npm - @babylonlabs-io/ts-sdk - Versions diffs - 0.31.0 → 0.33.0 - Mend

@babylonlabs-io/ts-sdk 0.31.0 → 0.33.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (120) hide show

package/dist/{psbtInputFields-DeTFSJOq.js.map → psbtInputFields-DPCFHgGd.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"psbtInputFields-DeTFSJOq.js","sources":["../src/tbv/core/utils/utxo/availability.ts","../src/tbv/core/utils/utxo/reservation.ts","../src/tbv/core/utils/utxo/selectUtxos.ts","../src/tbv/core/utils/transaction/btcTxHash.ts","../src/tbv/core/utils/btc/scriptType.ts","../src/tbv/core/utils/btc/psbtInputFields.ts"],"sourcesContent":["/*\n UTXO Availability Validation\n \n Validates that UTXOs referenced in a pre-pegin transaction are still unspent\n * BEFORE asking the user to sign. This prevents wasted signing effort when\n * UTXOs have already been spent by unrelated transactions.\n \n These functions are pure — they accept pre-fetched UTXOs and perform no I/O.\n * The vault service wrapper is responsible for fetching UTXOs from the mempool.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport type { UtxoRef } from \"./reservation\";\n\n/\n Information about a missing/spent UTXO.\n /\nexport interface MissingUtxoInfo {\n /* Transaction ID of the missing UTXO /\n txid: string;\n /* Output index of the missing UTXO /\n vout: number;\n}\n\n/\n Result of UTXO validation.\n /\nexport interface UtxoValidationResult {\n /* Whether all UTXOs are still available /\n allAvailable: boolean;\n /* List of missing UTXOs (if any) /\n missingUtxos: MissingUtxoInfo[];\n /* Total number of inputs checked /\n totalInputs: number;\n}\n\n/\n Error thrown when UTXOs are not available.\n /\nexport class UtxoNotAvailableError extends Error {\n public readonly missingUtxos: MissingUtxoInfo[];\n\n constructor(missingUtxos: MissingUtxoInfo[]) {\n const count = missingUtxos.length;\n const message =\n count === 1\n ? \"The UTXO for this peg-in is no longer available. It may have been spent in another transaction. Please create a new peg-in request with a different UTXO.\"\n : `${count} UTXOs for this peg-in are no longer available. They may have been spent. Please create a new peg-in request with different UTXOs.`;\n\n super(message);\n this.name = \"UtxoNotAvailableError\";\n this.missingUtxos = missingUtxos;\n }\n}\n\n/\n Extract input references (txid:vout) from an unsigned transaction.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @returns Array of input references\n /\nexport function extractInputsFromTransaction(\n unsignedTxHex: string,\n): Array<{ txid: string; vout: number }> {\n const cleanHex = unsignedTxHex.startsWith(\"0x\")\n ? unsignedTxHex.slice(2)\n : unsignedTxHex;\n\n let tx: Transaction;\n try {\n tx = Transaction.fromHex(cleanHex);\n } catch (error) {\n throw new Error(\n `Failed to parse BTC transaction: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n\n return tx.ins.map((input) => ({\n // Bitcoin stores txid in reverse byte order\n txid: Buffer.from(input.hash).reverse().toString(\"hex\"),\n vout: input.index,\n }));\n}\n\n/\n Validate that all UTXOs in a transaction are still available.\n \n Pure function — accepts pre-fetched UTXOs instead of making network calls.\n * This should be called BEFORE signing to avoid wasting user effort\n * signing a transaction that will fail to broadcast.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @returns Validation result with missing UTXO details\n /\nexport function validateUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): UtxoValidationResult {\n const inputs = extractInputsFromTransaction(unsignedTxHex);\n\n if (inputs.length === 0) {\n throw new Error(\"Transaction has no inputs\");\n }\n\n // Detect duplicate inputs (same txid:vout referenced more than once).\n // This would produce an invalid Bitcoin transaction.\n const inputKeys = new Set<string>();\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (inputKeys.has(key)) {\n throw new Error(\n `Transaction contains duplicate input ${input.txid}:${input.vout}. ` +\n `This would produce an invalid Bitcoin transaction.`,\n );\n }\n inputKeys.add(key);\n }\n\n // Create a set of available UTXOs for O(1) lookup (lowercase for consistency with reservation.ts)\n const availableSet = new Set(\n availableUtxos.map((utxo) => `${utxo.txid.toLowerCase()}:${utxo.vout}`),\n );\n\n // Check which inputs are missing\n const missingUtxos: MissingUtxoInfo[] = [];\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (!availableSet.has(key)) {\n missingUtxos.push({\n txid: input.txid,\n vout: input.vout,\n });\n }\n }\n\n return {\n allAvailable: missingUtxos.length === 0,\n missingUtxos,\n totalInputs: inputs.length,\n };\n}\n\n/\n Validate UTXOs and throw if any are not available.\n \n Pure convenience function that combines validation and error throwing.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @throws UtxoNotAvailableError if any UTXOs are not available\n * @throws Error if validation fails\n /\nexport function assertUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): void {\n const result = validateUtxosAvailable(unsignedTxHex, availableUtxos);\n\n if (!result.allAvailable) {\n throw new UtxoNotAvailableError(result.missingUtxos);\n }\n}\n","/\n UTXO reservation utilities for vault deposits.\n \n Handles tracking which UTXOs are already in use by pending deposits\n * and selecting available UTXOs with smart fallback logic.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport { stripHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { ContractStatus } from \"../../services/deposit/peginState\";\nimport {\n FEE_SAFETY_MARGIN,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/* A txid:vout pair uniquely identifying a UTXO (outpoint). /\nexport interface UtxoRef {\n txid: string;\n vout: number;\n}\n\n/* Narrow structural type for pending pegin data. /\nexport interface PendingPeginLike {\n /\n Optional vault id. When present, used to skip pending pegins that are\n * already indexed on-chain so the canonical vault copy wins over a\n * tamperable off-chain entry.\n /\n id?: string;\n selectedUTXOs?: Array<{ txid: string; vout: number }>;\n unsignedTxHex?: string;\n}\n\n/* Narrow structural type for vault data. /\nexport interface VaultLike {\n /\n Optional vault id. When present, enables on-chain correlation with\n * pending pegins sharing the same id.\n /\n id?: string;\n status: number;\n unsignedPrePeginTx: string;\n}\n\nexport interface SelectUtxosForDepositParams<\n T extends { txid: string; vout: number; value: number },\n> {\n /* All available UTXOs from the wallet. /\n availableUtxos: T[];\n /* UTXOs that are reserved/in-flight and should be avoided if possible. /\n reservedUtxoRefs: UtxoRef[];\n /* Required deposit amount in satoshis (excluding fees). /\n requiredAmount: bigint;\n /* Fee rate in sat/vB. Used to estimate fee buffer for sufficiency check. /\n feeRate: number;\n}\n\n/* Narrow structural type for early UTXO reservations (pre-ETH-registration). /\nexport interface UtxoReservationLike {\n unsignedTxHex: string;\n}\n\nexport interface CollectReservedUtxoRefsParams {\n vaults?: VaultLike[];\n pendingPegins?: PendingPeginLike[];\n utxoReservations?: UtxoReservationLike[];\n}\n\n// ============================================================================\n// Internal Helpers\n// ============================================================================\n\n/\n Parse a transaction hex and return the UTXO references of all inputs.\n \n Parse failures are logged and yield no refs. A malformed hex from an\n * untrusted source (e.g. off-chain storage) must not silently collapse the\n * reservation set — logging makes tampering visible in telemetry instead\n * of swallowing the error.\n /\nfunction extractInputUtxoRefs(txHex: string): UtxoRef[] {\n try {\n const tx = Transaction.fromHex(stripHexPrefix(txHex));\n return tx.ins.map((input) => {\n const txid = Buffer.from(input.hash).reverse().toString(\"hex\");\n return { txid, vout: input.index };\n });\n } catch (error) {\n console.warn(\n \"[utxoReservation] Failed to parse transaction hex; skipping inputs\",\n {\n category: \"utxoReservation\",\n error: error instanceof Error ? error.message : String(error),\n },\n );\n return [];\n }\n}\n\n/* Check if a UTXO matches any reserved ref (case-insensitive txid comparison). /\nfunction isUtxoReserved(\n utxo: { txid: string; vout: number },\n reservedRefs: UtxoRef[],\n): boolean {\n const txidLower = utxo.txid.toLowerCase();\n return reservedRefs.some(\n (ref) => ref.txid.toLowerCase() === txidLower && ref.vout === utxo.vout,\n );\n}\n\n/\n Estimate minimum fee buffer for UTXO pre-selection.\n \n WARNING: This is a ROUGH ESTIMATE used only to check if unreserved UTXOs\n * are likely sufficient BEFORE the actual signing flow begins. The actual\n * fee calculation happens in the SDK's `selectUtxosForPegin` during signing.\n \n Assumptions:\n * - 2 inputs (conservative estimate for most deposits)\n * - 1 vault output (P2TR, 43 vBytes)\n * - 1 change output (P2TR, 43 vBytes)\n * - Transaction overhead (11 vBytes)\n * - 10% safety margin\n /\nfunction estimateMinimumFeeBuffer(feeRate: number): bigint {\n const ASSUMED_INPUTS = 2;\n\n const estimatedTxSize =\n ASSUMED_INPUTS P2TR_INPUT_SIZE +\n MAX_NON_LEGACY_OUTPUT_SIZE + // vault output\n MAX_NON_LEGACY_OUTPUT_SIZE + // change output\n TX_BUFFER_SIZE_OVERHEAD;\n\n const estimatedFee = Math.ceil(estimatedTxSize * feeRate * FEE_SAFETY_MARGIN);\n return BigInt(estimatedFee);\n}\n\n// ============================================================================\n// Public API\n// ============================================================================\n\n/*\n Collect UTXO refs from in-flight deposits (PENDING/VERIFIED vaults and\n * pending pegins).\n \n On-chain vault data is canonical: for any pending pegin whose `id` matches\n * an indexed on-chain vault, the pending-pegin copy is ignored entirely —\n * the `vaults` branch below extracts refs from the indexer-supplied\n * `unsignedPrePeginTx` so tampered off-chain data cannot poison the\n * reservation set once the vault is indexed.\n \n For pegins not yet indexed, refs are derived from the stored\n * `unsignedTxHex` only. The `selectedUTXOs` sidecar is NOT used for\n * reservation: if it disagreed with the transaction's inputs (e.g. because\n * the off-chain source was tampered), trusting it would poison the reserved\n * set. The transaction hex must be validated at the source boundary before\n * being handed to this function; parsing and using its inputs is the single\n * source of truth here.\n /\nexport function collectReservedUtxoRefs(\n params: CollectReservedUtxoRefsParams,\n): UtxoRef[] {\n const reserved: UtxoRef[] = [];\n const {\n vaults = [],\n pendingPegins = [],\n utxoReservations = [],\n } = params;\n\n const onChainVaultIds = new Set(\n vaults\n .map((v) => v.id?.toLowerCase())\n .filter((id): id is string => id !== undefined),\n );\n\n for (const pending of pendingPegins) {\n if (pending.id && onChainVaultIds.has(pending.id.toLowerCase())) {\n continue;\n }\n if (pending.unsignedTxHex) {\n reserved.push(...extractInputUtxoRefs(pending.unsignedTxHex));\n }\n }\n\n for (const vault of vaults) {\n if (\n vault.status !== ContractStatus.PENDING &&\n vault.status !== ContractStatus.VERIFIED\n ) {\n continue;\n }\n reserved.push(...extractInputUtxoRefs(vault.unsignedPrePeginTx));\n }\n\n // Early reservations written before ETH registration to prevent cross-tab\n // UTXO conflicts. These are cleaned up when the deposit completes or fails.\n for (const reservation of utxoReservations) {\n reserved.push(...extractInputUtxoRefs(reservation.unsignedTxHex));\n }\n\n return reserved;\n}\n\n/\n Select UTXOs for a deposit, filtering out reserved ones.\n \n Logic:\n * 1. Filter out reserved UTXOs from the available pool\n * 2. If unreserved UTXOs are sufficient for the required amount + estimated fee, return them\n * 3. Otherwise, throw — never silently reuse reserved UTXOs, as this risks double-spend\n * failures that strand registered-but-unbroadcastable vaults\n \n @param params - Selection parameters\n * @returns Array of unreserved UTXOs to use for the deposit\n * @throws When all UTXOs are reserved or unreserved UTXOs are insufficient\n /\nexport function selectUtxosForDeposit<\n T extends { txid: string; vout: number; value: number },\n>(params: SelectUtxosForDepositParams<T>): T[] {\n const { availableUtxos, reservedUtxoRefs, requiredAmount, feeRate } = params;\n\n // Edge case: no UTXOs available\n if (!availableUtxos \|\| availableUtxos.length === 0) {\n return [];\n }\n\n // Edge case: no reservations, return all\n if (reservedUtxoRefs.length === 0) {\n return availableUtxos;\n }\n\n // Filter out reserved UTXOs\n const unreserved = availableUtxos.filter(\n (utxo) => !isUtxoReserved(utxo, reservedUtxoRefs),\n );\n\n if (unreserved.length === 0) {\n throw new Error(\n \"All available UTXOs are reserved by pending deposits. \" +\n \"Wait for pending deposits to confirm or cancel them before starting a new deposit.