@authloop-ai/core 0.2.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AuthLoop
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,41 @@
+# @authloop-ai/core
+
+Core engine for [AuthLoop](https://authloop.ai) — CDP screencast, end-to-end encryption, and WebSocket relay.
+
+This package powers the MCP server and OpenClaw plugin. You typically don't use it directly — use [`@authloop-ai/mcp`](../mcp) or [`@authloop-ai/openclaw-authloop`](../openclaw-plugin) instead.
+
+## What it does
+
+- **CDP client** — connects to a Chromium browser via Chrome DevTools Protocol, captures screencast frames (JPEG), dispatches keystrokes and input events
+- **E2EE** — ECDH P-256 key exchange + AES-256-GCM encryption for all user input between the human's browser and the agent's machine
+- **BrowserStream** — WebSocket relay that streams CDP frames to the human and relays encrypted input back to the browser
+- **Session lifecycle** — creates sessions via the AuthLoop API, manages the PENDING → ACTIVE → RESOLVED state machine, handles cleanup on disconnect
+
+## Exports
+
+```ts
+// Session management
+export { startSession, waitForStatus, stopSession } from "./session.js";
+export type { ToHumanInput, StartSessionOutput, SessionStatusOutput, SessionStatus };
+
+// CDP screencast + input dispatch
+export { BrowserStream } from "./stream.js";
+export { CdpClient } from "./cdp.js";
+
+// End-to-end encryption
+export { E2EESession } from "./crypto.js";
+```
+
+## When to use this directly
+
+Only if you're building a custom integration that isn't covered by the MCP server, OpenClaw plugin, or SDK. For example:
+
+- A custom agent runtime that needs direct control over the screencast stream
+- A browser extension that manages its own CDP connection
+- A relay server with custom transport (e.g., WebRTC instead of WebSocket)
+
+For most use cases, use the higher-level packages instead.
+
+## License
+
+MIT

package/dist/cdp.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Thin CDP WebSocket client. Uses native WebSocket (Node 22+).
+ * Supports both direct WebSocket URLs (ws://, wss://) and HTTP-based CDP
+ * endpoints (http://, https://) — auto-discovers the WebSocket debugger URL
+ * via /json/version for HTTP endpoints.
+ * No auto-reconnect — a CDP drop means the session is dead.
+ */
+type EventHandler = (params: Record<string, unknown>) => void;
+export declare class CdpClient {
+    private cdpUrl;
+    private ws;
+    private nextId;
+    private pending;
+    private listeners;
+    private closeHandlers;
+    private closed;
+    constructor(cdpUrl: string);
+    /** Register a callback for when the CDP connection closes */
+    onClose(handler: () => void): void;
+    connect(): Promise<void>;
+    send(method: string, params?: Record<string, unknown>): Promise<unknown>;
+    on(event: string, handler: EventHandler): void;
+    close(): void;
+}
+export {};

package/dist/cdp.js

@@ -0,0 +1,162 @@
+/**
+ * Thin CDP WebSocket client. Uses native WebSocket (Node 22+).
+ * Supports both direct WebSocket URLs (ws://, wss://) and HTTP-based CDP
+ * endpoints (http://, https://) — auto-discovers the WebSocket debugger URL
+ * via /json/version for HTTP endpoints.
+ * No auto-reconnect — a CDP drop means the session is dead.
+ */
+import createDebug from "debug";
+const debug = createDebug("authloop:cdp");
+/**
+ * Resolves a CDP URL to a page-level WebSocket URL.
+ * - ws:// / wss:// URLs are returned as-is (assumed to be a page target).
+ * - http:// / https:// URLs are treated as CDP HTTP endpoints — we call
+ *   /json to find the first "page" target and use its webSocketDebuggerUrl.
+ *   Falls back to /json/version (browser-level) if no page targets exist.
+ */
+async function resolveWebSocketUrl(cdpUrl) {
+    if (cdpUrl.startsWith("ws://") || cdpUrl.startsWith("wss://")) {
+        debug("CDP URL is already WebSocket: %s", cdpUrl);
+        return cdpUrl;
+    }
+    const base = cdpUrl.replace(/\/+$/, "");
+    // Try /json first to get a page-level target (required for Page.startScreencast)
+    try {
+        const listUrl = `${base}/json`;
+        debug("discovering page targets from %s", listUrl);
+        const res = await fetch(listUrl);
+        if (res.ok) {
+            const targets = (await res.json());
+            // Filter to page targets with WebSocket URLs
+            const pages = targets.filter((t) => t.type === "page" && t.webSocketDebuggerUrl);
+            // Prefer real web pages over chrome internal pages (about:, chrome:, chrome-extension:)
+            const webPage = pages.find((t) => t.url && /^https?:\/\//.test(t.url));
+            const page = webPage ?? pages[0];
+            if (page) {
+                debug("discovered page target: %s (%s)", page.title ?? page.url, page.webSocketDebuggerUrl);
+                return page.webSocketDebuggerUrl;
+            }
+            debug("no page targets found, falling back to /json/version");
+        }
+    }
+    catch {
+        debug("/json failed, falling back to /json/version");
+    }
+    // Fallback: browser-level endpoint
+    const versionUrl = `${base}/json/version`;
+    debug("discovering WebSocket URL from %s", versionUrl);
+    const res = await fetch(versionUrl);
+    if (!res.ok) {
+        throw new Error(`CDP discovery failed: ${versionUrl} returned ${res.status}`);
+    }
+    const data = (await res.json());
+    if (!data.webSocketDebuggerUrl) {
+        throw new Error(`CDP discovery: no webSocketDebuggerUrl in ${versionUrl} response`);
+    }
+    debug("discovered browser WebSocket URL: %s", data.webSocketDebuggerUrl);
+    return data.webSocketDebuggerUrl;
+}
+export class CdpClient {
+    cdpUrl;
+    ws = null;
+    nextId = 1;
+    pending = new Map();
+    listeners = new Map();
+    closeHandlers = [];
+    closed = false;
+    constructor(cdpUrl) {
+        this.cdpUrl = cdpUrl;
+    }
+    /** Register a callback for when the CDP connection closes */
+    onClose(handler) {
+        this.closeHandlers.push(handler);
+    }
+    async connect() {
+        const wsUrl = await resolveWebSocketUrl(this.cdpUrl);
+        debug("connecting to %s", wsUrl);
+        return new Promise((resolve, reject) => {
+            const ws = new WebSocket(wsUrl);
+            this.ws = ws;
+            ws.addEventListener("open", () => {
+                debug("connected");
+                resolve();
+            });
+            ws.addEventListener("error", (e) => {
+                if (!this.closed) {
+                    debug("connection error: %s", e.message ?? "unknown");
+                    reject(new Error(`CDP connection error: ${e.message ?? "unknown"}`));
+                }
+            });
+            ws.addEventListener("message", (event) => {
+                const data = JSON.parse(String(event.data));
+                // Response to a command
+                if (data.id !== undefined) {
+                    const pending = this.pending.get(data.id);
+                    if (pending) {
+                        this.pending.delete(data.id);
+                        if (data.error) {
+                            debug("command %d error: %s", data.id, data.error.message);
+                            pending.reject(new Error(`CDP error: ${data.error.message}`));
+                        }
+                        else {
+                            debug("command %d ok", data.id);
+                            pending.resolve(data.result);
+                        }
+                    }
+                    return;
+                }
+                // Event
+                if (data.method) {
+                    debug("event: %s", data.method);
+                    const handlers = this.listeners.get(data.method);
+                    if (handlers) {
+                        for (const handler of handlers) {
+                            handler(data.params ?? {});
+                        }
+                    }
+                }
+            });
+            ws.addEventListener("close", () => {
+                debug("connection closed, rejecting %d pending calls", this.pending.size);
+                this.closed = true;
+                for (const [, pending] of this.pending) {
+                    pending.reject(new Error("CDP connection closed"));
+                }
+                this.pending.clear();
+                for (const handler of this.closeHandlers) {
+                    handler();
+                }
+            });
+        });
+    }
+    send(method, params) {
+        if (!this.ws || this.closed) {
+            return Promise.reject(new Error("CDP not connected"));
+        }
+        const id = this.nextId++;
+        debug("send #%d %s", id, method);
+        return new Promise((resolve, reject) => {
+            this.pending.set(id, { resolve, reject });
+            this.ws.send(JSON.stringify({ id, method, params }));
+        });
+    }
+    on(event, handler) {
+        let set = this.listeners.get(event);
+        if (!set) {
+            set = new Set();
+            this.listeners.set(event, set);
+        }
+        set.add(handler);
+    }
+    close() {
+        debug("closing, %d pending calls", this.pending.size);
+        this.closed = true;
+        for (const [, pending] of this.pending) {
+            pending.reject(new Error("CDP client closed"));
+        }
+        this.pending.clear();
+        this.ws?.close();
+        this.ws = null;
+    }
+}
+//# sourceMappingURL=cdp.js.map

