@ascorbic/pds 0.0.1 → 0.1.0

package/README.md

@@ -8,12 +8,7 @@ A single-user [AT Protocol](https://atproto.com) Personal Data Server (PDS) that
 
 ## What is this?
 
-A PDS is where your Bluesky data lives - your posts, follows, profile, and media. This package lets you run your own PDS on Cloudflare's edge network, giving you:
-
-- **Your own identity** - Use your own domain as your Bluesky handle
-- **Data ownership** - Your content lives in your Cloudflare account
-- **Federation** - Works with the Bluesky network via relay sync
-- **Low cost** - Runs on Cloudflare's generous free tier
+A PDS is where your Bluesky data lives – your posts, follows, profile, and media. This package lets you run your own PDS on Cloudflare Workers, giving you control over your data and identity.
 
 ## Quick Start
 

package/dist/cli.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 import { defineCommand, runMain } from "citty";
-import { randomBytes } from "node:crypto";
 import * as p from "@clack/prompts";
+import { randomBytes } from "node:crypto";
+import { Secp256k1Keypair } from "@atproto/crypto";
+import bcrypt from "bcryptjs";
 import { spawn } from "node:child_process";
 import { experimental_patchConfig, experimental_readRawConfig } from "wrangler";
 import { existsSync, readFileSync, writeFileSync } from "node:fs";
 import { resolve } from "node:path";
-import bcrypt from "bcryptjs";
-import { Secp256k1Keypair } from "@atproto/crypto";
 
 //#region src/cli/utils/wrangler.ts
 /**
@@ -131,6 +131,80 @@ function setDevVar(key, value, dir = process.cwd()) {
 	writeDevVars(vars, dir);
 }
 
+//#endregion
+//#region src/cli/utils/secrets.ts
+/**
+* Secret generation and management utilities for PDS CLI
+*/
+/**
+* Generate a new secp256k1 signing keypair
+*/
+async function generateSigningKeypair() {
+	const keypair = await Secp256k1Keypair.create({ exportable: true });
+	return {
+		privateKey: Buffer.from(await keypair.export()).toString("hex"),
+		publicKey: keypair.did().replace("did:key:", "")
+	};
+}
+/**
+* Derive public key from an existing private key
+*/
+async function derivePublicKey(privateKeyHex) {
+	return (await Secp256k1Keypair.import(privateKeyHex)).did().replace("did:key:", "");
+}
+/**
+* Generate a random auth token (base64url, 32 bytes)
+*/
+function generateAuthToken() {
+	return randomBytes(32).toString("base64url");
+}
+/**
+* Generate a random JWT secret (base64, 32 bytes)
+*/
+function generateJwtSecret() {
+	return randomBytes(32).toString("base64");
+}
+/**
+* Hash a password using bcrypt
+*/
+async function hashPassword(password) {
+	return bcrypt.hash(password, 10);
+}
+/**
+* Prompt for password with confirmation
+*/
+async function promptPassword() {
+	const password = await p.password({ message: "Enter password:" });
+	if (p.isCancel(password)) {
+		p.cancel("Cancelled");
+		process.exit(0);
+	}
+	const confirm = await p.password({ message: "Confirm password:" });
+	if (p.isCancel(confirm)) {
+		p.cancel("Cancelled");
+		process.exit(0);
+	}
+	if (password !== confirm) {
+		p.log.error("Passwords do not match");
+		process.exit(1);
+	}
+	return password;
+}
+/**
+* Set a secret value, either locally (.dev.vars) or via wrangler
+*/
+async function setSecretValue(name, value, local) {
+	if (local) setDevVar(name, value);
+	else await setSecret(name, value);
+}
+/**
+* Set a public var in wrangler.jsonc
+*/
+function setPublicVar(name, value, local) {
+	if (local) setDevVar(name, value);
+	else setVar(name, value);
+}
+
 //#endregion
