@aztec/wallet-sdk 0.0.1-commit.21caa21 → 0.0.1-commit.3469e52

package/dest/crypto.js

@@ -0,0 +1,300 @@
+/**
+ * Cryptographic utilities for secure wallet communication.
+ *
+ * This module provides ECDH key exchange and AES-GCM encryption primitives
+ * for establishing secure communication channels between dApps and wallet extensions.
+ *
+ * The crypto flow:
+ * 1. Both parties generate ECDH key pairs using {@link generateKeyPair}
+ * 2. Public keys are exchanged (exported via {@link exportPublicKey}, imported via {@link importPublicKey})
+ * 3. Both parties derive the same shared secret using {@link deriveSharedKey}
+ * 4. Messages are encrypted/decrypted using {@link encrypt} and {@link decrypt}
+ *
+ * @example
+ * ```typescript
+ * // Party A
+ * const keyPairA = await generateKeyPair();
+ * const publicKeyA = await exportPublicKey(keyPairA.publicKey);
+ *
+ * // Party B
+ * const keyPairB = await generateKeyPair();
+ * const publicKeyB = await exportPublicKey(keyPairB.publicKey);
+ *
+ * // Exchange public keys, then derive shared secret
+ * const importedB = await importPublicKey(publicKeyB);
+ * const sharedKeyA = await deriveSharedKey(keyPairA.privateKey, importedB);
+ *
+ * // Encrypt and decrypt
+ * const encrypted = await encrypt(sharedKeyA, { message: 'hello' });
+ * const decrypted = await decrypt(sharedKeyB, encrypted);
+ * ```
+ *
+ * @packageDocumentation
+ */ import { jsonStringify } from '@aztec/foundation/json-rpc';
+/**
+ * Generates an ECDH P-256 key pair for key exchange.
+ *
+ * The generated key pair can be used to derive a shared secret with another
+ * party's public key using {@link deriveSharedKey}.
+ *
+ * @returns A new ECDH key pair
+ *
+ * @example
+ * ```typescript
+ * const keyPair = await generateKeyPair();
+ * const publicKey = await exportPublicKey(keyPair.publicKey);
+ * // Send publicKey to the other party
+ * ```
+ */ export async function generateKeyPair() {
+    const keyPair = await crypto.subtle.generateKey({
+        name: 'ECDH',
+        namedCurve: 'P-256'
+    }, true, [
+        'deriveKey'
+    ]);
+    return {
+        publicKey: keyPair.publicKey,
+        privateKey: keyPair.privateKey
+    };
+}
+/**
+ * Exports a public key to JWK format for transmission.
+ *
+ * The exported key contains only public components and is safe to transmit
+ * over untrusted channels.
+ *
+ * @param publicKey - The CryptoKey public key to export
+ * @returns The public key in JWK format
+ *
+ * @example
+ * ```typescript
+ * const keyPair = await generateKeyPair();
+ * const exported = await exportPublicKey(keyPair.publicKey);
+ * // exported can be JSON serialized and sent to another party
+ * ```
+ */ export async function exportPublicKey(publicKey) {
+    const jwk = await crypto.subtle.exportKey('jwk', publicKey);
+    return {
+        kty: jwk.kty,
+        crv: jwk.crv,
+        x: jwk.x,
+        y: jwk.y
+    };
+}
+/**
+ * Imports a public key from JWK format.
+ *
+ * Used to import the other party's public key for deriving a shared secret.
+ *
+ * @param exported - The public key in JWK format
+ * @returns A CryptoKey that can be used with {@link deriveSharedKey}
+ *
+ * @example
+ * ```typescript
+ * // Receive exported public key from other party
+ * const theirPublicKey = await importPublicKey(receivedPublicKey);
+ * const sharedKey = await deriveSharedKey(myPrivateKey, theirPublicKey);
+ * ```
+ */ export function importPublicKey(exported) {
+    return crypto.subtle.importKey('jwk', {
+        kty: exported.kty,
+        crv: exported.crv,
+        x: exported.x,
+        y: exported.y
+    }, {
+        name: 'ECDH',
+        namedCurve: 'P-256'
+    }, false, []);
+}
+/**
+ * Derives a shared AES-256-GCM key from ECDH key exchange.
+ *
+ * Both parties will derive the same shared key when using their own private key
+ * and the other party's public key. This is the core of ECDH key agreement.
+ *
+ * @param privateKey - Your ECDH private key
+ * @param publicKey - The other party's ECDH public key
+ * @returns An AES-256-GCM key for encryption/decryption
+ *
+ * @example
+ * ```typescript
+ * // Both parties derive the same key
+ * const sharedKeyA = await deriveSharedKey(privateKeyA, publicKeyB);
+ * const sharedKeyB = await deriveSharedKey(privateKeyB, publicKeyA);
+ * // sharedKeyA and sharedKeyB are equivalent
+ * ```
+ */ export function deriveSharedKey(privateKey, publicKey) {
+    return crypto.subtle.deriveKey({
+        name: 'ECDH',
+        public: publicKey
+    }, privateKey, {
+        name: 'AES-GCM',
+        length: 256
+    }, true, [
+        'encrypt',
+        'decrypt'
+    ]);
+}
+/**
+ * Encrypts data using AES-256-GCM.
+ *
+ * The data is JSON serialized before encryption. A random 12-byte IV is
+ * generated for each encryption operation.
+ *
