",curve:"bn128",pi_a:this.a.toArray(),pi_b:this.b.toArray(),pi_c:this.c.toArray()}}}class W extends K{constructor(t,r){super();this.domainSeparator="APTOS::Groth16ProofAndStatement";if(this.proof=t,this.publicInputsHash=typeof r=="bigint"?Y(r,32):w.fromHexInput(r).toUint8Array(),this.publicInputsHash.length!==32)throw new Error("Invalid public inputs hash")}serialize(t){this.proof.serialize(t),t.serializeFixedBytes(this.publicInputsHash)}static deserialize(t){return new W(S.deserialize(t),t.deserializeFixedBytes(32))}hash(){return Se(this.bcsToBytes(),this.domainSeparator)}}class T extends K{constructor(e,t){super(),this.proof=e,this.variant=t}serialize(e){e.serializeU32AsUleb128(this.variant),this.proof.serialize(e)}static deserialize(e){const t=e.deserializeUleb128AsU32();switch(t){case L.Groth16:return new T(S.deserialize(e),t);default:throw new Error(`Unknown variant index for ZkProof: ${t}`)}}}class b extends G{constructor(e){super();const{proof:t,expHorizonSecs:r,trainingWheelsSignature:i,extraField:s,overrideAudVal:o}=e;this.proof=t,this.expHorizonSecs=r,this.trainingWheelsSignature=i,this.extraField=s,this.overrideAudVal=o}static fromBytes(e){return b.deserialize(new C(e))}serialize(e){this.proof.serialize(e),e.serializeU64(this.expHorizonSecs),e.serializeOption(this.extraField),e.serializeOption(this.overrideAudVal),e.serializeOption(this.trainingWheelsSignature)}static deserialize(e){const t=T.deserialize(e),r=Number(e.deserializeU64()),i=e.deserializeOption("string"),s=e.deserializeOption("string"),o=e.deserializeOption(H);return new b({proof:t,expHorizonSecs:r,trainingWheelsSignature:o,extraField:i,overrideAudVal:s})}}class j{constructor(e){const{verificationKey:t,trainingWheelsPubkey:r,maxExpHorizonSecs:i=Ae,maxExtraFieldBytes:s=Ie,maxJwtHeaderB64Bytes:o=ke,maxIssValBytes:n=Pe,maxCommitedEpkBytes:p=ve}=e;this.verificationKey=t,this.maxExpHorizonSecs=i,r&&(this.trainingWheelsPubkey=new B(new Z(r))),this.maxExtraFieldBytes=s,this.maxJwtHeaderB64Bytes=o,this.maxIssValBytes=n,this.maxCommitedEpkBytes=p}static create(e,t){return new j({verificationKey:new D({alphaG1:e.alpha_g1,betaG2:e.beta_g2,deltaG2:e.delta_g2,gammaAbcG1:e.gamma_abc_g1,gammaG2:e.gamma_g2}),maxExpHorizonSecs:Number(t.max_exp_horizon_secs),trainingWheelsPubkey:t.training_wheels_pubkey.vec[0],maxExtraFieldBytes:t.max_extra_field_bytes,maxJwtHeaderB64Bytes:t.max_jwt_header_b64_bytes,maxIssValBytes:t.max_iss_val_bytes,maxCommitedEpkBytes:t.max_commited_epk_bytes})}}class D{constructor(e){const{alphaG1:t,betaG2:r,deltaG2:i,gammaAbcG1:s,gammaG2:o}=e;this.alphaG1=new m(t),this.betaG2=new x(r),this.deltaG2=new x(i),this.gammaAbcG1=[new m(s[0]),new m(s[1])],this.gammaG2=new x(o)}hash(){const e=new M;return this.serialize(e),oe.create().update(e.toUint8Array()).digest()}serialize(e){this.alphaG1.serialize(e),this.betaG2.serialize(e),this.deltaG2.serialize(e),this.gammaAbcG1[0].serialize(e),this.gammaAbcG1[1].serialize(e),this.gammaG2.serialize(e)}static fromGroth16VerificationKeyResponse(e){return new D({alphaG1:e.alpha_g1,betaG2:e.beta_g2,deltaG2:e.delta_g2,gammaAbcG1:e.gamma_abc_g1,gammaG2:e.gamma_g2})}verifyProof(e){const{publicInputsHash:t,groth16Proof:r}=e;try{const i=r.a.toProjectivePoint(),s=r.b.toProjectivePoint(),o=r.c.toProjectivePoint(),n=this.alphaG1.toProjectivePoint(),p=this.betaG2.toProjectivePoint(),u=this.gammaG2.toProjectivePoint(),y=this.deltaG2.toProjectivePoint(),f=this.gammaAbcG1.map(se=>se.toProjectivePoint()),{Fp12:E}=d.fields;let q=f[0].add(f[1].multiply(t));const Q=d.pairing(q,u),ee=d.pairing(i,s),te=d.pairing(n,p),re=d.pairing(o,y),ie=E.mul(te,E.mul(Q,re));return E.eql(ee,ie)}catch(i){throw c.fromErrorType({type:l.PROOF_VERIFICATION_FAILED,error:i,details:"Error encountered when checking zero knowledge relation"})}}toSnarkJsJson(){return{protocol:"groth16",curve:"bn128",nPublic:1,vk_alpha_1:this.alphaG1.toArray(),vk_beta_2:this.betaG2.toArray(),vk_gamma_2:this.gammaG2.toArray(),vk_delta_2:this.deltaG2.toArray(),IC:this.gammaAbcG1.map(e=>e.toArray())}}}async function Ge(a){const{aptosConfig:e}=a;try{return await he(async()=>{const[t,r]=await Promise.all([Ce(a),Be(a)]);return j.create(r,t)},`keyless-configuration-${e.network}`,1e3*60*5)()}catch(t){throw t instanceof c?t:c.fromErrorType({type:l.FULL_NODE_OTHER,error:t})}}function Et(a){const{jwt:e,uidKey:t="sub"}=a;let r;try{r=N(e)}catch(s){throw c.fromErrorType({type:l.JWT_PARSING_ERROR,details:`Failed to parse JWT - ${me(s)}`})}if(typeof r.iss!="string")throw c.fromErrorType({type:l.JWT_PARSING_ERROR,details:"JWT is missing 'iss' in the payload. This should never happen."});if(typeof r.aud!="string")throw c.fromErrorType({type:l.JWT_PARSING_ERROR,details:"JWT is missing 'aud' in the payload or 'aud' is an array of values."});const i=r[t];return{iss:r.iss,aud:r.aud,uidVal:i}}async function Ce(a){const{aptosConfig:e,options:t}=a,r="0x1::keyless_account::Configuration";try{const{data:i}=await v({aptosConfig:e,originMethod:"getKeylessConfigurationResource",path:`accounts/${F.from("0x1").toString()}/resource/${r}`,params:{ledger_version:t?.ledgerVersion}});return i.data}catch(i){throw c.fromErrorType({type:l.FULL_NODE_CONFIG_LOOKUP_ERROR,error:i})}}async function Be(a){const{aptosConfig:e,options:t}=a,r="0x1::keyless_account::Groth16VerificationKey";try{const{data:i}=await v({aptosConfig:e,originMethod:"getGroth16VerificationKeyResource",path:`accounts/${F.from("0x1").toString()}/resource/${r}`,params:{ledger_version:t?.ledgerVersion}});return i.data}catch(i){throw c.fromErrorType({type:l.FULL_NODE_VERIFICATION_KEY_LOOKUP_ERROR,error:i})}}async function He(a){const{aptosConfig:e,jwkAddr:t,options:r}=a;let i;if(t){const o="0x1::jwks::FederatedJWKs",{data:n}=await v({aptosConfig:e,originMethod:"getKeylessJWKs",path:`accounts/${F.from(t).toString()}/resource/${o}`,params:{ledger_version:r?.ledgerVersion}});i=n}else{const o="0x1::jwks::PatchedJWKs",{data:n}=await v({aptosConfig:e,originMethod:"getKeylessJWKs",path:`accounts/0x1/resource/${o}`,params:{ledger_version:r?.ledgerVersion}});i=n}const s=new Map;for(const o of i.data.jwks.entries){const n=[];for(const p of o.jwks){const{data:u}=p.variant,y=new C(w.fromHexInput(u).toUint8Array()),f=z.deserialize(y);n.push(f)}s.set(ae(o.issuer),n)}return s}class z extends K{constructor(e){super();const{kid:t,kty:r,alg:i,e:s,n:o}=e;this.kid=t,this.kty=r,this.alg=i,this.e=s,this.n=o}serialize(e){e.serializeStr(this.kid),e.serializeStr(this.kty),e.serializeStr(this.alg),e.serializeStr(this.e),e.serializeStr(this.n)}static fromMoveStruct(e){const{data:t}=e.variant,r=new C(w.fromHexInput(t).toUint8Array());return z.deserialize(r)}toScalar(){if(this.alg!=="RS256")throw c.fromErrorType({type:l.PROOF_VERIFICATION_FAILED,details:"Failed to convert JWK to scalar when calculating the public inputs hash. Only RSA 256 is supported currently"});const e=ge(this.n),r=Re(e.reverse()).map(i=>R(i));return r.push(256n),U(r)}static deserialize(e){const t=e.deserializeStr(),r=e.deserializeStr(),i=e.deserializeStr(),s=e.deserializeStr(),o=e.deserializeStr();return new z({kid:t,kty:r,alg:i,n:o,e:s})}}function Re(a){const e=[];for(let t=0;t<a.length;t+=24){const r=a.slice(t,Math.min(t+24,a.length));if(r.length<24){const i=new Uint8Array(24);i.set(r),e.push(i)}else e.push(r)}return e}function Ue(a){try{const e=JSON.parse(a);if(e.kid===void 0)throw new Error("JWT header missing kid");return e}catch{throw new Error("Failed to parse JWT header.")}}export{Ae as EPK_HORIZON_SECS,_ as EphemeralCertificate,W as Groth16ProofAndStatement,D as Groth16VerificationKey,S as Groth16Zkp,j as KeylessConfiguration,P as KeylessPublicKey,A as KeylessSignature,V as MAX_AUD_VAL_BYTES,ve as MAX_COMMITED_EPK_BYTES,Ie as MAX_EXTRA_FIELD_BYTES,Pe as MAX_ISS_VAL_BYTES,ke as MAX_JWT_HEADER_B64_BYTES,Ee as MAX_UID_KEY_BYTES,Ke as MAX_UID_VAL_BYTES,z as MoveJWK,b as ZeroKnowledgeSig,T as ZkProof,ze as fetchJWK,Et as getIssAudAndUidVal,Ge as getKeylessConfig,He as getKeylessJWKs,Ue as parseJwtHeader,_e as verifyKeylessSignature,$ as verifyKeylessSignatureWithJwkAndConfig};
 //# sourceMappingURL=keyless.mjs.map

package/dist/esm/core/crypto/keyless.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/keyless.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\n// eslint-disable-next-line max-classes-per-file\nimport { JwtPayload, jwtDecode } from \"jwt-decode\";\nimport { sha3_256 } from \"@noble/hashes/sha3\";\nimport { AccountPublicKey, PublicKey } from \"./publicKey\";\nimport { Signature } from \"./signature\";\nimport { Deserializer, Serializable, Serializer } from \"../../bcs\";\nimport { Hex, hexToAsciiString } from \"../hex\";\nimport {\n  HexInput,\n  EphemeralCertificateVariant,\n  AnyPublicKeyVariant,\n  SigningScheme,\n  ZkpVariant,\n  LedgerVersionArg,\n  MoveResource,\n} from \"../../types\";\nimport { EphemeralPublicKey, EphemeralSignature } from \"./ephemeral\";\nimport { bigIntToBytesLE, bytesToBigIntLE, hashStrToField, padAndPackBytesWithLen, poseidonHash } from \"./poseidon\";\nimport { AuthenticationKey } from \"../authenticationKey\";\nimport { Proof } from \"./proof\";\nimport { Ed25519PublicKey, Ed25519Signature } from \"./ed25519\";\nimport {\n  Groth16VerificationKeyResponse,\n  KeylessConfigurationResponse,\n  MoveAnyStruct,\n  PatchedJWKsResponse,\n} from \"../../types/keyless\";\nimport { AptosConfig } from \"../../api/aptosConfig\";\nimport { getAptosFullNode } from \"../../client\";\nimport { memoizeAsync } from \"../../utils/memoize\";\nimport { AccountAddress, AccountAddressInput } from \"../accountAddress\";\nimport { base64UrlToBytes, getErrorMessage, nowInSeconds } from \"../../utils\";\nimport { KeylessError, KeylessErrorType } from \"../../errors\";\nimport { bn254 } from \"@noble/curves/bn254\";\nimport { bytesToNumberBE } from \"@noble/curves/abstract/utils\";\nimport { FederatedKeylessPublicKey } from \"./federatedKeyless\";\nimport { encode } from \"js-base64\";\nimport { generateSigningMessage } from \"../..\";\nimport { ProjPointType } from \"@noble/curves/abstract/weierstrass\";\nimport { Fp2 } from \"@noble/curves/abstract/tower\";\n\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const EPK_HORIZON_SECS = 10000000;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_AUD_VAL_BYTES = 120;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_UID_KEY_BYTES = 30;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_UID_VAL_BYTES = 330;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_ISS_VAL_BYTES = 120;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_EXTRA_FIELD_BYTES = 350;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_JWT_HEADER_B64_BYTES = 300;\n/**\n * @group Implementation\n * @category Serialization\n */\nexport const MAX_COMMITED_EPK_BYTES = 93;\n\n/**\n * Represents a Keyless Public Key used for authentication.\n *\n * This class encapsulates the public key functionality for keyless authentication,\n * including methods for generating and verifying signatures, as well as serialization\n * and deserialization of the key. The KeylessPublicKey is represented in the SDK\n * as `AnyPublicKey`.\n * @group Implementation\n * @category Serialization\n */\nexport class KeylessPublicKey extends AccountPublicKey {\n  /**\n   * The number of bytes that `idCommitment` should be\n   * @group Implementation\n   * @category Serialization\n   */\n  static readonly ID_COMMITMENT_LENGTH: number = 32;\n\n  /**\n   * The value of the 'iss' claim on the JWT which identifies the OIDC provider.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly iss: string;\n\n  /**\n   * A value representing a cryptographic commitment to a user identity.\n   *\n   * It is calculated from the aud, uidKey, uidVal, pepper.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly idCommitment: Uint8Array;\n\n  /**\n   * Constructs an instance with the specified parameters for cryptographic operations.\n   *\n   * @param args - The parameters required to initialize the instance.\n   * @param args.alphaG1 - The hex representation of the alpha G1 value.\n   * @param args.betaG2 - The hex representation of the beta G2 value.\n   * @param args.deltaG2 - The hex representation of the delta G2 value.\n   * @param args.gammaAbcG1 - An array containing two hex representations for gamma ABC G1 values.\n   * @param args.gammaG2 - The hex representation of the gamma G2 value.\n   * @group Implementation\n   * @category Serialization\n   */\n  // TODO: Fix the JSDoc for the below values\n  constructor(iss: string, idCommitment: HexInput) {\n    super();\n    const idcBytes = Hex.fromHexInput(idCommitment).toUint8Array();\n    if (idcBytes.length !== KeylessPublicKey.ID_COMMITMENT_LENGTH) {\n      throw new Error(`Id Commitment length in bytes should be ${KeylessPublicKey.ID_COMMITMENT_LENGTH}`);\n    }\n    this.iss = iss;\n    this.idCommitment = idcBytes;\n  }\n\n  /**\n   * Get the authentication key for the keyless public key.\n   *\n   * @returns AuthenticationKey - The authentication key derived from the keyless public key.\n   * @group Implementation\n   * @category Serialization\n   */\n  authKey(): AuthenticationKey {\n    const serializer = new Serializer();\n    serializer.serializeU32AsUleb128(AnyPublicKeyVariant.Keyless);\n    serializer.serializeFixedBytes(this.bcsToBytes());\n    return AuthenticationKey.fromSchemeAndBytes({\n      scheme: SigningScheme.SingleKey,\n      input: serializer.toUint8Array(),\n    });\n  }\n\n  /**\n   * Verifies the validity of a signature for a given message.\n   *\n   * @param args - The arguments for signature verification.\n   * @param args.message - The message that was signed.\n   * @param args.signature - The signature to verify against the message.\n   * @param args.jwk - The JWK to use for verification.\n   * @param args.keylessConfig - The keyless configuration to use for verification.\n   * @returns true if the signature is valid; otherwise, false.\n   * @group Implementation\n   * @category Serialization\n   */\n  verifySignature(args: {\n    message: HexInput;\n    signature: Signature;\n    jwk: MoveJWK;\n    keylessConfig: KeylessConfiguration;\n  }): boolean {\n    try {\n      verifyKeylessSignatureWithJwkAndConfig({ ...args, publicKey: this });\n      return true;\n    } catch (error) {\n      if (error instanceof KeylessError) {\n        return false;\n      }\n      throw error;\n    }\n  }\n\n  /**\n   * Verifies a keyless signature for a given message.  It will fetch the keyless configuration and the JWK to\n   * use for verification from the appropriate network as defined by the aptosConfig.\n   *\n   * @param args.aptosConfig The aptos config to use for fetching the keyless configuration.\n   * @param args.message The message to verify the signature against.\n   * @param args.signature The signature to verify.\n   * @param args.options.throwErrorWithReason Whether to throw an error with the reason for the failure instead of returning false.\n   * @returns true if the signature is valid\n   */\n  async verifySignatureAsync(args: {\n    aptosConfig: AptosConfig;\n    message: HexInput;\n    signature: Signature;\n    options?: { throwErrorWithReason?: boolean };\n  }): Promise<boolean> {\n    return verifyKeylessSignature({\n      ...args,\n      publicKey: this,\n    });\n  }\n\n  /**\n   * Serializes the current instance into a format suitable for transmission or storage.\n   * This function ensures that all relevant fields are properly serialized, including the proof and optional fields.\n   *\n   * @param serializer - The serializer instance used to perform the serialization.\n   * @param serializer.proof - The proof to be serialized.\n   * @param serializer.expHorizonSecs - The expiration horizon in seconds.\n   * @param serializer.extraField - An optional additional field for serialization.\n   * @param serializer.overrideAudVal - An optional override value for auditing.\n   * @param serializer.trainingWheelsSignature - An optional signature for training wheels.\n   * @group Implementation\n   * @category Serialization\n   */\n  serialize(serializer: Serializer): void {\n    serializer.serializeStr(this.iss);\n    serializer.serializeBytes(this.idCommitment);\n  }\n\n  /**\n   * Deserializes a ZeroKnowledgeSig object from the provided deserializer.\n   * This function allows you to reconstruct a ZeroKnowledgeSig instance from its serialized form.\n   *\n   * @param deserializer - The deserializer instance used to read the serialized data.\n   * @returns A new instance of ZeroKnowledgeSig.\n   * @group Implementation\n   * @category Serialization\n   */\n  static deserialize(deserializer: Deserializer): KeylessPublicKey {\n    const iss = deserializer.deserializeStr();\n    const addressSeed = deserializer.deserializeBytes();\n    return new KeylessPublicKey(iss, addressSeed);\n  }\n\n  /**\n   * Loads a KeylessPublicKey instance from the provided deserializer.\n   * This function is used to deserialize the necessary components to create a KeylessPublicKey.\n   *\n   * @param deserializer - The deserializer used to extract the string and byte data.\n   * @param deserializer.deserializeStr - A method to deserialize a string value.\n   * @param deserializer.deserializeBytes - A method to deserialize byte data.\n   * @returns A new instance of KeylessPublicKey.\n   * @group Implementation\n   * @category Serialization\n   */\n  static load(deserializer: Deserializer): KeylessPublicKey {\n    const iss = deserializer.deserializeStr();\n    const addressSeed = deserializer.deserializeBytes();\n    return new KeylessPublicKey(iss, addressSeed);\n  }\n\n  /**\n   * Determines if the provided public key is an instance of KeylessPublicKey.\n   *\n   * @param publicKey - The public key to check.\n   * @returns A boolean indicating whether the public key is a KeylessPublicKey instance.\n   * @group Implementation\n   * @category Serialization\n   */\n  static isPublicKey(publicKey: PublicKey): publicKey is KeylessPublicKey {\n    return publicKey instanceof KeylessPublicKey;\n  }\n\n  /**\n   * Creates a KeylessPublicKey from the JWT components plus pepper\n   *\n   * @param args.iss the iss of the identity\n   * @param args.uidKey the key to use to get the uidVal in the JWT token\n   * @param args.uidVal the value of the uidKey in the JWT token\n   * @param args.aud the client ID of the application\n   * @param args.pepper The pepper used to maintain privacy of the account\n   * @returns KeylessPublicKey\n   * @group Implementation\n   * @category Serialization\n   */\n  static create(args: {\n    iss: string;\n    uidKey: string;\n    uidVal: string;\n    aud: string;\n    pepper: HexInput;\n  }): KeylessPublicKey {\n    computeIdCommitment(args);\n    return new KeylessPublicKey(args.iss, computeIdCommitment(args));\n  }\n\n  /**\n   * Creates a KeylessPublicKey instance from a JWT and a pepper value.\n   * This function is useful for generating a public key that can be used for authentication based on the provided JWT claims and pepper.\n   *\n   * @param args - The arguments for creating the KeylessPublicKey.\n   * @param args.jwt - The JSON Web Token to decode.\n   * @param args.pepper - The pepper value used in the key creation process.\n   * @param args.uidKey - An optional key to retrieve the unique identifier from the JWT payload, defaults to \"sub\".\n   * @returns A KeylessPublicKey instance created from the provided JWT and pepper.