@babylonlabs-io/ts-sdk 0.33.3 → 0.33.5

package/dist/PayoutManager-C9XHKZ5j.js

@@ -0,0 +1,200 @@
+var k = Object.defineProperty;
+var f = (e, t, s) => t in e ? k(e, t, { enumerable: !0, configurable: !0, writable: !0, value: s }) : e[t] = s;
+var y = (e, t, s) => f(e, typeof t != "symbol" ? t + "" : t, s);
+import { s as w } from "./sha2-6wN58S6R.js";
+import { c as P } from "./signing-DaLvGwQe.js";
+import "@babylonlabs-io/babylon-tbv-rust-wasm";
+import { b as p, e as b, a as H } from "./payout-BNFMBXS6.js";
+import { v as h } from "./bitcoin-B0S8SHCX.js";
+const x = 66;
+function d(e) {
+  if (!e.startsWith("0x") && !e.startsWith("0X"))
+    throw new Error("Expected 0x-prefixed hex string");
+  const t = e.slice(2);
+  if (t.length % 2 !== 0)
+    throw new Error(`Hex string has odd length: ${t.length}`);
+  if (!/^[0-9a-fA-F]*$/.test(t))
+    throw new Error("Hex string contains non-hex characters");
+  const s = new Uint8Array(t.length / 2);
+  for (let n = 0; n < s.length; n++)
+    s[n] = parseInt(t.slice(n * 2, n * 2 + 2), 16);
+  return s;
+}
+function B(e) {
+  return `0x${Array.from(e).map((t) => t.toString(16).padStart(2, "0")).join("")}`;
+}
+function l(e, t) {
+  if (e.length !== x)
+    throw new Error(
+      `${t} must be exactly 32 bytes (${x} hex chars with 0x prefix), got ${e.length}`
+    );
+}
+function v(e) {
+  l(e, "Secret");
+  const t = d(e), s = w(t);
+  return B(s);
+}
+function $(e, t) {
+  return l(e, "Secret"), l(t, "Hashlock"), d(t), v(e).toLowerCase() === t.toLowerCase();
+}
+class C {
+  /**
+   * Creates a new PayoutManager instance.
+   *
+   * @param config - Manager configuration including wallet
+   */
+  constructor(t) {
+    y(this, "config");
+    this.config = t;
+  }
+  /**
+   * Signs a Payout transaction and extracts the Schnorr signature.
+   *
+   * Flow:
+   * 1. Vault provider submits Claim transaction
+   * 2. Claimer submits Assert transaction to prove validity
+   * 3. Payout can be executed (references Assert tx)
+   *
+   * This method orchestrates the following steps:
+   * 1. Get wallet's public key and convert to x-only format
+   * 2. Validate wallet pubkey matches on-chain depositor pubkey (if provided)
+   * 3. Build unsigned PSBT using primitives
+   * 4. Sign PSBT via btcWallet.signPsbt()
+   * 5. Extract 64-byte Schnorr signature using primitives
+   *
+   * The returned signature can be submitted to the vault provider API.
+   *
+   * @param params - Payout signing parameters
+   * @returns Signature result with 64-byte Schnorr signature and depositor pubkey
+   * @throws Error if wallet pubkey doesn't match depositor pubkey
+   * @throws Error if wallet operations fail or signature extraction fails
+   */
+  async signPayoutTransaction(t) {
+    this.validatePayoutOutputs(
+      t.payoutTxHex,
+      t.registeredPayoutScriptPubKey
+    );
+    const s = await this.config.btcWallet.getPublicKeyHex(), { depositorPubkey: n } = h(
+      s,
+      t.depositorBtcPubkey
+    ), r = await p({
+      payoutTxHex: t.payoutTxHex,
+      peginTxHex: t.peginTxHex,
+      assertTxHex: t.assertTxHex,
+      depositorBtcPubkey: n,
+      vaultProviderBtcPubkey: t.vaultProviderBtcPubkey,
+      vaultKeeperBtcPubkeys: t.vaultKeeperBtcPubkeys,
+      universalChallengerBtcPubkeys: t.universalChallengerBtcPubkeys,
+      timelockPegin: t.timelockPegin,
+      network: this.config.network
+    }), a = await this.config.btcWallet.signPsbt(
+      r.psbtHex,
+      P(s, 1)
+    );
+    return {
+      signature: b(a, n),
+      depositorBtcPubkey: n
+    };
+  }
+  /**
+   * Gets the configured Bitcoin network.
+   *
+   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)
+   */
+  getNetwork() {
+    return this.config.network;
+  }
+  /**
+   * Checks if the wallet supports batch signing (signPsbts).
+   *
+   * @returns true if batch signing is supported
+   */
+  supportsBatchSigning() {
+    return typeof this.config.btcWallet.signPsbts == "function";
+  }
+  /**
+   * Batch signs multiple payout transactions (1 per claimer).
+   * This allows signing all transactions with a single wallet interaction.
+   *
+   * @param transactions - Array of payout params to sign
+   * @returns Array of signature results matching input order
+   * @throws Error if wallet doesn't support batch signing
+   * @throws Error if any signing operation fails
+   */
+  async signPayoutTransactionsBatch(t) {
+    if (!this.supportsBatchSigning())
+      throw new Error(
+        "Wallet does not support batch signing (signPsbts method not available)"
+      );
+    const s = await this.config.btcWallet.getPublicKeyHex(), n = [], r = [], a = [];
+    for (const o of t) {
+      this.validatePayoutOutputs(
+        o.payoutTxHex,
+        o.registeredPayoutScriptPubKey
+      );
+      const { depositorPubkey: i } = h(
+        s,
+        o.depositorBtcPubkey
+      );
+      a.push(i);
+      const c = await p({
+        payoutTxHex: o.payoutTxHex,
+        peginTxHex: o.peginTxHex,
+        assertTxHex: o.assertTxHex,
+        depositorBtcPubkey: i,
+        vaultProviderBtcPubkey: o.vaultProviderBtcPubkey,
+        vaultKeeperBtcPubkeys: o.vaultKeeperBtcPubkeys,
+        universalChallengerBtcPubkeys: o.universalChallengerBtcPubkeys,
+        timelockPegin: o.timelockPegin,
+        network: this.config.network
+      });
+      n.push(c.psbtHex), r.push(P(s, 1));
+    }
+    const u = await this.config.btcWallet.signPsbts(
+      n,
+      r
+    );
+    if (u.length !== t.length)
+      throw new Error(
+        `Expected ${t.length} signed PSBTs but received ${u.length}`
+      );
+    const g = [];
+    for (let o = 0; o < t.length; o++) {
+      const i = a[o], c = b(
+        u[o],
+        i
+      );
+      g.push({
+        payoutSignature: c,
+        depositorBtcPubkey: i
+      });
+    }
+    return g;
+  }
+  /**
+   * Validates that the payout transaction's largest output pays to the
+   * registered depositor payout address (scriptPubKey).
+   *
+   * This prevents two attack vectors from a malicious vault provider:
+   * 1. Substituting a completely different payout address
+   * 2. Including a dust output to the correct address while routing
+   *    the actual funds to an attacker-controlled address
+   *
+   * @param payoutTxHex - Raw payout transaction hex
+   * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)
+   * @throws Error if scriptPubKey is invalid hex
+   * @throws Error if the largest output does not pay to the registered address
+   */
+  validatePayoutOutputs(t, s) {
+    H(
+      t,
+      s
+    );
+  }
+}
+export {
+  C as P,
+  v as c,
+  $ as v
+};
+//# sourceMappingURL=PayoutManager-C9XHKZ5j.js.map

package/dist/PayoutManager-C9XHKZ5j.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PayoutManager-C9XHKZ5j.js","sources":["../src/tbv/core/services/htlc/index.ts","../src/tbv/core/managers/PayoutManager.ts"],"sourcesContent":["/**\n * HTLC Secret / Hashlock Utilities\n *\n * Pure functions for computing and validating SHA-256 hashlocks used in the\n * vault deposit protocol's HTLC (Hash Time Lock Contract).\n *\n * The SDK does NOT generate secrets — that is the caller's responsibility.\n * Today callers use `crypto.getRandomValues(32)`; when the `deriveContextHash`\n * wallet API ships, callers will use `wallet.deriveContextHash(\"babylon-vault\", ctx)`.\n * These utilities work identically regardless of how the secret was produced.\n *\n * On-chain contract validation (BTCVaultRegistry.activateVaultWithSecret):\n *   if (sha256(abi.encodePacked(s)) != hashlock) revert InvalidSecret();\n *\n * @module htlc\n */\n\nimport { sha256 } from \"@noble/hashes/sha2.js\";\nimport type { Hex } from \"viem\";\n\n/** Expected hex length for a 0x-prefixed bytes32 value. */\nconst HEX_BYTES32_LENGTH = 66; // \"0x\" + 64 hex chars\n\n/**\n * Decode a 0x-prefixed hex string to bytes, with strict validation.\n * @throws if the input is not a valid 0x-prefixed hex string\n */\nfunction hexToBytes(hex: Hex): Uint8Array {\n  if (!hex.startsWith(\"0x\") && !hex.startsWith(\"0X\")) {\n    throw new Error(\"Expected 0x-prefixed hex string\");\n  }\n  const clean = hex.slice(2);\n  if (clean.length % 2 !== 0) {\n    throw new Error(`Hex string has odd length: ${clean.length}`);\n  }\n  if (!/^[0-9a-fA-F]*$/.test(clean)) {\n    throw new Error(\"Hex string contains non-hex characters\");\n  }\n  const bytes = new Uint8Array(clean.length / 2);\n  for (let i = 0; i < bytes.length; i++) {\n    bytes[i] = parseInt(clean.slice(i * 2, i * 2 + 2), 16);\n  }\n  return bytes;\n}\n\n/**\n * Encode a Uint8Array as a 0x-prefixed lowercase hex string.\n */\nfunction bytesToHex(bytes: Uint8Array): Hex {\n  return `0x${Array.from(bytes)\n    .map((b) => b.toString(16).padStart(2, \"0\"))\n    .join(\"\")}`;\n}\n\n/**\n * Validate that a value is a 0x-prefixed bytes32 (exactly 32 bytes).\n * @throws if the value is not exactly 32 bytes\n */\nfunction assertBytes32(value: Hex, label: string): void {\n  if (value.length !== HEX_BYTES32_LENGTH) {\n    throw new Error(\n      `${label} must be exactly 32 bytes (${HEX_BYTES32_LENGTH} hex chars with 0x prefix), got ${value.length}`,\n    );\n  }\n}\n\n/**\n * Compute the SHA-256 hashlock from a secret preimage.\n *\n * Matches the on-chain validation: `sha256(abi.encodePacked(s))` where `s` is a `bytes32`.\n * `abi.encodePacked(bytes32)` is just the raw 32 bytes — no ABI padding.