+ * AES-GCM provides both confidentiality and authenticity - any tampering
+ * with the ciphertext will cause decryption to fail.
+ *
+ * @param key - The AES-GCM key (from {@link deriveSharedKey})
+ * @param data - The data to encrypt (will be JSON serialized)
+ * @returns The encrypted payload with IV and ciphertext
+ *
+ * @example
+ * ```typescript
+ * const encrypted = await encrypt(sharedKey, { action: 'transfer', amount: 100 });
+ * // encrypted.iv and encrypted.ciphertext are base64 strings
+ * ```
+ */ export async function encrypt(key, data) {
+    const iv = crypto.getRandomValues(new Uint8Array(12));
+    const encoded = new TextEncoder().encode(jsonStringify(data));
+    const ciphertext = await crypto.subtle.encrypt({
+        name: 'AES-GCM',
+        iv
+    }, key, encoded);
+    return {
+        iv: arrayBufferToBase64(iv),
+        ciphertext: arrayBufferToBase64(ciphertext)
+    };
+}
+/**
+ * Decrypts data using AES-256-GCM.
+ *
+ * The decrypted data is JSON parsed before returning.
+ *
+ * @typeParam T - The expected type of the decrypted data
+ * @param key - The AES-GCM key (from {@link deriveSharedKey})
+ * @param payload - The encrypted payload from {@link encrypt}
+ * @returns The decrypted and parsed data
+ *
+ * @throws Error if decryption fails (wrong key or tampered ciphertext)
+ *
+ * @example
+ * ```typescript
+ * const decrypted = await decrypt<{ action: string; amount: number }>(sharedKey, encrypted);
+ * console.log(decrypted.action); // 'transfer'
+ * ```
+ */ export async function decrypt(key, payload) {
+    const iv = base64ToArrayBuffer(payload.iv);
+    const ciphertext = base64ToArrayBuffer(payload.ciphertext);
+    const decrypted = await crypto.subtle.decrypt({
+        name: 'AES-GCM',
+        iv
+    }, key, ciphertext);
+    const decoded = new TextDecoder().decode(decrypted);
+    return JSON.parse(decoded);
+}
+/**
+ * Converts ArrayBuffer to base64 string.
+ * @internal
+ */ function arrayBufferToBase64(buffer) {
+    const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
+    let binary = '';
+    for(let i = 0; i < bytes.byteLength; i++){
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return btoa(binary);
+}
+/**
+ * Converts base64 string to ArrayBuffer.
+ * @internal
+ */ function base64ToArrayBuffer(base64) {
+    const binary = atob(base64);
+    const bytes = new Uint8Array(binary.length);
+    for(let i = 0; i < binary.length; i++){
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes.buffer;
+}
+/**
+ * Emoji alphabet for visual verification of shared secrets.
+ * 32 distinct, easily recognizable emojis for anti-spoofing verification.
+ * @internal
+ */ const EMOJI_ALPHABET = [
+    '🔵',
+    '🟢',
+    '🔴',
+    '🟡',
+    '🟣',
+    '🟠',
+    '⚫',
+    '⚪',
+    '🌟',
+    '🌙',
+    '☀️',
+    '🌈',
+    '🔥',
+    '💧',
+    '🌸',
+    '🍀',
+    '🦋',
+    '🐬',
+    '🦊',
+    '🐼',
+    '🦁',
+    '🐯',
+    '🐸',
+    '🦉',
+    '🎵',
+    '🎨',
+    '🎯',
+    '🎲',
+    '🔔',
+    '💎',
+    '🔑',
+    '🏆'
+];
+/**
+ * Hashes a shared AES key to a hex string for verification.
+ *
+ * This extracts the raw key material and hashes it with SHA-256,
+ * returning the first 16 bytes as a hex string.
+ *
+ * @param sharedKey - The AES-GCM shared key (must be extractable)
+ * @returns A hex string representation of the hash
+ *
+ * @example
+ * ```typescript
+ * const hash = await hashSharedSecret(sharedKey);
+ * const emoji = hashToEmoji(hash);
+ * ```
+ */ export async function hashSharedSecret(sharedKey) {
+    const rawKey = await crypto.subtle.exportKey('raw', sharedKey);
+    const hash = await crypto.subtle.digest('SHA-256', rawKey);
+    const bytes = new Uint8Array(hash.slice(0, 16));
+    return Array.from(bytes).map((b)=>b.toString(16).padStart(2, '0')).join('');
+}
+/**
+ * Converts a hex hash to an emoji sequence for visual verification.
+ *
+ * This is used for anti-MITM verification - both the dApp and wallet
+ * independently compute the same emoji sequence from the shared secret.
+ * Users can visually compare the sequences to detect interception.
+ *
+ * Similar to SAS (Short Authentication String) in ZRTP/Signal.
+ *
+ * @param hash - Hex string from {@link hashSharedSecret}
+ * @param length - Number of emojis to generate (default: 4)
+ * @returns A string of emojis representing the hash
+ *
+ * @example
+ * ```typescript
+ * const hash = await hashSharedSecret(sharedKey);
+ * const emoji = hashToEmoji(hash); // e.g., "🔵🦋🎯🐼"
+ * // Display to user for verification
+ * ```
+ */ export function hashToEmoji(hash, length = 4) {
+    const bytes = [];
+    for(let i = 0; i < hash.length && bytes.length < length; i += 2){
+        bytes.push(parseInt(hash.slice(i, i + 2), 16));
+    }
+    return bytes.map((b)=>EMOJI_ALPHABET[b % EMOJI_ALPHABET.length]).join('');
+}