\",\n );\n }\n\n const feeBuffer = estimateMinimumFeeBuffer(feeRate);\n const totalRequired = requiredAmount + feeBuffer;\n const unreservedTotal = unreserved.reduce(\n (sum, u) => sum + BigInt(u.value),\n 0n,\n );\n if (unreservedTotal < totalRequired) {\n throw new Error(\n \"Insufficient unreserved UTXOs for this deposit amount. \" +\n \"Wait for pending deposits to confirm or cancel them.\",\n );\n }\n\n return unreserved;\n}\n","/\n UTXO selection utilities for peg-in transactions.\n * Follows btc-staking-ts methodology with iterative fee calculation.\n /\n\nimport { script as bitcoinScript } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport {\n BTC_DUST_SAT,\n DUST_THRESHOLD,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n rateBasedTxBufferFee,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n/\n Unspent Transaction Output (UTXO) for funding peg-in transactions.\n /\nexport interface UTXO {\n /\n Transaction ID of the UTXO (64-char hex without 0x prefix).\n /\n txid: string;\n\n /\n Output index within the transaction.\n /\n vout: number;\n\n /\n Value in satoshis.\n /\n value: number;\n\n /\n Script public key hex.\n /\n scriptPubKey: string;\n}\n\nexport interface UTXOSelectionResult {\n selectedUTXOs: UTXO[];\n totalValue: bigint;\n fee: bigint;\n changeAmount: bigint;\n}\n\n/\n Assert that no two UTXOs share the same txid:vout outpoint.\n * Duplicates from a buggy or compromised UTXO source would produce\n * an invalid Bitcoin transaction that double-spends the same outpoint.\n /\nfunction assertNoDuplicateUtxos(utxos: UTXO[]): void {\n const seen = new Set<string>();\n for (const utxo of utxos) {\n const key = `${utxo.txid.toLowerCase()}:${utxo.vout}`;\n if (seen.has(key)) {\n throw new Error(\n `Duplicate UTXO detected: ${utxo.txid}:${utxo.vout}. ` +\n `This indicates a data integrity issue with the UTXO source.`,\n );\n }\n seen.add(key);\n }\n}\n\n/\n Selects UTXOs to fund a peg-in transaction with iterative fee calculation.\n \n This function implements the btc-staking-ts approach:\n * 1. Filter UTXOs for script validity (no minimum value filter)\n * 2. Sort by value (largest first) to minimize number of inputs\n * 3. Iteratively add UTXOs and recalculate fee until we have enough\n \n The fee recalculation is critical because:\n * - Each UTXO added increases transaction size → increases fee\n * - More fee needed might require another UTXO\n * - Change output detection affects fee (adds output size if needed)\n \n @param availableUTXOs - All available UTXOs from wallet\n * @param peginAmount - Amount to peg in (satoshis)\n * @param feeRate - Fee rate (sat/vbyte)\n * @param numOutputs - Number of outputs in the unfunded transaction (HTLC + CPFP anchor, before change)\n * @returns Selected UTXOs, total value, calculated fee, and change amount\n * @throws Error if insufficient funds or no valid UTXOs\n /\nexport function selectUtxosForPegin(\n availableUTXOs: UTXO[],\n peginAmount: bigint,\n feeRate: number,\n numOutputs: number,\n): UTXOSelectionResult {\n if (!Number.isInteger(numOutputs) \|\| numOutputs < 1) {\n throw new Error(\n `Invalid numOutputs: expected a positive integer, got ${numOutputs}`,\n );\n }\n\n if (availableUTXOs.length === 0) {\n throw new Error(\"Insufficient funds: no UTXOs available\");\n }\n\n assertNoDuplicateUtxos(availableUTXOs);\n\n // Filter for script validity ONLY (matching btc-staking-ts approach)\n // No minimum value filter - we accept any UTXO with valid script\n const validUTXOs = availableUTXOs.filter((utxo) => {\n const script = Buffer.from(utxo.scriptPubKey, \"hex\");\n const decompiledScript = bitcoinScript.decompile(script);\n return !!decompiledScript;\n });\n\n if (validUTXOs.length === 0) {\n throw new Error(\n \"Insufficient funds: no valid UTXOs available (all have invalid scripts)\",\n );\n }\n\n // Sort by value: HIGHEST to LOWEST (use big UTXOs first)\n // Use spread to avoid mutating the original array\n const sortedUTXOs = [...validUTXOs].sort((a, b) => b.value - a.value);\n\n const selectedUTXOs: UTXO[] = [];\n let accumulatedValue = 0n;\n let estimatedFee = 0n;\n\n // Iteratively select UTXOs and recalculate fee\n for (const utxo of sortedUTXOs) {\n selectedUTXOs.push(utxo);\n accumulatedValue += BigInt(utxo.value);\n\n // Recalculate fee based on CURRENT number of inputs\n const inputSize = selectedUTXOs.length P2TR_INPUT_SIZE;\n const outputSize = numOutputs * MAX_NON_LEGACY_OUTPUT_SIZE;\n const baseTxSize = inputSize + outputSize + TX_BUFFER_SIZE_OVERHEAD;\n\n // Calculate base fee with buffer\n estimatedFee =\n BigInt(Math.ceil(baseTxSize * feeRate)) +\n BigInt(rateBasedTxBufferFee(feeRate));\n\n // Check if there will be change left after pegin amount and fee\n const changeAmount = accumulatedValue - peginAmount - estimatedFee;\n\n // If change is above dust, add fee for change output\n if (changeAmount > DUST_THRESHOLD) {\n const changeOutputFee = BigInt(\n Math.ceil(MAX_NON_LEGACY_OUTPUT_SIZE * feeRate),\n );\n estimatedFee += changeOutputFee;\n }\n\n // Check if we have enough to cover pegin amount + fees\n if (accumulatedValue >= peginAmount + estimatedFee) {\n // Success! We have enough funds\n const finalChangeAmount = accumulatedValue - peginAmount - estimatedFee;\n\n return {\n selectedUTXOs,\n totalValue: accumulatedValue,\n fee: estimatedFee,\n changeAmount: finalChangeAmount,\n };\n }\n }\n\n // If we get here, we don't have enough funds\n throw new Error(\n `Insufficient funds: need ${peginAmount + estimatedFee} sats (${peginAmount} pegin + ${estimatedFee} fee), have ${accumulatedValue} sats`,\n );\n}\n\n/*\n Checks if change amount is above dust threshold.\n \n @param changeAmount - Change amount in satoshis\n * @returns true if change should be added as output, false if it should go to miners\n /\nexport function shouldAddChangeOutput(changeAmount: bigint): boolean {\n return changeAmount > DUST_THRESHOLD;\n}\n\n/\n Gets the dust threshold value.\n \n @returns Dust threshold in satoshis\n /\nexport function getDustThreshold(): number {\n return BTC_DUST_SAT;\n}\n","/\n Bitcoin Transaction Hash Utilities\n \n Provides utilities for calculating Bitcoin transaction hashes in a way that matches\n * the contract's BtcUtils.hashBtcTx() implementation.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport type { Hex } from \"viem\";\n\n/\n Calculate Bitcoin transaction hash\n \n This matches the contract's BtcUtils.hashBtcTx() implementation:\n * 1. Double SHA256 the transaction bytes\n * 2. Reverse the byte order (Bitcoin convention)\n \n The resulting hash is used as the unique vault identifier in the BTCVaultRegistry contract.\n \n @param txHex - Transaction hex (with or without 0x prefix)\n * @returns The transaction hash as Hex (with 0x prefix)\n /\nexport function calculateBtcTxHash(txHex: string): Hex {\n // Remove 0x prefix if present\n const cleanHex = txHex.startsWith(\"0x\") ? txHex.slice(2) : txHex;\n\n // Use bitcoinjs-lib to calculate transaction ID (already does double SHA256 + reverse)\n const tx = Transaction.fromHex(cleanHex);\n const txid = tx.getId();\n\n // Return with 0x prefix to match Ethereum hex format\n return `0x${txid}` as Hex;\n}\n","/\n Bitcoin Script Type Detection\n \n Utilities to detect Bitcoin script types for proper PSBT input construction.\n \n @module utils/btc/scriptType\n /\n\n/\n Bitcoin script types.\n /\nexport enum BitcoinScriptType {\n P2PKH = \"P2PKH\",\n P2SH = \"P2SH\",\n P2WPKH = \"P2WPKH\",\n P2WSH = \"P2WSH\",\n P2TR = \"P2TR\",\n UNKNOWN = \"UNKNOWN\",\n}\n\n/\n Detect the type of a Bitcoin script.\n \n @param scriptPubKey - The script public key buffer\n * @returns The detected script type\n \n @example\n * ```typescript\n * const scriptType = getScriptType(Buffer.from(scriptPubKeyHex, 'hex'));\n * if (scriptType === BitcoinScriptType.P2TR) {\n * // Handle Taproot input\n * }\n * ```\n /\nexport function getScriptType(scriptPubKey: Buffer): BitcoinScriptType {\n const length = scriptPubKey.length;\n\n // P2PKH: OP_DUP OP_HASH160 <20 bytes> OP_EQUALVERIFY OP_CHECKSIG (25 bytes)\n if (\n length === 25 &&\n scriptPubKey[0] === 0x76 && // OP_DUP\n scriptPubKey[1] === 0xa9 && // OP_HASH160\n scriptPubKey[2] === 0x14 && // Push 20 bytes\n scriptPubKey[23] === 0x88 && // OP_EQUALVERIFY\n scriptPubKey[24] === 0xac // OP_CHECKSIG\n ) {\n return BitcoinScriptType.P2PKH;\n }\n\n // P2SH: OP_HASH160 <20 bytes> OP_EQUAL (23 bytes)\n if (\n length === 23 &&\n scriptPubKey[0] === 0xa9 && // OP_HASH160\n scriptPubKey[1] === 0x14 && // Push 20 bytes\n scriptPubKey[22] === 0x87 // OP_EQUAL\n ) {\n return BitcoinScriptType.P2SH;\n }\n\n // P2WPKH: OP_0 <20 bytes> (22 bytes)\n if (\n length === 22 &&\n scriptPubKey[0] === 0x00 && // OP_0\n scriptPubKey[1] === 0x14 // Push 20 bytes\n ) {\n return BitcoinScriptType.P2WPKH;\n }\n\n // P2WSH: OP_0 <32 bytes> (34 bytes)\n if (\n length === 34 &&\n scriptPubKey[0] === 0x00 && // OP_0\n scriptPubKey[1] === 0x20 // Push 32 bytes\n ) {\n return BitcoinScriptType.P2WSH;\n }\n\n // P2TR (Taproot): OP_1 <32 bytes> (34 bytes)\n if (\n length === 34 &&\n scriptPubKey[0] === 0x51 && // OP_1\n scriptPubKey[1] === 0x20 // Push 32 bytes\n ) {\n return BitcoinScriptType.P2TR;\n }\n\n return BitcoinScriptType.UNKNOWN;\n}\n\n","/\n PSBT Input Field Construction\n \n Constructs the correct PSBT input fields for a given UTXO based on its script type.\n \n @module utils/btc/psbtInputFields\n /\n\nimport { Buffer } from \"buffer\";\n\nimport { BitcoinScriptType, getScriptType } from \"./scriptType\";\n\n/\n PSBT input fields for supported script types (P2TR, P2WPKH, P2WSH).\n /\nexport interface PsbtInputFields {\n witnessUtxo?: {\n script: Buffer;\n value: number;\n };\n witnessScript?: Buffer;\n tapInternalKey?: Buffer;\n}\n\n/\n UTXO information for PSBT construction.\n \n Only supports Taproot (P2TR) and native SegWit (P2WPKH, P2WSH) script types.\n /\nexport interface UtxoForPsbt {\n /* Transaction ID of the UTXO /\n txid: string;\n /* Output index (vout) of the UTXO /\n vout: number;\n /* Value of the UTXO in satoshis /\n value: number;\n /* ScriptPubKey of the UTXO (hex string) /\n scriptPubKey: string;\n /* Witness script (required for P2WSH) /\n witnessScript?: string;\n}\n\n/\n Get PSBT input fields for a given UTXO based on its script type.\n \n Only supports Taproot (P2TR) and native SegWit (P2WPKH, P2WSH) script types.\n \n @param utxo - The unspent transaction output to process\n * @param publicKeyNoCoord - The x-only public key (32 bytes) for Taproot signing\n * @returns PSBT input fields object containing the necessary data\n * @throws Error if required input data is missing or unsupported script type\n */\nexport function getPsbtInputFields(\n utxo: UtxoForPsbt,\n publicKeyNoCoord?: Buffer,\n): PsbtInputFields {\n const scriptPubKey = Buffer.from(utxo.scriptPubKey, \"hex\");\n const type = getScriptType(scriptPubKey);\n\n switch (type) {\n case BitcoinScriptType.P2WPKH: {\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n };\n }\n\n case BitcoinScriptType.P2WSH: {\n if (!utxo.witnessScript) {\n throw new Error(\"Missing witnessScript for P2WSH input\");\n }\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n witnessScript: Buffer.from(utxo.witnessScript, \"hex\"),\n };\n }\n\n case BitcoinScriptType.P2TR: {\n if (publicKeyNoCoord && publicKeyNoCoord.length !== 32) {\n throw new Error(\n `Invalid tapInternalKey length: expected 32 bytes, got ${publicKeyNoCoord.length}`,\n );\n }\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n // tapInternalKey is needed for Taproot signing\n ...