npm - @babylonlabs-io/ts-sdk - Versions diffs - 0.33.4 → 0.33.5 - Mend

@babylonlabs-io/ts-sdk 0.33.4 → 0.33.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/dist/vault-registry-reader-ejm2UYzk.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"vault-registry-reader-ejm2UYzk.cjs","sources":["../src/tbv/core/clients/vault-provider/validators.ts","../src/tbv/core/clients/vault-provider/api.ts","../src/tbv/core/clients/vault-provider/batchAttribution.ts","../src/tbv/core/clients/vault-provider/batchPoll.ts","../src/tbv/core/clients/vault-provider/auth/bip322Verify.ts","../src/tbv/core/clients/vault-provider/auth/cbor.ts","../src/tbv/core/clients/vault-provider/auth/serverIdentity.ts","../src/tbv/core/clients/vault-provider/auth/gatedMethods.ts","../src/tbv/core/clients/vault-provider/auth/innerTokenClient.ts","../src/tbv/core/clients/vault-provider/auth/tokenProvider.ts","../src/tbv/core/clients/vault-provider/auth/tokenRegistry.ts","../src/tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient.ts","../src/tbv/core/clients/vault-provider/auth/primeVpAuth.ts","../src/tbv/core/clients/eth/contract-address-resolver.ts","../src/tbv/core/clients/eth/protocol-params-reader.ts","../src/tbv/core/clients/eth/signer-set-reader.ts","../src/tbv/core/clients/eth/vault-registry-reader.ts"],"sourcesContent":["/**\n * Runtime validation for vault provider RPC responses.\n *\n * All VP RPC methods return untyped JSON that TypeScript generics cast without\n * inspection. These validators check the critical top-level fields and\n * security-relevant values (status, txids, pubkeys). Optional progress\n * sub-fields (gc_data, ack_collection, claimer_graphs) are NOT validated\n * since they are informational and not used for signing or transaction\n * construction. Only `progress.presigning` sub-fields are checked.\n */\n\nimport {\n COMPRESSED_PUBKEY_HEX_LEN,\n X_ONLY_PUBKEY_HEX_LEN,\n} from \"../../primitives/utils/bitcoin\";\nimport { HEX_RE } from \"../../utils/validation\";\n\nimport { DaemonStatus } from \"./types\";\nimport type {\n BatchGetPeginStatusResponse,\n BatchGetPegoutStatusResponse,\n GetPeginStatusResponse,\n GetPegoutStatusResponse,\n RequestDepositorClaimerArtifactsResponse,\n RequestDepositorPresignTransactionsResponse,\n} from \"./types\";\n\nconst DAEMON_STATUS_VALUES = new Set<string>(Object.values(DaemonStatus));\n\nconst VP_ERROR_PREVIEW_MAX_LEN = 200;\n\nfunction preview(value: unknown): string {\n return (\n JSON.stringify(value)?.slice(0, VP_ERROR_PREVIEW_MAX_LEN) ?? \"undefined\"\n );\n}\n\nconst VP_VALIDATION_USER_MESSAGE =\n \"The vault provider returned an unexpected response. Please try again or contact support.\";\n\n/**\n * Thrown when a VP RPC response fails runtime validation.\n *\n * `.message` is a user-facing string safe to display in the UI.\n * `.detail` contains the technical reason, suitable for logging.\n */\nexport class VpResponseValidationError extends Error {\n readonly detail: string;\n\n constructor(detail: string) {\n super(VP_VALIDATION_USER_MESSAGE);\n this.name = \"VpResponseValidationError\";\n this.detail = detail;\n }\n}\n\n/** Expected length (in hex chars) of a Bitcoin transaction ID (32 bytes). */\nconst TXID_HEX_LEN = 64;\n\nfunction isNonEmptyHex(value: unknown): value is string {\n return typeof value === \"string\" && value.length > 0 && HEX_RE.test(value);\n}\n\nfunction isNonEmptyString(value: unknown): value is string {\n return typeof value === \"string\" && value.length > 0;\n}\n\nfunction assertNonEmptyHex(value: unknown, field: string): void {\n if (!isNonEmptyHex(value)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be a non-empty hex string, got ${preview(value)}`,\n );\n }\n}\n\nfunction assertNonEmptyString(value: unknown, field: string): void {\n if (!isNonEmptyString(value)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be a non-empty string, got ${preview(value)}`,\n );\n }\n}\n\n/**\n * Accept both x-only (64-char) and compressed (66-char) pubkeys from VP responses.\n * The signing code normalizes to x-only via processPublicKeyToXOnly().\n */\nfunction assertBtcPubkey(value: unknown, field: string): void {\n if (\n !isNonEmptyHex(value) ||\n (value.length !== X_ONLY_PUBKEY_HEX_LEN &&\n value.length !== COMPRESSED_PUBKEY_HEX_LEN)\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be a ${X_ONLY_PUBKEY_HEX_LEN} or ${COMPRESSED_PUBKEY_HEX_LEN}-char hex string (BTC pubkey), got ${preview(value)}`,\n );\n }\n}\n\n/**\n * Validate the optional presigning progress fields returned inside PeginProgressDetails.\n */\nfunction validatePresigningProgressFields(\n progress: Record<string, unknown>,\n): void {\n const presigning = progress.presigning;\n if (presigning === undefined || presigning === null) return;\n if (typeof presigning !== \"object\" || Array.isArray(presigning)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"progress.presigning\" must be an object if present`,\n );\n }\n\n const p = presigning as Record<string, unknown>;\n\n if (\n p.depositor_graph_created !== undefined &&\n typeof p.depositor_graph_created !== \"boolean\"\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"progress.presigning.depositor_graph_created\" must be a boolean if present, got ${preview(p.depositor_graph_created)}`,\n );\n }\n\n if (\n p.vk_challenger_presigning_completed !== undefined &&\n typeof p.vk_challenger_presigning_completed !== \"number\"\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"progress.presigning.vk_challenger_presigning_completed\" must be a number if present, got ${preview(p.vk_challenger_presigning_completed)}`,\n );\n }\n\n if (\n p.vk_challenger_presigning_total !== undefined &&\n typeof p.vk_challenger_presigning_total !== \"number\"\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"progress.presigning.vk_challenger_presigning_total\" must be a number if present, got ${preview(p.vk_challenger_presigning_total)}`,\n );\n }\n}\n\n/**\n * Validate a getPeginStatus response.\n *\n * Throws if the status field is not a recognized DaemonStatus value.\n */\nexport function validateGetPeginStatusResponse(\n response: unknown,\n): asserts response is GetPeginStatusResponse {\n if (response === null || typeof response !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: getPeginStatus response is not an object`,\n );\n }\n\n const r = response as Record<string, unknown>;\n\n if (!isNonEmptyHex(r.pegin_txid) || r.pegin_txid.length !== TXID_HEX_LEN) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string (txid), got ${preview(r.pegin_txid)}`,\n );\n }\n\n if (typeof r.status !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"status\" must be a string`,\n );\n }\n\n if (!DAEMON_STATUS_VALUES.has(r.status)) {\n throw new VpResponseValidationError(\n `VP response validation failed: unrecognized status \"${r.status}\". Expected one of: ${[...DAEMON_STATUS_VALUES].join(\", \")}`,\n );\n }\n\n if (\n r.progress === null ||\n typeof r.progress !== \"object\" ||\n Array.isArray(r.progress)\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"progress\" must be an object`,\n );\n }\n\n validatePresigningProgressFields(r.progress as Record<string, unknown>);\n\n if (typeof r.health_info !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"health_info\" must be a string`,\n );\n }\n\n if (r.last_error !== undefined && typeof r.last_error !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"last_error\" must be a string if present, got ${preview(r.last_error)}`,\n );\n }\n}\n\n/**\n * Validate a requestDepositorPresignTransactions response.\n */\nexport function validateRequestDepositorPresignTransactionsResponse(\n response: unknown,\n): asserts response is RequestDepositorPresignTransactionsResponse {\n if (response === null || typeof response !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: requestDepositorPresignTransactions response is not an object`,\n );\n }\n\n const r = response as Record<string, unknown>;\n\n if (!Array.isArray(r.txs)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"txs\" must be an array`,\n );\n }\n\n for (let i = 0; i < r.txs.length; i++) {\n validateClaimerTransactions(r.txs[i], `txs[${i}]`);\n }\n\n if (r.depositor_graph === null || typeof r.depositor_graph !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"depositor_graph\" must be an object`,\n );\n }\n\n validateDepositorGraphTransactions(\n r.depositor_graph as Record<string, unknown>,\n );\n}\n\nfunction validateTransactionData(value: unknown, field: string): void {\n if (value === null || typeof value !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be an object`,\n );\n }\n const tx = value as Record<string, unknown>;\n assertNonEmptyHex(tx.tx_hex, `${field}.tx_hex`);\n}\n\nfunction validateClaimerTransactions(value: unknown, field: string): void {\n if (value === null || typeof value !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be an object`,\n );\n }\n\n const tx = value as Record<string, unknown>;\n\n assertBtcPubkey(tx.claimer_pubkey, `${field}.claimer_pubkey`);\n validateTransactionData(tx.claim_tx, `${field}.claim_tx`);\n validateTransactionData(tx.assert_tx, `${field}.assert_tx`);\n validateTransactionData(tx.payout_tx, `${field}.payout_tx`);\n assertNonEmptyString(tx.payout_psbt, `${field}.payout_psbt`);\n}\n\nfunction validateChallengeAssertConnectorData(\n value: unknown,\n field: string,\n): void {\n if (value === null || typeof value !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be an object`,\n );\n }\n\n const c = value as Record<string, unknown>;\n assertNonEmptyString(c.wots_pks_json, `${field}.wots_pks_json`);\n assertNonEmptyString(c.gc_wots_keys_json, `${field}.gc_wots_keys_json`);\n}\n\nfunction validatePresignDataPerChallenger(value: unknown, field: string): void {\n if (value === null || typeof value !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be an object`,\n );\n }\n\n const d = value as Record<string, unknown>;\n\n assertBtcPubkey(d.challenger_pubkey, `${field}.challenger_pubkey`);\n validateTransactionData(\n d.challenge_assert_x_tx,\n `${field}.challenge_assert_x_tx`,\n );\n validateTransactionData(\n d.challenge_assert_y_tx,\n `${field}.challenge_assert_y_tx`,\n );\n validateTransactionData(d.nopayout_tx, `${field}.nopayout_tx`);\n assertNonEmptyString(d.nopayout_psbt, `${field}.nopayout_psbt`);\n\n if (!Array.isArray(d.challenge_assert_connectors)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}.challenge_assert_connectors\" must be an array`,\n );\n }\n\n for (let i = 0; i < d.challenge_assert_connectors.length; i++) {\n validateChallengeAssertConnectorData(\n d.challenge_assert_connectors[i],\n `${field}.challenge_assert_connectors[${i}]`,\n );\n }\n\n if (!Array.isArray(d.output_label_hashes)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}.output_label_hashes\" must be an array`,\n );\n }\n\n for (let i = 0; i < d.output_label_hashes.length; i++) {\n assertNonEmptyHex(\n d.output_label_hashes[i],\n `${field}.output_label_hashes[${i}]`,\n );\n }\n}\n\n/**\n * Validate a requestDepositorClaimerArtifacts response.\n */\nexport function validateRequestDepositorClaimerArtifactsResponse(\n response: unknown,\n): asserts response is RequestDepositorClaimerArtifactsResponse {\n if (response === null || typeof response !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: requestDepositorClaimerArtifacts response is not an object`,\n );\n }\n\n const r = response as Record<string, unknown>;\n\n if (!isNonEmptyString(r.tx_graph_json)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"tx_graph_json\" must be a non-empty string, got ${preview(r.tx_graph_json)}`,\n );\n }\n\n if (!isNonEmptyHex(r.verifying_key_hex)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"verifying_key_hex\" must be a non-empty hex string, got ${preview(r.verifying_key_hex)}`,\n );\n }\n\n if (r.babe_sessions === null || typeof r.babe_sessions !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"babe_sessions\" must be an object`,\n );\n }\n\n for (const [key, session] of Object.entries(\n r.babe_sessions as Record<string, unknown>,\n )) {\n if (session === null || typeof session !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"babe_sessions.${key}\" must be an object`,\n );\n }\n const s = session as Record<string, unknown>;\n if (!isNonEmptyHex(s.decryptor_artifacts_hex)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"babe_sessions.${key}.decryptor_artifacts_hex\" must be a non-empty hex string, got ${preview(s.decryptor_artifacts_hex)}`,\n );\n }\n }\n}\n\n/**\n * Validate a single pegout status payload. Embedded by\n * `validateBatchGetPegoutStatusResponse`. Mirrors btc-vault\n * `crates/vaultd/src/rpc/server/pegout_status.rs::GetPegoutStatusResponse`.\n */\nexport function validateGetPegoutStatusResponse(\n response: unknown,\n): asserts response is GetPegoutStatusResponse {\n if (response === null || typeof response !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: pegout status payload is not an object`,\n );\n }\n\n const r = response as Record<string, unknown>;\n\n if (!isNonEmptyHex(r.pegin_txid) || r.pegin_txid.length !== TXID_HEX_LEN) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string (txid), got ${preview(r.pegin_txid)}`,\n );\n }\n\n if (typeof r.found !== \"boolean\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"found\" must be a boolean, got ${preview(r.found)}`,\n );\n }\n\n // `claimer` is `Option<ClaimerPegoutStatus>` server-side; null when absent.\n if (r.claimer !== null) {\n if (typeof r.claimer !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"claimer\" must be an object or null, got ${preview(r.claimer)}`,\n );\n }\n validateClaimerPegoutStatus(r.claimer as Record<string, unknown>);\n }\n\n // `challengers: Vec<ChallengerStatus>` server-side; always present (possibly empty).\n if (!Array.isArray(r.challengers)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"challengers\" must be an array, got ${preview(r.challengers)}`,\n );\n }\n for (let i = 0; i < r.challengers.length; i++) {\n validateChallengerStatus(r.challengers[i], i);\n }\n}\n\nfunction validateClaimerPegoutStatus(value: Record<string, unknown>): void {\n assertNonEmptyString(value.status, \"claimer.status\");\n if (typeof value.failed !== \"boolean\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"claimer.failed\" must be a boolean, got ${preview(value.failed)}`,\n );\n }\n assertNonEmptyString(value.claim_txid, \"claimer.claim_txid\");\n assertNonEmptyString(value.claimer_pubkey, \"claimer.claimer_pubkey\");\n assertNonEmptyString(value.assert_txid, \"claimer.assert_txid\");\n // `challenger_pubkey: Option<String>` — null when no challenge yet.\n if (value.challenger_pubkey !== null && typeof value.challenger_pubkey !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"claimer.challenger_pubkey\" must be a string or null, got ${preview(value.challenger_pubkey)}`,\n );\n }\n if (typeof value.created_at !== \"number\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"claimer.created_at\" must be a number, got ${preview(value.created_at)}`,\n );\n }\n if (typeof value.updated_at !== \"number\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"claimer.updated_at\" must be a number, got ${preview(value.updated_at)}`,\n );\n }\n}\n\nfunction validateChallengerStatus(value: unknown, index: number): void {\n if (value === null || typeof value !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"challengers[${index}]\" must be an object, got ${preview(value)}`,\n );\n }\n const c = value as Record<string, unknown>;\n assertNonEmptyString(c.status, `challengers[${index}].status`);\n assertNonEmptyString(c.claim_txid, `challengers[${index}].claim_txid`);\n assertNonEmptyString(c.claimer_pubkey, `challengers[${index}].claimer_pubkey`);\n assertNullableString(c.assert_txid, `challengers[${index}].assert_txid`);\n assertNullableString(\n c.challenge_assert_x_txid,\n `challengers[${index}].challenge_assert_x_txid`,\n );\n assertNullableString(\n c.challenge_assert_y_txid,\n `challengers[${index}].challenge_assert_y_txid`,\n );\n assertNullableString(c.nopayout_txid, `challengers[${index}].nopayout_txid`);\n if (typeof c.created_at !== \"number\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"challengers[${index}].created_at\" must be a number, got ${preview(c.created_at)}`,\n );\n }\n if (typeof c.updated_at !== \"number\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"challengers[${index}].updated_at\" must be a number, got ${preview(c.updated_at)}`,\n );\n }\n}\n\nfunction assertNullableString(value: unknown, field: string): void {\n if (value !== null && typeof value !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${field}\" must be a string or null, got ${preview(value)}`,\n );\n }\n}\n\n/**\n * Validate a `batchGetPeginStatus` response. Per-result envelope shape:\n * `{ pegin_txid, result: GetPeginStatusResponse | null, error: string | null }`.\n * The inner result (when non-null) is validated via the single-item validator.\n */\nexport function validateBatchGetPeginStatusResponse(\n response: unknown,\n): asserts response is BatchGetPeginStatusResponse {\n validateBatchEnvelope(response, \"batchGetPeginStatus\", (entry) => {\n if (entry.result !== null) {\n validateGetPeginStatusResponse(entry.result);\n }\n });\n}\n\n/** Validate a `batchGetPegoutStatus` response. Same envelope as peginStatus. */\nexport function validateBatchGetPegoutStatusResponse(\n response: unknown,\n): asserts response is BatchGetPegoutStatusResponse {\n validateBatchEnvelope(response, \"batchGetPegoutStatus\", (entry) => {\n if (entry.result !== null) {\n validateGetPegoutStatusResponse(entry.result);\n }\n });\n}\n\ninterface BatchResultEnvelope {\n pegin_txid: string;\n result: unknown;\n error: string | null;\n}\n\nfunction validateBatchEnvelope(\n response: unknown,\n rpcName: string,\n validateInnerResult: (entry: BatchResultEnvelope, index: number) => void,\n): void {\n if (response === null || typeof response !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: ${rpcName} response is not an object`,\n );\n }\n const r = response as Record<string, unknown>;\n if (!Array.isArray(r.results)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results\" must be an array, got ${preview(r.results)}`,\n );\n }\n for (let i = 0; i < r.results.length; i++) {\n const entry = r.results[i];\n if (entry === null || typeof entry !== \"object\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results[${i}]\" must be an object, got ${preview(entry)}`,\n );\n }\n const e = entry as Record<string, unknown>;\n if (\n !isNonEmptyHex(e.pegin_txid) ||\n e.pegin_txid.length !== TXID_HEX_LEN\n ) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results[${i}].pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string, got ${preview(e.pegin_txid)}`,\n );\n }\n if (e.error !== null && typeof e.error !== \"string\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results[${i}].error\" must be a string or null, got ${preview(e.error)}`,\n );\n }\n // Exactly one of `result` / `error` must be populated. The server only\n // ever sets one per item; treating both-null as a protocol violation\n // surfaces server bugs early instead of letting them silently degrade.\n if (e.result === null && e.error === null) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results[${i}]\" has neither \"result\" nor \"error\" populated`,\n );\n }\n if (e.result !== null && e.error !== null) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"${rpcName}.results[${i}]\" has both \"result\" and \"error\" populated`,\n );\n }\n validateInnerResult(e as unknown as BatchResultEnvelope, i);\n }\n}\n\nfunction validateDepositorGraphTransactions(\n graph: Record<string, unknown>,\n): void {\n validateTransactionData(graph.claim_tx, \"depositor_graph.claim_tx\");\n validateTransactionData(graph.assert_tx, \"depositor_graph.assert_tx\");\n validateTransactionData(graph.payout_tx, \"depositor_graph.payout_tx\");\n assertNonEmptyString(graph.payout_psbt, \"depositor_graph.payout_psbt\");\n\n if (!Array.isArray(graph.challenger_presign_data)) {\n throw new VpResponseValidationError(\n `VP response validation failed: \"depositor_graph.challenger_presign_data\" must be an array`,\n );\n }\n\n for (let i = 0; i < graph.challenger_presign_data.length; i++) {\n validatePresignDataPerChallenger(\n graph.challenger_presign_data[i],\n `depositor_graph.challenger_presign_data[${i}]`,\n );\n }\n\n if (typeof graph.offchain_params_version !