npm - @babylonlabs-io/ts-sdk - Versions diffs - 0.26.2 → 0.27.0 - Mend

@babylonlabs-io/ts-sdk 0.26.2 → 0.27.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/dist/{challengeAssert-CH32j5cZ.js → challengeAssert-j2Vwqo0-.js} RENAMED Viewed

@@ -1,20 +1,21 @@
-import { p as S, s as g, u as v, h as p, T as y } from "./bitcoin-nOOgeRyl.js";
-import { createPrePeginTransaction as m, buildPeginTxFromPrePegin as I, getPrePeginHtlcConnectorInfo as H, tapInternalPubkey as k, getPeginPayoutScriptInfo as T, getAssertNoPayoutScriptInfo as A, getChallengeAssertScriptInfo as B } from "@babylonlabs-io/babylon-tbv-rust-wasm";
-import { b as C } from "./fundPeginTransaction-BLYXxLBv.js";
-import { Buffer as c } from "buffer";
-import { Transaction as h, Psbt as d } from "bitcoinjs-lib";
+import { p as H, s as f, u as v, h as p, T as y } from "./bitcoin-B-Y0DlqR.js";
+import { createPrePeginTransaction as I, buildPeginTxFromPrePegin as A, getPrePeginHtlcConnectorInfo as T, tapInternalPubkey as k, getPeginPayoutScriptInfo as E, getAssertNoPayoutScriptInfo as B, getChallengeAssertScriptInfo as C } from "@babylonlabs-io/babylon-tbv-rust-wasm";
+import { c as L } from "./fundPeginTransaction-oV-dNJOU.js";
+import { Buffer as a } from "buffer";
+import { Transaction as g, Psbt as d } from "bitcoinjs-lib";
 function b(e) {
-  return S(e).toLowerCase();
+  return H(e).toLowerCase();
 }
-function R(e, t, n) {
+function q(e, n, t) {
   const s = /* @__PURE__ */ new Set();
   s.add(b(e));
-  for (const o of t)
+  for (const o of n)
     s.add(b(o));
-  return s.delete(b(n)), s.size;
+  return s.delete(b(t)), s.size;
 }
-async function U(e) {
-  const t = await m({
+const S = 64, V = /^[0-9a-fA-F]+$/;
+async function N(e) {
+  const n = m(e.authAnchorHash), t = await I({
     depositorPubkey: e.depositorPubkey,
     vaultProviderPubkey: e.vaultProviderPubkey,
     vaultKeeperPubkeys: e.vaultKeeperPubkeys,
@@ -26,23 +27,34 @@ async function U(e) {
     numLocalChallengers: e.numLocalChallengers,
     councilQuorum: e.councilQuorum,
     councilSize: e.councilSize,
-    network: e.network
-  }), s = C(t.txHex).outputs.reduce(
-    (o, r) => o + BigInt(r.value),
+    network: e.network,
+    authAnchorHash: n
+  }), o = L(t.txHex).outputs.reduce(
+    (c, u) => c + BigInt(u.value),
     0n
-  );
+  ), r = n !== void 0 ? t.htlcValues.length : null;
   return {
     psbtHex: t.txHex,
-    totalOutputValue: s,
+    totalOutputValue: o,
     htlcValues: t.htlcValues,
     htlcScriptPubKeys: t.htlcScriptPubKeys,
     htlcAddresses: t.htlcAddresses,
     peginAmounts: t.peginAmounts,
-    depositorClaimValue: t.depositorClaimValue
+    depositorClaimValue: t.depositorClaimValue,
+    authAnchorVout: r
   };
 }
-async function q(e) {
-  const t = await I(
+function m(e) {
+  if (e === void 0) return;
+  const n = e.startsWith("0x") || e.startsWith("0X") ? e.slice(2) : e;
+  if (n.length !== S || !V.test(n))
+    throw new Error(
+      `authAnchorHash must be 32-byte hex (${S} chars, no 0x prefix); got length ${n.length}`
+    );
+  return n.toLowerCase();
+}
+async function O(e) {
+  const n = await A(
     {
       depositorPubkey: e.prePeginParams.depositorPubkey,
       vaultProviderPubkey: e.prePeginParams.vaultProviderPubkey,
@@ -55,21 +67,24 @@ async function q(e) {
       numLocalChallengers: e.prePeginParams.numLocalChallengers,
       councilQuorum: e.prePeginParams.councilQuorum,
       councilSize: e.prePeginParams.councilSize,
-      network: e.prePeginParams.network
+      network: e.prePeginParams.network,
+      authAnchorHash: m(
+        e.prePeginParams.authAnchorHash
+      )
     },
     e.timelockPegin,
     e.fundedPrePeginTxHex,
     e.htlcVout
   );
   return {
-    txHex: t.txHex,
-    txid: t.txid,
-    vaultScriptPubKey: t.vaultScriptPubKey,
-    vaultValue: t.vaultValue
+    txHex: n.txHex,
+    txid: n.txid,
+    vaultScriptPubKey: n.vaultScriptPubKey,
+    vaultValue: n.vaultValue
   };
 }
-async function O(e) {
-  const t = g(e.peginTxHex), n = g(e.fundedPrePeginTxHex), s = await H({
+async function F(e) {
+  const n = f(e.peginTxHex), t = f(e.fundedPrePeginTxHex), s = await T({
     depositorPubkey: e.depositorPubkey,
     vaultProviderPubkey: e.vaultProviderPubkey,
     vaultKeeperPubkeys: e.vaultKeeperPubkeys,
@@ -77,40 +92,40 @@ async function O(e) {
     hashlock: e.hashlock,
     timelockRefund: e.timelockRefund,
     network: e.network
-  }), o = h.fromHex(t), r = h.fromHex(n);
+  }), o = g.fromHex(n), r = g.fromHex(t);
   if (o.ins.length !== 1)
     throw new Error(
       `PegIn transaction must have exactly 1 input, got ${o.ins.length}`
     );
-  const l = o.ins[0], u = r.getId(), i = v(
-    new Uint8Array(l.hash).slice().reverse()
+  const c = o.ins[0], u = r.getId(), i = v(
+    new Uint8Array(c.hash).slice().reverse()
   );
   if (i !== u)
     throw new Error(
       `PegIn input does not reference the Pre-PegIn transaction. Expected ${u}, got ${i}`
     );
-  const a = r.outs[l.index];
-  if (!a)
+  const l = r.outs[c.index];
+  if (!l)
     throw new Error(
-      `Pre-PegIn output ${l.index} not found (Pre-PegIn has ${r.outs.length} outputs)`
+      `Pre-PegIn output ${c.index} not found (Pre-PegIn has ${r.outs.length} outputs)`
     );
-  const P = p(s.hashlockScript), f = p(s.hashlockControlBlock), x = new d();
+  const h = p(s.hashlockScript), P = p(s.hashlockControlBlock), x = new d();
   x.setVersion(o.version), x.setLocktime(o.locktime), x.addInput({
-    hash: l.hash,
-    index: l.index,
-    sequence: l.sequence,
+    hash: c.hash,
+    index: c.index,
+    sequence: c.sequence,
     witnessUtxo: {
-      script: a.script,
-      value: a.value
+      script: l.script,
+      value: l.value
     },
     tapLeafScript: [
       {
         leafVersion: y,
-        script: c.from(P),
-        controlBlock: c.from(f)
+        script: a.from(h),
+        controlBlock: a.from(P)
       }
     ],
-    tapInternalKey: c.from(k)
+    tapInternalKey: a.from(k)
     // sighashType omitted — defaults to SIGHASH_DEFAULT (0x00) for Taproot
   });
   for (const w of o.outs)
@@ -120,19 +135,19 @@ async function O(e) {
     });
   return { psbtHex: x.toHex() };
 }
-function _(e, t) {
+function W(e, n) {
   const s = d.fromHex(e).data.inputs[0];
   if (!s)
     throw new Error("PegIn PSBT has no inputs");
   if (s.tapScriptSig && s.tapScriptSig.length > 0) {
-    const o = c.from(
-      p(t)
+    const o = a.from(
+      p(n)
     );
     for (const r of s.tapScriptSig)
       if (r.pubkey.equals(o))
-        return E(r.signature);
+        return $(r.signature);
     throw new Error(
-      `No PegIn input signature found for depositor pubkey: ${t}`
+      `No PegIn input signature found for depositor pubkey: ${n}`
     );
   }
   throw s.finalScriptWitness && s.finalScriptWitness.length > 0 ? new Error(
@@ -141,134 +156,134 @@ function _(e, t) {
     "No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT"
   );
 }
-function F(e) {
-  const t = d.fromHex(e);
+function D(e) {
+  const n = d.fromHex(e);
   try {
-    t.finalizeAllInputs();
-  } catch (n) {
-    if (!t.data.inputs.every(
+    n.finalizeAllInputs();
+  } catch (t) {
+    if (!n.data.inputs.every(
       (o) => o.finalScriptWitness || o.finalScriptSig
     ))
       throw new Error(
-        `PSBT finalization failed and wallet did not auto-finalize: ${n}`
+        `PSBT finalization failed and wallet did not auto-finalize: ${t}`
       );
   }
-  return t.extractTransaction().toHex();
+  return n.extractTransaction().toHex();
 }
-function E(e) {
+function $(e) {
   if (e.length === 64)
     return v(new Uint8Array(e));
   if (e.length === 65) {
-    const t = e[64];
-    if (t !== h.SIGHASH_ALL)
+    const n = e[64];
+    if (n !== g.SIGHASH_ALL)
       throw new Error(
-        `Unexpected sighash type 0x${t.toString(16).padStart(2, "0")} in PegIn input signature. Expected SIGHASH_DEFAULT (64-byte sig) or SIGHASH_ALL (0x01).`
+        `Unexpected sighash type 0x${n.toString(16).padStart(2, "0")} in PegIn input signature. Expected SIGHASH_DEFAULT (64-byte sig) or SIGHASH_ALL (0x01).`
       );
     return v(new Uint8Array(e.subarray(0, 64)));
   }
   throw new Error(`Unexpected PegIn input signature length: ${e.length}`);
 }
-async function N(e) {
-  const t = g(e.payoutTxHex), n = h.fromHex(t), { payoutScript: s, payoutControlBlock: o } = await T(
+async function Q(e) {
+  const n = f(e.payoutTxHex), t = g.fromHex(n), { payoutScript: s, payoutControlBlock: o } = await E(
     e.connectorParams
-  ), r = p(s), l = p(o), u = new d();
-  u.setVersion(n.version), u.setLocktime(n.locktime);
-  for (let i = 0; i < n.ins.length; i++) {
-    const a = n.ins[i], P = e.prevouts[i];
-    if (!P)
+  ), r = p(s), c = p(o), u = new d();
+  u.setVersion(t.version), u.setLocktime(t.locktime);
+  for (let i = 0; i < t.ins.length; i++) {
+    const l = t.ins[i], h = e.prevouts[i];
+    if (!h)
       throw new Error(`Missing prevout data for input ${i}`);
-    const f = {
-      hash: a.hash,
-      index: a.index,
-      sequence: a.sequence,
+    const P = {
+      hash: l.hash,
+      index: l.index,
+      sequence: l.sequence,
       witnessUtxo: {
-        script: c.from(p(g(P.script_pubkey))),
-        value: P.value
+        script: a.from(p(f(h.script_pubkey))),
+        value: h.value
       }
     };
-    i === 0 && (f.tapLeafScript = [
+    i === 0 && (P.tapLeafScript = [
       {
         leafVersion: y,
-        script: c.from(r),
-        controlBlock: c.from(l)
+        script: a.from(r),
+        controlBlock: a.from(c)
       }
-    ], f.tapInternalKey = c.from(k)), u.addInput(f);
+    ], P.tapInternalKey = a.from(k)), u.addInput(P);
   }
-  for (const i of n.outs)
+  for (const i of t.outs)
     u.addOutput({
       script: i.script,
       value: i.value
     });
   return u.toHex();
 }
-async function W(e) {
-  const t = g(e.noPayoutTxHex), n = h.fromHex(t), { noPayoutScript: s, noPayoutControlBlock: o } = await A(
+async function X(e) {
+  const n = f(e.noPayoutTxHex), t = g.fromHex(n), { noPayoutScript: s, noPayoutControlBlock: o } = await B(
     e.connectorParams,
     e.challengerPubkey
-  ), r = p(s), l = p(o), u = new d();
-  u.setVersion(n.version), u.setLocktime(n.locktime);
-  for (let i = 0; i < n.ins.length; i++) {
-    const a = n.ins[i], P = e.prevouts[i];
-    if (!P)