package/dist/cdp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cdp.js","sourceRoot":"","sources":["../src/cdp.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,WAAW,MAAM,OAAO,CAAC;AAEhC,MAAM,KAAK,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC;AAS1C;;;;;;GAMG;AACH,KAAK,UAAU,mBAAmB,CAAC,MAAc;IAC/C,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9D,KAAK,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;QAClD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAExC,iFAAiF;IACjF,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,IAAI,OAAO,CAAC;QAC/B,KAAK,CAAC,kCAAkC,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QACjC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAK/B,CAAC;YACH,6CAA6C;YAC7C,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,CAAC,oBAAoB,CAAC,CAAC;YACjF,wFAAwF;YACxF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvE,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,IAAI,EAAE,CAAC;gBACT,KAAK,CAAC,iCAAiC,EAAE,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBAC5F,OAAO,IAAI,CAAC,oBAAqB,CAAC;YACpC,CAAC;YACD,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACvD,CAAC;IAED,mCAAmC;IACnC,MAAM,UAAU,GAAG,GAAG,IAAI,eAAe,CAAC;IAC1C,KAAK,CAAC,mCAAmC,EAAE,UAAU,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,CAAC;IACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,yBAAyB,UAAU,aAAa,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IAChF,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsC,CAAC;IACrE,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,6CAA6C,UAAU,WAAW,CAAC,CAAC;IACtF,CAAC;IAED,KAAK,CAAC,sCAAsC,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC,oBAAoB,CAAC;AACnC,CAAC;AAED,MAAM,OAAO,SAAS;IAQA;IAPZ,EAAE,GAAqB,IAAI,CAAC;IAC5B,MAAM,GAAG,CAAC,CAAC;IACX,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;IACzC,SAAS,GAAG,IAAI,GAAG,EAA6B,CAAC;IACjD,aAAa,GAAsB,EAAE,CAAC;IACtC,MAAM,GAAG,KAAK,CAAC;IAEvB,YAAoB,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAEtC,6DAA6D;IAC7D,OAAO,CAAC,OAAmB;QACzB,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,KAAK,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrD,KAAK,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;QAEjC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC;YAChC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;YAEb,EAAE,CAAC,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE;gBAC/B,KAAK,CAAC,WAAW,CAAC,CAAC;gBACnB,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;YACH,EAAE,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACjC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACjB,KAAK,CAAC,sBAAsB,EAAG,CAAgB,CAAC,OAAO,IAAI,SAAS,CAAC,CAAC;oBACtE,MAAM,CAAC,IAAI,KAAK,CAAC,yBAA0B,CAAgB,CAAC,OAAO,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC;gBACvF,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;gBACvC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAMzC,CAAC;gBAEF,wBAAwB;gBACxB,IAAI,IAAI,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;oBAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAC1C,IAAI,OAAO,EAAE,CAAC;wBACZ,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBAC7B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;4BACf,KAAK,CAAC,sBAAsB,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;4BAC3D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,cAAc,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;wBAChE,CAAC;6BAAM,CAAC;4BACN,KAAK,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;4BAChC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;wBAC/B,CAAC;oBACH,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,QAAQ;gBACR,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;oBAChB,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;oBAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBACjD,IAAI,QAAQ,EAAE,CAAC;wBACb,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;wBAC7B,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBAChC,KAAK,CAAC,+CAA+C,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC1E,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;gBACnB,KAAK,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;oBACvC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;gBACrD,CAAC;gBACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACrB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;oBACzC,OAAO,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,MAAc,EAAE,MAAgC;QACnD,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAC5B,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACzB,KAAK,CAAC,aAAa,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACjC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;YAC1C,IAAI,CAAC,EAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC;IAED,EAAE,CAAC,KAAa,EAAE,OAAqB;QACrC,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACjC,CAAC;QACD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACnB,CAAC;IAED,KAAK;QACH,KAAK,CAAC,2BAA2B,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,KAAK,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACvC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC;IACjB,CAAC;CACF"}

package/dist/crypto.d.ts

@@ -0,0 +1,38 @@
+/**
+ * End-to-end encryption for the keystroke relay.
+ *
+ * Uses ECDH (P-256) key exchange + AES-256-GCM.
+ * The relay only sees ciphertext — it cannot read passwords or OTPs.
+ *
+ * Flow:
+ *   1. MCP generates ECDH P-256 keypair, sends public key to viewer via relay
+ *   2. Viewer generates ECDH P-256 keypair, sends public key to MCP via relay
+ *   3. Both sides derive the same shared secret using ECDH
+ *   4. Viewer encrypts input events with AES-256-GCM before sending
+ *   5. MCP decrypts input events after receiving
+ *   6. Frames (screenshots) are NOT encrypted — they show visible page content only
+ */
+export declare class E2EESession {
+    private ecdh;
+    private sharedSecret;
+    private _publicKey;
+    constructor();
+    /** Our public key to send to the viewer */
+    get publicKey(): string;
+    /** Derive shared secret from the viewer's public key */
+    deriveSecret(viewerPublicKey: string): void;
+    /** Check if key exchange is complete */
+    get ready(): boolean;
+    /** Decrypt a message from the viewer */
+    decrypt(encrypted: {
+        iv: string;
+        ciphertext: string;
+        tag: string;
+    }): string;
+    /** Encrypt a message to the viewer (for testing / future use) */
+    encrypt(plaintext: string): {
+        iv: string;
+        ciphertext: string;
+        tag: string;
+    };
+}