== \"number\") {\n throw new VpResponseValidationError(\n `VP response validation failed: \"depositor_graph.offchain_params_version\" must be a number`,\n );\n }\n}\n","/**\n * JSON-RPC client for the Vault Provider API.\n *\n * Wraps {@link JsonRpcClient} with typed methods matching the\n * `vaultProvider_*` RPC namespace defined in the btc-vault pegin spec.\n *\n * Implements the narrow service interfaces (PeginStatusReader, WotsKeySubmitter,\n * PresignClient, ClaimerArtifactsReader) so it can be passed directly to\n * any deposit protocol service function.\n *\n * @see https://github.com/babylonlabs-io/btc-vault/blob/main/docs/pegin.md\n */\n\nimport type { PeginStatusReader, WotsKeySubmitter, PresignClient, ClaimerArtifactsReader } from \"../../services/deposit/interfaces\";\n\nimport {\n type BearerTokenProvider,\n JsonRpcClient,\n type JsonRpcClientConfig,\n} from \"./json-rpc-client\";\nimport type {\n BatchGetPeginStatusParams,\n BatchGetPeginStatusResponse,\n BatchGetPegoutStatusParams,\n BatchGetPegoutStatusResponse,\n GetPeginStatusParams,\n GetPeginStatusResponse,\n RequestDepositorClaimerArtifactsParams,\n RequestDepositorClaimerArtifactsResponse,\n RequestDepositorPresignTransactionsParams,\n RequestDepositorPresignTransactionsResponse,\n SubmitDepositorPresignaturesParams,\n SubmitDepositorWotsKeyParams,\n} from \"./types\";\nimport {\n validateBatchGetPeginStatusResponse,\n validateBatchGetPegoutStatusResponse,\n validateGetPeginStatusResponse,\n validateRequestDepositorClaimerArtifactsResponse,\n validateRequestDepositorPresignTransactionsResponse,\n} from \"./validators\";\n\nexport interface VaultProviderRpcClientOptions {\n /** Timeout in milliseconds per request (default: 60000) */\n timeout?: number;\n /** Number of retry attempts for safe methods (default: 3) */\n retries?: number;\n /** Initial retry delay in milliseconds (default: 1000) */\n retryDelay?: number;\n /**\n * Custom retry predicate. Default retries only the idempotent read\n * methods: `getPeginStatus`, `batchGetPeginStatus`, `batchGetPegoutStatus`,\n * `requestDepositorPresignTransactions`.\n */\n retryableFor?: (method: string) => boolean;\n /** Custom headers. */\n headers?: Record<string, string>;\n /**\n * Per-request bearer-token source. A non-null return attaches\n * `Authorization: Bearer <token>`; `null` skips auth. Wire a\n * {@link VpTokenProvider} for depositor-gated methods.\n */\n tokenProvider?: BearerTokenProvider;\n /** Maximum response body size, in bytes, for typed JSON-RPC calls */\n maxResponseBytes?: number;\n}\n\nconst DEFAULT_TIMEOUT_MS = 60_000;\n\n/**\n * Concrete VP RPC client implementing all service interfaces.\n *\n * Usage:\n * ```ts\n * const client = new VaultProviderRpcClient(\"https://vp.example.com/rpc\");\n * const status = await client.getPeginStatus({ pegin_txid: \"abc...\" });\n * ```\n */\nexport class VaultProviderRpcClient\n implements PeginStatusReader, WotsKeySubmitter, PresignClient, ClaimerArtifactsReader\n{\n private client: JsonRpcClient;\n\n constructor(baseUrl: string, options?: VaultProviderRpcClientOptions) {\n const config: JsonRpcClientConfig = {\n baseUrl,\n timeout: options?.timeout ?? DEFAULT_TIMEOUT_MS,\n retries: options?.retries,\n retryDelay: options?.retryDelay,\n retryableFor: options?.retryableFor,\n headers: options?.headers,\n tokenProvider: options?.tokenProvider,\n maxResponseBytes: options?.maxResponseBytes,\n };\n this.client = new JsonRpcClient(config);\n }\n\n /**\n * Request the payout/claim/assert transactions that the depositor\n * needs to pre-sign before the vault can be activated on Bitcoin.\n */\n async requestDepositorPresignTransactions(\n params: RequestDepositorPresignTransactionsParams,\n signal?: AbortSignal,\n ): Promise<RequestDepositorPresignTransactionsResponse> {\n const response = await this.client.call<\n RequestDepositorPresignTransactionsParams,\n unknown\n >(\"vaultProvider_requestDepositorPresignTransactions\", params, signal);\n validateRequestDepositorPresignTransactionsResponse(response);\n return response;\n }\n\n /**\n * Submit the depositor's pre-signatures for the payout transactions\n * and the depositor-as-claimer graph.\n */\n async submitDepositorPresignatures(\n params: SubmitDepositorPresignaturesParams,\n signal?: AbortSignal,\n ): Promise<void> {\n return this.client.call<SubmitDepositorPresignaturesParams, void>(\n \"vaultProvider_submitDepositorPresignatures\",\n params,\n signal,\n );\n }\n\n /**\n * Submit the depositor's WOTS public key to the vault provider.\n * Called after the pegin is finalized on Ethereum, when the VP is in\n * `PendingDepositorWotsPK` status.\n */\n async submitDepositorWotsKey(\n params: SubmitDepositorWotsKeyParams,\n signal?: AbortSignal,\n ): Promise<void> {\n return this.client.call<SubmitDepositorWotsKeyParams, void>(\n \"vaultProvider_submitDepositorWotsKey\",\n params,\n signal,\n );\n }\n\n /**\n * Request the BaBe DecryptorArtifacts needed for the depositor to\n * independently evaluate garbled circuits during a challenge.\n */\n async requestDepositorClaimerArtifacts(\n params: RequestDepositorClaimerArtifactsParams,\n signal?: AbortSignal,\n ): Promise<RequestDepositorClaimerArtifactsResponse> {\n const response = await this.client.call<\n RequestDepositorClaimerArtifactsParams,\n unknown\n >(\"vaultProvider_requestDepositorClaimerArtifacts\", params, signal);\n validateRequestDepositorClaimerArtifactsResponse(response);\n return response;\n }\n\n /** Get the current pegin status from the vault provider daemon. */\n async getPeginStatus(\n params: GetPeginStatusParams,\n signal?: AbortSignal,\n ): Promise<GetPeginStatusResponse> {\n const response = await this.client.call<GetPeginStatusParams, unknown>(\n \"vaultProvider_getPeginStatus\",\n params,\n signal,\n );\n validateGetPeginStatusResponse(response);\n return response;\n }\n\n /**\n * Get pegin status for many txids in one round trip. Per-result envelope\n * isolates per-pegin failures from the overall RPC. Caller must chunk\n * inputs at `VP_BATCH_MAX_SIZE`.\n */\n async batchGetPeginStatus(\n params: BatchGetPeginStatusParams,\n signal?: AbortSignal,\n ): Promise<BatchGetPeginStatusResponse> {\n const response = await this.client.call<\n BatchGetPeginStatusParams,\n unknown\n >(\"vaultProvider_batchGetPeginStatus\", params, signal);\n validateBatchGetPeginStatusResponse(response);\n return response;\n }\n\n /**\n * Get pegout status for many txids in one round trip. Same per-result\n * envelope semantics as `batchGetPeginStatus`.\n */\n async batchGetPegoutStatus(\n params: BatchGetPegoutStatusParams,\n signal?: AbortSignal,\n ): Promise<BatchGetPegoutStatusResponse> {\n const response = await this.client.call<\n BatchGetPegoutStatusParams,\n unknown\n >(\"vaultProvider_batchGetPegoutStatus\", params, signal);\n validateBatchGetPegoutStatusResponse(response);\n return response;\n }\n}\n","/**\n * Defensive helper for attributing per-item results in a VP batch RPC\n * response back to the requested txids. The server promises 1:1 ordered\n * results, but we don't trust that promise — a server bug could duplicate,\n * skip, or scramble items, and silent attribution-by-array-index would\n * mask the bug.\n *\n * Lowercases all txids on both sides to absorb case mismatch (the FE\n * strips `0x` but doesn't otherwise normalize).\n *\n * @module tbv/core/clients/vault-provider/batchAttribution\n */\n\n/** Per-item entry in a VP batch response. */\nexport interface BatchResultEntry<T> {\n pegin_txid: string;\n result: T | null;\n error: string | null;\n}\n\n/** Output of {@link attributeBatchResults}. */\nexport interface BatchAttributionResult<T> {\n /** Lowercase requested txid -> per-item envelope. */\n byTxid: Map<string, { result: T | null; error: string | null }>;\n /** Requested txids that did not appear in the response. */\n missing: string[];\n /** Echoed txids that were not in the request — logged + dropped. */\n unexpected: string[];\n /** Echoed txids that appeared more than once — first kept, rest dropped. */\n duplicate: string[];\n}\n\n/**\n * Attribute batch results to requested txids defensively.\n *\n * Both `requestedTxids` and the echoed `pegin_txid` field on each result\n * are lowercased before lookup. Duplicates and unexpected echoes are\n * surfaced so callers can flag the affected items as errored rather than\n * silently overwriting state.\n *\n * `requestedTxids` may contain duplicates; they are de-duplicated for the\n * purposes of map keys (each unique txid becomes a single map entry).\n */\nexport function attributeBatchResults<T>(\n requestedTxids: string[],\n results: ReadonlyArray<BatchResultEntry<T>>,\n): BatchAttributionResult<T> {\n const requestedSet = new Set<string>();\n for (const txid of requestedTxids) {\n requestedSet.add(txid.toLowerCase());\n }\n\n const byTxid = new Map<\n string,\n { result: T | null; error: string | null }\n >();\n const seen = new Set<string>();\n const duplicate: string[] = [];\n const unexpected: string[] = [];\n\n for (const entry of results) {\n const lower = entry.pegin_txid.toLowerCase();\n if (!requestedSet.has(lower)) {\n unexpected.push(lower);\n continue;\n }\n if (seen.has(lower)) {\n duplicate.push(lower);\n continue;\n }\n seen.add(lower);\n byTxid.set(lower, { result: entry.result, error: entry.error });\n }\n\n const missing: string[] = [];\n for (const txid of requestedSet) {\n if (!seen.has(txid)) missing.push(txid);\n }\n\n return { byTxid, missing, unexpected, duplicate };\n}\n","/**\n * Generic chunk + attribute + dispatch loop for VP batch RPCs.\n *\n * Wraps {@link attributeBatchResults} with chunking and per-callback\n * dispatch so the FE polling hooks (and any future SDK consumer) only\n * have to declare per-item handlers — chunking by `VP_BATCH_MAX_SIZE`,\n * lowercase txid normalization, missing/duplicate/unexpected\n * surfacing, and the duplicate-skip invariant in the byTxid loop are\n * all owned here.\n *\n * @module tbv/core/clients/vault-provider/batchPoll\n */\n\nimport {\n attributeBatchResults,\n type BatchResultEntry,\n} from \"./batchAttribution\";\nimport { VP_BATCH_MAX_SIZE } from \"./types\";\n\nexport interface BatchPollByProviderOptions<TItem, TResult> {\n /** Items to poll for this provider, e.g. `DepositToPoll[]`. */\n items: TItem[];\n /** Extract the canonical txid for each item. Helper lowercases it. */\n getTxid: (item: TItem) => string;\n /**\n * Per-chunk RPC call. Receives lowercased txids; returns the batch\n * envelope. Caller wraps `rpcClient.batchGet*Status({ pegin_txids })`.\n */\n batchCall: (\n txids: string[],\n ) => Promise<{ results: ReadonlyArray<BatchResultEntry<TResult>> }>;\n /**\n * Handle a per-item envelope. Exactly one of `result` / `error` is\n * populated (validator invariant). Caller decides UI state, logging,\n * etc. Not invoked for txids surfaced via {@link onDuplicate}.\n *\n * Note: `envelope.pegin_txid` is the lowercased txid the helper\n * sent in the request, not whatever case/encoding the server echoed.\n */\n onItem: (item: TItem, envelope: BatchResultEntry<TResult>) => void;\n /** Server omitted this item from the response. */\n onMissing: (item: TItem) => void;\n /** Server returned this item more than once. Caller picks UI state. */\n onDuplicate: (item: TItem) => void;\n /**\n * Optional aggregate signal for an entire chunk where the server\n * returned duplicates. Fires once per chunk (only if `count > 0`)\n * AFTER all per-item `onDuplicate` dispatches. Caller typically logs\n * the count alongside the provider name.\n */\n onDuplicateBatch?: (count: number) => void;\n /**\n * The whole chunk's RPC call failed (transport or response\n * validation). Receives the chunk and the error. Caller decides how\n * to project that onto per-item state.\n */\n onWholeBatchError: (chunk: TItem[], error: unknown) => void;\n /**\n * Server returned txids that were not in the request. Caller\n * typically logs the count for observability — there's no recovery\n * action since the original request items are unaffected. Optional;\n * defaults to no-op.\n */\n onUnexpected?: (echoedTxids: string[]) => void;\n /**\n * Maximum items per RPC call. Defaults to {@link VP_BATCH_MAX_SIZE}.\n * Exposed for tests so chunking can be exercised without 50+\n * fixtures.\n */\n batchSize?: number;\n}\n\nexport async function batchPollByProvider<TItem, TResult>(\n options: BatchPollByProviderOptions<TItem, TResult>,\n): Promise<void> {\n const {\n items,\n getTxid,\n batchCall,\n onItem,\n onMissing,\n onDuplicate,\n onDuplicateBatch,\n onWholeBatchError,\n onUnexpected,\n batchSize = VP_BATCH_MAX_SIZE,\n } = options;\n\n if (!Number.isInteger(batchSize) || batchSize <= 0) {\n throw new Error(\n `batchPollByProvider: batchSize must be a positive integer, got ${batchSize}`,\n );\n }\n\n for (let i = 0; i < items.length; i += batchSize) {\n const chunk = items.slice(i, i + batchSize);\n const txidToItem = new Map<string, TItem>();\n const txids: string[] = [];\n for (const item of chunk) {\n const lowerTxid = getTxid(item).toLowerCase();\n txidToItem.set(lowerTxid, item);\n txids.push(lowerTxid);\n }\n\n // Both the RPC call and attribution sit inside the same try/catch\n // so a malformed-batch validator throw is routed through\n // `onWholeBatchError` rather than aborting the polling pass.\n let attribution;\n try {\n const response = await batchCall(txids);\n attribution = attributeBatchResults<TResult>(txids, response.results);\n } catch (error) {\n onWholeBatchError(chunk, error);\n continue;\n }\n\n if (onUnexpected && attribution.unexpected.length > 0) {\n onUnexpected(attribution.unexpected);\n }\n\n const duplicateTxids = new Set(attribution.duplicate);\n for (const txid of duplicateTxids) {\n const item = txidToItem.get(txid);\n if (item) onDuplicate(item);\n }\n if (onDuplicateBatch && duplicateTxids.size > 0) {\n onDuplicateBatch(duplicateTxids.size);\n }\n for (const txid of attribution.missing) {\n const item = txidToItem.get(txid);\n if (item) onMissing(item);\n }\n for (const [txid, envelope] of attribution.byTxid) {\n // Skip duplicates — already dispatched via onDuplicate above.\n if (duplicateTxids.has(txid)) continue;\n const item = txidToItem.get(txid);\n if (!item) continue;\n onItem(item, {\n pegin_txid: txid,\n result: envelope.result,\n error: envelope.error,\n });\n }\n }\n}\n","/**\n * BIP-322 \"simple\" signature verification for P2TR key-path.\n *\n * Mirrors the Rust reference in\n * `btc-vault/crates/btc-signer/src/message.rs::verify_bip322_message`\n * (which delegates to `rust-bitcoin::bip322::verify_simple` for a\n * P2TR key-path-only address with no merkle root).\n *\n * The algorithm:\n *\n * 1. Compute the BIP-322 tagged-hash of the message:\n * m_hash = SHA256( SHA256(tag) || SHA256(tag) || message )\n * where tag = \"BIP0322-signed-message\".\n *\n * 2. Build a virtual \"to_spend\" transaction with one input (prevout\n * all-zero txid + 0xFFFFFFFF vout, scriptSig = `OP_0 PUSH32 m_hash`,\n * sequence = 0) and one output (value 0, scriptPubKey = P2TR for\n * the signer's x-only pubkey).\n *\n * 3. Build a \"to_sign\" transaction that spends to_spend[0] and has a\n * single `OP_RETURN` output (value 0).\n *\n * 4. Compute the BIP-341 taproot sighash of to_sign input 0 with\n * SIGHASH_DEFAULT (0x00).\n *\n * 5. Verify the 64-byte Schnorr signature against the **tweaked**\n * output key `Q = P + tap_tweak(P) * G`, where `tap_tweak(P) =\n * hash_TapTweak(serialize_x_only(P))` (no merkle root — key-path\n * only).\n *\n * `bitcoinjs-lib` handles (2)–(4); `tiny-secp256k1-asmjs` provides\n * the tweak and Schnorr verify. Pulling in a full BIP-322 library\n * would add a peer dep for what amounts to ~40 lines of glue.\n *\n * @module tbv/core/clients/vault-provider/auth/bip322Verify\n */\n\nimport * as ecc from \"@bitcoin-js/tiny-secp256k1-asmjs\";\nimport { payments, Transaction } from \"bitcoinjs-lib\";\n\nimport { Buffer } from \"buffer\";\nimport { sha256 } from \"@noble/hashes/sha2.js\";\n\n/** BIP-322 message tag (BIP-340 tagged-hash style). */\nconst BIP322_TAG = \"BIP0322-signed-message\";\n\n/** BIP-341 taproot-tweak tag. */\nconst TAPTWEAK_TAG = \"TapTweak\";\n\nconst X_ONLY_PUBKEY_SIZE = 32;\nconst SCHNORR_SIG_SIZE = 64;\n\n/**\n * BIP-340 tagged hash: `SHA256( SHA256(tag) || SHA256(tag) || data )`.\n * Used for both BIP-322 message hashing and BIP-341 tap-tweak.\n */\nfunction taggedHash(tag: string, data: Uint8Array): Uint8Array {\n const tagBytes = new TextEncoder().encode(tag);\n const tagHash = sha256(tagBytes);\n const preimage = new Uint8Array(tagHash.length * 2 + data.length);\n preimage.set(tagHash, 0);\n preimage.set(tagHash, tagHash.length);\n preimage.set(data, tagHash.length * 2);\n return sha256(preimage);\n}\n\n/**\n * Apply BIP-341 taproot tweak to an x-only pubkey with no merkle\n * root (key-path-only address).\n *\n * `tap_tweak = hash_TapTweak(P)`\n * `Q = P + tap_tweak * G` (x-only, even-Y parity)\n *\n * Returns the tweaked 32-byte x-only pubkey, or null if the tweak\n * produces a point-at-infinity or invalid result.\n */\nfunction tweakXOnlyKey(xOnly: Uint8Array): Uint8Array | null {\n if (xOnly.length !== X_ONLY_PUBKEY_SIZE) return null;\n const tweak = taggedHash(TAPTWEAK_TAG, xOnly);\n const tweaked = ecc.xOnlyPointAddTweak(xOnly, tweak);\n return tweaked ? tweaked.xOnlyPubkey : null;\n}\n\n/**\n * Verify a BIP-322 \"simple\" P2TR key-path signature over an arbitrary\n * byte message.\n *\n * @internal Exposed only so the golden-vector test suite can pin the\n * verifier independently of `verifyServerIdentity`. Production callers\n * should use `verifyServerIdentity` from `./serverIdentity` instead.\n *\n * @param messageBytes - The bytes that were signed (e.g. a CBOR-encoded\n * payload). Not pre-hashed; this function applies\n * the BIP-322 tagged hash internally.\n * @param xOnlyPubkey - 32-byte x-only pubkey of the signer (pre-tweak).\n * @param signature - 64-byte raw Schnorr signature (BIP-340), as\n * emitted by a key-path witness with\n * SIGHASH_DEFAULT.\n * @returns `true` if the signature verifies against the address\n * derived from `xOnlyPubkey`; `false` otherwise.\n */\nexport function verifyBip322Simple(\n messageBytes: Uint8Array,\n xOnlyPubkey: Uint8Array,\n signature: Uint8Array,\n): boolean {\n if (xOnlyPubkey.length !== X_ONLY_PUBKEY_SIZE) return false;\n if (signature.length !== SCHNORR_SIG_SIZE) return false;\n\n // Any exception from the underlying crypto libraries (e.g. the\n // `Expected Point` error `tiny-secp256k1` throws when the supplied\n // 32 bytes don't represent a valid x-coordinate on secp256k1) is\n // treated as a verification failure rather than propagated — a\n // verifier MUST return a boolean, not raise.\n try {\n // Step 1: BIP-322 tagged hash of the message.\n const messageHash = taggedHash(BIP322_TAG, messageBytes);\n\n // Step 2: scriptPubKey for the signer's P2TR key-path-only address.\n // bitcoinjs-lib's `payments.p2tr({ internalPubkey })` computes the\n // tweak and produces the `OP_1 <tweaked_xonly>` output script.\n const p2tr = payments.p2tr({\n internalPubkey: Buffer.from(xOnlyPubkey),\n });\n if (!p2tr.output) return false;\n const scriptPubKey = p2tr.output;\n\n // Step 3: build to_spend virtual tx.\n //\n // NOTE: bitcoinjs-lib v6.x's `Transaction.addOutput` and\n // `hashForWitnessV1` are typed for `Satoshi` (a UInt53 number),\n // not `bigint`. Passing `BigInt(0)` triggers a typeforce\n // assertion in `addOutput` (\"Expected property '1' of type\n // Satoshi, got BigInt 0\") which our outer try/catch silently\n // turns into `verify -> false`. Use plain `0` everywhere.\n const ZERO_SATS = 0;\n const toSpend = new Transaction();\n toSpend.version = 0;\n toSpend.locktime = 0;\n // scriptSig: OP_0 (0x00) + OP_PUSHBYTES_32 (0x20) + message_hash (32B)\n const scriptSig = Buffer.concat([\n Buffer.from([0x00, 0x20]),\n Buffer.from(messageHash),\n ]);\n toSpend.addInput(\n Buffer.alloc(32, 0), // prev_txid = 0x0000...0000\n 0xffffffff, // prev_vout = 0xFFFFFFFF\n 0, // sequence = 0\n scriptSig,\n );\n toSpend.addOutput(scriptPubKey, ZERO_SATS);\n\n // Step 4: build to_sign virtual tx spending to_spend[0].\n const toSign = new Transaction();\n toSign.version = 0;\n toSign.locktime = 0;\n // Bitcoin txid in natural-byte (little-endian) form.