(publicKeyNoCoord && { tapInternalKey: publicKeyNoCoord }),\n };\n }\n\n default:\n throw new Error(`Unsupported script type: ${type}`);\n }\n}\n\n"],"names":["UtxoNotAvailableError","missingUtxos","count","message","__publicField","extractInputsFromTransaction","unsignedTxHex","cleanHex","tx","Transaction","error","input","Buffer","validateUtxosAvailable","availableUtxos","inputs","inputKeys","key","availableSet","utxo","assertUtxosAvailable","result","extractInputUtxoRefs","txHex","stripHexPrefix","isUtxoReserved","reservedRefs","txidLower","ref","estimateMinimumFeeBuffer","feeRate","estimatedTxSize","P2TR_INPUT_SIZE","MAX_NON_LEGACY_OUTPUT_SIZE","TX_BUFFER_SIZE_OVERHEAD","estimatedFee","FEE_SAFETY_MARGIN","collectReservedUtxoRefs","params","reserved","vaults","pendingPegins","utxoReservations","onChainVaultIds","v","_a","id","pending","vault","ContractStatus","reservation","selectUtxosForDeposit","reservedUtxoRefs","requiredAmount","unreserved","feeBuffer","totalRequired","sum","u","assertNoDuplicateUtxos","utxos","seen","selectUtxosForPegin","availableUTXOs","peginAmount","numOutputs","validUTXOs","script","bitcoinScript","sortedUTXOs","a","b","selectedUTXOs","accumulatedValue","inputSize","outputSize","baseTxSize","rateBasedTxBufferFee","DUST_THRESHOLD","changeOutputFee","finalChangeAmount","shouldAddChangeOutput","changeAmount","getDustThreshold","BTC_DUST_SAT","calculateBtcTxHash","BitcoinScriptType","getScriptType","scriptPubKey","length","getPsbtInputFields","publicKeyNoCoord","type"],"mappings":";;;;;;;;AAyCO,MAAMA,UAA8B,MAAM;AAAA,EAG/C,YAAYC,GAAiC;AAC3C,UAAMC,IAAQD,EAAa,QACrBE,IACJD,MAAU,IACN,8JACA,GAAGA,CAAK;AAEd,UAAMC,CAAO;AATC,IAAAC,EAAA;AAUd,SAAK,OAAO,yBACZ,KAAK,eAAeH;AAAA,EACtB;AACF;AAQO,SAASI,EACdC,GACuC;AACvC,QAAMC,IAAWD,EAAc,WAAW,IAAI,IAC1CA,EAAc,MAAM,CAAC,IACrBA;AAEJ,MAAIE;AACJ,MAAI;AACF,IAAAA,IAAKC,EAAY,QAAQF,CAAQ;AAAA,EACnC,SAASG,GAAO;AACd,UAAM,IAAI;AAAA,MACR,oCAAoCA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK,CAAC;AAAA,IAAA;AAAA,EAE9F;AAEA,SAAOF,EAAG,IAAI,IAAI,CAACG,OAAW;AAAA;AAAA,IAE5B,MAAMC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK;AAAA,IACtD,MAAMA,EAAM;AAAA,EAAA,EACZ;AACJ;AAaO,SAASE,EACdP,GACAQ,GACsB;AACtB,QAAMC,IAASV,EAA6BC,CAAa;AAEzD,MAAIS,EAAO,WAAW;AACpB,UAAM,IAAI,MAAM,2BAA2B;AAK7C,QAAMC,wBAAgB,IAAA;AACtB,aAAWL,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,QAAIK,EAAU,IAAIC,CAAG;AACnB,YAAM,IAAI;AAAA,QACR,wCAAwCN,EAAM,IAAI,IAAIA,EAAM,IAAI;AAAA,MAAA;AAIpE,IAAAK,EAAU,IAAIC,CAAG;AAAA,EACnB;AAGA,QAAMC,IAAe,IAAI;AAAA,IACvBJ,EAAe,IAAI,CAACK,MAAS,GAAGA,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI,EAAE;AAAA,EAAA,GAIlElB,IAAkC,CAAA;AACxC,aAAWU,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,IAAKO,EAAa,IAAID,CAAG,KACvBhB,EAAa,KAAK;AAAA,MAChB,MAAMU,EAAM;AAAA,MACZ,MAAMA,EAAM;AAAA,IAAA,CACb;AAAA,EAEL;AAEA,SAAO;AAAA,IACL,cAAcV,EAAa,WAAW;AAAA,IACtC,cAAAA;AAAA,IACA,aAAac,EAAO;AAAA,EAAA;AAExB;AAYO,SAASK,EACdd,GACAQ,GACM;AACN,QAAMO,IAASR,EAAuBP,GAAeQ,CAAc;AAEnE,MAAI,CAACO,EAAO;AACV,UAAM,IAAIrB,EAAsBqB,EAAO,YAAY;AAEvD;AC5EA,SAASC,EAAqBC,GAA0B;AACtD,MAAI;AAEF,WADWd,EAAY,QAAQe,EAAeD,CAAK,CAAC,EAC1C,IAAI,IAAI,CAACZ,OAEV,EAAE,MADIC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK,GAC9C,MAAMA,EAAM,MAAA,EAC5B;AAAA,EACH,SAASD,GAAO;AACd,mBAAQ;AAAA,MACN;AAAA,MACA;AAAA,QACE,UAAU;AAAA,QACV,OAAOA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK;AAAA,MAAA;AAAA,IAC9D,GAEK,CAAA;AAAA,EACT;AACF;AAGA,SAASe,EACPN,GACAO,GACS;AACT,QAAMC,IAAYR,EAAK,KAAK,YAAA;AAC5B,SAAOO,EAAa;AAAA,IAClB,CAACE,MAAQA,EAAI,KAAK,kBAAkBD,KAAaC,EAAI,SAAST,EAAK;AAAA,EAAA;AAEvE;AAgBA,SAASU,EAAyBC,GAAyB;AAGzD,QAAMC,IACJ,IAAiBC,IACjBC;AAAA,EACAA;AAAA,EACAC,GAEIC,IAAe,KAAK,KAAKJ,IAAkBD,IAAUM,CAAiB;AAC5E,SAAO,OAAOD,CAAY;AAC5B;AAwBO,SAASE,EACdC,GACW;AACX,QAAMC,IAAsB,CAAA,GACtB;AAAA,IACJ,QAAAC,IAAS,CAAA;AAAA,IACT,eAAAC,IAAgB,CAAA;AAAA,IAChB,kBAAAC,IAAmB,CAAA;AAAA,EAAC,IAClBJ,GAEEK,IAAkB,IAAI;AAAA,IAC1BH,EACG,IAAI,CAACI,MAAA;;AAAM,cAAAC,IAAAD,EAAE,OAAF,gBAAAC,EAAM;AAAA,KAAa,EAC9B,OAAO,CAACC,MAAqBA,MAAO,MAAS;AAAA,EAAA;AAGlD,aAAWC,KAAWN;AACpB,IAAIM,EAAQ,MAAMJ,EAAgB,IAAII,EAAQ,GAAG,YAAA,CAAa,KAG1DA,EAAQ,iBACVR,EAAS,KAAK,GAAGjB,EAAqByB,EAAQ,aAAa,CAAC;AAIhE,aAAWC,KAASR;AAClB,IACEQ,EAAM,WAAWC,EAAe,WAChCD,EAAM,WAAWC,EAAe,YAIlCV,EAAS,KAAK,GAAGjB,EAAqB0B,EAAM,kBAAkB,CAAC;AAKjE,aAAWE,KAAeR;AACxB,IAAAH,EAAS,KAAK,GAAGjB,EAAqB4B,EAAY,aAAa,CAAC;AAGlE,SAAOX;AACT;AAeO,SAASY,EAEdb,GAA6C;AAC7C,QAAM,EAAE,gBAAAxB,GAAgB,kBAAAsC,GAAkB,gBAAAC,GAAgB,SAAAvB,MAAYQ;AAGtE,MAAI,CAACxB,KAAkBA,EAAe,WAAW;AAC/C,WAAO,CAAA;AAIT,MAAIsC,EAAiB,WAAW;AAC9B,WAAOtC;AAIT,QAAMwC,IAAaxC,EAAe;AAAA,IAChC,CAACK,MAAS,CAACM,EAAeN,GAAMiC,CAAgB;AAAA,EAAA;AAGlD,MAAIE,EAAW,WAAW;AACxB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,QAAMC,IAAY1B,EAAyBC,CAAO,GAC5C0B,IAAgBH,IAAiBE;AAKvC,MAJwBD,EAAW;AAAA,IACjC,CAACG,GAAKC,MAAMD,IAAM,OAAOC,EAAE,KAAK;AAAA,IAChC;AAAA,EAAA,IAEoBF;AACpB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,SAAOF;AACT;ACnNA,SAASK,EAAuBC,GAAqB;AACnD,QAAMC,wBAAW,IAAA;AACjB,aAAW1C,KAAQyC,GAAO;AACxB,UAAM3C,IAAM,GAAGE,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI;AACnD,QAAI0C,EAAK,IAAI5C,CAAG;AACd,YAAM,IAAI;AAAA,QACR,4BAA4BE,EAAK,IAAI,IAAIA,EAAK,IAAI;AAAA,MAAA;AAItD,IAAA0C,EAAK,IAAI5C,CAAG;AAAA,EACd;AACF;AAsBO,SAAS6C,EACdC,GACAC,GACAlC,GACAmC,GACqB;AACrB,MAAI,CAAC,OAAO,UAAUA,CAAU,KAAKA,IAAa;AAChD,UAAM,IAAI;AAAA,MACR,wDAAwDA,CAAU;AAAA,IAAA;AAItE,MAAIF,EAAe,WAAW;AAC5B,UAAM,IAAI,MAAM,wCAAwC;AAG1D,EAAAJ,EAAuBI,CAAc;AAIrC,QAAMG,IAAaH,EAAe,OAAO,CAAC5C,MAAS;AACjD,UAAMgD,IAASvD,EAAO,KAAKO,EAAK,cAAc,KAAK;AAEnD,WAAO,CAAC,CADiBiD,EAAc,UAAUD,CAAM;AAAA,EAEzD,CAAC;AAED,MAAID,EAAW,WAAW;AACxB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAMJ,QAAMG,IAAc,CAAC,GAAGH,CAAU,EAAE,KAAK,CAACI,GAAGC,MAAMA,EAAE,QAAQD,EAAE,KAAK,GAE9DE,IAAwB,CAAA;AAC9B,MAAIC,IAAmB,IACnBtC,IAAe;AAGnB,aAAWhB,KAAQkD,GAAa;AAC9B,IAAAG,EAAc,KAAKrD,CAAI,GACvBsD,KAAoB,OAAOtD,EAAK,KAAK;AAGrC,UAAMuD,IAAYF,EAAc,SAASxC,GACnC2C,IAAaV,IAAahC,GAC1B2C,IAAaF,IAAYC,IAAazC;AAW5C,QARAC,IACE,OAAO,KAAK,KAAKyC,IAAa9C,CAAO,CAAC,IACtC,OAAO+C,EAAqB/C,CAAO,CAAC,GAGjB2C,IAAmBT,IAAc7B,IAGnC2C,GAAgB;AACjC,YAAMC,IAAkB;AAAA,QACtB,KAAK,KAAK9C,IAA6BH,CAAO;AAAA,MAAA;AAEhD,MAAAK,KAAgB4C;AAAA,IAClB;AAGA,QAAIN,KAAoBT,IAAc7B,GAAc;AAElD,YAAM6C,IAAoBP,IAAmBT,IAAc7B;AAE3D,aAAO;AAAA,QACL,eAAAqC;AAAA,QACA,YAAYC;AAAA,QACZ,KAAKtC;AAAA,QACL,cAAc6C;AAAA,MAAA;AAAA,IAElB;AAAA,EACF;AAGA,QAAM,IAAI;AAAA,IACR,4BAA4BhB,IAAc7B,CAAY,UAAU6B,CAAW,YAAY7B,CAAY,eAAesC,CAAgB;AAAA,EAAA;AAEtI;AAQO,SAASQ,EAAsBC,GAA+B;AACnE,SAAOA,IAAeJ;AACxB;AAOO,SAASK,IAA2B;AACzC,SAAOC;AACT;ACzKO,SAASC,EAAmB9D,GAAoB;AAErD,QAAMhB,IAAWgB,EAAM,WAAW,IAAI,IAAIA,EAAM,MAAM,CAAC,IAAIA;AAO3D,SAAO,KAJId,EAAY,QAAQF,CAAQ,EACvB,MAAA,CAGA;AAClB;ACrBO,IAAK+E,sBAAAA,OACVA,EAAA,QAAQ,SACRA,EAAA,OAAO,QACPA,EAAA,SAAS,UACTA,EAAA,QAAQ,SACRA,EAAA,OAAO,QACPA,EAAA,UAAU,WANAA,IAAAA,KAAA,CAAA,CAAA;AAuBL,SAASC,EAAcC,GAAyC;AACrE,QAAMC,IAASD,EAAa;AAG5B,SACEC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,EAAE,MAAM;AAAA,EACrBA,EAAa,EAAE,MAAM,MAEd,UAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,EAAE,MAAM,MAEd,SAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,WAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,UAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,SAGF;AACT;ACnCO,SAASE,EACdvE,GACAwE,GACiB;AACjB,QAAMH,IAAe5E,EAAO,KAAKO,EAAK,cAAc,KAAK,GACnDyE,IAAOL,EAAcC,CAAY;AAEvC,UAAQI,GAAA;AAAA,IACN,KAAKN,EAAkB;AACrB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQE;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA,MACd;AAAA,IAIJ,KAAKmE,EAAkB,OAAO;AAC5B,UAAI,CAACnE,EAAK;AACR,cAAM,IAAI,MAAM,uCAAuC;AAEzD,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQqE;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA,QAEd,eAAeP,EAAO,KAAKO,EAAK,eAAe,KAAK;AAAA,MAAA;AAAA,IAExD;AAAA,IAEA,KAAKmE,EAAkB,MAAM;AAC3B,UAAIK,KAAoBA,EAAiB,WAAW;AAClD,cAAM,IAAI;AAAA,UACR,yDAAyDA,EAAiB,MAAM;AAAA,QAAA;AAGpF,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQH;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA;AAAA,QAGd,GAAIwE,KAAoB,EAAE,gBAAgBA,EAAA;AAAA,MAAiB;AAAA,IAE/D;AAAA,IAEA;AACE,YAAM,IAAI,MAAM,4BAA4BC,CAAI,EAAE;AAAA,EAAA;AAExD;"}
1	+ {"version":3,"file":"psbtInputFields-DPCFHgGd.js","sources":["../src/tbv/core/utils/utxo/availability.ts","../src/tbv/core/utils/utxo/reservation.ts","../src/tbv/core/utils/utxo/selectUtxos.ts","../src/tbv/core/utils/transaction/btcTxHash.ts","../src/tbv/core/utils/btc/scriptType.ts","../src/tbv/core/utils/btc/psbtInputFields.ts"],"sourcesContent":["/*\n UTXO Availability Validation\n \n Validates that UTXOs referenced in a pre-pegin transaction are still unspent\n * BEFORE asking the user to sign. This prevents wasted signing effort when\n * UTXOs have already been spent by unrelated transactions.\n \n These functions are pure — they accept pre-fetched UTXOs and perform no I/O.\n * The vault service wrapper is responsible for fetching UTXOs from the mempool.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport type { UtxoRef } from \"./reservation\";\n\n/\n Information about a missing/spent UTXO.\n /\nexport interface MissingUtxoInfo {\n /* Transaction ID of the missing UTXO /\n txid: string;\n /* Output index of the missing UTXO /\n vout: number;\n}\n\n/\n Result of UTXO validation.\n /\nexport interface UtxoValidationResult {\n /* Whether all UTXOs are still available /\n allAvailable: boolean;\n /* List of missing UTXOs (if any) /\n missingUtxos: MissingUtxoInfo[];\n /* Total number of inputs checked /\n totalInputs: number;\n}\n\n/\n Error thrown when UTXOs are not available.\n /\nexport class UtxoNotAvailableError extends Error {\n public readonly missingUtxos: MissingUtxoInfo[];\n\n constructor(missingUtxos: MissingUtxoInfo[]) {\n const count = missingUtxos.length;\n const message =\n count === 1\n ? \"The UTXO for this peg-in is no longer available. It may have been spent in another transaction. Please create a new peg-in request with a different UTXO.\"\n : `${count} UTXOs for this peg-in are no longer available. They may have been spent. Please create a new peg-in request with different UTXOs.`;\n\n super(message);\n this.name = \"UtxoNotAvailableError\";\n this.missingUtxos = missingUtxos;\n }\n}\n\n/\n Extract input references (txid:vout) from an unsigned transaction.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @returns Array of input references\n /\nexport function extractInputsFromTransaction(\n unsignedTxHex: string,\n): Array<{ txid: string; vout: number }> {\n const cleanHex = unsignedTxHex.startsWith(\"0x\")\n ? unsignedTxHex.slice(2)\n : unsignedTxHex;\n\n let tx: Transaction;\n try {\n tx = Transaction.fromHex(cleanHex);\n } catch (error) {\n throw new Error(\n `Failed to parse BTC transaction: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n\n return tx.ins.map((input) => ({\n // Bitcoin stores txid in reverse byte order\n txid: Buffer.from(input.hash).reverse().toString(\"hex\"),\n vout: input.index,\n }));\n}\n\n/\n Validate that all UTXOs in a transaction are still available.\n \n Pure function — accepts pre-fetched UTXOs instead of making network calls.\n * This should be called BEFORE signing to avoid wasting user effort\n * signing a transaction that will fail to broadcast.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @returns Validation result with missing UTXO details\n /\nexport function validateUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): UtxoValidationResult {\n const inputs = extractInputsFromTransaction(unsignedTxHex);\n\n if (inputs.length === 0) {\n throw new Error(\"Transaction has no inputs\");\n }\n\n // Detect duplicate inputs (same txid:vout referenced more than once).\n // This would produce an invalid Bitcoin transaction.\n const inputKeys = new Set<string>();\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (inputKeys.has(key)) {\n throw new Error(\n `Transaction contains duplicate input ${input.txid}:${input.vout}. ` +\n `This would produce an invalid Bitcoin transaction.`,\n );\n }\n inputKeys.add(key);\n }\n\n // Create a set of available UTXOs for O(1) lookup (lowercase for consistency with reservation.ts)\n const availableSet = new Set(\n availableUtxos.map((utxo) => `${utxo.txid.toLowerCase()}:${utxo.vout}`),\n );\n\n // Check which inputs are missing\n const missingUtxos: MissingUtxoInfo[] = [];\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (!availableSet.has(key)) {\n missingUtxos.push({\n txid: input.txid,\n vout: input.vout,\n });\n }\n }\n\n return {\n allAvailable: missingUtxos.length === 0,\n missingUtxos,\n totalInputs: inputs.length,\n };\n}\n\n/\n Validate UTXOs and throw if any are not available.\n \n Pure convenience function that combines validation and error throwing.\n \n @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @throws UtxoNotAvailableError if any UTXOs are not available\n * @throws Error if validation fails\n /\nexport function assertUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): void {\n const result = validateUtxosAvailable(unsignedTxHex, availableUtxos);\n\n if (!result.allAvailable) {\n throw new UtxoNotAvailableError(result.missingUtxos);\n }\n}\n","/\n UTXO reservation utilities for vault deposits.\n \n Handles tracking which UTXOs are already in use by pending deposits\n * and selecting available UTXOs with smart fallback logic.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport { stripHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { ContractStatus } from \"../../services/deposit/peginState\";\nimport {\n FEE_SAFETY_MARGIN,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/* A txid:vout pair uniquely identifying a UTXO (outpoint). /\nexport interface UtxoRef {\n txid: string;\n vout: number;\n}\n\n/* Narrow structural type for pending pegin data. /\nexport interface PendingPeginLike {\n /\n Optional vault id. When present, used to skip pending pegins that are\n * already indexed on-chain so the canonical vault copy wins over a\n * tamperable off-chain entry.\n /\n id?: string;\n selectedUTXOs?: Array<{ txid: string; vout: number }>;\n unsignedTxHex?: string;\n}\n\n/* Narrow structural type for vault data. /\nexport interface VaultLike {\n /\n Optional vault id. When present, enables on-chain correlation with\n * pending pegins sharing the same id.