+  ), r = p(s), c = p(o), u = new d();
+  u.setVersion(t.version), u.setLocktime(t.locktime);
+  for (let i = 0; i < t.ins.length; i++) {
+    const l = t.ins[i], h = e.prevouts[i];
+    if (!h)
       throw new Error(`Missing prevout data for input ${i}`);
-    const f = {
-      hash: a.hash,
-      index: a.index,
-      sequence: a.sequence,
+    const P = {
+      hash: l.hash,
+      index: l.index,
+      sequence: l.sequence,
       witnessUtxo: {
-        script: c.from(p(g(P.script_pubkey))),
-        value: P.value
+        script: a.from(p(f(h.script_pubkey))),
+        value: h.value
       }
     };
-    i === 0 && (f.tapLeafScript = [
+    i === 0 && (P.tapLeafScript = [
       {
         leafVersion: y,
-        script: c.from(r),
-        controlBlock: c.from(l)
+        script: a.from(r),
+        controlBlock: a.from(c)
       }
-    ], f.tapInternalKey = c.from(k)), u.addInput(f);
+    ], P.tapInternalKey = a.from(k)), u.addInput(P);
   }
-  for (const i of n.outs)
+  for (const i of t.outs)
     u.addOutput({
       script: i.script,
       value: i.value
     });
   return u.toHex();
 }
-async function D(e) {
-  const t = g(e.challengeAssertTxHex), n = h.fromHex(t);
-  if (e.connectorParamsPerInput.length !== n.ins.length)
+async function G(e) {
+  const n = f(e.challengeAssertTxHex), t = g.fromHex(n);
+  if (e.connectorParamsPerInput.length !== t.ins.length)
     throw new Error(
-      `Expected ${n.ins.length} connector params, got ${e.connectorParamsPerInput.length}`
+      `Expected ${t.ins.length} connector params, got ${e.connectorParamsPerInput.length}`
     );
   const s = await Promise.all(
-    e.connectorParamsPerInput.map((r) => B(r))
+    e.connectorParamsPerInput.map((r) => C(r))
   ), o = new d();
-  o.setVersion(n.version), o.setLocktime(n.locktime);
-  for (let r = 0; r < n.ins.length; r++) {
-    const l = n.ins[r], u = e.prevouts[r];
+  o.setVersion(t.version), o.setLocktime(t.locktime);
+  for (let r = 0; r < t.ins.length; r++) {
+    const c = t.ins[r], u = e.prevouts[r];
     if (!u)
       throw new Error(`Missing prevout data for input ${r}`);
-    const { script: i, controlBlock: a } = s[r], P = p(i), f = p(a);
+    const { script: i, controlBlock: l } = s[r], h = p(i), P = p(l);
     o.addInput({
-      hash: l.hash,
-      index: l.index,
-      sequence: l.sequence,
+      hash: c.hash,
+      index: c.index,
+      sequence: c.sequence,
       witnessUtxo: {
-        script: c.from(p(g(u.script_pubkey))),
+        script: a.from(p(f(u.script_pubkey))),
         value: u.value
       },
       tapLeafScript: [
         {
           leafVersion: y,
-          script: c.from(P),
-          controlBlock: c.from(f)
+          script: a.from(h),
+          controlBlock: a.from(P)
         }
       ],
-      tapInternalKey: c.from(k)
+      tapInternalKey: a.from(k)
     });
   }
-  for (const r of n.outs)
+  for (const r of t.outs)
     o.addOutput({
       script: r.script,
       value: r.value
@@ -276,14 +291,14 @@ async function D(e) {
   return o.toHex();
 }
 export {
-  q as a,
-  U as b,
-  R as c,
-  O as d,
-  _ as e,
-  F as f,
-  N as g,
-  W as h,
-  D as i
+  O as a,
+  N as b,
+  q as c,
+  F as d,
+  W as e,
+  D as f,
+  Q as g,
+  X as h,
+  G as i
 };
-//# sourceMappingURL=challengeAssert-CH32j5cZ.js.map
+//# sourceMappingURL=challengeAssert-j2Vwqo0-.js.map

package/dist/challengeAssert-j2Vwqo0-.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"challengeAssert-j2Vwqo0-.js","sources":["../src/tbv/core/primitives/challengers.ts","../src/tbv/core/primitives/psbt/pegin.ts","../src/tbv/core/primitives/psbt/peginInput.ts","../src/tbv/core/primitives/psbt/depositorPayout.ts","../src/tbv/core/primitives/psbt/noPayout.ts","../src/tbv/core/primitives/psbt/challengeAssert.ts"],"sourcesContent":["/**\n * Challenger counting utilities.\n *\n * Used for UI-level validation (e.g. computing minimum deposit amounts)\n * where the depositor's identity is known. The transaction builders use\n * `vaultKeeperBtcPubkeys.length` to match the VP's current validation.\n */\n\nimport { processPublicKeyToXOnly } from \"./utils/bitcoin\";\n\n/**\n * Normalize a public key to lowercase x-only hex for reliable comparison.\n *\n * Handles `0x` prefixes, compressed (33-byte), and uncompressed (65-byte) keys.\n */\nfunction normalizeKey(key: string): string {\n return processPublicKeyToXOnly(key).toLowerCase();\n}\n\n/**\n * Compute the number of local challengers for a vault.\n *\n * Mirrors the VP's `compute_num_challengers()` logic:\n * local challengers = {vault_provider} ∪ {vault_keepers} − {depositor}\n *\n * Keys are normalized to x-only lowercase hex before comparison, so\n * `0x`-prefixed, compressed, or mixed-case keys are handled correctly.\n *\n * @param vaultProviderPubkey - Vault provider BTC public key\n * @param vaultKeeperPubkeys - Vault keeper BTC public keys\n * @param depositorPubkey - Depositor (claimer) BTC public key\n * @returns Number of local challengers\n */\nexport function computeNumLocalChallengers(\n vaultProviderPubkey: string,\n vaultKeeperPubkeys: string[],\n depositorPubkey: string,\n): number {\n const localSet = new Set<string>();\n localSet.add(normalizeKey(vaultProviderPubkey));\n for (const vk of vaultKeeperPubkeys) {\n localSet.add(normalizeKey(vk));\n }\n localSet.delete(normalizeKey(depositorPubkey));\n return localSet.size;\n}\n","/**\n * Pre-PegIn PSBT Builder Primitive\n *\n * This module provides pure functions for building unfunded Pre-PegIn transactions\n * and deriving PegIn transactions from them, using the WASM implementation from\n * @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * Pre-PegIn Flow:\n * 1. buildPrePeginPsbt() — creates unfunded Pre-PegIn tx (HTLC output)\n * 2. [caller funds Pre-PegIn tx and computes txid]\n * 3. buildPeginTxFromFundedPrePegin() — derives PegIn tx spending the HTLC\n * 4. buildPeginInputPsbt() — PSBT for depositor to sign PegIn HTLC leaf 0 input\n *\n * @module primitives/psbt/pegin\n */\n\nimport {\n buildPeginTxFromPrePegin,\n createPrePeginTransaction,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\nimport { parseUnfundedWasmTransaction } from \"../../utils/transaction/fundPeginTransaction\";\n\n/**\n * Parameters for building an unfunded Pre-PegIn PSBT\n */\nexport interface PrePeginParams {\n /** Depositor's BTC public key (x-only, 64-char hex without 0x prefix) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Array of vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Array of universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment(s) (64 hex chars = 32 bytes each) */\n hashlocks: readonly string[];\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Amounts to peg in (satoshis), one per deposit */\n pegInAmounts: readonly bigint[];\n /** Fee rate in sat/vB from contract offchain params */\n feeRate: bigint;\n /** Number of local challengers (from contract params) */\n numLocalChallengers: number;\n /** M in M-of-N council multisig (from contract params) */\n councilQuorum: number;\n /** N in M-of-N council multisig (from contract params) */\n councilSize: number;\n /** Bitcoin network */\n network: Network;\n /**\n * Optional 32-byte `SHA256(auth_anchor)` commitment (64-char hex, no\n * `0x` prefix). If provided, the Pre-PegIn tx will include an\n * `OP_RETURN <PUSH32 authAnchorHash>` output at vout =\n * `hashlocks.length`, binding the depositor's bearer-token\n * `auth_anchor` preimage to this Pre-PegIn.\n */\n authAnchorHash?: string;\n}\n\n/**\n * Byte length of an `auth_anchor_hash` commitment when encoded as a\n * lowercase hex string (32 bytes → 64 hex chars).\n */\nconst AUTH_ANCHOR_HASH_HEX_LEN = 64;\n\nconst HEX_PATTERN = /^[0-9a-fA-F]+$/;\n\n/**\n * Result of building an unfunded Pre-PegIn transaction\n */\nexport interface PrePeginPsbtResult {\n /**\n * Unfunded transaction hex (no inputs, HTLC outputs + optional\n * auth-anchor OP_RETURN + CPFP anchor).\n *\n * The caller is responsible for:\n * - Selecting UTXOs covering totalOutputValue + network fees\n * - Funding the transaction (add inputs and change output)\n * - Calling buildPeginTxFromFundedPrePegin() with the funded tx hex\n */\n psbtHex: string;\n /** Sum of all unfunded outputs — use this for UTXO selection */\n totalOutputValue: bigint;\n /** HTLC output values in satoshis, one per deposit (each includes peginAmount + depositorClaimValue + minPeginFee) */\n htlcValues: readonly bigint[];\n /** HTLC output scriptPubKeys (hex encoded), one per deposit */\n htlcScriptPubKeys: readonly string[];\n /** HTLC Taproot addresses, one per deposit */\n htlcAddresses: readonly string[];\n /** Pegin amounts in satoshis, one per deposit */\n peginAmounts: readonly bigint[];\n /** Depositor claim value computed by WASM from contract parameters */\n depositorClaimValue: bigint;\n /**\n * Vout index of the auth-anchor `OP_RETURN` output if one was\n * included (i.e. `authAnchorHash` was provided), or `null` if not.\n * Always equals `htlcValues.length` when present.\n */\n authAnchorVout: number | null;\n}\n\n/**\n * Parameters for building the PegIn transaction from a funded Pre-PegIn tx\n */\nexport interface BuildPeginTxParams {\n /** Same PrePeginParams used to create the Pre-PegIn transaction */\n prePeginParams: PrePeginParams;\n /** CSV timelock in blocks for the PegIn vault output */\n timelockPegin: number;\n /** Hex-encoded funded Pre-PegIn transaction */\n fundedPrePeginTxHex: string;\n /** Index of the HTLC output to spend */\n htlcVout: number;\n}\n\n/**\n * Result of building the PegIn transaction\n */\nexport interface PeginTxResult {\n /** PegIn transaction hex (1 input spending HTLC, 1 vault output) */\n txHex: string;\n /** PegIn transaction ID */\n txid: string;\n /** Vault output scriptPubKey (hex encoded) */\n vaultScriptPubKey: string;\n /** Vault output value in satoshis */\n vaultValue: bigint;\n}\n\n/**\n * Build unfunded Pre-PegIn transaction using WASM.\n *\n * Creates a Bitcoin transaction template with no inputs, an HTLC output, and a\n * CPFP anchor output. The HTLC value is computed internally from the contract\n * parameters — the caller does not need to compute depositorClaimValue separately.