\n   * @group Implementation\n   * @category Serialization\n   */\n  static fromJwtAndPepper(args: { jwt: string; pepper: HexInput; uidKey?: string }): KeylessPublicKey {\n    const { jwt, pepper, uidKey = \"sub\" } = args;\n    const jwtPayload = jwtDecode<JwtPayload & { [key: string]: string }>(jwt);\n    if (typeof jwtPayload.iss !== \"string\") {\n      throw new Error(\"iss was not found\");\n    }\n    if (typeof jwtPayload.aud !== \"string\") {\n      throw new Error(\"aud was not found or an array of values\");\n    }\n    const uidVal = jwtPayload[uidKey];\n    return KeylessPublicKey.create({ iss: jwtPayload.iss, uidKey, uidVal, aud: jwtPayload.aud, pepper });\n  }\n\n  /**\n   * Checks if the provided public key is a valid instance by verifying its structure and types.\n   *\n   * @param publicKey - The public key to validate.\n   * @returns A boolean indicating whether the public key is a valid instance.\n   * @group Implementation\n   * @category Serialization\n   */\n  static isInstance(publicKey: PublicKey) {\n    return (\n      \"iss\" in publicKey &&\n      typeof publicKey.iss === \"string\" &&\n      \"idCommitment\" in publicKey &&\n      publicKey.idCommitment instanceof Uint8Array\n    );\n  }\n}\n\nexport async function verifyKeylessSignature(args: {\n  publicKey: KeylessPublicKey | FederatedKeylessPublicKey;\n  aptosConfig: AptosConfig;\n  message: HexInput;\n  signature: Signature;\n  keylessConfig?: KeylessConfiguration;\n  jwk?: MoveJWK;\n  options?: { throwErrorWithReason?: boolean };\n}): Promise<boolean> {\n  const {\n    aptosConfig,\n    publicKey,\n    message,\n    signature,\n    jwk,\n    keylessConfig = await getKeylessConfig({ aptosConfig }),\n    options,\n  } = args;\n  try {\n    if (!(signature instanceof KeylessSignature)) {\n      throw KeylessError.fromErrorType({\n        type: KeylessErrorType.SIGNATURE_TYPE_INVALID,\n        details: \"Not a keyless signature\",\n      });\n    }\n    verifyKeylessSignatureWithJwkAndConfig({\n      message,\n      publicKey,\n      signature,\n      jwk: jwk ? jwk : await fetchJWK({ aptosConfig, publicKey, kid: signature.getJwkKid() }),\n      keylessConfig,\n    });\n    return true;\n  } catch (error) {\n    if (options?.throwErrorWithReason) {\n      throw error;\n    }\n    return false;\n  }\n}\n\n/**\n * Syncronously verifies a keyless signature for a given message.  You need to provide the keyless configuration and the\n * JWK to use for verification.\n *\n * @param args.message The message to verify the signature against.\n * @param args.signature The signature to verify.\n * @param args.keylessConfig The keyless configuration.\n * @param args.jwk The JWK to use for verification.\n * @returns true if the signature is valid\n * @throws KeylessError if the signature is invalid\n */\nexport function verifyKeylessSignatureWithJwkAndConfig(args: {\n  publicKey: KeylessPublicKey | FederatedKeylessPublicKey;\n  message: HexInput;\n  signature: Signature;\n  keylessConfig: KeylessConfiguration;\n  jwk: MoveJWK;\n}): void {\n  const { publicKey, message, signature, keylessConfig, jwk } = args;\n  const { verificationKey, maxExpHorizonSecs, trainingWheelsPubkey } = keylessConfig;\n  if (!(signature instanceof KeylessSignature)) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.SIGNATURE_TYPE_INVALID,\n      details: \"Not a keyless signature\",\n    });\n  }\n  if (!(signature.ephemeralCertificate.signature instanceof ZeroKnowledgeSig)) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.SIGNATURE_TYPE_INVALID,\n      details: \"Unsupported ephemeral certificate variant\",\n    });\n  }\n  const zkSig = signature.ephemeralCertificate.signature;\n  if (!(zkSig.proof.proof instanceof Groth16Zkp)) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.SIGNATURE_TYPE_INVALID,\n      details: \"Unsupported proof variant for ZeroKnowledgeSig\",\n    });\n  }\n  const groth16Proof = zkSig.proof.proof;\n  if (signature.expiryDateSecs < nowInSeconds()) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.SIGNATURE_EXPIRED,\n      details: \"The expiryDateSecs is in the past\",\n    });\n  }\n  if (zkSig.expHorizonSecs > maxExpHorizonSecs) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.MAX_EXPIRY_HORIZON_EXCEEDED,\n    });\n  }\n  if (!signature.ephemeralPublicKey.verifySignature({ message, signature: signature.ephemeralSignature })) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.EPHEMERAL_SIGNATURE_VERIFICATION_FAILED,\n    });\n  }\n  const publicInputsHash = getPublicInputsHash({ publicKey, signature, jwk, keylessConfig });\n  if (!verificationKey.verifyProof({ publicInputsHash, groth16Proof })) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.PROOF_VERIFICATION_FAILED,\n    });\n  }\n  if (trainingWheelsPubkey) {\n    if (!zkSig.trainingWheelsSignature) {\n      throw KeylessError.fromErrorType({\n        type: KeylessErrorType.TRAINING_WHEELS_SIGNATURE_MISSING,\n      });\n    }\n    const proofAndStatement = new Groth16ProofAndStatement(groth16Proof, publicInputsHash);\n    if (\n      !trainingWheelsPubkey.verifySignature({\n        message: proofAndStatement.hash(),\n        signature: zkSig.trainingWheelsSignature,\n      })\n    ) {\n      throw KeylessError.fromErrorType({\n        type: KeylessErrorType.TRAINING_WHEELS_SIGNATURE_VERIFICATION_FAILED,\n      });\n    }\n  }\n}\n\n/**\n * Get the public inputs hash for the keyless signature.\n *\n * @param args.signature The signature\n * @param args.jwk The JWK to use for the public inputs hash\n * @param args.keylessConfig The keyless configuration which defines the byte lengths to use when hashing fields.\n * @returns The public inputs hash\n */\nfunction getPublicInputsHash(args: {\n  publicKey: KeylessPublicKey | FederatedKeylessPublicKey;\n  signature: KeylessSignature;\n  jwk: MoveJWK;\n  keylessConfig: KeylessConfiguration;\n}): bigint {\n  const { publicKey, signature, jwk, keylessConfig } = args;\n  const innerKeylessPublicKey = publicKey instanceof KeylessPublicKey ? publicKey : publicKey.keylessPublicKey;\n  if (!(signature.ephemeralCertificate.signature instanceof ZeroKnowledgeSig)) {\n    throw new Error(\"Signature is not a ZeroKnowledgeSig\");\n  }\n  const proof = signature.ephemeralCertificate.signature;\n  const fields = [];\n  fields.push(\n    ...padAndPackBytesWithLen(signature.ephemeralPublicKey.toUint8Array(), keylessConfig.maxCommitedEpkBytes),\n  );\n  fields.push(bytesToBigIntLE(innerKeylessPublicKey.idCommitment));\n  fields.push(signature.expiryDateSecs);\n  fields.push(proof.expHorizonSecs);\n  fields.push(hashStrToField(innerKeylessPublicKey.iss, keylessConfig.maxIssValBytes));\n  if (!proof.extraField) {\n    fields.push(0n);\n    fields.push(hashStrToField(\" \", keylessConfig.maxExtraFieldBytes));\n  } else {\n    fields.push(1n);\n    fields.push(hashStrToField(proof.extraField, keylessConfig.maxExtraFieldBytes));\n  }\n  fields.push(hashStrToField(encode(signature.jwtHeader, true) + \".\", keylessConfig.maxJwtHeaderB64Bytes));\n  fields.push(jwk.toScalar());\n  if (!proof.overrideAudVal) {\n    fields.push(hashStrToField(\"\", MAX_AUD_VAL_BYTES));\n    fields.push(0n);\n  } else {\n    fields.push(hashStrToField(proof.overrideAudVal, MAX_AUD_VAL_BYTES));\n    fields.push(1n);\n  }\n  return poseidonHash(fields);\n}\n\n/**\n * Fetches the JWK from the issuer's well-known JWKS endpoint.\n *\n * @param args.publicKey The keyless public key which contains the issuer the address to fetch the JWK from (0x1 if not federated).\n * @param args.kid The kid of the JWK to fetch\n * @returns A JWK matching the `kid` in the JWT header.\n * @throws {KeylessError} If the JWK cannot be fetched\n */\nexport async function fetchJWK(args: {\n  aptosConfig: AptosConfig;\n  publicKey: KeylessPublicKey | FederatedKeylessPublicKey;\n  kid: string;\n}): Promise<MoveJWK> {\n  const { aptosConfig, publicKey, kid } = args;\n  const keylessPubKey = publicKey instanceof KeylessPublicKey ? publicKey : publicKey.keylessPublicKey;\n  const { iss } = keylessPubKey;\n\n  let allJWKs: Map<string, MoveJWK[]>;\n  const jwkAddr = publicKey instanceof FederatedKeylessPublicKey ? publicKey.jwkAddress : undefined;\n  try {\n    allJWKs = await getKeylessJWKs({ aptosConfig, jwkAddr });\n  } catch (error) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.FULL_NODE_JWKS_LOOKUP_ERROR,\n      error,\n      details: `Failed to fetch ${jwkAddr ? \"Federated\" : \"Patched\"}JWKs ${jwkAddr ? `for address ${jwkAddr}` : \"0x1\"}`,\n    });\n  }\n\n  // Find the corresponding JWK set by `iss`\n  const jwksForIssuer = allJWKs.get(iss);\n\n  if (jwksForIssuer === undefined) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.INVALID_JWT_ISS_NOT_RECOGNIZED,\n      details: `JWKs for issuer ${iss} not found.`,\n    });\n  }\n\n  // Find the corresponding JWK by `kid`\n  const jwk = jwksForIssuer.find((key) => key.kid === kid);\n\n  if (jwk === undefined) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.INVALID_JWT_JWK_NOT_FOUND,\n      details: `JWK with kid '${kid}' for issuer '${iss}' not found.`,\n    });\n  }\n\n  return jwk;\n}\n\nfunction computeIdCommitment(args: { uidKey: string; uidVal: string; aud: string; pepper: HexInput }): Uint8Array {\n  const { uidKey, uidVal, aud, pepper } = args;\n\n  const fields = [\n    bytesToBigIntLE(Hex.fromHexInput(pepper).toUint8Array()),\n    hashStrToField(aud, MAX_AUD_VAL_BYTES),\n    hashStrToField(uidVal, MAX_UID_VAL_BYTES),\n    hashStrToField(uidKey, MAX_UID_KEY_BYTES),\n  ];\n\n  return bigIntToBytesLE(poseidonHash(fields), KeylessPublicKey.ID_COMMITMENT_LENGTH);\n}\n\n/**\n * Represents a signature of a message signed via a Keyless Account, utilizing proofs or a JWT token for authentication.\n * @group Implementation\n * @category Serialization\n */\nexport class KeylessSignature extends Signature {\n  /**\n   * The inner signature ZeroKnowledgeSignature or OpenIdSignature\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly ephemeralCertificate: EphemeralCertificate;\n\n  /**\n   * The jwt header in the token used to create the proof/signature.  In json string representation.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly jwtHeader: string;\n\n  /**\n   * The expiry timestamp in seconds of the EphemeralKeyPair used to sign\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly expiryDateSecs: number;\n\n  /**\n   * The ephemeral public key used to verify the signature\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly ephemeralPublicKey: EphemeralPublicKey;\n\n  /**\n   * The signature resulting from signing with the private key of the EphemeralKeyPair\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly ephemeralSignature: EphemeralSignature;\n\n  constructor(args: {\n    jwtHeader: string;\n    ephemeralCertificate: EphemeralCertificate;\n    expiryDateSecs: number;\n    ephemeralPublicKey: EphemeralPublicKey;\n    ephemeralSignature: EphemeralSignature;\n  }) {\n    super();\n    const { jwtHeader, ephemeralCertificate, expiryDateSecs, ephemeralPublicKey, ephemeralSignature } = args;\n    this.jwtHeader = jwtHeader;\n    this.ephemeralCertificate = ephemeralCertificate;\n    this.expiryDateSecs = expiryDateSecs;\n    this.ephemeralPublicKey = ephemeralPublicKey;\n    this.ephemeralSignature = ephemeralSignature;\n  }\n\n  /**\n   * Get the kid of the JWT used to derive the Keyless Account used to sign.\n   *\n   * @returns the kid as a string\n   */\n  getJwkKid(): string {\n    return parseJwtHeader(this.jwtHeader).kid;\n  }\n\n  serialize(serializer: Serializer): void {\n    this.ephemeralCertificate.serialize(serializer);\n    serializer.serializeStr(this.jwtHeader);\n    serializer.serializeU64(this.expiryDateSecs);\n    this.ephemeralPublicKey.serialize(serializer);\n    this.ephemeralSignature.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): KeylessSignature {\n    const ephemeralCertificate = EphemeralCertificate.deserialize(deserializer);\n    const jwtHeader = deserializer.deserializeStr();\n    const expiryDateSecs = deserializer.deserializeU64();\n    const ephemeralPublicKey = EphemeralPublicKey.deserialize(deserializer);\n    const ephemeralSignature = EphemeralSignature.deserialize(deserializer);\n    return new KeylessSignature({\n      jwtHeader,\n      expiryDateSecs: Number(expiryDateSecs),\n      ephemeralCertificate,\n      ephemeralPublicKey,\n      ephemeralSignature,\n    });\n  }\n\n  static getSimulationSignature(): KeylessSignature {\n    return new KeylessSignature({\n      jwtHeader: \"{}\",\n      ephemeralCertificate: new EphemeralCertificate(\n        new ZeroKnowledgeSig({\n          proof: new ZkProof(\n            new Groth16Zkp({ a: new Uint8Array(32), b: new Uint8Array(64), c: new Uint8Array(32) }),\n            ZkpVariant.Groth16,\n          ),\n          expHorizonSecs: 0,\n        }),\n        EphemeralCertificateVariant.ZkProof,\n      ),\n      expiryDateSecs: 0,\n      ephemeralPublicKey: new EphemeralPublicKey(new Ed25519PublicKey(new Uint8Array(32))),\n      ephemeralSignature: new EphemeralSignature(new Ed25519Signature(new Uint8Array(64))),\n    });\n  }\n\n  static isSignature(signature: Signature): signature is KeylessSignature {\n    return signature instanceof KeylessSignature;\n  }\n}\n\n/**\n * Represents an ephemeral certificate containing a signature, specifically a ZeroKnowledgeSig.\n * This class can be extended to support additional signature types, such as OpenIdSignature.\n *\n * @extends Signature\n * @group Implementation\n * @category Serialization\n */\nexport class EphemeralCertificate extends Signature {\n  public readonly signature: Signature;\n\n  /**\n   * Index of the underlying enum variant\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly variant: EphemeralCertificateVariant;\n\n  constructor(signature: Signature, variant: EphemeralCertificateVariant) {\n    super();\n    this.signature = signature;\n    this.variant = variant;\n  }\n\n  /**\n   * Get the public key in bytes (Uint8Array).\n   *\n   * @returns Uint8Array representation of the public key\n   * @group Implementation\n   * @category Serialization\n   */\n  toUint8Array(): Uint8Array {\n    return this.signature.toUint8Array();\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeU32AsUleb128(this.variant);\n    this.signature.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): EphemeralCertificate {\n    const variant = deserializer.deserializeUleb128AsU32();\n    switch (variant) {\n      case EphemeralCertificateVariant.ZkProof:\n        return new EphemeralCertificate(ZeroKnowledgeSig.deserialize(deserializer), variant);\n      default:\n        throw new Error(`Unknown variant index for EphemeralCertificate: ${variant}`);\n    }\n  }\n}\n\n/**\n * Represents a fixed-size byte array of 32 bytes, extending the Serializable class.\n * This class is used for handling and serializing G1 bytes in cryptographic operations.\n *\n * @extends Serializable\n * @group Implementation\n * @category Serialization\n */\nclass G1Bytes extends Serializable {\n  private static readonly B = bn254.fields.Fp.create(3n);\n\n  data: Uint8Array;\n\n  constructor(data: HexInput) {\n    super();\n    this.data = Hex.fromHexInput(data).toUint8Array();\n    if (this.data.length !== 32) {\n      throw new Error(\"Input needs to be 32 bytes\");\n    }\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeFixedBytes(this.data);\n  }\n\n  static deserialize(deserializer: Deserializer): G1Bytes {\n    const bytes = deserializer.deserializeFixedBytes(32);\n    return new G1Bytes(bytes);\n  }\n\n  // Convert the projective coordinates to strings\n  toArray(): string[] {\n    const point = this.toProjectivePoint();\n    return [point.x.toString(), point.y.toString(), point.pz.toString()];\n  }\n\n  /**\n   * Converts the G1 bytes to a projective point.\n   * @returns The projective point.\n   */\n  toProjectivePoint(): ProjPointType<bigint> {\n    const bytes = new Uint8Array(this.data);\n    // Reverse the bytes to convert from little-endian to big-endian.\n    bytes.reverse();\n    // This gets the flag bit to determine which y to use.\n    const yFlag = (bytes[0] & 0x80) >> 7;\n    const { Fp } = bn254.fields;\n    const x = Fp.create(bytesToBn254FpBE(bytes));\n    const y = Fp.sqrt(Fp.add(Fp.pow(x, 3n), G1Bytes.B));\n    const negY = Fp.neg(y);\n    const yToUse = y > negY === (yFlag === 1) ? y : negY;\n    return bn254.G1.ProjectivePoint.fromAffine({\n      x: x,\n      y: yToUse,\n    });\n  }\n}\n\nfunction bytesToBn254FpBE(bytes: Uint8Array): bigint {\n  if (bytes.length !== 32) {\n    throw new Error(\"Input should be 32 bytes\");\n  }\n  // Clear the first two bits of the first byte which removes any flags.\n  const result = new Uint8Array(bytes);\n  result[0] = result[0] & 0x3f; // 0x3F = 00111111 in binary\n  return bytesToNumberBE(result);\n}\n\n/**\n * Represents a 64-byte G2 element in a cryptographic context.\n * This class provides methods for serialization and deserialization of G2 bytes.\n *\n * @extends Serializable\n * @group Implementation\n * @category Serialization\n */\nclass G2Bytes extends Serializable {\n  /**\n   * The constant b value used in G2 point calculations\n   */\n  private static readonly B = bn254.fields.Fp2.fromBigTuple([\n    19485874751759354771024239261021720505790618469301721065564631296452457478373n,\n    266929791119991161246907387137283842545076965332900288569378510910307636690n,\n  ]);\n\n  data: Uint8Array;\n\n  constructor(data: HexInput) {\n    super();\n    this.data = Hex.fromHexInput(data).toUint8Array();\n    if (this.data.length !== 64) {\n      throw new Error(\"Input needs to be 64 bytes\");\n    }\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeFixedBytes(this.data);\n  }\n\n  static deserialize(deserializer: Deserializer): G2Bytes {\n    const bytes = deserializer.deserializeFixedBytes(64);\n    return new G2Bytes(bytes);\n  }\n\n  // Convert the projective coordinates to strings\n  toArray(): [string, string][] {\n    const point = this.toProjectivePoint();\n    return [\n      [\n        point.x.c0.toString(), // x real part\n        point.x.c1.toString(),\n      ], // x imaginary part\n      [\n        point.y.c0.toString(), // y real part\n        point.y.c1.toString(),\n      ], // y imaginary part\n      [\n        point.pz.c0.toString(), // z real part\n        point.pz.c1.toString(),\n      ], // z imaginary part\n    ];\n  }\n\n  toProjectivePoint(): ProjPointType<Fp2> {\n    const bytes = new Uint8Array(this.data);\n    // Reverse the bytes to convert from little-endian to big-endian for each part of x.\n    const x0 = bytes.slice(0, 32).reverse();\n    const x1 = bytes.slice(32, 64).reverse();\n    // This gets the flag bit to determine which y to use.\n    const yFlag = (x1[0] & 0x80) >> 7;\n    const { Fp2 } = bn254.fields;\n    const x = Fp2.fromBigTuple([bytesToBn254FpBE(x0), bytesToBn254FpBE(x1)]);\n    const y = Fp2.sqrt(Fp2.add(Fp2.pow(x, 3n), G2Bytes.B));\n    const negY = Fp2.neg(y);\n    const isYGreaterThanNegY = y.c1 > negY.c1 || (y.c1 === negY.c1 && y.c0 > negY.c0);\n    const yToUse = isYGreaterThanNegY === (yFlag === 1) ? y : negY;\n    return bn254.G2.ProjectivePoint.fromAffine({\n      x: x,\n      y: yToUse,\n    });\n  }\n}\n\n/**\n * Represents a Groth16 zero-knowledge proof, consisting of three proof points in compressed serialization format.\n * The points are the compressed serialization of affine representation of the proof.