package/dist/crypto.js

@@ -0,0 +1,69 @@
+/**
+ * End-to-end encryption for the keystroke relay.
+ *
+ * Uses ECDH (P-256) key exchange + AES-256-GCM.
+ * The relay only sees ciphertext — it cannot read passwords or OTPs.
+ *
+ * Flow:
+ *   1. MCP generates ECDH P-256 keypair, sends public key to viewer via relay
+ *   2. Viewer generates ECDH P-256 keypair, sends public key to MCP via relay
+ *   3. Both sides derive the same shared secret using ECDH
+ *   4. Viewer encrypts input events with AES-256-GCM before sending
+ *   5. MCP decrypts input events after receiving
+ *   6. Frames (screenshots) are NOT encrypted — they show visible page content only
+ */
+import { createECDH, createDecipheriv, createCipheriv, randomBytes } from "node:crypto";
+import createDebug from "debug";
+const debug = createDebug("authloop:crypto");
+export class E2EESession {
+    ecdh = createECDH("prime256v1");
+    sharedSecret = null;
+    _publicKey;
+    constructor() {
+        this.ecdh.generateKeys();
+        this._publicKey = this.ecdh.getPublicKey("base64");
+        debug("generated keypair, public key: %s...", this._publicKey.slice(0, 20));
+    }
+    /** Our public key to send to the viewer */
+    get publicKey() {
+        return this._publicKey;
+    }
+    /** Derive shared secret from the viewer's public key */
+    deriveSecret(viewerPublicKey) {
+        const secret = this.ecdh.computeSecret(Buffer.from(viewerPublicKey, "base64"));
+        // Use first 32 bytes as AES-256 key
+        this.sharedSecret = secret.subarray(0, 32);
+        debug("shared secret derived");
+    }
+    /** Check if key exchange is complete */
+    get ready() {
+        return this.sharedSecret !== null;
+    }
+    /** Decrypt a message from the viewer */
+    decrypt(encrypted) {
+        if (!this.sharedSecret)
+            throw new Error("E2EE not ready — key exchange incomplete");
+        const iv = Buffer.from(encrypted.iv, "base64");
+        const ciphertext = Buffer.from(encrypted.ciphertext, "base64");
+        const tag = Buffer.from(encrypted.tag, "base64");
+        const decipher = createDecipheriv("aes-256-gcm", this.sharedSecret, iv);
+        decipher.setAuthTag(tag);
+        const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+        return decrypted.toString("utf8");
+    }
+    /** Encrypt a message to the viewer (for testing / future use) */
+    encrypt(plaintext) {
+        if (!this.sharedSecret)
+            throw new Error("E2EE not ready — key exchange incomplete");
+        const iv = randomBytes(12);
+        const cipher = createCipheriv("aes-256-gcm", this.sharedSecret, iv);
+        const ciphertext = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+        const tag = cipher.getAuthTag();
+        return {
+            iv: iv.toString("base64"),
+            ciphertext: ciphertext.toString("base64"),
+            tag: tag.toString("base64"),
+        };
+    }
+}
+//# sourceMappingURL=crypto.js.map

package/dist/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACxF,OAAO,WAAW,MAAM,OAAO,CAAC;AAEhC,MAAM,KAAK,GAAG,WAAW,CAAC,iBAAiB,CAAC,CAAC;AAE7C,MAAM,OAAO,WAAW;IACd,IAAI,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAChC,YAAY,GAAkB,IAAI,CAAC;IACnC,UAAU,CAAS;IAE3B;QACE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACnD,KAAK,CAAC,sCAAsC,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,2CAA2C;IAC3C,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,wDAAwD;IACxD,YAAY,CAAC,eAAuB;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC/E,oCAAoC;QACpC,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3C,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACjC,CAAC;IAED,wCAAwC;IACxC,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,YAAY,KAAK,IAAI,CAAC;IACpC,CAAC;IAED,wCAAwC;IACxC,OAAO,CAAC,SAA0D;QAChE,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAEpF,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC/C,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACxE,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACjF,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAED,iEAAiE;IACjE,OAAO,CAAC,SAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAEpF,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAEpE,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACrF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEhC,OAAO;YACL,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACzB,UAAU,EAAE,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACzC,GAAG,EAAE,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC;SAC5B,CAAC;IACJ,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export { startSession, waitForStatus, stopSession, _resetActiveSession, _getActiveSession, type ToHumanInput, type StartSessionOutput, type SessionStatusOutput, type SessionStatus, } from "./session.js";
+export { BrowserStream, type StreamResult } from "./stream.js";
+export { CdpClient } from "./cdp.js";
+export { E2EESession } from "./crypto.js";

package/dist/index.js

@@ -0,0 +1,5 @@
+export { startSession, waitForStatus, stopSession, _resetActiveSession, _getActiveSession, } from "./session.js";
+export { BrowserStream } from "./stream.js";
+export { CdpClient } from "./cdp.js";
+export { E2EESession } from "./crypto.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,iBAAiB,GAKlB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,aAAa,EAAqB,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC"}

package/dist/session.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Session lifecycle: startSession → (agent sends URL) → waitForStatus → resolved → cleanup
+ *
+ * startSession() creates the session, connects WebSocket, starts CDP screencast in the
+ * background, and returns immediately with the session_url for the agent to send to the human.
+ *
+ * waitForStatus() blocks until the session reaches a terminal state (resolved/cancelled/timeout/error).
+ *
+ * stopSession() cleans up the stream, WebSocket, and CDP connection.
+ */
+import { AuthLoop } from "@authloop-ai/sdk";
+import { BrowserStream, type StreamResult } from "./stream.js";
+export interface ToHumanInput {
+    service: string;
+    cdpUrl: string;
+    context?: {
+        url?: string;
+        blockerType?: "otp" | "password" | "captcha" | "security_question" | "document_upload" | "other";
+        hint?: string;
+    };
+}
+export interface StartSessionOutput {
+    sessionId: string;
+    sessionUrl: string;
+}
+export type SessionStatus = "streaming" | StreamResult;
+export interface SessionStatusOutput {
+    sessionId: string;
+    sessionUrl: string;
+    status: SessionStatus;
+}
+interface ActiveSession {
+    sessionId: string;
+    sessionUrl: string;
+    status: SessionStatus;
+    authloop: AuthLoop;
+    stream: BrowserStream | null;
+    ws: WebSocket;
+    cdpUrl: string;
+    startTime: number;
+    /** Resolves when status changes from "streaming" to a terminal state */
+    onTerminal: Promise<StreamResult>;
+    resolveTerminal: ((result: StreamResult) => void) | null;
+}
+/** @internal — exposed for testing only */
+export declare function _resetActiveSession(): void;
+/** @internal — exposed for testing only */
+export declare function _getActiveSession(): ActiveSession | null;
+/**
+ * Start a session: create via API, connect WebSocket, start CDP screencast in background.
+ * Returns immediately with session_url for the agent to send to the human.
+ */
+export declare function startSession(authloop: AuthLoop, options: ToHumanInput): Promise<StartSessionOutput>;
+/**
+ * Block until the session reaches a terminal state.
+ * Returns null if no session is active.
+ * Auto-cleans up after returning.
+ */
+export declare function waitForStatus(): Promise<SessionStatusOutput | null>;
+/**
+ * Stop the active session and clean up all resources.
+ */
+export declare function stopSession(): Promise<void>;
+export {};

