@authenticdoc/sdk 0.1.1

package/LICENSE

@@ -0,0 +1,10 @@
+PROPRIETARY LICENSE — PLACEHOLDER
+
+Copyright (c) 2026 Illuminodes. All rights reserved.
+
+This source code is proprietary and confidential. Unauthorized copying,
+distribution, modification, or use of this code, via any medium, is strictly
+prohibited without express written permission from the copyright holder.
+
+This file is a placeholder. A definitive license will be selected and applied
+before any public release.

package/README.md

@@ -0,0 +1,130 @@
+# @authenticdoc/sdk
+
+TypeScript/WASM bindings for the
+[authenticdoc-sdk](https://gitlab.illuminodes.com/authenticdoc/sdk) Rust crypto
+library. The cryptography (secp256k1, NIP-44, nahui AEAD, Nostr event shaping)
+runs in WebAssembly compiled from the **same Rust core** the
+[Go SDK](https://gitlab.illuminodes.com/authenticdoc/go-sdk) binds to — so the
+on-the-wire JSON shapes are identical across all three languages.
+
+Runs in **the browser and in Node 20+** from a single artifact.
+
+## Status
+
+v0.1.0 — keypairs, templates, multi-party signing envelopes, identity helpers,
+badge issuance/verification, and generic note signing.
+
+## Install
+
+```
+npm install @authenticdoc/sdk
+```
+
+## Usage
+
+The WASM module loads asynchronously, so call `init()` once before anything
+else.
+
+```ts
+import { init, Keypair, Template, Envelope } from "@authenticdoc/sdk";
+
+await init();
+
+// Author and sign a template.
+const author = Keypair.generate();
+const template = Template.create("Service Agreement", "<contract body>");
+const signed = template.sign(author);
+signed.verify();
+
+// Multi-party envelope: each participant signs, the owner finalizes.
+const alice = Keypair.generate();
+const bob = Keypair.generate();
+const relay = "wss://relay.example.com";
+
+const envelope = Envelope.create(template, [
+  { role: "signer", pubkey: alice.pubkey, relay },
+  { role: "signer", pubkey: bob.pubkey, relay },
+]);
+
+const aliceSig = envelope.createParticipantSig(alice);
+const bobSig = envelope.createParticipantSig(bob);
+const finalized = envelope.addParticipantSigsAsOwner(alice, [aliceSig, bobSig]);
+
+finalized.verifyAllParticipantSigs(bob); // throws on any bad signature
+```
+
+This crate is a **primitives library**, not a turn-key client. It encrypts,
+signs, verifies and shapes Nostr events; it does not own a relay connection or
+an HTTP client. Publish the resulting notes (`template.json` / `envelope.json`)
+to your relays with whatever transport you already have.
+
+## Building from source
+
+The package builds its WASM from the `authenticdoc-sdk` source (the
+`bindings/wasm` crate), pinned as the `vendor/authenticdoc-sdk` git submodule.
+Requires the Rust toolchain with the `wasm32-unknown-unknown` target and
+[`wasm-pack`](https://rustwasm.github.io/wasm-pack/).
+
+```sh
+git clone --recurse-submodules <this repo>
+# or, after a plain clone:
+git submodule update --init
+
+npm ci
+npm run build      # build wasm + compile TS into dist/
+npm test           # build, then run the Node smoke tests
+```
+
+The build resolves the SDK source in this order: `$AUTHENTICDOC_SDK_DIR`, the
+`vendor/authenticdoc-sdk` submodule, then a sibling `../authenticdoc-sdk`
+checkout (handy for local dev against an unpinned SDK).
+
+## Releases
+
+Tagging a commit `vX.Y.Z` (matching `package.json`'s version) triggers CI to
+build and publish `@authenticdoc/sdk` to the **public npm registry**. See
+`.gitlab-ci.yml`.
+
+### One-time CI setup
+
+The runner authenticates to npm with a token stored as a CI variable — no
+`npm login` on the runner.
+
+> npm's **Trusted Publishing** (OIDC, no token) is *not* available here: it
+> only supports GitHub Actions, CircleCI, and **GitLab.com SaaS** runners — not
+> self-hosted GitLab instances or self-hosted runners. So we use a scoped,
+> expiring token.
+
+1. **Create a npm Granular Access Token.** npmjs.com → Access Tokens → Generate
+   New Token → **Granular Access Token**. Set an expiry (e.g. 90 days),
+   **Read and write**, restricted to the `@authenticdoc` scope. (Granular and
+   classic "Automation" tokens bypass 2FA, which CI requires; a classic
+   "Publish" token does not and will hang in CI. Prefer granular — it's scoped
+   and expiring, which is what npm recommends when Trusted Publishing is
+   unavailable.) Rotate it before expiry.
+2. **Add it to GitLab CI.** Project → Settings → CI/CD → Variables → Add:
+   - Key `NPM_TOKEN`, value the `npm_…` token, **Masked** and **Protected**.
+3. **Protect the release tags.** Settings → Repository → Protected tags → add
+   `v*`. Protected CI variables are only exposed on protected refs, so without
+   this the token would be empty in the tag pipeline and publish fails with
+   `ENEEDAUTH`.