package/dest/manager/index.d.ts

@@ -1,8 +1,9 @@
 export { WalletManager } from './wallet_manager.js';
-export type { WalletManagerConfig, ExtensionWalletConfig, WebWalletConfig, WalletProviderType, WalletProvider, DiscoverWalletsOptions, } from './types.js';
-export type { WalletInfo, WalletMessage, WalletResponse, DiscoveryRequest, DiscoveryResponse, } from '../providers/types.js';
+export type { WalletManagerConfig, ExtensionWalletConfig, WebWalletConfig, WalletProviderType, WalletProvider, ProviderDisconnectionCallback, DiscoverWalletsOptions, } from './types.js';
+export { WalletMessageType } from '../types.js';
+export type { WalletInfo, WalletMessage, WalletResponse, DiscoveryRequest, DiscoveryResponse } from '../types.js';
 export { ChainInfoSchema } from '@aztec/aztec.js/account';
 export type { ChainInfo } from '@aztec/aztec.js/account';
 export { WalletSchema } from '@aztec/aztec.js/wallet';
 export { jsonStringify } from '@aztec/foundation/json-rpc';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUNwRCxZQUFZLEVBQ1YsbUJBQW1CLEVBQ25CLHFCQUFxQixFQUNyQixlQUFlLEVBQ2Ysa0JBQWtCLEVBQ2xCLGNBQWMsRUFDZCxzQkFBc0IsR0FDdkIsTUFBTSxZQUFZLENBQUM7QUFHcEIsWUFBWSxFQUNWLFVBQVUsRUFDVixhQUFhLEVBQ2IsY0FBYyxFQUNkLGdCQUFnQixFQUNoQixpQkFBaUIsR0FDbEIsTUFBTSx1QkFBdUIsQ0FBQztBQUcvQixPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDMUQsWUFBWSxFQUFFLFNBQVMsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3pELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUN0RCxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sNEJBQTRCLENBQUMifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUNwRCxZQUFZLEVBQ1YsbUJBQW1CLEVBQ25CLHFCQUFxQixFQUNyQixlQUFlLEVBQ2Ysa0JBQWtCLEVBQ2xCLGNBQWMsRUFDZCw2QkFBNkIsRUFDN0Isc0JBQXNCLEdBQ3ZCLE1BQU0sWUFBWSxDQUFDO0FBR3BCLE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUNoRCxZQUFZLEVBQUUsVUFBVSxFQUFFLGFBQWEsRUFBRSxjQUFjLEVBQUUsZ0JBQWdCLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxhQUFhLENBQUM7QUFHbEgsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzFELFlBQVksRUFBRSxTQUFTLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUN6RCxPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFDdEQsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLDRCQUE0QixDQUFDIn0=