package/dist/session.js

@@ -0,0 +1,223 @@
+/**
+ * Session lifecycle: startSession → (agent sends URL) → waitForStatus → resolved → cleanup
+ *
+ * startSession() creates the session, connects WebSocket, starts CDP screencast in the
+ * background, and returns immediately with the session_url for the agent to send to the human.
+ *
+ * waitForStatus() blocks until the session reaches a terminal state (resolved/cancelled/timeout/error).
+ *
+ * stopSession() cleans up the stream, WebSocket, and CDP connection.
+ */
+import createDebug from "debug";
+import { BrowserStream } from "./stream.js";
+const debug = createDebug("authloop:session");
+const perf = createDebug("authloop:perf");
+let active = null;
+/** @internal — exposed for testing only */
+export function _resetActiveSession() {
+    active = null;
+}
+/** @internal — exposed for testing only */
+export function _getActiveSession() {
+    return active;
+}
+/**
+ * Transition the active session to a terminal status.
+ * Resolves the terminal promise so waitForStatus() unblocks.
+ */
+function setTerminalStatus(result) {
+    if (!active || active.status !== "streaming")
+        return;
+    debug("terminal status: %s", result);
+    active.status = result;
+    active.resolveTerminal?.(result);
+    active.resolveTerminal = null;
+}
+/**
+ * Start a session: create via API, connect WebSocket, start CDP screencast in background.
+ * Returns immediately with session_url for the agent to send to the human.
+ */
+export async function startSession(authloop, options) {
+    if (active) {
+        throw new Error("A session is already in progress");
+    }
+    debug("startSession: service=%s", options.service);
+    const startTime = Date.now();
+    // 1. Create session via SDK
+    const session = await authloop.toHuman({
+        service: options.service,
+        cdpUrl: options.cdpUrl,
+        context: options.context,
+    });
+    debug("session created: id=%s url=%s", session.sessionId, session.sessionUrl);
+    perf("[perf:session] session created: %dms", Date.now() - startTime);
+    // 2. Connect WebSocket immediately
+    const wsUrl = `${session.streamUrl}?token=${encodeURIComponent(session.streamToken)}&role=agent`;
+    debug("connecting to relay WebSocket");
+    const wsConnectStart = Date.now();
+    const ws = await new Promise((resolve, reject) => {
+        const socket = new WebSocket(wsUrl);
+        const timeout = setTimeout(() => {
+            socket.close();
+            reject(new Error("WebSocket connection timed out after 15s"));
+        }, 15000);
+        socket.addEventListener("open", () => {
+            clearTimeout(timeout);
+            resolve(socket);
+        });
+        socket.addEventListener("error", (e) => {
+            clearTimeout(timeout);
+            reject(new Error(`WebSocket error: ${e.message ?? "connection failed"}`));
+        });
+    });
+    perf("[perf:stream] WebSocket connect: %dms", Date.now() - wsConnectStart);
+    debug("relay connected");
+    // 3. Set up terminal promise
+    let resolveTerminal = null;
+    const onTerminal = new Promise((resolve) => {
+        resolveTerminal = resolve;
+    });
+    // 4. Set up active session
+    active = {
+        sessionId: session.sessionId,
+        sessionUrl: session.sessionUrl,
+        status: "streaming",
+        authloop,
+        stream: null,
+        ws,
+        cdpUrl: options.cdpUrl,
+        startTime,
+        onTerminal,
+        resolveTerminal,
+    };
+    // 5. Listen for events in background
+    ws.addEventListener("message", (event) => {
+        if (!active || typeof event.data !== "string")
+            return;
+        try {
+            const msg = JSON.parse(event.data);
+            if (msg.type === "viewer_connected" && !active.stream) {
+                debug("viewer connected, starting browser stream");
+                startStreaming().catch((err) => {
+                    debug("failed to start streaming: %s", err.message);
+                    setTerminalStatus("error");
+                });
+            }
+            else if (msg.type === "session_expired") {
+                debug("session expired");
+                setTerminalStatus("timeout");
+            }
+            else if (msg.type === "session_cancelled") {
+                debug("session cancelled");
+                setTerminalStatus("cancelled");
+            }
+        }
+        catch {
+            // ignore parse errors
+        }
+    });
+    ws.addEventListener("close", () => {
+        if (active && active.status === "streaming") {
+            debug("relay WebSocket closed unexpectedly");
+            setTerminalStatus("error");
+        }
+    });
+    perf("[perf:session] startSession total: %dms", Date.now() - startTime);
+    return {
+        sessionId: session.sessionId,
+        sessionUrl: session.sessionUrl,
+    };
+}
+/**
+ * Start CDP screencast and wire up resolution events.
+ * Called automatically when viewer connects.
+ */
+async function startStreaming() {
+    if (!active)
+        return;
+    const stream = new BrowserStream({
+        ws: active.ws,
+        cdpUrl: active.cdpUrl,
+    });
+    active.stream = stream;
+    await stream.start();
+    debug("browser stream started");
+    // Wait for resolution in background
+    stream.waitForResolution().then(async (result) => {
+        if (!active)
+            return;
+        debug("stream result: %s", result);
+        // Tell the API the outcome
+        if (result === "resolved") {
+            debug("resolving session %s", active.sessionId);
+            await active.authloop.resolveSession(active.sessionId).catch(() => { });
+        }
+        else if (result === "cancelled") {
+            debug("cancelling session %s", active.sessionId);
+            await active.authloop.cancelSession(active.sessionId).catch(() => { });
+        }
+        setTerminalStatus(result);
+    });
+}
+/**
+ * Block until the session reaches a terminal state.
+ * Returns null if no session is active.
+ * Auto-cleans up after returning.
+ */
+export async function waitForStatus() {
+    if (!active)
+        return null;
+    debug("waitForStatus: waiting for terminal status...");
+    // If already terminal, return immediately
+    if (active.status !== "streaming") {
+        const result = {
+            sessionId: active.sessionId,
+            sessionUrl: active.sessionUrl,
+            status: active.status,
+        };
+        debug("waitForStatus: already terminal=%s", active.status);
+        await cleanup();
+        return result;
+    }
+    // Block until terminal
+    const terminalResult = await active.onTerminal;
+    // active may have been cleared by stopSession() during the wait
+    if (!active)
+        return null;
+    const result = {
+        sessionId: active.sessionId,
+        sessionUrl: active.sessionUrl,
+        status: terminalResult,
+    };
+    debug("waitForStatus: resolved with status=%s", terminalResult);
+    await cleanup();
+    return result;
+}
+/**
+ * Stop the active session and clean up all resources.
+ */
+export async function stopSession() {
+    if (!active)
+        return;
+    debug("stopSession: sessionId=%s", active.sessionId);
+    // Cancel on the API if still streaming
+    if (active.status === "streaming") {
+        await active.authloop.cancelSession(active.sessionId).catch(() => { });
+    }
+    // Resolve the terminal promise so waitForStatus() unblocks
+    setTerminalStatus("cancelled");
+    await cleanup();
+}
+async function cleanup() {
+    if (!active)
+        return;
+    const session = active;
+    active = null;
+    await session.stream?.stop();
+    if (!session.stream) {
+        session.ws.close();
+    }
+    perf("[perf:session] session duration: %ds", Math.round((Date.now() - session.startTime) / 1000));
+    debug("session cleaned up");
+}
+//# sourceMappingURL=session.js.map