\n *\n * @param params - Pre-PegIn parameters\n * @returns Unfunded Pre-PegIn transaction details with HTLC output information\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPrePeginPsbt(\n params: PrePeginParams,\n): Promise<PrePeginPsbtResult> {\n const authAnchorHash = normalizeAuthAnchorHash(params.authAnchorHash);\n\n const result = await createPrePeginTransaction({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlocks: [...params.hashlocks],\n timelockRefund: params.timelockRefund,\n pegInAmounts: [...params.pegInAmounts],\n feeRate: params.feeRate,\n numLocalChallengers: params.numLocalChallengers,\n councilQuorum: params.councilQuorum,\n councilSize: params.councilSize,\n network: params.network,\n authAnchorHash,\n });\n\n // Parse the unfunded tx to sum all output values\n // (HTLCs + optional OP_RETURN + CPFP anchor). This is the amount\n // UTXOs must cover before adding network fees.\n const parsed = parseUnfundedWasmTransaction(result.txHex);\n const totalOutputValue = parsed.outputs.reduce(\n (sum, o) => sum + BigInt(o.value),\n 0n,\n );\n\n // The WASM places the OP_RETURN commitment immediately after the\n // HTLC outputs when authAnchorHash is provided.\n const authAnchorVout =\n authAnchorHash !== undefined ? result.htlcValues.length : null;\n\n return {\n psbtHex: result.txHex,\n totalOutputValue,\n htlcValues: result.htlcValues,\n htlcScriptPubKeys: result.htlcScriptPubKeys,\n htlcAddresses: result.htlcAddresses,\n peginAmounts: result.peginAmounts,\n depositorClaimValue: result.depositorClaimValue,\n authAnchorVout,\n };\n}\n\n/**\n * Validate and normalize an `authAnchorHash` hex string before passing\n * it to the WASM boundary. WASM expects exactly 64 lowercase hex chars.\n */\nfunction normalizeAuthAnchorHash(\n value: string | undefined,\n): string | undefined {\n if (value === undefined) return undefined;\n const cleaned =\n value.startsWith(\"0x\") || value.startsWith(\"0X\") ? value.slice(2) : value;\n if (\n cleaned.length !== AUTH_ANCHOR_HASH_HEX_LEN ||\n !HEX_PATTERN.test(cleaned)\n ) {\n throw new Error(\n `authAnchorHash must be 32-byte hex (${AUTH_ANCHOR_HASH_HEX_LEN} chars, no 0x prefix); got length ${cleaned.length}`,\n );\n }\n return cleaned.toLowerCase();\n}\n\n/**\n * Build the PegIn transaction from a funded Pre-PegIn transaction.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output at htlcVout via the\n * hashlock + all-party script (leaf 0).\n *\n * @param params - Build parameters including Pre-PegIn params and funded tx hex\n * @returns PegIn transaction details\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPeginTxFromFundedPrePegin(\n params: BuildPeginTxParams,\n): Promise<PeginTxResult> {\n // WASM reconstructs the Pre-PegIn template from these params to\n // decode the funded tx. Must pass `authAnchorHash` (normalized\n // identically to buildPrePeginPsbt) so the reconstruction matches\n // the original outputs, including the OP_RETURN at vout =\n // hashlocks.length.\n const result = await buildPeginTxFromPrePegin(\n {\n depositorPubkey: params.prePeginParams.depositorPubkey,\n vaultProviderPubkey: params.prePeginParams.vaultProviderPubkey,\n vaultKeeperPubkeys: params.prePeginParams.vaultKeeperPubkeys,\n universalChallengerPubkeys:\n params.prePeginParams.universalChallengerPubkeys,\n hashlocks: [...params.prePeginParams.hashlocks],\n timelockRefund: params.prePeginParams.timelockRefund,\n pegInAmounts: [...params.prePeginParams.pegInAmounts],\n feeRate: params.prePeginParams.feeRate,\n numLocalChallengers: params.prePeginParams.numLocalChallengers,\n councilQuorum: params.prePeginParams.councilQuorum,\n councilSize: params.prePeginParams.councilSize,\n network: params.prePeginParams.network,\n authAnchorHash: normalizeAuthAnchorHash(\n params.prePeginParams.authAnchorHash,\n ),\n },\n params.timelockPegin,\n params.fundedPrePeginTxHex,\n params.htlcVout,\n );\n\n return {\n txHex: result.txHex,\n txid: result.txid,\n vaultScriptPubKey: result.vaultScriptPubKey,\n vaultValue: result.vaultValue,\n };\n}\n","/**\n * PegIn Input PSBT Builder\n *\n * Builds the PSBT for the depositor to sign the PegIn transaction's HTLC input\n * (Pre-PegIn HTLC leaf 0 — the hashlock + all-party script).\n *\n * This is the \"Sign Pegin transaction HTLC leaf 0 input\" step in the pre-pegin\n * flow. The depositor signs input 0 of the PegIn transaction,\n * which spends output 0 of the funded Pre-PegIn transaction via script-path.\n *\n * @module primitives/psbt/peginInput\n */\n\nimport {\n getPrePeginHtlcConnectorInfo,\n tapInternalPubkey,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { TAPSCRIPT_LEAF_VERSION, hexToUint8Array, stripHexPrefix, uint8ArrayToHex } from \"../utils/bitcoin\";\n\n/**\n * Parameters for building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtParams {\n /**\n * PegIn transaction hex (1 input spending Pre-PegIn HTLC output 0).\n * Returned by buildPeginTxFromFundedPrePegin().\n */\n peginTxHex: string;\n /**\n * Funded Pre-PegIn transaction hex.\n * Used to look up the HTLC output that the PegIn input spends.\n */\n fundedPrePeginTxHex: string;\n /** Depositor's BTC public key (x-only, 64-char hex) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment (64 hex chars = 32 bytes) */\n hashlock: string;\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Bitcoin network */\n network: Network;\n}\n\n/**\n * Result of building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtResult {\n /** PSBT hex for the depositor to sign */\n psbtHex: string;\n}\n\n/**\n * Build PSBT for depositor to sign the PegIn transaction's HTLC leaf 0 input.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output (output 0) via the\n * hashlock + all-party script (leaf 0). The depositor provides one of the required\n * signatures; the vault provider and keepers provide theirs separately via the\n * signPeginInput RPC.\n *\n * The PSBT uses Taproot script-path spending:\n * - witnessUtxo: the Pre-PegIn HTLC output\n * - tapLeafScript: hashlock leaf script + control block\n * - tapInternalKey: NUMS unspendable key (BIP-341 nothing-up-my-sleeve)\n *\n * @param params - PegIn input PSBT parameters\n * @returns PSBT hex ready for depositor signing\n * @throws If PegIn tx does not have exactly 1 input\n * @throws If PegIn input does not reference the Pre-PegIn HTLC output\n * @throws If Pre-PegIn tx output 0 is not found\n */\nexport async function buildPeginInputPsbt(\n params: BuildPeginInputPsbtParams,\n): Promise<BuildPeginInputPsbtResult> {\n const peginTxHex = stripHexPrefix(params.peginTxHex);\n const fundedPrePeginTxHex = stripHexPrefix(params.fundedPrePeginTxHex);\n\n const htlcConnector = await getPrePeginHtlcConnectorInfo({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlock: params.hashlock,\n timelockRefund: params.timelockRefund,\n network: params.network,\n });\n\n const peginTx = Transaction.fromHex(peginTxHex);\n const prePeginTx = Transaction.fromHex(fundedPrePeginTxHex);\n\n if (peginTx.ins.length !== 1) {\n throw new Error(\n `PegIn transaction must have exactly 1 input, got ${peginTx.ins.length}`,\n );\n }\n\n const peginInput = peginTx.ins[0];\n\n // Verify PegIn input 0 spends Pre-PegIn output 0\n const prePeginTxid = prePeginTx.getId();\n const peginInputTxid = uint8ArrayToHex(\n new Uint8Array(peginInput.hash).slice().reverse(),\n );\n\n if (peginInputTxid !== prePeginTxid) {\n throw new Error(\n `PegIn input does not reference the Pre-PegIn transaction. ` +\n `Expected ${prePeginTxid}, got ${peginInputTxid}`,\n );\n }\n\n const htlcOutput = prePeginTx.outs[peginInput.index];\n if (!htlcOutput) {\n throw new Error(\n `Pre-PegIn output ${peginInput.index} not found ` +\n `(Pre-PegIn has ${prePeginTx.outs.length} outputs)`,\n );\n }\n\n const hashlockScript = hexToUint8Array(htlcConnector.hashlockScript);\n const hashlockControlBlock = hexToUint8Array(htlcConnector.hashlockControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(peginTx.version);\n psbt.setLocktime(peginTx.locktime);\n\n // Input 0: PegIn input spending Pre-PegIn HTLC output 0 via hashlock leaf (leaf 0).\n // The depositor signs using Taproot script-path spending.\n psbt.addInput({\n hash: peginInput.hash,\n index: peginInput.index,\n sequence: peginInput.sequence,\n witnessUtxo: {\n script: htlcOutput.script,\n value: htlcOutput.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(hashlockScript),\n controlBlock: Buffer.from(hashlockControlBlock),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n // sighashType omitted — defaults to SIGHASH_DEFAULT (0x00) for Taproot\n });\n\n for (const output of peginTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return { psbtHex: psbt.toHex() };\n}\n\n/**\n * Extract the depositor's Schnorr signature from a signed PegIn input PSBT.\n *\n * Supports both non-finalized PSBTs (tapScriptSig) and finalized PSBTs (witness).\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's x-only public key (64-char hex)\n * @returns 64-byte Schnorr signature (128 hex chars, no sighash flag)\n * @throws If no signature is found for the depositor's key\n */\nexport function extractPeginInputSignature(\n signedPsbtHex: string,\n depositorPubkey: string,\n): string {\n const signedPsbt = Psbt.fromHex(signedPsbtHex);\n const input = signedPsbt.data.inputs[0];\n\n if (!input) {\n throw new Error(\"PegIn PSBT has no inputs\");\n }\n\n // Non-finalized PSBT — extract from tapScriptSig\n if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n const depositorPubkeyBytes = Buffer.from(\n hexToUint8Array(depositorPubkey),\n );\n\n for (const sigEntry of input.tapScriptSig) {\n if (sigEntry.pubkey.equals(depositorPubkeyBytes)) {\n return extractSchnorrSig(sigEntry.signature);\n }\n }\n\n throw new Error(\n `No PegIn input signature found for depositor pubkey: ${depositorPubkey}`,\n );\n }\n\n // Finalized PSBT — the witness stack order depends on the wallet's finalizer,\n // so we cannot reliably pick the depositor's signature by position. Require\n // the non-finalized tapScriptSig path which identifies signatures by pubkey.\n if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n throw new Error(\n \"PegIn input PSBT is already finalized. Cannot reliably extract the \" +\n \"depositor signature from the witness stack. Ensure the wallet returns \" +\n \"a non-finalized PSBT with tapScriptSig entries.