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @returns 0x-prefixed bytes32 SHA-256 hash\n * @throws if secret is not exactly 32 bytes\n */\nexport function computeHashlock(secret: Hex): Hex {\n  assertBytes32(secret, \"Secret\");\n  const secretBytes = hexToBytes(secret);\n  const hash = sha256(secretBytes);\n  return bytesToHex(hash);\n}\n\n/**\n * Validate that a secret's SHA-256 hash matches the expected hashlock.\n *\n * Use this for client-side pre-validation before sending the activation\n * transaction to avoid wasting gas on a contract revert.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @param hashlock - 0x-prefixed bytes32 expected hashlock from the vault\n * @returns true if SHA-256(secret) matches the hashlock\n * @throws if secret or hashlock is not exactly 32 bytes\n */\nexport function validateSecretAgainstHashlock(\n  secret: Hex,\n  hashlock: Hex,\n): boolean {\n  assertBytes32(secret, \"Secret\");\n  assertBytes32(hashlock, \"Hashlock\");\n  // Validate hashlock is valid hex (secret is validated inside computeHashlock)\n  hexToBytes(hashlock);\n\n  const computed = computeHashlock(secret);\n  return computed.toLowerCase() === hashlock.toLowerCase();\n}\n","/**\n * Payout Manager\n *\n * High-level manager that orchestrates the payout signing flow by coordinating\n * SDK primitives ({@link buildPayoutPsbt}, {@link extractPayoutSignature})\n * with a user-provided Bitcoin wallet.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @see {@link PeginManager} - For Steps 1–4 of the peg-in flow\n * @see {@link buildPayoutPsbt} - Lower-level primitive for custom implementations\n * @see {@link extractPayoutSignature} - Extract signatures from signed PSBTs\n *\n * @module managers/PayoutManager\n */\n\nimport type {\n  BitcoinWallet,\n  SignPsbtOptions,\n} from \"../../../shared/wallets\";\nimport { createTaprootScriptPathSignOptions } from \"../utils/signing\";\nimport {\n  assertPayoutOutputMatchesRegistered,\n  buildPayoutPsbt,\n  extractPayoutSignature,\n  validateWalletPubkey,\n  type Network,\n} from \"../primitives\";\n\n/**\n * Configuration for the PayoutManager.\n */\nexport interface PayoutManagerConfig {\n  /**\n   * Bitcoin network to use for transactions.\n   */\n  network: Network;\n\n  /**\n   * Bitcoin wallet for signing payout transactions.\n   */\n  btcWallet: BitcoinWallet;\n}\n\n/**\n * Base parameters shared by both payout transaction types.\n */\ninterface SignPayoutBaseParams {\n  /**\n   * Peg-in transaction hex.\n   * The original transaction that created the vault output being spent.\n   */\n  peginTxHex: string;\n\n  /**\n   * Vault provider's BTC public key (x-only, 64-char hex).\n   */\n  vaultProviderBtcPubkey: string;\n\n  /**\n   * Vault keeper BTC public keys (x-only, 64-char hex).\n   */\n  vaultKeeperBtcPubkeys: string[];\n\n  /**\n   * Universal challenger BTC public keys (x-only, 64-char hex).\n   */\n  universalChallengerBtcPubkeys: string[];\n\n  /**\n   * CSV timelock in blocks for the PegIn output.\n   */\n  timelockPegin: number;\n\n  /**\n   * Depositor's BTC public key (x-only, 64-char hex). This MUST be the\n   * key registered on-chain for the vault — typically read from\n   * `BTCVaultRegistry.getBtcVaultBasicInfo(...).depositorBtcPubKey`.\n   *\n   * Required: omitting it would degrade `validateWalletPubkey` to a\n   * self-comparison, allowing the wrong wallet to produce a signature\n   * over a script tree that doesn't match the on-chain UTXO.\n   */\n  depositorBtcPubkey: string;\n\n  /**\n   * The on-chain registered depositor payout scriptPubKey (hex, with or without 0x prefix).\n   * Used to validate that the VP-provided payout transaction actually pays to the\n   * correct depositor payout address before signing.\n   */\n  registeredPayoutScriptPubKey: string;\n}\n\n/**\n * Parameters for signing a Payout transaction.\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface SignPayoutParams extends SignPayoutBaseParams {\n  /**\n   * Payout transaction hex (unsigned).\n   * This is the transaction from the vault provider that needs depositor signature.\n   */\n  payoutTxHex: string;\n\n  /**\n   * Assert transaction hex.\n   * Payout input 1 references Assert output 0.\n   */\n  assertTxHex: string;\n}\n\n/**\n * Result of signing a payout transaction.\n */\nexport interface PayoutSignatureResult {\n  /**\n   * 64-byte Schnorr signature (128 hex characters).\n   */\n  signature: string;\n\n  /**\n   * Depositor's BTC public key used for signing.\n   */\n  depositorBtcPubkey: string;\n}\n\n/**\n * High-level manager for payout transaction signing.\n *\n * @remarks\n * After registering your peg-in on Ethereum (Step 3), the vault provider prepares\n * claim/payout transaction pairs. You must sign each payout transaction using this\n * manager and submit the signatures to the vault provider's RPC API.\n *\n * **What happens internally:**\n * 1. Validates your wallet's public key matches the vault's depositor\n * 2. Builds an unsigned PSBT with taproot script path spend info\n * 3. Signs input 0 (the vault UTXO) with your wallet\n * 4. Extracts the 64-byte Schnorr signature\n *\n * **Note:** The payout transaction has 2 inputs. PayoutManager only signs input 0\n * (from the peg-in tx). Input 1 (from the assert tx) is signed by the vault provider.\n *\n * @see {@link PeginManager} - For the complete peg-in flow context\n * @see {@link buildPayoutPsbt} - Lower-level primitive used internally\n * @see {@link extractPayoutSignature} - Signature extraction primitive\n */\nexport class PayoutManager {\n  private readonly config: PayoutManagerConfig;\n\n  /**\n   * Creates a new PayoutManager instance.\n   *\n   * @param config - Manager configuration including wallet\n   */\n  constructor(config: PayoutManagerConfig) {\n    this.config = config;\n  }\n\n  /**\n   * Signs a Payout transaction and extracts the Schnorr signature.\n   *\n   * Flow:\n   * 1. Vault provider submits Claim transaction\n   * 2. Claimer submits Assert transaction to prove validity\n   * 3. Payout can be executed (references Assert tx)\n   *\n   * This method orchestrates the following steps:\n   * 1. Get wallet's public key and convert to x-only format\n   * 2. Validate wallet pubkey matches on-chain depositor pubkey (if provided)\n   * 3. Build unsigned PSBT using primitives\n   * 4. Sign PSBT via btcWallet.signPsbt()\n   * 5. Extract 64-byte Schnorr signature using primitives\n   *\n   * The returned signature can be submitted to the vault provider API.\n   *\n   * @param params - Payout signing parameters\n   * @returns Signature result with 64-byte Schnorr signature and depositor pubkey\n   * @throws Error if wallet pubkey doesn't match depositor pubkey\n   * @throws Error if wallet operations fail or signature extraction fails\n   */\n  async signPayoutTransaction(\n    params: SignPayoutParams,\n  ): Promise<PayoutSignatureResult> {\n    // Validate payout TX outputs pay to the registered depositor payout address\n    this.validatePayoutOutputs(\n      params.payoutTxHex,\n      params.registeredPayoutScriptPubKey,\n    );\n\n    // Validate wallet pubkey matches depositor and get both formats\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n    const { depositorPubkey } = validateWalletPubkey(\n      walletPubkeyRaw,\n      params.depositorBtcPubkey,\n    );\n\n    // Build unsigned PSBT for Payout (uses Assert tx)\n    const payoutPsbt = await buildPayoutPsbt({\n      payoutTxHex: params.payoutTxHex,\n      peginTxHex: params.peginTxHex,\n      assertTxHex: params.assertTxHex,\n      depositorBtcPubkey: depositorPubkey,\n      vaultProviderBtcPubkey: params.vaultProviderBtcPubkey,\n      vaultKeeperBtcPubkeys: params.vaultKeeperBtcPubkeys,\n      universalChallengerBtcPubkeys: params.universalChallengerBtcPubkeys,\n      timelockPegin: params.timelockPegin,\n      network: this.config.network,\n    });\n\n    // Sign PSBT via wallet (Taproot script-path spend, input 0 only)\n    const signedPsbtHex = await this.config.btcWallet.signPsbt(\n      payoutPsbt.psbtHex,\n      createTaprootScriptPathSignOptions(walletPubkeyRaw, 1),\n    );\n\n    // Extract Schnorr signature\n    const signature = extractPayoutSignature(signedPsbtHex, depositorPubkey);\n\n    return {\n      signature,\n      depositorBtcPubkey: depositorPubkey,\n    };\n  }\n\n  /**\n   * Gets the configured Bitcoin network.\n   *\n   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)\n   */\n  getNetwork(): Network {\n    return this.config.network;\n  }\n\n  /**\n   * Checks if the wallet supports batch signing (signPsbts).\n   *\n   * @returns true if batch signing is supported\n   */\n  supportsBatchSigning(): boolean {\n    return typeof this.config.btcWallet.signPsbts === \"function\";\n  }\n\n  /**\n   * Batch signs multiple payout transactions (1 per claimer).\n   * This allows signing all transactions with a single wallet interaction.