package/dist/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,WAAW,MAAM,OAAO,CAAC;AAEhC,OAAO,EAAE,aAAa,EAAqB,MAAM,aAAa,CAAC;AAE/D,MAAM,KAAK,GAAG,WAAW,CAAC,kBAAkB,CAAC,CAAC;AAC9C,MAAM,IAAI,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC;AAuC1C,IAAI,MAAM,GAAyB,IAAI,CAAC;AAExC,2CAA2C;AAC3C,MAAM,UAAU,mBAAmB;IACjC,MAAM,GAAG,IAAI,CAAC;AAChB,CAAC;AAED,2CAA2C;AAC3C,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,MAAoB;IAC7C,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW;QAAE,OAAO;IACrD,KAAK,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;IACrC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,MAAM,CAAC,eAAe,EAAE,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC;AAChC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAkB,EAClB,OAAqB;IAErB,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,0BAA0B,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,4BAA4B;IAC5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACrC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO;KACzB,CAAC,CAAC;IACH,KAAK,CAAC,+BAA+B,EAAE,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAC9E,IAAI,CAAC,sCAAsC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;IAErE,mCAAmC;IACnC,MAAM,KAAK,GAAG,GAAG,OAAO,CAAC,SAAS,UAAU,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC;IACjG,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACvC,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAElC,MAAM,EAAE,GAAG,MAAM,IAAI,OAAO,CAAY,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC,CAAC;QAChE,CAAC,EAAE,KAAK,CAAC,CAAC;QAEV,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE;YACnC,YAAY,CAAC,OAAO,CAAC,CAAC;YACtB,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;YACrC,YAAY,CAAC,OAAO,CAAC,CAAC;YACtB,MAAM,CAAC,IAAI,KAAK,CAAC,oBAAqB,CAAgB,CAAC,OAAO,IAAI,mBAAmB,EAAE,CAAC,CAAC,CAAC;QAC5F,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,uCAAuC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC,CAAC;IAC3E,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAEzB,6BAA6B;IAC7B,IAAI,eAAe,GAA4C,IAAI,CAAC;IACpE,MAAM,UAAU,GAAG,IAAI,OAAO,CAAe,CAAC,OAAO,EAAE,EAAE;QACvD,eAAe,GAAG,OAAO,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,2BAA2B;IAC3B,MAAM,GAAG;QACP,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,MAAM,EAAE,WAAW;QACnB,QAAQ;QACR,MAAM,EAAE,IAAI;QACZ,EAAE;QACF,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS;QACT,UAAU;QACV,eAAe;KAChB,CAAC;IAEF,qCAAqC;IACrC,EAAE,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;QACvC,IAAI,CAAC,MAAM,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO;QACtD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;YAC9D,IAAI,GAAG,CAAC,IAAI,KAAK,kBAAkB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;gBACtD,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBAC7B,KAAK,CAAC,+BAA+B,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;oBAC/D,iBAAiB,CAAC,OAAO,CAAC,CAAC;gBAC7B,CAAC,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,GAAG,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBAC1C,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBACzB,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAC/B,CAAC;iBAAM,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBAC5C,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBAC3B,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;QAChC,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC5C,KAAK,CAAC,qCAAqC,CAAC,CAAC;YAC7C,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,yCAAyC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;IAExE,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;KAC/B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,cAAc;IAC3B,IAAI,CAAC,MAAM;QAAE,OAAO;IAEpB,MAAM,MAAM,GAAG,IAAI,aAAa,CAAC;QAC/B,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IAEvB,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;IACrB,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAEhC,oCAAoC;IACpC,MAAM,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC/C,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,KAAK,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;QAEnC,2BAA2B;QAC3B,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;YAC1B,KAAK,CAAC,sBAAsB,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACzE,CAAC;aAAM,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,KAAK,CAAC,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;YACjD,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACxE,CAAC;QAED,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,KAAK,CAAC,+CAA+C,CAAC,CAAC;IAEvD,0CAA0C;IAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,MAAM,GAAwB;YAClC,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC;QACF,KAAK,CAAC,oCAAoC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,OAAO,EAAE,CAAC;QAChB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,uBAAuB;IACvB,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC;IAE/C,gEAAgE;IAChE,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,MAAM,GAAwB;QAClC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,MAAM,EAAE,cAAc;KACvB,CAAC;IAEF,KAAK,CAAC,wCAAwC,EAAE,cAAc,CAAC,CAAC;IAChE,MAAM,OAAO,EAAE,CAAC;IAChB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,IAAI,CAAC,MAAM;QAAE,OAAO;IACpB,KAAK,CAAC,2BAA2B,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAErD,uCAAuC;IACvC,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,2DAA2D;IAC3D,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAE/B,MAAM,OAAO,EAAE,CAAC;AAClB,CAAC;AAED,KAAK,UAAU,OAAO;IACpB,IAAI,CAAC,MAAM;QAAE,OAAO;IACpB,MAAM,OAAO,GAAG,MAAM,CAAC;IACvB,MAAM,GAAG,IAAI,CAAC;IAEd,MAAM,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED,IAAI,CAAC,sCAAsC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IAClG,KAAK,CAAC,oBAAoB,CAAC,CAAC;AAC9B,CAAC"}

package/dist/stream.d.ts

@@ -0,0 +1,36 @@
+/**
+ * WebSocket + CDP bridge.
+ * Captures browser screencast frames via CDP, sends them as binary JPEG over WebSocket.
+ * Receives input events (clicks, keystrokes, scroll) from the human via WebSocket,
+ * dispatches them to the browser via CDP.
+ *
+ * The WebSocket is pre-connected by session.ts and passed in — this class does not
+ * manage the WebSocket connection lifecycle.
+ */
+export type StreamResult = "resolved" | "cancelled" | "error" | "timeout";
+export declare class BrowserStream {
+    private opts;
+    private ws;
+    private cdp;
+    private e2ee;
+    private resolveWait;
+    private stopped;
+    private frameCount;
+    private lastFrameData;
+    private startTime;
+    private firstFrameSent;
+    constructor(opts: {
+        ws: WebSocket;
+        cdpUrl: string;
+    });
+    start(): Promise<void>;
+    waitForResolution(): Promise<StreamResult>;
+    stop(): Promise<void>;
+    private handleMessage;
+    private dispatchMouseClick;
+    private dispatchKeyEvent;
+    /** Convert modifier flags to CDP bitmask: Alt=1, Ctrl=2, Meta=4, Shift=8 */
+    private getModifiers;
+    private dispatchPaste;
+    private dispatchScroll;
+}