 //#region src/cli/commands/secret/jwt.ts
 /**
@@ -148,22 +222,13 @@ const jwtCommand = defineCommand({
 	} },
 	async run({ args }) {
 		p.intro("Generate JWT Secret");
-		const secret = randomBytes(32).toString("base64");
-		if (args.local) {
-			setDevVar("JWT_SECRET", secret);
-			p.outro("JWT_SECRET written to .dev.vars");
-		} else {
-			const spinner = p.spinner();
-			spinner.start("Setting JWT_SECRET via wrangler...");
-			try {
-				await setSecret("JWT_SECRET", secret);
-				spinner.stop("JWT_SECRET set successfully");
-				p.outro("Done!");
-			} catch (error) {
-				spinner.stop("Failed to set JWT_SECRET");
-				p.log.error(String(error));
-				process.exit(1);
-			}
+		const secret = generateJwtSecret();
+		try {
+			await setSecretValue("JWT_SECRET", secret, args.local);
+			p.outro(args.local ? "JWT_SECRET written to .dev.vars" : "Done!");
+		} catch (error) {
+			p.log.error(String(error));
+			process.exit(1);
 		}
 	}
 });
@@ -185,38 +250,17 @@ const passwordCommand = defineCommand({
 	} },
 	async run({ args }) {
 		p.intro("Set Account Password");
-		const password = await p.password({ message: "Enter password:" });
-		if (p.isCancel(password)) {
-			p.cancel("Cancelled");
-			process.exit(0);
-		}
-		const confirm = await p.password({ message: "Confirm password:" });
-		if (p.isCancel(confirm)) {
-			p.cancel("Cancelled");
-			process.exit(0);
-		}
-		if (password !== confirm) {
-			p.log.error("Passwords do not match");
-			process.exit(1);
-		}
+		const password = await promptPassword();
 		const spinner = p.spinner();
 		spinner.start("Hashing password...");
-		const passwordHash = await bcrypt.hash(password, 10);
+		const passwordHash = await hashPassword(password);
 		spinner.stop("Password hashed");
-		if (args.local) {
-			setDevVar("PASSWORD_HASH", passwordHash);
-			p.outro("PASSWORD_HASH written to .dev.vars");
-		} else {
-			spinner.start("Setting PASSWORD_HASH via wrangler...");
-			try {
-				await setSecret("PASSWORD_HASH", passwordHash);
-				spinner.stop("PASSWORD_HASH set successfully");
-				p.outro("Done!");
-			} catch (error) {
-				spinner.stop("Failed to set PASSWORD_HASH");
-				p.log.error(String(error));
-				process.exit(1);
-			}
+		try {
+			await setSecretValue("PASSWORD_HASH", passwordHash, args.local);
+			p.outro(args.local ? "PASSWORD_HASH written to .dev.vars" : "Done!");
+		} catch (error) {
+			p.log.error(String(error));
+			process.exit(1);
 		}
 	}
 });
@@ -240,31 +284,17 @@ const keyCommand = defineCommand({
 		p.intro("Generate Signing Keypair");
 		const spinner = p.spinner();
 		spinner.start("Generating secp256k1 keypair...");
-		const keypair = await Secp256k1Keypair.create({ exportable: true });
-		const privateKeyJwk = await keypair.export();
-		const publicKeyMultibase = keypair.did().replace("did:key:", "");
+		const { privateKey, publicKey } = await generateSigningKeypair();
 		spinner.stop("Keypair generated");
-		const privateKeyJson = JSON.stringify(privateKeyJwk);
-		if (args.local) {
-			setDevVar("SIGNING_KEY", privateKeyJson);
-			setDevVar("SIGNING_KEY_PUBLIC", publicKeyMultibase);
-			p.outro("SIGNING_KEY and SIGNING_KEY_PUBLIC written to .dev.vars");
-		} else {
-			spinner.start("Setting SIGNING_KEY via wrangler secret...");
-			try {
-				await setSecret("SIGNING_KEY", privateKeyJson);
-				spinner.stop("SIGNING_KEY set");
-				spinner.start("Setting SIGNING_KEY_PUBLIC in wrangler.jsonc...");
-				setVar("SIGNING_KEY_PUBLIC", publicKeyMultibase);
-				spinner.stop("SIGNING_KEY_PUBLIC set");