\n   *\n   * @param transactions - Array of payout params to sign\n   * @returns Array of signature results matching input order\n   * @throws Error if wallet doesn't support batch signing\n   * @throws Error if any signing operation fails\n   */\n  async signPayoutTransactionsBatch(\n    transactions: SignPayoutParams[],\n  ): Promise<\n    Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }>\n  > {\n    if (!this.supportsBatchSigning()) {\n      throw new Error(\n        \"Wallet does not support batch signing (signPsbts method not available)\",\n      );\n    }\n\n    // Get wallet pubkey once\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n\n    // Build all PSBTs (1 per claimer)\n    const psbtsToSign: string[] = [];\n    const signOptions: SignPsbtOptions[] = [];\n    const depositorPubkeys: string[] = [];\n\n    for (const tx of transactions) {\n      // Validate payout TX outputs pay to the registered depositor payout address\n      this.validatePayoutOutputs(\n        tx.payoutTxHex,\n        tx.registeredPayoutScriptPubKey,\n      );\n\n      // Validate wallet pubkey matches depositor\n      const { depositorPubkey } = validateWalletPubkey(\n        walletPubkeyRaw,\n        tx.depositorBtcPubkey,\n      );\n      depositorPubkeys.push(depositorPubkey);\n\n      // Build Payout PSBT\n      const payoutPsbt = await buildPayoutPsbt({\n        payoutTxHex: tx.payoutTxHex,\n        peginTxHex: tx.peginTxHex,\n        assertTxHex: tx.assertTxHex,\n        depositorBtcPubkey: depositorPubkey,\n        vaultProviderBtcPubkey: tx.vaultProviderBtcPubkey,\n        vaultKeeperBtcPubkeys: tx.vaultKeeperBtcPubkeys,\n        universalChallengerBtcPubkeys: tx.universalChallengerBtcPubkeys,\n        timelockPegin: tx.timelockPegin,\n        network: this.config.network,\n      });\n      psbtsToSign.push(payoutPsbt.psbtHex);\n      signOptions.push(createTaprootScriptPathSignOptions(walletPubkeyRaw, 1));\n    }\n\n    // Batch sign all PSBTs with single wallet interaction\n    const signedPsbts = await this.config.btcWallet.signPsbts!(\n      psbtsToSign,\n      signOptions,\n    );\n\n    // Validate that wallet returned the expected number of signed PSBTs\n    if (signedPsbts.length !== transactions.length) {\n      throw new Error(\n        `Expected ${transactions.length} signed PSBTs but received ${signedPsbts.length}`,\n      );\n    }\n\n    // Extract signatures from signed PSBTs\n    const results: Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }> = [];\n\n    for (let i = 0; i < transactions.length; i++) {\n      const depositorPubkey = depositorPubkeys[i];\n      const payoutSignature = extractPayoutSignature(\n        signedPsbts[i],\n        depositorPubkey,\n      );\n\n      results.push({\n        payoutSignature,\n        depositorBtcPubkey: depositorPubkey,\n      });\n    }\n\n    return results;\n  }\n\n  /**\n   * Validates that the payout transaction's largest output pays to the\n   * registered depositor payout address (scriptPubKey).\n   *\n   * This prevents two attack vectors from a malicious vault provider:\n   * 1. Substituting a completely different payout address\n   * 2. Including a dust output to the correct address while routing\n   *    the actual funds to an attacker-controlled address\n   *\n   * @param payoutTxHex - Raw payout transaction hex\n   * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n   * @throws Error if scriptPubKey is invalid hex\n   * @throws Error if the largest output does not pay to the registered address\n   */\n  private validatePayoutOutputs(\n    payoutTxHex: string,\n    registeredPayoutScriptPubKey: string,\n  ): void {\n    assertPayoutOutputMatchesRegistered(\n      payoutTxHex,\n      registeredPayoutScriptPubKey,\n    );\n  }\n}\n"],"names":["HEX_BYTES32_LENGTH","hexToBytes","hex","clean","bytes","i","bytesToHex","b","assertBytes32","value","label","computeHashlock","secret","secretBytes","hash","sha256","validateSecretAgainstHashlock","hashlock","PayoutManager","config","__publicField","params","walletPubkeyRaw","depositorPubkey","validateWalletPubkey","payoutPsbt","buildPayoutPsbt","signedPsbtHex","createTaprootScriptPathSignOptions","extractPayoutSignature","transactions","psbtsToSign","signOptions","depositorPubkeys","tx","signedPsbts","results","payoutSignature","payoutTxHex","registeredPayoutScriptPubKey","assertPayoutOutputMatchesRegistered"],"mappings":";;;;;;;;AAqBA,MAAMA,IAAqB;AAM3B,SAASC,EAAWC,GAAsB;AACxC,MAAI,CAACA,EAAI,WAAW,IAAI,KAAK,CAACA,EAAI,WAAW,IAAI;AAC/C,UAAM,IAAI,MAAM,iCAAiC;AAEnD,QAAMC,IAAQD,EAAI,MAAM,CAAC;AACzB,MAAIC,EAAM,SAAS,MAAM;AACvB,UAAM,IAAI,MAAM,8BAA8BA,EAAM,MAAM,EAAE;AAE9D,MAAI,CAAC,iBAAiB,KAAKA,CAAK;AAC9B,UAAM,IAAI,MAAM,wCAAwC;AAE1D,QAAMC,IAAQ,IAAI,WAAWD,EAAM,SAAS,CAAC;AAC7C,WAASE,IAAI,GAAGA,IAAID,EAAM,QAAQC;AAChC,IAAAD,EAAMC,CAAC,IAAI,SAASF,EAAM,MAAME,IAAI,GAAGA,IAAI,IAAI,CAAC,GAAG,EAAE;AAEvD,SAAOD;AACT;AAKA,SAASE,EAAWF,GAAwB;AAC1C,SAAO,KAAK,MAAM,KAAKA,CAAK,EACzB,IAAI,CAACG,MAAMA,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE,CAAC;AACb;AAMA,SAASC,EAAcC,GAAYC,GAAqB;AACtD,MAAID,EAAM,WAAWT;AACnB,UAAM,IAAI;AAAA,MACR,GAAGU,CAAK,8BAA8BV,CAAkB,mCAAmCS,EAAM,MAAM;AAAA,IAAA;AAG7G;AAYO,SAASE,EAAgBC,GAAkB;AAChD,EAAAJ,EAAcI,GAAQ,QAAQ;AAC9B,QAAMC,IAAcZ,EAAWW,CAAM,GAC/BE,IAAOC,EAAOF,CAAW;AAC/B,SAAOP,EAAWQ,CAAI;AACxB;AAaO,SAASE,EACdJ,GACAK,GACS;AACT,SAAAT,EAAcI,GAAQ,QAAQ,GAC9BJ,EAAcS,GAAU,UAAU,GAElChB,EAAWgB,CAAQ,GAEFN,EAAgBC,CAAM,EACvB,kBAAkBK,EAAS,YAAA;AAC7C;AC4CO,MAAMC,EAAc;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQzB,YAAYC,GAA6B;AAPxB,IAAAC,EAAA;AAQf,SAAK,SAASD;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAwBA,MAAM,sBACJE,GACgC;AAEhC,SAAK;AAAA,MACHA,EAAO;AAAA,MACPA,EAAO;AAAA,IAAA;AAIT,UAAMC,IAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,GAC9C,EAAE,iBAAAC,MAAoBC;AAAA,MAC1BF;AAAA,MACAD,EAAO;AAAA,IAAA,GAIHI,IAAa,MAAMC,EAAgB;AAAA,MACvC,aAAaL,EAAO;AAAA,MACpB,YAAYA,EAAO;AAAA,MACnB,aAAaA,EAAO;AAAA,MACpB,oBAAoBE;AAAA,MACpB,wBAAwBF,EAAO;AAAA,MAC/B,uBAAuBA,EAAO;AAAA,MAC9B,+BAA+BA,EAAO;AAAA,MACtC,eAAeA,EAAO;AAAA,MACtB,SAAS,KAAK,OAAO;AAAA,IAAA,CACtB,GAGKM,IAAgB,MAAM,KAAK,OAAO,UAAU;AAAA,MAChDF,EAAW;AAAA,MACXG,EAAmCN,GAAiB,CAAC;AAAA,IAAA;AAMvD,WAAO;AAAA,MACL,WAHgBO,EAAuBF,GAAeJ,CAAe;AAAA,MAIrE,oBAAoBA;AAAA,IAAA;AAAA,EAExB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAsB;AACpB,WAAO,KAAK,OAAO;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,uBAAgC;AAC9B,WAAO,OAAO,KAAK,OAAO,UAAU,aAAc;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,4BACJO,GAMA;AACA,QAAI,CAAC,KAAK;AACR,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAKJ,UAAMR,IAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,GAG9CS,IAAwB,CAAA,GACxBC,IAAiC,CAAA,GACjCC,IAA6B,CAAA;AAEnC,eAAWC,KAAMJ,GAAc;AAE7B,WAAK;AAAA,QACHI,EAAG;AAAA,QACHA,EAAG;AAAA,MAAA;AAIL,YAAM,EAAE,iBAAAX,MAAoBC;AAAA,QAC1BF;AAAA,QACAY,EAAG;AAAA,MAAA;AAEL,MAAAD,EAAiB,KAAKV,CAAe;AAGrC,YAAME,IAAa,MAAMC,EAAgB;AAAA,QACvC,aAAaQ,EAAG;AAAA,QAChB,YAAYA,EAAG;AAAA,QACf,aAAaA,EAAG;AAAA,QAChB,oBAAoBX;AAAA,QACpB,wBAAwBW,EAAG;AAAA,QAC3B,uBAAuBA,EAAG;AAAA,QAC1B,+BAA+BA,EAAG;AAAA,QAClC,eAAeA,EAAG;AAAA,QAClB,SAAS,KAAK,OAAO;AAAA,MAAA,CACtB;AACD,MAAAH,EAAY,KAAKN,EAAW,OAAO,GACnCO,EAAY,KAAKJ,EAAmCN,GAAiB,CAAC,CAAC;AAAA,IACzE;AAGA,UAAMa,IAAc,MAAM,KAAK,OAAO,UAAU;AAAA,MAC9CJ;AAAA,MACAC;AAAA,IAAA;AAIF,QAAIG,EAAY,WAAWL,EAAa;AACtC,YAAM,IAAI;AAAA,QACR,YAAYA,EAAa,MAAM,8BAA8BK,EAAY,MAAM;AAAA,MAAA;AAKnF,UAAMC,IAGD,CAAA;AAEL,aAAS/B,IAAI,GAAGA,IAAIyB,EAAa,QAAQzB,KAAK;AAC5C,YAAMkB,IAAkBU,EAAiB5B,CAAC,GACpCgC,IAAkBR;AAAA,QACtBM,EAAY9B,CAAC;AAAA,QACbkB;AAAA,MAAA;AAGF,MAAAa,EAAQ,KAAK;AAAA,QACX,iBAAAC;AAAA,QACA,oBAAoBd;AAAA,MAAA,CACrB;AAAA,IACH;AAEA,WAAOa;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBQ,sBACNE,GACAC,GACM;AACN,IAAAC;AAAA,MACEF;AAAA,MACAC;AAAA,IAAA;AAAA,EAEJ;AACF;"}

package/dist/PayoutManager-DDnNB0mj.cjs

@@ -0,0 +1,2 @@
+"use strict";var k=Object.defineProperty;var w=(e,t,o)=>t in e?k(e,t,{enumerable:!0,configurable:!0,writable:!0,value:o}):e[t]=o;var P=(e,t,o)=>w(e,typeof t!="symbol"?t+"":t,o);const f=require("./sha2-CsTynrfJ.cjs"),h=require("./signing-Bnsro0hE.cjs");require("@babylonlabs-io/babylon-tbv-rust-wasm");const r=require("./payout-DQ_fmJUA.cjs"),b=require("./bitcoin-B3aqjuMP.cjs"),p=66;function x(e){if(!e.startsWith("0x")&&!e.startsWith("0X"))throw new Error("Expected 0x-prefixed hex string");const t=e.slice(2);if(t.length%2!==0)throw new Error(`Hex string has odd length: ${t.length}`);if(!/^[0-9a-fA-F]*$/.test(t))throw new Error("Hex string contains non-hex characters");const o=new Uint8Array(t.length/2);for(let n=0;n<o.length;n++)o[n]=parseInt(t.slice(n*2,n*2+2),16);return o}function H(e){return`0x${Array.from(e).map(t=>t.toString(16).padStart(2,"0")).join("")}`}function g(e,t){if(e.length!==p)throw new Error(`${t} must be exactly 32 bytes (${p} hex chars with 0x prefix), got ${e.length}`)}function d(e){g(e,"Secret");const t=x(e),o=f.sha256(t);return H(o)}function B(e,t){return g(e,"Secret"),g(t,"Hashlock"),x(t),d(e).toLowerCase()===t.toLowerCase()}class v{constructor(t){P(this,"config");this.config=t}async signPayoutTransaction(t){this.validatePayoutOutputs(t.payoutTxHex,t.registeredPayoutScriptPubKey);const o=await this.config.btcWallet.getPublicKeyHex(),{depositorPubkey:n}=b.validateWalletPubkey(o,t.depositorBtcPubkey),a=await r.buildPayoutPsbt({payoutTxHex:t.payoutTxHex,peginTxHex:t.peginTxHex,assertTxHex:t.assertTxHex,depositorBtcPubkey:n,vaultProviderBtcPubkey:t.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:t.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:t.universalChallengerBtcPubkeys,timelockPegin:t.timelockPegin,network:this.config.network}),u=await this.config.btcWallet.signPsbt(a.psbtHex,h.createTaprootScriptPathSignOptions(o,1));return{signature:r.extractPayoutSignature(u,n),depositorBtcPubkey:n}}getNetwork(){return this.config.network}supportsBatchSigning(){return typeof this.config.btcWallet.signPsbts=="function"}async signPayoutTransactionsBatch(t){if(!this.supportsBatchSigning())throw new Error("Wallet does not support batch signing (signPsbts method not available)");const o=await this.config.btcWallet.getPublicKeyHex(),n=[],a=[],u=[];for(const s of t){this.validatePayoutOutputs(s.payoutTxHex,s.registeredPayoutScriptPubKey);const{depositorPubkey:i}=b.validateWalletPubkey(o,s.depositorBtcPubkey);u.push(i);const l=await r.buildPayoutPsbt({payoutTxHex:s.payoutTxHex,peginTxHex:s.peginTxHex,assertTxHex:s.assertTxHex,depositorBtcPubkey:i,vaultProviderBtcPubkey:s.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:s.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:s.universalChallengerBtcPubkeys,timelockPegin:s.timelockPegin,network:this.config.network});n.push(l.psbtHex),a.push(h.createTaprootScriptPathSignOptions(o,1))}const c=await this.config.btcWallet.signPsbts(n,a);if(c.length!==t.length)throw new Error(`Expected ${t.length} signed PSBTs but received ${c.length}`);const y=[];for(let s=0;s<t.length;s++){const i=u[s],l=r.extractPayoutSignature(c[s],i);y.push({payoutSignature:l,depositorBtcPubkey:i})}return y}validatePayoutOutputs(t,o){r.assertPayoutOutputMatchesRegistered(t,o)}}exports.PayoutManager=v;exports.computeHashlock=d;exports.validateSecretAgainstHashlock=B;