+
+The committed `.npmrc` reads `${NPM_TOKEN}` at publish time. To cut a release:
+
+```sh
+# bump version in package.json, commit, then:
+git tag -a vX.Y.Z -m "Release vX.Y.Z"
+git push origin vX.Y.Z   # CI verifies tag == package.json version, then publishes
+```
+
+## Architecture
+
+```
+authenticdoc-sdk (Rust core, pure compute)
+  ├── bindings/ffi   → C ABI  → Go SDK (cgo)
+  └── bindings/wasm  → wasm-bindgen → this package (browser + Node)
+```
+
+The wasm bindings mirror the FFI surface (JSON in / JSON out), with two
+WASM-native improvements: keypairs are real JS objects (no integer handle
+table, no lock), and errors surface as thrown exceptions.

package/dist/index.d.ts

@@ -0,0 +1,173 @@
+/**
+ * @authenticdoc/sdk — TypeScript/WASM bindings for the authenticdoc-sdk Rust
+ * crypto library.
+ *
+ * The heavy lifting (secp256k1, NIP-44, nahui AEAD, Nostr event shaping) runs
+ * in WebAssembly compiled from the same Rust core the Go SDK binds to, so the
+ * JSON shapes are identical across languages.
+ *
+ * ## Usage
+ *
+ * ```ts
+ * import { init, Keypair, Template, Envelope } from "@authenticdoc/sdk";
+ *
+ * await init(); // load the wasm module once, before anything else
+ *
+ * const alice = Keypair.generate();
+ * const tpl = Template.create("Service Agreement", "<body>");
+ * const signed = tpl.sign(alice);
+ * signed.verify();
+ * ```
+ */
+import * as wasm from "./wasm/authenticdoc.js";
+import type { DecodedDataUrl, Envelope as EnvelopeJson, EnvelopeParticipant, EnvelopeSignature, NostrNote, Template as TemplateJson } from "./types.js";
+export type { DecodedDataUrl, EnvelopeParticipant, EnvelopeRole, EnvelopeSignature, NostrNote, } from "./types.js";
+/**
+ * Load and instantiate the WASM module. Must be awaited once before using any
+ * other export. Idempotent — subsequent calls resolve immediately.
+ *
+ * @param input Optional override for the `.wasm` location (a URL, Request,
+ *   Response, or bytes). Defaults to the `.wasm` shipped next to the glue,
+ *   which works out of the box in Node and most bundlers.
+ */
+export declare function init(input?: string | URL | Request | Response | BufferSource | WebAssembly.Module): Promise<void>;
+/**
+ * A secp256k1 keypair. The secret key never leaves WASM memory — this object
+ * is an opaque handle. Call {@link Keypair.free} when done, or use
+ * `using kp = Keypair.generate()` for automatic disposal.
+ */
+export declare class Keypair {
+    /** @internal */
+    readonly inner: wasm.Keypair;
+    private constructor();
+    /** Generate a fresh extractable keypair. */
+    static generate(): Keypair;
+    /** Load a keypair from a bech32 `nsec1…` string. */
+    static fromNsec(nsec: string): Keypair;
+    /** Load a keypair from a 64-character hex private key. */
+    static fromHex(hex: string): Keypair;
+    /** Load a keypair from a BIP-39 mnemonic phrase (English, 12 or 24 words). */
+    static fromMnemonic(phrase: string): Keypair;
+    /** The hex-encoded public key. */
+    get pubkey(): string;
+    /** Export the bech32 `nsec` (secret material — handle with care). */
+    nsec(): string;
+    /** Export the 24-word BIP-39 mnemonic (secret material — handle with care). */
+    mnemonic(): string;
+    /** Release the underlying WASM keypair (scrubs secret material). */
+    free(): void;
+    [Symbol.dispose](): void;
+}
+/**
+ * A signable document (title, body, UUID) backed by a Nostr parameterized
+ * replaceable event. Methods that mutate return a new {@link Template}; the
+ * wasm core is stateless (JSON in, JSON out).
+ */
+export declare class Template {
+    /** The underlying Nostr note JSON. */
+    readonly json: TemplateJson;
+    private constructor();
+    /** Wrap an existing template JSON object (e.g. one received over the wire). */
+    static fromJson(json: TemplateJson): Template;
+    /** Build a fresh template with a minted UUID. */
+    static create(title: string, body: string): Template;
+    /**
+     * Build a template from raw file bytes, stored as an RFC 2397 data URL.
+     * Pass `id = undefined` or `""` to mint a UUID.