\n /\n id?: string;\n status: number;\n unsignedPrePeginTx: string;\n}\n\nexport interface SelectUtxosForDepositParams<\n T extends { txid: string; vout: number; value: number },\n> {\n /* All available UTXOs from the wallet. /\n availableUtxos: T[];\n /* UTXOs that are reserved/in-flight and should be avoided if possible. /\n reservedUtxoRefs: UtxoRef[];\n /* Required deposit amount in satoshis (excluding fees). /\n requiredAmount: bigint;\n /* Fee rate in sat/vB. Used to estimate fee buffer for sufficiency check. /\n feeRate: number;\n}\n\n/* Narrow structural type for early UTXO reservations (pre-ETH-registration). /\nexport interface UtxoReservationLike {\n unsignedTxHex: string;\n}\n\nexport interface CollectReservedUtxoRefsParams {\n vaults?: VaultLike[];\n pendingPegins?: PendingPeginLike[];\n utxoReservations?: UtxoReservationLike[];\n}\n\n// ============================================================================\n// Internal Helpers\n// ============================================================================\n\n/\n Parse a transaction hex and return the UTXO references of all inputs.\n \n Parse failures are logged and yield no refs. A malformed hex from an\n * untrusted source (e.g. off-chain storage) must not silently collapse the\n * reservation set — logging makes tampering visible in telemetry instead\n * of swallowing the error.\n /\nfunction extractInputUtxoRefs(txHex: string): UtxoRef[] {\n try {\n const tx = Transaction.fromHex(stripHexPrefix(txHex));\n return tx.ins.map((input) => {\n const txid = Buffer.from(input.hash).reverse().toString(\"hex\");\n return { txid, vout: input.index };\n });\n } catch (error) {\n console.warn(\n \"[utxoReservation] Failed to parse transaction hex; skipping inputs\",\n {\n category: \"utxoReservation\",\n error: error instanceof Error ? error.message : String(error),\n },\n );\n return [];\n }\n}\n\n/* Check if a UTXO matches any reserved ref (case-insensitive txid comparison). /\nfunction isUtxoReserved(\n utxo: { txid: string; vout: number },\n reservedRefs: UtxoRef[],\n): boolean {\n const txidLower = utxo.txid.toLowerCase();\n return reservedRefs.some(\n (ref) => ref.txid.toLowerCase() === txidLower && ref.vout === utxo.vout,\n );\n}\n\n/\n Estimate minimum fee buffer for UTXO pre-selection.\n \n WARNING: This is a ROUGH ESTIMATE used only to check if unreserved UTXOs\n * are likely sufficient BEFORE the actual signing flow begins. The actual\n * fee calculation happens in the SDK's `selectUtxosForPegin` during signing.\n \n Assumptions:\n * - 2 inputs (conservative estimate for most deposits)\n * - 1 vault output (P2TR, 43 vBytes)\n * - 1 change output (P2TR, 43 vBytes)\n * - Transaction overhead (11 vBytes)\n * - 10% safety margin\n /\nfunction estimateMinimumFeeBuffer(feeRate: number): bigint {\n const ASSUMED_INPUTS = 2;\n\n const estimatedTxSize =\n ASSUMED_INPUTS P2TR_INPUT_SIZE +\n MAX_NON_LEGACY_OUTPUT_SIZE + // vault output\n MAX_NON_LEGACY_OUTPUT_SIZE + // change output\n TX_BUFFER_SIZE_OVERHEAD;\n\n const estimatedFee = Math.ceil(estimatedTxSize * feeRate * FEE_SAFETY_MARGIN);\n return BigInt(estimatedFee);\n}\n\n// ============================================================================\n// Public API\n// ============================================================================\n\n/*\n Collect UTXO refs from in-flight deposits (PENDING/VERIFIED vaults and\n * pending pegins).\n \n On-chain vault data is canonical: for any pending pegin whose `id` matches\n * an indexed on-chain vault, the pending-pegin copy is ignored entirely —\n * the `vaults` branch below extracts refs from the indexer-supplied\n * `unsignedPrePeginTx` so tampered off-chain data cannot poison the\n * reservation set once the vault is indexed.\n \n For pegins not yet indexed, refs are derived from the stored\n * `unsignedTxHex` only. The `selectedUTXOs` sidecar is NOT used for\n * reservation: if it disagreed with the transaction's inputs (e.g. because\n * the off-chain source was tampered), trusting it would poison the reserved\n * set. The transaction hex must be validated at the source boundary before\n * being handed to this function; parsing and using its inputs is the single\n * source of truth here.\n /\nexport function collectReservedUtxoRefs(\n params: CollectReservedUtxoRefsParams,\n): UtxoRef[] {\n const reserved: UtxoRef[] = [];\n const {\n vaults = [],\n pendingPegins = [],\n utxoReservations = [],\n } = params;\n\n const onChainVaultIds = new Set(\n vaults\n .map((v) => v.id?.toLowerCase())\n .filter((id): id is string => id !== undefined),\n );\n\n for (const pending of pendingPegins) {\n if (pending.id && onChainVaultIds.has(pending.id.toLowerCase())) {\n continue;\n }\n if (pending.unsignedTxHex) {\n reserved.push(...extractInputUtxoRefs(pending.unsignedTxHex));\n }\n }\n\n for (const vault of vaults) {\n if (\n vault.status !== ContractStatus.PENDING &&\n vault.status !== ContractStatus.VERIFIED\n ) {\n continue;\n }\n reserved.push(...extractInputUtxoRefs(vault.unsignedPrePeginTx));\n }\n\n // Early reservations written before ETH registration to prevent cross-tab\n // UTXO conflicts. These are cleaned up when the deposit completes or fails.\n for (const reservation of utxoReservations) {\n reserved.push(...extractInputUtxoRefs(reservation.unsignedTxHex));\n }\n\n return reserved;\n}\n\n/\n Select UTXOs for a deposit, filtering out reserved ones.\n \n Logic:\n * 1. Filter out reserved UTXOs from the available pool\n * 2. If unreserved UTXOs are sufficient for the required amount + estimated fee, return them\n * 3. Otherwise, throw — never silently reuse reserved UTXOs, as this risks double-spend\n * failures that strand registered-but-unbroadcastable vaults\n \n @param params - Selection parameters\n * @returns Array of unreserved UTXOs to use for the deposit\n * @throws When all UTXOs are reserved or unreserved UTXOs are insufficient\n /\nexport function selectUtxosForDeposit<\n T extends { txid: string; vout: number; value: number },\n>(params: SelectUtxosForDepositParams<T>): T[] {\n const { availableUtxos, reservedUtxoRefs, requiredAmount, feeRate } = params;\n\n // Edge case: no UTXOs available\n if (!availableUtxos \|\| availableUtxos.length === 0) {\n return [];\n }\n\n // Edge case: no reservations, return all\n if (reservedUtxoRefs.length === 0) {\n return availableUtxos;\n }\n\n // Filter out reserved UTXOs\n const unreserved = availableUtxos.filter(\n (utxo) => !isUtxoReserved(utxo, reservedUtxoRefs),\n );\n\n if (unreserved.length === 0) {\n throw new Error(\n \"All available UTXOs are reserved by pending deposits. \" +\n \"Wait for pending deposits to confirm or cancel them before starting a new deposit.\",\n );\n }\n\n const feeBuffer = estimateMinimumFeeBuffer(feeRate);\n const totalRequired = requiredAmount + feeBuffer;\n const unreservedTotal = unreserved.reduce(\n (sum, u) => sum + BigInt(u.value),\n 0n,\n );\n if (unreservedTotal < totalRequired) {\n throw new Error(\n \"Insufficient unreserved UTXOs for this deposit amount. \" +\n \"Wait for pending deposits to confirm or cancel them.\",\n );\n }\n\n return unreserved;\n}\n","/\n UTXO selection utilities for peg-in transactions.\n * Follows btc-staking-ts methodology with iterative fee calculation.\n /\n\nimport { script as bitcoinScript } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport {\n BTC_DUST_SAT,\n DUST_THRESHOLD,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n rateBasedTxBufferFee,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n/\n Unspent Transaction Output (UTXO) for funding peg-in transactions.\n /\nexport interface UTXO {\n /\n Transaction ID of the UTXO (64-char hex without 0x prefix).\n /\n txid: string;\n\n /\n Output index within the transaction.\n /\n vout: number;\n\n /\n Value in satoshis.\n /\n value: number;\n\n /\n Script public key hex.\n /\n scriptPubKey: string;\n}\n\nexport interface UTXOSelectionResult {\n selectedUTXOs: UTXO[];\n totalValue: bigint;\n fee: bigint;\n changeAmount: bigint;\n}\n\n/\n Assert that no two UTXOs share the same txid:vout outpoint.\n * Duplicates from a buggy or compromised UTXO source would produce\n * an invalid Bitcoin transaction that double-spends the same outpoint.\n /\nfunction assertNoDuplicateUtxos(utxos: UTXO[]): void {\n const seen = new Set<string>();\n for (const utxo of utxos) {\n const key = `${utxo.txid.toLowerCase()}:${utxo.vout}`;\n if (seen.has(key)) {\n throw new Error(\n `Duplicate UTXO detected: ${utxo.txid}:${utxo.vout}. ` +\n `This indicates a data integrity issue with the UTXO source.`,\n );\n }\n seen.add(key);\n }\n}\n\n/\n Selects UTXOs to fund a peg-in transaction with iterative fee calculation.\n \n This function implements the btc-staking-ts approach:\n * 1. Filter UTXOs for script validity (no minimum value filter)\n * 2. Sort by value (largest first) to minimize number of inputs\n * 3. Iteratively add UTXOs and recalculate fee until we have enough\n \n The fee recalculation is critical because:\n * - Each UTXO added increases transaction size → increases fee\n * - More fee needed might require another UTXO\n * - Change output detection affects fee (adds output size if needed)\n \n @param availableUTXOs - All available UTXOs from wallet\n * @param peginAmount - Amount to peg in (satoshis)\n * @param feeRate - Fee rate (sat/vbyte)\n * @param numOutputs - Number of outputs in the unfunded transaction (HTLC + CPFP anchor, before change)\n * @returns Selected UTXOs, total value, calculated fee, and change amount\n * @throws Error if insufficient funds or no valid UTXOs\n /\nexport function selectUtxosForPegin(\n availableUTXOs: UTXO[],\n peginAmount: bigint,\n feeRate: number,\n numOutputs: number,\n): UTXOSelectionResult {\n if (!Number.isInteger(numOutputs) \|\| numOutputs < 1) {\n throw new Error(\n `Invalid numOutputs: expected a positive integer, got ${numOutputs}`,\n );\n }\n\n if (availableUTXOs.length === 0) {\n throw new Error(\"Insufficient funds: no UTXOs available\");\n }\n\n assertNoDuplicateUtxos(availableUTXOs);\n\n // Filter for script validity ONLY (matching btc-staking-ts approach)\n // No minimum value filter - we accept any UTXO with valid script\n const validUTXOs = availableUTXOs.filter((utxo) => {\n const script = Buffer.from(utxo.scriptPubKey, \"hex\");\n const decompiledScript = bitcoinScript.decompile(script);\n return !!decompiledScript;\n });\n\n if (validUTXOs.length === 0) {\n throw new Error(\n \"Insufficient funds: no valid UTXOs available (all have invalid scripts)\",\n );\n }\n\n // Sort by value: HIGHEST to LOWEST (use big UTXOs first)\n // Use spread to avoid mutating the original array\n const sortedUTXOs = [...validUTXOs].sort((a, b) => b.value - a.value);\n\n const selectedUTXOs: UTXO[] = [];\n let accumulatedValue = 0n;\n let estimatedFee = 0n;\n\n // Iteratively select UTXOs and recalculate fee\n for (const utxo of sortedUTXOs) {\n selectedUTXOs.push(utxo);\n accumulatedValue += BigInt(utxo.value);\n\n // Recalculate fee based on CURRENT number of inputs\n const inputSize = selectedUTXOs.length P2TR_INPUT_SIZE;\n const outputSize = numOutputs * MAX_NON_LEGACY_OUTPUT_SIZE;\n const baseTxSize = inputSize + outputSize + TX_BUFFER_SIZE_OVERHEAD;\n\n // Calculate base fee with buffer\n estimatedFee =\n BigInt(Math.ceil(baseTxSize * feeRate)) +\n BigInt(rateBasedTxBufferFee(feeRate));\n\n // Check if there will be change left after pegin amount and fee\n const changeAmount = accumulatedValue - peginAmount - estimatedFee;\n\n // If change is above dust, add fee for change output\n if (changeAmount > DUST_THRESHOLD) {\n const changeOutputFee = BigInt(\n Math.ceil(MAX_NON_LEGACY_OUTPUT_SIZE * feeRate),\n );\n estimatedFee += changeOutputFee;\n }\n\n // Check if we have enough to cover pegin amount + fees\n if (accumulatedValue >= peginAmount + estimatedFee) {\n // Success! We have enough funds\n const finalChangeAmount = accumulatedValue - peginAmount - estimatedFee;\n\n return {\n selectedUTXOs,\n totalValue: accumulatedValue,\n fee: estimatedFee,\n changeAmount: finalChangeAmount,\n };\n }\n }\n\n // If we get here, we don't have enough funds\n throw new Error(\n `Insufficient funds: need ${peginAmount + estimatedFee} sats (${peginAmount} pegin + ${estimatedFee} fee), have ${accumulatedValue} sats`,\n );\n}\n\n/*\n Checks if change amount is above dust threshold.\n \n @param changeAmount - Change amount in satoshis\n * @returns true if change should be added as output, false if it should go to miners\n /\nexport function shouldAddChangeOutput(changeAmount: bigint): boolean {\n return changeAmount > DUST_THRESHOLD;\n}\n\n/\n Gets the dust threshold value.\n \n @returns Dust threshold in satoshis\n /\nexport function getDustThreshold(): number {\n return BTC_DUST_SAT;\n}\n","/\n Bitcoin Transaction Hash Utilities\n \n Provides utilities for calculating Bitcoin transaction hashes in a way that matches\n * the contract's BtcUtils.hashBtcTx() implementation.\n /\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport type { Hex } from \"viem\";\n\n/\n Calculate Bitcoin transaction hash\n \n This matches the contract's BtcUtils.hashBtcTx() implementation:\n * 1. Double SHA256 the transaction bytes\n * 2. Reverse the byte order (Bitcoin convention)\n \n The resulting hash is used as the unique vault identifier in the BTCVaultRegistry contract.