\n *\n * @extends Proof\n * @group Implementation\n * @category Serialization\n */\nexport class Groth16Zkp extends Proof {\n  /**\n   * The bytes of G1 proof point a\n   * @group Implementation\n   * @category Serialization\n   */\n  a: G1Bytes;\n\n  /**\n   * The bytes of G2 proof point b\n   * @group Implementation\n   * @category Serialization\n   */\n  b: G2Bytes;\n\n  /**\n   * The bytes of G1 proof point c\n   * @group Implementation\n   * @category Serialization\n   */\n  c: G1Bytes;\n\n  constructor(args: { a: HexInput; b: HexInput; c: HexInput }) {\n    super();\n    const { a, b, c } = args;\n    this.a = new G1Bytes(a);\n    this.b = new G2Bytes(b);\n    this.c = new G1Bytes(c);\n  }\n\n  serialize(serializer: Serializer): void {\n    this.a.serialize(serializer);\n    this.b.serialize(serializer);\n    this.c.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): Groth16Zkp {\n    const a = G1Bytes.deserialize(deserializer).bcsToBytes();\n    const b = G2Bytes.deserialize(deserializer).bcsToBytes();\n    const c = G1Bytes.deserialize(deserializer).bcsToBytes();\n    return new Groth16Zkp({ a, b, c });\n  }\n\n  toSnarkJsJson() {\n    return {\n      protocol: \"groth16\",\n      curve: \"bn128\",\n      pi_a: this.a.toArray(),\n      pi_b: this.b.toArray(),\n      pi_c: this.c.toArray(),\n    };\n  }\n}\n\n/**\n * Represents a Groth16 proof and statement, consisting of a Groth16 proof and a public inputs hash.\n * This is used to generate the signing message for the training wheels signature.\n *\n * @extends Serializable\n * @group Implementation\n * @category Serialization\n */\nexport class Groth16ProofAndStatement extends Serializable {\n  /**\n   * The Groth16 proof\n   * @group Implementation\n   * @category Serialization\n   */\n  proof: Groth16Zkp;\n\n  /**\n   * The public inputs hash as a 32 byte Uint8Array\n   * @group Implementation\n   * @category Serialization\n   */\n  publicInputsHash: Uint8Array;\n\n  /**\n   * The domain separator prefix used when hashing.\n   * @group Implementation\n   * @category Account (On-Chain Model)\n   */\n  readonly domainSeparator = \"APTOS::Groth16ProofAndStatement\";\n\n  constructor(proof: Groth16Zkp, publicInputsHash: HexInput | bigint) {\n    super();\n    this.proof = proof;\n    this.publicInputsHash =\n      typeof publicInputsHash === \"bigint\"\n        ? bigIntToBytesLE(publicInputsHash, 32)\n        : Hex.fromHexInput(publicInputsHash).toUint8Array();\n    if (this.publicInputsHash.length !== 32) {\n      throw new Error(\"Invalid public inputs hash\");\n    }\n  }\n\n  serialize(serializer: Serializer): void {\n    this.proof.serialize(serializer);\n    serializer.serializeFixedBytes(this.publicInputsHash);\n  }\n\n  static deserialize(deserializer: Deserializer): Groth16ProofAndStatement {\n    return new Groth16ProofAndStatement(Groth16Zkp.deserialize(deserializer), deserializer.deserializeFixedBytes(32));\n  }\n\n  hash(): Uint8Array {\n    return generateSigningMessage(this.bcsToBytes(), this.domainSeparator);\n  }\n}\n\n/**\n * Represents a container for different types of zero-knowledge proofs.\n *\n * @extends Serializable\n * @group Implementation\n * @category Serialization\n */\nexport class ZkProof extends Serializable {\n  public readonly proof: Proof;\n\n  /**\n   * Index of the underlying enum variant\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly variant: ZkpVariant;\n\n  constructor(proof: Proof, variant: ZkpVariant) {\n    super();\n    this.proof = proof;\n    this.variant = variant;\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeU32AsUleb128(this.variant);\n    this.proof.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): ZkProof {\n    const variant = deserializer.deserializeUleb128AsU32();\n    switch (variant) {\n      case ZkpVariant.Groth16:\n        return new ZkProof(Groth16Zkp.deserialize(deserializer), variant);\n      default:\n        throw new Error(`Unknown variant index for ZkProof: ${variant}`);\n    }\n  }\n}\n\n/**\n * Represents a zero-knowledge signature, encapsulating the proof and its associated metadata.\n *\n * @extends Signature\n * @group Implementation\n * @category Serialization\n */\nexport class ZeroKnowledgeSig extends Signature {\n  /**\n   * The proof\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly proof: ZkProof;\n\n  /**\n   * The max lifespan of the proof\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly expHorizonSecs: number;\n\n  /**\n   * A key value pair on the JWT token that can be specified on the signature which would reveal the value on chain.\n   * Can be used to assert identity or other attributes.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly extraField?: string;\n\n  /**\n   * The 'aud' value of the recovery service which is set when recovering an account.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly overrideAudVal?: string;\n\n  /**\n   * The training wheels signature\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly trainingWheelsSignature?: EphemeralSignature;\n\n  constructor(args: {\n    proof: ZkProof;\n    expHorizonSecs: number;\n    extraField?: string;\n    overrideAudVal?: string;\n    trainingWheelsSignature?: EphemeralSignature;\n  }) {\n    super();\n    const { proof, expHorizonSecs, trainingWheelsSignature, extraField, overrideAudVal } = args;\n    this.proof = proof;\n    this.expHorizonSecs = expHorizonSecs;\n    this.trainingWheelsSignature = trainingWheelsSignature;\n    this.extraField = extraField;\n    this.overrideAudVal = overrideAudVal;\n  }\n\n  /**\n   * Deserialize a ZeroKnowledgeSig object from its BCS serialization in bytes.\n   *\n   * @param bytes - The bytes representing the serialized ZeroKnowledgeSig.\n   * @returns ZeroKnowledgeSig - The deserialized ZeroKnowledgeSig object.\n   * @group Implementation\n   * @category Serialization\n   */\n  static fromBytes(bytes: Uint8Array): ZeroKnowledgeSig {\n    return ZeroKnowledgeSig.deserialize(new Deserializer(bytes));\n  }\n\n  serialize(serializer: Serializer): void {\n    this.proof.serialize(serializer);\n    serializer.serializeU64(this.expHorizonSecs);\n    serializer.serializeOption(this.extraField);\n    serializer.serializeOption(this.overrideAudVal);\n    serializer.serializeOption(this.trainingWheelsSignature);\n  }\n\n  static deserialize(deserializer: Deserializer): ZeroKnowledgeSig {\n    const proof = ZkProof.deserialize(deserializer);\n    const expHorizonSecs = Number(deserializer.deserializeU64());\n    const extraField = deserializer.deserializeOption(\"string\");\n    const overrideAudVal = deserializer.deserializeOption(\"string\");\n    const trainingWheelsSignature = deserializer.deserializeOption(EphemeralSignature);\n    return new ZeroKnowledgeSig({ proof, expHorizonSecs, trainingWheelsSignature, extraField, overrideAudVal });\n  }\n}\n\n/**\n * Represents the on-chain configuration for how Keyless accounts operate.\n *\n * @remarks\n * This class encapsulates the verification key and the maximum lifespan of ephemeral key pairs,\n * which are essential for the functionality of Keyless accounts.\n * @group Implementation\n * @category Serialization\n */\nexport class KeylessConfiguration {\n  /**\n   * The verification key used to verify Groth16 proofs on chain\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly verificationKey: Groth16VerificationKey;\n\n  /**\n   * The maximum lifespan of an ephemeral key pair.  This is configured on chain.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly maxExpHorizonSecs: number;\n\n  /**\n   * The public key of the training wheels account.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly trainingWheelsPubkey?: EphemeralPublicKey;\n\n  /**\n   * The maximum number of bytes that can be used for the extra field.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly maxExtraFieldBytes: number;\n\n  /**\n   * The maximum number of bytes that can be used for the JWT header.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly maxJwtHeaderB64Bytes: number;\n\n  /**\n   * The maximum number of bytes that can be used for the issuer value.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly maxIssValBytes: number;\n\n  /**\n   * The maximum number of bytes that can be used for the committed ephemeral public key.\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly maxCommitedEpkBytes: number;\n\n  constructor(args: {\n    verificationKey: Groth16VerificationKey;\n    trainingWheelsPubkey?: HexInput;\n    maxExpHorizonSecs?: number;\n    maxExtraFieldBytes?: number;\n    maxJwtHeaderB64Bytes?: number;\n    maxIssValBytes?: number;\n    maxCommitedEpkBytes?: number;\n  }) {\n    const {\n      verificationKey,\n      trainingWheelsPubkey,\n      maxExpHorizonSecs = EPK_HORIZON_SECS,\n      maxExtraFieldBytes = MAX_EXTRA_FIELD_BYTES,\n      maxJwtHeaderB64Bytes = MAX_JWT_HEADER_B64_BYTES,\n      maxIssValBytes = MAX_ISS_VAL_BYTES,\n      maxCommitedEpkBytes = MAX_COMMITED_EPK_BYTES,\n    } = args;\n\n    this.verificationKey = verificationKey;\n    this.maxExpHorizonSecs = maxExpHorizonSecs;\n    if (trainingWheelsPubkey) {\n      this.trainingWheelsPubkey = new EphemeralPublicKey(new Ed25519PublicKey(trainingWheelsPubkey));\n    }\n    this.maxExtraFieldBytes = maxExtraFieldBytes;\n    this.maxJwtHeaderB64Bytes = maxJwtHeaderB64Bytes;\n    this.maxIssValBytes = maxIssValBytes;\n    this.maxCommitedEpkBytes = maxCommitedEpkBytes;\n  }\n\n  /**\n   * Creates a new KeylessConfiguration instance from a Groth16VerificationKeyResponse and a KeylessConfigurationResponse.\n   * @param res - The Groth16VerificationKeyResponse object containing the verification key data.\n   * @param config - The KeylessConfigurationResponse object containing the configuration data.\n   * @returns A new KeylessConfiguration instance.\n   */\n  static create(res: Groth16VerificationKeyResponse, config: KeylessConfigurationResponse): KeylessConfiguration {\n    return new KeylessConfiguration({\n      verificationKey: new Groth16VerificationKey({\n        alphaG1: res.alpha_g1,\n        betaG2: res.beta_g2,\n        deltaG2: res.delta_g2,\n        gammaAbcG1: res.gamma_abc_g1,\n        gammaG2: res.gamma_g2,\n      }),\n      maxExpHorizonSecs: Number(config.max_exp_horizon_secs),\n      trainingWheelsPubkey: config.training_wheels_pubkey.vec[0],\n      maxExtraFieldBytes: config.max_extra_field_bytes,\n      maxJwtHeaderB64Bytes: config.max_jwt_header_b64_bytes,\n      maxIssValBytes: config.max_iss_val_bytes,\n      maxCommitedEpkBytes: config.max_commited_epk_bytes,\n    });\n  }\n}\n\n/**\n * Represents the verification key stored on-chain used to verify Groth16 proofs.\n * @group Implementation\n * @category Serialization\n */\nexport class Groth16VerificationKey {\n  // The docstrings below are borrowed from ark-groth16\n\n  /**\n   * The `alpha * G`, where `G` is the generator of G1\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly alphaG1: G1Bytes;\n\n  /**\n   * The `alpha * H`, where `H` is the generator of G2\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly betaG2: G2Bytes;\n\n  /**\n   * The `delta * H`, where `H` is the generator of G2\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly deltaG2: G2Bytes;\n\n  /**\n   * The `gamma^{-1} * (beta * a_i + alpha * b_i + c_i) * H`, where H is the generator of G1\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly gammaAbcG1: [G1Bytes, G1Bytes];\n\n  /**\n   * The `gamma * H`, where `H` is the generator of G2\n   * @group Implementation\n   * @category Serialization\n   */\n  readonly gammaG2: G2Bytes;\n\n  constructor(args: {\n    alphaG1: HexInput;\n    betaG2: HexInput;\n    deltaG2: HexInput;\n    gammaAbcG1: [HexInput, HexInput];\n    gammaG2: HexInput;\n  }) {\n    const { alphaG1, betaG2, deltaG2, gammaAbcG1, gammaG2 } = args;\n    this.alphaG1 = new G1Bytes(alphaG1);\n    this.betaG2 = new G2Bytes(betaG2);\n    this.deltaG2 = new G2Bytes(deltaG2);\n    this.gammaAbcG1 = [new G1Bytes(gammaAbcG1[0]), new G1Bytes(gammaAbcG1[1])];\n    this.gammaG2 = new G2Bytes(gammaG2);\n  }\n\n  /**\n   * Calculates the hash of the serialized form of the verification key.\n   * This is useful for comparing verification keys or using them as unique identifiers.\n   *\n   * @returns The SHA3-256 hash of the serialized verification key as a Uint8Array\n   */\n  public hash(): Uint8Array {\n    const serializer = new Serializer();\n    this.serialize(serializer);\n    return sha3_256.create().update(serializer.toUint8Array()).digest();\n  }\n\n  serialize(serializer: Serializer): void {\n    this.alphaG1.serialize(serializer);\n    this.betaG2.serialize(serializer);\n    this.deltaG2.serialize(serializer);\n    this.gammaAbcG1[0].serialize(serializer);\n    this.gammaAbcG1[1].serialize(serializer);\n    this.gammaG2.serialize(serializer);\n  }\n\n  /**\n   * Converts a Groth16VerificationKeyResponse object into a Groth16VerificationKey instance.\n   *\n   * @param res - The Groth16VerificationKeyResponse object containing the verification key data.\n   * @param res.alpha_g1 - The alpha G1 value from the response.\n   * @param res.beta_g2 - The beta G2 value from the response.\n   * @param res.delta_g2 - The delta G2 value from the response.\n   * @param res.gamma_abc_g1 - The gamma ABC G1 value from the response.\n   * @param res.gamma_g2 - The gamma G2 value from the response.\n   * @returns A Groth16VerificationKey instance constructed from the provided response data.\n   * @group Implementation\n   * @category Serialization\n   */\n  static fromGroth16VerificationKeyResponse(res: Groth16VerificationKeyResponse): Groth16VerificationKey {\n    return new Groth16VerificationKey({\n      alphaG1: res.alpha_g1,\n      betaG2: res.beta_g2,\n      deltaG2: res.delta_g2,\n      gammaAbcG1: res.gamma_abc_g1,\n      gammaG2: res.gamma_g2,\n    });\n  }\n\n  /**\n   * Verifies a Groth16 proof using the verification key given the public inputs hash and the proof.\n   *\n   * @param args.publicInputsHash The public inputs hash\n   * @param args.groth16Proof The Groth16 proof\n   * @returns true if the proof is valid\n   */\n  verifyProof(args: { publicInputsHash: bigint; groth16Proof: Groth16Zkp }): boolean {\n    const { publicInputsHash, groth16Proof } = args;\n\n    try {\n      // Get proof points\n      const proofA = groth16Proof.a.toProjectivePoint();\n      const proofB = groth16Proof.b.toProjectivePoint();\n      const proofC = groth16Proof.c.toProjectivePoint();\n\n      // Get verification key points\n      const vkAlpha1 = this.alphaG1.toProjectivePoint();\n      const vkBeta2 = this.betaG2.toProjectivePoint();\n      const vkGamma2 = this.gammaG2.toProjectivePoint();\n      const vkDelta2 = this.deltaG2.toProjectivePoint();\n      const vkIC = this.gammaAbcG1.map((g1) => g1.toProjectivePoint());\n\n      const { Fp12 } = bn254.fields;\n\n      // Check that the following pairing equation holds:\n      // e(A_1, B_2) = e(\\alpha_1, \\beta_2) + e(\\ic_0 + public_inputs_hash \\ic_1, \\gamma_2) + e(C_1, \\delta_2)\n      // Where A_1, B_2, C_1 are the proof points and \\alpha_1, \\beta_2, \\gamma_2, \\delta_2, \\ic_0, \\ic_1\n      // are the verification key points\n\n      // \\ic_0 + public_inputs_hash \\ic_1\n      let accum = vkIC[0].add(vkIC[1].multiply(publicInputsHash));\n      // e(\\ic_0 + public_inputs_hash \\ic_1, \\gamma_2)\n      const pairingAccumGamma = bn254.pairing(accum, vkGamma2);\n      // e(A_1, B_2)\n      const pairingAB = bn254.pairing(proofA, proofB);\n      // e(\\alpha_1, \\beta_2)\n      const pairingAlphaBeta = bn254.pairing(vkAlpha1, vkBeta2);\n      // e(C_1, \\delta_2)\n      const pairingCDelta = bn254.pairing(proofC, vkDelta2);\n      // Get the result of the right hand side of the pairing equation\n      const product = Fp12.mul(pairingAlphaBeta, Fp12.mul(pairingAccumGamma, pairingCDelta));\n      // Check if the left hand side equals the right hand side\n      return Fp12.eql(pairingAB, product);\n    } catch (error) {\n      throw KeylessError.fromErrorType({\n        type: KeylessErrorType.PROOF_VERIFICATION_FAILED,\n        error,\n        details: \"Error encountered when checking zero knowledge relation\",\n      });\n    }\n  }\n\n  /**\n   * Converts the verification key to a JSON format compatible with snarkjs groth16.verify\n   *\n   * @returns An object containing the verification key in snarkjs format\n   * @group Implementation\n   * @category Serialization\n   */\n  toSnarkJsJson() {\n    return {\n      protocol: \"groth16\",\n      curve: \"bn128\",\n      nPublic: 1,\n      vk_alpha_1: this.alphaG1.toArray(),\n      vk_beta_2: this.betaG2.toArray(),\n      vk_gamma_2: this.gammaG2.toArray(),\n      vk_delta_2: this.deltaG2.toArray(),\n      IC: this.gammaAbcG1.map((g1) => g1.toArray()),\n    };\n  }\n}\n\n/**\n * Retrieves the configuration parameters for Keyless Accounts on the blockchain, including the verifying key and the maximum\n * expiry horizon.\n *\n * @param args - The arguments for retrieving the keyless configuration.\n * @param args.aptosConfig - The Aptos configuration object containing network details.\n * @param args.options - Optional parameters for the request.\n * @param args.options.ledgerVersion - The ledger version to query; if not provided, the latest version will be used.\n * @returns KeylessConfiguration - The configuration object containing the verifying key and maximum expiry horizon.\n * @group Implementation\n * @category Serialization\n */\nexport async function getKeylessConfig(args: {\n  aptosConfig: AptosConfig;\n  options?: LedgerVersionArg;\n}): Promise<KeylessConfiguration> {\n  const { aptosConfig } = args;\n  try {\n    return await memoizeAsync(\n      async () => {\n        const [config, vk] = await Promise.all([\n          getKeylessConfigurationResource(args),\n          getGroth16VerificationKeyResource(args),\n        ]);\n        return KeylessConfiguration.create(vk, config);\n      },\n      `keyless-configuration-${aptosConfig.network}`,\n      1000 * 60 * 5, // 5 minutes\n    )();\n  } catch (error) {\n    if (error instanceof KeylessError) {\n      throw error;\n    }\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.FULL_NODE_OTHER,\n      error,\n    });\n  }\n}\n\n/**\n * Parses a JWT and returns the 'iss', 'aud', and 'uid' values.\n *\n * @param args - The arguments for parsing the JWT.\n * @param args.jwt - The JWT to parse.\n * @param args.uidKey - The key to use for the 'uid' value; defaults to 'sub'.\n * @returns The 'iss', 'aud', and 'uid' values from the JWT.\n */\nexport function getIssAudAndUidVal(args: { jwt: string; uidKey?: string }): {\n  iss: string;\n  aud: string;\n  uidVal: string;\n} {\n  const { jwt, uidKey = \"sub\" } = args;\n  let jwtPayload: JwtPayload & { [key: string]: string };\n  try {\n    jwtPayload = jwtDecode<JwtPayload & { [key: string]: string }>(jwt);\n  } catch (error) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.JWT_PARSING_ERROR,\n      details: `Failed to parse JWT - ${getErrorMessage(error)}`,\n    });\n  }\n  if (typeof jwtPayload.iss !== \"string\") {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.JWT_PARSING_ERROR,\n      details: \"JWT is missing 'iss' in the payload. This should never happen.\",\n    });\n  }\n  if (typeof jwtPayload.aud !== \"string\") {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.JWT_PARSING_ERROR,\n      details: \"JWT is missing 'aud' in the payload or 'aud' is an array of values.\",\n    });\n  }\n  const uidVal = jwtPayload[uidKey];\n  return { iss: jwtPayload.iss, aud: jwtPayload.aud, uidVal };\n}\n\n/**\n * Retrieves the KeylessConfiguration set on chain.\n *\n * @param args - The arguments for retrieving the configuration.