+     */
+    static fromBytes(title: string, mime: string, bytes: Uint8Array, id?: string): Template;
+    private get raw();
+    /** Sign this template with `keypair`, returning the signed template. */
+    sign(keypair: Keypair): Template;
+    /** Verify the template's event id, signature and shape. Throws on failure. */
+    verify(): void;
+    /** The document id (the `d` parameter tag). */
+    documentId(): string;
+    /** The title. */
+    title(): string;
+    /** The body content. */
+    content(): string;
+    /** Read the first value of a custom tag. Throws if absent. */
+    getTag(key: string): string;
+    /** Read the `description` tag. Throws if absent. */
+    description(): string;
+    /** Whether `content` is a base64 data URL (built via {@link fromBytes}). */
+    isDataUrl(): boolean;
+    /** Decode a data-URL `content`. Throws if `content` is not a data URL. */
+    decodeDataUrl(): DecodedDataUrl;
+    /** Add a custom tag, returning the updated template. */
+    addTag(key: string, value: string): Template;
+    /** Set the document id, returning the updated template. */
+    setDocumentId(id: string): Template;
+    /** Set the title, returning the updated template. */
+    setTitle(title: string): Template;
+    /** Add a `description` tag, returning the updated template. */
+    addDescription(description: string): Template;
+}
+/**
+ * A multi-party signing envelope wrapping a {@link Template} with
+ * per-participant key material. Mutating methods return a new {@link Envelope}.
+ */
+export declare class Envelope {
+    /** The underlying Nostr note JSON. */
+    readonly json: EnvelopeJson;
+    private constructor();
+    /** Wrap an existing envelope JSON object (e.g. one received over the wire). */
+    static fromJson(json: EnvelopeJson): Envelope;
+    /** Build a v2 envelope wrapping `template` for `participants`. */
+    static create(template: Template, participants: EnvelopeParticipant[]): Envelope;
+    /**
+     * Build a v2 envelope directly from raw file bytes. Pass `id = undefined` or
+     * `""` to mint a UUID.
+     */
+    static fromBytes(title: string, mime: string, bytes: Uint8Array, participants: EnvelopeParticipant[], id?: string): Envelope;
+    private get raw();
+    /** This keypair's participant signature over the inner document. */
+    createParticipantSig(keypair: Keypair): EnvelopeSignature;
+    /**
+     * Verify a single peer's signature (`peerPubkey` hex), returning it.
+     * `keypair` must be a participant able to decrypt the body.
+     */
+    verifyParticipantSig(keypair: Keypair, peerPubkey: string): EnvelopeSignature;
+    /** Attach signatures via the (non-owner) participant path. */
+    addParticipantSigs(keypair: Keypair, sigs: EnvelopeSignature[]): Envelope;
+    /** Attach signatures via the owner path (idempotent). */
+    addParticipantSigsAsOwner(ownerKeypair: Keypair, sigs: EnvelopeSignature[]): Envelope;
+    /** Verify every participant signature, returning them. */
+    verifyAllParticipantSigs(keypair: Keypair): EnvelopeSignature[];
+    /** Decrypt and return the inner document as a Nostr note. */
+    viewDocument(keypair: Keypair): NostrNote;
+    /** Decrypt the envelope title using a participant keypair. */
+    title(keypair: Keypair): string;
+    /** The envelope's parameter id (matches the wrapped template id). */
+    id(): string;
+    /** The participant list. */
+    participants(): EnvelopeParticipant[];
+    /** The `created_at` timestamp (Unix seconds). */
+    timestamp(): bigint;
+    /** Sign the envelope's outer Nostr event with `keypair`. */
+    sign(keypair: Keypair): Envelope;
+    /** Verify the signed envelope (outer event id + signature + shape). */
+    verify(): void;
+}
+/** Identity-card and badge helpers. */
+export declare const identity: {
+    /** Encode a hex Nostr public key as a bech32 `npub`. */
+    npub(pubkeyHex: string): string;
+    /** Build an unsigned Nostr event from an Identity JSON object. */
+    toEvent(identityJson: unknown): NostrNote;
+    /** Parse a Nostr badge-award event into an Identity JSON object. */
+    fromEvent(note: NostrNote): unknown;
+    /** Wrap a signed inner badge for delivery to a holder. */
+    wrapBadge(signedInner: NostrNote, holderPubkey: string, issuerKeypair: Keypair): NostrNote;
+    /** Unwrap a badge addressed to the holder keypair. */
+    unwrapBadge(outer: NostrNote, holderKeypair: Keypair): unknown;
+    /** Verify a badge was issued by `expectedIssuerPubkey`. Throws on mismatch. */
+    verifyBadge(badge: unknown, expectedIssuerPubkey: string): void;
+};
+/**
+ * Sign any Nostr note with `keypair`. A zero/absent `created_at` is replaced
+ * with the current Unix timestamp before signing.