\n \n @param txHex - Transaction hex (with or without 0x prefix)\n * @returns The transaction hash as Hex (with 0x prefix)\n /\nexport function calculateBtcTxHash(txHex: string): Hex {\n // Remove 0x prefix if present\n const cleanHex = txHex.startsWith(\"0x\") ? txHex.slice(2) : txHex;\n\n // Use bitcoinjs-lib to calculate transaction ID (already does double SHA256 + reverse)\n const tx = Transaction.fromHex(cleanHex);\n const txid = tx.getId();\n\n // Return with 0x prefix to match Ethereum hex format\n return `0x${txid}` as Hex;\n}\n","/\n Bitcoin Script Type Detection\n \n Utilities to detect Bitcoin script types for proper PSBT input construction.\n \n @module utils/btc/scriptType\n /\n\n/\n Bitcoin script types.\n /\nexport enum BitcoinScriptType {\n P2PKH = \"P2PKH\",\n P2SH = \"P2SH\",\n P2WPKH = \"P2WPKH\",\n P2WSH = \"P2WSH\",\n P2TR = \"P2TR\",\n UNKNOWN = \"UNKNOWN\",\n}\n\n/\n Detect the type of a Bitcoin script.\n \n @param scriptPubKey - The script public key buffer\n * @returns The detected script type\n \n @example\n * ```typescript\n * const scriptType = getScriptType(Buffer.from(scriptPubKeyHex, 'hex'));\n * if (scriptType === BitcoinScriptType.P2TR) {\n * // Handle Taproot input\n * }\n * ```\n /\nexport function getScriptType(scriptPubKey: Buffer): BitcoinScriptType {\n const length = scriptPubKey.length;\n\n // P2PKH: OP_DUP OP_HASH160 <20 bytes> OP_EQUALVERIFY OP_CHECKSIG (25 bytes)\n if (\n length === 25 &&\n scriptPubKey[0] === 0x76 && // OP_DUP\n scriptPubKey[1] === 0xa9 && // OP_HASH160\n scriptPubKey[2] === 0x14 && // Push 20 bytes\n scriptPubKey[23] === 0x88 && // OP_EQUALVERIFY\n scriptPubKey[24] === 0xac // OP_CHECKSIG\n ) {\n return BitcoinScriptType.P2PKH;\n }\n\n // P2SH: OP_HASH160 <20 bytes> OP_EQUAL (23 bytes)\n if (\n length === 23 &&\n scriptPubKey[0] === 0xa9 && // OP_HASH160\n scriptPubKey[1] === 0x14 && // Push 20 bytes\n scriptPubKey[22] === 0x87 // OP_EQUAL\n ) {\n return BitcoinScriptType.P2SH;\n }\n\n // P2WPKH: OP_0 <20 bytes> (22 bytes)\n if (\n length === 22 &&\n scriptPubKey[0] === 0x00 && // OP_0\n scriptPubKey[1] === 0x14 // Push 20 bytes\n ) {\n return BitcoinScriptType.P2WPKH;\n }\n\n // P2WSH: OP_0 <32 bytes> (34 bytes)\n if (\n length === 34 &&\n scriptPubKey[0] === 0x00 && // OP_0\n scriptPubKey[1] === 0x20 // Push 32 bytes\n ) {\n return BitcoinScriptType.P2WSH;\n }\n\n // P2TR (Taproot): OP_1 <32 bytes> (34 bytes)\n if (\n length === 34 &&\n scriptPubKey[0] === 0x51 && // OP_1\n scriptPubKey[1] === 0x20 // Push 32 bytes\n ) {\n return BitcoinScriptType.P2TR;\n }\n\n return BitcoinScriptType.UNKNOWN;\n}\n\n","/\n PSBT Input Field Construction\n \n Constructs the correct PSBT input fields for a given UTXO based on its script type.\n \n @module utils/btc/psbtInputFields\n /\n\nimport { Buffer } from \"buffer\";\n\nimport { BitcoinScriptType, getScriptType } from \"./scriptType\";\n\n/\n PSBT input fields for supported script types (P2TR, P2WPKH, P2WSH).\n /\nexport interface PsbtInputFields {\n witnessUtxo?: {\n script: Buffer;\n value: number;\n };\n witnessScript?: Buffer;\n tapInternalKey?: Buffer;\n}\n\n/\n UTXO information for PSBT construction.\n \n Only supports Taproot (P2TR) and native SegWit (P2WPKH, P2WSH) script types.\n /\nexport interface UtxoForPsbt {\n /* Transaction ID of the UTXO /\n txid: string;\n /* Output index (vout) of the UTXO /\n vout: number;\n /* Value of the UTXO in satoshis /\n value: number;\n /* ScriptPubKey of the UTXO (hex string) /\n scriptPubKey: string;\n /* Witness script (required for P2WSH) /\n witnessScript?: string;\n}\n\n/\n Get PSBT input fields for a given UTXO based on its script type.\n \n Only supports Taproot (P2TR) and native SegWit (P2WPKH, P2WSH) script types.\n \n @param utxo - The unspent transaction output to process\n * @param publicKeyNoCoord - The x-only public key (32 bytes) for Taproot signing\n * @returns PSBT input fields object containing the necessary data\n * @throws Error if required input data is missing or unsupported script type\n */\nexport function getPsbtInputFields(\n utxo: UtxoForPsbt,\n publicKeyNoCoord?: Buffer,\n): PsbtInputFields {\n const scriptPubKey = Buffer.from(utxo.scriptPubKey, \"hex\");\n const type = getScriptType(scriptPubKey);\n\n switch (type) {\n case BitcoinScriptType.P2WPKH: {\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n };\n }\n\n case BitcoinScriptType.P2WSH: {\n if (!utxo.witnessScript) {\n throw new Error(\"Missing witnessScript for P2WSH input\");\n }\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n witnessScript: Buffer.from(utxo.witnessScript, \"hex\"),\n };\n }\n\n case BitcoinScriptType.P2TR: {\n if (publicKeyNoCoord && publicKeyNoCoord.length !== 32) {\n throw new Error(\n `Invalid tapInternalKey length: expected 32 bytes, got ${publicKeyNoCoord.length}`,\n );\n }\n return {\n witnessUtxo: {\n script: scriptPubKey,\n value: utxo.value,\n },\n // tapInternalKey is needed for Taproot signing\n ...(publicKeyNoCoord && { tapInternalKey: publicKeyNoCoord }),\n };\n }\n\n default:\n throw new Error(`Unsupported script type: ${type}`);\n }\n}\n\n"],"names":["UtxoNotAvailableError","missingUtxos","count","message","__publicField","extractInputsFromTransaction","unsignedTxHex","cleanHex","tx","Transaction","error","input","Buffer","validateUtxosAvailable","availableUtxos","inputs","inputKeys","key","availableSet","utxo","assertUtxosAvailable","result","extractInputUtxoRefs","txHex","stripHexPrefix","isUtxoReserved","reservedRefs","txidLower","ref","estimateMinimumFeeBuffer","feeRate","estimatedTxSize","P2TR_INPUT_SIZE","MAX_NON_LEGACY_OUTPUT_SIZE","TX_BUFFER_SIZE_OVERHEAD","estimatedFee","FEE_SAFETY_MARGIN","collectReservedUtxoRefs","params","reserved","vaults","pendingPegins","utxoReservations","onChainVaultIds","v","_a","id","pending","vault","ContractStatus","reservation","selectUtxosForDeposit","reservedUtxoRefs","requiredAmount","unreserved","feeBuffer","totalRequired","sum","u","assertNoDuplicateUtxos","utxos","seen","selectUtxosForPegin","availableUTXOs","peginAmount","numOutputs","validUTXOs","script","bitcoinScript","sortedUTXOs","a","b","selectedUTXOs","accumulatedValue","inputSize","outputSize","baseTxSize","rateBasedTxBufferFee","DUST_THRESHOLD","changeOutputFee","finalChangeAmount","shouldAddChangeOutput","changeAmount","getDustThreshold","BTC_DUST_SAT","calculateBtcTxHash","BitcoinScriptType","getScriptType","scriptPubKey","length","getPsbtInputFields","publicKeyNoCoord","type"],"mappings":";;;;;;;;AAyCO,MAAMA,UAA8B,MAAM;AAAA,EAG/C,YAAYC,GAAiC;AAC3C,UAAMC,IAAQD,EAAa,QACrBE,IACJD,MAAU,IACN,8JACA,GAAGA,CAAK;AAEd,UAAMC,CAAO;AATC,IAAAC,EAAA;AAUd,SAAK,OAAO,yBACZ,KAAK,eAAeH;AAAA,EACtB;AACF;AAQO,SAASI,EACdC,GACuC;AACvC,QAAMC,IAAWD,EAAc,WAAW,IAAI,IAC1CA,EAAc,MAAM,CAAC,IACrBA;AAEJ,MAAIE;AACJ,MAAI;AACF,IAAAA,IAAKC,EAAY,QAAQF,CAAQ;AAAA,EACnC,SAASG,GAAO;AACd,UAAM,IAAI;AAAA,MACR,oCAAoCA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK,CAAC;AAAA,IAAA;AAAA,EAE9F;AAEA,SAAOF,EAAG,IAAI,IAAI,CAACG,OAAW;AAAA;AAAA,IAE5B,MAAMC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK;AAAA,IACtD,MAAMA,EAAM;AAAA,EAAA,EACZ;AACJ;AAaO,SAASE,EACdP,GACAQ,GACsB;AACtB,QAAMC,IAASV,EAA6BC,CAAa;AAEzD,MAAIS,EAAO,WAAW;AACpB,UAAM,IAAI,MAAM,2BAA2B;AAK7C,QAAMC,wBAAgB,IAAA;AACtB,aAAWL,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,QAAIK,EAAU,IAAIC,CAAG;AACnB,YAAM,IAAI;AAAA,QACR,wCAAwCN,EAAM,IAAI,IAAIA,EAAM,IAAI;AAAA,MAAA;AAIpE,IAAAK,EAAU,IAAIC,CAAG;AAAA,EACnB;AAGA,QAAMC,IAAe,IAAI;AAAA,IACvBJ,EAAe,IAAI,CAACK,MAAS,GAAGA,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI,EAAE;AAAA,EAAA,GAIlElB,IAAkC,CAAA;AACxC,aAAWU,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,IAAKO,EAAa,IAAID,CAAG,KACvBhB,EAAa,KAAK;AAAA,MAChB,MAAMU,EAAM;AAAA,MACZ,MAAMA,EAAM;AAAA,IAAA,CACb;AAAA,EAEL;AAEA,SAAO;AAAA,IACL,cAAcV,EAAa,WAAW;AAAA,IACtC,cAAAA;AAAA,IACA,aAAac,EAAO;AAAA,EAAA;AAExB;AAYO,SAASK,EACdd,GACAQ,GACM;AACN,QAAMO,IAASR,EAAuBP,GAAeQ,CAAc;AAEnE,MAAI,CAACO,EAAO;AACV,UAAM,IAAIrB,EAAsBqB,EAAO,YAAY;AAEvD;AC5EA,SAASC,EAAqBC,GAA0B;AACtD,MAAI;AAEF,WADWd,EAAY,QAAQe,EAAeD,CAAK,CAAC,EAC1C,IAAI,IAAI,CAACZ,OAEV,EAAE,MADIC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK,GAC9C,MAAMA,EAAM,MAAA,EAC5B;AAAA,EACH,SAASD,GAAO;AACd,mBAAQ;AAAA,MACN;AAAA,MACA;AAAA,QACE,UAAU;AAAA,QACV,OAAOA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK;AAAA,MAAA;AAAA,IAC9D,GAEK,CAAA;AAAA,EACT;AACF;AAGA,SAASe,EACPN,GACAO,GACS;AACT,QAAMC,IAAYR,EAAK,KAAK,YAAA;AAC5B,SAAOO,EAAa;AAAA,IAClB,CAACE,MAAQA,EAAI,KAAK,kBAAkBD,KAAaC,EAAI,SAAST,EAAK;AAAA,EAAA;AAEvE;AAgBA,SAASU,EAAyBC,GAAyB;AAGzD,QAAMC,IACJ,IAAiBC,IACjBC;AAAA,EACAA;AAAA,EACAC,GAEIC,IAAe,KAAK,KAAKJ,IAAkBD,IAAUM,CAAiB;AAC5E,SAAO,OAAOD,CAAY;AAC5B;AAwBO,SAASE,EACdC,GACW;AACX,QAAMC,IAAsB,CAAA,GACtB;AAAA,IACJ,QAAAC,IAAS,CAAA;AAAA,IACT,eAAAC,IAAgB,CAAA;AAAA,IAChB,kBAAAC,IAAmB,CAAA;AAAA,EAAC,IAClBJ,GAEEK,IAAkB,IAAI;AAAA,IAC1BH,EACG,IAAI,CAACI,MAAA;;AAAM,cAAAC,IAAAD,EAAE,OAAF,gBAAAC,EAAM;AAAA,KAAa,EAC9B,OAAO,CAACC,MAAqBA,MAAO,MAAS;AAAA,EAAA;AAGlD,aAAWC,KAAWN;AACpB,IAAIM,EAAQ,MAAMJ,EAAgB,IAAII,EAAQ,GAAG,YAAA,CAAa,KAG1DA,EAAQ,iBACVR,EAAS,KAAK,GAAGjB,EAAqByB,EAAQ,aAAa,CAAC;AAIhE,aAAWC,KAASR;AAClB,IACEQ,EAAM,WAAWC,EAAe,WAChCD,EAAM,WAAWC,EAAe,YAIlCV,EAAS,KAAK,GAAGjB,EAAqB0B,EAAM,kBAAkB,CAAC;AAKjE,aAAWE,KAAeR;AACxB,IAAAH,EAAS,KAAK,GAAGjB,EAAqB4B,EAAY,aAAa,CAAC;AAGlE,SAAOX;AACT;AAeO,SAASY,EAEdb,GAA6C;AAC7C,QAAM,EAAE,gBAAAxB,GAAgB,kBAAAsC,GAAkB,gBAAAC,GAAgB,SAAAvB,MAAYQ;AAGtE,MAAI,CAACxB,KAAkBA,EAAe,WAAW;AAC/C,WAAO,CAAA;AAIT,MAAIsC,EAAiB,WAAW;AAC9B,WAAOtC;AAIT,QAAMwC,IAAaxC,EAAe;AAAA,IAChC,CAACK,MAAS,CAACM,EAAeN,GAAMiC,CAAgB;AAAA,EAAA;AAGlD,MAAIE,EAAW,WAAW;AACxB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,QAAMC,IAAY1B,EAAyBC,CAAO,GAC5C0B,IAAgBH,IAAiBE;AAKvC,MAJwBD,EAAW;AAAA,IACjC,CAACG,GAAKC,MAAMD,IAAM,OAAOC,EAAE,KAAK;AAAA,IAChC;AAAA,EAAA,IAEoBF;AACpB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,SAAOF;AACT;ACnNA,SAASK,EAAuBC,GAAqB;AACnD,QAAMC,wBAAW,IAAA;AACjB,aAAW1C,KAAQyC,GAAO;AACxB,UAAM3C,IAAM,GAAGE,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI;AACnD,QAAI0C,EAAK,IAAI5C,CAAG;AACd,YAAM,IAAI;AAAA,QACR,4BAA4BE,EAAK,IAAI,IAAIA,EAAK,IAAI;AAAA,MAAA;AAItD,IAAA0C,EAAK,IAAI5C,CAAG;AAAA,EACd;AACF;AAsBO,SAAS6C,EACdC,GACAC,GACAlC,GACAmC,GACqB;AACrB,MAAI,CAAC,OAAO,UAAUA,CAAU,KAAKA,IAAa;AAChD,UAAM,IAAI;AAAA,MACR,wDAAwDA,CAAU;AAAA,IAAA;AAItE,MAAIF,EAAe,WAAW;AAC5B,UAAM,IAAI,MAAM,wCAAwC;AAG1D,EAAAJ,EAAuBI,CAAc;AAIrC,QAAMG,IAAaH,EAAe,OAAO,CAAC5C,MAAS;AACjD,UAAMgD,IAASvD,EAAO,KAAKO,EAAK,cAAc,KAAK;AAEnD,WAAO,CAAC,CADiBiD,EAAc,UAAUD,CAAM;AAAA,EAEzD,CAAC;AAED,MAAID,EAAW,WAAW;AACxB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAMJ,QAAMG,IAAc,CAAC,GAAGH,CAAU,EAAE,KAAK,CAACI,GAAGC,MAAMA,EAAE,QAAQD,EAAE,KAAK,GAE9DE,IAAwB,CAAA;AAC9B,MAAIC,IAAmB,IACnBtC,IAAe;AAGnB,aAAWhB,KAAQkD,GAAa;AAC9B,IAAAG,EAAc,KAAKrD,CAAI,GACvBsD,KAAoB,OAAOtD,EAAK,KAAK;AAGrC,UAAMuD,IAAYF,EAAc,SAASxC,GACnC2C,IAAaV,IAAahC,GAC1B2C,IAAaF,IAAYC,IAAazC;AAW5C,QARAC,IACE,OAAO,KAAK,KAAKyC,IAAa9C,CAAO,CAAC,IACtC,OAAO+C,EAAqB/C,CAAO,CAAC,GAGjB2C,IAAmBT,IAAc7B,IAGnC2C,GAAgB;AACjC,YAAMC,IAAkB;AAAA,QACtB,KAAK,KAAK9C,IAA6BH,CAAO;AAAA,MAAA;AAEhD,MAAAK,KAAgB4C;AAAA,IAClB;AAGA,QAAIN,KAAoBT,IAAc7B,GAAc;AAElD,YAAM6C,IAAoBP,IAAmBT,IAAc7B;AAE3D,aAAO;AAAA,QACL,eAAAqC;AAAA,QACA,YAAYC;AAAA,QACZ,KAAKtC;AAAA,QACL,cAAc6C;AAAA,MAAA;AAAA,IAElB;AAAA,EACF;AAGA,QAAM,IAAI;AAAA,IACR,4BAA4BhB,IAAc7B,CAAY,UAAU6B,CAAW,YAAY7B,CAAY,eAAesC,CAAgB;AAAA,EAAA;AAEtI;AAQO,SAASQ,EAAsBC,GAA+B;AACnE,SAAOA,IAAeJ;AACxB;AAOO,SAASK,IAA2B;AACzC,SAAOC;AACT;ACzKO,SAASC,EAAmB9D,GAAoB;AAErD,QAAMhB,IAAWgB,EAAM,WAAW,IAAI,IAAIA,EAAM,MAAM,CAAC,IAAIA;AAO3D,SAAO,KAJId,EAAY,QAAQF,CAAQ,EACvB,MAAA,CAGA;AAClB;ACrBO,IAAK+E,sBAAAA,OACVA,EAAA,QAAQ,SACRA,EAAA,OAAO,QACPA,EAAA,SAAS,UACTA,EAAA,QAAQ,SACRA,EAAA,OAAO,QACPA,EAAA,UAAU,WANAA,IAAAA,KAAA,CAAA,CAAA;AAuBL,SAASC,EAAcC,GAAyC;AACrE,QAAMC,IAASD,EAAa;AAG5B,SACEC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,EAAE,MAAM;AAAA,EACrBA,EAAa,EAAE,MAAM,MAEd,UAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,EAAE,MAAM,MAEd,SAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,WAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,UAKPC,MAAW,MACXD,EAAa,CAAC,MAAM;AAAA,EACpBA,EAAa,CAAC,MAAM,KAEb,SAGF;AACT;ACnCO,SAASE,EACdvE,GACAwE,GACiB;AACjB,QAAMH,IAAe5E,EAAO,KAAKO,EAAK,cAAc,KAAK,GACnDyE,IAAOL,EAAcC,CAAY;AAEvC,UAAQI,GAAA;AAAA,IACN,KAAKN,EAAkB;AACrB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQE;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA,MACd;AAAA,IAIJ,KAAKmE,EAAkB,OAAO;AAC5B,UAAI,CAACnE,EAAK;AACR,cAAM,IAAI,MAAM,uCAAuC;AAEzD,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQqE;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA,QAEd,eAAeP,EAAO,KAAKO,EAAK,eAAe,KAAK;AAAA,MAAA;AAAA,IAExD;AAAA,IAEA,KAAKmE,EAAkB,MAAM;AAC3B,UAAIK,KAAoBA,EAAiB,WAAW;AAClD,cAAM,IAAI;AAAA,UACR,yDAAyDA,EAAiB,MAAM;AAAA,QAAA;AAGpF,aAAO;AAAA,QACL,aAAa;AAAA,UACX,QAAQH;AAAA,UACR,OAAOrE,EAAK;AAAA,QAAA;AAAA;AAAA,QAGd,GAAIwE,KAAoB,EAAE,gBAAgBA,EAAA;AAAA,MAAiB;AAAA,IAE/D;AAAA,IAEA;AACE,YAAM,IAAI,MAAM,4BAA4BC,CAAI,EAAE;AAAA,EAAA;AAExD;"}