\n const toSpendTxid = toSpend.getHash();\n toSign.addInput(toSpendTxid, 0, 0);\n toSign.addOutput(Buffer.from([0x6a]), ZERO_SATS); // OP_RETURN\n\n // Step 5: taproot sighash for to_sign input 0 (SIGHASH_DEFAULT).\n const sighash = toSign.hashForWitnessV1(\n 0,\n [scriptPubKey],\n [ZERO_SATS],\n Transaction.SIGHASH_DEFAULT,\n );\n\n // Step 6: tweak the x-only pubkey (no merkle root) and verify Schnorr.\n const tweakedXOnly = tweakXOnlyKey(xOnlyPubkey);\n if (!tweakedXOnly) return false;\n\n return ecc.verifySchnorr(sighash, tweakedXOnly, signature);\n } catch {\n return false;\n }\n}\n","/**\n * Minimal CBOR encoder for the server-identity payload shape.\n *\n * We only need to encode one specific CBOR structure — the 3-tuple\n * `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey_bytes, expires_at_u64)` —\n * byte-for-byte identical to what the Rust `ciborium` crate produces\n * for the corresponding tuple, because that's the exact message the\n * VP signs with BIP-322.\n *\n * IMPORTANT encoding quirk: the Rust side passes the domain and\n * pubkey as `&[u8]` / `Vec<u8>` without a `#[serde(with = \"serde_bytes\")]`\n * attribute, so serde/ciborium encodes them as **CBOR arrays of u8**\n * (major type 4, one item per byte) — NOT as CBOR byte strings (major\n * type 2). A naive byte-string encoding would produce the wrong bytes\n * and signature verification would fail.\n *\n * Rather than pull in a full CBOR dependency for this one shape, we\n * implement the exact subset inline (~40 LOC) and pin it with golden\n * vectors against the Rust reference output.\n *\n * @module tbv/core/clients/vault-provider/auth/cbor\n */\n\n/**\n * Encode a small CBOR unsigned-integer \"head\" byte for major type\n * `major` (0..7) with argument `arg` (0..2^64-1).\n *\n * Returns the header bytes; the caller concatenates any trailing data\n * (e.g. array elements). Encoding rules:\n * arg < 24 → single byte `(major << 5) | arg`\n * arg < 256 → `(major << 5) | 24` + 1-byte arg\n * arg < 65536 → `(major << 5) | 25` + 2-byte BE arg\n * arg < 2^32 → `(major << 5) | 26` + 4-byte BE arg\n * arg < 2^64 → `(major << 5) | 27` + 8-byte BE arg\n */\nfunction cborHead(major: number, arg: number | bigint): Uint8Array {\n const tag = (major & 0x07) << 5;\n const n = typeof arg === \"bigint\" ? arg : BigInt(arg);\n if (n < 0n) throw new Error(\"cborHead: negative argument\");\n\n if (n < 24n) return new Uint8Array([tag | Number(n)]);\n if (n < 0x100n) return new Uint8Array([tag | 24, Number(n)]);\n if (n < 0x10000n) {\n const v = Number(n);\n return new Uint8Array([tag | 25, (v >>> 8) & 0xff, v & 0xff]);\n }\n if (n < 0x1_0000_0000n) {\n const v = Number(n);\n return new Uint8Array([\n tag | 26,\n (v >>> 24) & 0xff,\n (v >>> 16) & 0xff,\n (v >>> 8) & 0xff,\n v & 0xff,\n ]);\n }\n // 8-byte BE for u64 range\n const out = new Uint8Array(9);\n out[0] = tag | 27;\n for (let i = 7; i >= 0; i--) {\n out[1 + i] = Number(n >> BigInt((7 - i) * 8)) & 0xff;\n }\n return out;\n}\n\nfunction concat(...parts: Uint8Array[]): Uint8Array {\n const total = parts.reduce((s, p) => s + p.length, 0);\n const out = new Uint8Array(total);\n let offset = 0;\n for (const p of parts) {\n out.set(p, offset);\n offset += p.length;\n }\n return out;\n}\n\n/**\n * Encode a `Vec<u8>` / `&[u8]` the way ciborium does by default — as a\n * CBOR array of u8 (major type 4), one element per byte.\n *\n * Each byte becomes a CBOR unsigned integer (major type 0): bytes\n * < 24 are encoded as single bytes, bytes 24..255 as `0x18 XX`.\n */\nfunction encodeBytesAsArrayOfU8(bytes: Uint8Array): Uint8Array {\n const header = cborHead(4, bytes.length);\n const items: Uint8Array[] = [header];\n for (const b of bytes) {\n items.push(cborHead(0, b));\n }\n return concat(...items);\n}\n\n/**\n * Encode the server-identity payload the Rust side signs:\n *\n * ciborium::into_writer(\n * &(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey.serialize().to_vec(), expires_at),\n * buf\n * )\n *\n * Output bytes are byte-for-byte identical to the Rust reference,\n * pinned by the golden vector in the corresponding test file.\n *\n * @internal Exposed only for the golden-vector test that pins this\n * encoding against ciborium's output. Production callers reach this\n * via `verifyServerIdentity` from `./serverIdentity`.\n *\n * @param domain - Must be `\"btc-auth.server-identity.v1\"` (27 bytes)\n * — the constant from btc-vault's `server_identity.rs`.\n * @param ephemeralPubkeyCompressed - 33-byte SEC1-compressed pubkey.\n * @param expiresAt - Unix timestamp (seconds). Must be a safe integer.\n */\nexport function encodeServerIdentityPayload(\n domain: Uint8Array,\n ephemeralPubkeyCompressed: Uint8Array,\n expiresAt: number,\n): Uint8Array {\n if (!Number.isSafeInteger(expiresAt) || expiresAt < 0) {\n throw new Error(\n `encodeServerIdentityPayload: expires_at must be a non-negative safe integer, got ${expiresAt}`,\n );\n }\n const arrayHeader = cborHead(4, 3); // 3-tuple encoded as array of 3\n const domainBytes = encodeBytesAsArrayOfU8(domain);\n const pubkeyBytes = encodeBytesAsArrayOfU8(ephemeralPubkeyCompressed);\n const expiresAtBytes = cborHead(0, expiresAt);\n return concat(arrayHeader, domainBytes, pubkeyBytes, expiresAtBytes);\n}\n","/**\n * Server-identity verification for the vault provider's\n * `auth_createDepositorToken` response.\n *\n * The VP returns a `ServerIdentityResponse` bundled with every issued\n * token:\n *\n * - `server_pubkey`: VP's persistent x-only pubkey (HEX, 32B)\n * - `ephemeral_pubkey`: VP's ephemeral token-signing key (HEX, 33B compressed)\n * - `expires_at`: Unix timestamp when the ephemeral key expires\n * - `signature`: BIP-322 signature by the persistent key over\n * `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey, expires_at)`\n *\n * The FE pins `server_pubkey` against the on-chain `VaultProvider.btcPubKey`\n * it reads from the registry contract. A mismatch rejects the token.\n *\n * @module tbv/core/clients/vault-provider/auth/serverIdentity\n */\n\nimport * as ecc from \"@bitcoin-js/tiny-secp256k1-asmjs\";\n\nimport {\n COMPRESSED_PUBKEY_HEX_LEN,\n SCHNORR_SIG_HEX_LEN,\n stripHexPrefix,\n X_ONLY_PUBKEY_HEX_LEN,\n} from \"../../../primitives/utils/bitcoin\";\nimport { HEX_RE } from \"../../../utils/validation\";\n\nimport { verifyBip322Simple } from \"./bip322Verify\";\nimport { encodeServerIdentityPayload } from \"./cbor\";\n\n/**\n * Byte-string domain the btc-vault Rust reference passes as the first\n * element of the CBOR tuple signed over for server-identity proofs.\n * Must match `SERVER_IDENTITY_DOMAIN` in\n * `btc-vault/crates/btc-auth/src/server_identity.rs`.\n */\nconst SERVER_IDENTITY_DOMAIN = new TextEncoder().encode(\n \"btc-auth.server-identity.v1\",\n);\n\n/**\n * Wire representation from btc-vault's `ServerIdentityResponse`.\n */\nexport interface ServerIdentityResponse {\n /** Hex-encoded x-only (32-byte) persistent server pubkey. */\n server_pubkey: string;\n /** Hex-encoded compressed (33-byte) ephemeral token-signing pubkey. */\n ephemeral_pubkey: string;\n /** Unix timestamp at which the ephemeral key expires. */\n expires_at: number;\n /** Hex-encoded 64-byte BIP-322 Schnorr signature. */\n signature: string;\n}\n\nexport interface VerifyServerIdentityInput {\n /** The proof returned by `auth_createDepositorToken`. */\n proof: ServerIdentityResponse;\n /**\n * The x-only persistent server pubkey the FE expects (sourced from\n * the on-chain `VaultProvider.btcPubKey` via the vault registry\n * reader). 64-char lowercase hex, no `0x` prefix.\n */\n pinnedServerPubkey: string;\n /** Current Unix timestamp in seconds. Injected for testability. */\n now: number;\n}\n\nexport class ServerIdentityError extends Error {\n constructor(\n message: string,\n public readonly reason:\n | \"pinned_pubkey_mismatch\"\n | \"expired\"\n | \"invalid_expires_at\"\n | \"invalid_pubkey_encoding\"\n | \"invalid_ephemeral_pubkey\"\n | \"invalid_signature_encoding\"\n | \"signature_verification_failed\",\n ) {\n super(message);\n this.name = \"ServerIdentityError\";\n }\n}\n\n/** Parse a lowercase-hex string to bytes. Expects even length, already validated. */\nfunction hexToBytes(hex: string): Uint8Array {\n const out = new Uint8Array(hex.length / 2);\n for (let i = 0; i < out.length; i++) {\n out[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);\n }\n return out;\n}\n\n\n/**\n * Verify a server identity proof against a pinned server pubkey.\n *\n * Checks:\n * 1. `server_pubkey` matches the pin.\n * 2. `expires_at > now` (with integer guards).\n * 3. `ephemeral_pubkey` is a well-formed 33-byte compressed pubkey.\n * 4. `signature` is a well-formed 64-byte Schnorr hex string.\n * 5. The BIP-322 Schnorr signature cryptographically verifies\n * against `server_pubkey` over the CBOR-encoded tuple\n * `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey, expires_at)`.\n *\n * Step 5 is what actually binds the ephemeral key to the persistent\n * pubkey — without it, a TLS-MITM attacker who reads the pinned\n * pubkey from the on-chain registry could substitute an arbitrary\n * ephemeral pubkey paired with any lexically-valid signature.\n *\n * @throws ServerIdentityError on any validation failure.\n */\nexport function verifyServerIdentity(input: VerifyServerIdentityInput): void {\n const { proof, pinnedServerPubkey, now } = input;\n\n const pinned = stripHexPrefix(pinnedServerPubkey).toLowerCase();\n if (pinned.length !== X_ONLY_PUBKEY_HEX_LEN || !HEX_RE.test(pinned)) {\n throw new ServerIdentityError(\n `pinnedServerPubkey must be 32-byte hex; got ${pinned.length} chars`,\n \"invalid_pubkey_encoding\",\n );\n }\n\n const actual = stripHexPrefix(proof.server_pubkey).toLowerCase();\n if (actual.length !== X_ONLY_PUBKEY_HEX_LEN || !HEX_RE.test(actual)) {\n throw new ServerIdentityError(\n `server_pubkey must be 32-byte hex; got ${actual.length} chars`,\n \"invalid_pubkey_encoding\",\n );\n }\n\n if (actual !== pinned) {\n throw new ServerIdentityError(\n `server_pubkey does not match pinned value: expected ${pinned}, got ${actual}`,\n \"pinned_pubkey_mismatch\",\n );\n }\n\n // Validate both sides of the comparison are well-formed integers\n // BEFORE comparing — untrusted JSON-RPC input can supply\n // undefined/NaN/string values for `expires_at`, and relational\n // comparisons with those silently evaluate to `false` (accepting the\n // proof). Caller's `now` is injected but we still sanity-check it.\n // Garbage data and \"valid but past\" both render the proof unusable\n // but mean different things to a caller — keep the reasons distinct.\n if (!Number.isSafeInteger(proof.expires_at)) {\n throw new ServerIdentityError(\n `expires_at must be a finite integer; got ${JSON.stringify(proof.expires_at)}`,\n \"invalid_expires_at\",\n );\n }\n if (!Number.isSafeInteger(now)) {\n throw new ServerIdentityError(\n `now must be a finite integer; got ${JSON.stringify(now)}`,\n \"invalid_expires_at\",\n );\n }\n if (proof.expires_at <= now) {\n throw new ServerIdentityError(\n `server identity proof expired at ${proof.expires_at}, now ${now}`,\n \"expired\",\n );\n }\n\n const eph = stripHexPrefix(proof.ephemeral_pubkey).toLowerCase();\n if (eph.length !== COMPRESSED_PUBKEY_HEX_LEN || !HEX_RE.test(eph)) {\n throw new ServerIdentityError(\n `ephemeral_pubkey must be 33-byte compressed hex; got ${eph.length} chars`,\n \"invalid_ephemeral_pubkey\",\n );\n }\n const prefix = eph.slice(0, 2);\n if (prefix !== \"02\" && prefix !== \"03\") {\n throw new ServerIdentityError(\n `ephemeral_pubkey must be compressed (prefix 02/03); got ${prefix}`,\n \"invalid_ephemeral_pubkey\",\n );\n }\n // Curve validation. The BIP-322 signature attests to the byte string\n // of `ephemeral_pubkey` only, not to its curve validity. Without\n // this check, a server could sign a structurally-valid byte string\n // that doesn't decode to a secp256k1 point — passing verification\n // here and surfacing as an obscure crypto error later when the\n // depositor tries to use the key. Reject up front.\n const ephBytes = hexToBytes(eph);\n if (!ecc.isPoint(ephBytes)) {\n throw new ServerIdentityError(\n \"ephemeral_pubkey is not a valid secp256k1 point\",\n \"invalid_ephemeral_pubkey\",\n );\n }\n\n const sig = stripHexPrefix(proof.signature).toLowerCase();\n if (sig.length !== SCHNORR_SIG_HEX_LEN || !HEX_RE.test(sig)) {\n throw new ServerIdentityError(\n `signature must be 64-byte Schnorr hex; got ${sig.length} chars`,\n \"invalid_signature_encoding\",\n );\n }\n\n // Cryptographic verification of the BIP-322 signature over the\n // CBOR-encoded payload. Without this, the ephemeral-key binding is\n // unenforced and a TLS-MITM could substitute a fake ephemeral key\n // alongside the real (publicly-readable) pinned pubkey.\n const payload = encodeServerIdentityPayload(\n SERVER_IDENTITY_DOMAIN,\n hexToBytes(eph),\n proof.expires_at,\n );\n const verified = verifyBip322Simple(payload, hexToBytes(actual), hexToBytes(sig));\n if (!verified) {\n throw new ServerIdentityError(\n \"BIP-322 signature verification failed — ephemeral key is not attested by pinned server pubkey\",\n \"signature_verification_failed\",\n );\n }\n}\n","/**\n * VP RPC methods that require `Authorization: Bearer <token>`.\n * Protocol invariant — must be kept in sync with the VP server.\n *\n * @stability frozen\n *\n * @module tbv/core/clients/vault-provider/auth/gatedMethods\n */\n\nexport const AUTH_GATED_METHODS: ReadonlySet<string> = new Set([\n \"vaultProvider_submitDepositorWotsKey\",\n \"vaultProvider_submitDepositorPresignatures\",\n \"vaultProvider_requestDepositorPresignTransactions\",\n]);\n","/**\n * Shared internals for the unauthenticated token-issuing JSON-RPC\n * client. The \"inner\" client is dedicated to `auth_createDepositorToken`\n * — it MUST NOT carry a `tokenProvider`, else the JSON-RPC header\n * builder would recurse into token acquisition.\n *\n * @module tbv/core/clients/vault-provider/auth/innerTokenClient\n */\n\nimport { JsonRpcClient } from \"../json-rpc-client\";\n\nconst TOKEN_RPC_TIMEOUT_MS = 60_000;\n\nexport const TOKEN_ISSUE_METHOD = \"auth_createDepositorToken\";\n\nexport function buildInnerTokenClient(\n baseUrl: string,\n headers?: Record<string, string>,\n): JsonRpcClient {\n return new JsonRpcClient({\n baseUrl,\n timeout: TOKEN_RPC_TIMEOUT_MS,\n headers,\n retryableFor: (method) => method === TOKEN_ISSUE_METHOD,\n });\n}\n","/**\n * `VpTokenProvider` — caches CWT bearer tokens issued by the vault\n * provider's `auth_createDepositorToken` RPC, with lazy expiry check\n * and single-flight concurrent acquire.\n *\n * Usage:\n *\n * ```ts\n * const provider = new VpTokenProvider({\n * client,\n * peginTxid,\n * authAnchorHex,\n * pinnedServerPubkey,\n * authGatedMethods,\n * });\n * const bearer = await provider.getToken(method); // null if not gated\n * ```\n *\n * The provider implements the `BearerTokenProvider` interface expected\n * by `JsonRpcClient`. Plug directly:\n *\n * ```ts\n * const client = new JsonRpcClient({ ..., tokenProvider: provider });\n * ```\n *\n * @module tbv/core/clients/vault-provider/auth/tokenProvider\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport type { BearerTokenProvider, JsonRpcClient } from \"../json-rpc-client\";\nimport { TOKEN_ISSUE_METHOD } from \"./innerTokenClient\";\nimport {\n type ServerIdentityResponse,\n verifyServerIdentity,\n} from \"./serverIdentity\";\n\n/**\n * Maximum reasonable `expires_at` value (seconds since epoch). Guards\n * against a bogus far-future timestamp that would lock the cache on a\n * bad token forever. Jan 1, 2100 in Unix seconds.\n */\nconst MAX_EXPIRES_AT_SECS = 4_102_444_800;\n\n/**\n * Default safety margin before `expires_at` — we treat a token as\n * expired this many seconds before its stated expiry so that in-flight\n * requests don't race the expiry boundary.\n */\nconst DEFAULT_REFRESH_SKEW_SECS = 30;\n\n/**\n * Wire response shape of `auth_createDepositorToken`.\n */\nexport interface CreateDepositorTokenResponse {\n /** Base64url-encoded COSE Sign1 CWT bearer token. */\n token: string;\n /** Unix timestamp at which the token expires. */\n expires_at: number;\n /** Server identity proof bundled with every token response. */\n server_identity: ServerIdentityResponse;\n}\n\nexport interface VpTokenProviderConfig {\n client: JsonRpcClient;\n /** Per-vault depositor-signed PegIn tx id. NOT shared across sibling vaults in a batch. */\n peginTxid: string;\n /** 64-char hex of the 32-byte OP_RETURN auth-anchor preimage. */\n authAnchorHex: string;\n /** Pinned VP pubkey from the on-chain registry; branded so indexer mirrors can't substitute. */\n pinnedServerPubkey: OnChainBtcPubkey;\n /** Methods that require a bearer; `getToken` returns `null` for anything outside this set. */\n authGatedMethods: ReadonlySet<string>;\n /** Default {@link DEFAULT_REFRESH_SKEW_SECS}. */\n refreshSkewSecs?: number;\n /** Clock source for testability. */\n now?: () => number;\n}\n\ninterface CachedToken {\n token: string;\n expiresAt: number;\n}\n\n/**\n * Acquire, cache, and refresh VP bearer tokens.\n *\n * Implements {@link BearerTokenProvider}. Safe to pass directly into\n * `JsonRpcClient` as `tokenProvider`.\n */\nexport class VpTokenProvider implements BearerTokenProvider {\n // `client` is the only mutable field — see `setClient`. The\n // identity-bearing fields (peginTxid/authAnchorHex/pinnedServerPubkey)\n // remain readonly and are checked against re-registration in the\n // registry's `getOrCreate`.\n private client: JsonRpcClient;\n private readonly peginTxid: string;\n private readonly authAnchorHex: string;\n private readonly pinnedServerPubkey: OnChainBtcPubkey;\n private readonly authGatedMethods: ReadonlySet<string>;\n private readonly refreshSkewSecs: number;\n private readonly now: () => number;\n\n private cached: CachedToken | null = null;\n private inFlight: Promise<CachedToken> | null = null;\n\n constructor(config: VpTokenProviderConfig) {\n this.client = config.client;\n this.peginTxid = config.peginTxid;\n this.authAnchorHex = config.authAnchorHex;\n this.pinnedServerPubkey = config.pinnedServerPubkey;\n this.authGatedMethods = config.authGatedMethods;\n this.refreshSkewSecs = config.refreshSkewSecs ?? DEFAULT_REFRESH_SKEW_SECS;\n this.now = config.now ?? (() => Math.floor(Date.now() / 1000));\n }\n\n /**\n * Return a bearer token for `method`, or `null` if `method` is not\n * auth-gated. Triggers a token acquisition if no token is cached or\n * the cached token is within {@link refreshSkewSecs} of expiry.\n *\n * The token-issuing method itself is hard-exempted from the gate —\n * if `auth_createDepositorToken` were ever included in\n * `authGatedMethods` (caller misconfiguration) the provider would\n * recurse into `acquireSingleFlight` from inside the JSON-RPC header\n * builder before `inFlight` is assigned, defeating the single-flight\n * guard. Returning `null` here breaks that recursion deterministically.\n */\n async getToken(method: string): Promise<string | null> {\n if (method === TOKEN_ISSUE_METHOD) return null;\n if (!this.authGatedMethods.has(method)) return null;\n\n const cached = this.cached;\n if (cached && this.now() + this.refreshSkewSecs < cached.expiresAt) {\n return cached.token;\n }\n\n const fresh = await this.acquireSingleFlight();\n return fresh.token;\n }\n\n /**\n * Drop the cached token. Next `getToken` call re-acquires.\n * Called by `JsonRpcClient` on wire `auth_expired` responses.\n */\n invalidate(): void {\n this.cached = null;\n // Do NOT clear `inFlight` — a concurrent acquire is still valid;\n // the invalidator is saying \"the cached token is bad\", not \"any\n // in-flight acquire is bad\". The in-flight acquire will populate\n // a fresh `cached` on completion.\n }\n\n /**\n * Swap in a different transport for subsequent token-issuing calls.\n * Used by the registry when a later caller registers the same\n * `peginTxid` against a different `baseUrl` — the cached token\n * (bound to identity, not transport) stays valid, but future\n * refreshes hit the new URL. An in-flight acquire keeps using the\n * old client (it captured the reference); next call uses the new.