-				p.outro("Done!");
-			} catch (error) {
-				spinner.stop("Failed");
-				p.log.error(String(error));
-				process.exit(1);
-			}
+		try {
+			await setSecretValue("SIGNING_KEY", privateKey, args.local);
+			setPublicVar("SIGNING_KEY_PUBLIC", publicKey, args.local);
+			p.log.info("Public key (for DID document): " + publicKey);
+			p.outro(args.local ? "SIGNING_KEY and SIGNING_KEY_PUBLIC written to .dev.vars" : "Done!");
+		} catch (error) {
+			p.log.error(String(error));
+			process.exit(1);
 		}
-		p.log.info("Public key (for DID document): " + publicKeyMultibase);
 	}
 });
 
@@ -295,10 +325,20 @@ const secretCommand = defineCommand({
 */
 function runWranglerTypes() {
 	return new Promise((resolve$1, reject) => {
-		const child = spawn("wrangler", ["types"], { stdio: "inherit" });
+		const child = spawn("wrangler", ["types"], { stdio: "pipe" });
+		let output = "";
+		child.stdout?.on("data", (data) => {
+			output += data.toString();
+		});
+		child.stderr?.on("data", (data) => {
+			output += data.toString();
+		});
 		child.on("close", (code) => {
 			if (code === 0) resolve$1();
-			else reject(/* @__PURE__ */ new Error(`wrangler types failed with code ${code}`));
+			else {
+				if (output) console.error(output);
+				reject(/* @__PURE__ */ new Error(`wrangler types failed with code ${code}`));
+			}
 		});
 		child.on("error", reject);
 	});
@@ -366,72 +406,45 @@ const initCommand = defineCommand({
 		if (isProduction) {
 			authToken = await getOrGenerateSecret("AUTH_TOKEN", devVars, async () => {
 				spinner.start("Generating auth token...");
-				const token = randomBytes(32).toString("base64url");
+				const token = generateAuthToken();
 				spinner.stop("Auth token generated");
 				return token;
 			});
 			signingKey = await getOrGenerateSecret("SIGNING_KEY", devVars, async () => {
 				spinner.start("Generating signing keypair...");
-				const keypair = await Secp256k1Keypair.create({ exportable: true });
-				const key = JSON.stringify(await keypair.export());
+				const { privateKey } = await generateSigningKeypair();
 				spinner.stop("Signing keypair generated");
-				return key;
+				return privateKey;
 			});
-			signingKeyPublic = (await Secp256k1Keypair.import(JSON.parse(signingKey))).did().replace("did:key:", "");
+			signingKeyPublic = await derivePublicKey(signingKey);
 			jwtSecret = await getOrGenerateSecret("JWT_SECRET", devVars, async () => {
 				spinner.start("Generating JWT secret...");
-				const secret = randomBytes(32).toString("base64");
+				const secret = generateJwtSecret();
 				spinner.stop("JWT secret generated");
 				return secret;
 			});
 			passwordHash = await getOrGenerateSecret("PASSWORD_HASH", devVars, async () => {
-				const password = await p.password({ message: "Account password:" });
-				if (p.isCancel(password)) {
-					p.cancel("Cancelled");
-					process.exit(0);
-				}
-				const confirm = await p.password({ message: "Confirm password:" });
-				if (p.isCancel(confirm)) {
-					p.cancel("Cancelled");
-					process.exit(0);
-				}
-				if (password !== confirm) {
-					p.log.error("Passwords do not match");
-					process.exit(1);
-				}
+				const password = await promptPassword();
 				spinner.start("Hashing password...");
-				const hash = await bcrypt.hash(password, 10);
+				const hash = await hashPassword(password);
 				spinner.stop("Password hashed");
 				return hash;
 			});
 		} else {
-			const password = await p.password({ message: "Account password:" });