+ */
+export declare function signNote(note: NostrNote, keypair: Keypair): NostrNote;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAiB,KAAK,IAAI,MAAM,wBAAwB,CAAC;AACzD,OAAO,KAAK,EACV,cAAc,EACd,QAAQ,IAAI,YAAY,EACxB,mBAAmB,EACnB,iBAAiB,EACjB,SAAS,EACT,QAAQ,IAAI,YAAY,EACzB,MAAM,YAAY,CAAC;AAEpB,YAAY,EACV,cAAc,EACd,mBAAmB,EACnB,YAAY,EACZ,iBAAiB,EACjB,SAAS,GACV,MAAM,YAAY,CAAC;AAIpB;;;;;;;GAOG;AACH,wBAAsB,IAAI,CACxB,KAAK,CAAC,EAAE,MAAM,GAAG,GAAG,GAAG,OAAO,GAAG,QAAQ,GAAG,YAAY,GAAG,WAAW,CAAC,MAAM,GAC5E,OAAO,CAAC,IAAI,CAAC,CAcf;AA4BD;;;;GAIG;AACH,qBAAa,OAAO;IAClB,gBAAgB;IAChB,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC;IAE7B,OAAO;IAIP,4CAA4C;IAC5C,MAAM,CAAC,QAAQ,IAAI,OAAO;IAK1B,oDAAoD;IACpD,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAKtC,0DAA0D;IAC1D,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAKpC,8EAA8E;IAC9E,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAK5C,kCAAkC;IAClC,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED,qEAAqE;IACrE,IAAI,IAAI,MAAM;IAId,+EAA+E;IAC/E,QAAQ,IAAI,MAAM;IAIlB,oEAAoE;IACpE,IAAI,IAAI,IAAI;IAIZ,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI;CAGzB;AAID;;;;GAIG;AACH,qBAAa,QAAQ;IACnB,sCAAsC;IACtC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAE5B,OAAO;IAIP,+EAA+E;IAC/E,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,QAAQ;IAI7C,iDAAiD;IACjD,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,QAAQ;IAKpD;;;OAGG;IACH,MAAM,CAAC,SAAS,CACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,UAAU,EACjB,EAAE,CAAC,EAAE,MAAM,GACV,QAAQ;IAOX,OAAO,KAAK,GAAG,GAEd;IAED,wEAAwE;IACxE,IAAI,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ;IAIhC,8EAA8E;IAC9E,MAAM,IAAI,IAAI;IAId,+CAA+C;IAC/C,UAAU,IAAI,MAAM;IAIpB,iBAAiB;IACjB,KAAK,IAAI,MAAM;IAIf,wBAAwB;IACxB,OAAO,IAAI,MAAM;IAIjB,8DAA8D;IAC9D,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM;IAI3B,oDAAoD;IACpD,WAAW,IAAI,MAAM;IAIrB,4EAA4E;IAC5E,SAAS,IAAI,OAAO;IAIpB,0EAA0E;IAC1E,aAAa,IAAI,cAAc;IAI/B,wDAAwD;IACxD,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,QAAQ;IAI5C,2DAA2D;IAC3D,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,QAAQ;IAInC,qDAAqD;IACrD,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,QAAQ;IAIjC,+DAA+D;IAC/D,cAAc,CAAC,WAAW,EAAE,MAAM,GAAG,QAAQ;CAK9C;AAID;;;GAGG;AACH,qBAAa,QAAQ;IACnB,sCAAsC;IACtC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAE5B,OAAO;IAIP,+EAA+E;IAC/E,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,QAAQ;IAI7C,kEAAkE;IAClE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,mBAAmB,EAAE,GAAG,QAAQ;IAYhF;;;OAGG;IACH,MAAM,CAAC,SAAS,CACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,UAAU,EACjB,YAAY,EAAE,mBAAmB,EAAE,EACnC,EAAE,CAAC,EAAE,MAAM,GACV,QAAQ;IAeX,OAAO,KAAK,GAAG,GAEd;IAED,oEAAoE;IACpE,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,iBAAiB;IAMzD;;;OAGG;IACH,oBAAoB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,GAAG,iBAAiB;IAM7E,8DAA8D;IAC9D,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,GAAG,QAAQ;IAYzE,yDAAyD;IACzD,yBAAyB,CACvB,YAAY,EAAE,OAAO,EACrB,IAAI,EAAE,iBAAiB,EAAE,GACxB,QAAQ;IAYX,0DAA0D;IAC1D,wBAAwB,CAAC,OAAO,EAAE,OAAO,GAAG,iBAAiB,EAAE;IAM/D,6DAA6D;IAC7D,YAAY,CAAC,OAAO,EAAE,OAAO,GAAG,SAAS;IAIzC,8DAA8D;IAC9D,KAAK,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM;IAI/B,qEAAqE;IACrE,EAAE,IAAI,MAAM;IAIZ,4BAA4B;IAC5B,YAAY,IAAI,mBAAmB,EAAE;IAIrC,iDAAiD;IACjD,SAAS,IAAI,MAAM;IAInB,4DAA4D;IAC5D,IAAI,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ;IAIhC,uEAAuE;IACvE,MAAM,IAAI,IAAI;CAGf;AAID,uCAAuC;AACvC,eAAO,MAAM,QAAQ;IACnB,wDAAwD;oBACxC,MAAM,GAAG,MAAM;IAI/B,kEAAkE;0BAC5C,OAAO,GAAG,SAAS;IAIzC,oEAAoE;oBACpD,SAAS,GAAG,OAAO;IAInC,0DAA0D;2BAE3C,SAAS,gBACR,MAAM,iBACL,OAAO,GACrB,SAAS;IAUZ,sDAAsD;uBACnC,SAAS,iBAAiB,OAAO,GAAG,OAAO;IAM9D,+EAA+E;uBAC5D,OAAO,wBAAwB,MAAM,GAAG,IAAI;CAGhE,CAAC;AAIF;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,GAAG,SAAS,CAErE"}

package/dist/index.js

@@ -0,0 +1,319 @@
+/**
+ * @authenticdoc/sdk — TypeScript/WASM bindings for the authenticdoc-sdk Rust
+ * crypto library.