\n */\n setClient(client: JsonRpcClient): void {\n this.client = client;\n }\n\n private acquireSingleFlight(): Promise<CachedToken> {\n const existing = this.inFlight;\n if (existing) return existing;\n\n const p = (async () => {\n try {\n const response = await this.client.call<\n { pegin_txid: string; auth_anchor: string },\n CreateDepositorTokenResponse\n >(TOKEN_ISSUE_METHOD, {\n pegin_txid: this.peginTxid,\n auth_anchor: this.authAnchorHex,\n });\n\n verifyServerIdentity({\n proof: response.server_identity,\n pinnedServerPubkey: this.pinnedServerPubkey,\n now: this.now(),\n });\n\n // Validate wire payload before caching so a malformed response\n // from a compromised VP or proxy can't poison the cache with\n // unusable values (non-string token, non-integer expiry, etc.).\n if (typeof response.token !== \"string\" || response.token.length === 0) {\n throw new Error(\n `VpTokenProvider: invalid token in acquire response (expected non-empty string, got ${typeof response.token})`,\n );\n }\n const now = this.now();\n if (\n !Number.isSafeInteger(response.expires_at) ||\n response.expires_at <= now ||\n response.expires_at > MAX_EXPIRES_AT_SECS\n ) {\n throw new Error(\n `VpTokenProvider: invalid expires_at in acquire response (got ${JSON.stringify(response.expires_at)}; must be a safe integer in (${now}, ${MAX_EXPIRES_AT_SECS}])`,\n );\n }\n\n const fresh: CachedToken = {\n token: response.token,\n expiresAt: response.expires_at,\n };\n this.cached = fresh;\n return fresh;\n } finally {\n this.inFlight = null;\n }\n })();\n\n this.inFlight = p;\n return p;\n }\n}\n","/**\n * In-memory registry of {@link VpTokenProvider} instances keyed by\n * the per-vault depositor-signed PegIn tx hash. Module-level\n * singleton, per-tab, never persisted.\n *\n * @module tbv/core/clients/vault-provider/auth/tokenRegistry\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport type { JsonRpcClient } from \"../json-rpc-client\";\n\nimport { AUTH_GATED_METHODS } from \"./gatedMethods\";\nimport { VpTokenProvider } from \"./tokenProvider\";\n\nexport interface VpTokenRegistryInput {\n client: JsonRpcClient;\n peginTxid: string;\n authAnchorHex: string;\n pinnedServerPubkey: OnChainBtcPubkey;\n}\n\ninterface RegistryEntry {\n provider: VpTokenProvider;\n authAnchorHex: string;\n pinnedServerPubkey: OnChainBtcPubkey;\n}\n\nexport class VpTokenRegistry {\n private readonly entries = new Map<string, RegistryEntry>();\n\n /**\n * Return the cached `VpTokenProvider` for `peginTxid` if one exists\n * with matching `authAnchorHex` and `pinnedServerPubkey`, otherwise\n * construct and cache a fresh provider. A mismatch on either field\n * throws — silent overwrite would mask derivation drift or VP\n * pubkey rotation.\n */\n getOrCreate(input: VpTokenRegistryInput): VpTokenProvider {\n const existing = this.entries.get(input.peginTxid);\n if (existing) {\n if (existing.authAnchorHex !== input.authAnchorHex) {\n throw new Error(\n `VpTokenRegistry: peginTxid ${input.peginTxid} already bound to authAnchorHex ${existing.authAnchorHex.slice(0, 8)}…; got ${input.authAnchorHex.slice(0, 8)}…`,\n );\n }\n if (existing.pinnedServerPubkey !== input.pinnedServerPubkey) {\n throw new Error(\n `VpTokenRegistry: peginTxid ${input.peginTxid} already bound to pinnedServerPubkey ${existing.pinnedServerPubkey.slice(0, 8)}…; got ${input.pinnedServerPubkey.slice(0, 8)}…`,\n );\n }\n // Refresh the inner transport on every reuse so a VP URL\n // change between calls doesn't leave the cached provider\n // pinned to a dead URL for token refresh.\n existing.provider.setClient(input.client);\n return existing.provider;\n }\n\n const provider = new VpTokenProvider({\n client: input.client,\n peginTxid: input.peginTxid,\n authAnchorHex: input.authAnchorHex,\n pinnedServerPubkey: input.pinnedServerPubkey,\n authGatedMethods: AUTH_GATED_METHODS,\n });\n this.entries.set(input.peginTxid, {\n provider,\n authAnchorHex: input.authAnchorHex,\n pinnedServerPubkey: input.pinnedServerPubkey,\n });\n return provider;\n }\n\n /** Return the cached provider, or `undefined` if none. */\n peek(peginTxid: string): VpTokenProvider | undefined {\n return this.entries.get(peginTxid)?.provider;\n }\n\n /**\n * Evict the entry for `peginTxid`. Idempotent. Called on terminal\n * paths — activation success, user-cancel, or component unmount —\n * so `authAnchorHex` doesn't outlive the deposit session.\n */\n release(peginTxid: string): void {\n this.entries.delete(peginTxid);\n }\n\n /**\n * Wipe every cached entry. Test-only escape hatch — not exposed on\n * the public {@link VpTokenRegistryPublic} singleton type.\n *\n * @internal\n */\n clear(): void {\n this.entries.clear();\n }\n\n get size(): number {\n return this.entries.size;\n }\n}\n\n/**\n * Public surface of the singleton — excludes the test-only `clear`\n * method.\n */\nexport interface VpTokenRegistryPublic {\n getOrCreate(input: VpTokenRegistryInput): VpTokenProvider;\n peek(peginTxid: string): VpTokenProvider | undefined;\n release(peginTxid: string): void;\n readonly size: number;\n}\n\nexport const vpTokenRegistry: VpTokenRegistryPublic = new VpTokenRegistry();\n","/**\n * Build a {@link VaultProviderRpcClient} that auto-attaches CWT\n * bearer tokens on auth-gated methods. Caller pre-derives both the\n * `authAnchorHex` (from the wallet) and the `pinnedServerPubkey`\n * (from the on-chain registry) and hands them in — the SDK has no\n * notion of wallets here.\n *\n * @module tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport {\n VaultProviderRpcClient,\n type VaultProviderRpcClientOptions,\n} from \"../api\";\n\nimport { buildInnerTokenClient } from \"./innerTokenClient\";\nimport { vpTokenRegistry } from \"./tokenRegistry\";\n\nexport interface AuthenticatedVpClientConfig {\n /** Base URL of the VP RPC endpoint (already proxied if applicable). */\n baseUrl: string;\n /** Per-vault depositor-signed PegIn tx id (registry cache key). */\n peginTxid: string;\n /** Already-derived 32-byte auth-anchor preimage (64-char hex, no `0x`). */\n authAnchorHex: string;\n /** On-chain VP pubkey, branded so it can only come from the registry reader. */\n pinnedServerPubkey: OnChainBtcPubkey;\n /** Optional outer-client tunables (timeout, retries, headers, etc.). */\n options?: VaultProviderRpcClientOptions;\n}\n\nexport function createAuthenticatedVpClient(\n config: AuthenticatedVpClientConfig,\n): VaultProviderRpcClient {\n const innerTokenClient = buildInnerTokenClient(\n config.baseUrl,\n config.options?.headers,\n );\n\n const tokenProvider = vpTokenRegistry.getOrCreate({\n client: innerTokenClient,\n peginTxid: config.peginTxid,\n authAnchorHex: config.authAnchorHex,\n pinnedServerPubkey: config.pinnedServerPubkey,\n });\n\n return new VaultProviderRpcClient(config.baseUrl, {\n ...config.options,\n tokenProvider,\n });\n}\n","/**\n * Pre-populate {@link vpTokenRegistry} when the caller already has\n * both the auth-anchor preimage and the on-chain VP pubkey. Seeds\n * the cache for a `peginTxid` so a later `createAuthenticatedVpClient`\n * call reuses the cached `VpTokenProvider` instead of rebuilding it.\n *\n * @module tbv/core/clients/vault-provider/auth/primeVpAuth\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\n\nimport { buildInnerTokenClient } from \"./innerTokenClient\";\nimport { vpTokenRegistry } from \"./tokenRegistry\";\n\nexport interface PrimeVpAuthInput {\n baseUrl: string;\n peginTxid: string;\n authAnchorHex: string;\n pinnedServerPubkey: OnChainBtcPubkey;\n /** Optional headers forwarded to the inner token client (e.g. gateway auth). */\n headers?: Record<string, string>;\n}\n\nexport function primeVpTokenRegistry(input: PrimeVpAuthInput): void {\n vpTokenRegistry.getOrCreate({\n client: buildInnerTokenClient(input.baseUrl, input.headers),\n peginTxid: input.peginTxid,\n authAnchorHex: input.authAnchorHex,\n pinnedServerPubkey: input.pinnedServerPubkey,\n });\n}\n","/**\n * Contract Address Resolver\n *\n * Resolves ProtocolParams and ApplicationRegistry contract addresses\n * from the BTCVaultRegistry contract. These addresses are needed to\n * construct the SDK's contract readers.\n *\n * @module clients/eth/contract-address-resolver\n */\n\nimport type { Address, PublicClient } from \"viem\";\n\nimport { BTCVaultRegistryABI } from \"../../contracts/abis/BTCVaultRegistry.abi\";\n\nexport interface ProtocolAddresses {\n /** Address of the ProtocolParams contract */\n protocolParams: Address;\n /** Address of the ApplicationRegistry contract */\n applicationRegistry: Address;\n}\n\n/**\n * Resolve ProtocolParams and ApplicationRegistry addresses from BTCVaultRegistry.\n *\n * Uses a single multicall for atomicity and efficiency.\n *\n * @param publicClient - viem PublicClient instance\n * @param btcVaultRegistryAddress - Address of the BTCVaultRegistry contract\n * @returns Resolved contract addresses\n */\nexport async function resolveProtocolAddresses(\n publicClient: PublicClient,\n btcVaultRegistryAddress: Address,\n): Promise<ProtocolAddresses> {\n const [protocolParams, applicationRegistry] = await publicClient.multicall({\n contracts: [\n {\n address: btcVaultRegistryAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"protocolParams\",\n },\n {\n address: btcVaultRegistryAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"applicationRegistry\",\n },\n ],\n allowFailure: false,\n });\n\n return {\n protocolParams: protocolParams as Address,\n applicationRegistry: applicationRegistry as Address,\n };\n}\n","/**\n * Concrete ProtocolParams reader using viem's readContract and multicall.\n *\n * This is an optional utility — callers can use their own implementation\n * of the ProtocolParamsReader interface.\n */\n\nimport type { Address, Hex, PublicClient } from \"viem\";\n\nimport { ProtocolParamsABI } from \"../../contracts/abis/ProtocolParams.abi\";\nimport type {\n PegInConfiguration,\n ProtocolParamsReader,\n TBVProtocolParams,\n VersionedOffchainParams,\n} from \"./types\";\n\n/**\n * Maximum value for a Solidity uint16.\n * PeginLogic.sol casts timelockAssert to uint16, so values above this are invalid.\n */\nconst UINT16_MAX = 65535;\n\n/**\n * Raw shape viem returns for VersionedOffchainParams struct.\n * viem resolves ABI struct outputs to named objects (not tuples).\n */\ninterface RawOffchainParams {\n timelockAssert: bigint;\n timelockChallengeAssert: bigint;\n securityCouncilKeys: readonly Hex[];\n councilQuorum: number;\n feeRate: bigint;\n babeTotalInstances: number;\n babeInstancesToFinalize: number;\n minVpCommissionBps: number;\n tRefund: number;\n tStale: number;\n minPeginFeeRate: bigint;\n proverProgramVersion: number;\n minPrepeginDepth: number;\n}\n\n/** Raw shape viem returns for TBVProtocolParams struct. */\ninterface RawTBVParams {\n minimumPegInAmount: bigint;\n maxPegInAmount: bigint;\n pegInAckTimeout: bigint;\n pegInActivationTimeout: bigint;\n maxHtlcOutputCount: number;\n}\n\n/** Map viem struct result to VersionedOffchainParams. */\nfunction mapOffchainParams(result: RawOffchainParams): VersionedOffchainParams {\n return {\n timelockAssert: result.timelockAssert,\n timelockChallengeAssert: result.timelockChallengeAssert,\n securityCouncilKeys: [...result.securityCouncilKeys],\n councilQuorum: result.councilQuorum,\n feeRate: result.feeRate,\n babeTotalInstances: result.babeTotalInstances,\n babeInstancesToFinalize: result.babeInstancesToFinalize,\n minVpCommissionBps: result.minVpCommissionBps,\n tRefund: result.tRefund,\n tStale: result.tStale,\n minPeginFeeRate: result.minPeginFeeRate,\n proverProgramVersion: result.proverProgramVersion,\n minPrepeginDepth: result.minPrepeginDepth,\n };\n}\n\n/** Map viem struct result to TBVProtocolParams. */\nfunction mapTBVParams(result: RawTBVParams): TBVProtocolParams {\n return {\n minimumPegInAmount: result.minimumPegInAmount,\n maxPegInAmount: result.maxPegInAmount,\n pegInAckTimeout: result.pegInAckTimeout,\n pegInActivationTimeout: result.pegInActivationTimeout,\n maxHtlcOutputCount: result.maxHtlcOutputCount,\n };\n}\n\n/**\n * Derive timelockPegin from timelockAssert.\n *\n * Matches PeginLogic.sol: `uint16(timelockAssert)`.\n * The contract validates `timelockAssert <= type(uint16).max` on write,\n * but we enforce the same bound here to reject invalid values early\n * rather than silently truncating.\n *\n * @throws if timelockAssert exceeds uint16 max (65535)\n */\nfunction deriveTimelockPegin(timelockAssert: bigint): number {\n if (timelockAssert > BigInt(UINT16_MAX)) {\n throw new Error(\n `timelockAssert value ${timelockAssert} exceeds uint16 max (${UINT16_MAX})`,\n );\n }\n return Number(timelockAssert);\n}\n\n/**\n * Concrete protocol params reader using viem.\n *\n * Usage:\n * ```ts\n * const reader = new ViemProtocolParamsReader(publicClient, protocolParamsAddress);\n * const config = await reader.getPegInConfiguration();\n * ```\n */\nexport class ViemProtocolParamsReader implements ProtocolParamsReader {\n constructor(\n private publicClient: PublicClient,\n private contractAddress: Address,\n ) {}\n\n async getTBVProtocolParams(): Promise<TBVProtocolParams> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getTBVProtocolParams\",\n })) as RawTBVParams;\n\n return mapTBVParams(result);\n }\n\n async getLatestOffchainParams(): Promise<VersionedOffchainParams> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getLatestOffchainParams\",\n })) as RawOffchainParams;\n\n return mapOffchainParams(result);\n }\n\n async getOffchainParamsByVersion(\n version: number,\n ): Promise<VersionedOffchainParams> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getOffchainParamsByVersion\",\n args: [version],\n })) as RawOffchainParams;\n\n return mapOffchainParams(result);\n }\n\n async getLatestOffchainParamsVersion(): Promise<number> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"latestOffchainParamsVersion\",\n })) as number;\n\n return result;\n }\n\n async getTimelockPeginByVersion(version: number): Promise<number> {\n const params = await this.getOffchainParamsByVersion(version);\n return deriveTimelockPegin(params.timelockAssert);\n }\n\n /**\n * Read TBV protocol params and latest offchain params atomically via multicall.\n * Prevents TOCTOU inconsistency if governance updates params between reads.\n */\n async getPegInConfiguration(): Promise<PegInConfiguration> {\n const results = await this.publicClient.multicall({\n contracts: [\n {\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getTBVProtocolParams\",\n },\n {\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getLatestOffchainParams\",\n },\n ],\n allowFailure: false,\n });\n\n const tbvParams = mapTBVParams(results[0] as RawTBVParams);\n const offchainParams = mapOffchainParams(results[1] as RawOffchainParams);\n\n return {\n minimumPegInAmount: tbvParams.minimumPegInAmount,\n maxPegInAmount: tbvParams.maxPegInAmount,\n pegInAckTimeout: tbvParams.pegInAckTimeout,\n pegInActivationTimeout: tbvParams.pegInActivationTimeout,\n maxHtlcOutputCount: tbvParams.maxHtlcOutputCount,\n timelockPegin: deriveTimelockPegin(offchainParams.timelockAssert),\n timelockRefund: offchainParams.tRefund,\n minVpCommissionBps: offchainParams.minVpCommissionBps,\n offchainParams,\n };\n }\n}\n","/**\n * Concrete signer-set readers for vault keepers and universal challengers.\n *\n * These are optional utilities — callers can use their own implementations\n * of the VaultKeeperReader and UniversalChallengerReader interfaces.\n */\n\nimport type { Address, Hex, PublicClient } from \"viem\";\n\nimport { ApplicationRegistryABI } from \"../../contracts/abis/ApplicationRegistry.abi\";\nimport { ProtocolParamsABI } from \"../../contracts/abis/ProtocolParams.abi\";\nimport type {\n AddressBTCKeyPair,\n UniversalChallengerReader,\n VaultKeeperReader,\n} from \"./types\";\n\n/** Map viem tuple array to AddressBTCKeyPair[]. */\nfunction mapKeyPairs(\n result: readonly { ethAddress: Address; btcPubKey: Hex }[],\n): AddressBTCKeyPair[] {\n return result.map((pair) => ({\n ethAddress: pair.ethAddress,\n btcPubKey: pair.btcPubKey,\n }));\n}\n\n/**\n * Reads vault keepers from the ApplicationRegistry contract.\n *\n * Usage:\n * ```ts\n * const reader = new ViemVaultKeeperReader(publicClient, applicationRegistryAddress);\n * const keepers = await reader.getCurrentVaultKeepers(appEntryPoint);\n * ```\n */\nexport class ViemVaultKeeperReader implements VaultKeeperReader {\n constructor(\n private publicClient: PublicClient,\n private contractAddress: Address,\n ) {}\n\n async getVaultKeepersByVersion(\n appEntryPoint: Address,\n version: number,\n ): Promise<AddressBTCKeyPair[]> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ApplicationRegistryABI,\n functionName: \"getVaultKeepersByVersion\",\n args: [appEntryPoint, version],\n })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n return mapKeyPairs(result);\n }\n\n async getCurrentVaultKeepers(\n appEntryPoint: Address,\n ): Promise<AddressBTCKeyPair[]> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ApplicationRegistryABI,\n functionName: \"getCurrentVaultKeepers\",\n args: [appEntryPoint],\n })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n return mapKeyPairs(result);\n }\n\n async getCurrentVaultKeepersVersion(\n appEntryPoint: Address,\n ): Promise<number> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ApplicationRegistryABI,\n functionName: \"getCurrentVaultKeepersVersion\",\n args: [appEntryPoint],\n })) as number;\n\n return result;\n }\n}\n\n/**\n * Reads universal challengers from the ProtocolParams contract.\n *\n * Usage:\n * ```ts\n * const reader = new ViemUniversalChallengerReader(publicClient, protocolParamsAddress);\n * const challengers = await reader.getCurrentUniversalChallengers();\n * ```\n */\nexport class ViemUniversalChallengerReader implements UniversalChallengerReader {\n constructor(\n private publicClient: PublicClient,\n private contractAddress: Address,\n ) {}\n\n async getUniversalChallengersByVersion(\n version: number,\n ): Promise<AddressBTCKeyPair[]> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getUniversalChallengersByVersion\",\n args: [version],\n })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n return mapKeyPairs(result);\n }\n\n async getCurrentUniversalChallengers(): Promise<AddressBTCKeyPair[]> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"getCurrentUniversalChallengers\",\n })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n return mapKeyPairs(result);\n }\n\n async getLatestUniversalChallengersVersion(): Promise<number> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: ProtocolParamsABI,\n functionName: \"latestUniversalChallengersVersion\",\n })) as number;\n\n return result;\n }\n}\n","/**\n * Concrete BTCVaultRegistry reader using viem's readContract.\n *\n * This is an optional utility — callers can use their own implementation\n * of the VaultRegistryReader interface.\n */\n\nimport * as ecc from \"@bitcoin-js/tiny-secp256k1-asmjs\";\nimport type { Address, Hex, PublicClient } from \"viem\";\n\nimport { hexToUint8Array } from \"../../primitives/utils/bitcoin\";\nimport { BTCVaultRegistryABI } from \"../../contracts/abis/BTCVaultRegistry.abi\";\nimport type {\n OnChainBtcPubkey,\n VaultBasicInfo,\n VaultData,\n VaultProtocolInfo,\n VaultRegistryReader,\n} from \"./types\";\n\n/**\n * Concrete vault registry reader using viem.\n *\n * Usage:\n * ```ts\n * const reader = new ViemVaultRegistryReader(publicClient, registryAddress);\n * const data = await reader.getVaultData(vaultId);\n * ```\n */\nexport class ViemVaultRegistryReader implements VaultRegistryReader {\n constructor(\n private publicClient: PublicClient,\n private contractAddress: Address,\n ) {}\n\n /**\n * Read the VP's persistent x-only BTC pubkey from the on-chain\n * registry. Validates length, hex form, and secp256k1 curve\n * membership before minting the brand. Returns 64-char lowercase\n * hex without the `0x` prefix.\n */\n async getVaultProviderBtcPubKey(\n vpAddress: Address,\n ): Promise<OnChainBtcPubkey> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"getVaultProviderBTCKey\",\n args: [vpAddress],\n })) as Hex;\n const lowered = result.toLowerCase();\n if (!