\",\n );\n }\n\n throw new Error(\n \"No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT\",\n );\n}\n\n/**\n * Finalize a signed PegIn input PSBT and return the depositor-signed transaction hex.\n *\n * The default tapscript finalizer builds the full witness stack [sig, script, controlBlock]\n * that vaultd requires when verifying the depositor signature on-chain.\n *\n * @param signedPsbtHex - Non-finalized signed PSBT hex (returned by wallet with autoFinalized: false)\n * @returns Depositor-signed PegIn transaction hex with full taproot witness stack\n */\nexport function finalizePeginInputPsbt(signedPsbtHex: string): string {\n const psbt = Psbt.fromHex(signedPsbtHex);\n\n // Some wallets (UniSat, OKX) ignore autoFinalized: false and return\n // already-finalized PSBTs. finalizeAllInputs() throws in that case,\n // so fall back to verifying the wallet already finalized all inputs.\n try {\n psbt.finalizeAllInputs();\n } catch (e) {\n const allFinalized = psbt.data.inputs.every(\n (inp) => inp.finalScriptWitness || inp.finalScriptSig,\n );\n if (!allFinalized) {\n throw new Error(\n `PSBT finalization failed and wallet did not auto-finalize: ${e}`,\n );\n }\n }\n\n return psbt.extractTransaction().toHex();\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature, stripping sighash flag if present.\n * Accepts 64-byte sigs (implicit SIGHASH_DEFAULT) and 65-byte sigs with\n * SIGHASH_ALL (0x01). Rejects all other sighash types including 0x00, which\n * is consensus-invalid per BIP-342 when explicitly appended.\n * @internal\n */\nexport function extractSchnorrSig(sig: Uint8Array): string {\n if (sig.length === 64) {\n return uint8ArrayToHex(new Uint8Array(sig));\n }\n if (sig.length === 65) {\n const sighashByte = sig[64];\n // Only accept SIGHASH_ALL (0x01). Per BIP-342, SIGHASH_DEFAULT is signaled\n // by omitting the sighash byte (64-byte sig). A 65-byte sig with byte 64\n // set to 0x00 is consensus-invalid: Bitcoin Core rejects it with\n // SCRIPT_ERR_SCHNORR_SIG_HASHTYPE. Accepting 0x00 here would let\n // extractPeginInputSignature succeed (stripping the byte) while\n // finalizePeginInputPsbt passes the raw 65-byte sig into the witness,\n // producing a BTC transaction that can never confirm.\n if (sighashByte !== Transaction.SIGHASH_ALL) {\n throw new Error(\n `Unexpected sighash type 0x${sighashByte.toString(16).padStart(2, \"0\")} in PegIn input signature. ` +\n `Expected SIGHASH_DEFAULT (64-byte sig) or SIGHASH_ALL (0x01).`,\n );\n }\n return uint8ArrayToHex(new Uint8Array(sig.subarray(0, 64)));\n }\n throw new Error(`Unexpected PegIn input signature length: ${sig.length}`);\n}\n\n","/**\n * Depositor Payout PSBT Builder\n *\n * Builds unsigned PSBTs for the depositor's own Payout transaction\n * (depositor-as-claimer path). The depositor signs input 0 using the\n * payout taproot script from WasmPeginPayoutConnector (PegIn vault UTXO).\n *\n * Input 0 spends PegIn:0 (the vault UTXO) — the same connector used for\n * VP/VK payout signing. The VP verifies this signature using the\n * PeginPayoutConnector's payout script.\n *\n * @module primitives/psbt/depositorPayout\n * @see btc-vault crates/vault/src/sign.rs — verify_depositor_signature / get_payout_tap_leaf_hash\n */\n\nimport {\n type PayoutConnectorParams,\n getPeginPayoutScriptInfo,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport {\n TAPSCRIPT_LEAF_VERSION,\n hexToUint8Array,\n stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a depositor Payout PSBT\n */\nexport interface DepositorPayoutParams {\n /** Payout transaction hex (unsigned) from VP */\n payoutTxHex: string;\n /** Prevouts for all inputs [{script_pubkey, value}] from VP */\n prevouts: Array<{ script_pubkey: string; value: number }>;\n /** Parameters for the PeginPayout connector (depositor, VP, VKs, UCs, timelock) */\n connectorParams: PayoutConnectorParams;\n}\n\n/**\n * Build unsigned depositor Payout PSBT.\n *\n * The depositor's payout transaction has 2 inputs:\n * - Input 0: PegIn:0 (vault UTXO) — depositor signs using PeginPayoutConnector payout script\n * - Input 1: Assert:0 — NOT signed by depositor\n *\n * @param params - Depositor payout parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildDepositorPayoutPsbt(\n params: DepositorPayoutParams,\n): Promise<string> {\n const payoutTxHex = stripHexPrefix(params.payoutTxHex);\n const payoutTx = Transaction.fromHex(payoutTxHex);\n\n // Get payout script and control block from WASM (PeginPayoutConnector)\n const { payoutScript, payoutControlBlock } = await getPeginPayoutScriptInfo(\n params.connectorParams,\n );\n const scriptBytes = hexToUint8Array(payoutScript);\n const controlBlock = hexToUint8Array(payoutControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(payoutTx.version);\n psbt.setLocktime(payoutTx.locktime);\n\n // Add all inputs - depositor signs input 0 only\n for (let i = 0; i < payoutTx.ins.length; i++) {\n const input = payoutTx.ins[i];\n const prevout = params.prevouts[i];\n\n if (!prevout) {\n throw new Error(`Missing prevout data for input ${i}`);\n }\n\n const inputData: Parameters<typeof psbt.addInput>[0] = {\n hash: input.hash,\n index: input.index,\n sequence: input.sequence,\n witnessUtxo: {\n script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n value: prevout.value,\n },\n };\n\n // Input 0: depositor signs using taproot script path\n if (i === 0) {\n inputData.tapLeafScript = [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(scriptBytes),\n controlBlock: Buffer.from(controlBlock),\n },\n ];\n inputData.tapInternalKey = Buffer.from(tapInternalPubkey);\n }\n\n psbt.addInput(inputData);\n }\n\n // Add outputs\n for (const output of payoutTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return psbt.toHex();\n}\n\n","/**\n * NoPayout PSBT Builder\n *\n * Builds unsigned PSBTs for the depositor's NoPayout transaction\n * (depositor-as-claimer path, per challenger). The depositor signs input 0\n * using the NoPayout taproot script from WasmAssertPayoutNoPayoutConnector.\n *\n * @module primitives/psbt/noPayout\n * @see btc-vault crates/vault/docs/btc-transactions-spec.md — Assert output 0 NoPayout connector\n */\n\nimport {\n type AssertPayoutNoPayoutConnectorParams,\n getAssertNoPayoutScriptInfo,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport {\n TAPSCRIPT_LEAF_VERSION,\n hexToUint8Array,\n stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a NoPayout PSBT\n */\nexport interface NoPayoutParams {\n /** NoPayout transaction hex (unsigned) from VP */\n noPayoutTxHex: string;\n /** Challenger's x-only public key (hex encoded) */\n challengerPubkey: string;\n /** Prevouts for all inputs [{script_pubkey, value}] from VP */\n prevouts: Array<{ script_pubkey: string; value: number }>;\n /** Parameters for the Assert Payout/NoPayout connector */\n connectorParams: AssertPayoutNoPayoutConnectorParams;\n}\n\n/**\n * Build unsigned NoPayout PSBT.\n *\n * The NoPayout transaction is specific to each challenger.\n * Input 0 is the one the depositor signs using the NoPayout taproot script path.\n *\n * @param params - NoPayout parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildNoPayoutPsbt(\n params: NoPayoutParams,\n): Promise<string> {\n const noPayoutTxHex = stripHexPrefix(params.noPayoutTxHex);\n const noPayoutTx = Transaction.fromHex(noPayoutTxHex);\n\n // Get NoPayout script and control block for this challenger\n const { noPayoutScript, noPayoutControlBlock } =\n await getAssertNoPayoutScriptInfo(\n params.connectorParams,\n params.challengerPubkey,\n );\n\n const scriptBytes = hexToUint8Array(noPayoutScript);\n const controlBlockBytes = hexToUint8Array(noPayoutControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(noPayoutTx.version);\n psbt.setLocktime(noPayoutTx.locktime);\n\n // Add all inputs - depositor signs input 0 only\n for (let i = 0; i < noPayoutTx.ins.length; i++) {\n const input = noPayoutTx.ins[i];\n const prevout = params.prevouts[i];\n\n if (!prevout) {\n throw new Error(`Missing prevout data for input ${i}`);\n }\n\n const inputData: Parameters<typeof psbt.addInput>[0] = {\n hash: input.hash,\n index: input.index,\n sequence: input.sequence,\n witnessUtxo: {\n script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n value: prevout.value,\n },\n };\n\n // Input 0: depositor signs using taproot script path\n if (i === 0) {\n inputData.tapLeafScript = [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(scriptBytes),\n controlBlock: Buffer.from(controlBlockBytes),\n },\n ];\n inputData.tapInternalKey = Buffer.from(tapInternalPubkey);\n }\n\n psbt.addInput(inputData);\n }\n\n // Add outputs\n for (const output of noPayoutTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return psbt.toHex();\n}\n","/**\n * ChallengeAssert PSBT Builder\n *\n * Builds an unsigned PSBT for a ChallengeAssert transaction\n * (depositor-as-claimer path, per challenger). The ChallengeAssert tx has\n * NUM_UTXOS_FOR_CHALLENGE_ASSERT (3) inputs, each spending a different Assert\n * output segment. The depositor signs ALL inputs, each with its own taproot\n * script derived from the per-segment connector params.\n *\n * @module primitives/psbt/challengeAssert\n * @see btc-vault crates/vault/docs/btc-transactions-spec.md — ChallengeAssert connector (NUM_UTXOS_FOR_CHALLENGE_ASSERT=3)\n */\n\nimport {\n type ChallengeAssertConnectorParams,\n getChallengeAssertScriptInfo,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport {\n TAPSCRIPT_LEAF_VERSION,\n hexToUint8Array,\n stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a ChallengeAssert PSBT\n */\nexport interface ChallengeAssertParams {\n /** ChallengeAssert transaction hex (unsigned) from VP */\n challengeAssertTxHex: string;\n /** Prevouts for all inputs [{script_pubkey, value}] from VP (flat, one per input) */\n prevouts: Array<{ script_pubkey: string; value: number }>;\n /** Per-input connector params (one per input/segment, determines the taproot script) */\n connectorParamsPerInput: ChallengeAssertConnectorParams[];\n}\n\n/**\n * Build unsigned ChallengeAssert PSBT.\n *\n * The ChallengeAssert transaction has 3 inputs (one per Assert output segment).\n * Each input has its own taproot script derived from its connector params.\n * The depositor signs all inputs.