+ *
+ * The heavy lifting (secp256k1, NIP-44, nahui AEAD, Nostr event shaping) runs
+ * in WebAssembly compiled from the same Rust core the Go SDK binds to, so the
+ * JSON shapes are identical across languages.
+ *
+ * ## Usage
+ *
+ * ```ts
+ * import { init, Keypair, Template, Envelope } from "@authenticdoc/sdk";
+ *
+ * await init(); // load the wasm module once, before anything else
+ *
+ * const alice = Keypair.generate();
+ * const tpl = Template.create("Service Agreement", "<body>");
+ * const signed = tpl.sign(alice);
+ * signed.verify();
+ * ```
+ */
+import wasmInit, * as wasm from "./wasm/authenticdoc.js";
+let initialized = false;
+/**
+ * Load and instantiate the WASM module. Must be awaited once before using any
+ * other export. Idempotent — subsequent calls resolve immediately.
+ *
+ * @param input Optional override for the `.wasm` location (a URL, Request,
+ *   Response, or bytes). Defaults to the `.wasm` shipped next to the glue,
+ *   which works out of the box in Node and most bundlers.
+ */
+export async function init(input) {
+    if (initialized)
+        return;
+    let moduleOrPath = input;
+    if (moduleOrPath === undefined && isNode()) {
+        // The `web` target defaults to `fetch(new URL('…_bg.wasm', import.meta.url))`,
+        // but Node's fetch can't load `file://` URLs. Read the bytes ourselves so
+        // the same artifact works in Node without the caller doing anything; in the
+        // browser we leave `input` undefined and let the glue fetch it.
+        moduleOrPath = await loadWasmBytesFromDisk();
+    }
+    await wasmInit(moduleOrPath !== undefined ? { module_or_path: moduleOrPath } : undefined);
+    initialized = true;
+}
+function isNode() {
+    return (typeof process !== "undefined" &&
+        process.versions != null &&
+        process.versions.node != null);
+}
+async function loadWasmBytesFromDisk() {
+    // Dynamic imports so bundlers targeting the browser never pull in node:fs.
+    const { readFile } = await import("node:fs/promises");
+    const { fileURLToPath } = await import("node:url");
+    const wasmUrl = new URL("./wasm/authenticdoc_bg.wasm", import.meta.url);
+    return readFile(fileURLToPath(wasmUrl));
+}
+function assertInit() {
+    if (!initialized) {
+        throw new Error("@authenticdoc/sdk: call `await init()` before using the SDK.");
+    }
+}
+// ---------- keypair ---------------------------------------------------------
+/**
+ * A secp256k1 keypair. The secret key never leaves WASM memory — this object
+ * is an opaque handle. Call {@link Keypair.free} when done, or use
+ * `using kp = Keypair.generate()` for automatic disposal.
+ */
+export class Keypair {
+    /** @internal */
+    inner;
+    constructor(inner) {
+        this.inner = inner;
+    }
+    /** Generate a fresh extractable keypair. */
+    static generate() {
+        assertInit();
+        return new Keypair(wasm.Keypair.generate());
+    }
+    /** Load a keypair from a bech32 `nsec1…` string. */
+    static fromNsec(nsec) {
+        assertInit();
+        return new Keypair(wasm.Keypair.fromNsec(nsec));
+    }
+    /** Load a keypair from a 64-character hex private key. */
+    static fromHex(hex) {
+        assertInit();
+        return new Keypair(wasm.Keypair.fromHex(hex));
+    }
+    /** Load a keypair from a BIP-39 mnemonic phrase (English, 12 or 24 words). */
+    static fromMnemonic(phrase) {
+        assertInit();
+        return new Keypair(wasm.Keypair.fromMnemonic(phrase));
+    }
+    /** The hex-encoded public key. */
+    get pubkey() {
+        return this.inner.pubkey;
+    }
+    /** Export the bech32 `nsec` (secret material — handle with care). */
+    nsec() {
+        return this.inner.nsec();
+    }
+    /** Export the 24-word BIP-39 mnemonic (secret material — handle with care). */
+    mnemonic() {
+        return this.inner.mnemonic();
+    }
+    /** Release the underlying WASM keypair (scrubs secret material). */
+    free() {
+        this.inner.free();
+    }
+    [Symbol.dispose]() {
+        this.free();
+    }
+}
+// ---------- template --------------------------------------------------------
+/**
+ * A signable document (title, body, UUID) backed by a Nostr parameterized
+ * replaceable event. Methods that mutate return a new {@link Template}; the
+ * wasm core is stateless (JSON in, JSON out).
+ */
+export class Template {
+    /** The underlying Nostr note JSON. */
+    json;
+    constructor(json) {
+        this.json = json;
+    }
+    /** Wrap an existing template JSON object (e.g. one received over the wire). */
+    static fromJson(json) {
+        return new Template(json);
+    }
+    /** Build a fresh template with a minted UUID. */
+    static create(title, body) {
+        assertInit();
+        return new Template(JSON.parse(wasm.templateNew(title, body)));
+    }
+    /**
+     * Build a template from raw file bytes, stored as an RFC 2397 data URL.