package/dest/manager/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/manager/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,YAAY,EACV,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,kBAAkB,EAClB,cAAc,EACd,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAGpB,YAAY,EACV,UAAU,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,YAAY,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/manager/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,YAAY,EACV,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,kBAAkB,EAClB,cAAc,EACd,6BAA6B,EAC7B,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAChD,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGlH,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,YAAY,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC"}

package/dest/manager/index.js

@@ -1,4 +1,6 @@
 export { WalletManager } from './wallet_manager.js';
+// Re-export types and enums from providers for convenience
+export { WalletMessageType } from '../types.js';
 // Re-export commonly needed utilities for wallet integration
 export { ChainInfoSchema } from '@aztec/aztec.js/account';
 export { WalletSchema } from '@aztec/aztec.js/wallet';

package/dest/manager/types.d.ts

@@ -31,6 +31,10 @@ export interface WalletManagerConfig {
  * Type of wallet provider
  */
 export type WalletProviderType = 'extension' | 'web' | 'embedded';
+/**
+ * Callback type for wallet disconnect events at the provider level.
+ */
+export type ProviderDisconnectionCallback = () => void;
 /**
  * A wallet provider that can connect to create a wallet instance.
  * Chain information is already baked in from the discovery process.
@@ -51,6 +55,23 @@ export interface WalletProvider {
      * @param appId - Application identifier for the requesting dapp
      */
     connect(appId: string): Promise<Wallet>;
+    /**
+     * Disconnects the current wallet and cleans up resources.
+     * After calling this, the wallet returned from connect() should no longer be used.
+     * @returns A promise that resolves when disconnection is complete
+     */
+    disconnect?(): Promise<void>;
+    /**
+     * Registers a callback to be invoked when the wallet disconnects unexpectedly.
+     * @param callback - Function to call when wallet disconnects
+     * @returns A function to unregister the callback
+     */
+    onDisconnect?(callback: ProviderDisconnectionCallback): () => void;
+    /**
+     * Returns whether the provider's wallet connection has been disconnected.
+     * @returns true if the wallet is no longer connected
+     */
+    isDisconnected?(): boolean;
 }
 /**
  * Options for discovering wallets
@@ -61,4 +82,4 @@ export interface DiscoverWalletsOptions {
     /** Discovery timeout in milliseconds */
     timeout?: number;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxFQUFFLFNBQVMsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3pELE9BQU8sS0FBSyxFQUFFLE1BQU0sRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBRXJEOztHQUVHO0FBQ0gsTUFBTSxXQUFXLHFCQUFxQjtJQUNwQyw0Q0FBNEM7SUFDNUMsT0FBTyxFQUFFLE9BQU8sQ0FBQztJQUNqQix5REFBeUQ7SUFDekQsU0FBUyxDQUFDLEVBQUUsTUFBTSxFQUFFLENBQUM7SUFDckIseURBQXlEO0lBQ3pELFNBQVMsQ0FBQyxFQUFFLE1BQU0sRUFBRSxDQUFDO0NBQ3RCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLFdBQVcsZUFBZTtJQUM5QixrQ0FBa0M7SUFDbEMsSUFBSSxFQUFFLE1BQU0sRUFBRSxDQUFDO0NBQ2hCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLFdBQVcsbUJBQW1CO0lBQ2xDLHFDQUFxQztJQUNyQyxVQUFVLENBQUMsRUFBRSxxQkFBcUIsQ0FBQztJQUNuQywrQkFBK0I7SUFDL0IsVUFBVSxDQUFDLEVBQUUsZUFBZSxDQUFDO0NBQzlCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLE1BQU0sa0JBQWtCLEdBQUcsV0FBVyxHQUFHLEtBQUssR0FBRyxVQUFVLENBQUM7QUFFbEU7OztHQUdHO0FBQ0gsTUFBTSxXQUFXLGNBQWM7SUFDN0IseUNBQXlDO0lBQ3pDLEVBQUUsRUFBRSxNQUFNLENBQUM7SUFDWCw4QkFBOEI7SUFDOUIsSUFBSSxFQUFFLGtCQUFrQixDQUFDO0lBQ3pCLG1CQUFtQjtJQUNuQixJQUFJLEVBQUUsTUFBTSxDQUFDO0lBQ2IsZUFBZTtJQUNmLElBQUksQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUNkLDBCQUEwQjtJQUMxQixRQUFRLENBQUMsRUFBRSxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQ25DOzs7T0FHRztJQUNILE9BQU8sQ0FBQyxLQUFLLEVBQUUsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztDQUN6QztBQUVEOztHQUVHO0FBQ0gsTUFBTSxXQUFXLHNCQUFzQjtJQUNyQyxxQ0FBcUM7SUFDckMsU0FBUyxFQUFFLFNBQVMsQ0FBQztJQUNyQix3Q0FBd0M7SUFDeEMsT0FBTyxDQUFDLEVBQUUsTUFBTSxDQUFDO0NBQ2xCIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxFQUFFLFNBQVMsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3pELE9BQU8sS0FBSyxFQUFFLE1BQU0sRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBRXJEOztHQUVHO0FBQ0gsTUFBTSxXQUFXLHFCQUFxQjtJQUNwQyw0Q0FBNEM7SUFDNUMsT0FBTyxFQUFFLE9BQU8sQ0FBQztJQUNqQix5REFBeUQ7SUFDekQsU0FBUyxDQUFDLEVBQUUsTUFBTSxFQUFFLENBQUM7SUFDckIseURBQXlEO0lBQ3pELFNBQVMsQ0FBQyxFQUFFLE1BQU0sRUFBRSxDQUFDO0NBQ3RCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLFdBQVcsZUFBZTtJQUM5QixrQ0FBa0M7SUFDbEMsSUFBSSxFQUFFLE1BQU0sRUFBRSxDQUFDO0NBQ2hCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLFdBQVcsbUJBQW1CO0lBQ2xDLHFDQUFxQztJQUNyQyxVQUFVLENBQUMsRUFBRSxxQkFBcUIsQ0FBQztJQUNuQywrQkFBK0I7SUFDL0IsVUFBVSxDQUFDLEVBQUUsZUFBZSxDQUFDO0NBQzlCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLE1BQU0sa0JBQWtCLEdBQUcsV0FBVyxHQUFHLEtBQUssR0FBRyxVQUFVLENBQUM7QUFFbEU7O0dBRUc7QUFDSCxNQUFNLE1BQU0sNkJBQTZCLEdBQUcsTUFBTSxJQUFJLENBQUM7QUFFdkQ7OztHQUdHO0FBQ0gsTUFBTSxXQUFXLGNBQWM7SUFDN0IseUNBQXlDO0lBQ3pDLEVBQUUsRUFBRSxNQUFNLENBQUM7SUFDWCw4QkFBOEI7SUFDOUIsSUFBSSxFQUFFLGtCQUFrQixDQUFDO0lBQ3pCLG1CQUFtQjtJQUNuQixJQUFJLEVBQUUsTUFBTSxDQUFDO0lBQ2IsZUFBZTtJQUNmLElBQUksQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUNkLDBCQUEwQjtJQUMxQixRQUFRLENBQUMsRUFBRSxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQ25DOzs7T0FHRztJQUNILE9BQU8sQ0FBQyxLQUFLLEVBQUUsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN4Qzs7OztPQUlHO0lBQ0gsVUFBVSxDQUFDLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzdCOzs7O09BSUc7SUFDSCxZQUFZLENBQUMsQ0FBQyxRQUFRLEVBQUUsNkJBQTZCLEdBQUcsTUFBTSxJQUFJLENBQUM7SUFDbkU7OztPQUdHO0lBQ0gsY0FBYyxDQUFDLElBQUksT0FBTyxDQUFDO0NBQzVCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLFdBQVcsc0JBQXNCO0lBQ3JDLHFDQUFxQztJQUNyQyxTQUFTLEVBQUUsU0FBUyxDQUFDO0lBQ3JCLHdDQUF3QztJQUN4QyxPQUFPLENBQUMsRUFBRSxNQUFNLENBQUM7Q0FDbEIifQ==