\n *\n * @param params - ChallengeAssert parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildChallengeAssertPsbt(\n params: ChallengeAssertParams,\n): Promise<string> {\n const challengeAssertTxHex = stripHexPrefix(params.challengeAssertTxHex);\n const challengeAssertTx = Transaction.fromHex(challengeAssertTxHex);\n\n if (params.connectorParamsPerInput.length !== challengeAssertTx.ins.length) {\n throw new Error(\n `Expected ${challengeAssertTx.ins.length} connector params, got ${params.connectorParamsPerInput.length}`,\n );\n }\n\n // Get script and control block for each input from WASM\n const scriptInfos = await Promise.all(\n params.connectorParamsPerInput.map((cp) => getChallengeAssertScriptInfo(cp)),\n );\n\n const psbt = new Psbt();\n psbt.setVersion(challengeAssertTx.version);\n psbt.setLocktime(challengeAssertTx.locktime);\n\n // Add all inputs — depositor signs every input\n for (let i = 0; i < challengeAssertTx.ins.length; i++) {\n const input = challengeAssertTx.ins[i];\n const prevout = params.prevouts[i];\n\n if (!prevout) {\n throw new Error(`Missing prevout data for input ${i}`);\n }\n\n const { script, controlBlock } = scriptInfos[i];\n const scriptBytes = hexToUint8Array(script);\n const controlBlockBytes = hexToUint8Array(controlBlock);\n\n psbt.addInput({\n hash: input.hash,\n index: input.index,\n sequence: input.sequence,\n witnessUtxo: {\n script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n value: prevout.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(scriptBytes),\n controlBlock: Buffer.from(controlBlockBytes),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n });\n }\n\n // Add outputs\n for (const output of challengeAssertTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return psbt.toHex();\n}\n"],"names":["normalizeKey","key","processPublicKeyToXOnly","computeNumLocalChallengers","vaultProviderPubkey","vaultKeeperPubkeys","depositorPubkey","localSet","vk","AUTH_ANCHOR_HASH_HEX_LEN","HEX_PATTERN","buildPrePeginPsbt","params","authAnchorHash","normalizeAuthAnchorHash","result","createPrePeginTransaction","totalOutputValue","parseUnfundedWasmTransaction","sum","o","authAnchorVout","value","cleaned","buildPeginTxFromFundedPrePegin","buildPeginTxFromPrePegin","buildPeginInputPsbt","peginTxHex","stripHexPrefix","fundedPrePeginTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","peginTx","Transaction","prePeginTx","peginInput","prePeginTxid","peginInputTxid","uint8ArrayToHex","htlcOutput","hashlockScript","hexToUint8Array","hashlockControlBlock","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","extractPeginInputSignature","signedPsbtHex","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","finalizePeginInputPsbt","e","inp","sig","sighashByte","buildDepositorPayoutPsbt","payoutTxHex","payoutTx","payoutScript","payoutControlBlock","getPeginPayoutScriptInfo","scriptBytes","controlBlock","prevout","inputData","buildNoPayoutPsbt","noPayoutTxHex","noPayoutTx","noPayoutScript","noPayoutControlBlock","getAssertNoPayoutScriptInfo","controlBlockBytes","buildChallengeAssertPsbt","challengeAssertTxHex","challengeAssertTx","scriptInfos","cp","getChallengeAssertScriptInfo","i","script"],"mappings":";;;;;AAeA,SAASA,EAAaC,GAAqB;AACzC,SAAOC,EAAwBD,CAAG,EAAE,YAAA;AACtC;AAgBO,SAASE,EACdC,GACAC,GACAC,GACQ;AACR,QAAMC,wBAAe,IAAA;AACrB,EAAAA,EAAS,IAAIP,EAAaI,CAAmB,CAAC;AAC9C,aAAWI,KAAMH;AACf,IAAAE,EAAS,IAAIP,EAAaQ,CAAE,CAAC;AAE/B,SAAAD,EAAS,OAAOP,EAAaM,CAAe,CAAC,GACtCC,EAAS;AAClB;ACqBA,MAAME,IAA2B,IAE3BC,IAAc;AA2EpB,eAAsBC,EACpBC,GAC6B;AAC7B,QAAMC,IAAiBC,EAAwBF,EAAO,cAAc,GAE9DG,IAAS,MAAMC,EAA0B;AAAA,IAC7C,iBAAiBJ,EAAO;AAAA,IACxB,qBAAqBA,EAAO;AAAA,IAC5B,oBAAoBA,EAAO;AAAA,IAC3B,4BAA4BA,EAAO;AAAA,IACnC,WAAW,CAAC,GAAGA,EAAO,SAAS;AAAA,IAC/B,gBAAgBA,EAAO;AAAA,IACvB,cAAc,CAAC,GAAGA,EAAO,YAAY;AAAA,IACrC,SAASA,EAAO;AAAA,IAChB,qBAAqBA,EAAO;AAAA,IAC5B,eAAeA,EAAO;AAAA,IACtB,aAAaA,EAAO;AAAA,IACpB,SAASA,EAAO;AAAA,IAChB,gBAAAC;AAAA,EAAA,CACD,GAMKI,IADSC,EAA6BH,EAAO,KAAK,EACxB,QAAQ;AAAA,IACtC,CAACI,GAAKC,MAAMD,IAAM,OAAOC,EAAE,KAAK;AAAA,IAChC;AAAA,EAAA,GAKIC,IACJR,MAAmB,SAAYE,EAAO,WAAW,SAAS;AAE5D,SAAO;AAAA,IACL,SAASA,EAAO;AAAA,IAChB,kBAAAE;AAAA,IACA,YAAYF,EAAO;AAAA,IACnB,mBAAmBA,EAAO;AAAA,IAC1B,eAAeA,EAAO;AAAA,IACtB,cAAcA,EAAO;AAAA,IACrB,qBAAqBA,EAAO;AAAA,IAC5B,gBAAAM;AAAA,EAAA;AAEJ;AAMA,SAASP,EACPQ,GACoB;AACpB,MAAIA,MAAU,OAAW;AACzB,QAAMC,IACJD,EAAM,WAAW,IAAI,KAAKA,EAAM,WAAW,IAAI,IAAIA,EAAM,MAAM,CAAC,IAAIA;AACtE,MACEC,EAAQ,WAAWd,KACnB,CAACC,EAAY,KAAKa,CAAO;AAEzB,UAAM,IAAI;AAAA,MACR,uCAAuCd,CAAwB,qCAAqCc,EAAQ,MAAM;AAAA,IAAA;AAGtH,SAAOA,EAAQ,YAAA;AACjB;AAYA,eAAsBC,EACpBZ,GACwB;AAMxB,QAAMG,IAAS,MAAMU;AAAA,IACnB;AAAA,MACE,iBAAiBb,EAAO,eAAe;AAAA,MACvC,qBAAqBA,EAAO,eAAe;AAAA,MAC3C,oBAAoBA,EAAO,eAAe;AAAA,MAC1C,4BACEA,EAAO,eAAe;AAAA,MACxB,WAAW,CAAC,GAAGA,EAAO,eAAe,SAAS;AAAA,MAC9C,gBAAgBA,EAAO,eAAe;AAAA,MACtC,cAAc,CAAC,GAAGA,EAAO,eAAe,YAAY;AAAA,MACpD,SAASA,EAAO,eAAe;AAAA,MAC/B,qBAAqBA,EAAO,eAAe;AAAA,MAC3C,eAAeA,EAAO,eAAe;AAAA,MACrC,aAAaA,EAAO,eAAe;AAAA,MACnC,SAASA,EAAO,eAAe;AAAA,MAC/B,gBAAgBE;AAAA,QACdF,EAAO,eAAe;AAAA,MAAA;AAAA,IACxB;AAAA,IAEFA,EAAO;AAAA,IACPA,EAAO;AAAA,IACPA,EAAO;AAAA,EAAA;AAGT,SAAO;AAAA,IACL,OAAOG,EAAO;AAAA,IACd,MAAMA,EAAO;AAAA,IACb,mBAAmBA,EAAO;AAAA,IAC1B,YAAYA,EAAO;AAAA,EAAA;AAEvB;ACpLA,eAAsBW,EACpBd,GACoC;AACpC,QAAMe,IAAaC,EAAehB,EAAO,UAAU,GAC7CiB,IAAsBD,EAAehB,EAAO,mBAAmB,GAE/DkB,IAAgB,MAAMC,EAA6B;AAAA,IACvD,iBAAiBnB,EAAO;AAAA,IACxB,qBAAqBA,EAAO;AAAA,IAC5B,oBAAoBA,EAAO;AAAA,IAC3B,4BAA4BA,EAAO;AAAA,IACnC,UAAUA,EAAO;AAAA,IACjB,gBAAgBA,EAAO;AAAA,IACvB,SAASA,EAAO;AAAA,EAAA,CACjB,GAEKoB,IAAUC,EAAY,QAAQN,CAAU,GACxCO,IAAaD,EAAY,QAAQJ,CAAmB;AAE1D,MAAIG,EAAQ,IAAI,WAAW;AACzB,UAAM,IAAI;AAAA,MACR,oDAAoDA,EAAQ,IAAI,MAAM;AAAA,IAAA;AAI1E,QAAMG,IAAaH,EAAQ,IAAI,CAAC,GAG1BI,IAAeF,EAAW,MAAA,GAC1BG,IAAiBC;AAAA,IACrB,IAAI,WAAWH,EAAW,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ;AAGlD,MAAIE,MAAmBD;AACrB,UAAM,IAAI;AAAA,MACR,sEACcA,CAAY,SAASC,CAAc;AAAA,IAAA;AAIrD,QAAME,IAAaL,EAAW,KAAKC,EAAW,KAAK;AACnD,MAAI,CAACI;AACH,UAAM,IAAI;AAAA,MACR,oBAAoBJ,EAAW,KAAK,6BAChBD,EAAW,KAAK,MAAM;AAAA,IAAA;AAI9C,QAAMM,IAAiBC,EAAgBX,EAAc,cAAc,GAC7DY,IAAuBD,EAAgBX,EAAc,oBAAoB,GAEzEa,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWX,EAAQ,OAAO,GAC/BW,EAAK,YAAYX,EAAQ,QAAQ,GAIjCW,EAAK,SAAS;AAAA,IACZ,MAAMR,EAAW;AAAA,IACjB,OAAOA,EAAW;AAAA,IAClB,UAAUA,EAAW;AAAA,IACrB,aAAa;AAAA,MACX,QAAQI,EAAW;AAAA,MACnB,OAAOA,EAAW;AAAA,IAAA;AAAA,IAEpB,eAAe;AAAA,MACb;AAAA,QACE,aAAaM;AAAA,QACb,QAAQC,EAAO,KAAKN,CAAc;AAAA,QAClC,cAAcM,EAAO,KAAKJ,CAAoB;AAAA,MAAA;AAAA,IAChD;AAAA,IAEF,gBAAgBI,EAAO,KAAKC,CAAiB;AAAA;AAAA,EAAA,CAE9C;AAED,aAAWC,KAAUhB,EAAQ;AAC3B,IAAAW,EAAK,UAAU;AAAA,MACb,QAAQK,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAO,EAAE,SAASL,EAAK,QAAM;AAC/B;AAYO,SAASM,EACdC,GACA5C,GACQ;AAER,QAAM6C,IADaP,EAAK,QAAQM,CAAa,EACpB,KAAK,OAAO,CAAC;AAEtC,MAAI,CAACC;AACH,UAAM,IAAI,MAAM,0BAA0B;AAI5C,MAAIA,EAAM,gBAAgBA,EAAM,aAAa,SAAS,GAAG;AACvD,UAAMC,IAAuBN,EAAO;AAAA,MAClCL,EAAgBnC,CAAe;AAAA,IAAA;AAGjC,eAAW+C,KAAYF,EAAM;AAC3B,UAAIE,EAAS,OAAO,OAAOD,CAAoB;AAC7C,eAAOE,EAAkBD,EAAS,SAAS;AAI/C,UAAM,IAAI;AAAA,MACR,wDAAwD/C,CAAe;AAAA,IAAA;AAAA,EAE3E;AAKA,QAAI6C,EAAM,sBAAsBA,EAAM,mBAAmB,SAAS,IAC1D,IAAI;AAAA,IACR;AAAA,EAAA,IAME,IAAI;AAAA,IACR;AAAA,EAAA;AAEJ;AAWO,SAASI,EAAuBL,GAA+B;AACpE,QAAMP,IAAOC,EAAK,QAAQM,CAAa;AAKvC,MAAI;AACF,IAAAP,EAAK,kBAAA;AAAA,EACP,SAASa,GAAG;AAIV,QAAI,CAHiBb,EAAK,KAAK,OAAO;AAAA,MACpC,CAACc,MAAQA,EAAI,sBAAsBA,EAAI;AAAA,IAAA;AAGvC,YAAM,IAAI;AAAA,QACR,8DAA8DD,CAAC;AAAA,MAAA;AAAA,EAGrE;AAEA,SAAOb,EAAK,mBAAA,EAAqB,MAAA;AACnC;AASO,SAASW,EAAkBI,GAAyB;AACzD,MAAIA,EAAI,WAAW;AACjB,WAAOpB,EAAgB,IAAI,WAAWoB,CAAG,CAAC;AAE5C,MAAIA,EAAI,WAAW,IAAI;AACrB,UAAMC,IAAcD,EAAI,EAAE;AAQ1B,QAAIC,MAAgB1B,EAAY;AAC9B,YAAM,IAAI;AAAA,QACR,6BAA6B0B,EAAY,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC;AAAA,MAAA;AAI1E,WAAOrB,EAAgB,IAAI,WAAWoB,EAAI,SAAS,GAAG,EAAE,CAAC,CAAC;AAAA,EAC5D;AACA,QAAM,IAAI,MAAM,4CAA4CA,EAAI,MAAM,EAAE;AAC1E;ACpOA,eAAsBE,EACpBhD,GACiB;AACjB,QAAMiD,IAAcjC,EAAehB,EAAO,WAAW,GAC/CkD,IAAW7B,EAAY,QAAQ4B,CAAW,GAG1C,EAAE,cAAAE,GAAc,oBAAAC,EAAA,IAAuB,MAAMC;AAAA,IACjDrD,EAAO;AAAA,EAAA,GAEHsD,IAAczB,EAAgBsB,CAAY,GAC1CI,IAAe1B,EAAgBuB,CAAkB,GAEjDrB,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWmB,EAAS,OAAO,GAChCnB,EAAK,YAAYmB,EAAS,QAAQ;AAGlC,WAAS,IAAI,GAAG,IAAIA,EAAS,IAAI,QAAQ,KAAK;AAC5C,UAAMX,IAAQW,EAAS,IAAI,CAAC,GACtBM,IAAUxD,EAAO,SAAS,CAAC;AAEjC,QAAI,CAACwD;AACH,YAAM,IAAI,MAAM,kCAAkC,CAAC,EAAE;AAGvD,UAAMC,IAAiD;AAAA,MACrD,MAAMlB,EAAM;AAAA,MACZ,OAAOA,EAAM;AAAA,MACb,UAAUA,EAAM;AAAA,MAChB,aAAa;AAAA,QACX,QAAQL,EAAO,KAAKL,EAAgBb,EAAewC,EAAQ,aAAa,CAAC,CAAC;AAAA,QAC1E,OAAOA,EAAQ;AAAA,MAAA;AAAA,IACjB;AAIF,IAAI,MAAM,MACRC,EAAU,gBAAgB;AAAA,MACxB;AAAA,QACE,aAAaxB;AAAA,QACb,QAAQC,EAAO,KAAKoB,CAAW;AAAA,QAC/B,cAAcpB,EAAO,KAAKqB,CAAY;AAAA,MAAA;AAAA,IACxC,GAEFE,EAAU,iBAAiBvB,EAAO,KAAKC,CAAiB,IAG1DJ,EAAK,SAAS0B,CAAS;AAAA,EACzB;AAGA,aAAWrB,KAAUc,EAAS;AAC5B,IAAAnB,EAAK,UAAU;AAAA,MACb,QAAQK,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAOL,EAAK,MAAA;AACd;AC/DA,eAAsB2B,EACpB1D,GACiB;AACjB,QAAM2D,IAAgB3C,EAAehB,EAAO,aAAa,GACnD4D,IAAavC,EAAY,QAAQsC,CAAa,GAG9C,EAAE,gBAAAE,GAAgB,sBAAAC,EAAA,IACtB,MAAMC;AAAA,IACJ/D,EAAO;AAAA,IACPA,EAAO;AAAA,EAAA,GAGLsD,IAAczB,EAAgBgC,CAAc,GAC5CG,IAAoBnC,EAAgBiC,CAAoB,GAExD/B,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAW6B,EAAW,OAAO,GAClC7B,EAAK,YAAY6B,EAAW,QAAQ;AAGpC,WAAS,IAAI,GAAG,IAAIA,EAAW,IAAI,QAAQ,KAAK;AAC9C,UAAMrB,IAAQqB,EAAW,IAAI,CAAC,GACxBJ,IAAUxD,EAAO,SAAS,CAAC;AAEjC,QAAI,CAACwD;AACH,YAAM,IAAI,MAAM,kCAAkC,CAAC,EAAE;AAGvD,UAAMC,IAAiD;AAAA,MACrD,MAAMlB,EAAM;AAAA,MACZ,OAAOA,EAAM;AAAA,MACb,UAAUA,EAAM;AAAA,MAChB,aAAa;AAAA,QACX,QAAQL,EAAO,KAAKL,EAAgBb,EAAewC,EAAQ,aAAa,CAAC,CAAC;AAAA,QAC1E,OAAOA,EAAQ;AAAA,MAAA;AAAA,IACjB;AAIF,IAAI,MAAM,MACRC,EAAU,gBAAgB;AAAA,MACxB;AAAA,QACE,aAAaxB;AAAA,QACb,QAAQC,EAAO,KAAKoB,CAAW;AAAA,QAC/B,cAAcpB,EAAO,KAAK8B,CAAiB;AAAA,MAAA;AAAA,IAC7C,GAEFP,EAAU,iBAAiBvB,EAAO,KAAKC,CAAiB,IAG1DJ,EAAK,SAAS0B,CAAS;AAAA,EACzB;AAGA,aAAWrB,KAAUwB,EAAW;AAC9B,IAAA7B,EAAK,UAAU;AAAA,MACb,QAAQK,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAOL,EAAK,MAAA;AACd;AC9DA,eAAsBkC,EACpBjE,GACiB;AACjB,QAAMkE,IAAuBlD,EAAehB,EAAO,oBAAoB,GACjEmE,IAAoB9C,EAAY,QAAQ6C,CAAoB;AAElE,MAAIlE,EAAO,wBAAwB,WAAWmE,EAAkB,IAAI;AAClE,UAAM,IAAI;AAAA,MACR,YAAYA,EAAkB,IAAI,MAAM,0BAA0BnE,EAAO,wBAAwB,MAAM;AAAA,IAAA;AAK3G,QAAMoE,IAAc,MAAM,QAAQ;AAAA,IAChCpE,EAAO,wBAAwB,IAAI,CAACqE,MAAOC,EAA6BD,CAAE,CAAC;AAAA,EAAA,GAGvEtC,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWoC,EAAkB,OAAO,GACzCpC,EAAK,YAAYoC,EAAkB,QAAQ;AAG3C,WAASI,IAAI,GAAGA,IAAIJ,EAAkB,IAAI,QAAQI,KAAK;AACrD,UAAMhC,IAAQ4B,EAAkB,IAAII,CAAC,GAC/Bf,IAAUxD,EAAO,SAASuE,CAAC;AAEjC,QAAI,CAACf;AACH,YAAM,IAAI,MAAM,kCAAkCe,CAAC,EAAE;AAGvD,UAAM,EAAE,QAAAC,GAAQ,cAAAjB,MAAiBa,EAAYG,CAAC,GACxCjB,IAAczB,EAAgB2C,CAAM,GACpCR,IAAoBnC,EAAgB0B,CAAY;AAEtD,IAAAxB,EAAK,SAAS;AAAA,MACZ,MAAMQ,EAAM;AAAA,MACZ,OAAOA,EAAM;AAAA,MACb,UAAUA,EAAM;AAAA,MAChB,aAAa;AAAA,QACX,QAAQL,EAAO,KAAKL,EAAgBb,EAAewC,EAAQ,aAAa,CAAC,CAAC;AAAA,QAC1E,OAAOA,EAAQ;AAAA,MAAA;AAAA,MAEjB,eAAe;AAAA,QACb;AAAA,UACE,aAAavB;AAAA,UACb,QAAQC,EAAO,KAAKoB,CAAW;AAAA,UAC/B,cAAcpB,EAAO,KAAK8B,CAAiB;AAAA,QAAA;AAAA,MAC7C;AAAA,MAEF,gBAAgB9B,EAAO,KAAKC,CAAiB;AAAA,IAAA,CAC9C;AAAA,EACH;AAGA,aAAWC,KAAU+B,EAAkB;AACrC,IAAApC,EAAK,UAAU;AAAA,MACb,QAAQK,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAOL,EAAK,MAAA;AACd;"}