package/dist/tbv/core/clients/eth/index.d.ts CHANGED Viewed

@@ -2,5 +2,5 @@ export { resolveProtocolAddresses, type ProtocolAddresses, } from './contract-ad
 export { ViemProtocolParamsReader } from './protocol-params-reader';
 export { ViemUniversalChallengerReader, ViemVaultKeeperReader, } from './signer-set-reader';
 export { ViemVaultRegistryReader } from './vault-registry-reader';
-export type { AddressBTCKeyPair, PegInConfiguration, ProtocolParamsReader, TBVProtocolParams, UniversalChallengerReader, VaultBasicInfo, VaultData, VaultKeeperReader, VaultProtocolInfo, VaultRegistryReader, VersionedOffchainParams, } from './types';
+export type { AddressBTCKeyPair, OnChainBtcPubkey, PegInConfiguration, ProtocolParamsReader, TBVProtocolParams, UniversalChallengerReader, VaultBasicInfo, VaultData, VaultKeeperReader, VaultProtocolInfo, VaultRegistryReader, VersionedOffchainParams, } from './types';
 //# sourceMappingURL=index.d.ts.map

package/dist/tbv/core/clients/eth/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,wBAAwB,EACxB,KAAK,iBAAiB,GACvB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAC;AACpE,OAAO,EACL,6BAA6B,EAC7B,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,YAAY,EACV,iBAAiB,EACjB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,yBAAyB,EACzB,cAAc,EACd,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,SAAS,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,wBAAwB,EACxB,KAAK,iBAAiB,GACvB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAC;AACpE,OAAO,EACL,6BAA6B,EAC7B,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,YAAY,EACV,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,yBAAyB,EACzB,cAAc,EACd,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,SAAS,CAAC"}

package/dist/tbv/core/clients/eth/types.d.ts CHANGED Viewed

@@ -1,4 +1,15 @@
 import { Address, Hex } from 'viem';
+declare const onChainBtcPubkeyBrand: unique symbol;
+/**
+ * 64-char lowercase hex (no `0x`) x-only BTC pubkey sourced from the
+ * on-chain BTCVaultRegistry. The only legitimate producer is
+ * {@link VaultRegistryReader.getVaultProviderBtcPubKey}.
+ *
+ * @stability frozen
+ */
+export type OnChainBtcPubkey = string & {
+    readonly [onChainBtcPubkeyBrand]: true;
+};
 /** Basic vault info from BTCVaultRegistry.getBtcVaultBasicInfo */
 export interface VaultBasicInfo {
     depositor: Address;
@@ -33,6 +44,7 @@ export interface VaultRegistryReader {
     getVaultBasicInfo(vaultId: Hex): Promise<VaultBasicInfo>;
     getVaultProtocolInfo(vaultId: Hex): Promise<VaultProtocolInfo>;
     getVaultData(vaultId: Hex): Promise<VaultData>;
+    getVaultProviderBtcPubKey(vpAddress: Address): Promise<OnChainBtcPubkey>;
 }
 /**
  * TBV protocol parameters from the ProtocolParams contract.
@@ -114,4 +126,5 @@ export interface UniversalChallengerReader {
     getCurrentUniversalChallengers(): Promise<AddressBTCKeyPair[]>;
     getLatestUniversalChallengersVersion(): Promise<number>;
 }
+export {};
 //# sourceMappingURL=types.d.ts.map

package/dist/tbv/core/clients/eth/types.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAMzC,kEAAkE;AAClE,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,OAAO,CAAC;IACnB,kBAAkB,EAAE,GAAG,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,OAAO,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,OAAO,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,kEAAkE;AAClE,MAAM,WAAW,iBAAiB;IAChC,sBAAsB,EAAE,GAAG,CAAC;IAC5B,2BAA2B,EAAE,MAAM,CAAC;IACpC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,GAAG,CAAC;IACzB,QAAQ,EAAE,GAAG,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,GAAG,CAAC;IAC3B,cAAc,EAAE,GAAG,CAAC;IACpB,0BAA0B,EAAE,MAAM,CAAC;CACpC;AAED,6CAA6C;AAC7C,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,cAAc,CAAC;IACtB,QAAQ,EAAE,iBAAiB,CAAC;CAC7B;AAED,2EAA2E;AAC3E,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACzD,oBAAoB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC/D,YAAY,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;~~CAChD~~;AAMD;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,uBAAuB;IACtC,cAAc,EAAE,MAAM,CAAC;IACvB,uBAAuB,EAAE,MAAM,CAAC;IAChC,mBAAmB,EAAE,GAAG,EAAE,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;IACxB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED,kFAAkF;AAClF,MAAM,WAAW,oBAAoB;IACnC,oBAAoB,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACnD,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC9E,uBAAuB,IAAI,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC5D,8BAA8B,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5D,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAAC;CACtD;AAMD;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,GAAG,CAAC;CAChB;AAED,iFAAiF;AACjF,MAAM,WAAW,iBAAiB;IAChC,wBAAwB,CACtB,aAAa,EAAE,OAAO,EACtB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,sBAAsB,CACpB,aAAa,EAAE,OAAO,GACrB,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,6BAA6B,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACxE;AAED,oFAAoF;AACpF,MAAM,WAAW,yBAAyB;IACxC,gCAAgC,CAC9B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,8BAA8B,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC/D,oCAAoC,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzD"}
1	+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAMzC,OAAO,CAAC,MAAM,qBAAqB,EAAE,OAAO,MAAM,CAAC;AAEnD;;;;;;GAMG;AACH,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG;IACtC,QAAQ,CAAC,CAAC,qBAAqB,CAAC,EAAE,IAAI,CAAC;CACxC,CAAC;AAEF,kEAAkE;AAClE,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,OAAO,CAAC;IACnB,kBAAkB,EAAE,GAAG,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,OAAO,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,OAAO,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,kEAAkE;AAClE,MAAM,WAAW,iBAAiB;IAChC,sBAAsB,EAAE,GAAG,CAAC;IAC5B,2BAA2B,EAAE,MAAM,CAAC;IACpC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,GAAG,CAAC;IACzB,QAAQ,EAAE,GAAG,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,GAAG,CAAC;IAC3B,cAAc,EAAE,GAAG,CAAC;IACpB,0BAA0B,EAAE,MAAM,CAAC;CACpC;AAED,6CAA6C;AAC7C,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,cAAc,CAAC;IACtB,QAAQ,EAAE,iBAAiB,CAAC;CAC7B;AAED,2EAA2E;AAC3E,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACzD,oBAAoB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC/D,YAAY,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/C,yBAAyB,CAAC,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;CAC1E;AAMD;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,uBAAuB;IACtC,cAAc,EAAE,MAAM,CAAC;IACvB,uBAAuB,EAAE,MAAM,CAAC;IAChC,mBAAmB,EAAE,GAAG,EAAE,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;IACxB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED,kFAAkF;AAClF,MAAM,WAAW,oBAAoB;IACnC,oBAAoB,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACnD,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC9E,uBAAuB,IAAI,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC5D,8BAA8B,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5D,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAAC;CACtD;AAMD;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,GAAG,CAAC;CAChB;AAED,iFAAiF;AACjF,MAAM,WAAW,iBAAiB;IAChC,wBAAwB,CACtB,aAAa,EAAE,OAAO,EACtB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,sBAAsB,CACpB,aAAa,EAAE,OAAO,GACrB,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,6BAA6B,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACxE;AAED,oFAAoF;AACpF,MAAM,WAAW,yBAAyB;IACxC,gCAAgC,CAC9B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAChC,8BAA8B,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC/D,oCAAoC,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzD"}