\n * @param args.aptosConfig - The configuration for connecting to the Aptos network.\n * @param args.options - Optional parameters for the request.\n * @param args.options.ledgerVersion - The ledger version to query; if not provided, it will get the latest version.\n * @returns KeylessConfigurationResponse - The response containing the keyless configuration data.\n * @group Implementation\n * @category Serialization\n */\nasync function getKeylessConfigurationResource(args: {\n  aptosConfig: AptosConfig;\n  options?: LedgerVersionArg;\n}): Promise<KeylessConfigurationResponse> {\n  const { aptosConfig, options } = args;\n  const resourceType = \"0x1::keyless_account::Configuration\";\n  try {\n    const { data } = await getAptosFullNode<{}, MoveResource<KeylessConfigurationResponse>>({\n      aptosConfig,\n      originMethod: \"getKeylessConfigurationResource\",\n      path: `accounts/${AccountAddress.from(\"0x1\").toString()}/resource/${resourceType}`,\n      params: { ledger_version: options?.ledgerVersion },\n    });\n    return data.data;\n  } catch (error) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.FULL_NODE_CONFIG_LOOKUP_ERROR,\n      error,\n    });\n  }\n}\n\n/**\n * Retrieves the Groth16VerificationKey set on the blockchain.\n *\n * @param args - The arguments for retrieving the verification key.\n * @param args.aptosConfig - The Aptos configuration object.\n * @param args.options - Optional parameters for the request.\n * @param args.options.ledgerVersion - The ledger version to query; if not provided, it will get the latest version.\n * @returns Groth16VerificationKeyResponse - The response containing the Groth16 verification key data.\n * @group Implementation\n * @category Serialization\n */\nasync function getGroth16VerificationKeyResource(args: {\n  aptosConfig: AptosConfig;\n  options?: LedgerVersionArg;\n}): Promise<Groth16VerificationKeyResponse> {\n  const { aptosConfig, options } = args;\n  const resourceType = \"0x1::keyless_account::Groth16VerificationKey\";\n  try {\n    const { data } = await getAptosFullNode<{}, MoveResource<Groth16VerificationKeyResponse>>({\n      aptosConfig,\n      originMethod: \"getGroth16VerificationKeyResource\",\n      path: `accounts/${AccountAddress.from(\"0x1\").toString()}/resource/${resourceType}`,\n      params: { ledger_version: options?.ledgerVersion },\n    });\n    return data.data;\n  } catch (error) {\n    throw KeylessError.fromErrorType({\n      type: KeylessErrorType.FULL_NODE_VERIFICATION_KEY_LOOKUP_ERROR,\n      error,\n    });\n  }\n}\n\nexport async function getKeylessJWKs(args: {\n  aptosConfig: AptosConfig;\n  jwkAddr?: AccountAddressInput;\n  options?: LedgerVersionArg;\n}): Promise<Map<string, MoveJWK[]>> {\n  const { aptosConfig, jwkAddr, options } = args;\n  let resource: MoveResource<PatchedJWKsResponse>;\n  if (!jwkAddr) {\n    const resourceType = \"0x1::jwks::PatchedJWKs\";\n    const { data } = await getAptosFullNode<{}, MoveResource<PatchedJWKsResponse>>({\n      aptosConfig,\n      originMethod: \"getKeylessJWKs\",\n      path: `accounts/0x1/resource/${resourceType}`,\n      params: { ledger_version: options?.ledgerVersion },\n    });\n    resource = data;\n  } else {\n    const resourceType = \"0x1::jwks::FederatedJWKs\";\n    const { data } = await getAptosFullNode<{}, MoveResource<PatchedJWKsResponse>>({\n      aptosConfig,\n      originMethod: \"getKeylessJWKs\",\n      path: `accounts/${AccountAddress.from(jwkAddr).toString()}/resource/${resourceType}`,\n      params: { ledger_version: options?.ledgerVersion },\n    });\n    resource = data;\n  }\n\n  // Create a map of issuer to JWK arrays\n  const jwkMap = new Map<string, MoveJWK[]>();\n  for (const entry of resource.data.jwks.entries) {\n    const jwks: MoveJWK[] = [];\n    for (const jwkStruct of entry.jwks) {\n      const { data: jwkData } = jwkStruct.variant;\n      const deserializer = new Deserializer(Hex.fromHexInput(jwkData).toUint8Array());\n      const jwk = MoveJWK.deserialize(deserializer);\n      jwks.push(jwk);\n    }\n    jwkMap.set(hexToAsciiString(entry.issuer), jwks);\n  }\n\n  return jwkMap;\n}\n\nexport class MoveJWK extends Serializable {\n  public kid: string;\n\n  public kty: string;\n\n  public alg: string;\n\n  public e: string;\n\n  public n: string;\n\n  constructor(args: { kid: string; kty: string; alg: string; e: string; n: string }) {\n    super();\n    const { kid, kty, alg, e, n } = args;\n    this.kid = kid;\n    this.kty = kty;\n    this.alg = alg;\n    this.e = e;\n    this.n = n;\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeStr(this.kid);\n    serializer.serializeStr(this.kty);\n    serializer.serializeStr(this.alg);\n    serializer.serializeStr(this.e);\n    serializer.serializeStr(this.n);\n  }\n\n  static fromMoveStruct(struct: MoveAnyStruct): MoveJWK {\n    const { data } = struct.variant;\n    const deserializer = new Deserializer(Hex.fromHexInput(data).toUint8Array());\n    return MoveJWK.deserialize(deserializer);\n  }\n\n  toScalar(): bigint {\n    if (this.alg !== \"RS256\") {\n      throw KeylessError.fromErrorType({\n        type: KeylessErrorType.PROOF_VERIFICATION_FAILED,\n        details:\n          \"Failed to convert JWK to scalar when calculating the public inputs hash. Only RSA 256 is supported currently\",\n      });\n    }\n    const uint8Array = base64UrlToBytes(this.n);\n    const chunks = chunkInto24Bytes(uint8Array.reverse());\n    const scalars = chunks.map((chunk) => bytesToBigIntLE(chunk));\n    scalars.push(256n); // Add the modulus size\n    return poseidonHash(scalars);\n  }\n\n  static deserialize(deserializer: Deserializer): MoveJWK {\n    const kid = deserializer.deserializeStr();\n    const kty = deserializer.deserializeStr();\n    const alg = deserializer.deserializeStr();\n    const e = deserializer.deserializeStr();\n    const n = deserializer.deserializeStr();\n    return new MoveJWK({ kid, kty, alg, n, e });\n  }\n}\n\nfunction chunkInto24Bytes(data: Uint8Array): Uint8Array[] {\n  const chunks: Uint8Array[] = [];\n  for (let i = 0; i < data.length; i += 24) {\n    const chunk = data.slice(i, Math.min(i + 24, data.length));\n    // Pad last chunk with zeros if needed\n    if (chunk.length < 24) {\n      const paddedChunk = new Uint8Array(24);\n      paddedChunk.set(chunk);\n      chunks.push(paddedChunk);\n    } else {\n      chunks.push(chunk);\n    }\n  }\n  return chunks;\n}\n\ninterface JwtHeader {\n  kid: string; // Key ID\n}\n/**\n * Safely parses the JWT header.\n * @param jwtHeader The JWT header string\n * @returns Parsed JWT header as an object.\n */\nexport function parseJwtHeader(jwtHeader: string): JwtHeader {\n  try {\n    const header = JSON.parse(jwtHeader);\n    if (header.kid === undefined) {\n      throw new Error(\"JWT header missing kid\");\n    }\n    return header;\n  } catch (error) {\n    throw new Error(\"Failed to parse JWT header.\");\n  }\n}\n"],"mappings":"AAIA,OAAqB,aAAAA,MAAiB,aACtC,OAAS,YAAAC,OAAgB,qBACzB,OAAS,oBAAAC,OAAmC,cAC5C,OAAS,aAAAC,MAAiB,cAC1B,OAAS,gBAAAC,EAAc,gBAAAC,EAAc,cAAAC,MAAkB,YACvD,OAAS,OAAAC,EAAK,oBAAAC,OAAwB,SACtC,OAEE,+BAAAC,EACA,uBAAAC,GACA,iBAAAC,GACA,cAAAC,MAGK,cACP,OAAS,sBAAAC,EAAoB,sBAAAC,MAA0B,cACvD,OAAS,mBAAAC,EAAiB,mBAAAC,EAAiB,kBAAAC,EAAgB,0BAAAC,GAAwB,gBAAAC,MAAoB,aACvG,OAAS,qBAAAC,OAAyB,uBAClC,OAAS,SAAAC,OAAa,UACtB,OAAS,oBAAAC,EAAkB,oBAAAC,OAAwB,YAQnD,OAAS,oBAAAC,MAAwB,eACjC,OAAS,gBAAAC,OAAoB,sBAC7B,OAAS,kBAAAC,MAA2C,oBACpD,OAAS,oBAAAC,GAAkB,mBAAAC,GAAiB,gBAAAC,OAAoB,cAChE,OAAS,gBAAAC,EAAc,oBAAAC,MAAwB,eAC/C,OAAS,SAAAC,MAAa,sBACtB,OAAS,mBAAAC,OAAuB,+BAChC,OAAS,6BAAAC,OAAiC,qBAC1C,OAAS,UAAAC,OAAc,YACvB,OAAS,0BAAAC,OAA8B,QAQhC,MAAMC,GAAmB,IAKnBC,EAAoB,IAKpBC,GAAoB,GAKpBC,GAAoB,IAKpBC,GAAoB,IAKpBC,GAAwB,IAKxBC,GAA2B,IAK3BC,GAAyB,GAYzBC,EAAN,MAAMA,UAAyB3C,EAAiB,CAqCrD,YAAY4C,EAAaC,EAAwB,CAC/C,MAAM,EACN,MAAMC,EAAWzC,EAAI,aAAawC,CAAY,EAAE,aAAa,EAC7D,GAAIC,EAAS,SAAWH,EAAiB,qBACvC,MAAM,IAAI,MAAM,2CAA2CA,EAAiB,oBAAoB,EAAE,EAEpG,KAAK,IAAMC,EACX,KAAK,aAAeE,CACtB,CASA,SAA6B,CAC3B,MAAMC,EAAa,IAAI3C,EACvB,OAAA2C,EAAW,sBAAsBvC,GAAoB,OAAO,EAC5DuC,EAAW,oBAAoB,KAAK,WAAW,CAAC,EACzC7B,GAAkB,mBAAmB,CAC1C,OAAQT,GAAc,UACtB,MAAOsC,EAAW,aAAa,CACjC,CAAC,CACH,CAcA,gBAAgBC,EAKJ,CACV,GAAI,CACF,OAAAC,EAAuC,CAAE,GAAGD,EAAM,UAAW,IAAK,CAAC,EAC5D,EACT,OAASE,EAAO,CACd,GAAIA,aAAiBtB,EACnB,MAAO,GAET,MAAMsB,CACR,CACF,CAYA,MAAM,qBAAqBF,EAKN,CACnB,OAAOG,GAAuB,CAC5B,GAAGH,EACH,UAAW,IACb,CAAC,CACH,CAeA,UAAUD,EAA8B,CACtCA,EAAW,aAAa,KAAK,GAAG,EAChCA,EAAW,eAAe,KAAK,YAAY,CAC7C,CAWA,OAAO,YAAYK,EAA8C,CAC/D,MAAMR,EAAMQ,EAAa,eAAe,EAClCC,EAAcD,EAAa,iBAAiB,EAClD,OAAO,IAAIT,EAAiBC,EAAKS,CAAW,CAC9C,CAaA,OAAO,KAAKD,EAA8C,CACxD,MAAMR,EAAMQ,EAAa,eAAe,EAClCC,EAAcD,EAAa,iBAAiB,EAClD,OAAO,IAAIT,EAAiBC,EAAKS,CAAW,CAC9C,CAUA,OAAO,YAAYC,EAAqD,CACtE,OAAOA,aAAqBX,CAC9B,CAcA,OAAO,OAAOK,EAMO,CACnB,OAAAO,EAAoBP,CAAI,EACjB,IAAIL,EAAiBK,EAAK,IAAKO,EAAoBP,CAAI,CAAC,CACjE,CAcA,OAAO,iBAAiBA,EAA4E,CAClG,KAAM,CAAE,IAAAQ,EAAK,OAAAC,EAAQ,OAAAC,EAAS,KAAM,EAAIV,EAClCW,EAAa7D,EAAkD0D,CAAG,EACxE,GAAI,OAAOG,EAAW,KAAQ,SAC5B,MAAM,IAAI,MAAM,mBAAmB,EAErC,GAAI,OAAOA,EAAW,KAAQ,SAC5B,MAAM,IAAI,MAAM,yCAAyC,EAE3D,MAAMC,EAASD,EAAWD,CAAM,EAChC,OAAOf,EAAiB,OAAO,CAAE,IAAKgB,EAAW,IAAK,OAAAD,EAAQ,OAAAE,EAAQ,IAAKD,EAAW,IAAK,OAAAF,CAAO,CAAC,CACrG,CAUA,OAAO,WAAWH,EAAsB,CACtC,MACE,QAASA,GACT,OAAOA,EAAU,KAAQ,UACzB,iBAAkBA,GAClBA,EAAU,wBAAwB,UAEtC,CACF,EAjPaX,EAMK,qBAA+B,GAN1C,IAAMkB,EAANlB,EAmPP,eAAsBQ,GAAuBH,EAQxB,CACnB,KAAM,CACJ,YAAAc,EACA,UAAAR,EACA,QAAAS,EACA,UAAAC,EACA,IAAAC,EACA,cAAAC,EAAgB,MAAMC,GAAiB,CAAE,YAAAL,CAAY,CAAC,EACtD,QAAAM,CACF,EAAIpB,EACJ,GAAI,CACF,GAAI,EAAEgB,aAAqBK,GACzB,MAAMzC,EAAa,cAAc,CAC/B,KAAMC,EAAiB,uBACvB,QAAS,yBACX,CAAC,EAEH,OAAAoB,EAAuC,CACrC,QAAAc,EACA,UAAAT,EACA,UAAAU,EACA,IAAKC,GAAY,MAAMK,GAAS,CAAE,YAAAR,EAAa,UAAAR,EAAW,IAAKU,EAAU,UAAU,CAAE,CAAC,EACtF,cAAAE,CACF,CAAC,EACM,EACT,OAAShB,EAAO,CACd,GAAIkB,GAAS,qBACX,MAAMlB,EAER,MAAO,EACT,CACF,CAaO,SAASD,EAAuCD,EAM9C,CACP,KAAM,CAAE,UAAAM,EAAW,QAAAS,EAAS,UAAAC,EAAW,cAAAE,EAAe,IAAAD,CAAI,EAAIjB,EACxD,CAAE,gBAAAuB,EAAiB,kBAAAC,EAAmB,qBAAAC,CAAqB,EAAIP,EACrE,GAAI,EAAEF,aAAqBK,GACzB,MAAMzC,EAAa,cAAc,CAC/B,KAAMC,EAAiB,uBACvB,QAAS,yBACX,CAAC,EAEH,GAAI,EAAEmC,EAAU,qBAAqB,qBAAqBU,GACxD,MAAM9C,EAAa,cAAc,CAC/B,KAAMC,EAAiB,uBACvB,QAAS,2CACX,CAAC,EAEH,MAAM8C,EAAQX,EAAU,qBAAqB,UAC7C,GAAI,EAAEW,EAAM,MAAM,iBAAiBC,GACjC,MAAMhD,EAAa,cAAc,CAC/B,KAAMC,EAAiB,uBACvB,QAAS,gDACX,CAAC,EAEH,MAAMgD,EAAeF,EAAM,MAAM,MACjC,GAAIX,EAAU,eAAiBrC,GAAa,EAC1C,MAAMC,EAAa,cAAc,CAC/B,KAAMC,EAAiB,kBACvB,QAAS,mCACX,CAAC,EAEH,GAAI8C,EAAM,eAAiBH,EACzB,MAAM5C,EAAa,cAAc,CAC/B,KAAMC,EAAiB,2BACzB,CAAC,EAEH,GAAI,CAACmC,EAAU,mBAAmB,gBAAgB,CAAE,QAAAD,EAAS,UAAWC,EAAU,kBAAmB,CAAC,EACpG,MAAMpC,EAAa,cAAc,CAC/B,KAAMC,EAAiB,uCACzB,CAAC,EAEH,MAAMiD,EAAmBC,GAAoB,CAAE,UAAAzB,EAAW,UAAAU,EAAW,IAAAC,EAAK,cAAAC,CAAc,CAAC,EACzF,GAAI,CAACK,EAAgB,YAAY,CAAE,iBAAAO,EAAkB,aAAAD,CAAa,CAAC,EACjE,MAAMjD,EAAa,cAAc,CAC/B,KAAMC,EAAiB,yBACzB,CAAC,EAEH,GAAI4C,EAAsB,CACxB,GAAI,CAACE,EAAM,wBACT,MAAM/C,EAAa,cAAc,CAC/B,KAAMC,EAAiB,iCACzB,CAAC,EAEH,MAAMmD,EAAoB,IAAIC,EAAyBJ,EAAcC,CAAgB,EACrF,GACE,CAACL,EAAqB,gBAAgB,CACpC,QAASO,EAAkB,KAAK,EAChC,UAAWL,EAAM,uBACnB,CAAC,EAED,MAAM/C,EAAa,cAAc,CAC/B,KAAMC,EAAiB,6CACzB,CAAC,CAEL,CACF,CAUA,SAASkD,GAAoB/B,EAKlB,CACT,KAAM,CAAE,UAAAM,EAAW,UAAAU,EAAW,IAAAC,EAAK,cAAAC,CAAc,EAAIlB,EAC/CkC,EAAwB5B,aAAqBO,EAAmBP,EAAYA,EAAU,iBAC5F,GAAI,EAAEU,EAAU,qBAAqB,qBAAqBU,GACxD,MAAM,IAAI,MAAM,qCAAqC,EAEvD,MAAMS,EAAQnB,EAAU,qBAAqB,UACvCoB,EAAS,CAAC,EAChB,OAAAA,EAAO,KACL,GAAGpE,GAAuBgD,EAAU,mBAAmB,aAAa,EAAGE,EAAc,mBAAmB,CAC1G,EACAkB,EAAO,KAAKtE,EAAgBoE,EAAsB,YAAY,CAAC,EAC/DE,EAAO,KAAKpB,EAAU,cAAc,EACpCoB,EAAO,KAAKD,EAAM,cAAc,EAChCC,EAAO,KAAKrE,EAAemE,EAAsB,IAAKhB,EAAc,cAAc,CAAC,EAC9EiB,EAAM,YAITC,EAAO,KAAK,EAAE,EACdA,EAAO,KAAKrE,EAAeoE,EAAM,WAAYjB,EAAc,kBAAkB,CAAC,IAJ9EkB,EAAO,KAAK,EAAE,EACdA,EAAO,KAAKrE,EAAe,IAAKmD,EAAc,kBAAkB,CAAC,GAKnEkB,EAAO,KAAKrE,EAAekB,GAAO+B,EAAU,UAAW,EAAI,EAAI,IAAKE,EAAc,oBAAoB,CAAC,EACvGkB,EAAO,KAAKnB,EAAI,SAAS,CAAC,EACrBkB,EAAM,gBAITC,EAAO,KAAKrE,EAAeoE,EAAM,eAAgB/C,CAAiB,CAAC,EACnEgD,EAAO,KAAK,EAAE,IAJdA,EAAO,KAAKrE,EAAe,GAAIqB,CAAiB,CAAC,EACjDgD,EAAO,KAAK,EAAE,GAKTnE,EAAamE,CAAM,CAC5B,CAUA,eAAsBd,GAAStB,EAIV,CACnB,KAAM,CAAE,YAAAc,EAAa,UAAAR,EAAW,IAAA+B,CAAI,EAAIrC,EAClCsC,EAAgBhC,aAAqBO,EAAmBP,EAAYA,EAAU,iBAC9E,CAAE,IAAAV,CAAI,EAAI0C,EAEhB,IAAIC,EACJ,MAAMC,EAAUlC,aAAqBtB,GAA4BsB,EAAU,WAAa,OACxF,GAAI,CACFiC,EAAU,MAAME,GAAe,CAAE,YAAA3B,EAAa,QAAA0B,CAAQ,CAAC,CACzD,OAAStC,EAAO,CACd,MAAMtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,4BACvB,MAAAqB,EACA,QAAS,mBAAmBsC,EAAU,YAAc,SAAS,QAAQA,EAAU,eAAeA,CAAO,GAAK,KAAK,EACjH,CAAC,CACH,CAGA,MAAME,EAAgBH,EAAQ,IAAI3C,CAAG,EAErC,GAAI8C,IAAkB,OACpB,MAAM9D,EAAa,cAAc,CAC/B,KAAMC,EAAiB,+BACvB,QAAS,mBAAmBe,CAAG,aACjC,CAAC,EAIH,MAAMqB,EAAMyB,EAAc,KAAMC,GAAQA,EAAI,MAAQN,CAAG,EAEvD,GAAIpB,IAAQ,OACV,MAAMrC,EAAa,cAAc,CAC/B,KAAMC,EAAiB,0BACvB,QAAS,iBAAiBwD,CAAG,iBAAiBzC,CAAG,cACnD,CAAC,EAGH,OAAOqB,CACT,CAEA,SAASV,EAAoBP,EAAqF,CAChH,KAAM,CAAE,OAAAU,EAAQ,OAAAE,EAAQ,IAAAgC,EAAK,OAAAnC,CAAO,EAAIT,EAElCoC,EAAS,CACbtE,EAAgBT,EAAI,aAAaoD,CAAM,EAAE,aAAa,CAAC,EACvD1C,EAAe6E,EAAKxD,CAAiB,EACrCrB,EAAe6C,EAAQtB,EAAiB,EACxCvB,EAAe2C,EAAQrB,EAAiB,CAC1C,EAEA,OAAOxB,EAAgBI,EAAamE,CAAM,EAAGvB,EAAiB,oBAAoB,CACpF,CAOO,MAAMQ,UAAyBpE,CAAU,CAoC9C,YAAY+C,EAMT,CACD,MAAM,EACN,KAAM,CAAE,UAAA6C,EAAW,qBAAAC,EAAsB,eAAAC,EAAgB,mBAAAC,EAAoB,mBAAAC,CAAmB,EAAIjD,EACpG,KAAK,UAAY6C,EACjB,KAAK,qBAAuBC,EAC5B,KAAK,eAAiBC,EACtB,KAAK,mBAAqBC,EAC1B,KAAK,mBAAqBC,CAC5B,CAOA,WAAoB,CAClB,OAAOC,GAAe,KAAK,SAAS,EAAE,GACxC,CAEA,UAAUnD,EAA8B,CACtC,KAAK,qBAAqB,UAAUA,CAAU,EAC9CA,EAAW,aAAa,KAAK,SAAS,EACtCA,EAAW,aAAa,KAAK,cAAc,EAC3C,KAAK,mBAAmB,UAAUA,CAAU,EAC5C,KAAK,mBAAmB,UAAUA,CAAU,CAC9C,CAEA,OAAO,YAAYK,EAA8C,CAC/D,MAAM0C,EAAuBK,EAAqB,YAAY/C,CAAY,EACpEyC,EAAYzC,EAAa,eAAe,EACxC2C,EAAiB3C,EAAa,eAAe,EAC7C4C,EAAqBrF,EAAmB,YAAYyC,CAAY,EAChE6C,EAAqBrF,EAAmB,YAAYwC,CAAY,EACtE,OAAO,IAAIiB,EAAiB,CAC1B,UAAAwB,EACA,eAAgB,OAAOE,CAAc,EACrC,qBAAAD,EACA,mBAAAE,EACA,mBAAAC,CACF,CAAC,CACH,CAEA,OAAO,wBAA2C,CAChD,OAAO,IAAI5B,EAAiB,CAC1B,UAAW,KACX,qBAAsB,IAAI8B,EACxB,IAAIzB,EAAiB,CACnB,MAAO,IAAI0B,EACT,IAAIxB,EAAW,CAAE,EAAG,IAAI,WAAW,EAAE,EAAG,EAAG,IAAI,WAAW,EAAE,EAAG,EAAG,IAAI,WAAW,EAAE,CAAE,CAAC,EACtFlE,EAAW,OACb,EACA,eAAgB,CAClB,CAAC,EACDH,EAA4B,OAC9B,EACA,eAAgB,EAChB,mBAAoB,IAAII,EAAmB,IAAIS,EAAiB,IAAI,WAAW,EAAE,CAAC,CAAC,EACnF,mBAAoB,IAAIR,EAAmB,IAAIS,GAAiB,IAAI,WAAW,EAAE,CAAC,CAAC,CACrF,CAAC,CACH,CAEA,OAAO,YAAY2C,EAAqD,CACtE,OAAOA,aAAqBK,CAC9B,CACF,CAUO,MAAM8B,UAA6BlG,CAAU,CAUlD,YAAY+D,EAAsBqC,EAAsC,CACtE,MAAM,EACN,KAAK,UAAYrC,EACjB,KAAK,QAAUqC,CACjB,CASA,cAA2B,CACzB,OAAO,KAAK,UAAU,aAAa,CACrC,CAEA,UAAUtD,EAA8B,CACtCA,EAAW,sBAAsB,KAAK,OAAO,EAC7C,KAAK,UAAU,UAAUA,CAAU,CACrC,CAEA,OAAO,YAAYK,EAAkD,CACnE,MAAMiD,EAAUjD,EAAa,wBAAwB,EACrD,OAAQiD,EAAS,CACf,KAAK9F,EAA4B,QAC/B,OAAO,IAAI4F,EAAqBzB,EAAiB,YAAYtB,CAAY,EAAGiD,CAAO,EACrF,QACE,MAAM,IAAI,MAAM,mDAAmDA,CAAO,EAAE,CAChF,CACF,CACF,CAUA,MAAMC,EAAN,MAAMA,UAAgBnG,CAAa,CAKjC,YAAYoG,EAAgB,CAG1B,GAFA,MAAM,EACN,KAAK,KAAOlG,EAAI,aAAakG,CAAI,EAAE,aAAa,EAC5C,KAAK,KAAK,SAAW,GACvB,MAAM,IAAI,MAAM,4BAA4B,CAEhD,CAEA,UAAUxD,EAA8B,CACtCA,EAAW,oBAAoB,KAAK,IAAI,CAC1C,CAEA,OAAO,YAAYK,EAAqC,CACtD,MAAMoD,EAAQpD,EAAa,sBAAsB,EAAE,EACnD,OAAO,IAAIkD,EAAQE,CAAK,CAC1B,CAGA,SAAoB,CAClB,MAAMC,EAAQ,KAAK,kBAAkB,EACrC,MAAO,CAACA,EAAM,EAAE,SAAS,EAAGA,EAAM,EAAE,SAAS,EAAGA,EAAM,GAAG,SAAS,CAAC,CACrE,CAMA,mBAA2C,CACzC,MAAMD,EAAQ,IAAI,WAAW,KAAK,IAAI,EAEtCA,EAAM,QAAQ,EAEd,MAAME,GAASF,EAAM,CAAC,EAAI,MAAS,EAC7B,CAAE,GAAAG,CAAG,EAAI7E,EAAM,OACf8E,EAAID,EAAG,OAAOE,EAAiBL,CAAK,CAAC,EACrCM,EAAIH,EAAG,KAAKA,EAAG,IAAIA,EAAG,IAAIC,EAAG,EAAE,EAAGN,EAAQ,CAAC,CAAC,EAC5CS,EAAOJ,EAAG,IAAIG,CAAC,EACfE,EAASF,EAAIC,IAAUL,IAAU,GAAKI,EAAIC,EAChD,OAAOjF,EAAM,GAAG,gBAAgB,WAAW,CACzC,EAAG8E,EACH,EAAGI,CACL,CAAC,CACH,CACF,EAhDMV,EACoB,EAAIxE,EAAM,OAAO,GAAG,OAAO,EAAE,EADvD,IAAMmF,EAANX,EAkDA,SAASO,EAAiBL,EAA2B,CACnD,GAAIA,EAAM,SAAW,GACnB,MAAM,IAAI,MAAM,0BAA0B,EAG5C,MAAMU,EAAS,IAAI,WAAWV,CAAK,EACnC,OAAAU,EAAO,CAAC,EAAIA,EAAO,CAAC,EAAI,GACjBnF,GAAgBmF,CAAM,CAC/B,CAUA,MAAMC,EAAN,MAAMA,UAAgBhH,CAAa,CAWjC,YAAYoG,EAAgB,CAG1B,GAFA,MAAM,EACN,KAAK,KAAOlG,EAAI,aAAakG,CAAI,EAAE,aAAa,EAC5C,KAAK,KAAK,SAAW,GACvB,MAAM,IAAI,MAAM,4BAA4B,CAEhD,CAEA,UAAUxD,EAA8B,CACtCA,EAAW,oBAAoB,KAAK,IAAI,CAC1C,CAEA,OAAO,YAAYK,EAAqC,CACtD,MAAMoD,EAAQpD,EAAa,sBAAsB,EAAE,EACnD,OAAO,IAAI+D,EAAQX,CAAK,CAC1B,CAGA,SAA8B,CAC5B,MAAMC,EAAQ,KAAK,kBAAkB,EACrC,MAAO,CACL,CACEA,EAAM,EAAE,GAAG,SAAS,EACpBA,EAAM,EAAE,GAAG,SAAS,CACtB,EACA,CACEA,EAAM,EAAE,GAAG,SAAS,EACpBA,EAAM,EAAE,GAAG,SAAS,CACtB,EACA,CACEA,EAAM,GAAG,GAAG,SAAS,EACrBA,EAAM,GAAG,GAAG,SAAS,CACvB,CACF,CACF,CAEA,mBAAwC,CACtC,MAAMD,EAAQ,IAAI,WAAW,KAAK,IAAI,EAEhCY,EAAKZ,EAAM,MAAM,EAAG,EAAE,EAAE,QAAQ,EAChCa,EAAKb,EAAM,MAAM,GAAI,EAAE,EAAE,QAAQ,EAEjCE,GAASW,EAAG,CAAC,EAAI,MAAS,EAC1B,CAAE,IAAAC,CAAI,EAAIxF,EAAM,OAChB8E,EAAIU,EAAI,aAAa,CAACT,EAAiBO,CAAE,EAAGP,EAAiBQ,CAAE,CAAC,CAAC,EACjEP,EAAIQ,EAAI,KAAKA,EAAI,IAAIA,EAAI,IAAIV,EAAG,EAAE,EAAGO,EAAQ,CAAC,CAAC,EAC/CJ,EAAOO,EAAI,IAAIR,CAAC,EAEhBE,GADqBF,EAAE,GAAKC,EAAK,IAAOD,EAAE,KAAOC,EAAK,IAAMD,EAAE,GAAKC,EAAK,OACvCL,IAAU,GAAKI,EAAIC,EAC1D,OAAOjF,EAAM,GAAG,gBAAgB,WAAW,CACzC,EAAG8E,EACHI,CACF,CAAC,CACH,CACF,EAjEMG,EAIoB,EAAIrF,EAAM,OAAO,IAAI,aAAa,CACxD,+EACA,4EACF,CAAC,EAPH,IAAMyF,EAANJ,EA2EO,MAAMvC,UAAmBzD,EAAM,CAsBpC,YAAY6B,EAAiD,CAC3D,MAAM,EACN,KAAM,CAAE,EAAAwE,EAAG,EAAAC,EAAG,EAAAC,CAAE,EAAI1E,EACpB,KAAK,EAAI,IAAIiE,EAAQO,CAAC,EACtB,KAAK,EAAI,IAAID,EAAQE,CAAC,EACtB,KAAK,EAAI,IAAIR,EAAQS,CAAC,CACxB,CAEA,UAAU3E,EAA8B,CACtC,KAAK,EAAE,UAAUA,CAAU,EAC3B,KAAK,EAAE,UAAUA,CAAU,EAC3B,KAAK,EAAE,UAAUA,CAAU,CAC7B,CAEA,OAAO,YAAYK,EAAwC,CACzD,MAAMoE,EAAIP,EAAQ,YAAY7D,CAAY,EAAE,WAAW,EACjDqE,EAAIF,EAAQ,YAAYnE,CAAY,EAAE,WAAW,EACjDsE,EAAIT,EAAQ,YAAY7D,CAAY,EAAE,WAAW,EACvD,OAAO,IAAIwB,EAAW,CAAE,EAAA4C,EAAG,EAAAC,EAAG,EAAAC,CAAE,CAAC,CACnC,CAEA,eAAgB,CACd,MAAO,CACL,SAAU,UACV,MAAO,QACP,KAAM,KAAK,EAAE,QAAQ,EACrB,KAAM,KAAK,EAAE,QAAQ,EACrB,KAAM,KAAK,EAAE,QAAQ,CACvB,CACF,CACF,CAUO,MAAMzC,UAAiC9E,CAAa,CAsBzD,YAAYgF,EAAmBL,EAAqC,CAClE,MAAM,EAHR,KAAS,gBAAkB,kCAIzB,QAAK,MAAQK,EACb,KAAK,iBACH,OAAOL,GAAqB,SACxBjE,EAAgBiE,EAAkB,EAAE,EACpCzE,EAAI,aAAayE,CAAgB,EAAE,aAAa,EAClD,KAAK,iBAAiB,SAAW,GACnC,MAAM,IAAI,MAAM,4BAA4B,CAEhD,CAEA,UAAU/B,EAA8B,CACtC,KAAK,MAAM,UAAUA,CAAU,EAC/BA,EAAW,oBAAoB,KAAK,gBAAgB,CACtD,CAEA,OAAO,YAAYK,EAAsD,CACvE,OAAO,IAAI6B,EAAyBL,EAAW,YAAYxB,CAAY,EAAGA,EAAa,sBAAsB,EAAE,CAAC,CAClH,CAEA,MAAmB,CACjB,OAAOlB,GAAuB,KAAK,WAAW,EAAG,KAAK,eAAe,CACvE,CACF,CASO,MAAMkE,UAAgBjG,CAAa,CAUxC,YAAYgF,EAAckB,EAAqB,CAC7C,MAAM,EACN,KAAK,MAAQlB,EACb,KAAK,QAAUkB,CACjB,CAEA,UAAUtD,EAA8B,CACtCA,EAAW,sBAAsB,KAAK,OAAO,EAC7C,KAAK,MAAM,UAAUA,CAAU,CACjC,CAEA,OAAO,YAAYK,EAAqC,CACtD,MAAMiD,EAAUjD,EAAa,wBAAwB,EACrD,OAAQiD,EAAS,CACf,KAAK3F,EAAW,QACd,OAAO,IAAI0F,EAAQxB,EAAW,YAAYxB,CAAY,EAAGiD,CAAO,EAClE,QACE,MAAM,IAAI,MAAM,sCAAsCA,CAAO,EAAE,CACnE,CACF,CACF,CASO,MAAM3B,UAAyBzE,CAAU,CAqC9C,YAAY+C,EAMT,CACD,MAAM,EACN,KAAM,CAAE,MAAAmC,EAAO,eAAAwC,EAAgB,wBAAAC,EAAyB,WAAAC,EAAY,eAAAC,CAAe,EAAI9E,EACvF,KAAK,MAAQmC,EACb,KAAK,eAAiBwC,EACtB,KAAK,wBAA0BC,EAC/B,KAAK,WAAaC,EAClB,KAAK,eAAiBC,CACxB,CAUA,OAAO,UAAUtB,EAAqC,CACpD,OAAO9B,EAAiB,YAAY,IAAIxE,EAAasG,CAAK,CAAC,CAC7D,CAEA,UAAUzD,EAA8B,CACtC,KAAK,MAAM,UAAUA,CAAU,EAC/BA,EAAW,aAAa,KAAK,cAAc,EAC3CA,EAAW,gBAAgB,KAAK,UAAU,EAC1CA,EAAW,gBAAgB,KAAK,cAAc,EAC9CA,EAAW,gBAAgB,KAAK,uBAAuB,CACzD,CAEA,OAAO,YAAYK,EAA8C,CAC/D,MAAM+B,EAAQiB,EAAQ,YAAYhD,CAAY,EACxCuE,EAAiB,OAAOvE,EAAa,eAAe,CAAC,EACrDyE,EAAazE,EAAa,kBAAkB,QAAQ,EACpD0E,EAAiB1E,EAAa,kBAAkB,QAAQ,EACxDwE,EAA0BxE,EAAa,kBAAkBxC,CAAkB,EACjF,OAAO,IAAI8D,EAAiB,CAAE,MAAAS,EAAO,eAAAwC,EAAgB,wBAAAC,EAAyB,WAAAC,EAAY,eAAAC,CAAe,CAAC,CAC5G,CACF,CAWO,MAAMC,CAAqB,CAkDhC,YAAY/E,EAQT,CACD,KAAM,CACJ,gBAAAuB,EACA,qBAAAE,EACA,kBAAAD,EAAoBrC,GACpB,mBAAA6F,EAAqBxF,GACrB,qBAAAyF,EAAuBxF,GACvB,eAAAyF,EAAiB3F,GACjB,oBAAA4F,EAAsBzF,EACxB,EAAIM,EAEJ,KAAK,gBAAkBuB,EACvB,KAAK,kBAAoBC,EACrBC,IACF,KAAK,qBAAuB,IAAI9D,EAAmB,IAAIS,EAAiBqD,CAAoB,CAAC,GAE/F,KAAK,mBAAqBuD,EAC1B,KAAK,qBAAuBC,EAC5B,KAAK,eAAiBC,EACtB,KAAK,oBAAsBC,CAC7B,CAQA,OAAO,OAAOC,EAAqCC,EAA4D,CAC7G,OAAO,IAAIN,EAAqB,CAC9B,gBAAiB,IAAIO,EAAuB,CAC1C,QAASF,EAAI,SACb,OAAQA,EAAI,QACZ,QAASA,EAAI,SACb,WAAYA,EAAI,aAChB,QAASA,EAAI,QACf,CAAC,EACD,kBAAmB,OAAOC,EAAO,oBAAoB,EACrD,qBAAsBA,EAAO,uBAAuB,IAAI,CAAC,EACzD,mBAAoBA,EAAO,sBAC3B,qBAAsBA,EAAO,yBAC7B,eAAgBA,EAAO,kBACvB,oBAAqBA,EAAO,sBAC9B,CAAC,CACH,CACF,CAOO,MAAMC,CAAuB,CAsClC,YAAYtF,EAMT,CACD,KAAM,CAAE,QAAAuF,EAAS,OAAAC,EAAQ,QAAAC,EAAS,WAAAC,EAAY,QAAAC,CAAQ,EAAI3F,EAC1D,KAAK,QAAU,IAAIiE,EAAQsB,CAAO,EAClC,KAAK,OAAS,IAAIhB,EAAQiB,CAAM,EAChC,KAAK,QAAU,IAAIjB,EAAQkB,CAAO,EAClC,KAAK,WAAa,CAAC,IAAIxB,EAAQyB,EAAW,CAAC,CAAC,EAAG,IAAIzB,EAAQyB,EAAW,CAAC,CAAC,CAAC,EACzE,KAAK,QAAU,IAAInB,EAAQoB,CAAO,CACpC,CAQO,MAAmB,CACxB,MAAM5F,EAAa,IAAI3C,EACvB,YAAK,UAAU2C,CAAU,EAClBhD,GAAS,OAAO,EAAE,OAAOgD,EAAW,aAAa,CAAC,EAAE,OAAO,CACpE,CAEA,UAAUA,EAA8B,CACtC,KAAK,QAAQ,UAAUA,CAAU,EACjC,KAAK,OAAO,UAAUA,CAAU,EAChC,KAAK,QAAQ,UAAUA,CAAU,EACjC,KAAK,WAAW,CAAC,EAAE,UAAUA,CAAU,EACvC,KAAK,WAAW,CAAC,EAAE,UAAUA,CAAU,EACvC,KAAK,QAAQ,UAAUA,CAAU,CACnC,CAeA,OAAO,mCAAmCqF,EAA6D,CACrG,OAAO,IAAIE,EAAuB,CAChC,QAASF,EAAI,SACb,OAAQA,EAAI,QACZ,QAASA,EAAI,SACb,WAAYA,EAAI,aAChB,QAASA,EAAI,QACf,CAAC,CACH,CASA,YAAYpF,EAAuE,CACjF,KAAM,CAAE,iBAAA8B,EAAkB,aAAAD,CAAa,EAAI7B,EAE3C,GAAI,CAEF,MAAM4F,EAAS/D,EAAa,EAAE,kBAAkB,EAC1CgE,EAAShE,EAAa,EAAE,kBAAkB,EAC1CiE,EAASjE,EAAa,EAAE,kBAAkB,EAG1CkE,EAAW,KAAK,QAAQ,kBAAkB,EAC1CC,EAAU,KAAK,OAAO,kBAAkB,EACxCC,EAAW,KAAK,QAAQ,kBAAkB,EAC1CC,EAAW,KAAK,QAAQ,kBAAkB,EAC1CC,EAAO,KAAK,WAAW,IAAKC,IAAOA,GAAG,kBAAkB,CAAC,EAEzD,CAAE,KAAAC,CAAK,EAAIvH,EAAM,OAQvB,IAAIwH,EAAQH,EAAK,CAAC,EAAE,IAAIA,EAAK,CAAC,EAAE,SAASrE,CAAgB,CAAC,EAE1D,MAAMyE,EAAoBzH,EAAM,QAAQwH,EAAOL,CAAQ,EAEjDO,GAAY1H,EAAM,QAAQ8G,EAAQC,CAAM,EAExCY,GAAmB3H,EAAM,QAAQiH,EAAUC,CAAO,EAElDU,GAAgB5H,EAAM,QAAQgH,EAAQI,CAAQ,EAE9CS,GAAUN,EAAK,IAAII,GAAkBJ,EAAK,IAAIE,EAAmBG,EAAa,CAAC,EAErF,OAAOL,EAAK,IAAIG,GAAWG,EAAO,CACpC,OAASzG,EAAO,CACd,MAAMtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,0BACvB,MAAAqB,EACA,QAAS,yDACX,CAAC,CACH,CACF,CASA,eAAgB,CACd,MAAO,CACL,SAAU,UACV,MAAO,QACP,QAAS,EACT,WAAY,KAAK,QAAQ,QAAQ,EACjC,UAAW,KAAK,OAAO,QAAQ,EAC/B,WAAY,KAAK,QAAQ,QAAQ,EACjC,WAAY,KAAK,QAAQ,QAAQ,EACjC,GAAI,KAAK,WAAW,IAAKkG,GAAOA,EAAG,QAAQ,CAAC,CAC9C,CACF,CACF,CAcA,eAAsBjF,GAAiBnB,EAGL,CAChC,KAAM,CAAE,YAAAc,CAAY,EAAId,EACxB,GAAI,CACF,OAAO,MAAMzB,GACX,SAAY,CACV,KAAM,CAAC8G,EAAQuB,CAAE,EAAI,MAAM,QAAQ,IAAI,CACrCC,GAAgC7G,CAAI,EACpC8G,GAAkC9G,CAAI,CACxC,CAAC,EACD,OAAO+E,EAAqB,OAAO6B,EAAIvB,CAAM,CAC/C,EACA,yBAAyBvE,EAAY,OAAO,GAC5C,IAAO,GAAK,CACd,EAAE,CACJ,OAASZ,EAAO,CACd,MAAIA,aAAiBtB,EACbsB,EAEFtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,gBACvB,MAAAqB,CACF,CAAC,CACH,CACF,CAUO,SAAS6G,GAAmB/G,EAIjC,CACA,KAAM,CAAE,IAAAQ,EAAK,OAAAE,EAAS,KAAM,EAAIV,EAChC,IAAIW,EACJ,GAAI,CACFA,EAAa7D,EAAkD0D,CAAG,CACpE,OAASN,EAAO,CACd,MAAMtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,kBACvB,QAAS,yBAAyBH,GAAgBwB,CAAK,CAAC,EAC1D,CAAC,CACH,CACA,GAAI,OAAOS,EAAW,KAAQ,SAC5B,MAAM/B,EAAa,cAAc,CAC/B,KAAMC,EAAiB,kBACvB,QAAS,gEACX,CAAC,EAEH,GAAI,OAAO8B,EAAW,KAAQ,SAC5B,MAAM/B,EAAa,cAAc,CAC/B,KAAMC,EAAiB,kBACvB,QAAS,qEACX,CAAC,EAEH,MAAM+B,EAASD,EAAWD,CAAM,EAChC,MAAO,CAAE,IAAKC,EAAW,IAAK,IAAKA,EAAW,IAAK,OAAAC,CAAO,CAC5D,CAaA,eAAeiG,GAAgC7G,EAGL,CACxC,KAAM,CAAE,YAAAc,EAAa,QAAAM,CAAQ,EAAIpB,EAC3BgH,EAAe,sCACrB,GAAI,CACF,KAAM,CAAE,KAAAzD,CAAK,EAAI,MAAMjF,EAAiE,CACtF,YAAAwC,EACA,aAAc,kCACd,KAAM,YAAYtC,EAAe,KAAK,KAAK,EAAE,SAAS,CAAC,aAAawI,CAAY,GAChF,OAAQ,CAAE,eAAgB5F,GAAS,aAAc,CACnD,CAAC,EACD,OAAOmC,EAAK,IACd,OAASrD,EAAO,CACd,MAAMtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,8BACvB,MAAAqB,CACF,CAAC,CACH,CACF,CAaA,eAAe4G,GAAkC9G,EAGL,CAC1C,KAAM,CAAE,YAAAc,EAAa,QAAAM,CAAQ,EAAIpB,EAC3BgH,EAAe,+CACrB,GAAI,CACF,KAAM,CAAE,KAAAzD,CAAK,EAAI,MAAMjF,EAAmE,CACxF,YAAAwC,EACA,aAAc,oCACd,KAAM,YAAYtC,EAAe,KAAK,KAAK,EAAE,SAAS,CAAC,aAAawI,CAAY,GAChF,OAAQ,CAAE,eAAgB5F,GAAS,aAAc,CACnD,CAAC,EACD,OAAOmC,EAAK,IACd,OAASrD,EAAO,CACd,MAAMtB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,wCACvB,MAAAqB,CACF,CAAC,CACH,CACF,CAEA,eAAsBuC,GAAezC,EAID,CAClC,KAAM,CAAE,YAAAc,EAAa,QAAA0B,EAAS,QAAApB,CAAQ,EAAIpB,EAC1C,IAAIiH,EACJ,GAAKzE,EASE,CACL,MAAMwE,EAAe,2BACf,CAAE,KAAAzD,CAAK,EAAI,MAAMjF,EAAwD,CAC7E,YAAAwC,EACA,aAAc,iBACd,KAAM,YAAYtC,EAAe,KAAKgE,CAAO,EAAE,SAAS,CAAC,aAAawE,CAAY,GAClF,OAAQ,CAAE,eAAgB5F,GAAS,aAAc,CACnD,CAAC,EACD6F,EAAW1D,CACb,KAlBc,CACZ,MAAMyD,EAAe,yBACf,CAAE,KAAAzD,CAAK,EAAI,MAAMjF,EAAwD,CAC7E,YAAAwC,EACA,aAAc,iBACd,KAAM,yBAAyBkG,CAAY,GAC3C,OAAQ,CAAE,eAAgB5F,GAAS,aAAc,CACnD,CAAC,EACD6F,EAAW1D,CACb,CAYA,MAAM2D,EAAS,IAAI,IACnB,UAAWC,KAASF,EAAS,KAAK,KAAK,QAAS,CAC9C,MAAMG,EAAkB,CAAC,EACzB,UAAWC,KAAaF,EAAM,KAAM,CAClC,KAAM,CAAE,KAAMG,CAAQ,EAAID,EAAU,QAC9BjH,EAAe,IAAIlD,EAAaG,EAAI,aAAaiK,CAAO,EAAE,aAAa,CAAC,EACxErG,EAAMsG,EAAQ,YAAYnH,CAAY,EAC5CgH,EAAK,KAAKnG,CAAG,CACf,CACAiG,EAAO,IAAI5J,GAAiB6J,EAAM,MAAM,EAAGC,CAAI,CACjD,CAEA,OAAOF,CACT,CAEO,MAAMK,UAAgBpK,CAAa,CAWxC,YAAY6C,EAAuE,CACjF,MAAM,EACN,KAAM,CAAE,IAAAqC,EAAK,IAAAmF,EAAK,IAAAC,EAAK,EAAAC,EAAG,EAAAC,CAAE,EAAI3H,EAChC,KAAK,IAAMqC,EACX,KAAK,IAAMmF,EACX,KAAK,IAAMC,EACX,KAAK,EAAIC,EACT,KAAK,EAAIC,CACX,CAEA,UAAU5H,EAA8B,CACtCA,EAAW,aAAa,KAAK,GAAG,EAChCA,EAAW,aAAa,KAAK,GAAG,EAChCA,EAAW,aAAa,KAAK,GAAG,EAChCA,EAAW,aAAa,KAAK,CAAC,EAC9BA,EAAW,aAAa,KAAK,CAAC,CAChC,CAEA,OAAO,eAAe6H,EAAgC,CACpD,KAAM,CAAE,KAAArE,CAAK,EAAIqE,EAAO,QAClBxH,EAAe,IAAIlD,EAAaG,EAAI,aAAakG,CAAI,EAAE,aAAa,CAAC,EAC3E,OAAOgE,EAAQ,YAAYnH,CAAY,CACzC,CAEA,UAAmB,CACjB,GAAI,KAAK,MAAQ,QACf,MAAMxB,EAAa,cAAc,CAC/B,KAAMC,EAAiB,0BACvB,QACE,8GACJ,CAAC,EAEH,MAAMgJ,EAAapJ,GAAiB,KAAK,CAAC,EAEpCqJ,EADSC,GAAiBF,EAAW,QAAQ,CAAC,EAC7B,IAAKG,GAAUlK,EAAgBkK,CAAK,CAAC,EAC5D,OAAAF,EAAQ,KAAK,IAAI,EACV7J,EAAa6J,CAAO,CAC7B,CAEA,OAAO,YAAY1H,EAAqC,CACtD,MAAMiC,EAAMjC,EAAa,eAAe,EAClCoH,EAAMpH,EAAa,eAAe,EAClCqH,EAAMrH,EAAa,eAAe,EAClCsH,EAAItH,EAAa,eAAe,EAChCuH,EAAIvH,EAAa,eAAe,EACtC,OAAO,IAAImH,EAAQ,CAAE,IAAAlF,EAAK,IAAAmF,EAAK,IAAAC,EAAK,EAAAE,EAAG,EAAAD,CAAE,CAAC,CAC5C,CACF,CAEA,SAASK,GAAiBxE,EAAgC,CACxD,MAAM0E,EAAuB,CAAC,EAC9B,QAASC,EAAI,EAAGA,EAAI3E,EAAK,OAAQ2E,GAAK,GAAI,CACxC,MAAMF,EAAQzE,EAAK,MAAM2E,EAAG,KAAK,IAAIA,EAAI,GAAI3E,EAAK,MAAM,CAAC,EAEzD,GAAIyE,EAAM,OAAS,GAAI,CACrB,MAAMG,EAAc,IAAI,WAAW,EAAE,EACrCA,EAAY,IAAIH,CAAK,EACrBC,EAAO,KAAKE,CAAW,CACzB,MACEF,EAAO,KAAKD,CAAK,CAErB,CACA,OAAOC,CACT,CAUO,SAAS/E,GAAeL,EAA8B,CAC3D,GAAI,CACF,MAAMuF,EAAS,KAAK,MAAMvF,CAAS,EACnC,GAAIuF,EAAO,MAAQ,OACjB,MAAM,IAAI,MAAM,wBAAwB,EAE1C,OAAOA,CACT,MAAgB,CACd,MAAM,IAAI,MAAM,6BAA6B,CAC/C,CACF","names":["jwtDecode","sha3_256","AccountPublicKey","Signature","Deserializer","Serializable","Serializer","Hex","hexToAsciiString","EphemeralCertificateVariant","AnyPublicKeyVariant","SigningScheme","ZkpVariant","EphemeralPublicKey","EphemeralSignature","bigIntToBytesLE","bytesToBigIntLE","hashStrToField","padAndPackBytesWithLen","poseidonHash","AuthenticationKey","Proof","Ed25519PublicKey","Ed25519Signature","getAptosFullNode","memoizeAsync","AccountAddress","base64UrlToBytes","getErrorMessage","nowInSeconds","KeylessError","KeylessErrorType","bn254","bytesToNumberBE","FederatedKeylessPublicKey","encode","generateSigningMessage","EPK_HORIZON_SECS","MAX_AUD_VAL_BYTES","MAX_UID_KEY_BYTES","MAX_UID_VAL_BYTES","MAX_ISS_VAL_BYTES","MAX_EXTRA_FIELD_BYTES","MAX_JWT_HEADER_B64_BYTES","MAX_COMMITED_EPK_BYTES","_KeylessPublicKey","iss","idCommitment","idcBytes","serializer","args","verifyKeylessSignatureWithJwkAndConfig","error","verifyKeylessSignature","deserializer","addressSeed","publicKey","computeIdCommitment","jwt","pepper","uidKey","jwtPayload","uidVal","KeylessPublicKey","aptosConfig","message","signature","jwk","keylessConfig","getKeylessConfig","options","KeylessSignature","fetchJWK","verificationKey","maxExpHorizonSecs","trainingWheelsPubkey","ZeroKnowledgeSig","zkSig","Groth16Zkp","groth16Proof","publicInputsHash","getPublicInputsHash","proofAndStatement","Groth16ProofAndStatement","innerKeylessPublicKey","proof","fields","kid","keylessPubKey","allJWKs","jwkAddr","getKeylessJWKs","jwksForIssuer","key","aud","jwtHeader","ephemeralCertificate","expiryDateSecs","ephemeralPublicKey","ephemeralSignature","parseJwtHeader","EphemeralCertificate","ZkProof","variant","_G1Bytes","data","bytes","point","yFlag","Fp","x","bytesToBn254FpBE","y","negY","yToUse","G1Bytes","result","_G2Bytes","x0","x1","Fp2","G2Bytes","a","b","c","expHorizonSecs","trainingWheelsSignature","extraField","overrideAudVal","KeylessConfiguration","maxExtraFieldBytes","maxJwtHeaderB64Bytes","maxIssValBytes","maxCommitedEpkBytes","res","config","Groth16VerificationKey","alphaG1","betaG2","deltaG2","gammaAbcG1","gammaG2","proofA","proofB","proofC","vkAlpha1","vkBeta2","vkGamma2","vkDelta2","vkIC","g1","Fp12","accum","pairingAccumGamma","pairingAB","pairingAlphaBeta","pairingCDelta","product","vk","getKeylessConfigurationResource","getGroth16VerificationKeyResource","getIssAudAndUidVal","resourceType","resource","jwkMap","entry","jwks","jwkStruct","jwkData","MoveJWK","kty","alg","e","n","struct","uint8Array","scalars","chunkInto24Bytes","chunk","chunks","i","paddedChunk","header"]}

package/dist/esm/core/crypto/multiEd25519.mjs

@@ -1,2 +1,2 @@
-import{K as a,L as b}from"../../chunk-L72TIN7T.mjs";import"../../chunk-2XQKGWHQ.mjs";import"../../chunk-UYVPNUH3.mjs";import"../../chunk-XKUIMGKU.mjs";import"../../chunk-N6YTF76Q.mjs";import"../../chunk-A5L76YP7.mjs";import"../../chunk-I7XT6L7S.mjs";import"../../chunk-5HXLZHDW.mjs";import"../../chunk-G3MHXDYA.mjs";import"../../chunk-JABP65XD.mjs";import"../../chunk-GOXRBEIJ.mjs";import"../../chunk-2PASUPUO.mjs";import"../../chunk-XJJVJOX5.mjs";import"../../chunk-NECL5FCQ.mjs";import"../../chunk-4QMXOWHP.mjs";import"../../chunk-EF4FA5I6.mjs";import"../../chunk-WCMW2L3P.mjs";import"../../chunk-WSR5EBJM.mjs";import"../../chunk-C3Q23D22.mjs";import"../../chunk-QREVMGQZ.mjs";import"../../chunk-V3MBJJTL.mjs";import"../../chunk-ZP4DWSQA.mjs";import"../../chunk-FGFLPH5K.mjs";import"../../chunk-WHSTLR3F.mjs";import"../../chunk-M3AO73ZL.mjs";import"../../chunk-6OWBKU7N.mjs";import"../../chunk-AMXZQPUQ.mjs";import"../../chunk-YOZBVVKL.mjs";import"../../chunk-SJDCGNWU.mjs";import"../../chunk-UL777LTI.mjs";import"../../chunk-7ECCT6PK.mjs";import"../../chunk-4AI7KQQ7.mjs";import"../../chunk-7EER7GWV.mjs";import"../../chunk-QP2BY4PK.mjs";import"../../chunk-HGLO5LDS.mjs";import"../../chunk-CW35YAMN.mjs";import"../../chunk-6WDVDEQZ.mjs";import"../../chunk-RCSJFTST.mjs";import"../../chunk-4RXKALLC.mjs";import"../../chunk-OLILO7VD.mjs";import"../../chunk-7DQDJ2SA.mjs";import"../../chunk-HNBVYE3N.mjs";import"../../chunk-RGKRCZ36.mjs";import"../../chunk-FZY4PMEE.mjs";import"../../chunk-Q4W3WJ2U.mjs";import"../../chunk-TOBQ5UE6.mjs";import"../../chunk-MT2RJ7H3.mjs";import"../../chunk-ORMOQWWH.mjs";import"../../chunk-FD6FGKYY.mjs";import"../../chunk-4WPQQPUF.mjs";import"../../chunk-MCFQE4GC.mjs";import"../../chunk-FLZPUYXQ.mjs";import"../../chunk-EBMEXURY.mjs";import"../../chunk-STY74NUA.mjs";import"../../chunk-IF4UU2MT.mjs";import"../../chunk-56CNRT2K.mjs";import"../../chunk-CIJA7ONS.mjs";import"../../chunk-KDMSOCZY.mjs";export{a as MultiEd25519PublicKey,b as MultiEd25519Signature};
+import{SigningScheme as E}from"../../types";import{AuthenticationKey as p}from"../authenticationKey";import{Ed25519PublicKey as u,Ed25519Signature as l}from"./ed25519";import{AbstractMultiKey as d}from"./multiKey";import{Signature as m}from"./signature";const a=class a extends d{constructor(e){const{publicKeys:t,threshold:r}=e;if(super({publicKeys:t}),t.length>a.MAX_KEYS||t.length<a.MIN_KEYS)throw new Error(`Must have between ${a.MIN_KEYS} and ${a.MAX_KEYS} public keys, inclusive`);if(r<a.MIN_THRESHOLD||r>t.length)throw new Error(`Threshold must be between ${a.MIN_THRESHOLD} and ${t.length}, inclusive`);this.publicKeys=t,this.threshold=r}getSignaturesRequired(){return this.threshold}verifySignature(e){const{message:t,signature:r}=e;if(!(r instanceof g))return!1;const s=[];for(let i=0;i<4;i+=1)for(let n=0;n<8;n+=1)if((r.bitmap[i]&1<<7-n)!==0){const c=i*8+n;s.push(c)}if(s.length!==r.signatures.length)throw new Error("Bitmap and signatures length mismatch");if(s.length<this.threshold)throw new Error("Not enough signatures");for(let i=0;i<s.length;i+=1)if(!this.publicKeys[s[i]].verifySignature({message:t,signature:r.signatures[i]}))return!1;return!0}async verifySignatureAsync(e){return this.verifySignature(e)}authKey(){return p.fromSchemeAndBytes({scheme:E.MultiEd25519,input:this.toUint8Array()})}toUint8Array(){const e=new Uint8Array(this.publicKeys.length*u.LENGTH+1);return this.publicKeys.forEach((t,r)=>{e.set(t.toUint8Array(),r*u.LENGTH)}),e[this.publicKeys.length*u.LENGTH]=this.threshold,e}serialize(e){e.serializeBytes(this.toUint8Array())}static deserialize(e){const t=e.deserializeBytes(),r=t[t.length-1],s=[];for(let i=0;i<t.length-1;i+=u.LENGTH){const n=i;s.push(new u(t.subarray(n,n+u.LENGTH)))}return new a({publicKeys:s,threshold:r})}static deserializeWithoutLength(e){const t=e.remaining(),r=e.deserializeFixedBytes(t),s=r[r.length-1],i=[];for(let n=0;n<r.length-1;n+=u.LENGTH){const h=n;i.push(new u(r.subarray(h,h+u.LENGTH)))}return new a({publicKeys:i,threshold:s})}getIndex(e){return super.getIndex(e)}};a.MAX_KEYS=32,a.MIN_KEYS=2,a.MIN_THRESHOLD=1;let b=a;const o=class o extends m{constructor(e){super();const{signatures:t,bitmap:r}=e;if(t.length>o.MAX_SIGNATURES_SUPPORTED)throw new Error(`The number of signatures cannot be greater than ${o.MAX_SIGNATURES_SUPPORTED}`);if(this.signatures=t,!(r instanceof Uint8Array))this.bitmap=o.createBitmap({bits:r});else{if(r.length!==o.BITMAP_LEN)throw new Error(`"bitmap" length should be ${o.BITMAP_LEN}`);this.bitmap=r}}toUint8Array(){const e=new Uint8Array(this.signatures.length*l.LENGTH+o.BITMAP_LEN);return this.signatures.forEach((t,r)=>{e.set(t.toUint8Array(),r*l.LENGTH)}),e.set(this.bitmap,this.signatures.length*l.LENGTH),e}serialize(e){e.serializeBytes(this.toUint8Array())}static deserialize(e){const t=e.deserializeBytes(),r=t.subarray(t.length-4),s=[];for(let i=0;i<t.length-r.length;i+=l.LENGTH){const n=i;s.push(new l(t.subarray(n,n+l.LENGTH)))}return new o({signatures:s,bitmap:r})}static createBitmap(e){const{bits:t}=e,r=128,s=new Uint8Array([0,0,0,0]),i=new Set;return t.forEach((n,h)=>{if(n>=o.MAX_SIGNATURES_SUPPORTED)throw new Error(`Cannot have a signature larger than ${o.MAX_SIGNATURES_SUPPORTED-1}.`);if(i.has(n))throw new Error("Duplicate bits detected.");if(h>0&&n<=t[h-1])throw new Error("The bits need to be sorted in ascending order.");i.add(n);const c=Math.floor(n/8);let y=s[c];y|=r>>n%8,s[c]=y}),s}};o.MAX_SIGNATURES_SUPPORTED=32,o.BITMAP_LEN=4;let g=o;export{b as MultiEd25519PublicKey,g as MultiEd25519Signature};
 //# sourceMappingURL=multiEd25519.mjs.map

package/dist/esm/core/crypto/multiEd25519.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/multiEd25519.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { AptosConfig } from \"../../api\";\nimport { Deserializer, Serializer } from \"../../bcs\";\nimport { SigningScheme as AuthenticationKeyScheme, HexInput } from \"../../types\";\nimport { AuthenticationKey } from \"../authenticationKey\";\nimport { Ed25519PublicKey, Ed25519Signature } from \"./ed25519\";\nimport { AbstractMultiKey } from \"./multiKey\";\nimport { Signature } from \"./signature\";\n\n/**\n * Represents the public key of a K-of-N Ed25519 multi-sig transaction.\n *\n * A K-of-N multi-sig transaction requires at least K out of N authorized signers to sign the transaction\n * for it to be executed. This class encapsulates the logic for managing the public keys and the threshold\n * for valid signatures.\n *\n * @see {@link https://aptos.dev/integration/creating-a-signed-transaction/ | Creating a Signed Transaction}\n * @group Implementation\n * @category Serialization\n */\nexport class MultiEd25519PublicKey extends AbstractMultiKey {\n  /**\n   * Maximum number of public keys supported\n   * @group Implementation\n   * @category Serialization\n   */\n  static readonly MAX_KEYS = 32;\n\n  /**\n   * Minimum number of public keys needed\n   * @group Implementation\n   * @category Serialization\n   */\n  static readonly MIN_KEYS = 2;\n\n  /**\n   * Minimum threshold for the number of valid signatures required\n   * @group Implementation\n   * @category Serialization\n   */\n  static readonly MIN_THRESHOLD = 1;\n\n  /**\n   * List of Ed25519 public keys for this LegacyMultiEd25519PublicKey\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly publicKeys: Ed25519PublicKey[];\n\n  /**\n   * The minimum number of valid signatures required, for the number of public keys specified\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly threshold: number;\n\n  /**\n   * Public key for a K-of-N multi-sig transaction. A K-of-N multi-sig transaction means that for such a\n   * transaction to be executed, at least K out of the N authorized signers have signed the transaction\n   * and passed the check conducted by the chain.\n   *\n   * @see {@link\n   * https://aptos.dev/integration/creating-a-signed-transaction/ | Creating a Signed Transaction}\n   * @param args - A wrapper to let you choose the param order.\n   * @param args.publicKeys A list of public keys\n   * @param args.threshold At least \"threshold\" signatures must be valid\n   * @group Implementation\n   * @category Serialization\n   */\n  constructor(args: { publicKeys: Ed25519PublicKey[]; threshold: number }) {\n    const { publicKeys, threshold } = args;\n    super({ publicKeys });\n\n    // Validate number of public keys\n    if (publicKeys.length > MultiEd25519PublicKey.MAX_KEYS || publicKeys.length < MultiEd25519PublicKey.MIN_KEYS) {\n      throw new Error(\n        `Must have between ${MultiEd25519PublicKey.MIN_KEYS} and ` +\n          `${MultiEd25519PublicKey.MAX_KEYS} public keys, inclusive`,\n      );\n    }\n\n    // Validate threshold: must be between 1 and the number of public keys, inclusive\n    if (threshold < MultiEd25519PublicKey.MIN_THRESHOLD || threshold > publicKeys.length) {\n      throw new Error(\n        `Threshold must be between ${MultiEd25519PublicKey.MIN_THRESHOLD} and ${publicKeys.length}, inclusive`,\n      );\n    }\n\n    this.publicKeys = publicKeys;\n    this.threshold = threshold;\n  }\n\n  getSignaturesRequired(): number {\n    return this.threshold;\n  }\n\n  // region AccountPublicKey\n\n  /**\n   * Verifies a multi-signature against a given message.\n   * This function ensures that the provided signatures meet the required threshold and are valid for the given message.\n   *\n   * @param args - The arguments for verifying the signature.\n   * @param args.message - The message that was signed.\n   * @param args.signature - The multi-signature containing multiple signatures and a bitmap indicating which signatures are valid.\n   * @returns True if the signature is valid; otherwise, false.\n   * @throws Error if the bitmap and signatures length mismatch or if there are not enough valid signatures.\n   * @group Implementation\n   * @category Serialization\n   */\n  verifySignature(args: { message: HexInput; signature: Signature }): boolean {\n    const { message, signature } = args;\n    if (!(signature instanceof MultiEd25519Signature)) {\n      return false;\n    }\n\n    const indices: number[] = [];\n    for (let i = 0; i < 4; i += 1) {\n      for (let j = 0; j < 8; j += 1) {\n        // eslint-disable-next-line no-bitwise\n        const bitIsSet = (signature.bitmap[i] & (1 << (7 - j))) !== 0;\n        if (bitIsSet) {\n          const index = i * 8 + j;\n          indices.push(index);\n        }\n      }\n    }\n\n    if (indices.length !