+//# sourceMappingURL=PayoutManager-DDnNB0mj.cjs.map

package/dist/PayoutManager-DDnNB0mj.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"PayoutManager-DDnNB0mj.cjs","sources":["../src/tbv/core/services/htlc/index.ts","../src/tbv/core/managers/PayoutManager.ts"],"sourcesContent":["/**\n * HTLC Secret / Hashlock Utilities\n *\n * Pure functions for computing and validating SHA-256 hashlocks used in the\n * vault deposit protocol's HTLC (Hash Time Lock Contract).\n *\n * The SDK does NOT generate secrets — that is the caller's responsibility.\n * Today callers use `crypto.getRandomValues(32)`; when the `deriveContextHash`\n * wallet API ships, callers will use `wallet.deriveContextHash(\"babylon-vault\", ctx)`.\n * These utilities work identically regardless of how the secret was produced.\n *\n * On-chain contract validation (BTCVaultRegistry.activateVaultWithSecret):\n *   if (sha256(abi.encodePacked(s)) != hashlock) revert InvalidSecret();\n *\n * @module htlc\n */\n\nimport { sha256 } from \"@noble/hashes/sha2.js\";\nimport type { Hex } from \"viem\";\n\n/** Expected hex length for a 0x-prefixed bytes32 value. */\nconst HEX_BYTES32_LENGTH = 66; // \"0x\" + 64 hex chars\n\n/**\n * Decode a 0x-prefixed hex string to bytes, with strict validation.\n * @throws if the input is not a valid 0x-prefixed hex string\n */\nfunction hexToBytes(hex: Hex): Uint8Array {\n  if (!hex.startsWith(\"0x\") && !hex.startsWith(\"0X\")) {\n    throw new Error(\"Expected 0x-prefixed hex string\");\n  }\n  const clean = hex.slice(2);\n  if (clean.length % 2 !== 0) {\n    throw new Error(`Hex string has odd length: ${clean.length}`);\n  }\n  if (!/^[0-9a-fA-F]*$/.test(clean)) {\n    throw new Error(\"Hex string contains non-hex characters\");\n  }\n  const bytes = new Uint8Array(clean.length / 2);\n  for (let i = 0; i < bytes.length; i++) {\n    bytes[i] = parseInt(clean.slice(i * 2, i * 2 + 2), 16);\n  }\n  return bytes;\n}\n\n/**\n * Encode a Uint8Array as a 0x-prefixed lowercase hex string.\n */\nfunction bytesToHex(bytes: Uint8Array): Hex {\n  return `0x${Array.from(bytes)\n    .map((b) => b.toString(16).padStart(2, \"0\"))\n    .join(\"\")}`;\n}\n\n/**\n * Validate that a value is a 0x-prefixed bytes32 (exactly 32 bytes).\n * @throws if the value is not exactly 32 bytes\n */\nfunction assertBytes32(value: Hex, label: string): void {\n  if (value.length !== HEX_BYTES32_LENGTH) {\n    throw new Error(\n      `${label} must be exactly 32 bytes (${HEX_BYTES32_LENGTH} hex chars with 0x prefix), got ${value.length}`,\n    );\n  }\n}\n\n/**\n * Compute the SHA-256 hashlock from a secret preimage.\n *\n * Matches the on-chain validation: `sha256(abi.encodePacked(s))` where `s` is a `bytes32`.\n * `abi.encodePacked(bytes32)` is just the raw 32 bytes — no ABI padding.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @returns 0x-prefixed bytes32 SHA-256 hash\n * @throws if secret is not exactly 32 bytes\n */\nexport function computeHashlock(secret: Hex): Hex {\n  assertBytes32(secret, \"Secret\");\n  const secretBytes = hexToBytes(secret);\n  const hash = sha256(secretBytes);\n  return bytesToHex(hash);\n}\n\n/**\n * Validate that a secret's SHA-256 hash matches the expected hashlock.\n *\n * Use this for client-side pre-validation before sending the activation\n * transaction to avoid wasting gas on a contract revert.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @param hashlock - 0x-prefixed bytes32 expected hashlock from the vault\n * @returns true if SHA-256(secret) matches the hashlock\n * @throws if secret or hashlock is not exactly 32 bytes\n */\nexport function validateSecretAgainstHashlock(\n  secret: Hex,\n  hashlock: Hex,\n): boolean {\n  assertBytes32(secret, \"Secret\");\n  assertBytes32(hashlock, \"Hashlock\");\n  // Validate hashlock is valid hex (secret is validated inside computeHashlock)\n  hexToBytes(hashlock);\n\n  const computed = computeHashlock(secret);\n  return computed.toLowerCase() === hashlock.toLowerCase();\n}\n","/**\n * Payout Manager\n *\n * High-level manager that orchestrates the payout signing flow by coordinating\n * SDK primitives ({@link buildPayoutPsbt}, {@link extractPayoutSignature})\n * with a user-provided Bitcoin wallet.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @see {@link PeginManager} - For Steps 1–4 of the peg-in flow\n * @see {@link buildPayoutPsbt} - Lower-level primitive for custom implementations\n * @see {@link extractPayoutSignature} - Extract signatures from signed PSBTs\n *\n * @module managers/PayoutManager\n */\n\nimport type {\n  BitcoinWallet,\n  SignPsbtOptions,\n} from \"../../../shared/wallets\";\nimport { createTaprootScriptPathSignOptions } from \"../utils/signing\";\nimport {\n  assertPayoutOutputMatchesRegistered,\n  buildPayoutPsbt,\n  extractPayoutSignature,\n  validateWalletPubkey,\n  type Network,\n} from \"../primitives\";\n\n/**\n * Configuration for the PayoutManager.\n */\nexport interface PayoutManagerConfig {\n  /**\n   * Bitcoin network to use for transactions.\n   */\n  network: Network;\n\n  /**\n   * Bitcoin wallet for signing payout transactions.\n   */\n  btcWallet: BitcoinWallet;\n}\n\n/**\n * Base parameters shared by both payout transaction types.\n */\ninterface SignPayoutBaseParams {\n  /**\n   * Peg-in transaction hex.\n   * The original transaction that created the vault output being spent.\n   */\n  peginTxHex: string;\n\n  /**\n   * Vault provider's BTC public key (x-only, 64-char hex).\n   */\n  vaultProviderBtcPubkey: string;\n\n  /**\n   * Vault keeper BTC public keys (x-only, 64-char hex).\n   */\n  vaultKeeperBtcPubkeys: string[];\n\n  /**\n   * Universal challenger BTC public keys (x-only, 64-char hex).\n   */\n  universalChallengerBtcPubkeys: string[];\n\n  /**\n   * CSV timelock in blocks for the PegIn output.\n   */\n  timelockPegin: number;\n\n  /**\n   * Depositor's BTC public key (x-only, 64-char hex). This MUST be the\n   * key registered on-chain for the vault — typically read from\n   * `BTCVaultRegistry.getBtcVaultBasicInfo(...).depositorBtcPubKey`.\n   *\n   * Required: omitting it would degrade `validateWalletPubkey` to a\n   * self-comparison, allowing the wrong wallet to produce a signature\n   * over a script tree that doesn't match the on-chain UTXO.\n   */\n  depositorBtcPubkey: string;\n\n  /**\n   * The on-chain registered depositor payout scriptPubKey (hex, with or without 0x prefix).\n   * Used to validate that the VP-provided payout transaction actually pays to the\n   * correct depositor payout address before signing.\n   */\n  registeredPayoutScriptPubKey: string;\n}\n\n/**\n * Parameters for signing a Payout transaction.\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface SignPayoutParams extends SignPayoutBaseParams {\n  /**\n   * Payout transaction hex (unsigned).\n   * This is the transaction from the vault provider that needs depositor signature.\n   */\n  payoutTxHex: string;\n\n  /**\n   * Assert transaction hex.\n   * Payout input 1 references Assert output 0.\n   */\n  assertTxHex: string;\n}\n\n/**\n * Result of signing a payout transaction.\n */\nexport interface PayoutSignatureResult {\n  /**\n   * 64-byte Schnorr signature (128 hex characters).\n   */\n  signature: string;\n\n  /**\n   * Depositor's BTC public key used for signing.\n   */\n  depositorBtcPubkey: string;\n}\n\n/**\n * High-level manager for payout transaction signing.\n *\n * @remarks\n * After registering your peg-in on Ethereum (Step 3), the vault provider prepares\n * claim/payout transaction pairs. You must sign each payout transaction using this\n * manager and submit the signatures to the vault provider's RPC API.\n *\n * **What happens internally:**\n * 1. Validates your wallet's public key matches the vault's depositor\n * 2. Builds an unsigned PSBT with taproot script path spend info\n * 3. Signs input 0 (the vault UTXO) with your wallet\n * 4. Extracts the 64-byte Schnorr signature\n *\n * **Note:** The payout transaction has 2 inputs. PayoutManager only signs input 0\n * (from the peg-in tx). Input 1 (from the assert tx) is signed by the vault provider.\n *\n * @see {@link PeginManager} - For the complete peg-in flow context\n * @see {@link buildPayoutPsbt} - Lower-level primitive used internally\n * @see {@link extractPayoutSignature} - Signature extraction primitive\n */\nexport class PayoutManager {\n  private readonly config: PayoutManagerConfig;\n\n  /**\n   * Creates a new PayoutManager instance.\n   *\n   * @param config - Manager configuration including wallet\n   */\n  constructor(config: PayoutManagerConfig) {\n    this.config = config;\n  }\n\n  /**\n   * Signs a Payout transaction and extracts the Schnorr signature.\n   *\n   * Flow:\n   * 1. Vault provider submits Claim transaction\n   * 2. Claimer submits Assert transaction to prove validity\n   * 3. Payout can be executed (references Assert tx)\n   *\n   * This method orchestrates the following steps:\n   * 1. Get wallet's public key and convert to x-only format\n   * 2. Validate wallet pubkey matches on-chain depositor pubkey (if provided)\n   * 3. Build unsigned PSBT using primitives\n   * 4. Sign PSBT via btcWallet.signPsbt()\n   * 5. Extract 64-byte Schnorr signature using primitives\n   *\n   * The returned signature can be submitted to the vault provider API.