package/dest/manager/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/manager/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,4CAA4C;IAC5C,OAAO,EAAE,OAAO,CAAC;IACjB,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,kCAAkC;IAClC,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,qCAAqC;IACrC,UAAU,CAAC,EAAE,qBAAqB,CAAC;IACnC,+BAA+B;IAC/B,UAAU,CAAC,EAAE,eAAe,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,WAAW,GAAG,KAAK,GAAG,UAAU,CAAC;AAElE;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,yCAAyC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,8BAA8B;IAC9B,IAAI,EAAE,kBAAkB,CAAC;IACzB,mBAAmB;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,eAAe;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC;;;OAGG;IACH,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,qCAAqC;IACrC,SAAS,EAAE,SAAS,CAAC;IACrB,wCAAwC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/manager/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,4CAA4C;IAC5C,OAAO,EAAE,OAAO,CAAC;IACjB,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,kCAAkC;IAClC,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,qCAAqC;IACrC,UAAU,CAAC,EAAE,qBAAqB,CAAC;IACnC,+BAA+B;IAC/B,UAAU,CAAC,EAAE,eAAe,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,WAAW,GAAG,KAAK,GAAG,UAAU,CAAC;AAElE;;GAEG;AACH,MAAM,MAAM,6BAA6B,GAAG,MAAM,IAAI,CAAC;AAEvD;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,yCAAyC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,8BAA8B;IAC9B,IAAI,EAAE,kBAAkB,CAAC;IACzB,mBAAmB;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,eAAe;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC;;;OAGG;IACH,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC;;;;OAIG;IACH,UAAU,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B;;;;OAIG;IACH,YAAY,CAAC,CAAC,QAAQ,EAAE,6BAA6B,GAAG,MAAM,IAAI,CAAC;IACnE;;;OAGG;IACH,cAAc,CAAC,IAAI,OAAO,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,qCAAqC;IACrC,SAAS,EAAE,SAAS,CAAC;IACrB,wCAAwC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}