package/dist/tbv/core/clients/eth/vault-registry-reader.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { Address, Hex, PublicClient } from 'viem';
-import { VaultBasicInfo, VaultData, VaultProtocolInfo, VaultRegistryReader } from './types';
+import { OnChainBtcPubkey, VaultBasicInfo, VaultData, VaultProtocolInfo, VaultRegistryReader } from './types';
 /**
  * Concrete vault registry reader using viem.
  *
@@ -13,6 +13,13 @@ export declare class ViemVaultRegistryReader implements VaultRegistryReader {
     private publicClient;
     private contractAddress;
     constructor(publicClient: PublicClient, contractAddress: Address);
+    /**
+     * Read the VP's persistent x-only BTC pubkey from the on-chain
+     * registry. Validates length, hex form, and secp256k1 curve
+     * membership before minting the brand. Returns 64-char lowercase
+     * hex without the `0x` prefix.
+     */
+    getVaultProviderBtcPubKey(vpAddress: Address): Promise<OnChainBtcPubkey>;
     getVaultBasicInfo(vaultId: Hex): Promise<VaultBasicInfo>;
     getVaultProtocolInfo(vaultId: Hex): Promise<VaultProtocolInfo>;
     getVaultData(vaultId: Hex): Promise<VaultData>;

package/dist/tbv/core/clients/eth/vault-registry-reader.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"vault-registry-reader.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/vault-registry-reader.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;~~AAEH~~,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;~~AAGvD~~,OAAO,KAAK,EACV,cAAc,EACd,SAAS,EACT,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,SAAS,CAAC;AAEjB;;;;;;;;GAQG;AACH,qBAAa,uBAAwB,YAAW,mBAAmB;IAE/D,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,eAAe;gBADf,YAAY,EAAE,YAAY,EAC1B,eAAe,EAAE,OAAO;~~IAG5B~~,iBAAiB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC;IA2BxD,oBAAoB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAmC9D,YAAY,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC;CAiBrD"}
1	+ {"version":3,"file":"vault-registry-reader.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/eth/vault-registry-reader.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;AAIvD,OAAO,KAAK,EACV,gBAAgB,EAChB,cAAc,EACd,SAAS,EACT,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,SAAS,CAAC;AAEjB;;;;;;;;GAQG;AACH,qBAAa,uBAAwB,YAAW,mBAAmB;IAE/D,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,eAAe;gBADf,YAAY,EAAE,YAAY,EAC1B,eAAe,EAAE,OAAO;IAGlC;;;;;OAKG;IACG,yBAAyB,CAC7B,SAAS,EAAE,OAAO,GACjB,OAAO,CAAC,gBAAgB,CAAC;IAsBtB,iBAAiB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC;IA2BxD,oBAAoB,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAmC9D,YAAY,CAAC,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC;CAiBrD"}

package/dist/tbv/core/clients/index.cjs CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("../../../vault-registry-reader-DdruADqa.cjs"),r=require("../../../types-jmEyzzhY.cjs");exports.MEMPOOL_API_URLS=e.MEMPOOL_API_URLS;exports.ServerIdentityError=e.ServerIdentityError;exports.VaultProviderRpcClient=e.VaultProviderRpcClient;exports.ViemProtocolParamsReader=e.ViemProtocolParamsReader;exports.ViemUniversalChallengerReader=e.ViemUniversalChallengerReader;exports.ViemVaultKeeperReader=e.ViemVaultKeeperReader;exports.ViemVaultRegistryReader=e.ViemVaultRegistryReader;exports.VpResponseValidationError=e.VpResponseValidationError;exports.VpTokenProvider=e.VpTokenProvider;exports.getAddressTxs=e.getAddressTxs;exports.getAddressUtxos=e.getAddressUtxos;exports.getMempoolApiUrl=e.getMempoolApiUrl;exports.getNetworkFees=e.getNetworkFees;exports.getTxHex=e.getTxHex;exports.getTxInfo=e.getTxInfo;exports.getUtxoInfo=e.getUtxoInfo;exports.pushTx=e.pushTx;exports.resolveProtocolAddresses=e.resolveProtocolAddresses;exports.validateRequestDepositorClaimerArtifactsResponse=e.validateRequestDepositorClaimerArtifactsResponse;exports.verifyServerIdentity=e.verifyServerIdentity;exports.DaemonStatus=r.DaemonStatus;exports.JSON_RPC_ERROR_CODES=r.JSON_RPC_ERROR_CODES;exports.JsonRpcClient=r.JsonRpcClient;exports.JsonRpcError=r.JsonRpcError;exports.POST_WOTS_STATUSES=r.POST_WOTS_STATUSES;exports.PRE_DEPOSITOR_SIGNATURES_STATES=r.PRE_DEPOSITOR_SIGNATURES_STATES;exports.RpcErrorCode=r.RpcErrorCode;exports.VP_TERMINAL_STATUSES=r.VP_TERMINAL_STATUSES;exports.VP_TRANSIENT_STATUSES=r.VP_TRANSIENT_STATUSES;
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("../../../vault-registry-reader-DdUgC5IF.cjs"),r=require("../../../types-C2IUB0Jd.cjs");exports.MEMPOOL_API_URLS=e.MEMPOOL_API_URLS;exports.ServerIdentityError=e.ServerIdentityError;exports.VaultProviderRpcClient=e.VaultProviderRpcClient;exports.ViemProtocolParamsReader=e.ViemProtocolParamsReader;exports.ViemUniversalChallengerReader=e.ViemUniversalChallengerReader;exports.ViemVaultKeeperReader=e.ViemVaultKeeperReader;exports.ViemVaultRegistryReader=e.ViemVaultRegistryReader;exports.VpResponseValidationError=e.VpResponseValidationError;exports.VpTokenRegistry=e.VpTokenRegistry;exports.createAuthenticatedVpClient=e.createAuthenticatedVpClient;exports.getAddressTxs=e.getAddressTxs;exports.getAddressUtxos=e.getAddressUtxos;exports.getMempoolApiUrl=e.getMempoolApiUrl;exports.getNetworkFees=e.getNetworkFees;exports.getTxHex=e.getTxHex;exports.getTxInfo=e.getTxInfo;exports.getUtxoInfo=e.getUtxoInfo;exports.primeVpTokenRegistry=e.primeVpTokenRegistry;exports.pushTx=e.pushTx;exports.resolveProtocolAddresses=e.resolveProtocolAddresses;exports.validateRequestDepositorClaimerArtifactsResponse=e.validateRequestDepositorClaimerArtifactsResponse;exports.verifyServerIdentity=e.verifyServerIdentity;exports.vpTokenRegistry=e.vpTokenRegistry;exports.DaemonStatus=r.DaemonStatus;exports.JSON_RPC_ERROR_CODES=r.JSON_RPC_ERROR_CODES;exports.JsonRpcClient=r.JsonRpcClient;exports.JsonRpcError=r.JsonRpcError;exports.POST_WOTS_STATUSES=r.POST_WOTS_STATUSES;exports.PRE_DEPOSITOR_SIGNATURES_STATES=r.PRE_DEPOSITOR_SIGNATURES_STATES;exports.RpcErrorCode=r.RpcErrorCode;exports.VP_TERMINAL_STATUSES=r.VP_TERMINAL_STATUSES;exports.VP_TRANSIENT_STATUSES=r.VP_TRANSIENT_STATUSES;
 //# sourceMappingURL=index.cjs.map

package/dist/tbv/core/clients/index.js CHANGED Viewed

@@ -1,34 +1,37 @@
-import { M as a, S as r, V as o, k as t, l as S, m as R, n as i, h as T, j as d, g as l, a as n, b as p, c as E, d as P, e as V, f as _, p as A, r as m, v as g, i as c } from "../../../vault-registry-reader-BywZhqJL.js";
-import { D as x, b as I, J as O, a as U, d as f, P as C, R as u, c as N, V as D } from "../../../types-CnG3JsRs.js";
+import { M as a, S as r, V as t, n as o, o as i, q as R, s as S, h as T, j as n, l as p, g as d, a as l, b as E, c as V, d as A, e as _, f as g, m as P, p as m, r as c, v, i as x, k as I } from "../../../vault-registry-reader-BeIEh62N.js";
+import { D as U, b as C, J as f, a as u, d as y, P as N, R as k, c as D, V as M } from "../../../types-D1o_3Q__.js";
 export {
-  x as DaemonStatus,
-  I as JSON_RPC_ERROR_CODES,
-  O as JsonRpcClient,
-  U as JsonRpcError,
+  U as DaemonStatus,
+  C as JSON_RPC_ERROR_CODES,
+  f as JsonRpcClient,
+  u as JsonRpcError,
   a as MEMPOOL_API_URLS,
-  f as POST_WOTS_STATUSES,
-  C as PRE_DEPOSITOR_SIGNATURES_STATES,
-  u as RpcErrorCode,
+  y as POST_WOTS_STATUSES,
+  N as PRE_DEPOSITOR_SIGNATURES_STATES,
+  k as RpcErrorCode,
   r as ServerIdentityError,
-  N as VP_TERMINAL_STATUSES,
-  D as VP_TRANSIENT_STATUSES,
-  o as VaultProviderRpcClient,
-  t as ViemProtocolParamsReader,
-  S as ViemUniversalChallengerReader,
+  D as VP_TERMINAL_STATUSES,
+  M as VP_TRANSIENT_STATUSES,
+  t as VaultProviderRpcClient,
+  o as ViemProtocolParamsReader,
+  i as ViemUniversalChallengerReader,
   R as ViemVaultKeeperReader,
-  i as ViemVaultRegistryReader,
+  S as ViemVaultRegistryReader,
   T as VpResponseValidationError,
-  d as VpTokenProvider,
-  l as getAddressTxs,
-  n as getAddressUtxos,
-  p as getMempoolApiUrl,
-  E as getNetworkFees,
-  P as getTxHex,
-  V as getTxInfo,
-  _ as getUtxoInfo,
-  A as pushTx,
-  m as resolveProtocolAddresses,
-  g as validateRequestDepositorClaimerArtifactsResponse,
-  c as verifyServerIdentity
+  n as VpTokenRegistry,
+  p as createAuthenticatedVpClient,
+  d as getAddressTxs,
+  l as getAddressUtxos,
+  E as getMempoolApiUrl,
+  V as getNetworkFees,
+  A as getTxHex,
+  _ as getTxInfo,
+  g as getUtxoInfo,
+  P as primeVpTokenRegistry,
+  m as pushTx,
+  c as resolveProtocolAddresses,
+  v as validateRequestDepositorClaimerArtifactsResponse,
+  x as verifyServerIdentity,
+  I as vpTokenRegistry
 };
 //# sourceMappingURL=index.js.map

package/dist/tbv/core/clients/vault-provider/api.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { PeginStatusReader, WotsKeySubmitter, PresignClient, ClaimerArtifactsReader } from '../../services/deposit/interfaces';
+import { BearerTokenProvider } from './json-rpc-client';
 import { GetPeginStatusParams, GetPeginStatusResponse, GetPegoutStatusParams, GetPegoutStatusResponse, RequestDepositorClaimerArtifactsParams, RequestDepositorClaimerArtifactsResponse, RequestDepositorPresignTransactionsParams, RequestDepositorPresignTransactionsResponse, SubmitDepositorPresignaturesParams, SubmitDepositorWotsKeyParams } from './types';
 export interface VaultProviderRpcClientOptions {
     /** Timeout in milliseconds per request (default: 60000) */
@@ -7,10 +8,20 @@ export interface VaultProviderRpcClientOptions {
     retries?: number;
     /** Initial retry delay in milliseconds (default: 1000) */
     retryDelay?: number;
-    /** Custom retry predicate (default: only retry get* status methods) */
+    /**
+     * Custom retry predicate. Default retries only the idempotent read
+     * methods: `getPeginStatus`, `getPegoutStatus`,
+     * `requestDepositorPresignTransactions`.
+     */
     retryableFor?: (method: string) => boolean;
-    /** Custom headers */
+    /** Custom headers. */
     headers?: Record<string, string>;
+    /**
+     * Per-request bearer-token source. A non-null return attaches
+     * `Authorization: Bearer <token>`; `null` skips auth. Wire a
+     * {@link VpTokenProvider} for depositor-gated methods.
+     */
+    tokenProvider?: BearerTokenProvider;
 }
 /**
  * Concrete VP RPC client implementing all service interfaces.