+     * Pass `id = undefined` or `""` to mint a UUID.
+     */
+    static fromBytes(title, mime, bytes, id) {
+        assertInit();
+        return new Template(JSON.parse(wasm.templateFromBytes(id, title, mime, bytes)));
+    }
+    get raw() {
+        return JSON.stringify(this.json);
+    }
+    /** Sign this template with `keypair`, returning the signed template. */
+    sign(keypair) {
+        return new Template(JSON.parse(wasm.templateSign(this.raw, keypair.inner)));
+    }
+    /** Verify the template's event id, signature and shape. Throws on failure. */
+    verify() {
+        wasm.templateVerify(this.raw);
+    }
+    /** The document id (the `d` parameter tag). */
+    documentId() {
+        return wasm.templateDocumentId(this.raw);
+    }
+    /** The title. */
+    title() {
+        return wasm.templateTitle(this.raw);
+    }
+    /** The body content. */
+    content() {
+        return wasm.templateContent(this.raw);
+    }
+    /** Read the first value of a custom tag. Throws if absent. */
+    getTag(key) {
+        return wasm.templateGetTag(this.raw, key);
+    }
+    /** Read the `description` tag. Throws if absent. */
+    description() {
+        return wasm.templateDescription(this.raw);
+    }
+    /** Whether `content` is a base64 data URL (built via {@link fromBytes}). */
+    isDataUrl() {
+        return wasm.templateIsDataUrl(this.raw);
+    }
+    /** Decode a data-URL `content`. Throws if `content` is not a data URL. */
+    decodeDataUrl() {
+        return JSON.parse(wasm.templateDecodeDataUrl(this.raw));
+    }
+    /** Add a custom tag, returning the updated template. */
+    addTag(key, value) {
+        return new Template(JSON.parse(wasm.templateAddTag(this.raw, key, value)));
+    }
+    /** Set the document id, returning the updated template. */
+    setDocumentId(id) {
+        return new Template(JSON.parse(wasm.templateSetDocumentId(this.raw, id)));
+    }
+    /** Set the title, returning the updated template. */
+    setTitle(title) {
+        return new Template(JSON.parse(wasm.templateSetTitle(this.raw, title)));
+    }
+    /** Add a `description` tag, returning the updated template. */
+    addDescription(description) {
+        return new Template(JSON.parse(wasm.templateAddDescription(this.raw, description)));
+    }
+}
+// ---------- envelope --------------------------------------------------------
+/**
+ * A multi-party signing envelope wrapping a {@link Template} with
+ * per-participant key material. Mutating methods return a new {@link Envelope}.
+ */
+export class Envelope {
+    /** The underlying Nostr note JSON. */
+    json;
+    constructor(json) {
+        this.json = json;
+    }
+    /** Wrap an existing envelope JSON object (e.g. one received over the wire). */
+    static fromJson(json) {
+        return new Envelope(json);
+    }
+    /** Build a v2 envelope wrapping `template` for `participants`. */
+    static create(template, participants) {
+        assertInit();
+        return new Envelope(JSON.parse(wasm.envelopeNew(JSON.stringify(template.json), JSON.stringify(participants))));
+    }
+    /**
+     * Build a v2 envelope directly from raw file bytes. Pass `id = undefined` or
+     * `""` to mint a UUID.
+     */
+    static fromBytes(title, mime, bytes, participants, id) {
+        assertInit();
+        return new Envelope(JSON.parse(wasm.envelopeFromBytes(id, title, mime, bytes, JSON.stringify(participants))));
+    }
+    get raw() {
+        return JSON.stringify(this.json);
+    }
+    /** This keypair's participant signature over the inner document. */
+    createParticipantSig(keypair) {
+        return JSON.parse(wasm.envelopeCreateParticipantSig(this.raw, keypair.inner));
+    }
+    /**
+     * Verify a single peer's signature (`peerPubkey` hex), returning it.
+     * `keypair` must be a participant able to decrypt the body.