package/dest/manager/wallet_manager.d.ts

@@ -24,4 +24,4 @@ export declare class WalletManager {
      */
     private isExtensionAllowed;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2FsbGV0X21hbmFnZXIuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL3dhbGxldF9tYW5hZ2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sS0FBSyxFQUFFLHNCQUFzQixFQUF5QixtQkFBbUIsRUFBRSxjQUFjLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFFckg7O0dBRUc7QUFDSCxxQkFBYSxhQUFhO0lBQ3hCLE9BQU8sQ0FBQyxNQUFNLENBR1o7SUFFRixPQUFPLGVBQWlCO0lBRXhCOzs7T0FHRztJQUNILE1BQU0sQ0FBQyxTQUFTLENBQUMsTUFBTSxFQUFFLG1CQUFtQixHQUFHLGFBQWEsQ0FPM0Q7SUFFRDs7Ozs7T0FLRztJQUNHLG1CQUFtQixDQUFDLE9BQU8sRUFBRSxzQkFBc0IsR0FBRyxPQUFPLENBQUMsY0FBYyxFQUFFLENBQUMsQ0ErQnBGO0lBRUQ7Ozs7T0FJRztJQUNILE9BQU8sQ0FBQyxrQkFBa0I7Q0FjM0IifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2FsbGV0X21hbmFnZXIuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9tYW5hZ2VyL3dhbGxldF9tYW5hZ2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sS0FBSyxFQUNWLHNCQUFzQixFQUd0QixtQkFBbUIsRUFDbkIsY0FBYyxFQUNmLE1BQU0sWUFBWSxDQUFDO0FBRXBCOztHQUVHO0FBQ0gscUJBQWEsYUFBYTtJQUN4QixPQUFPLENBQUMsTUFBTSxDQUdaO0lBRUYsT0FBTyxlQUFpQjtJQUV4Qjs7O09BR0c7SUFDSCxNQUFNLENBQUMsU0FBUyxDQUFDLE1BQU0sRUFBRSxtQkFBbUIsR0FBRyxhQUFhLENBTzNEO0lBRUQ7Ozs7O09BS0c7SUFDRyxtQkFBbUIsQ0FBQyxPQUFPLEVBQUUsc0JBQXNCLEdBQUcsT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDLENBdURwRjtJQUVEOzs7O09BSUc7SUFDSCxPQUFPLENBQUMsa0JBQWtCO0NBVzNCIn0=

package/dest/manager/wallet_manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"wallet_manager.d.ts","sourceRoot":"","sources":["../../src/manager/wallet_manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,sBAAsB,EAAyB,mBAAmB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAErH;;GAEG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAGZ;IAEF,OAAO,eAAiB;IAExB;;;OAGG;IACH,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAO3D;IAED;;;;;OAKG;IACG,mBAAmB,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CA+BpF;IAED;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;CAc3B"}
+{"version":3,"file":"wallet_manager.d.ts","sourceRoot":"","sources":["../../src/manager/wallet_manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,sBAAsB,EAGtB,mBAAmB,EACnB,cAAc,EACf,MAAM,YAAY,CAAC;AAEpB;;GAEG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAGZ;IAEF,OAAO,eAAiB;IAExB;;;OAGG;IACH,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAO3D;IAED;;;;;OAKG;IACG,mBAAmB,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAuDpF;IAED;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;CAW3B"}