== signature.signatures.length) {\n      throw new Error(\"Bitmap and signatures length mismatch\");\n    }\n\n    if (indices.length < this.threshold) {\n      throw new Error(\"Not enough signatures\");\n    }\n\n    for (let i = 0; i < indices.length; i += 1) {\n      const publicKey = this.publicKeys[indices[i]];\n      if (!publicKey.verifySignature({ message, signature: signature.signatures[i] })) {\n        return false;\n      }\n    }\n    return true;\n  }\n\n  async verifySignatureAsync(args: {\n    aptosConfig: AptosConfig;\n    message: HexInput;\n    signature: Signature;\n  }): Promise<boolean> {\n    return this.verifySignature(args);\n  }\n\n  /**\n   * Generates an authentication key based on the current instance's byte representation.\n   * This function is essential for creating a secure authentication key that can be used for various cryptographic operations.\n   *\n   * @returns {AuthenticationKey} The generated authentication key.\n   * @group Implementation\n   * @category Serialization\n   */\n  authKey(): AuthenticationKey {\n    return AuthenticationKey.fromSchemeAndBytes({\n      scheme: AuthenticationKeyScheme.MultiEd25519,\n      input: this.toUint8Array(),\n    });\n  }\n\n  /**\n   * Converts a PublicKeys into Uint8Array (bytes) with: bytes = p1_bytes | ... | pn_bytes | threshold\n   * @group Implementation\n   * @category Serialization\n   */\n  toUint8Array(): Uint8Array {\n    const bytes = new Uint8Array(this.publicKeys.length * Ed25519PublicKey.LENGTH + 1);\n    this.publicKeys.forEach((k: Ed25519PublicKey, i: number) => {\n      bytes.set(k.toUint8Array(), i * Ed25519PublicKey.LENGTH);\n    });\n\n    bytes[this.publicKeys.length * Ed25519PublicKey.LENGTH] = this.threshold;\n\n    return bytes;\n  }\n\n  // endregion\n\n  // region Serializable\n\n  /**\n   * Serializes the current instance into bytes using the provided serializer.\n   * This allows for the conversion of the instance's data into a format suitable for transmission or storage.\n   *\n   * @param serializer - The serializer used to convert the instance into bytes.\n   * @group Implementation\n   * @category Serialization\n   */\n  serialize(serializer: Serializer): void {\n    serializer.serializeBytes(this.toUint8Array());\n  }\n\n  /**\n   * Deserializes a MultiEd25519Signature from the provided deserializer.\n   * This function helps in reconstructing a MultiEd25519Signature object from its serialized byte representation.\n   *\n   * @param deserializer - The deserializer instance used to read the serialized data.\n   * @group Implementation\n   * @category Serialization\n   */\n  static deserialize(deserializer: Deserializer): MultiEd25519PublicKey {\n    const bytes = deserializer.deserializeBytes();\n    const threshold = bytes[bytes.length - 1];\n\n    const keys: Ed25519PublicKey[] = [];\n\n    for (let i = 0; i < bytes.length - 1; i += Ed25519PublicKey.LENGTH) {\n      const begin = i;\n      keys.push(new Ed25519PublicKey(bytes.subarray(begin, begin + Ed25519PublicKey.LENGTH)));\n    }\n    return new MultiEd25519PublicKey({ publicKeys: keys, threshold });\n  }\n\n  /**\n   * Deserializes a MultiEd25519Signature from the provided deserializer.\n   * This function helps in reconstructing a MultiEd25519Signature object from its serialized byte representation.\n   *\n   * @param deserializer - The deserializer instance used to read the serialized data.\n   * @group Implementation\n   * @category Serialization\n   */\n  static deserializeWithoutLength(deserializer: Deserializer): MultiEd25519PublicKey {\n    const length = deserializer.remaining();\n    const bytes = deserializer.deserializeFixedBytes(length);\n    const threshold = bytes[bytes.length - 1];\n\n    const keys: Ed25519PublicKey[] = [];\n\n    for (let i = 0; i < bytes.length - 1; i += Ed25519PublicKey.LENGTH) {\n      const begin = i;\n      keys.push(new Ed25519PublicKey(bytes.subarray(begin, begin + Ed25519PublicKey.LENGTH)));\n    }\n    return new MultiEd25519PublicKey({ publicKeys: keys, threshold });\n  }\n\n  // endregion\n\n  /**\n   * Get the index of the provided public key.\n   *\n   * This function retrieves the index of a specified public key within the MultiKey.\n   * If the public key does not exist, it throws an error.\n   *\n   * @param publicKey - The public key to find the index for.\n   * @returns The corresponding index of the public key, if it exists.\n   * @throws Error - If the public key is not found in the MultiKey.\n   * @group Implementation\n   */\n  getIndex(publicKey: Ed25519PublicKey): number {\n    return super.getIndex(publicKey);\n  }\n}\n\n/**\n * Represents the signature of a K-of-N Ed25519 multi-sig transaction.\n *\n * @see {@link https://aptos.dev/integration/creating-a-signed-transaction/#multisignature-transactions | Creating a Signed Transaction}\n * @group Implementation\n * @category Serialization\n */\nexport class MultiEd25519Signature extends Signature {\n  /**\n   * Maximum number of Ed25519 signatures supported\n   * @group Implementation\n   * @category Serialization\n   */\n  static MAX_SIGNATURES_SUPPORTED = 32;\n\n  /**\n   * Number of bytes in the bitmap representing who signed the transaction (32-bits)\n   * @group Implementation\n   * @category Serialization\n   */\n  static BITMAP_LEN: number = 4;\n\n  /**\n   * The list of underlying Ed25519 signatures\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly signatures: Ed25519Signature[];\n\n  /**\n   * 32-bit Bitmap representing who signed the transaction\n   *\n   * This is represented where each public key can be masked to determine whether the message was signed by that key.\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly bitmap: Uint8Array;\n\n  /**\n   * Signature for a K-of-N multi-sig transaction.\n   *\n   * @see {@link\n   * https://aptos.dev/integration/creating-a-signed-transaction/#multisignature-transactions | Creating a Signed Transaction}\n   *\n   * @param args.signatures A list of signatures\n   * @param args.bitmap 4 bytes, at most 32 signatures are supported. If Nth bit value is `1`, the Nth\n   * signature should be provided in `signatures`. Bits are read from left to right.\n   * Alternatively, you can specify an array of bitmap positions.\n   * Valid position should range between 0 and 31.\n   * @see MultiEd25519Signature.createBitmap\n   * @group Implementation\n   * @category Serialization\n   */\n  constructor(args: { signatures: Ed25519Signature[]; bitmap: Uint8Array | number[] }) {\n    super();\n    const { signatures, bitmap } = args;\n\n    if (signatures.length > MultiEd25519Signature.MAX_SIGNATURES_SUPPORTED) {\n      throw new Error(\n        `The number of signatures cannot be greater than ${MultiEd25519Signature.MAX_SIGNATURES_SUPPORTED}`,\n      );\n    }\n    this.signatures = signatures;\n\n    if (!(bitmap instanceof Uint8Array)) {\n      this.bitmap = MultiEd25519Signature.createBitmap({ bits: bitmap });\n    } else if (bitmap.length !== MultiEd25519Signature.BITMAP_LEN) {\n      throw new Error(`\"bitmap\" length should be ${MultiEd25519Signature.BITMAP_LEN}`);\n    } else {\n      this.bitmap = bitmap;\n    }\n  }\n\n  // region AccountSignature\n\n  /**\n   * Converts a MultiSignature into Uint8Array (bytes) with `bytes = s1_bytes | ... | sn_bytes | bitmap`\n   * @group Implementation\n   * @category Serialization\n   */\n  toUint8Array(): Uint8Array {\n    const bytes = new Uint8Array(this.signatures.length * Ed25519Signature.LENGTH + MultiEd25519Signature.BITMAP_LEN);\n    this.signatures.forEach((k: Ed25519Signature, i: number) => {\n      bytes.set(k.toUint8Array(), i * Ed25519Signature.LENGTH);\n    });\n\n    bytes.set(this.bitmap, this.signatures.length * Ed25519Signature.LENGTH);\n\n    return bytes;\n  }\n\n  // endregion\n\n  // region Serializable\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeBytes(this.toUint8Array());\n  }\n\n  static deserialize(deserializer: Deserializer): MultiEd25519Signature {\n    const bytes = deserializer.deserializeBytes();\n    const bitmap = bytes.subarray(bytes.length - 4);\n\n    const signatures: Ed25519Signature[] = [];\n\n    for (let i = 0; i < bytes.length - bitmap.length; i += Ed25519Signature.LENGTH) {\n      const begin = i;\n      signatures.push(new Ed25519Signature(bytes.subarray(begin, begin + Ed25519Signature.LENGTH)));\n    }\n    return new MultiEd25519Signature({ signatures, bitmap });\n  }\n\n  // endregion\n\n  /**\n   * Helper method to create a bitmap out of the specified bit positions.\n   * This function allows you to set specific bits in a 32-bit long bitmap based on the provided positions.\n   *\n   * @param args The arguments for creating the bitmap.\n   * @param args.bits The bitmap positions that should be set. A position starts at index 0. Valid positions should range between 0 and 31.\n   *\n   * @example\n   * Here's an example of valid `bits`\n   * ```\n   * [0, 2, 31]\n   * ```\n   * `[0, 2, 31]` means the 1st, 3rd and 32nd bits should be set in the bitmap.\n   * The result bitmap should be 0b1010000000000000000000000000001\n   *\n   * @returns bitmap that is 32 bits long.\n   * @group Implementation\n   * @category Serialization\n   */\n  static createBitmap(args: { bits: number[] }): Uint8Array {\n    const { bits } = args;\n    // Bits are read from left to right. e.g. 0b10000000 represents the first bit is set in one byte.\n    // The decimal value of 0b10000000 is 128.\n    const firstBitInByte = 128;\n    const bitmap = new Uint8Array([0, 0, 0, 0]);\n\n    // Check if duplicates exist in bits\n    const dupCheckSet = new Set();\n\n    bits.forEach((bit: number, index) => {\n      if (bit >= MultiEd25519Signature.MAX_SIGNATURES_SUPPORTED) {\n        throw new Error(`Cannot have a signature larger than ${MultiEd25519Signature.MAX_SIGNATURES_SUPPORTED - 1}.`);\n      }\n\n      if (dupCheckSet.has(bit)) {\n        throw new Error(\"Duplicate bits detected.\");\n      }\n\n      if (index > 0 && bit <= bits[index - 1]) {\n        throw new Error(\"The bits need to be sorted in ascending order.\");\n      }\n\n      dupCheckSet.add(bit);\n\n      const byteOffset = Math.floor(bit / 8);\n\n      let byte = bitmap[byteOffset];\n\n      // eslint-disable-next-line no-bitwise\n      byte |= firstBitInByte >> bit % 8;\n\n      bitmap[byteOffset] = byte;\n    });\n\n    return bitmap;\n  }\n}\n"],"mappings":"AAKA,OAAS,iBAAiBA,MAAyC,cACnE,OAAS,qBAAAC,MAAyB,uBAClC,OAAS,oBAAAC,EAAkB,oBAAAC,MAAwB,YACnD,OAAS,oBAAAC,MAAwB,aACjC,OAAS,aAAAC,MAAiB,cAanB,MAAMC,EAAN,MAAMA,UAA8BF,CAAiB,CAiD1D,YAAYG,EAA6D,CACvE,KAAM,CAAE,WAAAC,EAAY,UAAAC,CAAU,EAAIF,EAIlC,GAHA,MAAM,CAAE,WAAAC,CAAW,CAAC,EAGhBA,EAAW,OAASF,EAAsB,UAAYE,EAAW,OAASF,EAAsB,SAClG,MAAM,IAAI,MACR,qBAAqBA,EAAsB,QAAQ,QAC9CA,EAAsB,QAAQ,yBACrC,EAIF,GAAIG,EAAYH,EAAsB,eAAiBG,EAAYD,EAAW,OAC5E,MAAM,IAAI,MACR,6BAA6BF,EAAsB,aAAa,QAAQE,EAAW,MAAM,aAC3F,EAGF,KAAK,WAAaA,EAClB,KAAK,UAAYC,CACnB,CAEA,uBAAgC,CAC9B,OAAO,KAAK,SACd,CAgBA,gBAAgBF,EAA4D,CAC1E,KAAM,CAAE,QAAAG,EAAS,UAAAC,CAAU,EAAIJ,EAC/B,GAAI,EAAEI,aAAqBC,GACzB,MAAO,GAGT,MAAMC,EAAoB,CAAC,EAC3B,QAAS,EAAI,EAAG,EAAI,EAAG,GAAK,EAC1B,QAASC,EAAI,EAAGA,EAAI,EAAGA,GAAK,EAG1B,IADkBH,EAAU,OAAO,CAAC,EAAK,GAAM,EAAIG,KAAS,EAC9C,CACZ,MAAMC,EAAQ,EAAI,EAAID,EACtBD,EAAQ,KAAKE,CAAK,CACpB,CAIJ,GAAIF,EAAQ,SAAWF,EAAU,WAAW,OAC1C,MAAM,IAAI,MAAM,uCAAuC,EAGzD,GAAIE,EAAQ,OAAS,KAAK,UACxB,MAAM,IAAI,MAAM,uBAAuB,EAGzC,QAAS,EAAI,EAAG,EAAIA,EAAQ,OAAQ,GAAK,EAEvC,GAAI,CADc,KAAK,WAAWA,EAAQ,CAAC,CAAC,EAC7B,gBAAgB,CAAE,QAAAH,EAAS,UAAWC,EAAU,WAAW,CAAC,CAAE,CAAC,EAC5E,MAAO,GAGX,MAAO,EACT,CAEA,MAAM,qBAAqBJ,EAIN,CACnB,OAAO,KAAK,gBAAgBA,CAAI,CAClC,CAUA,SAA6B,CAC3B,OAAON,EAAkB,mBAAmB,CAC1C,OAAQD,EAAwB,aAChC,MAAO,KAAK,aAAa,CAC3B,CAAC,CACH,CAOA,cAA2B,CACzB,MAAMgB,EAAQ,IAAI,WAAW,KAAK,WAAW,OAASd,EAAiB,OAAS,CAAC,EACjF,YAAK,WAAW,QAAQ,CAACe,EAAqBC,IAAc,CAC1DF,EAAM,IAAIC,EAAE,aAAa,EAAGC,EAAIhB,EAAiB,MAAM,CACzD,CAAC,EAEDc,EAAM,KAAK,WAAW,OAASd,EAAiB,MAAM,EAAI,KAAK,UAExDc,CACT,CAcA,UAAUG,EAA8B,CACtCA,EAAW,eAAe,KAAK,aAAa,CAAC,CAC/C,CAUA,OAAO,YAAYC,EAAmD,CACpE,MAAMJ,EAAQI,EAAa,iBAAiB,EACtCX,EAAYO,EAAMA,EAAM,OAAS,CAAC,EAElCK,EAA2B,CAAC,EAElC,QAAS,EAAI,EAAG,EAAIL,EAAM,OAAS,EAAG,GAAKd,EAAiB,OAAQ,CAClE,MAAMoB,EAAQ,EACdD,EAAK,KAAK,IAAInB,EAAiBc,EAAM,SAASM,EAAOA,EAAQpB,EAAiB,MAAM,CAAC,CAAC,CACxF,CACA,OAAO,IAAII,EAAsB,CAAE,WAAYe,EAAM,UAAAZ,CAAU,CAAC,CAClE,CAUA,OAAO,yBAAyBW,EAAmD,CACjF,MAAMG,EAASH,EAAa,UAAU,EAChCJ,EAAQI,EAAa,sBAAsBG,CAAM,EACjDd,EAAYO,EAAMA,EAAM,OAAS,CAAC,EAElCK,EAA2B,CAAC,EAElC,QAASH,EAAI,EAAGA,EAAIF,EAAM,OAAS,EAAGE,GAAKhB,EAAiB,OAAQ,CAClE,MAAMoB,EAAQJ,EACdG,EAAK,KAAK,IAAInB,EAAiBc,EAAM,SAASM,EAAOA,EAAQpB,EAAiB,MAAM,CAAC,CAAC,CACxF,CACA,OAAO,IAAII,EAAsB,CAAE,WAAYe,EAAM,UAAAZ,CAAU,CAAC,CAClE,CAeA,SAASe,EAAqC,CAC5C,OAAO,MAAM,SAASA,CAAS,CACjC,CACF,EA/OalB,EAMK,SAAW,GANhBA,EAaK,SAAW,EAbhBA,EAoBK,cAAgB,EApB3B,IAAMmB,EAANnB,EAwPA,MAAMoB,EAAN,MAAMA,UAA8BrB,CAAU,CA8CnD,YAAYE,EAAyE,CACnF,MAAM,EACN,KAAM,CAAE,WAAAoB,EAAY,OAAAC,CAAO,EAAIrB,EAE/B,GAAIoB,EAAW,OAASD,EAAsB,yBAC5C,MAAM,IAAI,MACR,mDAAmDA,EAAsB,wBAAwB,EACnG,EAIF,GAFA,KAAK,WAAaC,EAEd,EAAEC,aAAkB,YACtB,KAAK,OAASF,EAAsB,aAAa,CAAE,KAAME,CAAO,CAAC,MAC5D,IAAIA,EAAO,SAAWF,EAAsB,WACjD,MAAM,IAAI,MAAM,6BAA6BA,EAAsB,UAAU,EAAE,EAE/E,KAAK,OAASE,EAElB,CASA,cAA2B,CACzB,MAAMZ,EAAQ,IAAI,WAAW,KAAK,WAAW,OAASb,EAAiB,OAASuB,EAAsB,UAAU,EAChH,YAAK,WAAW,QAAQ,CAACT,EAAqBC,IAAc,CAC1DF,EAAM,IAAIC,EAAE,aAAa,EAAGC,EAAIf,EAAiB,MAAM,CACzD,CAAC,EAEDa,EAAM,IAAI,KAAK,OAAQ,KAAK,WAAW,OAASb,EAAiB,MAAM,EAEhEa,CACT,CAMA,UAAUG,EAA8B,CACtCA,EAAW,eAAe,KAAK,aAAa,CAAC,CAC/C,CAEA,OAAO,YAAYC,EAAmD,CACpE,MAAMJ,EAAQI,EAAa,iBAAiB,EACtCQ,EAASZ,EAAM,SAASA,EAAM,OAAS,CAAC,EAExCW,EAAiC,CAAC,EAExC,QAAS,EAAI,EAAG,EAAIX,EAAM,OAASY,EAAO,OAAQ,GAAKzB,EAAiB,OAAQ,CAC9E,MAAMmB,EAAQ,EACdK,EAAW,KAAK,IAAIxB,EAAiBa,EAAM,SAASM,EAAOA,EAAQnB,EAAiB,MAAM,CAAC,CAAC,CAC9F,CACA,OAAO,IAAIuB,EAAsB,CAAE,WAAAC,EAAY,OAAAC,CAAO,CAAC,CACzD,CAuBA,OAAO,aAAarB,EAAsC,CACxD,KAAM,CAAE,KAAAsB,CAAK,EAAItB,EAGXuB,EAAiB,IACjBF,EAAS,IAAI,WAAW,CAAC,EAAG,EAAG,EAAG,CAAC,CAAC,EAGpCG,EAAc,IAAI,IAExB,OAAAF,EAAK,QAAQ,CAACG,EAAajB,IAAU,CACnC,GAAIiB,GAAON,EAAsB,yBAC/B,MAAM,IAAI,MAAM,uCAAuCA,EAAsB,yBAA2B,CAAC,GAAG,EAG9G,GAAIK,EAAY,IAAIC,CAAG,EACrB,MAAM,IAAI,MAAM,0BAA0B,EAG5C,GAAIjB,EAAQ,GAAKiB,GAAOH,EAAKd,EAAQ,CAAC,EACpC,MAAM,IAAI,MAAM,gDAAgD,EAGlEgB,EAAY,IAAIC,CAAG,EAEnB,MAAMC,EAAa,KAAK,MAAMD,EAAM,CAAC,EAErC,IAAIE,EAAON,EAAOK,CAAU,EAG5BC,GAAQJ,GAAkBE,EAAM,EAEhCJ,EAAOK,CAAU,EAAIC,CACvB,CAAC,EAEMN,CACT,CACF,EAnKaF,EAMJ,yBAA2B,GANvBA,EAaJ,WAAqB,EAbvB,IAAMd,EAANc","names":["AuthenticationKeyScheme","AuthenticationKey","Ed25519PublicKey","Ed25519Signature","AbstractMultiKey","Signature","_MultiEd25519PublicKey","args","publicKeys","threshold","message","signature","MultiEd25519Signature","indices","j","index","bytes","k","i","serializer","deserializer","keys","begin","length","publicKey","MultiEd25519PublicKey","_MultiEd25519Signature","signatures","bitmap","bits","firstBitInByte","dupCheckSet","bit","byteOffset","byte"]}

package/dist/esm/core/crypto/multiKey.mjs

@@ -1,2 +1,4 @@
-import{H as a,I as b,J as c}from"../../chunk-L72TIN7T.mjs";import"../../chunk-2XQKGWHQ.mjs";import"../../chunk-UYVPNUH3.mjs";import"../../chunk-XKUIMGKU.mjs";import"../../chunk-N6YTF76Q.mjs";import"../../chunk-A5L76YP7.mjs";import"../../chunk-I7XT6L7S.mjs";import"../../chunk-5HXLZHDW.mjs";import"../../chunk-G3MHXDYA.mjs";import"../../chunk-JABP65XD.mjs";import"../../chunk-GOXRBEIJ.mjs";import"../../chunk-2PASUPUO.mjs";import"../../chunk-XJJVJOX5.mjs";import"../../chunk-NECL5FCQ.mjs";import"../../chunk-4QMXOWHP.mjs";import"../../chunk-EF4FA5I6.mjs";import"../../chunk-WCMW2L3P.mjs";import"../../chunk-WSR5EBJM.mjs";import"../../chunk-C3Q23D22.mjs";import"../../chunk-QREVMGQZ.mjs";import"../../chunk-V3MBJJTL.mjs";import"../../chunk-ZP4DWSQA.mjs";import"../../chunk-FGFLPH5K.mjs";import"../../chunk-WHSTLR3F.mjs";import"../../chunk-M3AO73ZL.mjs";import"../../chunk-6OWBKU7N.mjs";import"../../chunk-AMXZQPUQ.mjs";import"../../chunk-YOZBVVKL.mjs";import"../../chunk-SJDCGNWU.mjs";import"../../chunk-UL777LTI.mjs";import"../../chunk-7ECCT6PK.mjs";import"../../chunk-4AI7KQQ7.mjs";import"../../chunk-7EER7GWV.mjs";import"../../chunk-QP2BY4PK.mjs";import"../../chunk-HGLO5LDS.mjs";import"../../chunk-CW35YAMN.mjs";import"../../chunk-6WDVDEQZ.mjs";import"../../chunk-RCSJFTST.mjs";import"../../chunk-4RXKALLC.mjs";import"../../chunk-OLILO7VD.mjs";import"../../chunk-7DQDJ2SA.mjs";import"../../chunk-HNBVYE3N.mjs";import"../../chunk-RGKRCZ36.mjs";import"../../chunk-FZY4PMEE.mjs";import"../../chunk-Q4W3WJ2U.mjs";import"../../chunk-TOBQ5UE6.mjs";import"../../chunk-MT2RJ7H3.mjs";import"../../chunk-ORMOQWWH.mjs";import"../../chunk-FD6FGKYY.mjs";import"../../chunk-4WPQQPUF.mjs";import"../../chunk-MCFQE4GC.mjs";import"../../chunk-FLZPUYXQ.mjs";import"../../chunk-EBMEXURY.mjs";import"../../chunk-STY74NUA.mjs";import"../../chunk-IF4UU2MT.mjs";import"../../chunk-56CNRT2K.mjs";import"../../chunk-CIJA7ONS.mjs";import"../../chunk-KDMSOCZY.mjs";export{a as AbstractMultiKey,b as MultiKey,c as MultiKeySignature};
+import{AnyPublicKeyVariant as f,SigningScheme as m}from"../../types";import{AuthenticationKey as d}from"../authenticationKey";import{AccountPublicKey as S}from"./publicKey";import{Signature as w}from"./signature";import{AnyPublicKey as c,AnySignature as g}from"./singleKey";function K(b){let e=b;return e-=e>>1&1431655765,e=(e&858993459)+(e>>2&858993459),(e+(e>>4)&252645135)*16843009>>24}const l=3;class A extends S{constructor(e){super(),this.publicKeys=e.publicKeys}createBitmap(e){const{bits:t}=e,r=128,i=new Uint8Array([0,0,0,0]),n=new Set;return t.forEach((s,u)=>{if(u+1>this.publicKeys.length)throw new Error(`Signature index ${u+1} is out of public keys range, ${this.publicKeys.length}.`);if(n.has(s))throw new Error(`Duplicate bit ${s} detected.`);n.add(s);const o=Math.floor(s/8);let y=i[o];y|=r>>s%8,i[o]=y}),i}getIndex(e){const t=this.publicKeys.findIndex(r=>r.toString()===e.toString());if(t!==-1)return t;throw new Error(`Public key ${e} not found in multi key set ${this.publicKeys}`)}}class p extends A{constructor(e){const{publicKeys:t,signaturesRequired:r}=e;if(super({publicKeys:t}),r<1)throw new Error("The number of required signatures needs to be greater than 0");if(t.length<r)throw new Error(`Provided ${t.length} public keys is smaller than the ${r} required signatures`);if(this.publicKeys=t.map(i=>i instanceof c?i:new c(i)),r>l&&this.publicKeys.filter(n=>n.variant===f.Keyless||n.variant===f.FederatedKeyless).length>l)throw new Error(`Construction of MultiKey with more than ${l} keyless public keys is not allowed when signaturesRequired 
+          is greater than ${l}. This is because a maximum of 3 keyless signatures are supported for a 