package/dist/context-BSdcD4J_.cjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";var Xt=Object.defineProperty;var qt=(e,t,n)=>t in e?Xt(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n;var x=(e,t,n)=>qt(e,typeof t!="symbol"?t+"":t,n);const F=require("bitcoinjs-lib"),et=require("buffer"),B=require("viem"),jt=require("./signing-DHSXjhLM.cjs"),ht=require("@babylonlabs-io/babylon-tbv-rust-wasm"),S=require("./challengeAssert-BM8m9gPM.cjs"),k=require("./bitcoin-DIN0OupO.cjs"),dt=require("./validation-u8W7Lp2x.cjs"),O=require("./psbtInputFields-DhGm77bP.cjs"),ft=require("./fundPeginTransaction-DaWoYCgO.cjs"),It=require("./vault-registry-reader-BizmBSBV.cjs"),c=require("./sha2-1XZuToHP.cjs");function Zt(e){const t=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(e){for(const n in e)if(n!=="default"){const s=Object.getOwnPropertyDescriptor(e,n);Object.defineProperty(t,n,s.get?s:{enumerable:!0,get:()=>e[n]})}}return t.default=e,Object.freeze(t)}const Gt=Zt(F),C={"0x04aabf33":"Vault already exists: This Bitcoin transaction has already been registered. Please select different UTXOs or use a different amount to create a unique transaction.","0x4fec082d":"Script mismatch: The Bitcoin transaction's taproot output does not match the expected vault script. This may be caused by incorrect vault participants or key configuration.","0x6cc363a5":"Invalid BTC proof of possession: The signature could not be verified. Please ensure you're signing with the correct Bitcoin wallet.","0x6c3f2bf6":"Invalid BTC public key: The Bitcoin public key format is invalid.","0x2c5211c6":"Invalid amount: The deposit amount is invalid or below the minimum required.","0x0405f772":"Application not registered: The application controller is not registered in the system.","0x24e165cc":"Invalid provider status: The vault provider is not in a valid state to accept deposits.","0xd92e233d":"Zero address: One of the required addresses is the zero address.","0x65aa7007":"BTC key mismatch: The Bitcoin public key does not match the expected key.","0x82b42900":"Unauthorized: You must be the depositor or vault provider to submit this transaction.","0x8baa579f":"Invalid signature: The BTC proof of possession signature could not be verified.","0x2f9d01e9":"Invalid BTC transaction: The Bitcoin transaction format is invalid.","0x5a3c6b3e":"Vault provider not registered: The selected vault provider is not registered.","0x979f4518":"Invalid pegin fee: The ETH fee sent does not match the required amount. This may indicate a fee rate change during the transaction.","0x5fad9694":"This pre-pegin output has already been used to activate another vault.","0x7ed061c9":"This pegin transaction has already been used to activate another vault."};function N(e){if(!e\|\|typeof e!="object")return;const t=e;if(typeof t.data=="string"&&t.data.startsWith("0x"))return t.data;if(typeof t.details=="string"&&t.details.startsWith("0x"))return t.details;let n=t.cause,s=0;const o=5;for(;n&&typeof n=="object"&&s<o;){const a=n;if(typeof a.data=="string"&&a.data.startsWith("0x"))return a.data;n=a.cause,s++}const i=(typeof t.message=="string"?t.message:"").match(/\b(0x[a-fA-F0-9]{8})\b/);if(i)return i[1]}function zt(e){const t=N(e);if(t){const n=t.substring(0,10);return C[t]??C[n]}}function Yt(e){const t=N(e);if(t===void 0)return!1;const n=t.substring(0,10);return t in C\|\|n in C}function A(e){console.error("[Contract Error] Raw error:",e);const t=N(e);if(console.error("[Contract Error] Extracted error data:",t),t){const s=t.substring(0,10),o=C[t]??C[s];if(o)throw console.error("[Contract Error] Known error:",o),new Error(o)}const n=(e==null?void 0:e.message)\|\|"";if(n.includes("gas limit too high")\|\|n.includes("21000000")\|\|n.includes("Internal JSON-RPC error")){const s=t?` (error code: ${t})`:"";throw console.error("[Contract Error] Transaction rejected. Error code:",t,"Message:",n),new Error(`Transaction failed: The contract rejected this transaction${s}. Possible causes: (1) Vault already exists for this transaction, (2) Invalid signature, (3) Unauthorized caller. Please check your transaction parameters and try again.`)}throw e instanceof Error?(console.error("[Contract Error] Unhandled error:",e.message),e):new Error(`Contract call failed: ${String(e)}`)}const Jt=0,Qt=/^0x[0-9a-f]+$/i,te=/^[0-9a-f]+$/i,ee=/^[A-Za-z0-9+/]+={0,2}$/;function R(e){if(typeof e!="string"\|\|e.length===0)throw new Error("BTC wallet returned empty public key");return k.processPublicKeyToXOnly(e).toLowerCase()}function ne(e){if(typeof e!="string"\|\|e.length===0)throw new Error("BTC wallet returned empty BIP-322 signature");if(e.startsWith("0x")\|\|e.startsWith("0X")){if(!Qt.test(e)\|\|e.length<4\|\|e.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return e.toLowerCase()}if(te.test(e)){if(e.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return`0x${e.toLowerCase()}`}if(!ee.test(e)\|\|e.length%4!==0)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");const t=et.Buffer.from(e,"base64");if(t.length===0\|\|t.toString("base64")!==e)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");return`0x${t.toString("hex")}`}function se(e,t,n,s){const o=n==null?void 0:n[`${e}:${t}`];return o?Promise.resolve({txid:e,vout:t,value:o.value,scriptPubKey:o.scriptPubKey}):It.getUtxoInfo(e,t,s)}const gt=12e4;class oe{constructor(t){x(this,"config");this.config=t}async preparePegin(t){const n=await this.config.btcWallet.getPublicKeyHex(),s=R(n),o=k.stripHexPrefix(t.vaultProviderBtcPubkey),r=t.vaultKeeperBtcPubkeys.map(k.stripHexPrefix),i=t.universalChallengerBtcPubkeys.map(k.stripHexPrefix);if(t.hashlocks.length!==t.amounts.length)throw new Error(`hashlocks.length (${t.hashlocks.length}) must equal amounts.length (${t.amounts.length})`);if(t.hashlocks.length===0)throw new Error("hashlocks must contain at least one entry");const a=r.length,d={depositorPubkey:s,vaultProviderPubkey:o,vaultKeeperPubkeys:r,universalChallengerPubkeys:i,hashlocks:t.hashlocks,timelockRefund:t.timelockRefund,pegInAmounts:t.amounts,feeRate:t.protocolFeeRate,numLocalChallengers:a,councilQuorum:t.councilQuorum,councilSize:t.councilSize,network:this.config.btcNetwork},h=await S.buildPrePeginPsbt(d),l=O.selectUtxosForPegin([...t.availableUTXOs],h.totalOutputValue,t.mempoolFeeRate,ft.peginOutputCount(h.htlcValues.length,d.authAnchorHash)),b=k.getNetwork(this.config.btcNetwork),u=ft.fundPeginTransaction({unfundedTxHex:h.psbtHex,selectedUTXOs:l.selectedUTXOs,changeAddress:t.changeAddress,changeAmount:l.changeAmount,network:b}),w=k.stripHexPrefix(O.calculateBtcTxHash(u)),g=[],P=[],E=[];for(let p=0;p<t.hashlocks.length;p++){const m=await S.buildPeginTxFromFundedPrePegin({prePeginParams:d,timelockPegin:t.timelockPegin,fundedPrePeginTxHex:u,htlcVout:p}),I=await S.buildPeginInputPsbt({peginTxHex:m.txHex,fundedPrePeginTxHex:u,depositorPubkey:s,vaultProviderPubkey:o,vaultKeeperPubkeys:r,universalChallengerPubkeys:i,hashlock:t.hashlocks[p],timelockRefund:t.timelockRefund,network:this.config.btcNetwork});g.push(m),P.push(I.psbtHex),E.push(jt.createTaprootScriptPathSignOptions(n,1))}const y=await this.signPsbtsWithFallback(P,E),f=[];for(let p=0;p<y.length;p++){const m=S.extractPeginInputSignature(y[p],s),I=S.finalizePeginInputPsbt(y[p]);f.push({htlcVout:p,htlcValue:h.htlcValues[p],peginTxHex:I,peginTxid:g[p].txid,peginInputSignature:m,vaultScriptPubKey:g[p].vaultScriptPubKey})}return{fundedPrePeginTxHex:u,prePeginTxid:w,perVault:f,selectedUTXOs:l.selectedUTXOs,fee:l.fee,changeAmount:l.changeAmount}}async signPsbtsWithFallback(t,n){if(typeof this.config.btcWallet.signPsbts=="function"){const o=await this.config.btcWallet.signPsbts(t,n);if(o.length!==t.length)throw new Error(`Expected ${t.length} signed PSBTs but received ${o.length}`);return o}const s=[];for(let o=0;o<t.length;o++){const r=await this.config.btcWallet.signPsbt(t[o],n[o]);s.push(r)}return s}async signAndBroadcast(t){const{fundedPrePeginTxHex:n,depositorBtcPubkey:s}=t,o=n.startsWith("0x")?n.slice(2):n,r=F.Transaction.fromHex(o);if(r.ins.length===0)throw new Error("Transaction has no inputs");const i=new F.Psbt;i.setVersion(r.version),i.setLocktime(r.locktime);const a=et.Buffer.from(R(s),"hex"),d=this.config.mempoolApiUrl,h=r.ins.map(f=>{const p=et.Buffer.from(f.hash).reverse().toString("hex"),m=f.index;return se(p,m,t.localPrevouts,d).then(I=>({input:f,utxoData:I,txid:p,vout:m}))}),l=await Promise.all(h),b=l.reduce((f,p)=>f+BigInt(p.utxoData.value),0n),u=r.outs.reduce((f,p)=>f+BigInt(p.value),0n);if(b<u)throw new Error(`UTXO value mismatch: total input value (${b} sat) is less than total output value (${u} sat). This may indicate the mempool API returned manipulated UTXO data.`);const w=b-u;if(w>dt.MAX_REASONABLE_FEE_SATS)throw new Error(`Implied transaction fee (${w} sat) exceeds maximum reasonable fee (${dt.MAX_REASONABLE_FEE_SATS} sat). This may indicate manipulated UTXO data.`);for(const{input:f,utxoData:p,txid:m,vout:I}of l){const T=O.getPsbtInputFields({value:p.value,scriptPubKey:p.scriptPubKey},a);i.addInput({hash:f.hash,index:f.index,sequence:f.sequence,...T})}for(const f of r.outs)i.addOutput({script:f.script,value:f.value});const g=await this.config.btcWallet.signPsbt(i.toHex()),P=F.Psbt.fromHex(g);try{P.finalizeAllInputs()}catch(f){if(!P.data.inputs.every(m=>m.finalScriptWitness\|\|m.finalScriptSig))throw new Error(`PSBT finalization failed and wallet did not auto-finalize: ${f}`)}const E=P.extractTransaction().toHex();return await It.pushTx(E,d)}async registerPeginOnChain(t){const{unsignedPrePeginTx:n,depositorSignedPeginTx:s,vaultProvider:o,hashlock:r,htlcVout:i,depositorPayoutBtcAddress:a,depositorWotsPkHash:d,popSignature:h}=t;if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const l=this.config.ethWallet.account.address;if(!B.isAddressEqual(h.depositorEthAddress,l))throw new Error(`Proof of possession was signed for ${h.depositorEthAddress} but the Ethereum wallet is currently connected to ${l}. Reconnect the original account or call signProofOfPossession() again.