package/dest/manager/wallet_manager.js

@@ -34,25 +34,47 @@ import { ExtensionProvider, ExtensionWallet } from '../providers/extension/index
    */ async getAvailableWallets(options) {
         const providers = [];
         const { chainInfo } = options;
-        // Discover extension wallets
         if (this.config.extensions?.enabled) {
-            const extensions = await ExtensionProvider.discoverExtensions(chainInfo, options.timeout);
+            const discoveredWallets = await ExtensionProvider.discoverExtensions(chainInfo, options.timeout);
             const extensionConfig = this.config.extensions;
-            for (const ext of extensions){
-                // Apply allow/block lists
-                if (!this.isExtensionAllowed(ext.id, extensionConfig)) {
+            for (const { info, port, sharedKey } of discoveredWallets){
+                if (!this.isExtensionAllowed(info.id, extensionConfig)) {
                     continue;
                 }
-                providers.push({
-                    id: ext.id,
+                let extensionWallet = null;
+                const provider = {
+                    id: info.id,
                     type: 'extension',
-                    name: ext.name,
-                    icon: ext.icon,
+                    name: info.name,
+                    icon: info.icon,
                     metadata: {
-                        version: ext.version
+                        version: info.version,
+                        verificationHash: info.verificationHash
                     },
-                    connect: (appId)=>Promise.resolve(ExtensionWallet.create(chainInfo, appId, ext.id))
-                });
+                    connect: (appId)=>{
+                        extensionWallet = ExtensionWallet.create(info, chainInfo, port, sharedKey, appId);
+                        return Promise.resolve(extensionWallet.getWallet());
+                    },
+                    disconnect: async ()=>{
+                        if (extensionWallet) {
+                            await extensionWallet.disconnect();
+                            extensionWallet = null;
+                        }
+                    },
+                    onDisconnect: (callback)=>{
+                        if (extensionWallet) {
+                            return extensionWallet.onDisconnect(callback);
+                        }
+                        return ()=>{};
+                    },
+                    isDisconnected: ()=>{
+                        if (extensionWallet) {
+                            return extensionWallet.isDisconnected();
+                        }
+                        return true;
+                    }
+                };
+                providers.push(provider);
             }
         }
         // TODO: Add web wallet discovery when implemented
@@ -63,15 +85,12 @@ import { ExtensionProvider, ExtensionWallet } from '../providers/extension/index
    * @param extensionId - The extension ID to check
    * @param config - Extension wallet configuration containing allow/block lists
    */ isExtensionAllowed(extensionId, config) {
-        // Check block list first
         if (config.blockList && config.blockList.includes(extensionId)) {
             return false;
         }
-        // If allow list exists, extension must be in it
         if (config.allowList && config.allowList.length > 0) {
             return config.allowList.includes(extensionId);
         }
-        // If no allow list, extension is allowed (unless blocked)
         return true;
     }
 }