package/dist/tbv/core/clients/vault-provider/api.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/vault-provider/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;~~AAGpI~~,OAAO,KAAK,EACV,oBAAoB,EACpB,sBAAsB,EACtB,qBAAqB,EACrB,uBAAuB,EACvB,sCAAsC,EACtC,wCAAwC,EACxC,yCAAyC,EACzC,2CAA2C,EAC3C,kCAAkC,EAClC,4BAA4B,EAC7B,MAAM,SAAS,CAAC;AAQjB,MAAM,WAAW,6BAA6B;IAC5C,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0DAA0D;IAC1D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB~~,uEAAuE~~;~~IACvE~~,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC;IAC3C,~~qBAAqB~~;~~IACrB~~,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;~~CAClC~~;AAID;;;;;;;;GAQG;AACH,qBAAa,sBACX,YAAW,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,sBAAsB;IAErF,OAAO,CAAC,MAAM,CAAgB;gBAElB,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,6BAA6B;~~IAYpE~~;;;OAGG;IACG,mCAAmC,CACvC,MAAM,EAAE,yCAAyC,EACjD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,2CAA2C,CAAC;IASvD;;;OAGG;IACG,4BAA4B,CAChC,MAAM,EAAE,kCAAkC,EAC1C,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC;IAQhB;;;;OAIG;IACG,sBAAsB,CAC1B,MAAM,EAAE,4BAA4B,EACpC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC;IAQhB;;;OAGG;IACG,gCAAgC,CACpC,MAAM,EAAE,sCAAsC,EAC9C,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,wCAAwC,CAAC;IASpD,mEAAmE;IAC7D,cAAc,CAClB,MAAM,EAAE,oBAAoB,EAC5B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,sBAAsB,CAAC;IAUlC,oEAAoE;IAC9D,eAAe,CACnB,MAAM,EAAE,qBAAqB,EAC7B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,uBAAuB,CAAC;CASpC"}
1	+ {"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../../src/tbv/core/clients/vault-provider/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAEpI,OAAO,EACL,KAAK,mBAAmB,EAGzB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EACV,oBAAoB,EACpB,sBAAsB,EACtB,qBAAqB,EACrB,uBAAuB,EACvB,sCAAsC,EACtC,wCAAwC,EACxC,yCAAyC,EACzC,2CAA2C,EAC3C,kCAAkC,EAClC,4BAA4B,EAC7B,MAAM,SAAS,CAAC;AAQjB,MAAM,WAAW,6BAA6B;IAC5C,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0DAA0D;IAC1D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;;OAIG;IACH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC;IAC3C,sBAAsB;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC;;;;OAIG;IACH,aAAa,CAAC,EAAE,mBAAmB,CAAC;CACrC;AAID;;;;;;;;GAQG;AACH,qBAAa,sBACX,YAAW,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,sBAAsB;IAErF,OAAO,CAAC,MAAM,CAAgB;gBAElB,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,6BAA6B;IAapE;;;OAGG;IACG,mCAAmC,CACvC,MAAM,EAAE,yCAAyC,EACjD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,2CAA2C,CAAC;IASvD;;;OAGG;IACG,4BAA4B,CAChC,MAAM,EAAE,kCAAkC,EAC1C,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC;IAQhB;;;;OAIG;IACG,sBAAsB,CAC1B,MAAM,EAAE,4BAA4B,EACpC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC;IAQhB;;;OAGG;IACG,gCAAgC,CACpC,MAAM,EAAE,sCAAsC,EAC9C,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,wCAAwC,CAAC;IASpD,mEAAmE;IAC7D,cAAc,CAClB,MAAM,EAAE,oBAAoB,EAC5B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,sBAAsB,CAAC;IAUlC,oEAAoE;IAC9D,eAAe,CACnB,MAAM,EAAE,qBAAqB,EAC7B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,uBAAuB,CAAC;CASpC"}

package/dist/tbv/core/clients/vault-provider/auth/__tests__/createAuthenticatedVpClient.test.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Wiring test for `createAuthenticatedVpClient`.
+ *
+ *   1. Constructs a `VaultProviderRpcClient` whose tokenProvider
+ *      points at the registry-cached `VpTokenProvider` for the given
+ *      `peginTxid`.
+ *   2. `AUTH_GATED_METHODS` matches the canonical protocol set so the
+ *      provider doesn't hand out null for a method the server gates.
+ */
+export {};
+//# sourceMappingURL=createAuthenticatedVpClient.test.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/__tests__/createAuthenticatedVpClient.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"createAuthenticatedVpClient.test.d.ts","sourceRoot":"","sources":["../../../../../../../src/tbv/core/clients/vault-provider/auth/__tests__/createAuthenticatedVpClient.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG"}

package/dist/tbv/core/clients/vault-provider/auth/__tests__/tokenRegistry.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=tokenRegistry.test.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/__tests__/tokenRegistry.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"tokenRegistry.test.d.ts","sourceRoot":"","sources":["../../../../../../../src/tbv/core/clients/vault-provider/auth/__tests__/tokenRegistry.test.ts"],"names":[],"mappings":""}

package/dist/tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { OnChainBtcPubkey } from '../../eth/types';
+import { VaultProviderRpcClient, VaultProviderRpcClientOptions } from '../api';
+export interface AuthenticatedVpClientConfig {
+    /** Base URL of the VP RPC endpoint (already proxied if applicable). */
+    baseUrl: string;
+    /** Per-vault depositor-signed PegIn tx id (registry cache key). */
+    peginTxid: string;
+    /** Already-derived 32-byte auth-anchor preimage (64-char hex, no `0x`). */
+    authAnchorHex: string;
+    /** On-chain VP pubkey, branded so it can only come from the registry reader. */
+    pinnedServerPubkey: OnChainBtcPubkey;
+    /** Optional outer-client tunables (timeout, retries, headers, etc.). */
+    options?: VaultProviderRpcClientOptions;
+}
+export declare function createAuthenticatedVpClient(config: AuthenticatedVpClientConfig): VaultProviderRpcClient;
+//# sourceMappingURL=createAuthenticatedVpClient.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"createAuthenticatedVpClient.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,sBAAsB,EACtB,KAAK,6BAA6B,EACnC,MAAM,QAAQ,CAAC;AAKhB,MAAM,WAAW,2BAA2B;IAC1C,uEAAuE;IACvE,OAAO,EAAE,MAAM,CAAC;IAChB,mEAAmE;IACnE,SAAS,EAAE,MAAM,CAAC;IAClB,2EAA2E;IAC3E,aAAa,EAAE,MAAM,CAAC;IACtB,gFAAgF;IAChF,kBAAkB,EAAE,gBAAgB,CAAC;IACrC,wEAAwE;IACxE,OAAO,CAAC,EAAE,6BAA6B,CAAC;CACzC;AAED,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,2BAA2B,GAClC,sBAAsB,CAiBxB"}

package/dist/tbv/core/clients/vault-provider/auth/gatedMethods.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * VP RPC methods that require `Authorization: Bearer <token>`.
+ * Protocol invariant — must be kept in sync with the VP server.
+ *
+ * @stability frozen
+ *
+ * @module tbv/core/clients/vault-provider/auth/gatedMethods
+ */
+export declare const AUTH_GATED_METHODS: ReadonlySet<string>;
+//# sourceMappingURL=gatedMethods.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/gatedMethods.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"gatedMethods.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/gatedMethods.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,eAAO,MAAM,kBAAkB,EAAE,WAAW,CAAC,MAAM,CAIjD,CAAC"}

package/dist/tbv/core/clients/vault-provider/auth/index.d.ts CHANGED Viewed

@@ -5,6 +5,9 @@
  */
 export { ServerIdentityError, verifyServerIdentity } from './serverIdentity';
 export type { ServerIdentityResponse, VerifyServerIdentityInput, } from './serverIdentity';
-export { VpTokenProvider } from './tokenProvider';
-export type { CreateDepositorTokenResponse, VpTokenProviderConfig, } from './tokenProvider';
+export { VpTokenRegistry, vpTokenRegistry, type VpTokenRegistryInput, } from './tokenRegistry';
+export { createAuthenticatedVpClient } from './createAuthenticatedVpClient';
+export type { AuthenticatedVpClientConfig } from './createAuthenticatedVpClient';
+export { primeVpTokenRegistry } from './primeVpAuth';
+export type { PrimeVpAuthInput } from './primeVpAuth';
 //# sourceMappingURL=index.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC7E,YAAY,EACV,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAE1B,OAAO,~~EAAE~~,eAAe,~~EAAE~~,MAAM,iBAAiB,CAAC;~~AAClD~~,YAAY,~~EACV~~,~~4BAA4B~~,~~EAC5B~~,~~qBAAqB~~,~~GACtB~~,MAAM,~~iBAAiB~~,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC7E,YAAY,EACV,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EACL,eAAe,EACf,eAAe,EACf,KAAK,oBAAoB,GAC1B,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,YAAY,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAEjF,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AACrD,YAAY,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC"}

package/dist/tbv/core/clients/vault-provider/auth/innerTokenClient.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { JsonRpcClient } from '../json-rpc-client';
+export declare const TOKEN_ISSUE_METHOD = "auth_createDepositorToken";
+export declare function buildInnerTokenClient(baseUrl: string, headers?: Record<string, string>): JsonRpcClient;
+//# sourceMappingURL=innerTokenClient.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/innerTokenClient.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"innerTokenClient.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/innerTokenClient.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAInD,eAAO,MAAM,kBAAkB,8BAA8B,CAAC;AAE9D,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAC/B,aAAa,CAOf"}

package/dist/tbv/core/clients/vault-provider/auth/primeVpAuth.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { OnChainBtcPubkey } from '../../eth/types';
+export interface PrimeVpAuthInput {
+    baseUrl: string;
+    peginTxid: string;
+    authAnchorHex: string;
+    pinnedServerPubkey: OnChainBtcPubkey;
+    /** Optional headers forwarded to the inner token client (e.g. gateway auth). */
+    headers?: Record<string, string>;
+}
+export declare function primeVpTokenRegistry(input: PrimeVpAuthInput): void;
+//# sourceMappingURL=primeVpAuth.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/primeVpAuth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"primeVpAuth.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/primeVpAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAKxD,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,gBAAgB,CAAC;IACrC,gFAAgF;IAChF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAOlE"}

package/dist/tbv/core/clients/vault-provider/auth/tokenProvider.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { OnChainBtcPubkey } from '../../eth/types';
 import { BearerTokenProvider, JsonRpcClient } from '../json-rpc-client';
 import { ServerIdentityResponse } from './serverIdentity';
 /**
@@ -12,33 +13,18 @@ export interface CreateDepositorTokenResponse {
     server_identity: ServerIdentityResponse;
 }
 export interface VpTokenProviderConfig {
-    /** VP JSON-RPC client to use for `auth_createDepositorToken` calls. */
     client: JsonRpcClient;
-    /** Pre-PegIn transaction id this token is scoped to. */
+    /** Per-vault depositor-signed PegIn tx id. NOT shared across sibling vaults in a batch. */
     peginTxid: string;
-    /**
-     * 64-char lowercase hex encoding of the 32-byte `auth_anchor`
-     * preimage committed in the Pre-PegIn OP_RETURN. Presenting this
-     * preimage is what lets the VP issue the token (the "fast path").
-     */
+    /** 64-char hex of the 32-byte OP_RETURN auth-anchor preimage. */
     authAnchorHex: string;
-    /**
-     * 64-char lowercase hex x-only pubkey the FE expects the VP to
-     * present as its persistent server identity. Sourced from the
-     * on-chain `VaultProvider.btcPubKey` via the vault-registry reader.
-     */
-    pinnedServerPubkey: string;
-    /**
-     * Set of method names that require authentication. `getToken()`
-     * returns `null` for any method not in this set.
-     */
+    /** Pinned VP pubkey from the on-chain registry; branded so indexer mirrors can't substitute. */
+    pinnedServerPubkey: OnChainBtcPubkey;
+    /** Methods that require a bearer; `getToken` returns `null` for anything outside this set. */
     authGatedMethods: ReadonlySet<string>;
-    /**
-     * Seconds before `expires_at` to treat a cached token as expired.
-     * Default: {@link DEFAULT_REFRESH_SKEW_SECS}.
-     */
+    /** Default {@link DEFAULT_REFRESH_SKEW_SECS}. */
     refreshSkewSecs?: number;
-    /** Clock source (injected for testability). Default: `Date.now() / 1000`. */
+    /** Clock source for testability. */
     now?: () => number;
 }
 /**
@@ -48,7 +34,7 @@ export interface VpTokenProviderConfig {
  * `JsonRpcClient` as `tokenProvider`.
  */
 export declare class VpTokenProvider implements BearerTokenProvider {
-    private readonly client;
+    private client;
     private readonly peginTxid;
     private readonly authAnchorHex;
     private readonly pinnedServerPubkey;
@@ -76,6 +62,15 @@ export declare class VpTokenProvider implements BearerTokenProvider {
      * Called by `JsonRpcClient` on wire `auth_expired` responses.
      */
     invalidate(): void;
+    /**
+     * Swap in a different transport for subsequent token-issuing calls.
+     * Used by the registry when a later caller registers the same
+     * `peginTxid` against a different `baseUrl` — the cached token
+     * (bound to identity, not transport) stays valid, but future
+     * refreshes hit the new URL. An in-flight acquire keeps using the
+     * old client (it captured the reference); next call uses the new.
+     */
+    setClient(client: JsonRpcClient): void;
     private acquireSingleFlight;
 }
 //# sourceMappingURL=tokenProvider.d.ts.map

package/dist/tbv/core/clients/vault-provider/auth/tokenProvider.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"tokenProvider.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/tokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;~~AAC7E~~,OAAO,EACL,KAAK,sBAAsB,EAE5B,MAAM,kBAAkB,CAAC;~~AAmB1B~~;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,qDAAqD;IACrD,KAAK,EAAE,MAAM,CAAC;IACd,iDAAiD;IACjD,UAAU,EAAE,MAAM,CAAC;IACnB,+DAA+D;IAC/D,eAAe,EAAE,sBAAsB,CAAC;CACzC;AAED,MAAM,WAAW,qBAAqB;IACpC,~~uEAAuE;IACvE,~~MAAM,EAAE,aAAa,CAAC;IACtB,~~wDAAwD~~;~~IACxD~~,SAAS,EAAE,MAAM,CAAC;IAClB~~;;;;OAIG~~;~~IACH~~,aAAa,EAAE,MAAM,CAAC;IACtB~~;;;;OAIG~~;~~IACH~~,kBAAkB,EAAE,~~MAAM~~,CAAC;~~IAC3B;;;OAGG~~;~~IACH~~,gBAAgB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IACtC~~;;;OAGG~~;~~IACH~~,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,~~6EAA6E~~;~~IAC7E~~,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;CACpB;AAOD;;;;;GAKG;AACH,qBAAa,eAAgB,YAAW,mBAAmB;~~IACzD~~,OAAO,CAAC,~~QAAQ,CAAC,~~MAAM,CAAgB;~~IACvC~~,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,~~CAAS~~;~~IAC5C~~,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAsB;IACvD,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAS;IACzC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAe;IAEnC,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,QAAQ,CAAqC;gBAEzC,MAAM,EAAE,qBAAqB;IAUzC;;;;;;;;;;;OAWG;IACG,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAatD;;;OAGG;IACH,UAAU,IAAI,IAAI;IAQlB,OAAO,CAAC,mBAAmB;CAqD5B"}
1	+ {"version":3,"file":"tokenProvider.d.ts","sourceRoot":"","sources":["../../../../../../src/tbv/core/clients/vault-provider/auth/tokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAE7E,OAAO,EACL,KAAK,sBAAsB,EAE5B,MAAM,kBAAkB,CAAC;AAgB1B;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,qDAAqD;IACrD,KAAK,EAAE,MAAM,CAAC;IACd,iDAAiD;IACjD,UAAU,EAAE,MAAM,CAAC;IACnB,+DAA+D;IAC/D,eAAe,EAAE,sBAAsB,CAAC;CACzC;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,aAAa,CAAC;IACtB,2FAA2F;IAC3F,SAAS,EAAE,MAAM,CAAC;IAClB,iEAAiE;IACjE,aAAa,EAAE,MAAM,CAAC;IACtB,gGAAgG;IAChG,kBAAkB,EAAE,gBAAgB,CAAC;IACrC,8FAA8F;IAC9F,gBAAgB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IACtC,iDAAiD;IACjD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,oCAAoC;IACpC,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;CACpB;AAOD;;;;;GAKG;AACH,qBAAa,eAAgB,YAAW,mBAAmB;IAKzD,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAmB;IACtD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAsB;IACvD,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAS;IACzC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAe;IAEnC,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,QAAQ,CAAqC;gBAEzC,MAAM,EAAE,qBAAqB;IAUzC;;;;;;;;;;;OAWG;IACG,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAatD;;;OAGG;IACH,UAAU,IAAI,IAAI;IAQlB;;;;;;;OAOG;IACH,SAAS,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI;IAItC,OAAO,CAAC,mBAAmB;CAqD5B"}