`);await this.assertPopMatchesBtcWallet(h);const b=h.btcPopSignature,u=k.ensureHexPrefix(h.depositorBtcPubkey),w=k.ensureHexPrefix(n),g=k.ensureHexPrefix(s),P=await this.resolvePayoutScriptPubKey(a),E=O.calculateBtcTxHash(g),y=await ht.deriveVaultId(k.stripHexPrefix(E),k.stripHexPrefix(l)),f=k.ensureHexPrefix(y);if(await this.checkVaultExists(f))throw new Error(`Vault already exists (ID: ${f}, peginTxHash: ${E}). Vault IDs are derived from the pegin transaction hash and depositor address. To create a new vault, use different UTXOs or a different amount to generate a unique transaction.`);const m=B.createPublicClient({chain:this.config.ethChain,transport:B.http()});let I;try{I=await m.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:c.BTCVaultRegistryABI,functionName:"getPegInFee",args:[o]})}catch{throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.")}const T=B.encodeFunctionData({abi:c.BTCVaultRegistryABI,functionName:"submitPeginRequest",args:[l,u,b,w,g,o,r,i,P,d]});let H;try{H=await m.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:T,value:I,account:this.config.ethWallet.account.address})}catch(K){A(K)}let v;try{v=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:T,value:I,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:H})}catch(K){A(K)}const D=await m.waitForTransactionReceipt({hash:v,timeout:gt});return D.status==="reverted"&&A(new Error(`Transaction reverted. Hash: ${v}. Check the transaction on block explorer for details.`)),{ethTxHash:D.transactionHash,vaultId:f,peginTxHash:E}}async registerPeginBatchOnChain(t){const{vaultProvider:n,unsignedPrePeginTx:s,requests:o,popSignature:r}=t;if(o.length===0)throw new Error("Batch pegin requires at least one request");if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const i=this.config.ethWallet.account.address;if(!B.isAddressEqual(r.depositorEthAddress,i))throw new Error(`Proof of possession was signed for ${r.depositorEthAddress} but the Ethereum wallet is currently connected to ${i}. Reconnect the original account or call signProofOfPossession() again.`);await this.assertPopMatchesBtcWallet(r);const a=r.btcPopSignature,d=[];for(const m of o)d.push(await this.resolvePayoutScriptPubKey(m.depositorPayoutBtcAddress));const h=[];for(const m of o){const I=k.ensureHexPrefix(m.depositorSignedPeginTx),T=O.calculateBtcTxHash(I),H=await ht.deriveVaultId(k.stripHexPrefix(T),k.stripHexPrefix(i)),v=k.ensureHexPrefix(H);if(await this.checkVaultExists(v))throw new Error(`Vault already exists (ID: ${v}, peginTxHash: ${T}). To create a new vault, use different UTXOs or a different amount.`);h.push({vaultId:v,peginTxHash:T})}const l=B.createPublicClient({chain:this.config.ethChain,transport:B.http()});let b;try{b=await l.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:c.BTCVaultRegistryABI,functionName:"getPegInFee",args:[n]})}catch{throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.")}const u=bBigInt(o.length),w=k.ensureHexPrefix(r.depositorBtcPubkey),g=k.ensureHexPrefix(s),P=o.map((m,I)=>({depositorBtcPubKey:w,btcPopSignature:a,unsignedPrePeginTx:g,depositorSignedPeginTx:k.ensureHexPrefix(m.depositorSignedPeginTx),hashlock:m.hashlock,htlcVout:m.htlcVout,referralCode:Jt,depositorPayoutBtcAddress:d[I],depositorWotsPkHash:m.depositorWotsPkHash})),E=B.encodeFunctionData({abi:c.BTCVaultRegistryABI,functionName:"submitPeginRequestBatch",args:[i,n,P]});let y;try{y=await l.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:E,value:u,account:this.config.ethWallet.account.address})}catch(m){A(m)}let f;try{f=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:E,value:u,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:y})}catch(m){A(m)}const p=await l.waitForTransactionReceipt({hash:f,timeout:gt});return p.status==="reverted"&&A(new Error(`Batch transaction reverted. Hash: ${f}. Check the transaction on block explorer for details.`)),{ethTxHash:p.transactionHash,vaults:h}}async checkVaultExists(t){try{return(await B.createPublicClient({chain:this.config.ethChain,transport:B.http()}).readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:c.BTCVaultRegistryABI,functionName:"getBtcVaultBasicInfo",args:[t]}))[0]!==B.zeroAddress}catch{return!1}}async resolvePayoutScriptPubKey(t){let n;if(t)n=t;else{n=await this.config.btcWallet.getAddress();const o=await this.config.btcWallet.getPublicKeyHex();if(!k.isAddressFromPublicKey(n,o,this.config.btcNetwork))throw new Error("The BTC address from your wallet does not match the wallet's public key. Please ensure your wallet is using a supported address type (Taproot or Native SegWit).")}const s=k.getNetwork(this.config.btcNetwork);try{return`0x${Gt.address.toOutputScript(n,s).toString("hex")}`}catch{throw new Error(`Invalid BTC payout address: "${n}". Please provide a valid Bitcoin address for the ${this.config.btcNetwork} network.`)}}async signProofOfPossession(){if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const t=this.config.ethWallet.account.address,n=R(await this.config.btcWallet.getPublicKeyHex()),s=this.config.vaultContracts.btcVaultRegistry,o=`${t.toLowerCase()}:${this.config.ethChain.id}:pegin:${s.toLowerCase()}`,r=await this.config.btcWallet.signMessage(o,"bip322-simple");return{btcPopSignature:ne(r),depositorEthAddress:t,depositorBtcPubkey:n}}async assertPopMatchesBtcWallet(t){const n=R(await this.config.btcWallet.getPublicKeyHex()),s=R(t.depositorBtcPubkey);if(n!==s)throw new Error(`Proof of possession was signed with BTC pubkey ${s} but the BTC wallet is currently connected to ${n}. Reconnect the original wallet or call signProofOfPossession() again.`)}getNetwork(){return this.config.btcNetwork}getVaultContractAddress(){return this.config.vaultContracts.btcVaultRegistry}}class _t{constructor(t,n){x(this,"oHash");x(this,"iHash");x(this,"blockLen");x(this,"outputLen");x(this,"finished",!1);x(this,"destroyed",!1);if(c.ahash(t),c.abytes(n,void 0,"key"),this.iHash=t.create(),typeof this.iHash.update!="function")throw new Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const s=this.blockLen,o=new Uint8Array(s);o.set(n.length>s?t.create().update(n).digest():n);for(let r=0;r<o.length;r++)o[r]^=54;this.iHash.update(o),this.oHash=t.create();for(let r=0;r<o.length;r++)o[r]^=106;this.oHash.update(o),c.clean(o)}update(t){return c.aexists(this),this.iHash.update(t),this}digestInto(t){c.aexists(this),c.abytes(t,this.outputLen,"output"),this.finished=!0,this.iHash.digestInto(t),this.oHash.update(t),this.oHash.digestInto(t),this.destroy()}digest(){const t=new Uint8Array(this.oHash.outputLen);return this.digestInto(t),t}_cloneInto(t){t\|\|(t=Object.create(Object.getPrototypeOf(this),{}));const{oHash:n,iHash:s,finished:o,destroyed:r,blockLen:i,outputLen:a}=this;return t=t,t.finished=o,t.destroyed=r,t.blockLen=i,t.outputLen=a,t.oHash=n._cloneInto(t.oHash),t.iHash=s._cloneInto(t.iHash),t}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const V=(e,t,n)=>new _t(e,t).update(n).digest();V.create=(e,t)=>new _t(e,t);const re=Uint8Array.from([7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8]),Bt=Uint8Array.from(new Array(16).fill(0).map((e,t)=>t)),ie=Bt.map(e=>(9e+5)%16),Ht=(()=>{const n=[[Bt],[ie]];for(let s=0;s<4;s++)for(let o of n)o.push(o[s].map(r=>re[r]));return n})(),vt=Ht[0],At=Ht[1],Ct=[[11,14,15,12,5,8,7,9,11,13,14,15,6,7,9,8],[12,13,11,15,6,9,9,7,12,15,11,13,7,8,7,7],[13,15,14,11,7,7,6,8,13,14,13,12,5,5,6,9],[14,11,12,14,8,6,5,5,15,12,15,14,9,9,8,6],[15,12,13,13,9,5,8,6,14,11,12,11,8,6,5,5]].map(e=>Uint8Array.from(e)),ae=vt.map((e,t)=>e.map(n=>Ct[t][n])),ce=At.map((e,t)=>e.map(n=>Ct[t][n])),le=Uint32Array.from([0,1518500249,1859775393,2400959708,2840853838]),ue=Uint32Array.from([1352829926,1548603684,1836072691,2053994217,0]);function pt(e,t,n,s){return e===0?t^n^s:e===1?t&n\|~t&s:e===2?(t\|~n)^s:e===3?t&s\|n&~s:t^(n\|~s)}const U=new Uint32Array(16);class he extends c.HashMD{constructor(){super(64,20,8,!0);x(this,"h0",1732584193);x(this,"h1",-271733879);x(this,"h2",-1732584194);x(this,"h3",271733878);x(this,"h4",-1009589776)}get(){const{h0:n,h1:s,h2:o,h3:r,h4:i}=this;return[n,s,o,r,i]}set(n,s,o,r,i){this.h0=n\|0,this.h1=s\|0,this.h2=o\|0,this.h3=r\|0,this.h4=i\|0}process(n,s){for(let g=0;g<16;g++,s+=4)U[g]=n.getUint32(s,!0);let o=this.h0\|0,r=o,i=this.h1\|0,a=i,d=this.h2\|0,h=d,l=this.h3\|0,b=l,u=this.h4\|0,w=u;for(let g=0;g<5;g++){const P=4-g,E=le[g],y=ue[g],f=vt[g],p=At[g],m=ae[g],I=ce[g];for(let T=0;T<16;T++){const H=c.rotl(o+pt(g,i,d,l)+U[f[T]]+E,m[T])+u\|0;o=u,u=l,l=c.rotl(d,10)\|0,d=i,i=H}for(let T=0;T<16;T++){const H=c.rotl(r+pt(P,a,h,b)+U[p[T]]+y,I[T])+w\|0;r=w,w=b,b=c.rotl(h,10)\|0,h=a,a=H}}this.set(this.h1+d+b\|0,this.h2+l+w\|0,this.h3+u+r\|0,this.h4+o+a\|0,this.h0+i+h\|0)}roundClean(){c.clean(U)}destroy(){this.destroyed=!0,c.clean(this.buffer),this.set(0,0,0,0,0)}}const de=c.createHasher(()=>new he),fe=BigInt(0),$=BigInt(1),ge=BigInt(2),pe=BigInt(7),me=BigInt(256),be=BigInt(113),St=[],Ot=[],Rt=[];for(let e=0,t=$,n=1,s=0;e<24;e++){[n,s]=[s,(2n+3s)%5],St.push(2(5s+n)),Ot.push((e+1)(e+2)/2%64);let o=fe;for(let r=0;r<7;r++)t=(t<<$^(t>>pe)be)%me,t&ge&&(o^=$<<($<<BigInt(r))-$);Rt.push(o)}const $t=c.split(Rt,!0),ye=$t[0],we=$t[1],mt=(e,t,n)=>n>32?c.rotlBH(e,t,n):c.rotlSH(e,t,n),bt=(e,t,n)=>n>32?c.rotlBL(e,t,n):c.rotlSL(e,t,n);function xe(e,t=24){const n=new Uint32Array(10);for(let s=24-t;s<24;s++){for(let i=0;i<10;i++)n[i]=e[i]^e[i+10]^e[i+20]^e[i+30]^e[i+40];for(let i=0;i<10;i+=2){const a=(i+8)%10,d=(i+2)%10,h=n[d],l=n[d+1],b=mt(h,l,1)^n[a],u=bt(h,l,1)^n[a+1];for(let w=0;w<50;w+=10)e[i+w]^=b,e[i+w+1]^=u}let o=e[2],r=e[3];for(let i=0;i<24;i++){const a=Ot[i],d=mt(o,r,a),h=bt(o,r,a),l=St[i];o=e[l],r=e[l+1],e[l]=d,e[l+1]=h}for(let i=0;i<50;i+=10){for(let a=0;a<10;a++)n[a]=e[i+a];for(let a=0;a<10;a++)e[i+a]^=~n[(a+2)%10]&n[(a+4)%10]}e[0]^=ye[s],e[1]^=we[s]}c.clean(n)}class it{constructor(t,n,s,o=!1,r=24){x(this,"state");x(this,"pos",0);x(this,"posOut",0);x(this,"finished",!1);x(this,"state32");x(this,"destroyed",!1);x(this,"blockLen");x(this,"suffix");x(this,"outputLen");x(this,"enableXOF",!1);x(this,"rounds");if(this.blockLen=t,this.suffix=n,this.outputLen=s,this.enableXOF=o,this.rounds=r,c.anumber(s,"outputLen"),!