package/dist/stream.js

@@ -0,0 +1,321 @@
+/**
+ * WebSocket + CDP bridge.
+ * Captures browser screencast frames via CDP, sends them as binary JPEG over WebSocket.
+ * Receives input events (clicks, keystrokes, scroll) from the human via WebSocket,
+ * dispatches them to the browser via CDP.
+ *
+ * The WebSocket is pre-connected by session.ts and passed in — this class does not
+ * manage the WebSocket connection lifecycle.
+ */
+import createDebug from "debug";
+import { CdpClient } from "./cdp.js";
+import { E2EESession } from "./crypto.js";
+const debug = createDebug("authloop:stream");
+const perf = createDebug("authloop:perf");
+/** Windows virtual key codes for CDP Input.dispatchKeyEvent */
+const KEY_CODES = {
+    Backspace: 8, Tab: 9, Enter: 13, Shift: 16, Control: 17, Alt: 18,
+    Escape: 27, " ": 32, PageUp: 33, PageDown: 34, End: 35, Home: 36,
+    ArrowLeft: 37, ArrowUp: 38, ArrowRight: 39, ArrowDown: 40,
+    Insert: 45, Delete: 46,
+    Meta: 91, ContextMenu: 93,
+    F1: 112, F2: 113, F3: 114, F4: 115, F5: 116, F6: 117,
+    F7: 118, F8: 119, F9: 120, F10: 121, F11: 122, F12: 123,
+};
+export class BrowserStream {
+    opts;
+    ws;
+    cdp = null;
+    e2ee = new E2EESession();
+    resolveWait = null;
+    stopped = false;
+    frameCount = 0;
+    lastFrameData = null;
+    startTime = 0;
+    firstFrameSent = false;
+    constructor(opts) {
+        this.opts = opts;
+        this.ws = opts.ws;
+    }
+    async start() {
+        this.startTime = Date.now();
+        // 1. Connect to CDP
+        debug("connecting to CDP: %s", this.opts.cdpUrl);
+        let t0 = Date.now();
+        this.cdp = new CdpClient(this.opts.cdpUrl);
+        this.cdp.onClose(() => {
+            if (!this.stopped) {
+                debug("CDP disconnected unexpectedly");
+                this.resolveWait?.("error");
+            }
+        });
+        await this.cdp.connect();
+        perf("[perf:stream] CDP connect: %dms", Date.now() - t0);
+        debug("CDP connected");
+        // 2. Send our E2EE public key so the viewer can derive the shared secret
+        this.ws.send(JSON.stringify({ type: "pubkey", key: this.e2ee.publicKey }));
+        debug("sent E2EE public key");
+        // 3. Listen for messages from the relay (input events + control)
+        this.ws.addEventListener("message", (event) => {
+            if (this.stopped)
+                return;
+            if (typeof event.data === "string") {
+                try {
+                    const msg = JSON.parse(event.data);
+                    this.handleMessage(msg);
+                }
+                catch {
+                    debug("failed to parse message (dropped)");
+                }
+            }
+        });
+        this.ws.addEventListener("close", () => {
+            if (!this.stopped) {
+                debug("relay WebSocket closed unexpectedly");
+                this.resolveWait?.("error");
+            }
+        });
+        // 4. Forward CDP screencast frames as binary JPEG with metadata header
+        this.cdp.on("Page.screencastFrame", (params) => {
+            if (this.stopped)
+                return;
+            const sessionId = params.sessionId;
+            const data = params.data;
+            const metadata = params.metadata;
+            // ACK so CDP sends the next frame
+            this.cdp?.send("Page.screencastFrameAck", { sessionId }).catch(() => { });
+            // Send frame with metadata as a JSON message, then binary JPEG
+            const jpegBuffer = Buffer.from(data, "base64");
+            const metaJson = JSON.stringify({
+                type: "frame",
+                deviceWidth: metadata?.deviceWidth,
+                deviceHeight: metadata?.deviceHeight,
+                offsetTop: metadata?.offsetTop ?? 0,
+                pageScaleFactor: metadata?.pageScaleFactor ?? 1,
+                scrollOffsetX: metadata?.scrollOffsetX ?? 0,
+                scrollOffsetY: metadata?.scrollOffsetY ?? 0,
+                jpegSize: jpegBuffer.byteLength,
+            });
+            // Cache latest frame so we can send it when a viewer connects
+            this.lastFrameData = { meta: metaJson, jpeg: jpegBuffer };
+            if (this.ws.readyState === WebSocket.OPEN) {
+                this.ws.send(metaJson);
+                this.ws.send(jpegBuffer);
+                this.frameCount++;
+                if (!this.firstFrameSent) {
+                    this.firstFrameSent = true;
+                    const frameTime = Date.now();
+                    perf("[perf:stream] CDP → first screencast frame: %dms", frameTime - this.startTime);
+                    perf("[perf:stream] first frame → first relay send: %dms", Date.now() - frameTime);
+                }
+                if (this.frameCount % 100 === 0) {
+                    debug("sent %d frames", this.frameCount);
+                }
+            }
+        });
+        // 5. Start screencast
+        await this.cdp.send("Page.startScreencast", {
+            format: "jpeg",
+            quality: 60,
+            maxWidth: 1280,
+            maxHeight: 720,
+            everyNthFrame: 1,
+        });
+        debug("screencast started");
+        perf("[perf:stream] total start() time: %dms", Date.now() - this.startTime);
+    }
+    waitForResolution() {
+        return new Promise((resolve) => {
+            if (this.stopped) {
+                resolve("error");
+                return;
+            }
+            this.resolveWait = resolve;
+        });
+    }
+    async stop() {
+        if (this.stopped)
+            return;
+        this.stopped = true;
+        debug("stopping stream (sent %d frames)", this.frameCount);
+        perf("[perf:stream] frames published: %d", this.frameCount);
+        perf("[perf:stream] session duration: %ds", Math.round((Date.now() - this.startTime) / 1000));
+        this.cdp?.send("Page.stopScreencast").catch(() => { });
+        this.cdp?.close();
+        this.cdp = null;
+        this.ws.close();
+        debug("stream stopped");
+    }
+    handleMessage(msg) {
+        const type = msg.type;
+        // Handle E2EE key exchange
+        if (type === "pubkey") {
+            debug("received viewer public key, deriving shared secret");
+            this.e2ee.deriveSecret(msg.key);
+            perf("[perf:stream] E2EE key exchange: %dms", Date.now() - this.startTime);
+            return;
+        }
+        // Handle encrypted messages — decrypt then process as normal