-			if (p.isCancel(password)) {
-				p.cancel("Cancelled");
-				process.exit(0);
-			}
-			const confirm = await p.password({ message: "Confirm password:" });
-			if (p.isCancel(confirm)) {
-				p.cancel("Cancelled");
-				process.exit(0);
-			}
-			if (password !== confirm) {
-				p.log.error("Passwords do not match");
-				process.exit(1);
-			}
+			const password = await promptPassword();
 			spinner.start("Hashing password...");
-			passwordHash = await bcrypt.hash(password, 10);
+			passwordHash = await hashPassword(password);
 			spinner.stop("Password hashed");
 			spinner.start("Generating JWT secret...");
-			jwtSecret = randomBytes(32).toString("base64");
+			jwtSecret = generateJwtSecret();
 			spinner.stop("JWT secret generated");
 			spinner.start("Generating auth token...");
-			authToken = randomBytes(32).toString("base64url");
+			authToken = generateAuthToken();
 			spinner.stop("Auth token generated");
 			spinner.start("Generating signing keypair...");
-			const keypair = await Secp256k1Keypair.create({ exportable: true });
-			signingKey = JSON.stringify(await keypair.export());
-			signingKeyPublic = keypair.did().replace("did:key:", "");
+			const keypair = await generateSigningKeypair();
+			signingKey = keypair.privateKey;
+			signingKeyPublic = keypair.publicKey;
 			spinner.stop("Signing keypair generated");
 		}
 		spinner.start("Updating wrangler.jsonc...");
@@ -442,29 +455,14 @@ const initCommand = defineCommand({
 			SIGNING_KEY_PUBLIC: signingKeyPublic
 		});
 		spinner.stop("wrangler.jsonc updated");
-		if (isProduction) {
-			spinner.start("Setting AUTH_TOKEN...");
-			await setSecret("AUTH_TOKEN", authToken);
-			spinner.stop("AUTH_TOKEN set");
-			spinner.start("Setting SIGNING_KEY...");
-			await setSecret("SIGNING_KEY", signingKey);
-			spinner.stop("SIGNING_KEY set");
-			spinner.start("Setting JWT_SECRET...");
-			await setSecret("JWT_SECRET", jwtSecret);
-			spinner.stop("JWT_SECRET set");
-			spinner.start("Setting PASSWORD_HASH...");
-			await setSecret("PASSWORD_HASH", passwordHash);
-			spinner.stop("PASSWORD_HASH set");
-		} else {
-			spinner.start("Writing secrets to .dev.vars...");
-			writeDevVars({
-				AUTH_TOKEN: authToken,
-				SIGNING_KEY: signingKey,
-				JWT_SECRET: jwtSecret,
-				PASSWORD_HASH: passwordHash
-			});
-			spinner.stop("Secrets written to .dev.vars");
-		}
+		const local = !isProduction;
+		if (isProduction) spinner.start("Deploying secrets to Cloudflare...");
+		else spinner.start("Writing secrets to .dev.vars...");
+		await setSecretValue("AUTH_TOKEN", authToken, local);
+		await setSecretValue("SIGNING_KEY", signingKey, local);
+		await setSecretValue("JWT_SECRET", jwtSecret, local);
+		await setSecretValue("PASSWORD_HASH", passwordHash, local);
+		spinner.stop(isProduction ? "Secrets deployed" : "Secrets written to .dev.vars");
 		spinner.start("Generating TypeScript types...");
 		try {
 			await runWranglerTypes();

package/dist/index.d.ts

@@ -79,6 +79,14 @@ declare class SqliteRepoStorage extends ReadableBlockstore implements RepoStorag
    * Count the number of blocks stored.
    */
   countBlocks(): Promise<number>;
+  /**
+   * Get user preferences.
+   */
+  getPreferences(): Promise<unknown[]>;
+  /**
+   * Update user preferences.
+   */
+  putPreferences(preferences: unknown[]): Promise<void>;
 }
 //#endregion
 //#region src/blobs.d.ts
@@ -310,6 +318,16 @@ declare class AccountDurableObject extends DurableObject<PDSEnv> {
    * WebSocket error handler (hibernation API).