+     */
+    verifyParticipantSig(keypair, peerPubkey) {
+        return JSON.parse(wasm.envelopeVerifyParticipantSig(this.raw, keypair.inner, peerPubkey));
+    }
+    /** Attach signatures via the (non-owner) participant path. */
+    addParticipantSigs(keypair, sigs) {
+        return new Envelope(JSON.parse(wasm.envelopeAddParticipantSigs(this.raw, keypair.inner, JSON.stringify(sigs))));
+    }
+    /** Attach signatures via the owner path (idempotent). */
+    addParticipantSigsAsOwner(ownerKeypair, sigs) {
+        return new Envelope(JSON.parse(wasm.envelopeAddParticipantSigsAsOwner(this.raw, ownerKeypair.inner, JSON.stringify(sigs))));
+    }
+    /** Verify every participant signature, returning them. */
+    verifyAllParticipantSigs(keypair) {
+        return JSON.parse(wasm.envelopeVerifyAllParticipantSigs(this.raw, keypair.inner));
+    }
+    /** Decrypt and return the inner document as a Nostr note. */
+    viewDocument(keypair) {
+        return JSON.parse(wasm.envelopeViewDocument(this.raw, keypair.inner));
+    }
+    /** Decrypt the envelope title using a participant keypair. */
+    title(keypair) {
+        return wasm.envelopeTitle(this.raw, keypair.inner);
+    }
+    /** The envelope's parameter id (matches the wrapped template id). */
+    id() {
+        return wasm.envelopeId(this.raw);
+    }
+    /** The participant list. */
+    participants() {
+        return JSON.parse(wasm.envelopeParticipants(this.raw));
+    }
+    /** The `created_at` timestamp (Unix seconds). */
+    timestamp() {
+        return wasm.envelopeTimestamp(this.raw);
+    }
+    /** Sign the envelope's outer Nostr event with `keypair`. */
+    sign(keypair) {
+        return new Envelope(JSON.parse(wasm.envelopeSign(this.raw, keypair.inner)));
+    }
+    /** Verify the signed envelope (outer event id + signature + shape). */
+    verify() {
+        wasm.envelopeVerify(this.raw);
+    }
+}
+// ---------- identity & badges ----------------------------------------------
+/** Identity-card and badge helpers. */
+export const identity = {
+    /** Encode a hex Nostr public key as a bech32 `npub`. */
+    npub(pubkeyHex) {
+        return wasm.identityNpub(pubkeyHex);
+    },
+    /** Build an unsigned Nostr event from an Identity JSON object. */
+    toEvent(identityJson) {
+        return JSON.parse(wasm.identityToEvent(JSON.stringify(identityJson)));
+    },
+    /** Parse a Nostr badge-award event into an Identity JSON object. */
+    fromEvent(note) {
+        return JSON.parse(wasm.identityFromEvent(JSON.stringify(note)));
+    },
+    /** Wrap a signed inner badge for delivery to a holder. */
+    wrapBadge(signedInner, holderPubkey, issuerKeypair) {
+        return JSON.parse(wasm.badgeWrap(JSON.stringify(signedInner), holderPubkey, issuerKeypair.inner));
+    },
+    /** Unwrap a badge addressed to the holder keypair. */
+    unwrapBadge(outer, holderKeypair) {
+        return JSON.parse(wasm.badgeUnwrap(JSON.stringify(outer), holderKeypair.inner));
+    },
+    /** Verify a badge was issued by `expectedIssuerPubkey`. Throws on mismatch. */
+    verifyBadge(badge, expectedIssuerPubkey) {
+        wasm.badgeVerify(JSON.stringify(badge), expectedIssuerPubkey);
+    },
+};
+// ---------- generic note signing -------------------------------------------
+/**
+ * Sign any Nostr note with `keypair`. A zero/absent `created_at` is replaced
+ * with the current Unix timestamp before signing.
+ */
+export function signNote(note, keypair) {
+    return JSON.parse(wasm.noteSign(JSON.stringify(note), keypair.inner));
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,QAAQ,EAAE,KAAK,IAAI,MAAM,wBAAwB,CAAC;AAkBzD,IAAI,WAAW,GAAG,KAAK,CAAC;AAExB;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,KAA6E;IAE7E,IAAI,WAAW;QAAE,OAAO;IAExB,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,IAAI,YAAY,KAAK,SAAS,IAAI,MAAM,EAAE,EAAE,CAAC;QAC3C,+EAA+E;QAC/E,0EAA0E;QAC1E,4EAA4E;QAC5E,gEAAgE;QAChE,YAAY,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAC/C,CAAC;IAED,MAAM,QAAQ,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAC1F,WAAW,GAAG,IAAI,CAAC;AACrB,CAAC;AAED,SAAS,MAAM;IACb,OAAO,CACL,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,CAAC,QAAQ,IAAI,IAAI;QACxB,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAC9B,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,qBAAqB;IAClC,2EAA2E;IAC3E,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;IACtD,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxE,OAAO,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;IACJ,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,OAAO,OAAO;IAClB,gBAAgB;IACP,KAAK,CAAe;IAE7B,YAAoB,KAAmB;QACrC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,4CAA4C;IAC5C,MAAM,CAAC,QAAQ;QACb,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC9C,CAAC;IAED,oDAAoD;IACpD,MAAM,CAAC,QAAQ,CAAC,IAAY;QAC1B,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,0DAA0D;IAC1D,MAAM,CAAC,OAAO,CAAC,GAAW;QACxB,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,8EAA8E;IAC9E,MAAM,CAAC,YAAY,CAAC,MAAc;QAChC,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;IACxD,CAAC;IAED,kCAAkC;IAClC,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,qEAAqE;IACrE,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,+EAA+E;IAC/E,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;IAC/B,CAAC;IAED,oEAAoE;IACpE,IAAI;QACF,