\n   *\n   * @param params - Payout signing parameters\n   * @returns Signature result with 64-byte Schnorr signature and depositor pubkey\n   * @throws Error if wallet pubkey doesn't match depositor pubkey\n   * @throws Error if wallet operations fail or signature extraction fails\n   */\n  async signPayoutTransaction(\n    params: SignPayoutParams,\n  ): Promise<PayoutSignatureResult> {\n    // Validate payout TX outputs pay to the registered depositor payout address\n    this.validatePayoutOutputs(\n      params.payoutTxHex,\n      params.registeredPayoutScriptPubKey,\n    );\n\n    // Validate wallet pubkey matches depositor and get both formats\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n    const { depositorPubkey } = validateWalletPubkey(\n      walletPubkeyRaw,\n      params.depositorBtcPubkey,\n    );\n\n    // Build unsigned PSBT for Payout (uses Assert tx)\n    const payoutPsbt = await buildPayoutPsbt({\n      payoutTxHex: params.payoutTxHex,\n      peginTxHex: params.peginTxHex,\n      assertTxHex: params.assertTxHex,\n      depositorBtcPubkey: depositorPubkey,\n      vaultProviderBtcPubkey: params.vaultProviderBtcPubkey,\n      vaultKeeperBtcPubkeys: params.vaultKeeperBtcPubkeys,\n      universalChallengerBtcPubkeys: params.universalChallengerBtcPubkeys,\n      timelockPegin: params.timelockPegin,\n      network: this.config.network,\n    });\n\n    // Sign PSBT via wallet (Taproot script-path spend, input 0 only)\n    const signedPsbtHex = await this.config.btcWallet.signPsbt(\n      payoutPsbt.psbtHex,\n      createTaprootScriptPathSignOptions(walletPubkeyRaw, 1),\n    );\n\n    // Extract Schnorr signature\n    const signature = extractPayoutSignature(signedPsbtHex, depositorPubkey);\n\n    return {\n      signature,\n      depositorBtcPubkey: depositorPubkey,\n    };\n  }\n\n  /**\n   * Gets the configured Bitcoin network.\n   *\n   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)\n   */\n  getNetwork(): Network {\n    return this.config.network;\n  }\n\n  /**\n   * Checks if the wallet supports batch signing (signPsbts).\n   *\n   * @returns true if batch signing is supported\n   */\n  supportsBatchSigning(): boolean {\n    return typeof this.config.btcWallet.signPsbts === \"function\";\n  }\n\n  /**\n   * Batch signs multiple payout transactions (1 per claimer).\n   * This allows signing all transactions with a single wallet interaction.\n   *\n   * @param transactions - Array of payout params to sign\n   * @returns Array of signature results matching input order\n   * @throws Error if wallet doesn't support batch signing\n   * @throws Error if any signing operation fails\n   */\n  async signPayoutTransactionsBatch(\n    transactions: SignPayoutParams[],\n  ): Promise<\n    Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }>\n  > {\n    if (!this.supportsBatchSigning()) {\n      throw new Error(\n        \"Wallet does not support batch signing (signPsbts method not available)\",\n      );\n    }\n\n    // Get wallet pubkey once\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n\n    // Build all PSBTs (1 per claimer)\n    const psbtsToSign: string[] = [];\n    const signOptions: SignPsbtOptions[] = [];\n    const depositorPubkeys: string[] = [];\n\n    for (const tx of transactions) {\n      // Validate payout TX outputs pay to the registered depositor payout address\n      this.validatePayoutOutputs(\n        tx.payoutTxHex,\n        tx.registeredPayoutScriptPubKey,\n      );\n\n      // Validate wallet pubkey matches depositor\n      const { depositorPubkey } = validateWalletPubkey(\n        walletPubkeyRaw,\n        tx.depositorBtcPubkey,\n      );\n      depositorPubkeys.push(depositorPubkey);\n\n      // Build Payout PSBT\n      const payoutPsbt = await buildPayoutPsbt({\n        payoutTxHex: tx.payoutTxHex,\n        peginTxHex: tx.peginTxHex,\n        assertTxHex: tx.assertTxHex,\n        depositorBtcPubkey: depositorPubkey,\n        vaultProviderBtcPubkey: tx.vaultProviderBtcPubkey,\n        vaultKeeperBtcPubkeys: tx.vaultKeeperBtcPubkeys,\n        universalChallengerBtcPubkeys: tx.universalChallengerBtcPubkeys,\n        timelockPegin: tx.timelockPegin,\n        network: this.config.network,\n      });\n      psbtsToSign.push(payoutPsbt.psbtHex);\n      signOptions.push(createTaprootScriptPathSignOptions(walletPubkeyRaw, 1));\n    }\n\n    // Batch sign all PSBTs with single wallet interaction\n    const signedPsbts = await this.config.btcWallet.signPsbts!(\n      psbtsToSign,\n      signOptions,\n    );\n\n    // Validate that wallet returned the expected number of signed PSBTs\n    if (signedPsbts.length !== transactions.length) {\n      throw new Error(\n        `Expected ${transactions.length} signed PSBTs but received ${signedPsbts.length}`,\n      );\n    }\n\n    // Extract signatures from signed PSBTs\n    const results: Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }> = [];\n\n    for (let i = 0; i < transactions.length; i++) {\n      const depositorPubkey = depositorPubkeys[i];\n      const payoutSignature = extractPayoutSignature(\n        signedPsbts[i],\n        depositorPubkey,\n      );\n\n      results.push({\n        payoutSignature,\n        depositorBtcPubkey: depositorPubkey,\n      });\n    }\n\n    return results;\n  }\n\n  /**\n   * Validates that the payout transaction's largest output pays to the\n   * registered depositor payout address (scriptPubKey).\n   *\n   * This prevents two attack vectors from a malicious vault provider:\n   * 1. Substituting a completely different payout address\n   * 2. Including a dust output to the correct address while routing\n   *    the actual funds to an attacker-controlled address\n   *\n   * @param payoutTxHex - Raw payout transaction hex\n   * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n   * @throws Error if scriptPubKey is invalid hex\n   * @throws Error if the largest output does not pay to the registered address\n   */\n  private validatePayoutOutputs(\n    payoutTxHex: string,\n    registeredPayoutScriptPubKey: string,\n  ): void {\n    assertPayoutOutputMatchesRegistered(\n      payoutTxHex,\n      registeredPayoutScriptPubKey,\n    );\n  }\n}\n"],"names":["HEX_BYTES32_LENGTH","hexToBytes","hex","clean","bytes","i","bytesToHex","b","assertBytes32","value","label","computeHashlock","secret","secretBytes","hash","sha256","validateSecretAgainstHashlock","hashlock","PayoutManager","config","__publicField","params","walletPubkeyRaw","depositorPubkey","validateWalletPubkey","payoutPsbt","buildPayoutPsbt","signedPsbtHex","createTaprootScriptPathSignOptions","extractPayoutSignature","transactions","psbtsToSign","signOptions","depositorPubkeys","tx","signedPsbts","results","payoutSignature","payoutTxHex","registeredPayoutScriptPubKey","assertPayoutOutputMatchesRegistered"],"mappings":"0XAqBMA,EAAqB,GAM3B,SAASC,EAAWC,EAAsB,CACxC,GAAI,CAACA,EAAI,WAAW,IAAI,GAAK,CAACA,EAAI,WAAW,IAAI,EAC/C,MAAM,IAAI,MAAM,iCAAiC,EAEnD,MAAMC,EAAQD,EAAI,MAAM,CAAC,EACzB,GAAIC,EAAM,OAAS,IAAM,EACvB,MAAM,IAAI,MAAM,8BAA8BA,EAAM,MAAM,EAAE,EAE9D,GAAI,CAAC,iBAAiB,KAAKA,CAAK,EAC9B,MAAM,IAAI,MAAM,wCAAwC,EAE1D,MAAMC,EAAQ,IAAI,WAAWD,EAAM,OAAS,CAAC,EAC7C,QAASE,EAAI,EAAGA,EAAID,EAAM,OAAQC,IAChCD,EAAMC,CAAC,EAAI,SAASF,EAAM,MAAME,EAAI,EAAGA,EAAI,EAAI,CAAC,EAAG,EAAE,EAEvD,OAAOD,CACT,CAKA,SAASE,EAAWF,EAAwB,CAC1C,MAAO,KAAK,MAAM,KAAKA,CAAK,EACzB,IAAKG,GAAMA,EAAE,SAAS,EAAE,EAAE,SAAS,EAAG,GAAG,CAAC,EAC1C,KAAK,EAAE,CAAC,EACb,CAMA,SAASC,EAAcC,EAAYC,EAAqB,CACtD,GAAID,EAAM,SAAWT,EACnB,MAAM,IAAI,MACR,GAAGU,CAAK,8BAA8BV,CAAkB,mCAAmCS,EAAM,MAAM,EAAA,CAG7G,CAYO,SAASE,EAAgBC,EAAkB,CAChDJ,EAAcI,EAAQ,QAAQ,EAC9B,MAAMC,EAAcZ,EAAWW,CAAM,EAC/BE,EAAOC,EAAAA,OAAOF,CAAW,EAC/B,OAAOP,EAAWQ,CAAI,CACxB,CAaO,SAASE,EACdJ,EACAK,EACS,CACT,OAAAT,EAAcI,EAAQ,QAAQ,EAC9BJ,EAAcS,EAAU,UAAU,EAElChB,EAAWgB,CAAQ,EAEFN,EAAgBC,CAAM,EACvB,gBAAkBK,EAAS,YAAA,CAC7C,CC4CO,MAAMC,CAAc,CAQzB,YAAYC,EAA6B,CAPxBC,EAAA,eAQf,KAAK,OAASD,CAChB,CAwBA,MAAM,sBACJE,EACgC,CAEhC,KAAK,sBACHA,EAAO,YACPA,EAAO,4BAAA,EAIT,MAAMC,EAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,EAC9C,CAAE,gBAAAC,GAAoBC,EAAAA,qBAC1BF,EACAD,EAAO,kBAAA,EAIHI,EAAa,MAAMC,kBAAgB,CACvC,YAAaL,EAAO,YACpB,WAAYA,EAAO,WACnB,YAAaA,EAAO,YACpB,mBAAoBE,EACpB,uBAAwBF,EAAO,uBAC/B,sBAAuBA,EAAO,sBAC9B,8BAA+BA,EAAO,8BACtC,cAAeA,EAAO,cACtB,QAAS,KAAK,OAAO,OAAA,CACtB,EAGKM,EAAgB,MAAM,KAAK,OAAO,UAAU,SAChDF,EAAW,QACXG,EAAAA,mCAAmCN,EAAiB,CAAC,CAAA,EAMvD,MAAO,CACL,UAHgBO,EAAAA,uBAAuBF,EAAeJ,CAAe,EAIrE,mBAAoBA,CAAA,CAExB,CAOA,YAAsB,CACpB,OAAO,KAAK,OAAO,OACrB,CAOA,sBAAgC,CAC9B,OAAO,OAAO,KAAK,OAAO,UAAU,WAAc,UACpD,CAWA,MAAM,4BACJO,EAMA,CACA,GAAI,CAAC,KAAK,uBACR,MAAM,IAAI,MACR,wEAAA,EAKJ,MAAMR,EAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,EAG9CS,EAAwB,CAAA,EACxBC,EAAiC,CAAA,EACjCC,EAA6B,CAAA,EAEnC,UAAWC,KAAMJ,EAAc,CAE7B,KAAK,sBACHI,EAAG,YACHA,EAAG,4BAAA,EAIL,KAAM,CAAE,gBAAAX,GAAoBC,EAAAA,qBAC1BF,EACAY,EAAG,kBAAA,EAELD,EAAiB,KAAKV,CAAe,EAGrC,MAAME,EAAa,MAAMC,kBAAgB,CACvC,YAAaQ,EAAG,YAChB,WAAYA,EAAG,WACf,YAAaA,EAAG,YAChB,mBAAoBX,EACpB,uBAAwBW,EAAG,uBAC3B,sBAAuBA,EAAG,sBAC1B,8BAA+BA,EAAG,8BAClC,cAAeA,EAAG,cAClB,QAAS,KAAK,OAAO,OAAA,CACtB,EACDH,EAAY,KAAKN,EAAW,OAAO,EACnCO,EAAY,KAAKJ,EAAAA,mCAAmCN,EAAiB,CAAC,CAAC,CACzE,CAGA,MAAMa,EAAc,MAAM,KAAK,OAAO,UAAU,UAC9CJ,EACAC,CAAA,EAIF,GAAIG,EAAY,SAAWL,EAAa,OACtC,MAAM,IAAI,MACR,YAAYA,EAAa,MAAM,8BAA8BK,EAAY,MAAM,EAAA,EAKnF,MAAMC,EAGD,CAAA,EAEL,QAAS/B,EAAI,EAAGA,EAAIyB,EAAa,OAAQzB,IAAK,CAC5C,MAAMkB,EAAkBU,EAAiB5B,CAAC,EACpCgC,EAAkBR,EAAAA,uBACtBM,EAAY9B,CAAC,EACbkB,CAAA,EAGFa,EAAQ,KAAK,CACX,gBAAAC,EACA,mBAAoBd,CAAA,CACrB,CACH,CAEA,OAAOa,CACT,CAgBQ,sBACNE,EACAC,EACM,CACNC,EAAAA,oCACEF,EACAC,CAAA,CAEJ,CACF"}