(0<t&&t<200))throw new Error("only keccak-f1600 function is supported");this.state=new Uint8Array(200),this.state32=c.u32(this.state)}clone(){return this._cloneInto()}keccak(){c.swap32IfBE(this.state32),xe(this.state32,this.rounds),c.swap32IfBE(this.state32),this.posOut=0,this.pos=0}update(t){c.aexists(this),c.abytes(t);const{blockLen:n,state:s}=this,o=t.length;for(let r=0;r<o;){const i=Math.min(n-this.pos,o-r);for(let a=0;a<i;a++)s[this.pos++]^=t[r++];this.pos===n&&this.keccak()}return this}finish(){if(this.finished)return;this.finished=!0;const{state:t,suffix:n,pos:s,blockLen:o}=this;t[s]^=n,(n&128)!==0&&s===o-1&&this.keccak(),t[o-1]^=128,this.keccak()}writeInto(t){c.aexists(this,!1),c.abytes(t),this.finish();const n=this.state,{blockLen:s}=this;for(let o=0,r=t.length;o<r;){this.posOut>=s&&this.keccak();const i=Math.min(s-this.posOut,r-o);t.set(n.subarray(this.posOut,this.posOut+i),o),this.posOut+=i,o+=i}return t}xofInto(t){if(!this.enableXOF)throw new Error("XOF is not possible for this instance");return this.writeInto(t)}xof(t){return c.anumber(t),this.xofInto(new Uint8Array(t))}digestInto(t){if(c.aoutput(t,this),this.finished)throw new Error("digest() was already called");return this.writeInto(t),this.destroy(),t}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,c.clean(this.state)}_cloneInto(t){const{blockLen:n,suffix:s,outputLen:o,rounds:r,enableXOF:i}=this;return t\|\|(t=new it(n,s,o,i,r)),t.state32.set(this.state32),t.pos=this.pos,t.posOut=this.posOut,t.finished=this.finished,t.rounds=r,t.suffix=s,t.outputLen=o,t.enableXOF=i,t.destroyed=this.destroyed,t}}const Pe=(e,t,n,s={})=>c.createHasher(()=>new it(t,e,n),s),ke=Pe(1,136,32);function Ee(e,t,n,s){c.ahash(e);const o=c.checkOpts({dkLen:32,asyncTick:10},s),{c:r,dkLen:i,asyncTick:a}=o;if(c.anumber(r,"c"),c.anumber(i,"dkLen"),c.anumber(a,"asyncTick"),r<1)throw new Error("iterations (c) must be >= 1");const d=c.kdfInputToBytes(t,"password"),h=c.kdfInputToBytes(n,"salt"),l=new Uint8Array(i),b=V.create(e,d),u=b._cloneInto().update(h);return{c:r,dkLen:i,asyncTick:a,DK:l,PRF:b,PRFSalt:u}}function Te(e,t,n,s,o){return e.destroy(),t.destroy(),s&&s.destroy(),c.clean(o),n}function Ie(e,t,n,s){const{c:o,dkLen:r,DK:i,PRF:a,PRFSalt:d}=Ee(e,t,n,s);let h;const l=new Uint8Array(4),b=c.createView(l),u=new Uint8Array(a.outputLen);for(let w=1,g=0;g<r;w++,g+=a.outputLen){const P=i.subarray(g,g+a.outputLen);b.setInt32(0,w,!1),(h=d._cloneInto(h)).update(l).digestInto(u),P.set(u.subarray(0,P.length));for(let E=1;E<o;E++){a._cloneInto(h).update(u).digestInto(u);for(let y=0;y<P.length;y++)P[y]^=u[y]}}return Te(a,d,i,h,u)}function Lt(e){if(typeof e!="string")throw new TypeError("invalid mnemonic type: "+typeof e);return e.normalize("NFKD")}function _e(e){const t=Lt(e),n=t.split(" ");if(![12,15,18,21,24].includes(n.length))throw new Error("Invalid mnemonic");return{nfkd:t,words:n}}const Be=e=>Lt("mnemonic"+e);function He(e,t=""){return Ie(c.sha512,_e(e).nfkd,Be(t),{c:2048,dkLen:64})}const X=32,q=64,ve=4,_=20,nt=4,Ut=2,Ae=0,Ce=1,W=[64,64];function st(...e){const t=e.reduce((o,r)=>o+r.length,0),n=new Uint8Array(t);let s=0;for(const o of e)n.set(o,s),s+=o.length;return n}function j(e){return new TextEncoder().encode(e)}function Z(e){const t=new Uint8Array(ve);return new DataView(t.buffer).setUint32(0,e.length,!1),st(t,e)}function yt(e){return e.startsWith("0x")\|\|e.startsWith("0X")?e.slice(2):e}const Se=e=>Array.from(e).map(t=>t.toString(16).padStart(2,"0")).join("");function Oe(e,t){return V(c.sha512,e,t)}function at(e){return de(c.sha256(e))}function Wt(e){return(1<<e)-1}function Re(e){let t=1;for(;tt<e+1;)t++;return Math.max(t,2)}function $e(e){const t=nt,n=Wt(t),s=en;return{d:t,n:e,checksum_radix:Re(s)}}function G(e,t){const n=[];let s=t;for(;s>0;)n.push(s&255),s>>>=8;const o=new Uint8Array(e.length+n.length);o.set(e);for(let r=0;r<n.length;r++)o[e.length+r]=n[r];return at(o)}function z(e,t){let n=e;for(let s=0;s<t;s++)n=at(n);return n}function Le(e,t){const n=Wt(t.d),s=t.checksum_radix-1,o=Math.floor(t.nn/t.checksum_radix),r=[];for(let l=0;l<t.n;l++){const b=G(e,l+Ut),u=z(b,n);r.push(Array.from(u))}const i=G(e,Ae),a=z(i,s),d=G(e,Ce),h=z(d,o);return{config:t,message_terminals:r,checksum_major_terminal:Array.from(h),checksum_minor_terminal:Array.from(a)}}function Ft(e){const t=He(e),n=new Uint8Array(t);return t.fill(0),n}async function Mt(e,t,n,s){if(e.length!==q)throw new Error(`WOTS seed must be exactly ${q} bytes, got ${e.length}`);const o=yt(t).toLowerCase(),r=yt(n).toLowerCase(),i=e.slice(X,q),a=e.slice(0,X),d=st(a,st(Z(j(o)),Z(j(r)),Z(j(s.toLowerCase())))),h=Oe(i,d),l=h.slice(0,X);try{const b=[];for(let u=0;u<W.length;u++){const w=W[u],g=$e(w),P=new Uint8Array(l.length+1);P.set(l),P[l.length]=u;const E=at(P);try{const y=Le(E,g);if(y.config.d!==nt)throw new Error(`Block ${u}: expected d=${nt}, got d=${y.config.d}`);if(y.config.n!==w)throw new Error(`Block ${u}: expected n=${w}, got n=${y.config.n}`);if(y.message_terminals.length!==w)throw new Error(`Block ${u}: expected ${w} message terminals, got ${y.message_terminals.length}`);for(let f=0;f<y.message_terminals.length;f++)if(y.message_terminals[f].length!==_)throw new Error(`Block ${u} terminal ${f}: expected ${_} bytes, got ${y.message_terminals[f].length}`);if(y.checksum_minor_terminal.length!==_)throw new Error(`Block ${u} checksum_minor: expected ${_} bytes`);if(y.checksum_major_terminal.length!==_)throw new Error(`Block ${u} checksum_major: expected ${_} bytes`);b.push(y)}finally{P.fill(0),E.fill(0)}}if(b.length!==W.length)throw new Error(`Expected ${W.length} blocks, got ${b.length}`);return b}finally{d.fill(0),i.fill(0),a.fill(0),h.fill(0),l.fill(0),e.fill(0)}}function Y(e,t,n){if(e.length!==_)throw new Error(`Block ${t} ${n}: expected ${_} bytes, got ${e.length}`);for(let s=0;s<e.length;s++){const o=e[s];if(!Number.isInteger(o)\|\|o<0\|\|o>255)throw new Error(`Block ${t} ${n}[${s}]: invalid byte value ${o}`)}}function Nt(e){if(e.length===0)throw new Error("Public keys array must not be empty");for(let r=0;r<e.length;r++){const i=e[r];Y(i.checksum_minor_terminal,r,"checksum_minor_terminal"),Y(i.checksum_major_terminal,r,"checksum_major_terminal");for(let a=0;a<i.message_terminals.length;a++)Y(i.message_terminals[a],r,`message_terminal[${a}]`)}let t=0;for(const r of e)t+=Ut+r.message_terminals.length;const n=new Uint8Array(t_);let s=0;for(const r of e){n.set(r.checksum_minor_terminal,s),s+=_,n.set(r.checksum_major_terminal,s),s+=_;for(const i of r.message_terminals)n.set(i,s),s+=_}const o=ke(n);return`0x${Se(o)}`}async function Ue(e,t,n,s){const o=Ft(e);try{const r=await Mt(o,t,n,s);return Nt(r)}finally{o.fill(0)}}function We(e){const t=(e instanceof Error?e.message:typeof e=="string"?e:"").toLowerCase();return t.includes("wots")&&t.includes("hash")&&t.includes("does not match")}const J=Uint8Array.of(0),wt=Uint8Array.of();function ct(e,t,n,s=32){c.ahash(e),c.anumber(s,"length");const o=e.outputLen;if(s>255o)throw new Error("Length must be <= 255HashLen");const r=Math.ceil(s/o);n===void 0?n=wt:c.abytes(n,void 0,"info");const i=new Uint8Array(ro),a=V.create(e,t),d=a._cloneInto(),h=new Uint8Array(a.outputLen);for(let l=0;l<r;l++)J[0]=l+1,d.update(l===0?wt:h).update(n).update(J).digestInto(h),i.set(h,ol),a._cloneInto(d);return a.destroy(),d.destroy(),c.clean(h,J),i.slice(0,s)}const Q=new TextEncoder().encode("babylonvault"),xt=255,Pt=65535,kt=2,Fe="hashlock",Me="auth-anchor",Ne="wots-seed";function Vt(e){if(!Number.isInteger(e)\|\|e<0\|\|e>4294967295)throw new Error(`i2osp4: value must be a u32, got ${e}`);const t=new Uint8Array(4);return t[0]=e>>>24&255,t[1]=e>>>16&255,t[2]=e>>>8&255,t[3]=e&255,t}function lt(e,t=new Uint8Array(0)){const n=new TextEncoder().encode(e);if(n.length===0\|\|n.length>xt)throw new Error(`info: label length must be in [1, ${xt}], got ${n.length}`);if(t.length>Pt)throw new Error(`info: ctx length must be in [0, ${Pt}], got ${t.length}`);const s=Q.length+1+n.length+kt+t.length,o=new Uint8Array(s);let r=0;return o.set(Q,r),r+=Q.length,o[r]=n.length,r+=1,o.set(n,r),r+=n.length,o[r]=t.length>>>8&255,o[r+1]=t.length&255,r+=kt,o.set(t,r),o}const Et=32,Ve=32,De=32,Ke=64;function ut(e){if(e.length!==Et)throw new Error(`vault-secrets: root must be exactly ${Et} bytes, got ${e.length}`)}function Xe(e){return ut(e),ct(c.sha256,e,lt(Me),Ve)}function qe(e,t){return ut(e),ct(c.sha256,e,lt(Fe,Vt(t)),De)}function je(e,t){return ut(e),ct(c.sha256,e,lt(Ne,Vt(t)),Ke)}const L=32,tt=32,ot=36,Dt=32,M=4,Ze=M+L+M+Dt;function rt(e,t,n){e[t]=n>>>24&255,e[t+1]=n>>>16&255,e[t+2]=n>>>8&255,e[t+3]=n&255}function Ge(e){if(e.txid.length!==tt)throw new Error(`outpoint.txid must be exactly ${tt} bytes, got ${e.txid.length}`);if(!Number.isInteger(e.vout)\|\|e.vout<0\|\|e.vout>4294967295)throw new Error(`outpoint.vout must be a u32, got ${e.vout}`);const t=new Uint8Array(ot);return t.set(e.txid,0),rt(t,tt,e.vout),t}function Tt(e,t){const n=Math.min(e.length,t.length);for(let s=0;s<n;s++)if(e[s]!==t[s])return e[s]-t[s];return e.length-t.length}function Kt(e){if(e.length===0)throw new Error("buildFundingOutpointsCommitment: outpoints must be non-empty");const t=e.map(Ge);t.sort(Tt);for(let s=1;s<t.length;s++)if(Tt(t[s-1],t[s])===0)throw new Error("buildFundingOutpointsCommitment: duplicate outpoint detected");const n=new Uint8Array(t.lengthot);for(let s=0;s<t.length;s++)n.set(t[s],sot);return c.sha256(n)}function ze(e){if(e.depositorBtcPubkey.length!==L)throw new Error(`vaultContext: depositorBtcPubkey must be exactly ${L} bytes, got ${e.depositorBtcPubkey.length}`);const t=Kt(e.fundingOutpoints),n=new Uint8Array(Ze);let s=0;return rt(n,s,L),s+=M,n.set(e.depositorBtcPubkey,s),s+=L,rt(n,s,Dt),s+=M,n.set(t,s),n}exports.CONTRACT_ERRORS=C;exports.PeginManager=oe;exports.buildFundingOutpointsCommitment=Kt;exports.buildVaultContext=ze;exports.computeWotsBlockPublicKeysHash=Nt;exports.deriveWotsBlockPublicKeys=Mt;exports.deriveWotsPkHash=Ue;exports.expandAuthAnchor=Xe;exports.expandHashlockSecret=qe;exports.expandWotsSeed=je;exports.extractErrorData=N;exports.getContractErrorMessage=zt;exports.handleContractError=A;exports.isKnownContractError=Yt;exports.isWotsMismatchError=We;exports.mnemonicToWotsSeed=Ft;
2	+ //# sourceMappingURL=context-BSdcD4J_.cjs.map