package/dest/providers/extension/extension_provider.d.ts

@@ -1,17 +1,63 @@
 import type { ChainInfo } from '@aztec/aztec.js/account';
-import type { WalletInfo } from '../types.js';
+import { type WalletInfo } from '../../types.js';
 /**
- * Provider for discovering and managing Aztec wallet extensions
+ * A discovered wallet with its secure channel components.
+ * Returned by {@link ExtensionProvider.discoverExtensions}.
+ */
+export interface DiscoveredWallet {
+    /** Basic wallet information (id, name, icon, version, publicKey, verificationHash) */
+    info: WalletInfo;
+    /** The MessagePort for private communication with the wallet */
+    port: MessagePort;
+    /** The derived AES-256-GCM shared key for encryption */
+    sharedKey: CryptoKey;
+}
+/**
+ * Provider for discovering Aztec wallet extensions.
+ *
+ * This class handles the discovery phase of wallet communication:
+ * 1. Broadcasts a discovery request with the dApp's public key
+ * 2. Receives responses from installed wallets with their public keys
+ * 3. Derives shared secrets and computes verification hashes
+ * 4. Returns discovered wallets with their secure channel components
+ *
+ * @example
+ * ```typescript
+ * const wallets = await ExtensionProvider.discoverExtensions(chainInfo);
+ * // Display wallets to user with optional emoji verification
+ * for (const wallet of wallets) {
+ *   const emoji = hashToEmoji(wallet.info.verificationHash!);
+ *   console.log(`${wallet.info.name}: ${emoji}`);
+ * }
+ * // User selects a wallet after verifying
+ * const wallet = await ExtensionWallet.create(wallets[0], chainInfo, 'my-app');
+ * ```
  */
 export declare class ExtensionProvider {
-    private static discoveredExtensions;
     private static discoveryInProgress;
     /**
-     * Discovers all installed Aztec wallet extensions
+     * Discovers all installed Aztec wallet extensions and establishes secure channel components.
+     *
+     * This method:
+     * 1. Generates an ECDH key pair for this discovery session
+     * 2. Broadcasts a discovery request with the dApp's public key
+     * 3. Receives responses from wallets with their public keys and MessagePorts
+     * 4. Derives shared secrets and computes verification hashes
+     *
      * @param chainInfo - Chain information to check if extensions support this network
      * @param timeout - How long to wait for extensions to respond (ms)
-     * @returns Array of discovered extension information
+     * @returns Array of discovered wallets with their secure channel components
+     *
+     * @example
+     * ```typescript
+     * const wallets = await ExtensionProvider.discoverExtensions({
+     *   chainId: Fr(31337),
+     *   version: Fr(0)
+     * });
+     * // Access wallet info and secure channel
+     * const { info, port, sharedKey } = wallets[0];
+     * ```
      */
-    static discoverExtensions(chainInfo: ChainInfo, timeout?: number): Promise<WalletInfo[]>;
+    static discoverExtensions(chainInfo: ChainInfo, timeout?: number): Promise<DiscoveredWallet[]>;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXh0ZW5zaW9uX3Byb3ZpZGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcHJvdmlkZXJzL2V4dGVuc2lvbi9leHRlbnNpb25fcHJvdmlkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsU0FBUyxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFJekQsT0FBTyxLQUFLLEVBQXVDLFVBQVUsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUVuRjs7R0FFRztBQUNILHFCQUFhLGlCQUFpQjtJQUM1QixPQUFPLENBQUMsTUFBTSxDQUFDLG9CQUFvQixDQUFzQztJQUN6RSxPQUFPLENBQUMsTUFBTSxDQUFDLG1CQUFtQixDQUFTO0lBRTNDOzs7OztPQUtHO0lBQ0gsT0FBYSxrQkFBa0IsQ0FBQyxTQUFTLEVBQUUsU0FBUyxFQUFFLE9BQU8sR0FBRSxNQUFhLEdBQUcsT0FBTyxDQUFDLFVBQVUsRUFBRSxDQUFDLENBbURuRztDQUNGIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXh0ZW5zaW9uX3Byb3ZpZGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcHJvdmlkZXJzL2V4dGVuc2lvbi9leHRlbnNpb25fcHJvdmlkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsU0FBUyxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFLekQsT0FBTyxFQUFpRCxLQUFLLFVBQVUsRUFBcUIsTUFBTSxnQkFBZ0IsQ0FBQztBQUVuSDs7O0dBR0c7QUFDSCxNQUFNLFdBQVcsZ0JBQWdCO0lBQy9CLHNGQUFzRjtJQUN0RixJQUFJLEVBQUUsVUFBVSxDQUFDO0lBQ2pCLGdFQUFnRTtJQUNoRSxJQUFJLEVBQUUsV0FBVyxDQUFDO0lBQ2xCLHdEQUF3RDtJQUN4RCxTQUFTLEVBQUUsU0FBUyxDQUFDO0NBQ3RCO0FBV0Q7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBb0JHO0FBQ0gscUJBQWEsaUJBQWlCO0lBQzVCLE9BQU8sQ0FBQyxNQUFNLENBQUMsbUJBQW1CLENBQVM7SUFFM0M7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FzQkc7SUFDSCxPQUFhLGtCQUFrQixDQUFDLFNBQVMsRUFBRSxTQUFTLEVBQUUsT0FBTyxHQUFFLE1BQWEsR0FBRyxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQyxDQXlGekc7Q0FDRiJ9

package/dest/providers/extension/extension_provider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"extension_provider.d.ts","sourceRoot":"","sources":["../../../src/providers/extension/extension_provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAIzD,OAAO,KAAK,EAAuC,UAAU,EAAE,MAAM,aAAa,CAAC;AAEnF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAsC;IACzE,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAS;IAE3C;;;;;OAKG;IACH,OAAa,kBAAkB,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,GAAE,MAAa,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAmDnG;CACF"}
+{"version":3,"file":"extension_provider.d.ts","sourceRoot":"","sources":["../../../src/providers/extension/extension_provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAKzD,OAAO,EAAiD,KAAK,UAAU,EAAqB,MAAM,gBAAgB,CAAC;AAEnH;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,sFAAsF;IACtF,IAAI,EAAE,UAAU,CAAC;IACjB,gEAAgE;IAChE,IAAI,EAAE,WAAW,CAAC;IAClB,wDAAwD;IACxD,SAAS,EAAE,SAAS,CAAC;CACtB;AAWD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAS;IAE3C;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,OAAa,kBAAkB,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,GAAE,MAAa,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAyFzG;CACF"}