package/dist/PeginManager-BXg2S1mH.cjs

@@ -0,0 +1,2 @@
+"use strict";var Zt=Object.defineProperty;var Yt=(e,t,n)=>t in e?Zt(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n;var P=(e,t,n)=>Yt(e,typeof t!="symbol"?t+"":t,n);const h=require("./sha2-CsTynrfJ.cjs"),X=require("bitcoinjs-lib"),Y=require("buffer"),C=require("viem"),R=require("./BTCVaultRegistry.abi-ZdPpION2.cjs"),S=require("./errors-BP73_stm.cjs"),it=require("@babylonlabs-io/babylon-tbv-rust-wasm"),v=require("./peginInput-tbw9BpZy.cjs"),d=require("./bitcoin-B3aqjuMP.cjs"),Qt=require("./signing-Bnsro0hE.cjs"),at=require("./validation-u8W7Lp2x.cjs"),Jt=require("./PayoutManager-DDnNB0mj.cjs"),$=require("./psbtInputFields-B1lrwYzH.cjs"),ct=require("./fundPeginTransaction-DaWoYCgO.cjs"),Tt=require("./mempoolApi-YNkKjQCU.cjs");function te(e){const t=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(e){for(const n in e)if(n!=="default"){const s=Object.getOwnPropertyDescriptor(e,n);Object.defineProperty(t,n,s.get?s:{enumerable:!0,get:()=>e[n]})}}return t.default=e,Object.freeze(t)}const kt=te(X),V=BigInt(2**32-1),lt=BigInt(32);function ee(e,t=!1){return t?{h:Number(e&V),l:Number(e>>lt&V)}:{h:Number(e>>lt&V)|0,l:Number(e&V)|0}}function ne(e,t=!1){const n=e.length;let s=new Uint32Array(n),o=new Uint32Array(n);for(let r=0;r<n;r++){const{h:i,l:a}=ee(e[r],t);[s[r],o[r]]=[i,a]}return[s,o]}const se=(e,t,n)=>e<<n|t>>>32-n,oe=(e,t,n)=>t<<n|e>>>32-n,re=(e,t,n)=>t<<n-32|e>>>64-n,ie=(e,t,n)=>e<<n-32|t>>>64-n,ae=106,ce=32,ut=34;function le(e,t,n){const s=d.stripHexPrefix(e),o=kt.Transaction.fromHex(s);if(o.outs.length<=t)throw new Error(`Pre-PegIn auth-anchor OP_RETURN missing: tx has ${o.outs.length} outputs, expected at least ${t+1} (vault outputs + OP_RETURN)`);const r=o.outs[t],i=r.script;if(i.length!==ut||i[0]!==ae||i[1]!==ce)throw new Error(`Pre-PegIn auth-anchor OP_RETURN at vout ${t} has unexpected script encoding (got ${i.length}-byte script with prefix 0x${i.slice(0,Math.min(2,i.length)).toString("hex")}; expected ${ut}-byte OP_RETURN + PUSH32 layout)`);const a=i.slice(2).toString("hex").toLowerCase();if(a!==n.toLowerCase())throw new Error(`Pre-PegIn auth-anchor OP_RETURN payload mismatch at vout ${t}: tx pushes ${a}, expected ${n}`);if(r.value!==0)throw new Error(`Pre-PegIn auth-anchor OP_RETURN at vout ${t} has non-zero value ${r.value}; OP_RETURN outputs must be 0-value`)}class _t{constructor(t,n){P(this,"oHash");P(this,"iHash");P(this,"blockLen");P(this,"outputLen");P(this,"finished",!1);P(this,"destroyed",!1);if(h.ahash(t),h.abytes(n,void 0,"key"),this.iHash=t.create(),typeof this.iHash.update!="function")throw new Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const s=this.blockLen,o=new Uint8Array(s);o.set(n.length>s?t.create().update(n).digest():n);for(let r=0;r<o.length;r++)o[r]^=54;this.iHash.update(o),this.oHash=t.create();for(let r=0;r<o.length;r++)o[r]^=106;this.oHash.update(o),h.clean(o)}update(t){return h.aexists(this),this.iHash.update(t),this}digestInto(t){h.aexists(this),h.abytes(t,this.outputLen,"output"),this.finished=!0,this.iHash.digestInto(t),this.oHash.update(t),this.oHash.digestInto(t),this.destroy()}digest(){const t=new Uint8Array(this.oHash.outputLen);return this.digestInto(t),t}_cloneInto(t){t||(t=Object.create(Object.getPrototypeOf(this),{}));const{oHash:n,iHash:s,finished:o,destroyed:r,blockLen:i,outputLen:a}=this;return t=t,t.finished=o,t.destroyed=r,t.blockLen=i,t.outputLen=a,t.oHash=n._cloneInto(t.oHash),t.iHash=s._cloneInto(t.iHash),t}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const Ht=(e,t,n)=>new _t(e,t).update(n).digest();Ht.create=(e,t)=>new _t(e,t);const D=Uint8Array.of(0),ht=Uint8Array.of();function et(e,t,n,s=32){h.ahash(e),h.anumber(s,"length");const o=e.outputLen;if(s>255*o)throw new Error("Length must be <= 255*HashLen");const r=Math.ceil(s/o);n===void 0?n=ht:h.abytes(n,void 0,"info");const i=new Uint8Array(r*o),a=Ht.create(e,t),l=a._cloneInto(),u=new Uint8Array(a.outputLen);for(let c=0;c<r;c++)D[0]=c+1,l.update(c===0?ht:u).update(n).update(D).digestInto(u),i.set(u,o*c),a._cloneInto(l);return a.destroy(),l.destroy(),h.clean(u,D),i.slice(0,s)}const q=new TextEncoder().encode("babylonvault"),dt=255,ft=65535,gt=2,ue="hashlock",he="auth-anchor",de="wots-seed";function At(e){if(!Number.isInteger(e)||e<0||e>4294967295)throw new Error(`i2osp4: value must be a u32, got ${e}`);const t=new Uint8Array(4);return t[0]=e>>>24&255,t[1]=e>>>16&255,t[2]=e>>>8&255,t[3]=e&255,t}function nt(e,t=new Uint8Array(0)){const n=new TextEncoder().encode(e);if(n.length===0||n.length>dt)throw new Error(`info: label length must be in [1, ${dt}], got ${n.length}`);if(t.length>ft)throw new Error(`info: ctx length must be in [0, ${ft}], got ${t.length}`);const s=q.length+1+n.length+gt+t.length,o=new Uint8Array(s);let r=0;return o.set(q,r),r+=q.length,o[r]=n.length,r+=1,o.set(n,r),r+=n.length,o[r]=t.length>>>8&255,o[r+1]=t.length&255,r+=gt,o.set(t,r),o}const pt=32,fe=32,ge=32,pe=64;function st(e){if(e.length!==pt)throw new Error(`vault-secrets: root must be exactly ${pt} bytes, got ${e.length}`)}function It(e){return st(e),et(h.sha256,e,nt(he),fe)}function Bt(e,t){return st(e),et(h.sha256,e,nt(ue,At(t)),ge)}function St(e,t){return st(e),et(h.sha256,e,nt(de,At(t)),pe)}const N=32,j=32,Q=36,vt=32,K=4,me=K+N+K+vt;function J(e,t,n){e[t]=n>>>24&255,e[t+1]=n>>>16&255,e[t+2]=n>>>8&255,e[t+3]=n&255}function xe(e){if(e.txid.length!==j)throw new Error(`outpoint.txid must be exactly ${j} bytes, got ${e.txid.length}`);if(!Number.isInteger(e.vout)||e.vout<0||e.vout>4294967295)throw new Error(`outpoint.vout must be a u32, got ${e.vout}`);const t=new Uint8Array(Q);return t.set(e.txid,0),J(t,j,e.vout),t}function mt(e,t){const n=Math.min(e.length,t.length);for(let s=0;s<n;s++)if(e[s]!==t[s])return e[s]-t[s];return e.length-t.length}function Ot(e){if(e.length===0)throw new Error("buildFundingOutpointsCommitment: outpoints must be non-empty");const t=e.map(xe);t.sort(mt);for(let s=1;s<t.length;s++)if(mt(t[s-1],t[s])===0)throw new Error("buildFundingOutpointsCommitment: duplicate outpoint detected");const n=new Uint8Array(t.length*Q);for(let s=0;s<t.length;s++)n.set(t[s],s*Q);return h.sha256(n)}function Ct(e){if(e.depositorBtcPubkey.length!==N)throw new Error(`vaultContext: depositorBtcPubkey must be exactly ${N} bytes, got ${e.depositorBtcPubkey.length}`);const t=Ot(e.fundingOutpoints),n=new Uint8Array(me);let s=0;return J(n,s,N),s+=K,n.set(e.depositorBtcPubkey,s),s+=N,J(n,s,vt),s+=K,n.set(t,s),n}const Rt="babylon-vault",$t=32,xt=$t*2,Pe=/^[0-9a-f]+$/;async function Ut(e,t){const n=Ct(t),s=d.uint8ArrayToHex(n),o=await e.deriveContextHash(Rt,s);if(typeof o!="string")throw new Error(`deriveVaultRoot: wallet must return a string, got ${typeof o}`);if(o.length!==xt)throw new Error(`deriveVaultRoot: wallet must return a ${xt}-character hex string (${$t} bytes), got length ${o.length}`);if(!Pe.test(o))throw new Error("deriveVaultRoot: wallet must return lowercase hex per derive-context-hash.md §2.1; got value with non-lowercase or non-hex characters");return d.hexToUint8Array(o)}const we=Uint8Array.from([7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8]),Lt=Uint8Array.from(new Array(16).fill(0).map((e,t)=>t)),be=Lt.map(e=>(9*e+5)%16),Nt=(()=>{const n=[[Lt],[be]];for(let s=0;s<4;s++)for(let o of n)o.push(o[s].map(r=>we[r]));return n})(),Vt=Nt[0],Wt=Nt[1],Mt=[[11,14,15,12,5,8,7,9,11,13,14,15,6,7,9,8],[12,13,11,15,6,9,9,7,12,15,11,13,7,8,7,7],[13,15,14,11,7,7,6,8,13,14,13,12,5,5,6,9],[14,11,12,14,8,6,5,5,15,12,15,14,9,9,8,6],[15,12,13,13,9,5,8,6,14,11,12,11,8,6,5,5]].map(e=>Uint8Array.from(e)),ye=Vt.map((e,t)=>e.map(n=>Mt[t][n])),Ee=Wt.map((e,t)=>e.map(n=>Mt[t][n])),Te=Uint32Array.from([0,1518500249,1859775393,2400959708,2840853838]),ke=Uint32Array.from([1352829926,1548603684,1836072691,2053994217,0]);function Pt(e,t,n,s){return e===0?t^n^s:e===1?t&n|~t&s:e===2?(t|~n)^s:e===3?t&s|n&~s:t^(n|~s)}const W=new Uint32Array(16);class _e extends h.HashMD{constructor(){super(64,20,8,!0);P(this,"h0",1732584193);P(this,"h1",-271733879);P(this,"h2",-1732584194);P(this,"h3",271733878);P(this,"h4",-1009589776)}get(){const{h0:n,h1:s,h2:o,h3:r,h4:i}=this;return[n,s,o,r,i]}set(n,s,o,r,i){this.h0=n|0,this.h1=s|0,this.h2=o|0,this.h3=r|0,this.h4=i|0}process(n,s){for(let f=0;f<16;f++,s+=4)W[f]=n.getUint32(s,!0);let o=this.h0|0,r=o,i=this.h1|0,a=i,l=this.h2|0,u=l,c=this.h3|0,w=c,b=this.h4|0,y=b;for(let f=0;f<5;f++){const m=4-f,_=Te[f],I=ke[f],g=Vt[f],T=Wt[f],p=ye[f],k=Ee[f];for(let E=0;E<16;E++){const x=h.rotl(o+Pt(f,i,l,c)+W[g[E]]+_,p[E])+b|0;o=b,b=c,c=h.rotl(l,10)|0,l=i,i=x}for(let E=0;E<16;E++){const x=h.rotl(r+Pt(m,a,u,w)+W[T[E]]+I,k[E])+y|0;r=y,y=w,w=h.rotl(u,10)|0,u=a,a=x}}this.set(this.h1+l+w|0,this.h2+c+y|0,this.h3+b+r|0,this.h4+o+a|0,this.h0+i+u|0)}roundClean(){h.clean(W)}destroy(){this.destroyed=!0,h.clean(this.buffer),this.set(0,0,0,0,0)}}const He=h.createHasher(()=>new _e),Ae=BigInt(0),U=BigInt(1),Ie=BigInt(2),Be=BigInt(7),Se=BigInt(256),ve=BigInt(113),Ft=[],Xt=[],Kt=[];for(let e=0,t=U,n=1,s=0;e<24;e++){[n,s]=[s,(2*n+3*s)%5],Ft.push(2*(5*s+n)),Xt.push((e+1)*(e+2)/2%64);let o=Ae;for(let r=0;r<7;r++)t=(t<<U^(t>>Be)*ve)%Se,t&Ie&&(o^=U<<(U<<BigInt(r))-U);Kt.push(o)}const Dt=ne(Kt,!0),Oe=Dt[0],Ce=Dt[1],wt=(e,t,n)=>n>32?re(e,t,n):se(e,t,n),bt=(e,t,n)=>n>32?ie(e,t,n):oe(e,t,n);function Re(e,t=24){const n=new Uint32Array(10);for(let s=24-t;s<24;s++){for(let i=0;i<10;i++)n[i]=e[i]^e[i+10]^e[i+20]^e[i+30]^e[i+40];for(let i=0;i<10;i+=2){const a=(i+8)%10,l=(i+2)%10,u=n[l],c=n[l+1],w=wt(u,c,1)^n[a],b=bt(u,c,1)^n[a+1];for(let y=0;y<50;y+=10)e[i+y]^=w,e[i+y+1]^=b}let o=e[2],r=e[3];for(let i=0;i<24;i++){const a=Xt[i],l=wt(o,r,a),u=bt(o,r,a),c=Ft[i];o=e[c],r=e[c+1],e[c]=l,e[c+1]=u}for(let i=0;i<50;i+=10){for(let a=0;a<10;a++)n[a]=e[i+a];for(let a=0;a<10;a++)e[i+a]^=~n[(a+2)%10]&n[(a+4)%10]}e[0]^=Oe[s],e[1]^=Ce[s]}h.clean(n)}class ot{constructor(t,n,s,o=!1,r=24){P(this,"state");P(this,"pos",0);P(this,"posOut",0);P(this,"finished",!1);P(this,"state32");P(this,"destroyed",!1);P(this,"blockLen");P(this,"suffix");P(this,"outputLen");P(this,"enableXOF",!1);P(this,"rounds");if(this.blockLen=t,this.suffix=n,this.outputLen=s,this.enableXOF=o,this.rounds=r,h.anumber(s,"outputLen"),!