+        if (type === "encrypted") {
+            if (!this.e2ee.ready) {
+                debug("received encrypted message but E2EE not ready, dropping");
+                return;
+            }
+            try {
+                const plaintext = this.e2ee.decrypt(msg.payload);
+                const decrypted = JSON.parse(plaintext);
+                debug("decrypted: %s", decrypted.type);
+                this.handleMessage(decrypted);
+            }
+            catch (err) {
+                debug("decryption failed: %s", err.message);
+            }
+            return;
+        }
+        // Control messages from the relay (always plaintext)
+        switch (type) {
+            case "session_expired":
+                debug("session expired");
+                this.resolveWait?.("timeout");
+                return;
+            case "session_cancelled":
+                debug("session cancelled");
+                this.resolveWait?.("cancelled");
+                return;
+            case "viewer_connected":
+                debug("viewer connected");
+                if (this.lastFrameData && this.ws.readyState === WebSocket.OPEN) {
+                    debug("sending cached frame to new viewer");
+                    this.ws.send(this.lastFrameData.meta);
+                    this.ws.send(this.lastFrameData.jpeg);
+                }
+                return;
+            case "viewer_disconnected":
+                debug("viewer disconnected");
+                return;
+        }
+        // Input events — must be decrypted (no plaintext fallback)
+        // These arrive only after E2EE decrypt (recursive handleMessage call)
+        switch (type) {
+            case "click":
+            case "dblclick":
+                this.dispatchMouseClick(msg);
+                break;
+            case "keydown":
+            case "keyup":
+            case "keypress":
+                this.dispatchKeyEvent(msg);
+                break;
+            case "scroll":
+                this.dispatchScroll(msg);
+                break;
+            case "paste":
+                this.dispatchPaste(msg);
+                break;
+            case "back":
+                debug("navigate back");
+                this.cdp?.send("Runtime.evaluate", { expression: "history.back()" }).catch(() => { });
+                break;
+            case "forward":
+                debug("navigate forward");
+                this.cdp?.send("Runtime.evaluate", { expression: "history.forward()" }).catch(() => { });
+                break;
+            case "reload":
+                debug("reload page");
+                this.cdp?.send("Page.reload").catch(() => { });
+                break;
+            case "resolved":
+                debug("viewer marked auth as complete");
+                this.resolveWait?.("resolved");
+                break;
+            case "cancelled":
+                debug("viewer cancelled the session");
+                this.resolveWait?.("cancelled");
+                break;
+            default:
+                debug("unknown message type: %s (dropped)", type);
+                break;
+        }
+    }
+    dispatchMouseClick(msg) {
+        if (!this.cdp)
+            return;
+        const x = msg.x;
+        const y = msg.y;
+        const button = msg.button || "left";
+        const clickCount = msg.type === "dblclick" ? 2 : 1;
+        this.cdp
+            .send("Input.dispatchMouseEvent", { type: "mousePressed", x, y, button, clickCount })
+            .then(() => this.cdp?.send("Input.dispatchMouseEvent", { type: "mouseReleased", x, y, button, clickCount }))
+            .catch(() => { });
+    }
+    dispatchKeyEvent(msg) {
+        if (!this.cdp)
+            return;
+        const type = msg.type;
+        const key = msg.key;
+        const code = msg.code;
+        const modifiers = this.getModifiers(msg);
+        const keyCode = key ? KEY_CODES[key] ?? 0 : 0;
+        if (type === "keypress") {
+            // Printable character — send char only (viewer sends keyup separately)
+            const text = key && key.length === 1 ? key : undefined;
+            if (text) {
+                this.cdp.send("Input.dispatchKeyEvent", {
+                    type: "char", text, modifiers,
+                }).catch(() => { });
+            }
+        }
+        else if (type === "keydown") {
+            // Special keys (Backspace, Enter, arrows, etc.) or modified keys (Ctrl+A)
+            const isModifiedPrintable = key && key.length === 1 && modifiers > 0;
+            const text = isModifiedPrintable ? key : undefined;
+            this.cdp.send("Input.dispatchKeyEvent", {
+                type: "rawKeyDown", key, code, text, modifiers,
+                windowsVirtualKeyCode: keyCode || (key && key.length === 1 ? key.toUpperCase().charCodeAt(0) : 0),
+                nativeVirtualKeyCode: keyCode || (key && key.length === 1 ? key.toUpperCase().charCodeAt(0) : 0),
+            }).catch(() => { });
+        }
+        else if (type === "keyup") {
+            this.cdp.send("Input.dispatchKeyEvent", {
+                type: "keyUp", key, code, modifiers,
+                windowsVirtualKeyCode: keyCode || (key && key.length === 1 ? key.toUpperCase().charCodeAt(0) : 0),
+                nativeVirtualKeyCode: keyCode || (key && key.length === 1 ? key.toUpperCase().charCodeAt(0) : 0),
+            }).catch(() => { });
+        }
+    }
+    /** Convert modifier flags to CDP bitmask: Alt=1, Ctrl=2, Meta=4, Shift=8 */
+    getModifiers(msg) {
+        let m = 0;
+        if (msg.altKey)
+            m |= 1;
+        if (msg.ctrlKey)
+            m |= 2;
+        if (msg.metaKey)
+            m |= 4;
+        if (msg.shiftKey)
+            m |= 8;
+        return m;
+    }
+    dispatchPaste(msg) {
+        if (!this.cdp)
+            return;
+        const text = msg.text;
+        if (text) {
+            debug("paste: %d chars", text.length);
+            this.cdp.send("Input.insertText", { text }).catch(() => { });
+        }
+    }
+    dispatchScroll(msg) {
+        if (!this.cdp)
+            return;
+        const x = msg.x;
+        const y = msg.y;
+        const deltaX = msg.deltaX || 0;
+        const deltaY = msg.deltaY || 0;
+        this.cdp
+            .send("Input.dispatchMouseEvent", { type: "mouseWheel", x, y, deltaX, deltaY })
+            .catch(() => { });
+    }
+}
+//# sourceMappingURL=stream.js.map