/^0x[0-9a-f]{64}$/.test(lowered)) {\n throw new Error(\n `getVaultProviderBTCKey returned an unexpected value (vp=${vpAddress}, length ${lowered.length}, prefix \"${lowered.slice(0, 2)}\")`,\n );\n }\n const stripped = lowered.slice(2);\n if (!ecc.isXOnlyPoint(hexToUint8Array(stripped))) {\n throw new Error(\n `getVaultProviderBTCKey returned a value that is not on the secp256k1 curve (vp=${vpAddress})`,\n );\n }\n return stripped as OnChainBtcPubkey;\n }\n\n async getVaultBasicInfo(vaultId: Hex): Promise<VaultBasicInfo> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"getBtcVaultBasicInfo\",\n args: [vaultId],\n })) as {\n depositor: Address;\n depositorBtcPubKey: Hex;\n amount: bigint;\n vaultProvider: Address;\n status: number;\n applicationEntryPoint: Address;\n createdAt: bigint;\n };\n\n return {\n depositor: result.depositor,\n depositorBtcPubKey: result.depositorBtcPubKey,\n amount: result.amount,\n vaultProvider: result.vaultProvider,\n status: result.status,\n applicationEntryPoint: result.applicationEntryPoint,\n createdAt: result.createdAt,\n };\n }\n\n async getVaultProtocolInfo(vaultId: Hex): Promise<VaultProtocolInfo> {\n const result = (await this.publicClient.readContract({\n address: this.contractAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"getBtcVaultProtocolInfo\",\n args: [vaultId],\n })) as {\n depositorSignedPeginTx: Hex;\n universalChallengersVersion: number;\n appVaultKeepersVersion: number;\n offchainParamsVersion: number;\n verifiedAt: bigint;\n depositorWotsPkHash: Hex;\n hashlock: Hex;\n htlcVout: number;\n depositorPopSignature: Hex;\n prePeginTxHash: Hex;\n vaultProviderCommissionBps: number;\n };\n\n return {\n depositorSignedPeginTx: result.depositorSignedPeginTx,\n universalChallengersVersion: result.universalChallengersVersion,\n appVaultKeepersVersion: result.appVaultKeepersVersion,\n offchainParamsVersion: result.offchainParamsVersion,\n verifiedAt: result.verifiedAt,\n depositorWotsPkHash: result.depositorWotsPkHash,\n hashlock: result.hashlock,\n htlcVout: result.htlcVout,\n depositorPopSignature: result.depositorPopSignature,\n prePeginTxHash: result.prePeginTxHash,\n vaultProviderCommissionBps: result.vaultProviderCommissionBps,\n };\n }\n\n async getVaultData(vaultId: Hex): Promise<VaultData> {\n const [basic, protocol] = await Promise.all([\n this.getVaultBasicInfo(vaultId),\n this.getVaultProtocolInfo(vaultId),\n ]);\n\n if (\n !protocol.depositorSignedPeginTx ||\n protocol.depositorSignedPeginTx === \"0x\"\n ) {\n throw new Error(\n `Vault ${vaultId} not found on-chain or has no pegin transaction`,\n );\n }\n\n return { basic, protocol };\n }\n}\n"],"names":["DAEMON_STATUS_VALUES","DaemonStatus","VP_ERROR_PREVIEW_MAX_LEN","preview","value","_a","VP_VALIDATION_USER_MESSAGE","VpResponseValidationError","detail","__publicField","TXID_HEX_LEN","isNonEmptyHex","HEX_RE","isNonEmptyString","assertNonEmptyHex","field","assertNonEmptyString","assertBtcPubkey","X_ONLY_PUBKEY_HEX_LEN","COMPRESSED_PUBKEY_HEX_LEN","validatePresigningProgressFields","progress","presigning","p","validateGetPeginStatusResponse","response","r","validateRequestDepositorPresignTransactionsResponse","i","validateClaimerTransactions","validateDepositorGraphTransactions","validateTransactionData","tx","validateChallengeAssertConnectorData","c","validatePresignDataPerChallenger","d","validateRequestDepositorClaimerArtifactsResponse","key","session","s","validateGetPegoutStatusResponse","validateClaimerPegoutStatus","validateChallengerStatus","index","assertNullableString","validateBatchGetPeginStatusResponse","validateBatchEnvelope","entry","validateBatchGetPegoutStatusResponse","rpcName","validateInnerResult","e","graph","DEFAULT_TIMEOUT_MS","VaultProviderRpcClient","baseUrl","options","config","JsonRpcClient","params","signal","attributeBatchResults","requestedTxids","results","requestedSet","txid","byTxid","seen","duplicate","unexpected","lower","missing","batchPollByProvider","items","getTxid","batchCall","onItem","onMissing","onDuplicate","onDuplicateBatch","onWholeBatchError","onUnexpected","batchSize","VP_BATCH_MAX_SIZE","chunk","txidToItem","txids","item","lowerTxid","attribution","error","duplicateTxids","envelope","BIP322_TAG","TAPTWEAK_TAG","X_ONLY_PUBKEY_SIZE","SCHNORR_SIG_SIZE","taggedHash","tag","data","tagBytes","tagHash","sha256","preimage","tweakXOnlyKey","xOnly","tweak","tweaked","ecc","verifyBip322Simple","messageBytes","xOnlyPubkey","signature","messageHash","p2tr","payments","Buffer","scriptPubKey","ZERO_SATS","toSpend","Transaction","scriptSig","toSign","toSpendTxid","sighash","tweakedXOnly","cborHead","major","arg","v","out","concat","parts","total","offset","encodeBytesAsArrayOfU8","bytes","b","encodeServerIdentityPayload","domain","ephemeralPubkeyCompressed","expiresAt","arrayHeader","domainBytes","pubkeyBytes","expiresAtBytes","SERVER_IDENTITY_DOMAIN","ServerIdentityError","message","reason","hexToBytes","hex","verifyServerIdentity","input","proof","pinnedServerPubkey","now","pinned","stripHexPrefix","actual","eph","prefix","ephBytes","sig","SCHNORR_SIG_HEX_LEN","payload","AUTH_GATED_METHODS","TOKEN_RPC_TIMEOUT_MS","TOKEN_ISSUE_METHOD","buildInnerTokenClient","headers","method","MAX_EXPIRES_AT_SECS","DEFAULT_REFRESH_SKEW_SECS","VpTokenProvider","cached","client","existing","fresh","VpTokenRegistry","provider","peginTxid","vpTokenRegistry","createAuthenticatedVpClient","innerTokenClient","tokenProvider","primeVpTokenRegistry","resolveProtocolAddresses","publicClient","btcVaultRegistryAddress","protocolParams","applicationRegistry","BTCVaultRegistryABI","UINT16_MAX","mapOffchainParams","result","mapTBVParams","deriveTimelockPegin","timelockAssert","ViemProtocolParamsReader","contractAddress","ProtocolParamsABI","version","tbvParams","offchainParams","mapKeyPairs","pair","ViemVaultKeeperReader","appEntryPoint","ApplicationRegistryABI","ViemUniversalChallengerReader","ViemVaultRegistryReader","vpAddress","lowered","stripped","hexToUint8Array","vaultId","basic","protocol"],"mappings":"oyBA2BMA,EAAuB,IAAI,IAAY,OAAO,OAAOC,EAAAA,YAAY,CAAC,EAElEC,GAA2B,IAEjC,SAASC,EAAQC,EAAwB,OACvC,QACEC,EAAA,KAAK,UAAUD,CAAK,IAApB,YAAAC,EAAuB,MAAM,EAAGH,MAA6B,WAEjE,CAEA,MAAMI,GACJ,2FAQK,MAAMC,UAAkC,KAAM,CAGnD,YAAYC,EAAgB,CAC1B,MAAMF,EAA0B,EAHzBG,EAAA,eAIP,KAAK,KAAO,4BACZ,KAAK,OAASD,CAChB,CACF,CAGA,MAAME,EAAe,GAErB,SAASC,EAAcP,EAAiC,CACtD,OAAO,OAAOA,GAAU,UAAYA,EAAM,OAAS,GAAKQ,EAAAA,OAAO,KAAKR,CAAK,CAC3E,CAEA,SAASS,EAAiBT,EAAiC,CACzD,OAAO,OAAOA,GAAU,UAAYA,EAAM,OAAS,CACrD,CAEA,SAASU,EAAkBV,EAAgBW,EAAqB,CAC9D,GAAI,CAACJ,EAAcP,CAAK,EACtB,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,yCAAyCZ,EAAQC,CAAK,CAAC,EAAA,CAGrG,CAEA,SAASY,EAAqBZ,EAAgBW,EAAqB,CACjE,GAAI,CAACF,EAAiBT,CAAK,EACzB,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qCAAqCZ,EAAQC,CAAK,CAAC,EAAA,CAGjG,CAMA,SAASa,EAAgBb,EAAgBW,EAAqB,CAC5D,GACE,CAACJ,EAAcP,CAAK,GACnBA,EAAM,SAAWc,yBAChBd,EAAM,SAAWe,4BAEnB,MAAM,IAAIZ,EACR,mCAAmCQ,CAAK,eAAeG,EAAAA,qBAAqB,OAAOC,EAAAA,yBAAyB,sCAAsChB,EAAQC,CAAK,CAAC,EAAA,CAGtK,CAKA,SAASgB,GACPC,EACM,CACN,MAAMC,EAAaD,EAAS,WAC5B,GAAgCC,GAAe,KAAM,OACrD,GAAI,OAAOA,GAAe,UAAY,MAAM,QAAQA,CAAU,EAC5D,MAAM,IAAIf,EACR,mFAAA,EAIJ,MAAMgB,EAAID,EAEV,GACEC,EAAE,0BAA4B,QAC9B,OAAOA,EAAE,yBAA4B,UAErC,MAAM,IAAIhB,EACR,kHAAkHJ,EAAQoB,EAAE,uBAAuB,CAAC,EAAA,EAIxJ,GACEA,EAAE,qCAAuC,QACzC,OAAOA,EAAE,oCAAuC,SAEhD,MAAM,IAAIhB,EACR,4HAA4HJ,EAAQoB,EAAE,kCAAkC,CAAC,EAAA,EAI7K,GACEA,EAAE,iCAAmC,QACrC,OAAOA,EAAE,gCAAmC,SAE5C,MAAM,IAAIhB,EACR,wHAAwHJ,EAAQoB,EAAE,8BAA8B,CAAC,EAAA,CAGvK,CAOO,SAASC,EACdC,EAC4C,CAC5C,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,yEAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACd,EAAce,EAAE,UAAU,GAAKA,EAAE,WAAW,SAAWhB,EAC1D,MAAM,IAAIH,EACR,yDAAyDG,CAAY,gCAAgCP,EAAQuB,EAAE,UAAU,CAAC,EAAA,EAI9H,GAAI,OAAOA,EAAE,QAAW,SACtB,MAAM,IAAInB,EACR,0DAAA,EAIJ,GAAI,CAACP,EAAqB,IAAI0B,EAAE,MAAM,EACpC,MAAM,IAAInB,EACR,uDAAuDmB,EAAE,MAAM,uBAAuB,CAAC,GAAG1B,CAAoB,EAAE,KAAK,IAAI,CAAC,EAAA,EAI9H,GACE0B,EAAE,WAAa,MACf,OAAOA,EAAE,UAAa,UACtB,MAAM,QAAQA,EAAE,QAAQ,EAExB,MAAM,IAAInB,EACR,6DAAA,EAMJ,GAFAa,GAAiCM,EAAE,QAAmC,EAElE,OAAOA,EAAE,aAAgB,SAC3B,MAAM,IAAInB,EACR,+DAAA,EAIJ,GAAImB,EAAE,aAAe,QAAa,OAAOA,EAAE,YAAe,SACxD,MAAM,IAAInB,EACR,gFAAgFJ,EAAQuB,EAAE,UAAU,CAAC,EAAA,CAG3G,CAKO,SAASC,GACdF,EACiE,CACjE,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,8FAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAAC,MAAM,QAAQC,EAAE,GAAG,EACtB,MAAM,IAAInB,EACR,uDAAA,EAIJ,QAASqB,EAAI,EAAGA,EAAIF,EAAE,IAAI,OAAQE,IAChCC,GAA4BH,EAAE,IAAIE,CAAC,EAAG,OAAOA,CAAC,GAAG,EAGnD,GAAIF,EAAE,kBAAoB,MAAQ,OAAOA,EAAE,iBAAoB,SAC7D,MAAM,IAAInB,EACR,oEAAA,EAIJuB,GACEJ,EAAE,eAAA,CAEN,CAEA,SAASK,EAAwB3B,EAAgBW,EAAqB,CACpE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5CD,EADWV,EACU,OAAQ,GAAGW,CAAK,SAAS,CAChD,CAEA,SAASc,GAA4BzB,EAAgBW,EAAqB,CACxE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMiB,EAAK5B,EAEXa,EAAgBe,EAAG,eAAgB,GAAGjB,CAAK,iBAAiB,EAC5DgB,EAAwBC,EAAG,SAAU,GAAGjB,CAAK,WAAW,EACxDgB,EAAwBC,EAAG,UAAW,GAAGjB,CAAK,YAAY,EAC1DgB,EAAwBC,EAAG,UAAW,GAAGjB,CAAK,YAAY,EAC1DC,EAAqBgB,EAAG,YAAa,GAAGjB,CAAK,cAAc,CAC7D,CAEA,SAASkB,GACP7B,EACAW,EACM,CACN,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMmB,EAAI9B,EACVY,EAAqBkB,EAAE,cAAe,GAAGnB,CAAK,gBAAgB,EAC9DC,EAAqBkB,EAAE,kBAAmB,GAAGnB,CAAK,oBAAoB,CACxE,CAEA,SAASoB,GAAiC/B,EAAgBW,EAAqB,CAC7E,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMqB,EAAIhC,EAcV,GAZAa,EAAgBmB,EAAE,kBAAmB,GAAGrB,CAAK,oBAAoB,EACjEgB,EACEK,EAAE,sBACF,GAAGrB,CAAK,wBAAA,EAEVgB,EACEK,EAAE,sBACF,GAAGrB,CAAK,wBAAA,EAEVgB,EAAwBK,EAAE,YAAa,GAAGrB,CAAK,cAAc,EAC7DC,EAAqBoB,EAAE,cAAe,GAAGrB,CAAK,gBAAgB,EAE1D,CAAC,MAAM,QAAQqB,EAAE,2BAA2B,EAC9C,MAAM,IAAI7B,EACR,mCAAmCQ,CAAK,gDAAA,EAI5C,QAASa,EAAI,EAAGA,EAAIQ,EAAE,4BAA4B,OAAQR,IACxDK,GACEG,EAAE,4BAA4BR,CAAC,EAC/B,GAAGb,CAAK,gCAAgCa,CAAC,GAAA,EAI7C,GAAI,CAAC,MAAM,QAAQQ,EAAE,mBAAmB,EACtC,MAAM,IAAI7B,EACR,mCAAmCQ,CAAK,wCAAA,EAI5C,QAASa,EAAI,EAAGA,EAAIQ,EAAE,oBAAoB,OAAQR,IAChDd,EACEsB,EAAE,oBAAoBR,CAAC,EACvB,GAAGb,CAAK,wBAAwBa,CAAC,GAAA,CAGvC,CAKO,SAASS,GACdZ,EAC8D,CAC9D,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,2FAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACZ,EAAiBa,EAAE,aAAa,EACnC,MAAM,IAAInB,EACR,kFAAkFJ,EAAQuB,EAAE,aAAa,CAAC,EAAA,EAI9G,GAAI,CAACf,EAAce,EAAE,iBAAiB,EACpC,MAAM,IAAInB,EACR,0FAA0FJ,EAAQuB,EAAE,iBAAiB,CAAC,EAAA,EAI1H,GAAIA,EAAE,gBAAkB,MAAQ,OAAOA,EAAE,eAAkB,SACzD,MAAM,IAAInB,EACR,kEAAA,EAIJ,SAAW,CAAC+B,EAAKC,CAAO,IAAK,OAAO,QAClCb,EAAE,aAAA,EACD,CACD,GAAIa,IAAY,MAAQ,OAAOA,GAAY,SACzC,MAAM,IAAIhC,EACR,iDAAiD+B,CAAG,qBAAA,EAGxD,MAAME,EAAID,EACV,GAAI,CAAC5B,EAAc6B,EAAE,uBAAuB,EAC1C,MAAM,IAAIjC,EACR,iDAAiD+B,CAAG,iEAAiEnC,EAAQqC,EAAE,uBAAuB,CAAC,EAAA,CAG7J,CACF,CAOO,SAASC,GACdhB,EAC6C,CAC7C,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,uEAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACd,EAAce,EAAE,UAAU,GAAKA,EAAE,WAAW,SAAWhB,EAC1D,MAAM,IAAIH,EACR,yDAAyDG,CAAY,gCAAgCP,EAAQuB,EAAE,UAAU,CAAC,EAAA,EAI9H,GAAI,OAAOA,EAAE,OAAU,UACrB,MAAM,IAAInB,EACR,iEAAiEJ,EAAQuB,EAAE,KAAK,CAAC,EAAA,EAKrF,GAAIA,EAAE,UAAY,KAAM,CACtB,GAAI,OAAOA,EAAE,SAAY,SACvB,MAAM,IAAInB,EACR,2EAA2EJ,EAAQuB,EAAE,OAAO,CAAC,EAAA,EAGjGgB,GAA4BhB,EAAE,OAAkC,CAClE,CAGA,GAAI,CAAC,MAAM,QAAQA,EAAE,WAAW,EAC9B,MAAM,IAAInB,EACR,sEAAsEJ,EAAQuB,EAAE,WAAW,CAAC,EAAA,EAGhG,QAASE,EAAI,EAAGA,EAAIF,EAAE,YAAY,OAAQE,IACxCe,GAAyBjB,EAAE,YAAYE,CAAC,EAAGA,CAAC,CAEhD,CAEA,SAASc,GAA4BtC,EAAsC,CAEzE,GADAY,EAAqBZ,EAAM,OAAQ,gBAAgB,EAC/C,OAAOA,EAAM,QAAW,UAC1B,MAAM,IAAIG,EACR,0EAA0EJ,EAAQC,EAAM,MAAM,CAAC,EAAA,EAOnG,GAJAY,EAAqBZ,EAAM,WAAY,oBAAoB,EAC3DY,EAAqBZ,EAAM,eAAgB,wBAAwB,EACnEY,EAAqBZ,EAAM,YAAa,qBAAqB,EAEzDA,EAAM,oBAAsB,MAAQ,OAAOA,EAAM,mBAAsB,SACzE,MAAM,IAAIG,EACR,4FAA4FJ,EAAQC,EAAM,iBAAiB,CAAC,EAAA,EAGhI,GAAI,OAAOA,EAAM,YAAe,SAC9B,MAAM,IAAIG,EACR,6EAA6EJ,EAAQC,EAAM,UAAU,CAAC,EAAA,EAG1G,GAAI,OAAOA,EAAM,YAAe,SAC9B,MAAM,IAAIG,EACR,6EAA6EJ,EAAQC,EAAM,UAAU,CAAC,EAAA,CAG5G,CAEA,SAASuC,GAAyBvC,EAAgBwC,EAAqB,CACrE,GAAIxC,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,+CAA+CqC,CAAK,6BAA6BzC,EAAQC,CAAK,CAAC,EAAA,EAGnG,MAAM8B,EAAI9B,EAcV,GAbAY,EAAqBkB,EAAE,OAAQ,eAAeU,CAAK,UAAU,EAC7D5B,EAAqBkB,EAAE,WAAY,eAAeU,CAAK,cAAc,EACrE5B,EAAqBkB,EAAE,eAAgB,eAAeU,CAAK,kBAAkB,EAC7EC,EAAqBX,EAAE,YAAa,eAAeU,CAAK,eAAe,EACvEC,EACEX,EAAE,wBACF,eAAeU,CAAK,2BAAA,EAEtBC,EACEX,EAAE,wBACF,eAAeU,CAAK,2BAAA,EAEtBC,EAAqBX,EAAE,cAAe,eAAeU,CAAK,iBAAiB,EACvE,OAAOV,EAAE,YAAe,SAC1B,MAAM,IAAI3B,EACR,+CAA+CqC,CAAK,uCAAuCzC,EAAQ+B,EAAE,UAAU,CAAC,EAAA,EAGpH,GAAI,OAAOA,EAAE,YAAe,SAC1B,MAAM,IAAI3B,EACR,+CAA+CqC,CAAK,uCAAuCzC,EAAQ+B,EAAE,UAAU,CAAC,EAAA,CAGtH,CAEA,SAASW,EAAqBzC,EAAgBW,EAAqB,CACjE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,mCAAmCZ,EAAQC,CAAK,CAAC,EAAA,CAG/F,CAOO,SAAS0C,GACdrB,EACiD,CACjDsB,GAAsBtB,EAAU,sBAAwBuB,GAAU,CAC5DA,EAAM,SAAW,MACnBxB,EAA+BwB,EAAM,MAAM,CAE/C,CAAC,CACH,CAGO,SAASC,GACdxB,EACkD,CAClDsB,GAAsBtB,EAAU,uBAAyBuB,GAAU,CAC7DA,EAAM,SAAW,MACnBP,GAAgCO,EAAM,MAAM,CAEhD,CAAC,CACH,CAQA,SAASD,GACPtB,EACAyB,EACAC,EACM,CACN,GAAI1B,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,kCAAkC2C,CAAO,4BAAA,EAG7C,MAAMxB,EAAID,EACV,GAAI,CAAC,MAAM,QAAQC,EAAE,OAAO,EAC1B,MAAM,IAAInB,EACR,mCAAmC2C,CAAO,mCAAmC/C,EAAQuB,EAAE,OAAO,CAAC,EAAA,EAGnG,QAAS,EAAI,EAAG,EAAIA,EAAE,QAAQ,OAAQ,IAAK,CACzC,MAAMsB,EAAQtB,EAAE,QAAQ,CAAC,EACzB,GAAIsB,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIzC,EACR,mCAAmC2C,CAAO,YAAY,CAAC,6BAA6B/C,EAAQ6C,CAAK,CAAC,EAAA,EAGtG,MAAMI,EAAIJ,EACV,GACE,CAACrC,EAAcyC,EAAE,UAAU,GAC3BA,EAAE,WAAW,SAAW1C,EAExB,MAAM,IAAIH,EACR,mCAAmC2C,CAAO,YAAY,CAAC,2BAA2BxC,CAAY,yBAAyBP,EAAQiD,EAAE,UAAU,CAAC,EAAA,EAGhJ,GAAIA,EAAE,QAAU,MAAQ,OAAOA,EAAE,OAAU,SACzC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY,CAAC,0CAA0C/C,EAAQiD,EAAE,KAAK,CAAC,EAAA,EAMrH,GAAIA,EAAE,SAAW,MAAQA,EAAE,QAAU,KACnC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY,CAAC,+CAAA,EAG3D,GAAIE,EAAE,SAAW,MAAQA,EAAE,QAAU,KACnC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY,CAAC,4CAAA,EAG3DC,EAAoBC,EAAqC,CAAC,CAC5D,CACF,CAEA,SAAStB,GACPuB,EACM,CAMN,GALAtB,EAAwBsB,EAAM,SAAU,0BAA0B,EAClEtB,EAAwBsB,EAAM,UAAW,2BAA2B,EACpEtB,EAAwBsB,EAAM,UAAW,2BAA2B,EACpErC,EAAqBqC,EAAM,YAAa,6BAA6B,EAEjE,CAAC,MAAM,QAAQA,EAAM,uBAAuB,EAC9C,MAAM,IAAI9C,EACR,2FAAA,EAIJ,QAASqB,EAAI,EAAGA,EAAIyB,EAAM,wBAAwB,OAAQzB,IACxDO,GACEkB,EAAM,wBAAwBzB,CAAC,EAC/B,2CAA2CA,CAAC,GAAA,EAIhD,GAAI,OAAOyB,EAAM,yBAA4B,SAC3C,MAAM,IAAI9C,EACR,2FAAA,CAGN,CCzhBA,MAAM+C,GAAqB,IAWpB,MAAMC,EAEb,CAGE,YAAYC,EAAiBC,EAAyC,CAF9DhD,EAAA,eAGN,MAAMiD,EAA8B,CAClC,QAAAF,EACA,SAASC,GAAA,YAAAA,EAAS,UAAWH,GAC7B,QAASG,GAAA,YAAAA,EAAS,QAClB,WAAYA,GAAA,YAAAA,EAAS,WACrB,aAAcA,GAAA,YAAAA,EAAS,aACvB,QAASA,GAAA,YAAAA,EAAS,QAClB,cAAeA,GAAA,YAAAA,EAAS,cACxB,iBAAkBA,GAAA,YAAAA,EAAS,gBAAA,EAE7B,KAAK,OAAS,IAAIE,EAAAA,cAAcD,CAAM,CACxC,CAMA,MAAM,oCACJE,EACAC,EACsD,CACtD,MAAMpC,EAAW,MAAM,KAAK,OAAO,KAGjC,oDAAqDmC,EAAQC,CAAM,EACrE,OAAAlC,GAAoDF,CAAQ,EACrDA,CACT,CAMA,MAAM,6BACJmC,EACAC,EACe,CACf,OAAO,KAAK,OAAO,KACjB,6CACAD,EACAC,CAAA,CAEJ,CAOA,MAAM,uBACJD,EACAC,EACe,CACf,OAAO,KAAK,OAAO,KACjB,uCACAD,EACAC,CAAA,CAEJ,CAMA,MAAM,iCACJD,EACAC,EACmD,CACnD,MAAMpC,EAAW,MAAM,KAAK,OAAO,KAGjC,iDAAkDmC,EAAQC,CAAM,EAClE,OAAAxB,GAAiDZ,CAAQ,EAClDA,CACT,CAGA,MAAM,eACJmC,EACAC,EACiC,CACjC,MAAMpC,EAAW,MAAM,KAAK,OAAO,KACjC,+BACAmC,EACAC,CAAA,EAEF,OAAArC,EAA+BC,CAAQ,EAChCA,CACT,CAOA,MAAM,oBACJmC,EACAC,EACsC,CACtC,MAAMpC,EAAW,MAAM,KAAK,OAAO,KAGjC,oCAAqCmC,EAAQC,CAAM,EACrD,OAAAf,GAAoCrB,CAAQ,EACrCA,CACT,CAMA,MAAM,qBACJmC,EACAC,EACuC,CACvC,MAAMpC,EAAW,MAAM,KAAK,OAAO,KAGjC,qCAAsCmC,EAAQC,CAAM,EACtD,OAAAZ,GAAqCxB,CAAQ,EACtCA,CACT,CACF,CCnKO,SAASqC,GACdC,EACAC,EAC2B,CAC3B,MAAMC,MAAmB,IACzB,UAAWC,KAAQH,EACjBE,EAAa,IAAIC,EAAK,aAAa,EAGrC,MAAMC,MAAa,IAIbC,MAAW,IACXC,EAAsB,CAAA,EACtBC,EAAuB,CAAA,EAE7B,UAAWtB,KAASgB,EAAS,CAC3B,MAAMO,EAAQvB,EAAM,WAAW,YAAA,EAC/B,GAAI,CAACiB,EAAa,IAAIM,CAAK,EAAG,CAC5BD,EAAW,KAAKC,CAAK,EACrB,QACF,CACA,GAAIH,EAAK,IAAIG,CAAK,EAAG,CACnBF,EAAU,KAAKE,CAAK,EACpB,QACF,CACAH,EAAK,IAAIG,CAAK,EACdJ,EAAO,IAAII,EAAO,CAAE,OAAQvB,EAAM,OAAQ,MAAOA,EAAM,MAAO,CAChE,CAEA,MAAMwB,EAAoB,CAAA,EAC1B,UAAWN,KAAQD,EACZG,EAAK,IAAIF,CAAI,GAAGM,EAAQ,KAAKN,CAAI,EAGxC,MAAO,CAAE,OAAAC,EAAQ,QAAAK,EAAS,WAAAF,EAAY,UAAAD,CAAA,CACxC,CCRA,eAAsBI,GACpBhB,EACe,CACf,KAAM,CACJ,MAAAiB,EACA,QAAAC,EACA,UAAAC,EACA,OAAAC,EACA,UAAAC,EACA,YAAAC,EACA,iBAAAC,EACA,kBAAAC,EACA,aAAAC,EACA,UAAAC,EAAYC,EAAAA,iBAAA,EACV3B,EAEJ,GAAI,CAAC,OAAO,UAAU0B,CAAS,GAAKA,GAAa,EAC/C,MAAM,IAAI,MACR,kEAAkEA,CAAS,EAAA,EAI/E,QAASvD,EAAI,EAAGA,EAAI8C,EAAM,OAAQ9C,GAAKuD,EAAW,CAChD,MAAME,EAAQX,EAAM,MAAM9C,EAAGA,EAAIuD,CAAS,EACpCG,MAAiB,IACjBC,EAAkB,CAAA,EACxB,UAAWC,KAAQH,EAAO,CACxB,MAAMI,EAAYd,EAAQa,CAAI,EAAE,YAAA,EAChCF,EAAW,IAAIG,EAAWD,CAAI,EAC9BD,EAAM,KAAKE,CAAS,CACtB,CAKA,IAAIC,EACJ,GAAI,CACF,MAAMjE,EAAW,MAAMmD,EAAUW,CAAK,EACtCG,EAAc5B,GAA+ByB,EAAO9D,EAAS,OAAO,CACtE,OAASkE,EAAO,CACdV,EAAkBI,EAAOM,CAAK,EAC9B,QACF,CAEIT,GAAgBQ,EAAY,WAAW,OAAS,GAClDR,EAAaQ,EAAY,UAAU,EAGrC,MAAME,EAAiB,IAAI,IAAIF,EAAY,SAAS,EACpD,UAAWxB,KAAQ0B,EAAgB,CACjC,MAAMJ,EAAOF,EAAW,IAAIpB,CAAI,EAC5BsB,KAAkBA,CAAI,CAC5B,CACIR,GAAoBY,EAAe,KAAO,GAC5CZ,EAAiBY,EAAe,IAAI,EAEtC,UAAW1B,KAAQwB,EAAY,QAAS,CACtC,MAAMF,EAAOF,EAAW,IAAIpB,CAAI,EAC5BsB,KAAgBA,CAAI,CAC1B,CACA,SAAW,CAACtB,EAAM2B,CAAQ,IAAKH,EAAY,OAAQ,CAEjD,GAAIE,EAAe,IAAI1B,CAAI,EAAG,SAC9B,MAAMsB,EAAOF,EAAW,IAAIpB,CAAI,EAC3BsB,GACLX,EAAOW,EAAM,CACX,WAAYtB,EACZ,OAAQ2B,EAAS,OACjB,MAAOA,EAAS,KAAA,CACjB,CACH,CACF,CACF,CCpGA,MAAMC,GAAa,yBAGbC,GAAe,WAEfC,GAAqB,GACrBC,GAAmB,GAMzB,SAASC,GAAWC,EAAaC,EAA8B,CAC7D,MAAMC,EAAW,IAAI,cAAc,OAAOF,CAAG,EACvCG,EAAUC,EAAAA,OAAOF,CAAQ,EACzBG,EAAW,IAAI,WAAWF,EAAQ,OAAS,EAAIF,EAAK,MAAM,EAChE,OAAAI,EAAS,IAAIF,EAAS,CAAC,EACvBE,EAAS,IAAIF,EAASA,EAAQ,MAAM,EACpCE,EAAS,IAAIJ,EAAME,EAAQ,OAAS,CAAC,EAC9BC,EAAAA,OAAOC,CAAQ,CACxB,CAYA,SAASC,GAAcC,EAAsC,CAC3D,GAAIA,EAAM,SAAWV,GAAoB,OAAO,KAChD,MAAMW,EAAQT,GAAWH,GAAcW,CAAK,EACtCE,EAAUC,EAAI,mBAAmBH,EAAOC,CAAK,EACnD,OAAOC,EAAUA,EAAQ,YAAc,IACzC,CAoBO,SAASE,GACdC,EACAC,EACAC,EACS,CAET,GADID,EAAY,SAAWhB,IACvBiB,EAAU,SAAWhB,GAAkB,MAAO,GAOlD,GAAI,CAEF,MAAMiB,EAAchB,GAAWJ,GAAYiB,CAAY,EAKjDI,EAAOC,EAAAA,SAAS,KAAK,CACzB,eAAgBC,EAAAA,OAAO,KAAKL,CAAW,CAAA,CACxC,EACD,GAAI,CAACG,EAAK,OAAQ,MAAO,GACzB,MAAMG,EAAeH,EAAK,OAUpBI,EAAY,EACZC,EAAU,IAAIC,cACpBD,EAAQ,QAAU,EAClBA,EAAQ,SAAW,EAEnB,MAAME,EAAYL,EAAAA,OAAO,OAAO,CAC9BA,EAAAA,OAAO,KAAK,CAAC,EAAM,EAAI,CAAC,EACxBA,EAAAA,OAAO,KAAKH,CAAW,CAAA,CACxB,EACDM,EAAQ,SACNH,SAAO,MAAM,GAAI,CAAC,EAClB,WACA,EACAK,CAAA,EAEFF,EAAQ,UAAUF,EAAcC,CAAS,EAGzC,MAAMI,EAAS,IAAIF,cACnBE,EAAO,QAAU,EACjBA,EAAO,SAAW,EAElB,MAAMC,EAAcJ,EAAQ,QAAA,EAC5BG,EAAO,SAASC,EAAa,EAAG,CAAC,EACjCD,EAAO,UAAUN,SAAO,KAAK,CAAC,GAAI,CAAC,EAAGE,CAAS,EAG/C,MAAMM,EAAUF,EAAO,iBACrB,EACA,CAACL,CAAY,EACb,CAACC,CAAS,EACVE,cAAY,eAAA,EAIRK,EAAerB,GAAcO,CAAW,EAC9C,OAAKc,EAEEjB,EAAI,cAAcgB,EAASC,EAAcb,CAAS,EAF/B,EAG5B,MAAQ,CACN,MAAO,EACT,CACF,CC9IA,SAASc,EAASC,EAAeC,EAAkC,CACjE,MAAM9B,GAAO6B,EAAQ,IAAS,EACxB,EAAI,OAAOC,GAAQ,SAAWA,EAAM,OAAOA,CAAG,EACpD,GAAI,EAAI,GAAI,MAAM,IAAI,MAAM,6BAA6B,EAEzD,GAAI,EAAI,IAAK,OAAO,IAAI,WAAW,CAAC9B,EAAM,OAAO,CAAC,CAAC,CAAC,EACpD,GAAI,EAAI,OAAQ,OAAO,IAAI,WAAW,CAACA,EAAM,GAAI,OAAO,CAAC,CAAC,CAAC,EAC3D,GAAI,EAAI,SAAU,CAChB,MAAM+B,EAAI,OAAO,CAAC,EAClB,OAAO,IAAI,WAAW,CAAC/B,EAAM,GAAK+B,IAAM,EAAK,IAAMA,EAAI,GAAI,CAAC,CAC9D,CACA,GAAI,EAAI,aAAgB,CACtB,MAAMA,EAAI,OAAO,CAAC,EAClB,OAAO,IAAI,WAAW,CACpB/B,EAAM,GACL+B,IAAM,GAAM,IACZA,IAAM,GAAM,IACZA,IAAM,EAAK,IACZA,EAAI,GAAA,CACL,CACH,CAEA,MAAMC,EAAM,IAAI,WAAW,CAAC,EAC5BA,EAAI,CAAC,EAAIhC,EAAM,GACf,QAASvE,EAAI,EAAGA,GAAK,EAAGA,IACtBuG,EAAI,EAAIvG,CAAC,EAAI,OAAO,GAAK,QAAQ,EAAIA,GAAK,CAAC,CAAC,EAAI,IAElD,OAAOuG,CACT,CAEA,SAASC,MAAUC,EAAiC,CAClD,MAAMC,EAAQD,EAAM,OAAO,CAAC7F,EAAGjB,IAAMiB,EAAIjB,EAAE,OAAQ,CAAC,EAC9C4G,EAAM,IAAI,WAAWG,CAAK,EAChC,IAAIC,EAAS,EACb,UAAWhH,KAAK8G,EACdF,EAAI,IAAI5G,EAAGgH,CAAM,EACjBA,GAAUhH,EAAE,OAEd,OAAO4G,CACT,CASA,SAASK,EAAuBC,EAA+B,CAE7D,MAAM/D,EAAsB,CADbqD,EAAS,EAAGU,EAAM,MAAM,CACJ,EACnC,UAAWC,KAAKD,EACd/D,EAAM,KAAKqD,EAAS,EAAGW,CAAC,CAAC,EAE3B,OAAON,GAAO,GAAG1D,CAAK,CACxB,CAsBO,SAASiE,GACdC,EACAC,EACAC,EACY,CACZ,GAAI,CAAC,OAAO,cAAcA,CAAS,GAAKA,EAAY,EAClD,MAAM,IAAI,MACR,oFAAoFA,CAAS,EAAA,EAGjG,MAAMC,EAAchB,EAAS,EAAG,CAAC,EAC3BiB,EAAcR,EAAuBI,CAAM,EAC3CK,EAAcT,EAAuBK,CAAyB,EAC9DK,EAAiBnB,EAAS,EAAGe,CAAS,EAC5C,OAAOV,GAAOW,EAAaC,EAAaC,EAAaC,CAAc,CACrE,CCzFA,MAAMC,GAAyB,IAAI,YAAA,EAAc,OAC/C,6BACF,EA6BO,MAAMC,UAA4B,KAAM,CAC7C,YACEC,EACgBC,EAQhB,CACA,MAAMD,CAAO,EATG,KAAA,OAAAC,EAUhB,KAAK,KAAO,qBACd,CACF,CAGA,SAASC,EAAWC,EAAyB,CAC3C,MAAMrB,EAAM,IAAI,WAAWqB,EAAI,OAAS,CAAC,EACzC,QAAS5H,EAAI,EAAGA,EAAIuG,EAAI,OAAQvG,IAC9BuG,EAAIvG,CAAC,EAAI,SAAS4H,EAAI,MAAM5H,EAAI,EAAGA,EAAI,EAAI,CAAC,EAAG,EAAE,EAEnD,OAAOuG,CACT,CAsBO,SAASsB,GAAqBC,EAAwC,CAC3E,KAAM,CAAE,MAAAC,EAAO,mBAAAC,EAAoB,IAAAC,CAAA,EAAQH,EAErCI,EAASC,EAAAA,eAAeH,CAAkB,EAAE,YAAA,EAClD,GAAIE,EAAO,SAAW5I,EAAAA,uBAAyB,CAACN,EAAAA,OAAO,KAAKkJ,CAAM,EAChE,MAAM,IAAIV,EACR,+CAA+CU,EAAO,MAAM,SAC5D,yBAAA,EAIJ,MAAME,EAASD,EAAAA,eAAeJ,EAAM,aAAa,EAAE,YAAA,EACnD,GAAIK,EAAO,SAAW9I,EAAAA,uBAAyB,CAACN,EAAAA,OAAO,KAAKoJ,CAAM,EAChE,MAAM,IAAIZ,EACR,0CAA0CY,EAAO,MAAM,SACvD,yBAAA,EAIJ,GAAIA,IAAWF,EACb,MAAM,IAAIV,EACR,uDAAuDU,CAAM,SAASE,CAAM,GAC5E,wBAAA,EAWJ,GAAI,CAAC,OAAO,cAAcL,EAAM,UAAU,EACxC,MAAM,IAAIP,EACR,4CAA4C,KAAK,UAAUO,EAAM,UAAU,CAAC,GAC5E,oBAAA,EAGJ,GAAI,CAAC,OAAO,cAAcE,CAAG,EAC3B,MAAM,IAAIT,EACR,qCAAqC,KAAK,UAAUS,CAAG,CAAC,GACxD,oBAAA,EAGJ,GAAIF,EAAM,YAAcE,EACtB,MAAM,IAAIT,EACR,oCAAoCO,EAAM,UAAU,SAASE,CAAG,GAChE,SAAA,EAIJ,MAAMI,EAAMF,EAAAA,eAAeJ,EAAM,gBAAgB,EAAE,YAAA,EACnD,GAAIM,EAAI,SAAW9I,EAAAA,2BAA6B,CAACP,EAAAA,OAAO,KAAKqJ,CAAG,EAC9D,MAAM,IAAIb,EACR,wDAAwDa,EAAI,MAAM,SAClE,0BAAA,EAGJ,MAAMC,EAASD,EAAI,MAAM,EAAG,CAAC,EAC7B,GAAIC,IAAW,MAAQA,IAAW,KAChC,MAAM,IAAId,EACR,2DAA2Dc,CAAM,GACjE,0BAAA,EASJ,MAAMC,EAAWZ,EAAWU,CAAG,EAC/B,GAAI,CAACpD,EAAI,QAAQsD,CAAQ,EACvB,MAAM,IAAIf,EACR,kDACA,0BAAA,EAIJ,MAAMgB,EAAML,EAAAA,eAAeJ,EAAM,SAAS,EAAE,YAAA,EAC5C,GAAIS,EAAI,SAAWC,EAAAA,qBAAuB,CAACzJ,EAAAA,OAAO,KAAKwJ,CAAG,EACxD,MAAM,IAAIhB,EACR,8CAA8CgB,EAAI,MAAM,SACxD,4BAAA,EAQJ,MAAME,EAAU3B,GACdQ,GACAI,EAAWU,CAAG,EACdN,EAAM,UAAA,EAGR,GAAI,CADa7C,GAAmBwD,EAASf,EAAWS,CAAM,EAAGT,EAAWa,CAAG,CAAC,EAE9E,MAAM,IAAIhB,EACR,gGACA,+BAAA,CAGN,CClNO,MAAMmB,OAA8C,IAAI,CAC7D,uCACA,6CACA,mDACF,CAAC,ECFKC,GAAuB,IAEhBC,EAAqB,4BAE3B,SAASC,GACdlH,EACAmH,EACe,CACf,OAAO,IAAIhH,EAAAA,cAAc,CACvB,QAAAH,EACA,QAASgH,GACT,QAAAG,EACA,aAAeC,GAAWA,IAAWH,CAAA,CACtC,CACH,CCgBA,MAAMI,EAAsB,WAOtBC,GAA4B,GAyC3B,MAAMC,EAA+C,CAgB1D,YAAYrH,EAA+B,CAXnCjD,EAAA,eACSA,EAAA,kBACAA,EAAA,sBACAA,EAAA,2BACAA,EAAA,yBACAA,EAAA,wBACAA,EAAA,YAETA,EAAA,cAA6B,MAC7BA,EAAA,gBAAwC,MAG9C,KAAK,OAASiD,EAAO,OACrB,KAAK,UAAYA,EAAO,UACxB,KAAK,cAAgBA,EAAO,cAC5B,KAAK,mBAAqBA,EAAO,mBACjC,KAAK,iBAAmBA,EAAO,iBAC/B,KAAK,gBAAkBA,EAAO,iBAAmBoH,GACjD,KAAK,IAAMpH,EAAO,MAAQ,IAAM,KAAK,MAAM,KAAK,MAAQ,GAAI,EAC9D,CAcA,MAAM,SAASkH,EAAwC,CAErD,GADIA,IAAWH,GACX,CAAC,KAAK,iBAAiB,IAAIG,CAAM,EAAG,OAAO,KAE/C,MAAMI,EAAS,KAAK,OACpB,OAAIA,GAAU,KAAK,IAAA,EAAQ,KAAK,gBAAkBA,EAAO,UAChDA,EAAO,OAGF,MAAM,KAAK,oBAAA,GACZ,KACf,CAMA,YAAmB,CACjB,KAAK,OAAS,IAKhB,CAUA,UAAUC,EAA6B,CACrC,KAAK,OAASA,CAChB,CAEQ,qBAA4C,CAClD,MAAMC,EAAW,KAAK,SACtB,GAAIA,EAAU,OAAOA,EAErB,MAAM3J,GAAK,SAAY,CACrB,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,OAAO,KAGjCgJ,EAAoB,CACpB,WAAY,KAAK,UACjB,YAAa,KAAK,aAAA,CACnB,EAWD,GATAhB,GAAqB,CACnB,MAAOhI,EAAS,gBAChB,mBAAoB,KAAK,mBACzB,IAAK,KAAK,IAAA,CAAI,CACf,EAKG,OAAOA,EAAS,OAAU,UAAYA,EAAS,MAAM,SAAW,EAClE,MAAM,IAAI,MACR,sFAAsF,OAAOA,EAAS,KAAK,GAAA,EAG/G,MAAMoI,EAAM,KAAK,IAAA,EACjB,GACE,CAAC,OAAO,cAAcpI,EAAS,UAAU,GACzCA,EAAS,YAAcoI,GACvBpI,EAAS,WAAaoJ,EAEtB,MAAM,IAAI,MACR,gEAAgE,KAAK,UAAUpJ,EAAS,UAAU,CAAC,gCAAgCoI,CAAG,KAAKgB,CAAmB,IAAA,EAIlK,MAAMM,EAAqB,CACzB,MAAO1J,EAAS,MAChB,UAAWA,EAAS,UAAA,EAEtB,YAAK,OAAS0J,EACPA,CACT,QAAA,CACE,KAAK,SAAW,IAClB,CACF,GAAA,EAEA,YAAK,SAAW5J,EACTA,CACT,CACF,CC9LO,MAAM6J,EAAgB,CAAtB,cACY3K,EAAA,mBAAc,KAS/B,YAAYiJ,EAA8C,CACxD,MAAMwB,EAAW,KAAK,QAAQ,IAAIxB,EAAM,SAAS,EACjD,GAAIwB,EAAU,CACZ,GAAIA,EAAS,gBAAkBxB,EAAM,cACnC,MAAM,IAAI,MACR,8BAA8BA,EAAM,SAAS,mCAAmCwB,EAAS,cAAc,MAAM,EAAG,CAAC,CAAC,UAAUxB,EAAM,cAAc,MAAM,EAAG,CAAC,CAAC,GAAA,EAG/J,GAAIwB,EAAS,qBAAuBxB,EAAM,mBACxC,MAAM,IAAI,MACR,8BAA8BA,EAAM,SAAS,wCAAwCwB,EAAS,mBAAmB,MAAM,EAAG,CAAC,CAAC,UAAUxB,EAAM,mBAAmB,MAAM,EAAG,CAAC,CAAC,GAAA,EAM9K,OAAAwB,EAAS,SAAS,UAAUxB,EAAM,MAAM,EACjCwB,EAAS,QAClB,CAEA,MAAMG,EAAW,IAAIN,GAAgB,CACnC,OAAQrB,EAAM,OACd,UAAWA,EAAM,UACjB,cAAeA,EAAM,cACrB,mBAAoBA,EAAM,mBAC1B,iBAAkBa,EAAA,CACnB,EACD,YAAK,QAAQ,IAAIb,EAAM,UAAW,CAChC,SAAA2B,EACA,cAAe3B,EAAM,cACrB,mBAAoBA,EAAM,kBAAA,CAC3B,EACM2B,CACT,CAGA,KAAKC,EAAgD,OACnD,OAAOjL,EAAA,KAAK,QAAQ,IAAIiL,CAAS,IAA1B,YAAAjL,EAA6B,QACtC,CAOA,QAAQiL,EAAyB,CAC/B,KAAK,QAAQ,OAAOA,CAAS,CAC/B,CAQA,OAAc,CACZ,KAAK,QAAQ,MAAA,CACf,CAEA,IAAI,MAAe,CACjB,OAAO,KAAK,QAAQ,IACtB,CACF,CAaO,MAAMC,EAAyC,IAAIH,GChFnD,SAASI,GACd9H,EACwB,OACxB,MAAM+H,EAAmBf,GACvBhH,EAAO,SACPrD,EAAAqD,EAAO,UAAP,YAAArD,EAAgB,OAAA,EAGZqL,EAAgBH,EAAgB,YAAY,CAChD,OAAQE,EACR,UAAW/H,EAAO,UAClB,cAAeA,EAAO,cACtB,mBAAoBA,EAAO,kBAAA,CAC5B,EAED,OAAO,IAAIH,GAAuBG,EAAO,QAAS,CAChD,GAAGA,EAAO,QACV,cAAAgI,CAAA,CACD,CACH,CC5BO,SAASC,GAAqBjC,EAA+B,CAClE6B,EAAgB,YAAY,CAC1B,OAAQb,GAAsBhB,EAAM,QAASA,EAAM,OAAO,EAC1D,UAAWA,EAAM,UACjB,cAAeA,EAAM,cACrB,mBAAoBA,EAAM,kBAAA,CAC3B,CACH,CCAA,eAAsBkC,GACpBC,EACAC,EAC4B,CAC5B,KAAM,CAACC,EAAgBC,CAAmB,EAAI,MAAMH,EAAa,UAAU,CACzE,UAAW,CACT,CACE,QAASC,EACT,IAAKG,EAAAA,oBACL,aAAc,gBAAA,EAEhB,CACE,QAASH,EACT,IAAKG,EAAAA,oBACL,aAAc,qBAAA,CAChB,EAEF,aAAc,EAAA,CACf,EAED,MAAO,CACL,eAAAF,EACA,oBAAAC,CAAA,CAEJ,CCjCA,MAAME,EAAa,MAgCnB,SAASC,EAAkBC,EAAoD,CAC7E,MAAO,CACL,eAAgBA,EAAO,eACvB,wBAAyBA,EAAO,wBAChC,oBAAqB,CAAC,GAAGA,EAAO,mBAAmB,EACnD,cAAeA,EAAO,cACtB,QAASA,EAAO,QAChB,mBAAoBA,EAAO,mBAC3B,wBAAyBA,EAAO,wBAChC,mBAAoBA,EAAO,mBAC3B,QAASA,EAAO,QAChB,OAAQA,EAAO,OACf,gBAAiBA,EAAO,gBACxB,qBAAsBA,EAAO,qBAC7B,iBAAkBA,EAAO,gBAAA,CAE7B,CAGA,SAASC,EAAaD,EAAyC,CAC7D,MAAO,CACL,mBAAoBA,EAAO,mBAC3B,eAAgBA,EAAO,eACvB,gBAAiBA,EAAO,gBACxB,uBAAwBA,EAAO,uBAC/B,mBAAoBA,EAAO,kBAAA,CAE/B,CAYA,SAASE,EAAoBC,EAAgC,CAC3D,GAAIA,EAAiB,OAAOL,CAAU,EACpC,MAAM,IAAI,MACR,wBAAwBK,CAAc,wBAAwBL,CAAU,GAAA,EAG5E,OAAO,OAAOK,CAAc,CAC9B,CAWO,MAAMC,EAAyD,CACpE,YACUX,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,sBAAmD,CACvD,MAAML,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,sBAAA,CACf,EAED,OAAOL,EAAaD,CAAM,CAC5B,CAEA,MAAM,yBAA4D,CAChE,MAAMA,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,yBAAA,CACf,EAED,OAAOP,EAAkBC,CAAM,CACjC,CAEA,MAAM,2BACJO,EACkC,CAClC,MAAMP,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,6BACd,KAAM,CAACC,CAAO,CAAA,CACf,EAED,OAAOR,EAAkBC,CAAM,CACjC,CAEA,MAAM,gCAAkD,CAOtD,OANgB,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,6BAAA,CACf,CAGH,CAEA,MAAM,0BAA0BC,EAAkC,CAChE,MAAM/I,EAAS,MAAM,KAAK,2BAA2B+I,CAAO,EAC5D,OAAOL,EAAoB1I,EAAO,cAAc,CAClD,CAMA,MAAM,uBAAqD,CACzD,MAAMI,EAAU,MAAM,KAAK,aAAa,UAAU,CAChD,UAAW,CACT,CACE,QAAS,KAAK,gBACd,IAAK0I,EAAAA,kBACL,aAAc,sBAAA,EAEhB,CACE,QAAS,KAAK,gBACd,IAAKA,EAAAA,kBACL,aAAc,yBAAA,CAChB,EAEF,aAAc,EAAA,CACf,EAEKE,EAAYP,EAAarI,EAAQ,CAAC,CAAiB,EACnD6I,EAAiBV,EAAkBnI,EAAQ,CAAC,CAAsB,EAExE,MAAO,CACL,mBAAoB4I,EAAU,mBAC9B,eAAgBA,EAAU,eAC1B,gBAAiBA,EAAU,gBAC3B,uBAAwBA,EAAU,uBAClC,mBAAoBA,EAAU,mBAC9B,cAAeN,EAAoBO,EAAe,cAAc,EAChE,eAAgBA,EAAe,QAC/B,mBAAoBA,EAAe,mBACnC,eAAAA,CAAA,CAEJ,CACF,CCtLA,SAASC,EACPV,EACqB,CACrB,OAAOA,EAAO,IAAKW,IAAU,CAC3B,WAAYA,EAAK,WACjB,UAAWA,EAAK,SAAA,EAChB,CACJ,CAWO,MAAMC,EAAmD,CAC9D,YACUnB,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,yBACJQ,EACAN,EAC8B,CAC9B,MAAMP,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKc,EAAAA,uBACL,aAAc,2BACd,KAAM,CAACD,EAAeN,CAAO,CAAA,CAC9B,EAED,OAAOG,EAAYV,CAAM,CAC3B,CAEA,MAAM,uBACJa,EAC8B,CAC9B,MAAMb,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKc,EAAAA,uBACL,aAAc,yBACd,KAAM,CAACD,CAAa,CAAA,CACrB,EAED,OAAOH,EAAYV,CAAM,CAC3B,CAEA,MAAM,8BACJa,EACiB,CAQjB,OAPgB,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKC,EAAAA,uBACL,aAAc,gCACd,KAAM,CAACD,CAAa,CAAA,CACrB,CAGH,CACF,CAWO,MAAME,EAAmE,CAC9E,YACUtB,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,iCACJE,EAC8B,CAC9B,MAAMP,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,mCACd,KAAM,CAACC,CAAO,CAAA,CACf,EAED,OAAOG,EAAYV,CAAM,CAC3B,CAEA,MAAM,gCAA+D,CACnE,MAAMA,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,gCAAA,CACf,EAED,OAAOI,EAAYV,CAAM,CAC3B,CAEA,MAAM,sCAAwD,CAO5D,OANgB,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,mCAAA,CACf,CAGH,CACF,CCrGO,MAAMU,EAAuD,CAClE,YACUvB,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAQH,MAAM,0BACJY,EAC2B,CAO3B,MAAMC,GANU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKrB,EAAAA,oBACL,aAAc,yBACd,KAAM,CAACoB,CAAS,CAAA,CACjB,GACsB,YAAA,EACvB,GAAI,CAAC,mBAAmB,KAAKC,CAAO,EAClC,MAAM,IAAI,MACR,2DAA2DD,CAAS,YAAYC,EAAQ,MAAM,aAAaA,EAAQ,MAAM,EAAG,CAAC,CAAC,IAAA,EAGlI,MAAMC,EAAWD,EAAQ,MAAM,CAAC,EAChC,GAAI,CAACzG,EAAI,aAAa2G,EAAAA,gBAAgBD,CAAQ,CAAC,EAC7C,MAAM,IAAI,MACR,kFAAkFF,CAAS,GAAA,EAG/F,OAAOE,CACT,CAEA,MAAM,kBAAkBE,EAAuC,CAC7D,MAAMrB,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKH,EAAAA,oBACL,aAAc,uBACd,KAAM,CAACwB,CAAO,CAAA,CACf,EAUD,MAAO,CACL,UAAWrB,EAAO,UAClB,mBAAoBA,EAAO,mBAC3B,OAAQA,EAAO,OACf,cAAeA,EAAO,cACtB,OAAQA,EAAO,OACf,sBAAuBA,EAAO,sBAC9B,UAAWA,EAAO,SAAA,CAEtB,CAEA,MAAM,qBAAqBqB,EAA0C,CACnE,MAAMrB,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKH,EAAAA,oBACL,aAAc,0BACd,KAAM,CAACwB,CAAO,CAAA,CACf,EAcD,MAAO,CACL,uBAAwBrB,EAAO,uBAC/B,4BAA6BA,EAAO,4BACpC,uBAAwBA,EAAO,uBAC/B,sBAAuBA,EAAO,sBAC9B,WAAYA,EAAO,WACnB,oBAAqBA,EAAO,oBAC5B,SAAUA,EAAO,SACjB,SAAUA,EAAO,SACjB,sBAAuBA,EAAO,sBAC9B,eAAgBA,EAAO,eACvB,2BAA4BA,EAAO,0BAAA,CAEvC,CAEA,MAAM,aAAaqB,EAAkC,CACnD,KAAM,CAACC,EAAOC,CAAQ,EAAI,MAAM,QAAQ,IAAI,CAC1C,KAAK,kBAAkBF,CAAO,EAC9B,KAAK,qBAAqBA,CAAO,CAAA,CAClC,EAED,GACE,CAACE,EAAS,wBACVA,EAAS,yBAA2B,KAEpC,MAAM,IAAI,MACR,SAASF,CAAO,iDAAA,EAIpB,MAAO,CAAE,MAAAC,EAAO,SAAAC,CAAA,CAClB,CACF"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@babylonlabs-io/ts-sdk",
-  "version": "0.33.4",
+  "version": "0.33.5",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",

package/dist/buildAndBroadcastRefund-CIPPpchL.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";var U=Object.defineProperty;var X=(e,t,r)=>t in e?U(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r;var w=(e,t,r)=>X(e,typeof t!="symbol"?t+"":t,r);const z=require("./BTCVaultRegistry.abi-ZdPpION2.cjs"),c=require("./bitcoin-B3aqjuMP.cjs"),$=require("./PayoutManager-DDnNB0mj.cjs"),p=require("./types-CfCZyfid.cjs"),P=require("bitcoinjs-lib"),q=require("buffer"),k=require("./noPayout-BXeUw0Qq.cjs"),b=require("./payout-DQ_fmJUA.cjs"),E=require("./signing-Bnsro0hE.cjs");function G(e){const t=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(e){for(const r in e)if(r!=="default"){const o=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,o.get?o:{enumerable:!0,get:()=>e[r]})}}return t.default=e,Object.freeze(t)}const W=G(P),Q=/^0x[0-9a-fA-F]{64}$/,Y=/^0x[0-9a-fA-F]{40}$/,j=/^0x([0-9a-fA-F]{2})$/;function v(e,t){if(e.length!==66)throw new Error(`${t} must be 32 bytes (66 hex chars with 0x prefix), got length ${e.length}`);if(!Q.test(e))throw new Error(`${t} must contain only hex characters after the 0x prefix`)}function Z(e,t){if(!Y.test(e))throw new Error(`${t} must be a 20-byte 0x-prefixed hex address (42 chars)`)}function J(e,t){if(!j.test(e))throw new Error(`${t} must be a 0x-prefixed hex string with an even number of hex chars`)}async function ee(e){const{btcVaultRegistryAddress:t,vaultId:r,hashlock:o,activationMetadata:a,writeContract:u,signal:n}=e;n==null\|\|n.throwIfAborted(),Z(t,"btcVaultRegistryAddress"),v(r,"vaultId");const s=c.ensureHexPrefix(e.secret);if(v(s,"secret"),o!==void 0&&(v(o,"hashlock"),!$.validateSecretAgainstHashlock(s,o)))throw new Error("Invalid secret: SHA256(secret) does not match the provided hashlock");return J(a,"activationMetadata"),u({address:t,abi:z.BTCVaultRegistryABI,functionName:"activateVaultWithSecret",args:[r,s,a]})}const te=1e4;async function _(e){const{statusReader:t,peginTxid:r,targetStatuses:o,timeoutMs:a,pollIntervalMs:u=te,signal:n}=e,s=Date.now();for(;;){if(n!=null&&n.aborted)throw new Error(`Polling aborted for pegin ${r.slice(0,8)}… (target: ${[...o].join(", ")})`);if(Date.now()-s>=a)throw new Error(`Polling timeout after ${a}ms for pegin ${r.slice(0,8)}… (target: ${[...o].join(", ")})`);try{const l=(await t.getPeginStatus({pegin_txid:r},n)).status;if(o.has(l))return l;if(p.VP_TERMINAL_STATUSES.has(l)&&!o.has(l))throw new Error(`Pegin ${r.slice(0,8)}… reached terminal status "${l}" while waiting for ${[...o].join(", ")}`)}catch(i){if(!(i instanceof p.JsonRpcError&&i.code===p.RpcErrorCode.NOT_FOUND\|\|i instanceof Error&&i.message.includes("PegIn not found")))throw i}await new Promise((i,l)=>{const d=()=>{clearTimeout(f),l(new Error(`Polling aborted for pegin ${r.slice(0,8)}… (target: ${[...o].join(", ")})`))},f=setTimeout(()=>{n==null\|\|n.removeEventListener("abort",d),i()},u);n==null\|\|n.addEventListener("abort",d,{once:!0})})}}const re=3001e3,oe=new Set([p.DaemonStatus.PENDING_DEPOSITOR_WOTS_PK,...p.POST_WOTS_STATUSES]);async function ne(e){const{statusReader:t,wotsSubmitter:r,peginTxid:o,depositorPk:a,wotsPublicKeys:u,timeoutMs:n=re,signal:s}=e;s==null\|\|s.throwIfAborted();const i=await _({statusReader:t,peginTxid:o,targetStatuses:oe,timeoutMs:n,signal:s});p.POST_WOTS_STATUSES.has(i)\|\|(s==null\|\|s.throwIfAborted(),await r.submitDepositorWotsKey({pegin_txid:o,depositor_pk:a,wots_public_keys:u},s))}const C=1;function ie(e,t,r){const o=c.stripHexPrefix(r).toLowerCase(),u=[e,...t].map(n=>c.stripHexPrefix(n).toLowerCase()).filter(n=>n!==o);if(u.length===0)throw new Error("Cannot derive localChallengers: removing depositor from {vaultProvider, vaultKeepers} left an empty set");return u}function ae(e,t){const r=e.ins[t];return c.uint8ArrayToHex(new Uint8Array(r.hash).slice().reverse())}function T(e,t,r,o,a){const u=e.ins[t];if(u.index!==0)throw new Error(`NoPayout (challenger ${a}) input ${t} expected to spend ${o} vout 0, got vout ${u.index}`);const n=r.getId(),s=ae(e,t);if(s!==n)throw new Error(`NoPayout (challenger ${a}) input ${t} does not reference ${o} (expected txid ${n}, got ${s})`)}async function se(e,t,r){const o=[],a=[],u=[];b.assertPayoutOutputMatchesRegistered(e.payout_tx.tx_hex,r.registeredPayoutScriptPubKey);const n=await b.buildPayoutPsbt({payoutTxHex:e.payout_tx.tx_hex,peginTxHex:r.peginTxHex,assertTxHex:e.assert_tx.tx_hex,depositorBtcPubkey:r.depositorBtcPubkey,vaultProviderBtcPubkey:r.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:r.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:r.universalChallengerBtcPubkeys,timelockPegin:r.timelockPegin,network:r.network});o.push(n.psbtHex),a.push(E.createTaprootScriptPathSignOptions(t,C));const s=ie(r.vaultProviderBtcPubkey,r.vaultKeeperBtcPubkeys,r.depositorBtcPubkey),i=c.stripHexPrefix(r.depositorBtcPubkey),l=P.Transaction.fromHex(c.stripHexPrefix(e.assert_tx.tx_hex));for(const d of e.challenger_presign_data){const f=c.stripHexPrefix(d.challenger_pubkey),g=o.length,y=await ue({challenger:d,challengerPubkey:f,claimerPubkey:i,localChallengers:s,assertTxParsed:l,ctx:r});o.push(y),a.push(E.createTaprootScriptPathSignOptions(t,C)),u.push({challengerPubkey:f,noPayoutIdx:g})}return{psbtHexes:o,signOptions:a,challengerEntries:u}}async function ue(e){const{challenger:t,challengerPubkey:r,claimerPubkey:o,localChallengers:a,assertTxParsed:u,ctx:n}=e;k.assertNoPayoutOutputMatchesChallenger(t.nopayout_tx.tx_hex,r,n.network);const s=P.Transaction.fromHex(c.stripHexPrefix(t.nopayout_tx.tx_hex)),i=P.Transaction.fromHex(c.stripHexPrefix(t.challenge_assert_x_tx.tx_hex)),l=P.Transaction.fromHex(c.stripHexPrefix(t.challenge_assert_y_tx.tx_hex));if(s.ins.length!==3)throw new Error(`NoPayout (challenger ${r}) must have exactly 3 inputs, got ${s.ins.length}`);T(s,0,u,"Assert",r),T(s,1,i,"ChallengeAssertX",r),T(s,2,l,"ChallengeAssertY",r);const d=[u.outs[0],i.outs[0],l.outs[0]].map(f=>({script_pubkey:c.uint8ArrayToHex(new Uint8Array(f.script)),value:f.value}));return k.buildNoPayoutPsbt({noPayoutTxHex:t.nopayout_tx.tx_hex,challengerPubkey:r,prevouts:d,connectorParams:{claimer:o,localChallengers:a,universalChallengers:n.universalChallengerBtcPubkeys,timelockAssert:n.timelockAssert,councilMembers:n.councilMembers,councilQuorum:n.councilQuorum}})}function le(e,t,r){const o=b.extractPayoutSignature(e[0],r),a={};for(const u of t)a[u.challengerPubkey]={nopayout_signature:b.extractPayoutSignature(e[u.noPayoutIdx],r)};return{payout_signatures:{payout_signature:o},per_challenger:a}}async function ce(e,t,r){if(typeof e.signPsbts=="function")return e.signPsbts(t,r);const o=[];for(let a=0;a<t.length;a++)o.push(await e.signPsbt(t[a],r==null?void 0:r[a]));return o}async function O(e){const{depositorGraph:t,btcWallet:r,signingContext:o}=e,a=c.stripHexPrefix(o.depositorBtcPubkey),u=await r.getPublicKeyHex(),{psbtHexes:n,signOptions:s,challengerEntries:i}=await se(t,u,o),l=await ce(r,n,s);if(l.length!==n.length)throw new Error(`Wallet returned ${l.length} signed PSBTs, expected ${n.length}`);return le(l,i,a)}const fe=12001e3,N=new Set([p.DaemonStatus.PENDING_ACKS,p.DaemonStatus.PENDING_ACTIVATION,p.DaemonStatus.ACTIVATED]),de=new Set([p.DaemonStatus.PENDING_DEPOSITOR_SIGNATURES,...N]);function pe(e){return e.map(t=>({claimerPubkeyXOnly:c.processPublicKeyToXOnly(t.claimer_pubkey),payoutTxHex:t.payout_tx.tx_hex,assertTxHex:t.assert_tx.tx_hex}))}function he(e){const{output:t}=W.payments.p2tr({internalPubkey:q.Buffer.from(e,"hex")});if(!t)throw new Error("Failed to derive BIP-86 P2TR scriptPubKey");return t.toString("hex")}function Pe(e,t){const r=c.stripHexPrefix(e).toLowerCase(),o=c.stripHexPrefix(t.vaultProviderBtcPubkey).toLowerCase(),a=c.stripHexPrefix(t.depositorBtcPubkey).toLowerCase();if(r===o\|\|r===a)return t.registeredPayoutScriptPubKey;if(!t.vaultKeeperBtcPubkeys.some(s=>c.stripHexPrefix(s).toLowerCase()===r))throw new Error(`Unknown claimer pubkey ${r}: not VP, depositor, or a registered vault keeper`);return`0x${he(r)}`}function R(e,t){return{payoutTxHex:e.payoutTxHex,peginTxHex:t.peginTxHex,assertTxHex:e.assertTxHex,vaultProviderBtcPubkey:t.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:t.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:t.universalChallengerBtcPubkeys,depositorBtcPubkey:t.depositorBtcPubkey,timelockPegin:t.timelockPegin,registeredPayoutScriptPubKey:Pe(e.claimerPubkeyXOnly,t)}}async function ge(e,t,r,o){const a=new $.PayoutManager({network:t.network,btcWallet:e}),u=r.length;o==null\|\|o(0,u);let n;if(a.supportsBatchSigning())n=(await a.signPayoutTransactionsBatch(r.map(l=>R(l,t)))).map(l=>l.payoutSignature);else{n=[];for(let i=0;i<r.length;i++){o==null\|\|o(i,u);const l=await a.signPayoutTransaction(R(r[i],t));n.push(l.signature)}}const s={};for(let i=0;i<r.length;i++)s[r[i].claimerPubkeyXOnly]={payout_signature:n[i]};return o==null\|\|o(u,u),s}async function ye(e){const{statusReader:t,presignClient:r,btcWallet:o,peginTxid:a,depositorPk:u,signingContext:n,timeoutMs:s=fe,signal:i,onProgress:l}=e,d=await _({statusReader:t,peginTxid:a,targetStatuses:de,timeoutMs:s,signal:i});if(N.has(d))return;i==null\|\|i.throwIfAborted();const f=await r.requestDepositorPresignTransactions({pegin_txid:a,depositor_pk:u},i);i==null\|\|i.throwIfAborted();const g=c.processPublicKeyToXOnly(u),y=f.txs.filter(F=>c.processPublicKeyToXOnly(F.claimer_pubkey)!==g),m=pe(y),x=await ge(o,n,m,l);i==null\|\|i.throwIfAborted();const h=await O({depositorGraph:f.depositor_graph,btcWallet:o,signingContext:{peginTxHex:n.peginTxHex,depositorBtcPubkey:u,vaultProviderBtcPubkey:n.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:n.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:n.universalChallengerBtcPubkeys,timelockPegin:n.timelockPegin,timelockAssert:n.timelockAssert,councilMembers:n.councilMembers,councilQuorum:n.councilQuorum,network:n.network,registeredPayoutScriptPubKey:n.registeredPayoutScriptPubKey}});i==null\|\|i.throwIfAborted();const I={...x};I[c.stripHexPrefix(u)]=h.payout_signatures,await r.submitDepositorPresignatures({pegin_txid:a,depositor_pk:u,signatures:I,depositor_claimer_presignatures:h},i)}function be(e){return/^[0-9a-fA-F]{64}$/.test(e)}function me(e){const{amountSats:t,minDeposit:r,maxDeposit:o,btcBalance:a,estimatedFeeSats:u,depositorClaimValue:n}=e;return!(t<=0n\|\|t<r\|\|o&&o>0n&&t>o\|\|u==null\|\|n==null\|\|t+u+n>a)}function xe(e,t,r){return e<=0n?{valid:!1,error:"Deposit amount must be greater than zero"}:e<t?{valid:!1,error:`Minimum deposit is ${c.formatSatoshisToBtc(t)} BTC`}:r&&r>0n&&e>r?{valid:!1,error:`Maximum deposit is ${c.formatSatoshisToBtc(r)} BTC`}:{valid:!0}}function we(e){const{amount:t,effectiveRemaining:r}=e;return r===null?{valid:!0}:r===0n?{valid:!1,error:"Supply cap reached — deposits temporarily paused"}:t>r?{valid:!1,error:`Vault size exceeds remaining capacity (${c.formatSatoshisToBtc(r)} BTC)`}:{valid:!0}}function ve(e,t){if(!e\|\|e.length===0)return{valid:!1,error:"At least one vault provider must be selected"};const r=t.map(a=>a.toLowerCase());return e.filter(a=>!r.includes(a.toLowerCase())).length>0?{valid:!1,error:"Invalid vault provider selected"}:{valid:!0}}function D(e,t,r){if(!e\|\|e.length===0)return{valid:!1,error:"At least one vault amount required"};for(let o=0;o<e.length;o++){const a=e[o];if(a<=0n)return{valid:!1,error:`Vault ${o+1} amount must be positive`};if(t&&a<t)return{valid:!1,error:`Vault ${o+1} amount ${c.formatSatoshisToBtc(a)} BTC is below minimum deposit ${c.formatSatoshisToBtc(t)} BTC`};if(r&&a>r)return{valid:!1,error:`Vault ${o+1} amount ${c.formatSatoshisToBtc(a)} BTC exceeds maximum deposit ${c.formatSatoshisToBtc(r)} BTC`}}return{valid:!0}}function V(e){const t=c.stripHexPrefix(e);return be(t)?{valid:!0}:{valid:!1,error:"Invalid pubkey format: must be 64 hex characters (32-byte x-only public key, no 0x prefix)"}}function Te(e){if(!e\|\|e.length===0)throw new Error("No vault keepers available. The system requires at least one vault keeper to create a deposit.")