    */
   webSocketError(_ws: WebSocket, error: Error): void;
+  /**
+   * RPC method: Get user preferences
+   */
+  rpcGetPreferences(): Promise<{
+    preferences: unknown[];
+  }>;
+  /**
+   * RPC method: Put user preferences
+   */
+  rpcPutPreferences(preferences: unknown[]): Promise<void>;
   /**
    * Emit an identity event to notify downstream services to refresh identity cache.
    */

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","names":[],"sources":["../src/storage.ts","../src/blobs.ts","../src/types.ts","../src/account-do.ts","../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;AAUA;AAI0B,cAJb,iBAAA,SACJ,kBAAA,YACG,WAEc,CAAA;EA6CA,QAAA,GAAA;EAAR,WAAA,CAAA,GAAA,EA7CQ,UA6CR;EAaD;;;EA4BI,UAAA,CAAA,CAAA,EAAA,IAAA;EAAc;;;EAcb,OAAA,CAAA,CAAA,EAvDJ,OAuDI,CAvDI,GAuDJ,GAAA,IAAA,CAAA;EAUC;;;EAAQ,MAAA,CAAA,CAAA,EApDd,OAoDc,CAAA,MAAA,GAAA,IAAA,CAAA;EAmBV;;;EAYE,MAAA,CAAA,CAAA,EAzEN,OAyEM,CAAA,MAAA,CAAA;EAAwB;;;EA+BpB,OAAA,CAAA,CAAA,EA9FT,OA8FS,CAAA,MAAA,CAAA;EAAa;;;EAuDlB,QAAA,CAAA,GAAA,EA7ID,GA6IC,CAAA,EA7IK,OA6IL,CA7Ia,UA6Ib,GAAA,IAAA,CAAA;EAtOb;;;WAuGO,MAAM;;;AC/GtB;kBDyHuB,QAAQ;YAAkB;aAAmB;EEpHnD,CAAA,CAAA;EAkBgB;;;EAEhB,QAAA,CAAA,GAAA,EFmHI,GEnHJ,EAAA,KAAA,EFmHgB,UEnHhB,EAAA,GAAA,EAAA,MAAA,CAAA,EFmH0C,OEnH1C,CAAA,IAAA,CAAA;;;;ECIJ,OAAA,CAAA,MAAA,EH2HU,QG3HW,EAAA,GAAA,EAAA,MAAA,CAAA,EH2Ha,OG3Hb,CAAA,IAAA,CAAA;EAAsB;;;EA2E3B,UAAA,CAAA,GAAA,EHoEN,GGpEM,EAAA,GAAA,EAAA,MAAA,CAAA,EHoEa,OGpEb,CAAA,IAAA,CAAA;EAAR;;;EAgBQ,WAAA,CAAA,MAAA,EH+DF,UG/DE,CAAA,EH+DW,OG/DX,CAAA,IAAA,CAAA;EAAR;;;EAeK,WAAA,CAAA,CAAA,EHmFJ,OGnFI,CAAA,MAAA,CAAA;EA+BhB;;;EAoCN,OAAA,CAAA,CAAA,EH0Bc,OG1Bd,CAAA,IAAA,CAAA;EA2CA;;;EAgOM,WAAA,CAAA,CAAA,EHvOY,OGuOZ,CAAA,MAAA,CAAA;;;;UFrdO,OAAA;;;;;;;ADOjB;;;;;;;UEFiB,MAAA;EFEJ;EAIa,GAAA,EAAA,MAAA;EA6CA;EAAR,MAAA,EAAA,MAAA;EAaD;EAUA,YAAA,EAAA,MAAA;EAUC;EAQG,UAAA,EAAA,MAAA;EAAc;EAAR,WAAA,EAAA,MAAA;EAcX;EAAM,kBAAA,EAAA,MAAA;EAUC;EAA0B,UAAA,EAAA,MAAA;EAAmB;EAArC,aAAA,EAAA,MAAA;EAmBV;EAAY,OAAA,EErHvB,sBFqHuB,CErHA,oBFqHA,CAAA;EAA0B;EAYpC,KAAA,CAAA,EE/Hd,QF+Hc;;;;;;AAjJvB;;;;;;;AA0FqB,cGpER,oBAAA,SAA6B,aHoErB,CGpEmC,MHoEnC,CAAA,CAAA;EAAc,QAAA,OAAA;EAAR,QAAA,IAAA;EAcX,QAAA,OAAA;EAAM,QAAA,SAAA;EAUC,QAAA,SAAA;EAA0B,QAAA,kBAAA;EAAmB,QAAA,eAAA;EAArC,WAAA,CAAA,GAAA,EGnFb,kBHmFa,EAAA,GAAA,EGnFY,MHmFZ;EAmBV;;;EAYE,QAAA,wBAAA;EAAwB;;;EA+BpB,QAAA,qBAAA;EAAa;;;EAuDlB,UAAA,CAAA,CAAA,EGtID,OHsIC,CGtIO,iBHsIP,CAAA;EAtOb;;;aGwGS,QAAQ;;;AFhH1B;gBEwHqB,QAAQ;;;ADnH7B;EAkBiC,OAAA,CAAA,IAAA,ECyGZ,IDzGY,CAAA,ECyGL,ODzGK,CAAA,IAAA,CAAA;EAAvB;;;qBCgHgB;;;IA1Gb,GAAA,EAAA,MAAA;EAA2C,CAAA,CAAA;EAStC;;;EAkEG,YAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,CAAA,EA4DjB,OA5DiB,CAAA;IAQK,GAAA,EAAA,MAAA;IAAR,MAAA,EAsDR,GAAA,CAAI,YAtDI,CAAA,GAAA,CAAA;EAQW,CAAA,GAAA,IAAA,CAAA;EAAR;;;EAeK,cAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA;IA+BZ,KAAA,EAAA,MAAA;IAFV,MAAA,CAAA,EAAA,MAAA;IAuCO,OAAA,CAAA,EAAA,OAAA;EADP,CAAA,CAAA,EAAA,OAAA,CAAA;IA2CA,OAAA,EA1CO,KA0CP,CAAA;MA6EA,GAAA,EAAA,MAAA;MA8DA,GAAA,EAAA,MAAA;MAqFM,KAAA,EAAA,OAAA;IAQC,CAAA,CAAA;IAFP,MAAA,CAAA,EAAA,MAAA;EAgKuB,CAAA,CAAA;EAgBK;;;EA8BY,eAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,GAAA,SAAA,EAAA,MAAA,EAAA,OAAA,CAAA,EApbxC,OAobwC,CAAA;IAgDhB,GAAA,EAAA,MAAA;IAAuC,GAAA,EAAA,MAAA;IAAR,MAAA,EAAA;MAmBhB,GAAA,EAAA,MAAA;MAAR,GAAA,EAAA,MAAA;IAwGG,CAAA;EAAkB,CAAA,CAAA;EAAR;;;EA8CzC,eAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,CAAA,EAhkBH,OAgkBG,CAAA;IAWuB,MAAA,EAAA;MAAkB,GAAA,EAAA,MAAA;MAOH,GAAA,EAAA,MAAA;IAmDd,CAAA;EAAkB,CAAA,GAAA,IAAA,CAAA;EAAR;;;mEAvkBrC;;;ICpUE,MAAsC,EAAA;MAAX,GAAA,EAAA,MAAA;MAAM,GAAA,EAAA,MAAA;IAA9B,CAAA;IAAA,gBAAA,EAAA,MAAA;;;;;yBDyZC;;;;;OAMN;;;;;aAEO;;;;;;;;;;sBA8JgB;;;;;;;;mBAgBH,QAAQ;;;;;;0BA8BD,aAAa;;;;;;;;uBAgDhB,+BAA+B,QAAQ;;;;8BAmBhC,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;iCAwGL,UAAU,QAAQ;;;;wBAoCjD,8BACc;;;;sBASd;;;;sBAWuB,kBAAkB;;;;wCAOH;;;;;;;iBAmDd,UAAU,QAAQ;;;;cC34B3C,KAAG;YAAwB;GAAM,WAAA,CAAA,WAAA"}