package/dist/stream.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stream.js","sourceRoot":"","sources":["../src/stream.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,WAAW,MAAM,OAAO,CAAC;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,MAAM,KAAK,GAAG,WAAW,CAAC,iBAAiB,CAAC,CAAC;AAC7C,MAAM,IAAI,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC;AAE1C,+DAA+D;AAC/D,MAAM,SAAS,GAA2B;IACxC,SAAS,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE;IAChE,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE;IAChE,SAAS,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE;IACzD,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE;IACtB,IAAI,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE;IACzB,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG;IACpD,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;CACxD,CAAC;AAIF,MAAM,OAAO,aAAa;IAYd;IAXF,EAAE,CAAY;IACd,GAAG,GAAqB,IAAI,CAAC;IAC7B,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;IACzB,WAAW,GAA4C,IAAI,CAAC;IAC5D,OAAO,GAAG,KAAK,CAAC;IAChB,UAAU,GAAG,CAAC,CAAC;IACf,aAAa,GAA0C,IAAI,CAAC;IAC5D,SAAS,GAAG,CAAC,CAAC;IACd,cAAc,GAAG,KAAK,CAAC;IAE/B,YACU,IAGP;QAHO,SAAI,GAAJ,IAAI,CAGX;QAED,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE5B,oBAAoB;QACpB,KAAK,CAAC,uBAAuB,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACpB,IAAI,CAAC,GAAG,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YACpB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,KAAK,CAAC,+BAA+B,CAAC,CAAC;gBACvC,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACzB,IAAI,CAAC,iCAAiC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QACzD,KAAK,CAAC,eAAe,CAAC,CAAC;QAEvB,yEAAyE;QACzE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC3E,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAE9B,iEAAiE;QACjE,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YAC5C,IAAI,IAAI,CAAC,OAAO;gBAAE,OAAO;YACzB,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnC,IAAI,CAAC;oBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;oBAC9D,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;gBAC1B,CAAC;gBAAC,MAAM,CAAC;oBACP,KAAK,CAAC,mCAAmC,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;YACrC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,KAAK,CAAC,qCAAqC,CAAC,CAAC;gBAC7C,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,uEAAuE;QACvE,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,sBAAsB,EAAE,CAAC,MAA+B,EAAE,EAAE;YACtE,IAAI,IAAI,CAAC,OAAO;gBAAE,OAAO;YAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,SAAmB,CAAC;YAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAc,CAAC;YACnC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAOX,CAAC;YAEd,kCAAkC;YAClC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC;gBAC9B,IAAI,EAAE,OAAO;gBACb,WAAW,EAAE,QAAQ,EAAE,WAAW;gBAClC,YAAY,EAAE,QAAQ,EAAE,YAAY;gBACpC,SAAS,EAAE,QAAQ,EAAE,SAAS,IAAI,CAAC;gBACnC,eAAe,EAAE,QAAQ,EAAE,eAAe,IAAI,CAAC;gBAC/C,aAAa,EAAE,QAAQ,EAAE,aAAa,IAAI,CAAC;gBAC3C,aAAa,EAAE,QAAQ,EAAE,aAAa,IAAI,CAAC;gBAC3C,QAAQ,EAAE,UAAU,CAAC,UAAU;aAChC,CAAC,CAAC;YAEH,8DAA8D;YAC9D,IAAI,CAAC,aAAa,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAE1D,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC1C,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACvB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAEzB,IAAI,CAAC,UAAU,EAAE,CAAC;gBAElB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;oBACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;oBAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;oBAC7B,IAAI,CAAC,kDAAkD,EAAE,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;oBACrF,IAAI,CAAC,oDAAoD,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;gBACrF,CAAC;gBAED,IAAI,IAAI,CAAC,UAAU,GAAG,GAAG,KAAK,CAAC,EAAE,CAAC;oBAChC,KAAK,CAAC,gBAAgB,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,sBAAsB;QACtB,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE;YACX,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,aAAa,EAAE,CAAC;SACjB,CAAC,CAAC;QACH,KAAK,CAAC,oBAAoB,CAAC,CAAC;QAC5B,IAAI,CAAC,wCAAwC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAC9E,CAAC;IAED,iBAAiB;QACf,OAAO,IAAI,OAAO,CAAe,CAAC,OAAO,EAAE,EAAE;YAC3C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,OAAO,CAAC,OAAO,CAAC,CAAC;gBACjB,OAAO;YACT,CAAC;YACD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,OAAO;YAAE,OAAO;QACzB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,KAAK,CAAC,kCAAkC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3D,IAAI,CAAC,oCAAoC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC5D,IAAI,CAAC,qCAAqC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAE9F,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QAClB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC;QAEhB,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAChB,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC1B,CAAC;IAEO,aAAa,CAAC,GAA4B;QAChD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAc,CAAC;QAEhC,2BAA2B;QAC3B,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,KAAK,CAAC,oDAAoD,CAAC,CAAC;YAC5D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAa,CAAC,CAAC;YAC1C,IAAI,CAAC,uCAAuC,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;YAC3E,OAAO;QACT,CAAC;QAED,6DAA6D;QAC7D,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACrB,KAAK,CAAC,yDAAyD,CAAC,CAAC;gBACjE,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAA0D,CAAC,CAAC;gBACpG,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAA4B,CAAC;gBACnE,KAAK,CAAC,eAAe,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;gBACvC,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;YAChC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,KAAK,CAAC,uBAAuB,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;YACzD,CAAC;YACD,OAAO;QACT,CAAC;QAED,qDAAqD;QACrD,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,iBAAiB;gBACpB,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBACzB,IAAI,CAAC,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC;gBAC9B,OAAO;YACT,KAAK,mBAAmB;gBACtB,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBAC3B,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,CAAC;gBAChC,OAAO;YACT,KAAK,kBAAkB;gBACrB,KAAK,CAAC,kBAAkB,CAAC,CAAC;gBAC1B,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;oBAChE,KAAK,CAAC,oCAAoC,CAAC,CAAC;oBAC5C,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;oBACtC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;gBACxC,CAAC;gBACD,OAAO;YACT,KAAK,qBAAqB;gBACxB,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBAC7B,OAAO;QACX,CAAC;QAED,2DAA2D;QAC3D,sEAAsE;QACtE,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,OAAO,CAAC;YACb,KAAK,UAAU;gBACb,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;gBAC7B,MAAM;YACR,KAAK,SAAS,CAAC;YACf,KAAK,OAAO,CAAC;YACb,KAAK,UAAU;gBACb,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAC3B,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;gBACzB,MAAM;YACR,KAAK,OAAO;gBACV,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;gBACxB,MAAM;YACR,KAAK,MAAM;gBACT,KAAK,CAAC,eAAe,CAAC,CAAC;gBACvB,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBACrF,MAAM;YACR,KAAK,SAAS;gBACZ,KAAK,CAAC,kBAAkB,CAAC,CAAC;gBAC1B,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,UAAU,EAAE,mBAAmB,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBACxF,MAAM;YACR,KAAK,QAAQ;gBACX,KAAK,CAAC,aAAa,CAAC,CAAC;gBACrB,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBAC9C,MAAM;YACR,KAAK,UAAU;gBACb,KAAK,CAAC,gCAAgC,CAAC,CAAC;gBACxC,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,WAAW;gBACd,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBACtC,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,CAAC;gBAChC,MAAM;YACR;gBACE,KAAK,CAAC,oCAAoC,EAAE,IAAI,CAAC,CAAC;gBAClD,MAAM;QACV,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,GAA4B;QACrD,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QACtB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAW,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAW,CAAC;QAC1B,MAAM,MAAM,GAAI,GAAG,CAAC,MAAiB,IAAI,MAAM,CAAC;QAChD,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnD,IAAI,CAAC,GAAG;aACL,IAAI,CAAC,0BAA0B,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;aACpF,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,0BAA0B,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;aAC3G,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrB,CAAC;IAEO,gBAAgB,CAAC,GAA4B;QACnD,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QACtB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAc,CAAC;QAChC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAyB,CAAC;QAC1C,MAAM,IAAI,GAAG,GAAG,CAAC,IAA0B,CAAC;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9C,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;YACxB,uEAAuE;YACvE,MAAM,IAAI,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACvD,IAAI,IAAI,EAAE,CAAC;gBACT,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,wBAAwB,EAAE;oBACtC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS;iBAC9B,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;aAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YAC9B,0EAA0E;YAC1E,MAAM,mBAAmB,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,GAAG,CAAC,CAAC;YACrE,MAAM,IAAI,GAAG,mBAAmB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACnD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBACtC,IAAI,EAAE,YAAY,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS;gBAC9C,qBAAqB,EAAE,OAAO,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACjG,oBAAoB,EAAE,OAAO,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACjG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACrB,CAAC;aAAM,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBACtC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS;gBACnC,qBAAqB,EAAE,OAAO,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACjG,oBAAoB,EAAE,OAAO,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACjG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IAED,4EAA4E;IACpE,YAAY,CAAC,GAA4B;QAC/C,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,IAAI,GAAG,CAAC,MAAM;YAAE,CAAC,IAAI,CAAC,CAAC;QACvB,IAAI,GAAG,CAAC,OAAO;YAAE,CAAC,IAAI,CAAC,CAAC;QACxB,IAAI,GAAG,CAAC,OAAO;YAAE,CAAC,IAAI,CAAC,CAAC;QACxB,IAAI,GAAG,CAAC,QAAQ;YAAE,CAAC,IAAI,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC;IACX,CAAC;IAEO,aAAa,CAAC,GAA4B;QAChD,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QACtB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAc,CAAC;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,KAAK,CAAC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;YACtC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAEO,cAAc,CAAC,GAA4B;QACjD,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QACtB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAW,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAW,CAAC;QAC1B,MAAM,MAAM,GAAI,GAAG,CAAC,MAAiB,IAAI,CAAC,CAAC;QAC3C,MAAM,MAAM,GAAI,GAAG,CAAC,MAAiB,IAAI,CAAC,CAAC;QAE3C,IAAI,CAAC,GAAG;aACL,IAAI,CAAC,0BAA0B,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;aAC9E,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrB,CAAC;CACF"}

package/package.json

@@ -0,0 +1,56 @@
+{
+  "name": "@authloop-ai/core",
+  "version": "0.2.0",
+  "description": "Core engine for AuthLoop — CDP screencast, E2EE, WebSocket relay",
+  "type": "module",
+  "license": "MIT",
+  "author": "AuthLoop <hello@authloop.ai> (https://authloop.ai)",
+  "homepage": "https://github.com/authloop-ai/authloop/tree/main/packages/core#readme",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/authloop-ai/authloop.git",
+    "directory": "packages/core"
+  },
+  "bugs": {
+    "url": "https://github.com/authloop-ai/authloop/issues"
+  },
+  "keywords": [
+    "authloop",
+    "authentication",
+    "cdp",
+    "screencast",
+    "e2ee",
+    "websocket",
+    "human-in-the-loop"
+  ],
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "debug": "^4.4.3",
+    "@authloop-ai/sdk": "0.2.0"
+  },
+  "devDependencies": {
+    "@types/debug": "^4.1.12",
+    "@types/node": "^22.0.0",
+    "typescript": "5.9.3"
+  },
+  "scripts": {
+    "build": "tsc",
+    "check-types": "tsc --noEmit",
+    "test": "vitest run"
+  }
+}