}function Se(e){if(!e\|\|e.length===0)throw new Error("No universal challengers available. The system requires at least one universal challenger to create a deposit.")}function ke(e){if(e.length===0)throw new Error("No spendable UTXOs available")}function Ee(e){const{vaultAmounts:t,confirmedUTXOs:r,vaultProviderBtcPubkey:o,vaultKeeperBtcPubkeys:a,universalChallengerBtcPubkeys:u,minDeposit:n,maxDeposit:s}=e,i=D(t,n,s);if(!i.valid)throw new Error(i.error);const l=V(o);if(!l.valid)throw new Error(l.error);Te(a),Se(u),ke(r)}var A=(e=>(e.CLAIM_EVENT_RECEIVED="ClaimEventReceived",e.CLAIM_BROADCAST="ClaimBroadcast",e.ASSERT_BROADCAST="AssertBroadcast",e.CHALLENGE_ASSERT_OBSERVED="ChallengeAssertObserved",e.WRONGLY_CHALLENGED_BROADCAST="WronglyChallengedBroadcast",e.PAYOUT_BROADCAST="PayoutBroadcast",e.FAILED="Failed",e))(A\|\|{});const _e=new Set(["PayoutBroadcast","Failed"]);function Ae(e){return Object.values(A).includes(e)}function Be(e){return!!e&&_e.has(e)}class K extends Error{constructor(r,o){super(`Refund not yet mature (BIP68 not final): ${o.message}`);w(this,"vaultId");w(this,"cause");this.name="BIP68NotMatureError",this.vaultId=r,this.cause=o}}const Ie=/^0x[0-9a-fA-F]{64}$/,Ce=/^(?:0x)?(?:[0-9a-fA-F]{2})+$/,M=/^(?:0x)?(?:[0-9a-fA-F]{64}\|[0-9a-fA-F]{66})$/,B=160;function Re(e){if(!Number.isFinite(e)\|\|e<=0)throw new Error(`feeRateSatsVb must be a positive finite number, got ${e}`);return BigInt(Math.ceil(eB))}const He=1,H=65535,$e=/non-BIP68-final/i;function L(e,t){if(e.length!==66)throw new Error(`${t} must be 32 bytes (66 hex chars with 0x prefix), got length ${e.length}`);if(!Ie.test(e))throw new Error(`${t} must contain only hex characters after the 0x prefix`)}function S(e,t){if(!Number.isInteger(e)\|\|e<0)throw new Error(`${t} must be a non-negative integer, got ${e}`)}function Oe(e){if(L(e.hashlock,"hashlock"),!Number.isInteger(e.htlcVout)\|\|e.htlcVout<0\|\|e.htlcVout>H)throw new Error(`htlcVout must be an integer 0-${H}, got ${e.htlcVout}`);if(S(e.offchainParamsVersion,"offchainParamsVersion"),S(e.appVaultKeepersVersion,"appVaultKeepersVersion"),S(e.universalChallengersVersion,"universalChallengersVersion"),typeof e.unsignedPrePeginTxHex!="string"\|\|e.unsignedPrePeginTxHex.length===0)throw new Error("unsignedPrePeginTxHex must be a non-empty hex string");if(!Ce.test(e.unsignedPrePeginTxHex))throw new Error("unsignedPrePeginTxHex must be a hex byte string (optional 0x prefix, even length)");if(!e.depositorBtcPubkey\|\|!M.test(e.depositorBtcPubkey))throw new Error("depositorBtcPubkey must be 32 or 33 bytes of hex (optional 0x prefix)");if(typeof e.amount!="bigint"\|\|e.amount<=0n)throw new Error(`amount must be a positive bigint, got ${e.amount}`)}function Ne(e){if(!e.vaultProviderPubkey\|\|!M.test(e.vaultProviderPubkey))throw new Error("vaultProviderPubkey must be 32 or 33 bytes of hex");if(e.vaultKeeperPubkeys.length===0)throw new Error("vaultKeeperPubkeys must be non-empty");if(e.universalChallengerPubkeys.length===0)throw new Error("universalChallengerPubkeys must be non-empty");if(!Number.isInteger(e.timelockRefund)\|\|e.timelockRefund<=0)throw new Error(`timelockRefund must be a positive integer, got ${e.timelockRefund}`);if(typeof e.feeRate!="bigint"\|\|e.feeRate<=0n)throw new Error(`protocol feeRate must be a positive bigint, got ${e.feeRate}`);if(!Number.isInteger(e.numLocalChallengers)\|\|e.numLocalChallengers<0)throw new Error("numLocalChallengers must be a non-negative integer");if(!Number.isInteger(e.councilQuorum)\|\|!Number.isInteger(e.councilSize)\|\|e.councilQuorum<=0\|\|e.councilSize<=0\|\|e.councilQuorum>e.councilSize)throw new Error(`councilQuorum (${e.councilQuorum}) must be in [1, councilSize=${e.councilSize}]`)}function De(e){const t=P.Psbt.fromHex(e);try{t.finalizeAllInputs()}catch(r){const o=r instanceof Error?r.message:String(r);if(!o.includes("already finalized"))throw new Error(`Failed to finalize refund PSBT: ${o}`)}return t.extractTransaction().toHex()}async function Ve(e){const{vaultId:t,readVault:r,readPrePeginContext:o,feeRate:a,signPsbt:u,broadcastTx:n,signal:s}=e;s==null\|\|s.throwIfAborted(),L(t,"vaultId");const i=await r();Oe(i),s==null\|\|s.throwIfAborted();const l=await o(i);if(Ne(l),s==null\|\|s.throwIfAborted(),!Number.isFinite(a)\|\|a<=0)throw new Error(`feeRate must be a positive number, got ${a}`);const d=BigInt(Math.ceil(a*B));s==null\|\|s.throwIfAborted();const f=c.processPublicKeyToXOnly(i.depositorBtcPubkey),{psbtHex:g}=await k.buildRefundPsbt({prePeginParams:{depositorPubkey:f,vaultProviderPubkey:c.stripHexPrefix(l.vaultProviderPubkey),vaultKeeperPubkeys:l.vaultKeeperPubkeys.map(c.stripHexPrefix),universalChallengerPubkeys:l.universalChallengerPubkeys.map(c.stripHexPrefix),hashlocks:[c.stripHexPrefix(i.hashlock)],timelockRefund:l.timelockRefund,pegInAmounts:[i.amount],feeRate:l.feeRate,numLocalChallengers:l.numLocalChallengers,councilQuorum:l.councilQuorum,councilSize:l.councilSize,network:l.network},fundedPrePeginTxHex:c.stripHexPrefix(i.unsignedPrePeginTxHex),htlcVout:i.htlcVout,refundFee:d,hashlock:c.stripHexPrefix(i.hashlock)});s==null\|\|s.throwIfAborted();const y=E.createTaprootScriptPathSignOptions(i.depositorBtcPubkey,He),m=await u(g,y),x=De(m);s==null\|\|s.throwIfAborted();try{return await n(x)}catch(h){throw h instanceof Error&&$e.test(h.message)?new K(t,h):h}}exports.BIP68NotMatureError=K;exports.ClaimerPegoutStatusValue=A;exports.REFUND_VSIZE=B;exports.activateVault=ee;exports.buildAndBroadcastRefund=Ve;exports.estimateRefundFeeSats=Re;exports.isDepositAmountValid=me;exports.isPegoutTerminalStatus=Be;exports.isRecognizedPegoutStatus=Ae;exports.runDepositorPresignFlow=ye;exports.signDepositorGraph=O;exports.submitWotsPublicKey=ne;exports.validateDepositAmount=xe;exports.validateMultiVaultDepositInputs=Ee;exports.validateProviderSelection=ve;exports.validateRemainingCapacity=we;exports.validateVaultAmounts=D;exports.validateVaultProviderPubkey=V;exports.waitForPeginStatus=_;
2	- //# sourceMappingURL=buildAndBroadcastRefund-CIPPpchL.cjs.map

package/dist/buildAndBroadcastRefund-CIPPpchL.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"buildAndBroadcastRefund-CIPPpchL.cjs","sources":["../src/tbv/core/services/activation/activateVault.ts","../src/tbv/core/services/deposit/waitForPeginStatus.ts","../src/tbv/core/services/deposit/submitWotsPublicKey.ts","../src/tbv/core/services/deposit/signDepositorGraph.ts","../src/tbv/core/services/deposit/runDepositorPresignFlow.ts","../src/tbv/core/services/deposit/validation.ts","../src/tbv/core/services/pegout/state.ts","../src/tbv/core/services/refund/errors.ts","../src/tbv/core/services/refund/buildAndBroadcastRefund.ts"],"sourcesContent":["/**\n * Vault activation — reveal HTLC secret on Ethereum to move the vault from\n * Verified to Active. The on-chain contract validates `sha256(s) == hashlock`\n * and the activation deadline; this function pre-validates inputs (including\n * an optional hashlock check) and delegates the actual contract write to an\n * injected callback so the SDK stays transport-agnostic.\n *\n * @module services/activation\n */\n\nimport type { Abi, Address, Hash, Hex } from \"viem\";\n\nimport { BTCVaultRegistryABI } from \"../../contracts/abis/BTCVaultRegistry.abi\";\nimport { ensureHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { validateSecretAgainstHashlock } from \"../htlc\";\n\nconst BYTES32_HEX_RE = /^0x[0-9a-fA-F]{64}$/;\nconst ADDRESS_HEX_RE = /^0x[0-9a-fA-F]{40}$/;\n// ETH calldata convention: 0x prefix REQUIRED, even number of hex chars, may\n// be empty (\"0x\"). Named distinctly from the BTC-hex regex in\n// buildAndBroadcastRefund.ts (which allows an optional prefix and requires\n// non-empty) to make the convention explicit at the call site.\nconst ETH_HEX_BYTES_RE = /^0x([0-9a-fA-F]{2})*$/;\n\nfunction assertBytes32(value: string, label: string): void {\n if (value.length !== 66) {\n throw new Error(\n `${label} must be 32 bytes (66 hex chars with 0x prefix), got length ${value.length}`,\n );\n }\n if (!BYTES32_HEX_RE.test(value)) {\n throw new Error(\n `${label} must contain only hex characters after the 0x prefix`,\n );\n }\n}\n\nfunction assertAddress(value: string, label: string): void {\n if (!ADDRESS_HEX_RE.test(value)) {\n throw new Error(\n `${label} must be a 20-byte 0x-prefixed hex address (42 chars)`,\n );\n }\n}\n\nfunction assertHexBytes(value: string, label: string): void {\n if (!ETH_HEX_BYTES_RE.test(value)) {\n throw new Error(\n `${label} must be a 0x-prefixed hex string with an even number of hex chars`,\n );\n }\n}\n\n/**\n * A single ETH contract-write call. The SDK assembles these; the caller\n * executes them via viem, wagmi, a wallet provider, or any other transport.\n */\nexport interface EthContractWriteCall {\n address: Address;\n abi: Abi;\n functionName: string;\n args: readonly unknown[];\n}\n\n/**\n * Minimum shape the SDK requires from any contract-write result. Callers may\n * return richer objects (e.g. including the receipt) — the SDK propagates\n * them unchanged via the generic parameter on {@link EthContractWriter}.\n */\nexport interface EthContractWriteResult {\n transactionHash: Hash;\n}\n\n/**\n * Caller-provided contract writer. The generic `R` lets callers return any\n * transport-specific result shape (e.g. `{ transactionHash, receipt }`);\n * the SDK forwards that shape back through `activateVault`.\n */\nexport type EthContractWriter<R extends EthContractWriteResult = EthContractWriteResult> = (\n call: EthContractWriteCall,\n) => Promise<R>;\n\nexport interface ActivateVaultInput<\n R extends EthContractWriteResult = EthContractWriteResult,\n> {\n /** BTCVaultRegistry contract address (env-specific). */\n btcVaultRegistryAddress: Address;\n /** Vault ID (bytes32, 0x-prefixed). */\n vaultId: Hex;\n /**\n * HTLC secret preimage (bytes32). A missing `0x` prefix or an uppercase\n * `0X` prefix is normalised before validation.\n */\n secret: string;\n /**\n * Optional hashlock for client-side pre-validation. When provided, the SDK\n * rejects before calling `writeContract` if `sha256(secret) != hashlock`.\n */\n hashlock?: Hex;\n /**\n * Activation metadata passed through to the contract. Required to keep\n * the \"empty metadata\" convention explicit at the call site — pass `\"0x\"`\n * (empty bytes) when no metadata is needed. Must be a 0x-prefixed hex\n * string with an even number of hex chars.\n */\n activationMetadata: Hex;\n /** Caller-provided write callback — see {@link EthContractWriter}. */\n writeContract: EthContractWriter<R>;\n /**\n * Optional abort signal. Checked before validation runs; since validation\n * is fully synchronous, cancellation between validation and the write is\n * not observable and callers should rely on the transport's own\n * cancellation support for that window.\n */\n signal?: AbortSignal;\n}\n\n/**\n * Reveal the HTLC secret on Ethereum and activate the vault.\n *\n * Validates inputs, optionally pre-checks the secret against the expected\n * hashlock, and delegates the contract write to `writeContract`. Returns\n * whatever the writer returns so callers can keep richer transport-specific\n * metadata (e.g. viem receipts) end-to-end.\n *\n * @throws `Error` if `btcVaultRegistryAddress` is not a valid 20-byte address\n * @throws `Error` if `vaultId` or `secret` is not a valid 32-byte hex\n * @throws `Error` if `hashlock` is provided and is not a valid 32-byte hex,\n * or if `sha256(secret) != hashlock`\n * @throws `Error` if `activationMetadata` is not a 0x-prefixed hex byte\n * string (must have an even number of hex chars). Pass `\"0x\"` for\n * empty metadata.\n * @throws whatever the injected `writeContract` throws\n * @throws `AbortError` / caller-provided abort reason if `signal` aborts\n */\nexport async function activateVault<\n R extends EthContractWriteResult = EthContractWriteResult,\n>(input: ActivateVaultInput<R>): Promise<R> {\n const {\n btcVaultRegistryAddress,\n vaultId,\n hashlock,\n activationMetadata,\n writeContract,\n signal,\n } = input;\n\n signal?.throwIfAborted();\n\n assertAddress(btcVaultRegistryAddress, \"btcVaultRegistryAddress\");\n assertBytes32(vaultId, \"vaultId\");\n\n const normalizedSecret = ensureHexPrefix(input.secret);\n assertBytes32(normalizedSecret, \"secret\");\n\n if (hashlock !== undefined) {\n assertBytes32(hashlock, \"hashlock\");\n if (!validateSecretAgainstHashlock(normalizedSecret, hashlock)) {\n throw new Error(\n \"Invalid secret: SHA256(secret) does not match the provided hashlock\",\n );\n }\n }\n\n assertHexBytes(activationMetadata, \"activationMetadata\");\n\n return writeContract({\n address: btcVaultRegistryAddress,\n abi: BTCVaultRegistryABI,\n functionName: \"activateVaultWithSecret\",\n args: [vaultId, normalizedSecret, activationMetadata],\n });\n}\n","/**\n * Poll `getPeginStatus` until the VP reaches one of the target statuses.\n *\n * Pure polling utility with no framework dependencies (no localStorage, no React).\n * Handles \"PegIn not found\" as transient (VP hasn't ingested yet).\n */\n\nimport { JsonRpcError } from \"../../clients/vault-provider/json-rpc-client\";\nimport {\n RpcErrorCode,\n VP_TERMINAL_STATUSES,\n type DaemonStatus,\n} from \"../../clients/vault-provider/types\";\nimport type { PeginStatusReader } from \"./interfaces\";\n\n/** Default polling interval (10 seconds). */\nconst DEFAULT_POLL_INTERVAL_MS = 10_000;\n\nexport interface WaitForPeginStatusParams {\n /** VP client implementing the status reader interface */\n statusReader: PeginStatusReader;\n /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n peginTxid: string;\n /** Set of acceptable statuses — polling stops when the VP reports one of these */\n targetStatuses: ReadonlySet<DaemonStatus>;\n /** Maximum time to wait in milliseconds */\n timeoutMs: number;\n /** Polling interval in milliseconds (default: 10s) */\n pollIntervalMs?: number;\n /** AbortSignal for cancellation */\n signal?: AbortSignal;\n}\n\n/**\n * Poll `getPeginStatus` until the VP reaches one of the target statuses.\n *\n * @returns The DaemonStatus string that matched one of the targets\n * @throws Error on timeout, abort, or non-transient RPC error\n */\nexport async function waitForPeginStatus(\n params: WaitForPeginStatusParams,\n): Promise<DaemonStatus> {\n const {\n statusReader,\n peginTxid,\n targetStatuses,\n timeoutMs,\n pollIntervalMs = DEFAULT_POLL_INTERVAL_MS,\n signal,\n } = params;\n\n const startTime = Date.now();\n\n while (true) {\n if (signal?.aborted) {\n throw new Error(\n `Polling aborted for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n );\n }\n\n if (Date.now() - startTime >= timeoutMs) {\n throw new Error(\n `Polling timeout after ${timeoutMs}ms for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n );\n }\n\n try {\n const response = await statusReader.getPeginStatus(\n { pegin_txid: peginTxid },\n signal,\n );\n\n const status = response.status as DaemonStatus;\n if (targetStatuses.has(status)) {\n return status;\n }\n // Fail fast on terminal statuses to avoid waiting for timeout\n if (VP_TERMINAL_STATUSES.has(status) && !targetStatuses.has(status)) {\n throw new Error(\n `Pegin ${peginTxid.slice(0, 8)}… reached terminal status \"${status}\" while waiting for ${[...targetStatuses].join(\", \")}`,\n );\n }\n } catch (error) {\n // \"PegIn not found\" is transient — VP hasn't ingested the pegin yet.\n // Check structured error code first, fall back to message matching.\n const isNotFound =\n (error instanceof JsonRpcError &&\n error.code === RpcErrorCode.NOT_FOUND) ||\n (error instanceof Error && error.message.includes(\"PegIn not found\"));\n if (!isNotFound) {\n throw error;\n }\n }\n\n // Wait before next poll, with abort support\n await new Promise<void>((resolve, reject) => {\n const onAbort = () => {\n clearTimeout(timeoutId);\n reject(\n new Error(\n `Polling aborted for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n ),\n );\n };\n const timeoutId = setTimeout(() => {\n signal?.removeEventListener(\"abort\", onAbort);\n resolve();\n }, pollIntervalMs);\n signal?.addEventListener(\"abort\", onAbort, { once: true });\n });\n }\n}\n","/**\n * Submit pre-derived WOTS public keys to the vault provider.\n *\n * Polls `getPeginStatus` until the VP reaches `PendingDepositorWotsPK`,\n * then submits the keys. If the VP has already moved past WOTS step\n * (e.g., resume flow), submission is skipped.\n *\n * The caller is responsible for deriving WOTS keys externally using\n * `expandWotsSeed` + `deriveWotsBlocksFromSeed` from the SDK's\n * `tbv/core/vault-secrets` and `tbv/core/wots` modules respectively.\n */\n\nimport {\n DaemonStatus,\n POST_WOTS_STATUSES,\n type WotsBlockPublicKey,\n} from \"../../clients/vault-provider/types\";\nimport type { PeginStatusReader, WotsKeySubmitter } from \"./interfaces\";\nimport { waitForPeginStatus } from \"./waitForPeginStatus\";\n\n/** Maximum time to wait for VP to reach PendingDepositorWotsPK (5 min). */\nconst STATUS_POLL_TIMEOUT_MS = 5 * 60 * 1000;\n\n/** All statuses we accept — either ready for submission or already past it. */\nconst TARGET_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n DaemonStatus.PENDING_DEPOSITOR_WOTS_PK,\n ...POST_WOTS_STATUSES,\n]);\n\nexport interface SubmitWotsPublicKeyParams {\n /** VP client implementing the status reader interface */\n statusReader: PeginStatusReader;\n /** VP client implementing the WOTS key submission interface */\n wotsSubmitter: WotsKeySubmitter;\n /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n peginTxid: string;\n /** Depositor's x-only BTC public key (unprefixed hex, 64 chars) */\n depositorPk: string;\n /** Pre-derived WOTS block public keys (one per assert block) */\n wotsPublicKeys: WotsBlockPublicKey[];\n /** Maximum time to wait for VP to be ready (default: 5 min) */\n timeoutMs?: number;\n /** AbortSignal for cancellation */\n signal?: AbortSignal;\n}\n\n/**\n * Submit WOTS public keys to the vault provider.\n *\n * @throws Error on timeout, abort, or RPC error\n */\nexport async function submitWotsPublicKey(\n params: SubmitWotsPublicKeyParams,\n): Promise<void> {\n const {\n statusReader,\n wotsSubmitter,\n peginTxid,\n depositorPk,\n wotsPublicKeys,\n timeoutMs = STATUS_POLL_TIMEOUT_MS,\n signal,\n } = params;\n\n signal?.throwIfAborted();\n\n // Wait until VP has ingested the pegin and is ready for the WOTS key.\n const status = await waitForPeginStatus({\n statusReader,\n peginTxid,\n targetStatuses: TARGET_STATUSES,\n timeoutMs,\n signal,\n });\n\n // Key was already submitted in a previous session (e.g. resume flow)\n if (POST_WOTS_STATUSES.has(status)) {\n return;\n }\n\n signal?.throwIfAborted();\n\n await wotsSubmitter.submitDepositorWotsKey(\n {\n pegin_txid: peginTxid,\n depositor_pk: depositorPk,\n wots_public_keys: wotsPublicKeys,\n },\n signal,\n );\n}\n","/**\n * Depositor Graph Signing Service\n *\n * Signs the depositor's own graph transactions (Payout, NoPayout per challenger)\n * for the depositor-as-claimer flow.\n *\n * Both PSBTs are constructed locally from authoritative on-chain connector\n * parameters and the VP-advertised transaction hexes (which are themselves\n * cross-checked against on-chain or protocol-defined sinks). Building PSBTs\n * locally is essential: every field that enters the Taproot sighash\n * (witnessUtxo, tapLeafScript, controlBlock, tapInternalKey) must come from\n * trusted sources, otherwise a malicious VP could substitute metadata that\n * makes the depositor's signature valid for a different spend.\n *\n * Transaction counts: 1 Payout + N NoPayout = 1 + N total PSBTs.\n *\n * @see btc-vault docs/pegin.md - \"Automatic Graph Creation & Presigning\"\n * @see btc-vault crates/vault/src/transactions/nopayout.rs - NoPayout structure\n */\n\nimport { type Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Transaction } from \"bitcoinjs-lib\";\n\nimport type { BitcoinWallet, SignPsbtOptions } from \"../../../../shared/wallets/interfaces\";\nimport type {\n DepositorAsClaimerPresignatures,\n DepositorGraphTransactions,\n DepositorPreSigsPerChallenger,\n PresignDataPerChallenger,\n} from \"../../clients/vault-provider/types\";\nimport {\n assertNoPayoutOutputMatchesChallenger,\n buildNoPayoutPsbt,\n} from \"../../primitives/psbt/noPayout\";\nimport {\n assertPayoutOutputMatchesRegistered,\n buildPayoutPsbt,\n extractPayoutSignature,\n} from \"../../primitives/psbt/payout\";\nimport {\n stripHexPrefix,\n uint8ArrayToHex,\n} from \"../../primitives/utils/bitcoin\";\nimport { createTaprootScriptPathSignOptions } from \"../../utils/signing\";\n\n/**\n * The depositor signs exactly one input (index 0) per payout/nopayout PSBT.