+{"version":3,"file":"index.d.ts","names":[],"sources":["../src/storage.ts","../src/blobs.ts","../src/types.ts","../src/account-do.ts","../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;AAUA;AAI0B,cAJb,iBAAA,SACJ,kBAAA,YACG,WAEc,CAAA;EAsDA,QAAA,GAAA;EAAR,WAAA,CAAA,GAAA,EAtDQ,UAsDR;EAaD;;;EA4BI,UAAA,CAAA,CAAA,EAAA,IAAA;EAAc;;;EAcb,OAAA,CAAA,CAAA,EAvDJ,OAuDI,CAvDI,GAuDJ,GAAA,IAAA,CAAA;EAUC;;;EAAQ,MAAA,CAAA,CAAA,EApDd,OAoDc,CAAA,MAAA,GAAA,IAAA,CAAA;EAmBV;;;EAYE,MAAA,CAAA,CAAA,EAzEN,OAyEM,CAAA,MAAA,CAAA;EAAwB;;;EA+BpB,OAAA,CAAA,CAAA,EA9FT,OA8FS,CAAA,MAAA,CAAA;EAAa;;;EAuDlB,QAAA,CAAA,GAAA,EA7ID,GA6IC,CAAA,EA7IK,OA6IL,CA7Ia,UA6Ib,GAAA,IAAA,CAAA;EAUG;;;EAxPb,GAAA,CAAA,GAAA,EA+GI,GA/GJ,CAAA,EA+GU,OA/GV,CAAA,OAAA,CAAA;EAAW;;;kBAyHA,QAAQ;IClId,MAAO,EDkIyB,QClIzB;aDkI4C;;;AE9HpE;;EAkBU,QAAA,CAAA,GAAA,EF+HW,GE/HX,EAAA,KAAA,EF+HuB,UE/HvB,EAAA,GAAA,EAAA,MAAA,CAAA,EF+HiD,OE/HjD,CAAA,IAAA,CAAA;EAED;;;kBFyIc,wBAAwB;;AGpI/C;;EASkB,UAAA,CAAA,GAAA,EH+IK,GG/IL,EAAA,GAAA,EAAA,MAAA,CAAA,EH+IwB,OG/IxB,CAAA,IAAA,CAAA;EAAyB;;;EA0EjB,WAAA,CAAA,MAAA,EHgFC,UGhFD,CAAA,EHgFc,OGhFd,CAAA,IAAA,CAAA;EAAR;;;EAgBG,WAAA,CAAA,CAAA,EHmGC,OGnGD,CAAA,MAAA,CAAA;EAAO;;;EAoCxB,OAAA,CAAA,CAAA,EHyEc,OGzEd,CAAA,IAAA,CAAA;EAuCO;;;EAuHP,WAAA,CAAA,CAAA,EH3EkB,OG2ElB,CAAA,MAAA,CAAA;EA8DA;;;EA2FA,cAAA,CAAA,CAAA,EH1NqB,OG0NrB,CAAA,OAAA,EAAA,CAAA;EAgKuB;;;EA8CI,cAAA,CAAA,WAAA,EAAA,OAAA,EAAA,CAAA,EHtZgB,OGsZhB,CAAA,IAAA,CAAA;;;;UFzqBd,OAAA;;;;;;;ADOjB;;;;;;;UEHiB,MAAA;;EFGJ,GAAA,EAAA,MAAA;EAIa;EAsDA,MAAA,EAAA,MAAA;EAAR;EAaD,YAAA,EAAA,MAAA;EAUA;EAUC,UAAA,EAAA,MAAA;EAQG;EAAc,WAAA,EAAA,MAAA;EAAR;EAcX,kBAAA,EAAA,MAAA;EAAM;EAUC,UAAA,EAAA,MAAA;EAA0B;EAAmB,aAAA,EAAA,MAAA;EAArC;EAmBV,OAAA,EE/HX,sBF+HW,CE/HY,oBF+HZ,CAAA;EAAY;EAA0B,KAAA,CAAA,EE7HlD,QF6HkD;;;;;;AA9I3D;;;;;;;AAmGqB,cG7ER,oBAAA,SAA6B,aH6ErB,CG7EmC,MH6EnC,CAAA,CAAA;EAAc,QAAA,OAAA;EAAR,QAAA,IAAA;EAcX,QAAA,OAAA;EAAM,QAAA,SAAA;EAUC,QAAA,SAAA;EAA0B,QAAA,kBAAA;EAAmB,QAAA,eAAA;EAArC,WAAA,CAAA,GAAA,EG5Fb,kBH4Fa,EAAA,GAAA,EG5FY,MH4FZ;EAmBV;;;EAYE,QAAA,wBAAA;EAAwB;;;EA+BpB,QAAA,qBAAA;EAAa;;;EAuDlB,UAAA,CAAA,CAAA,EG/ID,OH+IC,CG/IO,iBH+IP,CAAA;EAUG;;;EAxPb,OAAA,CAAA,CAAA,EGuGM,OHvGN,CGuGc,IHvGd,CAAA;EAAW;;;gBG+GF,QAAQ;EFxHZ;;;gBEgII,OAAO;ED5HX;;;EAoBR,eAAA,CAAA,CAAA,EC+GiB,OD/GjB,CAAA;IAAQ,GAAA,EAAA,MAAA;;;;ECKJ;;;EAS8B,YAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,CAAA,EA8HvC,OA9HuC,CAAA;IAkEd,GAAA,EAAA,MAAA;IAAR,MAAA,EA8DX,GAAA,CAAI,YA9DO,CAAA,GAAA,CAAA;EAQK,CAAA,GAAA,IAAA,CAAA;EAAR;;;EAgBG,cAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA;IAAO,KAAA,EAAA,MAAA;IAOF,MAAA,CAAA,EAAA,MAAA;IA+BZ,OAAA,CAAA,EAAA,OAAA;EAFV,CAAA,CAAA,EAsCA,OAtCA,CAAA;IAuCO,OAAA,EAAA,KAAA,CAAA;MADP,GAAA,EAAA,MAAA;MA2CA,GAAA,EAAA,MAAA;MA6EA,KAAA,EAAA,OAAA;IA8DA,CAAA,CAAA;IAqFM,MAAA,CAAA,EAAA,MAAA;EAQC,CAAA,CAAA;EAFP;;;EAgLoB,eAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,GAAA,SAAA,EAAA,MAAA,EAAA,OAAA,CAAA,EAtZpB,OAsZoB,CAAA;IA8BO,GAAA,EAAA,MAAA;IAAa,GAAA,EAAA,MAAA;IAgDhB,MAAA,EAAA;MAAuC,GAAA,EAAA,MAAA;MAAR,GAAA,EAAA,MAAA;IAmBhB,CAAA;EAAR,CAAA,CAAA;EAwGG;;;EAoC/B,eAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,CAAA,EAtjBH,OAsjBG,CAAA;IACc,MAAA,EAAA;MASd,GAAA,EAAA,MAAA;MAWuB,GAAA,EAAA,MAAA;IAAkB,CAAA;EAOpB,CAAA,GAAA,IAAA,CAAA;EASsB;;;EA2DD,YAAA,CAAA,UAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,EAAA,MAAA,EAAA,OAAA,CAAA,EAxlB7C,OAwlB6C,CAAA;IAAR,GAAA,EAAA,MAAA;IA37BC,GAAA,EAAA,MAAA;IAAa,MAAA,EAAA;;;;ICkCjD,gBAAsC,EAAA,MAAA;EAAX,CAAA,CAAA;EAAM;;;yBDsZ7B;;;;;OAMN;;;;;aAEO;;;;;;;;;;sBA8JgB;;;;;;;;mBAgBH,QAAQ;;;;;;0BA8BD,aAAa;;;;;;;;uBAgDhB,+BAA+B,QAAQ;;;;8BAmBhC,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;iCAwGL,UAAU,QAAQ;;;;wBAoCjD,8BACc;;;;sBASd;;;;sBAWuB,kBAAkB;;;;uBAOpB;;;;;;6CASsB;;;;wCAQL;;;;;;;iBAmDd,UAAU,QAAQ;;;;cCz5B3C,KAAG;YAAwB;GAAM,WAAA,CAAA,WAAA"}