(0<t&&t<200))throw new Error("only keccak-f1600 function is supported");this.state=new Uint8Array(200),this.state32=h.u32(this.state)}clone(){return this._cloneInto()}keccak(){h.swap32IfBE(this.state32),Re(this.state32,this.rounds),h.swap32IfBE(this.state32),this.posOut=0,this.pos=0}update(t){h.aexists(this),h.abytes(t);const{blockLen:n,state:s}=this,o=t.length;for(let r=0;r<o;){const i=Math.min(n-this.pos,o-r);for(let a=0;a<i;a++)s[this.pos++]^=t[r++];this.pos===n&&this.keccak()}return this}finish(){if(this.finished)return;this.finished=!0;const{state:t,suffix:n,pos:s,blockLen:o}=this;t[s]^=n,(n&128)!==0&&s===o-1&&this.keccak(),t[o-1]^=128,this.keccak()}writeInto(t){h.aexists(this,!1),h.abytes(t),this.finish();const n=this.state,{blockLen:s}=this;for(let o=0,r=t.length;o<r;){this.posOut>=s&&this.keccak();const i=Math.min(s-this.posOut,r-o);t.set(n.subarray(this.posOut,this.posOut+i),o),this.posOut+=i,o+=i}return t}xofInto(t){if(!this.enableXOF)throw new Error("XOF is not possible for this instance");return this.writeInto(t)}xof(t){return h.anumber(t),this.xofInto(new Uint8Array(t))}digestInto(t){if(h.aoutput(t,this),this.finished)throw new Error("digest() was already called");return this.writeInto(t),this.destroy(),t}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,h.clean(this.state)}_cloneInto(t){const{blockLen:n,suffix:s,outputLen:o,rounds:r,enableXOF:i}=this;return t||(t=new ot(n,s,o,i,r)),t.state32.set(this.state32),t.pos=this.pos,t.posOut=this.posOut,t.finished=this.finished,t.rounds=r,t.suffix=s,t.outputLen=o,t.enableXOF=i,t.destroyed=this.destroyed,t}}const $e=(e,t,n,s={})=>h.createHasher(()=>new ot(t,e,n),s),Ue=$e(1,136,32),yt=64,A=20,tt=4,qt=2,Le=0,Ne=1,M=[64,64],Ve=e=>Array.from(e).map(t=>t.toString(16).padStart(2,"0")).join("");function rt(e){return He(h.sha256(e))}function jt(e){return(1<<e)-1}function We(e){let t=1;for(;t*t<e+1;)t++;return Math.max(t,2)}function Me(e){const t=tt,n=e*jt(t);return{d:t,n:e,checksum_radix:We(n)}}function z(e,t){const n=[];let s=t;for(;s>0;)n.push(s&255),s>>>=8;const o=new Uint8Array(e.length+n.length);o.set(e);for(let r=0;r<n.length;r++)o[e.length+r]=n[r];return rt(o)}function G(e,t){let n=e;for(let s=0;s<t;s++)n=rt(n);return n}function Fe(e,t){const n=jt(t.d),s=t.checksum_radix-1,o=Math.floor(t.n*n/t.checksum_radix),r=[];for(let c=0;c<t.n;c++){const w=z(e,c+qt),b=G(w,n);r.push(Array.from(b))}const i=z(e,Le),a=G(i,s),l=z(e,Ne),u=G(l,o);return{config:t,message_terminals:r,checksum_major_terminal:Array.from(u),checksum_minor_terminal:Array.from(a)}}async function zt(e){try{if(e.length!==yt)throw new Error(`WOTS seed must be exactly ${yt} bytes, got ${e.length}`);const t=[];for(let n=0;n<M.length;n++){const s=M[n],o=Me(s),r=new Uint8Array(e.length+1);r.set(e),r[e.length]=n;const i=rt(r);try{const a=Fe(i,o);if(a.config.d!==tt)throw new Error(`Block ${n}: expected d=${tt}, got d=${a.config.d}`);if(a.config.n!==s)throw new Error(`Block ${n}: expected n=${s}, got n=${a.config.n}`);if(a.message_terminals.length!==s)throw new Error(`Block ${n}: expected ${s} message terminals, got ${a.message_terminals.length}`);for(let l=0;l<a.message_terminals.length;l++)if(a.message_terminals[l].length!==A)throw new Error(`Block ${n} terminal ${l}: expected ${A} bytes, got ${a.message_terminals[l].length}`);if(a.checksum_minor_terminal.length!==A)throw new Error(`Block ${n} checksum_minor: expected ${A} bytes`);if(a.checksum_major_terminal.length!==A)throw new Error(`Block ${n} checksum_major: expected ${A} bytes`);t.push(a)}finally{r.fill(0),i.fill(0)}}if(t.length!==M.length)throw new Error(`Expected ${M.length} blocks, got ${t.length}`);return t}finally{e.fill(0)}}function Z(e,t,n){if(e.length!==A)throw new Error(`Block ${t} ${n}: expected ${A} bytes, got ${e.length}`);for(let s=0;s<e.length;s++){const o=e[s];if(!Number.isInteger(o)||o<0||o>255)throw new Error(`Block ${t} ${n}[${s}]: invalid byte value ${o}`)}}function Gt(e){if(e.length===0)throw new Error("Public keys array must not be empty");for(let r=0;r<e.length;r++){const i=e[r];Z(i.checksum_minor_terminal,r,"checksum_minor_terminal"),Z(i.checksum_major_terminal,r,"checksum_major_terminal");for(let a=0;a<i.message_terminals.length;a++)Z(i.message_terminals[a],r,`message_terminal[${a}]`)}let t=0;for(const r of e)t+=qt+r.message_terminals.length;const n=new Uint8Array(t*A);let s=0;for(const r of e){n.set(r.checksum_minor_terminal,s),s+=A,n.set(r.checksum_major_terminal,s),s+=A;for(const i of r.message_terminals)n.set(i,s),s+=A}const o=Ue(n);return`0x${Ve(o)}`}async function Xe(e,t){const n=[],s=[],o=[],r=[];try{for(let i=0;i<t;i++){const a=St(e,i);try{const u=await zt(a);n.push(u),s.push(Gt(u))}finally{a.fill(0)}const l=Bt(e,i);try{const u=d.uint8ArrayToHex(l);o.push(u),r.push(Jt.computeHashlock(d.ensureHexPrefix(u)).slice(2))}finally{l.fill(0)}}}finally{e.fill(0)}return{perVaultWotsKeys:n,wotsPkHashes:s,htlcSecretHexes:o,hashlocks:r}}const Ke=/^0x[0-9a-f]+$/i,De=/^[0-9a-f]+$/i,qe=/^[A-Za-z0-9+/]+={0,2}$/;function L(e){if(typeof e!="string"||e.length===0)throw new Error("BTC wallet returned empty public key");return d.processPublicKeyToXOnly(e).toLowerCase()}function je(e){if(typeof e!="string"||e.length===0)throw new Error("BTC wallet returned empty BIP-322 signature");if(e.startsWith("0x")||e.startsWith("0X")){if(!Ke.test(e)||e.length<4||e.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return e.toLowerCase()}if(De.test(e)){if(e.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return`0x${e.toLowerCase()}`}if(!qe.test(e)||e.length%4!==0)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");const t=Y.Buffer.from(e,"base64");if(t.length===0||t.toString("base64")!==e)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");return`0x${t.toString("hex")}`}async function ze(e,t,n){if(typeof e.signPsbts=="function"){const o=await e.signPsbts(t,n);if(o.length!==t.length)throw new Error(`Expected ${t.length} signed PSBTs but received ${o.length}`);return o}const s=[];for(let o=0;o<t.length;o++){const r=await e.signPsbt(t[o],n[o]);s.push(r)}return s}const Ge=0,F="00".repeat(32);function Ze(e,t,n,s){const o=n==null?void 0:n[`${e}:${t}`];return o?Promise.resolve({txid:e,vout:t,value:o.value,scriptPubKey:o.scriptPubKey}):Tt.getUtxoInfo(e,t,s)}const Et=12e4;class Ye{constructor(t){P(this,"config");this.config=t}async preparePegin(t){if(t.amounts.length===0)throw new Error("amounts must contain at least one entry");const n=await this.config.btcWallet.getPublicKeyHex(),s=L(n),o=await this.prepareSizing(s,t),r=o.selectedUTXOs.map(m=>({txid:d.hexToUint8Array(m.txid),vout:m.vout})),i=await Ut(this.config.btcWallet,{depositorBtcPubkey:d.hexToUint8Array(s),fundingOutpoints:r});let a,l;try{const m=It(i);try{a=d.uint8ArrayToHex(m),l=d.uint8ArrayToHex(h.sha256(m))}finally{m.fill(0)}}catch(m){throw i.fill(0),m}const u=await Xe(i,t.amounts.length),{perVaultWotsKeys:c,wotsPkHashes:w,htlcSecretHexes:b,hashlocks:y}=u,f=await this.preparePeginCommit({depositorBtcPubkeyRaw:n,depositorBtcPubkey:s,hashlocks:y,authAnchorHash:l,sizing:o,params:t});for(let m=0;m<f.perVault.length;m++)if(f.perVault[m].htlcVout!==m)throw new Error(`Internal invariant violation: htlcVout/index mismatch at vault ${m} (expected ${m}, got ${f.perVault[m].htlcVout})`);return le(f.fundedPrePeginTxHex,t.amounts.length,l),{transaction:{...f,selectedUTXOs:o.selectedUTXOs,fee:o.fee,changeAmount:o.changeAmount},depositorBtcPubkey:s,derivedSecrets:{perVaultWotsKeys:c,wotsPkHashes:w,htlcSecretHexes:b,authAnchorHex:a}}}async prepareSizing(t,n){const s=n.amounts.map(()=>F),o=n.vaultKeeperBtcPubkeys.length,r=await v.buildPrePeginPsbt({depositorPubkey:t,vaultProviderPubkey:d.stripHexPrefix(n.vaultProviderBtcPubkey),vaultKeeperPubkeys:n.vaultKeeperBtcPubkeys.map(d.stripHexPrefix),universalChallengerPubkeys:n.universalChallengerBtcPubkeys.map(d.stripHexPrefix),hashlocks:s,timelockRefund:n.timelockRefund,pegInAmounts:n.amounts,feeRate:n.protocolFeeRate,numLocalChallengers:o,councilQuorum:n.councilQuorum,councilSize:n.councilSize,network:this.config.btcNetwork,authAnchorHash:F}),i=$.selectUtxosForPegin([...n.availableUTXOs],r.totalOutputValue,n.mempoolFeeRate,ct.peginOutputCount(r.htlcValues.length,F));return{selectedUTXOs:i.selectedUTXOs,fee:i.fee,changeAmount:i.changeAmount}}async preparePeginCommit(t){const{depositorBtcPubkeyRaw:n,depositorBtcPubkey:s,hashlocks:o,authAnchorHash:r,sizing:i,params:a}=t,l=F.toLowerCase();for(let x=0;x<o.length;x++)if(o[x].toLowerCase()===l)throw new Error(`preparePeginCommit refusing to build with sizing-pass placeholder hashlock at vault ${x} — internal substitution bug`);if(r.toLowerCase()===l)throw new Error("preparePeginCommit refusing to build with sizing-pass placeholder auth-anchor hash — internal substitution bug");const