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED,CAAC,MAAM,CAAC,OAAO,CAAC;QACd,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;CACF;AAED,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,OAAO,QAAQ;IACnB,sCAAsC;IAC7B,IAAI,CAAe;IAE5B,YAAoB,IAAkB;QACpC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,+EAA+E;IAC/E,MAAM,CAAC,QAAQ,CAAC,IAAkB;QAChC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAED,iDAAiD;IACjD,MAAM,CAAC,MAAM,CAAC,KAAa,EAAE,IAAY;QACvC,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IACjE,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,SAAS,CACd,KAAa,EACb,IAAY,EACZ,KAAiB,EACjB,EAAW;QAEX,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAC3D,CAAC;IACJ,CAAC;IAED,IAAY,GAAG;QACb,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,wEAAwE;IACxE,IAAI,CAAC,OAAgB;QACnB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,8EAA8E;IAC9E,MAAM;QACJ,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,+CAA+C;IAC/C,UAAU;QACR,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IAED,iBAAiB;IACjB,KAAK;QACH,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IAED,wBAAwB;IACxB,OAAO;QACL,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;IAED,8DAA8D;IAC9D,MAAM,CAAC,GAAW;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5C,CAAC;IAED,oDAAoD;IACpD,WAAW;QACT,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC;IAED,4EAA4E;IAC5E,SAAS;QACP,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED,0EAA0E;IAC1E,aAAa;QACX,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED,wDAAwD;IACxD,MAAM,CAAC,GAAW,EAAE,KAAa;QAC/B,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7E,CAAC;IAED,2DAA2D;IAC3D,aAAa,CAAC,EAAU;QACtB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,qDAAqD;IACrD,QAAQ,CAAC,KAAa;QACpB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED,+DAA+D;IAC/D,cAAc,CAAC,WAAmB;QAChC,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAC/D,CAAC;IACJ,CAAC;CACF;AAED,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,OAAO,QAAQ;IACnB,sCAAsC;IAC7B,IAAI,CAAe;IAE5B,YAAoB,IAAkB;QACpC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,+EAA+E;IAC/E,MAAM,CAAC,QAAQ,CAAC,IAAkB;QAChC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAED,kEAAkE;IAClE,MAAM,CAAC,MAAM,CAAC,QAAkB,EAAE,YAAmC;QACnE,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CACR,IAAI,CAAC,WAAW,CACd,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAC7B,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAC7B,CACF,CACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,SAAS,CACd,KAAa,EACb,IAAY,EACZ,KAAiB,EACjB,YAAmC,EACnC,EAAW;QAEX,UAAU,EAAE,CAAC;QACb,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CACR,IAAI,CAAC,iBAAiB,CACpB,EAAE,EACF,KAAK,EACL,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAC7B,CACF,CACF,CAAC;IACJ,CAAC;IAED,IAAY,GAAG;QACb,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,oEAAoE;IACpE,oBAAoB,CAAC,OAAgB;QACnC,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAC3D,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,oBAAoB,CAAC,OAAgB,EAAE,UAAkB;QACvD,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,EAAE,UAAU,CAAC,CACvE,CAAC;IACJ,CAAC;IAED,8DAA8D;IAC9D,kBAAkB,CAAC,OAAgB,EAAE,IAAyB;QAC5D,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CACR,IAAI,CAAC,0BAA0B,CAC7B,IAAI,CAAC,GAAG,EACR,OAAO,CAAC,KAAK,EACb,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CACrB,CACF,CACF,CAAC;IACJ,CAAC;IAED,yDAAyD;IACzD,yBAAyB,CACvB,YAAqB,EACrB,IAAyB;QAEzB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,KAAK,CACR,IAAI,CAAC,iCAAiC,CACpC,IAAI,CAAC,GAAG,EACR,YAAY,CAAC,KAAK,EAClB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CACrB,CACF,CACF,CAAC;IACJ,CAAC;IAED,0DAA0D;IAC1D,wBAAwB,CAAC,OAAgB;QACvC,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAC/D,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,YAAY,CAAC,OAAgB;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,8DAA8D;IAC9D,KAAK,CAAC,OAAgB;QACpB,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC;IAED,qEAAqE;IACrE,EAAE;QACA,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC;IAED,4BAA4B;IAC5B,YAAY;QACV,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,iDAAiD;IACjD,SAAS;QACP,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED,4DAA4D;IAC5D,IAAI,CAAC,OAAgB;QACnB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,uEAAuE;IACvE,MAAM;QACJ,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;CACF;AAED,8EAA8E;AAE9E,uCAAuC;AACvC,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,wDAAwD;IACxD,IAAI,CAAC,SAAiB;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACtC,CAAC;IAED,kEAAkE;IAClE,OAAO,CAAC,YAAqB;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,oEAAoE;IACpE,SAAS,CAAC,IAAe;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClE,CAAC;IAED,0DAA0D;IAC1D,SAAS,CACP,WAAsB,EACtB,YAAoB,EACpB,aAAsB;QAEtB,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,SAAS,CACZ,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAC3B,YAAY,EACZ,aAAa,CAAC,KAAK,CACpB,CACF,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,WAAW,CAAC,KAAgB,EAAE,aAAsB;QAClD,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC,KAAK,CAAC,CAC7D,CAAC;IACJ,CAAC;IAED,+EAA+E;IAC/E,WAAW,CAAC,KAAc,EAAE,oBAA4B;QACtD,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAChE,CAAC;CACF,CAAC;AAEF,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,UAAU,QAAQ,CAAC,IAAe,EAAE,OAAgB;IACxD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;AACxE,CAAC"}