+          K-of-N MultiKey transaction.`);this.signaturesRequired=r}getSignaturesRequired(){return this.signaturesRequired}verifySignature(e){const{message:t,signature:r}=e;if(r.signatures.length!==this.signaturesRequired)throw new Error("The number of signatures does not match the number of required signatures");const i=r.bitMapToSignerIndices();for(let n=0;n<r.signatures.length;n+=1){const s=r.signatures[n];if(!this.publicKeys[i[n]].verifySignature({message:t,signature:s}))return!1}return!0}async verifySignatureAsync(e){const{signature:t}=e;try{if(!(t instanceof h))throw new Error("Signature is not a MultiKeySignature");if(t.signatures.length!==this.signaturesRequired)throw new Error("The number of signatures does not match the number of required signatures");const r=t.bitMapToSignerIndices();for(let i=0;i<t.signatures.length;i+=1){const n=t.signatures[i];if(!await this.publicKeys[r[i]].verifySignatureAsync({...e,signature:n}))return!1}return!0}catch(r){if(e.options?.throwErrorWithReason)throw r;return!1}}authKey(){return d.fromSchemeAndBytes({scheme:m.MultiKey,input:this.toUint8Array()})}serialize(e){e.serializeVector(this.publicKeys),e.serializeU8(this.signaturesRequired)}static deserialize(e){const t=e.deserializeVector(c),r=e.deserializeU8();return new p({publicKeys:t,signaturesRequired:r})}getIndex(e){const t=e instanceof c?e:new c(e);return super.getIndex(t)}static isInstance(e){return"publicKeys"in e&&"signaturesRequired"in e}}const a=class a extends w{constructor(e){super();const{signatures:t,bitmap:r}=e;if(t.length>a.MAX_SIGNATURES_SUPPORTED)throw new Error(`The number of signatures cannot be greater than ${a.MAX_SIGNATURES_SUPPORTED}`);if(this.signatures=t.map(n=>n instanceof g?n:new g(n)),!(r instanceof Uint8Array))this.bitmap=a.createBitmap({bits:r});else{if(r.length!==a.BITMAP_LEN)throw new Error(`"bitmap" length should be ${a.BITMAP_LEN}`);this.bitmap=r}const i=this.bitmap.reduce((n,s)=>n+K(s),0);if(i!==this.signatures.length)throw new Error(`Expecting ${i} signatures from the bitmap, but got ${this.signatures.length}`)}static createBitmap(e){const{bits:t}=e,r=128,i=new Uint8Array([0,0,0,0]),n=new Set;return t.forEach(s=>{if(s>=a.MAX_SIGNATURES_SUPPORTED)throw new Error(`Cannot have a signature larger than ${a.MAX_SIGNATURES_SUPPORTED-1}.`);if(n.has(s))throw new Error("Duplicate bits detected.");n.add(s);const u=Math.floor(s/8);let o=i[u];o|=r>>s%8,i[u]=o}),i}bitMapToSignerIndices(){const e=[];for(let t=0;t<this.bitmap.length;t+=1){const r=this.bitmap[t];for(let i=0;i<8;i+=1)(r&128>>i)!==0&&e.push(t*8+i)}return e}serialize(e){e.serializeVector(this.signatures),e.serializeBytes(this.bitmap)}static deserialize(e){const t=e.deserializeVector(g),r=e.deserializeBytes();return new a({signatures:t,bitmap:r})}};a.BITMAP_LEN=4,a.MAX_SIGNATURES_SUPPORTED=a.BITMAP_LEN*8;let h=a;export{A as AbstractMultiKey,p as MultiKey,h as MultiKeySignature};
 //# sourceMappingURL=multiKey.mjs.map

package/dist/esm/core/crypto/multiKey.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/multiKey.ts"],"sourcesContent":["import { AnyPublicKeyVariant, SigningScheme as AuthenticationKeyScheme, HexInput } from \"../../types\";\nimport { Deserializer } from \"../../bcs/deserializer\";\nimport { Serializer } from \"../../bcs/serializer\";\nimport { AuthenticationKey } from \"../authenticationKey\";\nimport { AccountPublicKey, PublicKey, VerifySignatureAsyncArgs } from \"./publicKey\";\nimport { Signature } from \"./signature\";\nimport { AnyPublicKey, AnySignature } from \"./singleKey\";\nimport { AptosConfig } from \"../../api\";\n\n/**\n * Counts the number of set bits (1s) in a byte.\n * This function can help you determine the population count of a given byte value.\n *\n * @param byte - The byte value for which to count the number of set bits.\n * @group Implementation\n * @category Serialization\n */\n/* eslint-disable no-bitwise */\nfunction bitCount(byte: number) {\n  let n = byte;\n  n -= (n >> 1) & 0x55555555;\n  n = (n & 0x33333333) + ((n >> 2) & 0x33333333);\n  return (((n + (n >> 4)) & 0xf0f0f0f) * 0x1010101) >> 24;\n}\n/* eslint-enable no-bitwise */\n\nconst MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY = 3;\nexport abstract class AbstractMultiKey extends AccountPublicKey {\n  publicKeys: PublicKey[];\n\n  constructor(args: { publicKeys: PublicKey[] }) {\n    super();\n    this.publicKeys = args.publicKeys;\n  }\n\n  /**\n   * Create a bitmap that holds the mapping from the original public keys\n   * to the signatures passed in\n   *\n   * @param args.bits array of the index mapping to the matching public keys\n   * @returns Uint8array bit map\n   * @group Implementation\n   * @category Serialization\n   */\n  createBitmap(args: { bits: number[] }): Uint8Array {\n    const { bits } = args;\n    // Bits are read from left to right. e.g. 0b10000000 represents the first bit is set in one byte.\n    // The decimal value of 0b10000000 is 128.\n    const firstBitInByte = 128;\n    const bitmap = new Uint8Array([0, 0, 0, 0]);\n\n    // Check if duplicates exist in bits\n    const dupCheckSet = new Set();\n\n    bits.forEach((bit: number, idx: number) => {\n      if (idx + 1 > this.publicKeys.length) {\n        throw new Error(`Signature index ${idx + 1} is out of public keys range, ${this.publicKeys.length}.`);\n      }\n\n      if (dupCheckSet.has(bit)) {\n        throw new Error(`Duplicate bit ${bit} detected.`);\n      }\n\n      dupCheckSet.add(bit);\n\n      const byteOffset = Math.floor(bit / 8);\n\n      let byte = bitmap[byteOffset];\n\n      // eslint-disable-next-line no-bitwise\n      byte |= firstBitInByte >> bit % 8;\n\n      bitmap[byteOffset] = byte;\n    });\n\n    return bitmap;\n  }\n\n  /**\n   * Get the index of the provided public key.\n   *\n   * This function retrieves the index of a specified public key within the MultiKey.\n   * If the public key does not exist, it throws an error.\n   *\n   * @param publicKey - The public key to find the index for.\n   * @returns The corresponding index of the public key, if it exists.\n   * @throws Error - If the public key is not found in the MultiKey.\n   * @group Implementation\n   * @category Serialization\n   */\n  getIndex(publicKey: PublicKey): number {\n    const index = this.publicKeys.findIndex((pk) => pk.toString() === publicKey.toString());\n\n    if (index !== -1) {\n      return index;\n    }\n    throw new Error(`Public key ${publicKey} not found in multi key set ${this.publicKeys}`);\n  }\n\n  abstract getSignaturesRequired(): number;\n}\n\n/**\n * Represents a multi-key authentication scheme for accounts, allowing multiple public keys\n * to be associated with a single account. This class enforces a minimum number of valid signatures\n * required to authorize actions, ensuring enhanced security for multi-agent accounts.\n *\n * The public keys of each individual agent can be any type of public key supported by Aptos.\n * Since [AIP-55](https://github.com/aptos-foundation/AIPs/pull/263), Aptos supports\n * `Legacy` and `Unified` authentication keys.\n * @group Implementation\n * @category Serialization\n */\nexport class MultiKey extends AbstractMultiKey {\n  /**\n   * List of any public keys\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly publicKeys: AnyPublicKey[];\n\n  /**\n   * The minimum number of valid signatures required, for the number of public keys specified\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly signaturesRequired: number;\n\n  /**\n   * Signature for a K-of-N multi-sig transaction.\n   * This constructor initializes a multi-signature transaction with the provided signatures and bitmap.\n   *\n   * @param args An object containing the parameters for the multi-signature transaction.\n   * @param args.signatures A list of signatures.\n   * @param args.bitmap A bitmap represented as a Uint8Array or an array of numbers, where each bit indicates whether a\n   * corresponding signature is present. A maximum of 32 signatures is supported, and the length of the bitmap must be 4 bytes.\n   *\n   * @throws Error if the number of signatures exceeds the maximum supported, if the bitmap length is incorrect, or if the number\n   * of signatures does not match the bitmap.\n   * @group Implementation\n   * @category Serialization\n   */\n  // region Constructors\n  constructor(args: { publicKeys: Array<PublicKey>; signaturesRequired: number }) {\n    const { publicKeys, signaturesRequired } = args;\n    super({ publicKeys });\n\n    // Validate number of public keys is greater than signature required\n    if (signaturesRequired < 1) {\n      throw new Error(\"The number of required signatures needs to be greater than 0\");\n    }\n\n    // Validate number of public keys is greater than signature required\n    if (publicKeys.length < signaturesRequired) {\n      throw new Error(\n        `Provided ${publicKeys.length} public keys is smaller than the ${signaturesRequired} required signatures`,\n      );\n    }\n\n    // Make sure that all keys are normalized to the SingleKey authentication scheme\n    this.publicKeys = publicKeys.map((publicKey) =>\n      publicKey instanceof AnyPublicKey ? publicKey : new AnyPublicKey(publicKey),\n    );\n    if (signaturesRequired > MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY) {\n      const keylessCount = this.publicKeys.filter(\n        (pk) => pk.variant === AnyPublicKeyVariant.Keyless || pk.variant === AnyPublicKeyVariant.FederatedKeyless,\n      ).length;\n      if (keylessCount > MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY) {\n        throw new Error(\n          `Construction of MultiKey with more than ${MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY} keyless public keys is not allowed when signaturesRequired \n          is greater than ${MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY}. This is because a maximum of 3 keyless signatures are supported for a \n          K-of-N MultiKey transaction.`,\n        );\n      }\n    }\n\n    this.signaturesRequired = signaturesRequired;\n  }\n\n  getSignaturesRequired(): number {\n    return this.signaturesRequired;\n  }\n\n  // endregion\n\n  // region AccountPublicKey\n\n  /**\n   * Verifies the provided signature against the given message.\n   * This function helps ensure the integrity and authenticity of the message by checking if the signature is valid.\n   *\n   * Note: This function will fail if a keyless signature is used.  Use `verifySignatureAsync` instead.\n   *\n   * @param args - The arguments for verifying the signature.\n   * @param args.message - The message that was signed.\n   * @param args.signature - The signature to verify.\n   * @group Implementation\n   * @category Serialization\n   */\n  verifySignature(args: { message: HexInput; signature: MultiKeySignature }): boolean {\n    const { message, signature } = args;\n    if (signature.signatures.length !== this.signaturesRequired) {\n      throw new Error(\"The number of signatures does not match the number of required signatures\");\n    }\n    const signerIndices = signature.bitMapToSignerIndices();\n    for (let i = 0; i < signature.signatures.length; i += 1) {\n      const singleSignature = signature.signatures[i];\n      const publicKey = this.publicKeys[signerIndices[i]];\n      if (!publicKey.verifySignature({ message, signature: singleSignature })) {\n        return false;\n      }\n    }\n    return true;\n  }\n\n  /**\n   * Verifies the provided signature against the given message.\n   * This function helps ensure the integrity and authenticity of the message by checking if the signature is valid.\n   *\n   * @param args - The arguments for verifying the signature.\n   * @param args.aptosConfig - The Aptos configuration to use\n   * @param args.message - The message that was signed.\n   * @param args.signature - The signature to verify.\n   * @group Implementation\n   * @category Serialization\n   */\n  async verifySignatureAsync(args: {\n    aptosConfig: AptosConfig;\n    message: HexInput;\n    signature: Signature;\n    options?: { throwErrorWithReason?: boolean };\n  }): Promise<boolean> {\n    const { signature } = args;\n    try {\n      if (!(signature instanceof MultiKeySignature)) {\n        throw new Error(\"Signature is not a MultiKeySignature\");\n      }\n      if (signature.signatures.length !== this.signaturesRequired) {\n        throw new Error(\"The number of signatures does not match the number of required signatures\");\n      }\n      const signerIndices = signature.bitMapToSignerIndices();\n      for (let i = 0; i < signature.signatures.length; i += 1) {\n        const singleSignature = signature.signatures[i];\n        const publicKey = this.publicKeys[signerIndices[i]];\n        if (!(await publicKey.verifySignatureAsync({ ...args, signature: singleSignature }))) {\n          return false;\n        }\n      }\n      return true;\n    } catch (error) {\n      if (args.options?.throwErrorWithReason) {\n        throw error;\n      }\n      return false;\n    }\n  }\n\n  /**\n   * Generates an authentication key based on the current instance's byte representation.\n   * This key can be used for secure authentication processes within the system.\n   *\n   * @returns {AuthenticationKey} The generated authentication key.\n   * @group Implementation\n   * @category Serialization\n   */\n  authKey(): AuthenticationKey {\n    return AuthenticationKey.fromSchemeAndBytes({\n      scheme: AuthenticationKeyScheme.MultiKey,\n      input: this.toUint8Array(),\n    });\n  }\n\n  // endregion\n\n  // region Serializable\n\n  /**\n   * Serializes the object by writing its signatures and bitmap to the provided serializer.\n   * This allows the object to be converted into a format suitable for transmission or storage.\n   *\n   * @param serializer - The serializer instance used to perform the serialization.\n   * @group Implementation\n   * @category Serialization\n   */\n  serialize(serializer: Serializer): void {\n    serializer.serializeVector(this.publicKeys);\n    serializer.serializeU8(this.signaturesRequired);\n  }\n\n  /**\n   * Deserializes a MultiKeySignature from the provided deserializer.\n   * This function retrieves the signatures and bitmap necessary for creating a MultiKeySignature object.\n   *\n   * @param deserializer - The deserializer instance used to read the serialized data.\n   * @group Implementation\n   * @category Serialization\n   */\n  static deserialize(deserializer: Deserializer): MultiKey {\n    const keys = deserializer.deserializeVector(AnyPublicKey);\n    const signaturesRequired = deserializer.deserializeU8();\n\n    return new MultiKey({ publicKeys: keys, signaturesRequired });\n  }\n\n  // endregion\n\n  /**\n   * Get the index of the provided public key.\n   *\n   * This function retrieves the index of a specified public key within the MultiKey.\n   * If the public key does not exist, it throws an error.\n   *\n   * @param publicKey - The public key to find the index for.\n   * @returns The corresponding index of the public key, if it exists.\n   * @throws Error - If the public key is not found in the MultiKey.\n   * @group Implementation\n   */\n  getIndex(publicKey: PublicKey): number {\n    const anyPublicKey = publicKey instanceof AnyPublicKey ? publicKey : new AnyPublicKey(publicKey);\n    return super.getIndex(anyPublicKey);\n  }\n\n  public static isInstance(value: PublicKey): value is MultiKey {\n    return \"publicKeys\" in value && \"signaturesRequired\" in value;\n  }\n}\n\n/**\n * Represents a multi-signature transaction using Ed25519 signatures.\n * This class allows for the creation and management of a K-of-N multi-signature scheme,\n * where a specified number of signatures are required to authorize a transaction.\n *\n * It includes functionality to validate the number of signatures against a bitmap,\n * which indicates which public keys have signed the transaction.\n * @group Implementation\n * @category Serialization\n */\nexport class MultiKeySignature extends Signature {\n  /**\n   * Number of bytes in the bitmap representing who signed the transaction (32-bits)\n   * @group Implementation\n   * @category Serialization\n   */\n  static BITMAP_LEN: number = 4;\n\n  /**\n   * Maximum number of Ed25519 signatures supported\n   * @group Implementation\n   * @category Serialization\n   */\n  static MAX_SIGNATURES_SUPPORTED = MultiKeySignature.BITMAP_LEN * 8;\n\n  /**\n   * The list of underlying Ed25519 signatures\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly signatures: AnySignature[];\n\n  /**\n   * 32-bit Bitmap representing who signed the transaction\n   *\n   * This is represented where each public key can be masked to determine whether the message was signed by that key.\n   * @group Implementation\n   * @category Serialization\n   */\n  public readonly bitmap: Uint8Array;\n\n  /**\n   * Signature for a K-of-N multi-sig transaction.\n   *\n   * @see {@link\n   * https://aptos.dev/integration/creating-a-signed-transaction/#multisignature-transactions | Creating a Signed Transaction}\n   *\n   * @param args.signatures A list of signatures\n   * @param args.bitmap 4 bytes, at most 32 signatures are supported. If Nth bit value is `1`, the Nth\n   * signature should be provided in `signatures`. Bits are read from left to right\n   * @group Implementation\n   * @category Serialization\n   */\n  constructor(args: { signatures: Array<Signature | AnySignature>; bitmap: Uint8Array | number[] }) {\n    super();\n    const { signatures, bitmap } = args;\n\n    if (signatures.length > MultiKeySignature.MAX_SIGNATURES_SUPPORTED) {\n      throw new Error(`The number of signatures cannot be greater than ${MultiKeySignature.MAX_SIGNATURES_SUPPORTED}`);\n    }\n\n    // Make sure that all signatures are normalized to the SingleKey authentication scheme\n    this.signatures = signatures.map((signature) =>\n      signature instanceof AnySignature ? signature : new AnySignature(signature),\n    );\n\n    if (!(bitmap instanceof Uint8Array)) {\n      this.bitmap = MultiKeySignature.createBitmap({ bits: bitmap });\n    } else if (bitmap.length !== MultiKeySignature.BITMAP_LEN) {\n      throw new Error(`\"bitmap\" length should be ${MultiKeySignature.BITMAP_LEN}`);\n    } else {\n      this.bitmap = bitmap;\n    }\n\n    const nSignatures = this.bitmap.reduce((acc, byte) => acc + bitCount(byte), 0);\n    if (nSignatures !== this.signatures.length) {\n      throw new Error(`Expecting ${nSignatures} signatures from the bitmap, but got ${this.signatures.length}`);\n    }\n  }\n\n  /**\n   * Helper method to create a bitmap out of the specified bit positions\n   * @param args.bits The bitmap positions that should be set. A position starts at index 0.\n   * Valid position should range between 0 and 31.\n   * @example\n   * Here's an example of valid `bits`\n   * ```\n   * [0, 2, 31]\n   * ```\n   * `[0, 2, 31]` means the 1st, 3rd and 32nd bits should be set in the bitmap.\n   * The result bitmap should be 0b1010000000000000000000000000001\n   *\n   * @returns bitmap that is 32bit long\n   * @group Implementation\n   * @category Serialization\n   */\n  static createBitmap(args: { bits: number[] }): Uint8Array {\n    const { bits } = args;\n    // Bits are read from left to right. e.g. 0b10000000 represents the first bit is set in one byte.\n    // The decimal value of 0b10000000 is 128.\n    const firstBitInByte = 128;\n    const bitmap = new Uint8Array([0, 0, 0, 0]);\n\n    // Check if duplicates exist in bits\n    const dupCheckSet = new Set();\n\n    bits.forEach((bit: number) => {\n      if (bit >= MultiKeySignature.MAX_SIGNATURES_SUPPORTED) {\n        throw new Error(`Cannot have a signature larger than ${MultiKeySignature.MAX_SIGNATURES_SUPPORTED - 1}.`);\n      }\n\n      if (dupCheckSet.has(bit)) {\n        throw new Error(\"Duplicate bits detected.\");\n      }\n\n      dupCheckSet.add(bit);\n\n      const byteOffset = Math.floor(bit / 8);\n\n      let byte = bitmap[byteOffset];\n\n      // eslint-disable-next-line no-bitwise\n      byte |= firstBitInByte >> bit % 8;\n\n      bitmap[byteOffset] = byte;\n    });\n\n    return bitmap;\n  }\n\n  /**\n   * Converts the bitmap to an array of signer indices.\n   *\n   * Example:\n   *\n   * bitmap: [0b10001000, 0b01000000, 0b00000000, 0b00000000]\n   * signerIndices: [0, 4, 9]\n   *\n   * @returns An array of signer indices.