u=d.stripHexPrefix(a.vaultProviderBtcPubkey),c=a.vaultKeeperBtcPubkeys.map(d.stripHexPrefix),w=a.universalChallengerBtcPubkeys.map(d.stripHexPrefix),b=c.length,y={depositorPubkey:s,vaultProviderPubkey:u,vaultKeeperPubkeys:c,universalChallengerPubkeys:w,hashlocks:o,timelockRefund:a.timelockRefund,pegInAmounts:a.amounts,feeRate:a.protocolFeeRate,numLocalChallengers:b,councilQuorum:a.councilQuorum,councilSize:a.councilSize,network:this.config.btcNetwork,authAnchorHash:r},f=await v.buildPrePeginPsbt(y),m=d.getNetwork(this.config.btcNetwork),_=ct.fundPeginTransaction({unfundedTxHex:f.psbtHex,selectedUTXOs:i.selectedUTXOs,changeAddress:a.changeAddress,changeAmount:i.changeAmount,network:m}),I=d.stripHexPrefix($.calculateBtcTxHash(_)),g=[],T=[],p=[];for(let x=0;x<o.length;x++){const H=await v.buildPeginTxFromFundedPrePegin({prePeginParams:y,timelockPegin:a.timelockPegin,fundedPrePeginTxHex:_,htlcVout:x}),B=await v.buildPeginInputPsbt({peginTxHex:H.txHex,fundedPrePeginTxHex:_,depositorPubkey:s,vaultProviderPubkey:u,vaultKeeperPubkeys:c,universalChallengerPubkeys:w,hashlock:o[x],timelockRefund:a.timelockRefund,network:this.config.btcNetwork});g.push(H),T.push(B.psbtHex),p.push(Qt.createTaprootScriptPathSignOptions(n,1))}const k=await ze(this.config.btcWallet,T,p),E=[];for(let x=0;x<k.length;x++){const H=v.extractPeginInputSignature(k[x],s),B=v.finalizePeginInputPsbt(k[x]);E.push({htlcVout:x,htlcValue:f.htlcValues[x],peginTxHex:B,peginTxid:g[x].txid,peginInputSignature:H,vaultScriptPubKey:g[x].vaultScriptPubKey})}return{fundedPrePeginTxHex:_,prePeginTxid:I,perVault:E}}async signAndBroadcast(t){const{fundedPrePeginTxHex:n,depositorBtcPubkey:s}=t,o=n.startsWith("0x")?n.slice(2):n,r=X.Transaction.fromHex(o);if(r.ins.length===0)throw new Error("Transaction has no inputs");const i=new X.Psbt;i.setVersion(r.version),i.setLocktime(r.locktime);const a=Y.Buffer.from(L(s),"hex"),l=this.config.mempoolApiUrl,u=r.ins.map(g=>{const T=Y.Buffer.from(g.hash).reverse().toString("hex"),p=g.index;return Ze(T,p,t.localPrevouts,l).then(k=>({input:g,utxoData:k,txid:T,vout:p}))}),c=await Promise.all(u),w=c.reduce((g,T)=>g+BigInt(T.utxoData.value),0n),b=r.outs.reduce((g,T)=>g+BigInt(T.value),0n);if(w<b)throw new Error(`UTXO value mismatch: total input value (${w} sat) is less than total output value (${b} sat). This may indicate the mempool API returned manipulated UTXO data.`);const y=w-b;if(y>at.MAX_REASONABLE_FEE_SATS)throw new Error(`Implied transaction fee (${y} sat) exceeds maximum reasonable fee (${at.MAX_REASONABLE_FEE_SATS} sat). This may indicate manipulated UTXO data.`);for(const{input:g,utxoData:T,txid:p,vout:k}of c){const E=$.getPsbtInputFields({value:T.value,scriptPubKey:T.scriptPubKey},a);i.addInput({hash:g.hash,index:g.index,sequence:g.sequence,...E})}for(const g of r.outs)i.addOutput({script:g.script,value:g.value});const f=await this.config.btcWallet.signPsbt(i.toHex()),m=X.Psbt.fromHex(f);try{m.finalizeAllInputs()}catch(g){if(!m.data.inputs.every(p=>p.finalScriptWitness||p.finalScriptSig))throw new Error(`PSBT finalization failed and wallet did not auto-finalize: ${g}`)}const _=m.extractTransaction().toHex();return await Tt.pushTx(_,l)}async registerPeginOnChain(t){const{unsignedPrePeginTx:n,depositorSignedPeginTx:s,vaultProvider:o,hashlock:r,htlcVout:i,depositorPayoutBtcAddress:a,depositorWotsPkHash:l,popSignature:u}=t;if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const c=this.config.ethWallet.account.address;if(!C.isAddressEqual(u.depositorEthAddress,c))throw new Error(`Proof of possession was signed for ${u.depositorEthAddress} but the Ethereum wallet is currently connected to ${c}. Reconnect the original account or call signProofOfPossession() again.`);await this.assertPopMatchesBtcWallet(u);const w=u.btcPopSignature,b=d.ensureHexPrefix(u.depositorBtcPubkey),y=d.ensureHexPrefix(n),f=d.ensureHexPrefix(s),m=await this.resolvePayoutScriptPubKey(a),_=$.calculateBtcTxHash(f),I=await it.deriveVaultId(d.stripHexPrefix(_),d.stripHexPrefix(c)),g=d.ensureHexPrefix(I);if(await this.checkVaultExists(g))throw new Error(`Vault already exists (ID: ${g}, peginTxHash: ${_}). Vault IDs are derived from the pegin transaction hash and depositor address. To create a new vault, use different UTXOs or a different amount to generate a unique transaction.`);const p=this.config.publicClient;let k;try{k=await p.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:R.BTCVaultRegistryABI,functionName:"getPegInFee",args:[o]})}catch(O){throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",{cause:O})}const E=C.encodeFunctionData({abi:R.BTCVaultRegistryABI,functionName:"submitPeginRequest",args:[c,b,w,y,f,o,r,i,m,l]});let x;try{x=await p.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:E,value:k,account:this.config.ethWallet.account.address})}catch(O){S.handleContractError(O)}let H;try{H=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:E,value:k,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:x})}catch(O){S.handleContractError(O)}const B=await p.waitForTransactionReceipt({hash:H,timeout:Et});return B.status==="reverted"&&S.handleContractError(new Error(`Transaction reverted. Hash: ${H}. Check the transaction on block explorer for details.`)),{ethTxHash:B.transactionHash,vaultId:g,peginTxHash:_}}async registerPeginBatchOnChain(t){const{vaultProvider:n,unsignedPrePeginTx:s,requests:o,popSignature:r}=t;if(o.length===0)throw new Error("Batch pegin requires at least one request");if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const i=this.config.ethWallet.account.address;if(!C.isAddressEqual(r.depositorEthAddress,i))throw new Error(`Proof of possession was signed for ${r.depositorEthAddress} but the Ethereum wallet is currently connected to ${i}. Reconnect the original account or call signProofOfPossession() again.`);await this.assertPopMatchesBtcWallet(r);const a=r.btcPopSignature,l=[];for(const p of o)l.push(await this.resolvePayoutScriptPubKey(p.depositorPayoutBtcAddress));const u=[];for(const p of o){const k=d.ensureHexPrefix(p.depositorSignedPeginTx),E=$.calculateBtcTxHash(k),x=await it.deriveVaultId(d.stripHexPrefix(E),d.stripHexPrefix(i)),H=d.ensureHexPrefix(x);if(await this.checkVaultExists(H))throw new Error(`Vault already exists (ID: ${H}, peginTxHash: ${E}). To create a new vault, use different UTXOs or a different amount.`);u.push({vaultId:H,peginTxHash:E})}const c=this.config.publicClient;let w;try{w=await c.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:R.BTCVaultRegistryABI,functionName:"getPegInFee",args:[n]})}catch(p){throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",{cause:p})}const b=w*BigInt(o.length),y=d.ensureHexPrefix(r.depositorBtcPubkey),f=d.ensureHexPrefix(s),m=o.map((p,k)=>({depositorBtcPubKey:y,btcPopSignature:a,unsignedPrePeginTx:f,depositorSignedPeginTx:d.ensureHexPrefix(p.depositorSignedPeginTx),hashlock:p.hashlock,htlcVout:p.htlcVout,referralCode:Ge,depositorPayoutBtcAddress:l[k],depositorWotsPkHash:p.depositorWotsPkHash})),_=C.encodeFunctionData({abi:R.BTCVaultRegistryABI,functionName:"submitPeginRequestBatch",args:[i,n,m]});let I;try{I=await c.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:_,value:b,account:this.config.ethWallet.account.address})}catch(p){S.handleContractError(p)}let g;try{g=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:_,value:b,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:I})}catch(p){S.handleContractError(p)}const T=await c.waitForTransactionReceipt({hash:g,timeout:Et});return T.status==="reverted"&&S.handleContractError(new Error(`Batch transaction reverted. Hash: ${g}. Check the transaction on block explorer for details.`)),{ethTxHash:T.transactionHash,vaults:u}}async checkVaultExists(t){return(await this.config.publicClient.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:R.BTCVaultRegistryABI,functionName:"getBtcVaultBasicInfo",args:[t]})).depositor!==C.zeroAddress}async resolvePayoutScriptPubKey(t){let n;if(t)n=t;else{n=await this.config.btcWallet.getAddress();const o=await this.config.btcWallet.getPublicKeyHex();if(!d.isAddressFromPublicKey(n,o,this.config.btcNetwork))throw new Error("The BTC address from your wallet does not match the wallet's public key. Please ensure your wallet is using a supported address type (Taproot or Native SegWit).")}const s=d.getNetwork(this.config.btcNetwork);try{return`0x${kt.address.toOutputScript(n,s).toString("hex")}`}catch{throw new Error(`Invalid BTC payout address: "${n}". Please provide a valid Bitcoin address for the ${this.config.btcNetwork} network.`)}}async signProofOfPossession(){if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const t=this.config.ethWallet.account.address,n=L(await this.config.btcWallet.getPublicKeyHex()),s=this.config.vaultContracts.btcVaultRegistry,o=`${t.toLowerCase()}:${this.config.ethChain.id}:pegin:${s.toLowerCase()}`,r=await this.config.btcWallet.signMessage(o,"bip322-simple");return{btcPopSignature:je(r),depositorEthAddress:t,depositorBtcPubkey:n}}async assertPopMatchesBtcWallet(t){const n=L(await this.config.btcWallet.getPublicKeyHex()),s=L(t.depositorBtcPubkey);if(n!==s)throw new Error(`Proof of possession was signed with BTC pubkey ${s} but the BTC wallet is currently connected to ${n}. Reconnect the original wallet or call signProofOfPossession() again.`)}getNetwork(){return this.config.btcNetwork}getVaultContractAddress(){return this.config.vaultContracts.btcVaultRegistry}}exports.PeginManager=Ye;exports.VAULT_APP_NAME=Rt;exports.buildFundingOutpointsCommitment=Ot;exports.buildVaultContext=Ct;exports.computeWotsBlockPublicKeysHash=Gt;exports.deriveVaultRoot=Ut;exports.deriveWotsBlocksFromSeed=zt;exports.expandAuthAnchor=It;exports.expandHashlockSecret=Bt;exports.expandWotsSeed=St;
+//# sourceMappingURL=PeginManager-BXg2S1mH.cjs.map