\n   * @group Implementation\n   * @category Serialization\n   */\n  bitMapToSignerIndices(): number[] {\n    const signerIndices: number[] = [];\n    for (let i = 0; i < this.bitmap.length; i += 1) {\n      const byte = this.bitmap[i];\n      for (let bit = 0; bit < 8; bit += 1) {\n        if ((byte & (128 >> bit)) !== 0) {\n          signerIndices.push(i * 8 + bit);\n        }\n      }\n    }\n    return signerIndices;\n  }\n\n  // region Serializable\n\n  serialize(serializer: Serializer): void {\n    // Note: we should not need to serialize the vector length, as it can be derived from the bitmap\n    serializer.serializeVector(this.signatures);\n    serializer.serializeBytes(this.bitmap);\n  }\n\n  static deserialize(deserializer: Deserializer): MultiKeySignature {\n    const signatures = deserializer.deserializeVector(AnySignature);\n    const bitmap = deserializer.deserializeBytes();\n    return new MultiKeySignature({ signatures, bitmap });\n  }\n\n  // endregion\n}\n"],"mappings":"AAAA,OAAS,uBAAAA,EAAqB,iBAAiBC,MAAyC,cAGxF,OAAS,qBAAAC,MAAyB,uBAClC,OAAS,oBAAAC,MAA6D,cACtE,OAAS,aAAAC,MAAiB,cAC1B,OAAS,gBAAAC,EAAc,gBAAAC,MAAoB,cAY3C,SAASC,EAASC,EAAc,CAC9B,IAAIC,EAAID,EACR,OAAAC,GAAMA,GAAK,EAAK,WAChBA,GAAKA,EAAI,YAAgBA,GAAK,EAAK,YACzBA,GAAKA,GAAK,GAAM,WAAa,UAAc,EACvD,CAGA,MAAMC,EAAuC,EACtC,MAAeC,UAAyBR,CAAiB,CAG9D,YAAYS,EAAmC,CAC7C,MAAM,EACN,KAAK,WAAaA,EAAK,UACzB,CAWA,aAAaA,EAAsC,CACjD,KAAM,CAAE,KAAAC,CAAK,EAAID,EAGXE,EAAiB,IACjBC,EAAS,IAAI,WAAW,CAAC,EAAG,EAAG,EAAG,CAAC,CAAC,EAGpCC,EAAc,IAAI,IAExB,OAAAH,EAAK,QAAQ,CAACI,EAAaC,IAAgB,CACzC,GAAIA,EAAM,EAAI,KAAK,WAAW,OAC5B,MAAM,IAAI,MAAM,mBAAmBA,EAAM,CAAC,iCAAiC,KAAK,WAAW,MAAM,GAAG,EAGtG,GAAIF,EAAY,IAAIC,CAAG,EACrB,MAAM,IAAI,MAAM,iBAAiBA,CAAG,YAAY,EAGlDD,EAAY,IAAIC,CAAG,EAEnB,MAAME,EAAa,KAAK,MAAMF,EAAM,CAAC,EAErC,IAAIT,EAAOO,EAAOI,CAAU,EAG5BX,GAAQM,GAAkBG,EAAM,EAEhCF,EAAOI,CAAU,EAAIX,CACvB,CAAC,EAEMO,CACT,CAcA,SAASK,EAA8B,CACrC,MAAMC,EAAQ,KAAK,WAAW,UAAWC,GAAOA,EAAG,SAAS,IAAMF,EAAU,SAAS,CAAC,EAEtF,GAAIC,IAAU,GACZ,OAAOA,EAET,MAAM,IAAI,MAAM,cAAcD,CAAS,+BAA+B,KAAK,UAAU,EAAE,CACzF,CAGF,CAaO,MAAMG,UAAiBZ,CAAiB,CA8B7C,YAAYC,EAAoE,CAC9E,KAAM,CAAE,WAAAY,EAAY,mBAAAC,CAAmB,EAAIb,EAI3C,GAHA,MAAM,CAAE,WAAAY,CAAW,CAAC,EAGhBC,EAAqB,EACvB,MAAM,IAAI,MAAM,8DAA8D,EAIhF,GAAID,EAAW,OAASC,EACtB,MAAM,IAAI,MACR,YAAYD,EAAW,MAAM,oCAAoCC,CAAkB,sBACrF,EAOF,GAHA,KAAK,WAAaD,EAAW,IAAKJ,GAChCA,aAAqBf,EAAee,EAAY,IAAIf,EAAae,CAAS,CAC5E,EACIK,EAAqBf,GACF,KAAK,WAAW,OAClCY,GAAOA,EAAG,UAAYtB,EAAoB,SAAWsB,EAAG,UAAYtB,EAAoB,gBAC3F,EAAE,OACiBU,EACjB,MAAM,IAAI,MACR,2CAA2CA,CAAoC;AAAA,4BAC7DA,CAAoC;AAAA,uCAExD,EAIJ,KAAK,mBAAqBe,CAC5B,CAEA,uBAAgC,CAC9B,OAAO,KAAK,kBACd,CAkBA,gBAAgBb,EAAoE,CAClF,KAAM,CAAE,QAAAc,EAAS,UAAAC,CAAU,EAAIf,EAC/B,GAAIe,EAAU,WAAW,SAAW,KAAK,mBACvC,MAAM,IAAI,MAAM,2EAA2E,EAE7F,MAAMC,EAAgBD,EAAU,sBAAsB,EACtD,QAASE,EAAI,EAAGA,EAAIF,EAAU,WAAW,OAAQE,GAAK,EAAG,CACvD,MAAMC,EAAkBH,EAAU,WAAWE,CAAC,EAE9C,GAAI,CADc,KAAK,WAAWD,EAAcC,CAAC,CAAC,EACnC,gBAAgB,CAAE,QAAAH,EAAS,UAAWI,CAAgB,CAAC,EACpE,MAAO,EAEX,CACA,MAAO,EACT,CAaA,MAAM,qBAAqBlB,EAKN,CACnB,KAAM,CAAE,UAAAe,CAAU,EAAIf,EACtB,GAAI,CACF,GAAI,EAAEe,aAAqBI,GACzB,MAAM,IAAI,MAAM,sCAAsC,EAExD,GAAIJ,EAAU,WAAW,SAAW,KAAK,mBACvC,MAAM,IAAI,MAAM,2EAA2E,EAE7F,MAAMC,EAAgBD,EAAU,sBAAsB,EACtD,QAAS,EAAI,EAAG,EAAIA,EAAU,WAAW,OAAQ,GAAK,EAAG,CACvD,MAAMG,EAAkBH,EAAU,WAAW,CAAC,EAE9C,GAAI,CAAE,MADY,KAAK,WAAWC,EAAc,CAAC,CAAC,EAC5B,qBAAqB,CAAE,GAAGhB,EAAM,UAAWkB,CAAgB,CAAC,EAChF,MAAO,EAEX,CACA,MAAO,EACT,OAASE,EAAO,CACd,GAAIpB,EAAK,SAAS,qBAChB,MAAMoB,EAER,MAAO,EACT,CACF,CAUA,SAA6B,CAC3B,OAAO9B,EAAkB,mBAAmB,CAC1C,OAAQD,EAAwB,SAChC,MAAO,KAAK,aAAa,CAC3B,CAAC,CACH,CAcA,UAAUgC,EAA8B,CACtCA,EAAW,gBAAgB,KAAK,UAAU,EAC1CA,EAAW,YAAY,KAAK,kBAAkB,CAChD,CAUA,OAAO,YAAYC,EAAsC,CACvD,MAAMC,EAAOD,EAAa,kBAAkB7B,CAAY,EAClDoB,EAAqBS,EAAa,cAAc,EAEtD,OAAO,IAAIX,EAAS,CAAE,WAAYY,EAAM,mBAAAV,CAAmB,CAAC,CAC9D,CAeA,SAASL,EAA8B,CACrC,MAAMgB,EAAehB,aAAqBf,EAAee,EAAY,IAAIf,EAAae,CAAS,EAC/F,OAAO,MAAM,SAASgB,CAAY,CACpC,CAEA,OAAc,WAAWC,EAAqC,CAC5D,MAAO,eAAgBA,GAAS,uBAAwBA,CAC1D,CACF,CAYO,MAAMC,EAAN,MAAMA,UAA0BlC,CAAU,CA2C/C,YAAYQ,EAAsF,CAChG,MAAM,EACN,KAAM,CAAE,WAAA2B,EAAY,OAAAxB,CAAO,EAAIH,EAE/B,GAAI2B,EAAW,OAASD,EAAkB,yBACxC,MAAM,IAAI,MAAM,mDAAmDA,EAAkB,wBAAwB,EAAE,EAQjH,GAJA,KAAK,WAAaC,EAAW,IAAKZ,GAChCA,aAAqBrB,EAAeqB,EAAY,IAAIrB,EAAaqB,CAAS,CAC5E,EAEI,EAAEZ,aAAkB,YACtB,KAAK,OAASuB,EAAkB,aAAa,CAAE,KAAMvB,CAAO,CAAC,MACxD,IAAIA,EAAO,SAAWuB,EAAkB,WAC7C,MAAM,IAAI,MAAM,6BAA6BA,EAAkB,UAAU,EAAE,EAE3E,KAAK,OAASvB,EAGhB,MAAMyB,EAAc,KAAK,OAAO,OAAO,CAACC,EAAKjC,IAASiC,EAAMlC,EAASC,CAAI,EAAG,CAAC,EAC7E,GAAIgC,IAAgB,KAAK,WAAW,OAClC,MAAM,IAAI,MAAM,aAAaA,CAAW,wCAAwC,KAAK,WAAW,MAAM,EAAE,CAE5G,CAkBA,OAAO,aAAa5B,EAAsC,CACxD,KAAM,CAAE,KAAAC,CAAK,EAAID,EAGXE,EAAiB,IACjBC,EAAS,IAAI,WAAW,CAAC,EAAG,EAAG,EAAG,CAAC,CAAC,EAGpCC,EAAc,IAAI,IAExB,OAAAH,EAAK,QAASI,GAAgB,CAC5B,GAAIA,GAAOqB,EAAkB,yBAC3B,MAAM,IAAI,MAAM,uCAAuCA,EAAkB,yBAA2B,CAAC,GAAG,EAG1G,GAAItB,EAAY,IAAIC,CAAG,EACrB,MAAM,IAAI,MAAM,0BAA0B,EAG5CD,EAAY,IAAIC,CAAG,EAEnB,MAAME,EAAa,KAAK,MAAMF,EAAM,CAAC,EAErC,IAAIT,EAAOO,EAAOI,CAAU,EAG5BX,GAAQM,GAAkBG,EAAM,EAEhCF,EAAOI,CAAU,EAAIX,CACvB,CAAC,EAEMO,CACT,CAcA,uBAAkC,CAChC,MAAMa,EAA0B,CAAC,EACjC,QAASC,EAAI,EAAGA,EAAI,KAAK,OAAO,OAAQA,GAAK,EAAG,CAC9C,MAAMrB,EAAO,KAAK,OAAOqB,CAAC,EAC1B,QAASZ,EAAM,EAAGA,EAAM,EAAGA,GAAO,GAC3BT,EAAQ,KAAOS,KAAU,GAC5BW,EAAc,KAAKC,EAAI,EAAIZ,CAAG,CAGpC,CACA,OAAOW,CACT,CAIA,UAAUK,EAA8B,CAEtCA,EAAW,gBAAgB,KAAK,UAAU,EAC1CA,EAAW,eAAe,KAAK,MAAM,CACvC,CAEA,OAAO,YAAYC,EAA+C,CAChE,MAAMK,EAAaL,EAAa,kBAAkB5B,CAAY,EACxDS,EAASmB,EAAa,iBAAiB,EAC7C,OAAO,IAAII,EAAkB,CAAE,WAAAC,EAAY,OAAAxB,CAAO,CAAC,CACrD,CAGF,EAhKauB,EAMJ,WAAqB,EANjBA,EAaJ,yBAA2BA,EAAkB,WAAa,EAb5D,IAAMP,EAANO","names":["AnyPublicKeyVariant","AuthenticationKeyScheme","AuthenticationKey","AccountPublicKey","Signature","AnyPublicKey","AnySignature","bitCount","byte","n","MAX_NUM_KEYLESS_PUBLIC_FOR_MULTI_KEY","AbstractMultiKey","args","bits","firstBitInByte","bitmap","dupCheckSet","bit","idx","byteOffset","publicKey","index","pk","MultiKey","publicKeys","signaturesRequired","message","signature","signerIndices","i","singleSignature","MultiKeySignature","error","serializer","deserializer","keys","anyPublicKey","value","_MultiKeySignature","signatures","nSignatures","acc"]}

package/dist/esm/core/crypto/poseidon.mjs

@@ -1,2 +1,2 @@
-import{a,b,c,d,e}from"../../chunk-GOXRBEIJ.mjs";import"../../chunk-KDMSOCZY.mjs";export{d as bigIntToBytesLE,c as bytesToBigIntLE,a as hashStrToField,b as padAndPackBytesWithLen,e as poseidonHash};
+import{poseidon1 as h,poseidon2 as u,poseidon3 as a,poseidon4 as l,poseidon5 as c,poseidon6 as d,poseidon7 as p,poseidon8 as f,poseidon9 as A,poseidon10 as U,poseidon11 as b,poseidon12 as w,poseidon13 as E,poseidon14 as I,poseidon15 as y,poseidon16 as B}from"poseidon-lite";const i=[h,u,a,l,c,d,p,f,A,U,b,w,E,I,y,B],s=31,m=16,g=(m-1)*s;function C(n,t){const o=new TextEncoder().encode(n);return $(o,t)}function $(n,t){if(n.length>t)throw new Error(`Inputted bytes of length ${n} is longer than ${t}`);const r=_(n,t);return M(r)}function T(n,t){if(n.length>t)throw new Error(`Input bytes of length ${n} is longer than ${t}`);const r=k(n,t);return P(r)}function _(n,t){if(n.length>t)throw new Error(`Input bytes of length ${n} is longer than ${t}`);return T(n,t).concat([BigInt(n.length)])}function P(n){if(n.length>g)throw new Error(`Can't pack more than ${g}.  Was given ${n.length} bytes`);return L(n,s).map(t=>N(t))}function L(n,t){const r=[];for(let o=0;o<n.length;o+=t)r.push(n.subarray(o,o+t));return r}function N(n){let t=BigInt(0);for(let r=n.length-1;r>=0;r-=1)t=t<<BigInt(8)|BigInt(n[r]);return t}function W(n,t){let r=BigInt(n);const o=new Uint8Array(t);for(let e=0;e<t;e+=1)o[e]=Number(r&BigInt(255)),r>>=BigInt(8);return o}function k(n,t){if(t<n.length)throw new Error("Padded size must be greater than or equal to the input array size.");const r=new Uint8Array(t);r.set(n);for(let o=n.length;o<t;o+=1)r[o]=0;return r}function M(n){if(n.length>i.length)throw new Error(`Unable to hash input of length ${n.length}.  Max input length is ${i.length}`);return i[n.length-1](n)}export{W as bigIntToBytesLE,N as bytesToBigIntLE,C as hashStrToField,_ as padAndPackBytesWithLen,M as poseidonHash};
 //# sourceMappingURL=poseidon.mjs.map

package/dist/esm/core/crypto/poseidon.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"sources":["../../../../src/core/crypto/poseidon.ts"],"sourcesContent":["/* eslint-disable no-bitwise */\nimport {\n  poseidon1,\n  poseidon2,\n  poseidon3,\n  poseidon4,\n  poseidon5,\n  poseidon6,\n  poseidon7,\n  poseidon8,\n  poseidon9,\n  poseidon10,\n  poseidon11,\n  poseidon12,\n  poseidon13,\n  poseidon14,\n  poseidon15,\n  poseidon16,\n} from \"poseidon-lite\";\n\nconst numInputsToPoseidonFunc = [\n  poseidon1,\n  poseidon2,\n  poseidon3,\n  poseidon4,\n  poseidon5,\n  poseidon6,\n  poseidon7,\n  poseidon8,\n  poseidon9,\n  poseidon10,\n  poseidon11,\n  poseidon12,\n  poseidon13,\n  poseidon14,\n  poseidon15,\n  poseidon16,\n];\n\nconst BYTES_PACKED_PER_SCALAR = 31;\nconst MAX_NUM_INPUT_SCALARS = 16;\nconst MAX_NUM_INPUT_BYTES = (MAX_NUM_INPUT_SCALARS - 1) * BYTES_PACKED_PER_SCALAR;\n\n/**\n * Hashes a string to a field element via Poseidon hashing.\n * This function is useful for converting a string into a fixed-size hash that can be used in cryptographic applications.\n *\n * @param str - The string to be hashed.\n * @param maxSizeBytes - The maximum size in bytes for the resulting hash.\n * @returns bigint - The result of the hash.\n * @group Implementation\n * @category Serialization\n */\nexport function hashStrToField(str: string, maxSizeBytes: number): bigint {\n  const textEncoder = new TextEncoder();\n  const strBytes = textEncoder.encode(str);\n  return hashBytesWithLen(strBytes, maxSizeBytes);\n}\n\n/**\n * Computes a Poseidon hash of the provided byte array, ensuring that the byte array does not exceed the specified maximum size.\n * This function is useful for generating a hash from a byte array while enforcing size constraints.\n *\n * @param bytes - The byte array to be hashed.\n * @param maxSizeBytes - The maximum allowed size for the byte array.\n * @throws Error if the length of the inputted bytes exceeds the specified maximum size.\n * @group Implementation\n * @category Serialization\n */\nfunction hashBytesWithLen(bytes: Uint8Array, maxSizeBytes: number): bigint {\n  if (bytes.length > maxSizeBytes) {\n    throw new Error(`Inputted bytes of length ${bytes} is longer than ${maxSizeBytes}`);\n  }\n  const packed = padAndPackBytesWithLen(bytes, maxSizeBytes);\n  return poseidonHash(packed);\n}\n\n/**\n * Pads the input byte array with zeros to a specified maximum size and then packs the bytes.\n * This function ensures that the byte array does not exceed the specified maximum size, throwing an error if it does.\n *\n * @param bytes - The byte array to be padded and packed.\n * @param maxSizeBytes - The maximum size in bytes that the input array can have.\n * @throws Error if the input byte array exceeds the specified maximum size.\n * @group Implementation\n * @category Serialization\n */\nfunction padAndPackBytesNoLen(bytes: Uint8Array, maxSizeBytes: number): bigint[] {\n  if (bytes.length > maxSizeBytes) {\n    throw new Error(`Input bytes of length ${bytes} is longer than ${maxSizeBytes}`);\n  }\n  const paddedStrBytes = padUint8ArrayWithZeros(bytes, maxSizeBytes);\n  return packBytes(paddedStrBytes);\n}\n\n/**\n * Pads and packs the given byte array to a specified maximum size and appends its length.\n * This function ensures that the byte array does not exceed the maximum size, throwing an error if it does.\n * It is useful for preparing byte data for further processing or transmission by ensuring a consistent format.\n *\n * @param bytes - The byte array to be padded and packed.\n * @param maxSizeBytes - The maximum allowed size for the byte array.\n * @throws Error if the length of the input bytes exceeds the maximum size.\n * @returns A new Uint8Array that contains the padded and packed bytes along with the length of the original byte array.\n * @group Implementation\n * @category Serialization\n */\nexport function padAndPackBytesWithLen(bytes: Uint8Array, maxSizeBytes: number): bigint[] {\n  if (bytes.length > maxSizeBytes) {\n    throw new Error(`Input bytes of length ${bytes} is longer than ${maxSizeBytes}`);\n  }\n  return padAndPackBytesNoLen(bytes, maxSizeBytes).concat([BigInt(bytes.length)]);\n}\n\n/**\n * Packs a Uint8Array into an array of BigInts, ensuring the input does not exceed the maximum allowed bytes.\n * @param bytes - The Uint8Array to be packed.\n * @throws {Error} Throws an error if the input exceeds the maximum number of bytes allowed.\n * @group Implementation\n * @category Serialization\n */\nfunction packBytes(bytes: Uint8Array): bigint[] {\n  if (bytes.length > MAX_NUM_INPUT_BYTES) {\n    throw new Error(`Can't pack more than ${MAX_NUM_INPUT_BYTES}.  Was given ${bytes.length} bytes`);\n  }\n  return chunkUint8Array(bytes, BYTES_PACKED_PER_SCALAR).map((chunk) => bytesToBigIntLE(chunk));\n}\n\n/**\n * Splits a Uint8Array into smaller chunks of the specified size.\n * This function is useful for processing large arrays in manageable segments.\n *\n * @param array - The Uint8Array to be split into chunks.\n * @param chunkSize - The size of each chunk.\n * @returns An array of Uint8Array chunks.\n * @group Implementation\n * @category Serialization\n */\nfunction chunkUint8Array(array: Uint8Array, chunkSize: number): Uint8Array[] {\n  const result: Uint8Array[] = [];\n  for (let i = 0; i < array.length; i += chunkSize) {\n    result.push(array.subarray(i, i + chunkSize));\n  }\n  return result;\n}\n\n/**\n * Converts a little-endian byte array into a BigInt.\n * This function is useful for interpreting byte data as a numerical value in a way that respects the little-endian format.\n *\n * @param bytes - The byte array to convert.\n * @returns The resulting BigInt representation of the byte array.\n * @group Implementation\n * @category Serialization\n */\nexport function bytesToBigIntLE(bytes: Uint8Array): bigint {\n  let result = BigInt(0);\n  for (let i = bytes.length - 1; i >= 0; i -= 1) {\n    result = (result << BigInt(8)) | BigInt(bytes[i]);\n  }\n  return result;\n}\n\n/**\n * Converts a bigint value into a little-endian byte array of a specified length.\n * This function is useful for representing large integers in a byte format, which is often required for cryptographic operations\n * or binary data manipulation.\n *\n * @param value - The number to convert into bytes.\n * @param length - The desired length of the resulting byte array.\n * @returns A Uint8Array containing the little-endian representation of the bigint value.\n * @group Implementation\n * @category Serialization\n */\nexport function bigIntToBytesLE(value: bigint | number, length: number): Uint8Array {\n  let val = BigInt(value);\n  const bytes = new Uint8Array(length);\n  for (let i = 0; i < length; i += 1) {\n    bytes[i] = Number(val & BigInt(0xff));\n    val >>= BigInt(8);\n  }\n  return bytes;\n}\n\n/**\n * Pads the input Uint8Array with zeros to achieve the specified size.\n * This function is useful for ensuring that a byte array meets a required length for further processing.\n *\n * @param inputArray - The Uint8Array to be padded.\n * @param paddedSize - The desired size of the padded array, which must be greater than or equal to the input array size.\n * @throws Error if paddedSize is less than the length of inputArray.\n * @group Implementation\n * @category Serialization\n */\nfunction padUint8ArrayWithZeros(inputArray: Uint8Array, paddedSize: number): Uint8Array {\n  if (paddedSize < inputArray.length) {\n    throw new Error(\"Padded size must be greater than or equal to the input array size.\");\n  }\n\n  // Create a new Uint8Array with the padded size\n  const paddedArray = new Uint8Array(paddedSize);\n\n  // Copy the content of the input array to the new array\n  paddedArray.set(inputArray);\n\n  // Fill the remaining space with zeros\n  for (let i = inputArray.length; i < paddedSize; i += 1) {\n    paddedArray[i] = 0;\n  }\n\n  return paddedArray;\n}\n\n/**\n * Hashes up to 16 scalar elements via the Poseidon hashing algorithm.\n * Each element must be scalar fields of the BN254 elliptic curve group.\n *\n * @param inputs - An array of elements to be hashed, which can be of type number, bigint, or string.\n * @returns bigint - The result of the hash.\n * @throws Error - Throws an error if the input length exceeds the maximum allowed.\n * @group Implementation\n * @category Serialization\n */\nexport function poseidonHash(inputs: (number | bigint | string)[]): bigint {\n  if (inputs.length > numInputsToPoseidonFunc.length) {\n    throw new Error(\n      `Unable to hash input of length ${inputs.length}.  Max input length is ${numInputsToPoseidonFunc.length}`,\n    );\n  }\n  return numInputsToPoseidonFunc[inputs.length - 1](inputs);\n}\n"],"mappings":"AACA,OACE,aAAAA,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,aAAAC,EACA,cAAAC,EACA,cAAAC,EACA,cAAAC,EACA,cAAAC,EACA,cAAAC,EACA,cAAAC,EACA,cAAAC,MACK,gBAEP,MAAMC,EAA0B,CAC9BhB,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,CACF,EAEME,EAA0B,GAC1BC,EAAwB,GACxBC,GAAuBD,EAAwB,GAAKD,EAYnD,SAASG,EAAeC,EAAaC,EAA8B,CAExE,MAAMC,EADc,IAAI,YAAY,EACP,OAAOF,CAAG,EACvC,OAAOG,EAAiBD,EAAUD,CAAY,CAChD,CAYA,SAASE,EAAiBC,EAAmBH,EAA8B,CACzE,GAAIG,EAAM,OAASH,EACjB,MAAM,IAAI,MAAM,4BAA4BG,CAAK,mBAAmBH,CAAY,EAAE,EAEpF,MAAMI,EAASC,EAAuBF,EAAOH,CAAY,EACzD,OAAOM,EAAaF,CAAM,CAC5B,CAYA,SAASG,EAAqBJ,EAAmBH,EAAgC,CAC/E,GAAIG,EAAM,OAASH,EACjB,MAAM,IAAI,MAAM,yBAAyBG,CAAK,mBAAmBH,CAAY,EAAE,EAEjF,MAAMQ,EAAiBC,EAAuBN,EAAOH,CAAY,EACjE,OAAOU,EAAUF,CAAc,CACjC,CAcO,SAASH,EAAuBF,EAAmBH,EAAgC,CACxF,GAAIG,EAAM,OAASH,EACjB,MAAM,IAAI,MAAM,yBAAyBG,CAAK,mBAAmBH,CAAY,EAAE,EAEjF,OAAOO,EAAqBJ,EAAOH,CAAY,EAAE,OAAO,CAAC,OAAOG,EAAM,MAAM,CAAC,CAAC,CAChF,CASA,SAASO,EAAUP,EAA6B,CAC9C,GAAIA,EAAM,OAASN,EACjB,MAAM,IAAI,MAAM,wBAAwBA,CAAmB,gBAAgBM,EAAM,MAAM,QAAQ,EAEjG,OAAOQ,EAAgBR,EAAOR,CAAuB,EAAE,IAAKiB,GAAUC,EAAgBD,CAAK,CAAC,CAC9F,CAYA,SAASD,EAAgBG,EAAmBC,EAAiC,CAC3E,MAAMC,EAAuB,CAAC,EAC9B,QAASC,EAAI,EAAGA,EAAIH,EAAM,OAAQG,GAAKF,EACrCC,EAAO,KAAKF,EAAM,SAASG,EAAGA,EAAIF,CAAS,CAAC,EAE9C,OAAOC,CACT,CAWO,SAASH,EAAgBV,EAA2B,CACzD,IAAIa,EAAS,OAAO,CAAC,EACrB,QAASC,EAAId,EAAM,OAAS,EAAGc,GAAK,EAAGA,GAAK,EAC1CD,EAAUA,GAAU,OAAO,CAAC,EAAK,OAAOb,EAAMc,CAAC,CAAC,EAElD,OAAOD,CACT,CAaO,SAASE,EAAgBC,EAAwBC,EAA4B,CAClF,IAAIC,EAAM,OAAOF,CAAK,EACtB,MAAMhB,EAAQ,IAAI,WAAWiB,CAAM,EACnC,QAASH,EAAI,EAAGA,EAAIG,EAAQH,GAAK,EAC/Bd,EAAMc,CAAC,EAAI,OAAOI,EAAM,OAAO,GAAI,CAAC,EACpCA,IAAQ,OAAO,CAAC,EAElB,OAAOlB,CACT,CAYA,SAASM,EAAuBa,EAAwBC,EAAgC,CACtF,GAAIA,EAAaD,EAAW,OAC1B,MAAM,IAAI,MAAM,oEAAoE,EAItF,MAAME,EAAc,IAAI,WAAWD,CAAU,EAG7CC,EAAY,IAAIF,CAAU,EAG1B,QAASL,EAAIK,EAAW,OAAQL,EAAIM,EAAYN,GAAK,EACnDO,EAAYP,CAAC,EAAI,EAGnB,OAAOO,CACT,CAYO,SAASlB,EAAamB,EAA8C,CACzE,GAAIA,EAAO,OAAS/B,EAAwB,OAC1C,MAAM,IAAI,MACR,kCAAkC+B,EAAO,MAAM,0BAA0B/B,EAAwB,MAAM,EACzG,EAEF,OAAOA,EAAwB+B,EAAO,OAAS,CAAC,EAAEA,CAAM,CAC1D","names":["poseidon1","poseidon2","poseidon3","poseidon4","poseidon5","poseidon6","poseidon7","poseidon8","poseidon9","poseidon10","poseidon11","poseidon12","poseidon13","poseidon14","poseidon15","poseidon16","numInputsToPoseidonFunc","BYTES_PACKED_PER_SCALAR","MAX_NUM_INPUT_SCALARS","MAX_NUM_INPUT_BYTES","hashStrToField","str","maxSizeBytes","strBytes","hashBytesWithLen","bytes","packed","padAndPackBytesWithLen","poseidonHash","padAndPackBytesNoLen","paddedStrBytes","padUint8ArrayWithZeros","packBytes","chunkUint8Array","chunk","bytesToBigIntLE","array","chunkSize","result","i","bigIntToBytesLE","value","length","val","inputArray","paddedSize","paddedArray","inputs"]}