\n * Used to construct SignPsbtOptions for wallet.signPsbt(). PSBTs may carry\n * additional inputs (the payout PSBT includes the assert prevout; the nopayout\n * PSBT includes the two ChallengeAssert prevouts) so the Taproot SIGHASH_DEFAULT\n * sighash commits to all prevouts, but those inputs are not signed by the\n * depositor.\n */\nconst DEPOSITOR_SIGNED_INPUT_COUNT = 1;\n\n/** Tracks which indices in the flat PSBT array belong to which challenger */\ninterface ChallengerEntry {\n challengerPubkey: string;\n noPayoutIdx: number;\n}\n\n/** Result of the collect phase - flat PSBT array with index mapping */\ninterface CollectedDepositorGraphPsbts {\n psbtHexes: string[];\n signOptions: SignPsbtOptions[];\n challengerEntries: ChallengerEntry[];\n}\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/**\n * Compute the local-challenger set for the depositor-as-claimer flow.\n *\n * Per the protocol (see btc-vault crates/vault/src/lib.rs - `LocalChallengers`):\n * localChallengers = {VaultProvider, VaultKeepers} \\ {Claimer}\n *\n * For the depositor-as-claimer flow the claimer is the depositor, so this\n * removes the depositor from the union if present (it usually isn't).\n * The protocol guarantees the result is non-empty by construction.\n */\nfunction deriveLocalChallengers(\n vaultProviderBtcPubkey: string,\n vaultKeeperBtcPubkeys: string[],\n depositorBtcPubkey: string,\n): string[] {\n const depositor = stripHexPrefix(depositorBtcPubkey).toLowerCase();\n const all = [vaultProviderBtcPubkey, ...vaultKeeperBtcPubkeys].map((k) =>\n stripHexPrefix(k).toLowerCase(),\n );\n const filtered = all.filter((k) => k !== depositor);\n if (filtered.length === 0) {\n throw new Error(\n \"Cannot derive localChallengers: removing depositor from {vaultProvider, vaultKeepers} left an empty set\",\n );\n }\n return filtered;\n}\n\n/**\n * Read the txid that the given input references in the unsigned tx, in display\n * (big-endian) hex order. bitcoinjs-lib stores `input.hash` in internal\n * little-endian byte order, which is the reverse of how txids are normally\n * displayed.\n */\nfunction readInputTxid(tx: Transaction, inputIndex: number): string {\n const input = tx.ins[inputIndex];\n return uint8ArrayToHex(new Uint8Array(input.hash).slice().reverse());\n}\n\n/**\n * Verify the noPayout transaction's input at `inputIndex` references the\n * given parent transaction at vout 0 (per nopayout.rs the layout is fixed:\n * Assert:0, ChallengeAssertX:0, ChallengeAssertY:0).\n */\nfunction assertInputReferencesParent(\n noPayoutTx: Transaction,\n inputIndex: number,\n parentTx: Transaction,\n parentLabel: string,\n challengerPubkey: string,\n): void {\n const input = noPayoutTx.ins[inputIndex];\n if (input.index !== 0) {\n throw new Error(\n `NoPayout (challenger ${challengerPubkey}) input ${inputIndex} expected to spend ${parentLabel} vout 0, got vout ${input.index}`,\n );\n }\n const parentTxid = parentTx.getId();\n const inputTxid = readInputTxid(noPayoutTx, inputIndex);\n if (inputTxid !== parentTxid) {\n throw new Error(\n `NoPayout (challenger ${challengerPubkey}) input ${inputIndex} does not reference ${parentLabel} (expected txid ${parentTxid}, got ${inputTxid})`,\n );\n }\n}\n\n// ============================================================================\n// Collect phase\n// ============================================================================\n\n/**\n * Build the depositor's payout PSBT and per-challenger NoPayout PSBTs locally\n * from authoritative connector params.\n *\n * Layout of returned arrays: [Payout, NoPayout_0, NoPayout_1, ...]\n */\nasync function collectDepositorGraphPsbts(\n depositorGraph: DepositorGraphTransactions,\n walletPublicKey: string,\n ctx: DepositorGraphSigningContext,\n): Promise<CollectedDepositorGraphPsbts> {\n const psbtHexes: string[] = [];\n const signOptions: SignPsbtOptions[] = [];\n const challengerEntries: ChallengerEntry[] = [];\n\n // 1. Validate the payout transaction's largest output pays to the\n // depositor's on-chain registered payout scriptPubKey. The payout tx\n // hex is supplied by the VP and otherwise unconstrained; this assertion\n // pins the destination of the funds.\n assertPayoutOutputMatchesRegistered(\n depositorGraph.payout_tx.tx_hex,\n ctx.registeredPayoutScriptPubKey,\n );\n\n // 2. Build the payout PSBT locally. Every sighash-relevant field\n // (witnessUtxo, tapLeafScript, controlBlock, tapInternalKey) is derived\n // from on-chain trusted connector params, not from the VP. The VP-\n // supplied assert tx hex is implicitly pinned by buildPayoutPsbt's\n // input-1 txid check against payoutTx.ins[1].hash.\n const builtPayout = await buildPayoutPsbt({\n payoutTxHex: depositorGraph.payout_tx.tx_hex,\n peginTxHex: ctx.peginTxHex,\n assertTxHex: depositorGraph.assert_tx.tx_hex,\n depositorBtcPubkey: ctx.depositorBtcPubkey,\n vaultProviderBtcPubkey: ctx.vaultProviderBtcPubkey,\n vaultKeeperBtcPubkeys: ctx.vaultKeeperBtcPubkeys,\n universalChallengerBtcPubkeys: ctx.universalChallengerBtcPubkeys,\n timelockPegin: ctx.timelockPegin,\n network: ctx.network,\n });\n psbtHexes.push(builtPayout.psbtHex);\n signOptions.push(\n createTaprootScriptPathSignOptions(\n walletPublicKey,\n DEPOSITOR_SIGNED_INPUT_COUNT,\n ),\n );\n\n // 3. Per-challenger: build the NoPayout PSBT locally too.\n const localChallengers = deriveLocalChallengers(\n ctx.vaultProviderBtcPubkey,\n ctx.vaultKeeperBtcPubkeys,\n ctx.depositorBtcPubkey,\n );\n const claimerPubkey = stripHexPrefix(ctx.depositorBtcPubkey);\n const assertTxParsed = Transaction.fromHex(\n stripHexPrefix(depositorGraph.assert_tx.tx_hex),\n );\n\n for (const challenger of depositorGraph.challenger_presign_data) {\n const challengerPubkey = stripHexPrefix(challenger.challenger_pubkey);\n\n const noPayoutIdx = psbtHexes.length;\n const noPayoutHex = await buildLocalNoPayoutPsbt({\n challenger,\n challengerPubkey,\n claimerPubkey,\n localChallengers,\n assertTxParsed,\n ctx,\n });\n psbtHexes.push(noPayoutHex);\n signOptions.push(\n createTaprootScriptPathSignOptions(\n walletPublicKey,\n DEPOSITOR_SIGNED_INPUT_COUNT,\n ),\n );\n\n challengerEntries.push({\n challengerPubkey,\n noPayoutIdx,\n });\n }\n\n return { psbtHexes, signOptions, challengerEntries };\n}\n\ninterface BuildLocalNoPayoutPsbtParams {\n challenger: PresignDataPerChallenger;\n challengerPubkey: string;\n claimerPubkey: string;\n localChallengers: string[];\n assertTxParsed: Transaction;\n ctx: DepositorGraphSigningContext;\n}\n\n/**\n * Build a single NoPayout PSBT for one challenger from authoritative\n * inputs. Validates the VP-supplied parent transactions match what the\n * NoPayout transaction commits to via input txids, and asserts the output\n * pays to the protocol-defined challenger sink before returning.\n *\n * NoPayout transaction layout (per\n * btc-vault crates/vault/src/transactions/nopayout.rs):\n * - 3 inputs (fixed order):\n * - Input 0: Assert tx output 0 (depositor signs - NoPayout path)\n * - Input 1: ChallengeAssertX tx output 0 (with timelock)\n * - Input 2: ChallengeAssertY tx output 0 (with timelock)\n * - 1 output: BIP-86 P2TR to the challenger\n */\nasync function buildLocalNoPayoutPsbt(\n params: BuildLocalNoPayoutPsbtParams,\n): Promise<string> {\n const {\n challenger,\n challengerPubkey,\n claimerPubkey,\n localChallengers,\n assertTxParsed,\n ctx,\n } = params;\n\n // Pin the output sink before doing any sighash-relevant work.\n assertNoPayoutOutputMatchesChallenger(\n challenger.nopayout_tx.tx_hex,\n challengerPubkey,\n ctx.network,\n );\n\n // Parse the NoPayout tx and the two ChallengeAssert parents.\n const noPayoutTx = Transaction.fromHex(\n stripHexPrefix(challenger.nopayout_tx.tx_hex),\n );\n const challengeAssertXTx = Transaction.fromHex(\n stripHexPrefix(challenger.challenge_assert_x_tx.tx_hex),\n );\n const challengeAssertYTx = Transaction.fromHex(\n stripHexPrefix(challenger.challenge_assert_y_tx.tx_hex),\n );\n\n if (noPayoutTx.ins.length !== 3) {\n throw new Error(\n `NoPayout (challenger ${challengerPubkey}) must have exactly 3 inputs, got ${noPayoutTx.ins.length}`,\n );\n }\n\n // Pin every input's parent. Each parent's outs[0] is the authoritative\n // prevout - because we verified the parent's txid matches what the NoPayout\n // tx commits to, the parent cannot be substituted without changing the\n // NoPayout txid.\n assertInputReferencesParent(\n noPayoutTx,\n 0,\n assertTxParsed,\n \"Assert\",\n challengerPubkey,\n );\n assertInputReferencesParent(\n noPayoutTx,\n 1,\n challengeAssertXTx,\n \"ChallengeAssertX\",\n challengerPubkey,\n );\n assertInputReferencesParent(\n noPayoutTx,\n 2,\n challengeAssertYTx,\n \"ChallengeAssertY\",\n challengerPubkey,\n );\n\n const prevouts = [\n assertTxParsed.outs[0],\n challengeAssertXTx.outs[0],\n challengeAssertYTx.outs[0],\n ].map((out) => ({\n script_pubkey: uint8ArrayToHex(new Uint8Array(out.script)),\n value: out.value,\n }));\n\n return buildNoPayoutPsbt({\n noPayoutTxHex: challenger.nopayout_tx.tx_hex,\n challengerPubkey,\n prevouts,\n connectorParams: {\n claimer: claimerPubkey,\n localChallengers,\n universalChallengers: ctx.universalChallengerBtcPubkeys,\n timelockAssert: ctx.timelockAssert,\n councilMembers: ctx.councilMembers,\n councilQuorum: ctx.councilQuorum,\n },\n });\n}\n\n// ============================================================================\n// Extract phase\n// ============================================================================\n\n/**\n * Extract all signatures from signed PSBTs and assemble into presignatures.\n */\nfunction extractDepositorGraphSignatures(\n signedPsbtHexes: string[],\n challengerEntries: ChallengerEntry[],\n depositorPubkey: string,\n): DepositorAsClaimerPresignatures {\n const payoutSignature = extractPayoutSignature(\n signedPsbtHexes[0],\n depositorPubkey,\n );\n\n const perChallenger: Record<string, DepositorPreSigsPerChallenger> = {};\n for (const entry of challengerEntries) {\n perChallenger[entry.challengerPubkey] = {\n nopayout_signature: extractPayoutSignature(\n signedPsbtHexes[entry.noPayoutIdx],\n depositorPubkey,\n ),\n };\n }\n\n return {\n payout_signatures: {\n payout_signature: payoutSignature,\n },\n per_challenger: perChallenger,\n };\n}\n\n/**\n * Sign multiple PSBTs, using batch signing when the wallet supports it.\n * Falls back to sequential `signPsbt` calls for wallets without `signPsbts`.\n */\nasync function signPsbtsWithFallback(\n wallet: BitcoinWallet,\n psbtHexes: string[],\n options?: SignPsbtOptions[],\n): Promise<string[]> {\n if (typeof wallet.signPsbts === \"function\") {\n return wallet.signPsbts(psbtHexes, options);\n }\n\n const signed: string[] = [];\n for (let i = 0; i < psbtHexes.length; i++) {\n signed.push(await wallet.signPsbt(psbtHexes[i], options?.[i]));\n }\n return signed;\n}\n\n// ============================================================================\n// Main entry point\n// ============================================================================\n\n/**\n * Authoritative inputs required to construct the depositor's Payout AND every\n * per-challenger NoPayout PSBT locally. Every field here must come from\n * trusted on-chain sources, not from the vault provider response. They feed\n * directly into the Taproot sighash.\n */\nexport interface DepositorGraphSigningContext {\n /** Raw pegin BTC transaction hex (provides the depositor's signed prevout) */\n peginTxHex: string;\n /** Depositor's BTC public key (x-only, 64-char hex, no 0x prefix) */\n depositorBtcPubkey: string;\n /** Vault provider's BTC public key (x-only hex, no prefix) */\n vaultProviderBtcPubkey: string;\n /** Sorted vault keeper BTC public keys (x-only hex, no prefix) */\n vaultKeeperBtcPubkeys: string[];\n /** Sorted universal challenger BTC public keys (x-only hex, no prefix) */\n universalChallengerBtcPubkeys: string[];\n /** Pegin CSV timelock from the locked offchain params version (blocks) */\n timelockPegin: number;\n /**\n * Assert CSV timelock from the locked offchain params version (blocks).\n * Sourced from the on-chain ProtocolParams contract via\n * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).timelockAssert`.\n */\n timelockAssert: number;\n /**\n * Security council member x-only public keys (hex, no prefix). Sourced from\n * the on-chain ProtocolParams contract via\n * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).securityCouncilKeys`.\n */\n councilMembers: string[];\n /**\n * M-of-N council quorum threshold. Sourced from the on-chain ProtocolParams\n * contract via `ViemProtocolParamsReader.getOffchainParamsByVersion(...).councilQuorum`.\n */\n councilQuorum: number;\n /** BTC network (Mainnet, Testnet, etc.) */\n network: Network;\n /**\n * On-chain registered depositor payout scriptPubKey (hex, with or without\n * 0x prefix). Used to assert the VP-advertised payout transaction pays to\n * the depositor's registered address before the wallet produces a signature.\n */\n registeredPayoutScriptPubKey: string;\n}\n\nexport interface SignDepositorGraphParams {\n /** The depositor graph from VP response */\n depositorGraph: DepositorGraphTransactions;\n /** Bitcoin wallet for signing */\n btcWallet: BitcoinWallet;\n /** Authoritative inputs used to rebuild every PSBT locally */\n signingContext: DepositorGraphSigningContext;\n}\n\n/**\n * Sign all depositor graph transactions and assemble into presignatures.\n *\n * Flow:\n * 1. Build payout + per-challenger nopayout PSBTs locally\n * 2. Batch sign via wallet.signPsbts() if available, else sequential signPsbt()\n * 3. Extract Schnorr signatures from each signed PSBT\n * 4. Assemble into DepositorAsClaimerPresignatures\n */\nexport async function signDepositorGraph(\n params: SignDepositorGraphParams,\n): Promise<DepositorAsClaimerPresignatures> {\n const { depositorGraph, btcWallet, signingContext } = params;\n\n const depositorPubkey = stripHexPrefix(signingContext.depositorBtcPubkey);\n const walletPublicKey = await btcWallet.getPublicKeyHex();\n\n // 1. Build all PSBTs locally\n const { psbtHexes, signOptions, challengerEntries } =\n await collectDepositorGraphPsbts(\n depositorGraph,\n walletPublicKey,\n signingContext,\n );\n\n // 2. Sign all PSBTs (batch when supported, sequential fallback for mobile)\n const signedPsbtHexes = await signPsbtsWithFallback(\n btcWallet,\n psbtHexes,\n signOptions,\n );\n\n if (signedPsbtHexes.length !== psbtHexes.length) {\n throw new Error(\n `Wallet returned ${signedPsbtHexes.length} signed PSBTs, expected ${psbtHexes.length}`,\n );\n }\n\n // 3. Extract signatures and assemble presignatures\n return extractDepositorGraphSignatures(\n signedPsbtHexes,\n challengerEntries,\n depositorPubkey,\n );\n}\n","/**\n * Payout Signing Orchestration\n *\n * Polls VP for `PendingDepositorSignatures`, fetches presign transactions,\n * signs payouts via PayoutManager, signs the depositor graph, and submits\n * all signatures back to the VP.\n *\n * This is the main deposit protocol step between registration and activation.\n */\n\nimport type { Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport * as bitcoin from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport type { BitcoinWallet } from \"../../../../shared/wallets/interfaces\";\nimport { DaemonStatus } from \"../../clients/vault-provider/types\";\nimport type {\n ClaimerSignatures,\n ClaimerTransactions,\n} from \"../../clients/vault-provider/types\";\nimport { PayoutManager } from \"../../managers/PayoutManager\";\nimport {\n processPublicKeyToXOnly,\n stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\nimport type { PeginStatusReader, PresignClient } from \"./interfaces\";\nimport { signDepositorGraph } from \"./signDepositorGraph\";\nimport { waitForPeginStatus } from \"./waitForPeginStatus\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Context required for signing payout transactions.\n * Caller builds this from on-chain data (contract queries, GraphQL, config).\n */\nexport interface PayoutSigningContext {\n /** Raw pegin BTC transaction hex (for PSBT construction) */\n peginTxHex: string;\n /** Vault provider's BTC public key (x-only hex, no prefix) */\n vaultProviderBtcPubkey: string;\n /** Sorted vault keeper BTC public keys (x-only hex, no prefix) */\n vaultKeeperBtcPubkeys: string[];\n /** Sorted universal challenger BTC public keys (x-only hex, no prefix) */\n universalChallengerBtcPubkeys: string[];\n /** Depositor's BTC public key (x-only hex, no prefix) */\n depositorBtcPubkey: string;\n /** Pegin timelock from the locked offchain params version */\n timelockPegin: number;\n /**\n * Assert CSV timelock from the locked offchain params version (blocks).\n * Source: ProtocolParams contract via\n * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).timelockAssert`.\n * Required for the depositor-graph NoPayout local rebuild.\n */\n timelockAssert: number;\n /**\n * Security council member x-only public keys (hex, no prefix).\n * Source: ProtocolParams contract via\n * `getOffchainParamsByVersion(...).securityCouncilKeys`.\n * Required for the depositor-graph NoPayout local rebuild.\n */\n councilMembers: string[];\n /**\n * M-of-N council quorum threshold.\n * Source: ProtocolParams contract via\n * `getOffchainParamsByVersion(...).councilQuorum`.\n * Required for the depositor-graph NoPayout local rebuild.\n */\n councilQuorum: number;\n /** BTC network (Mainnet, Testnet, etc.) */\n network: Network;\n /** On-chain registered depositor payout scriptPubKey (hex) */\n registeredPayoutScriptPubKey: string;\n}\n\nexport interface RunDepositorPresignFlowParams {\n /** VP client implementing the status reader interface */\n statusReader: PeginStatusReader;\n /** VP client implementing the presign transaction flow interface */\n presignClient: PresignClient;\n /** Bitcoin wallet for signing */\n btcWallet: BitcoinWallet;\n /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n peginTxid: string;\n /** Depositor's x-only BTC public key (unprefixed hex, 64 chars) */\n depositorPk: string;\n /** Signing context built from on-chain data */\n signingContext: PayoutSigningContext;\n /** Maximum polling timeout in milliseconds (default: 20 min) */\n timeoutMs?: number;\n /** AbortSignal for cancellation */\n signal?: AbortSignal;\n /** Optional progress callback (completed claimers, total claimers) */\n onProgress?: (completed: number, total: number) => void;\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** Maximum polling timeout (20 minutes) — VP may take 15-20 min to prepare. */\nconst MAX_POLLING_TIMEOUT_MS = 20 * 60 * 1000;\n\n/** Statuses after payout signatures are submitted — if VP is already here, skip. */\nconst POST_PAYOUT_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n DaemonStatus.PENDING_ACKS,\n DaemonStatus.PENDING_ACTIVATION,\n DaemonStatus.ACTIVATED,\n]);\n\nconst TARGET_STATUS: ReadonlySet<DaemonStatus> = new Set([\n DaemonStatus.PENDING_DEPOSITOR_SIGNATURES,\n ...POST_PAYOUT_STATUSES,\n]);\n\n// ============================================================================\n// Internal helpers\n// ============================================================================\n\ninterface PreparedTransaction {\n claimerPubkeyXOnly: string;\n payoutTxHex: string;\n assertTxHex: string;\n}\n\nfunction prepareTransactionsForSigning(\n claimerTransactions: ClaimerTransactions[],\n): PreparedTransaction[] {\n return claimerTransactions.map((tx) => ({\n claimerPubkeyXOnly: processPublicKeyToXOnly(tx.claimer_pubkey),\n payoutTxHex: tx.payout_tx.tx_hex,\n assertTxHex: tx.assert_tx.tx_hex,\n }));\n}\n\n/**\n * Derive BIP-86 P2TR scriptPubKey hex from an x-only public key.\n * Requires bitcoinjs-lib ECC to be initialized by the caller.\n */\nfunction deriveBip86ScriptPubKey(xOnlyPubkeyHex: string): string {\n const { output } = bitcoin.payments.p2tr({\n internalPubkey: Buffer.from(xOnlyPubkeyHex, \"hex\"),\n });\n if (!output) {\n throw new Error(\"Failed to derive BIP-86 P2TR scriptPubKey\");\n }\n return output.toString(\"hex\");\n}\n\n/**\n * Resolve the expected payout scriptPubKey for a given claimer.\n *\n * - VP/Depositor claimer: payout goes to the depositor's registered payout address\n * - VK claimer: payout goes to a BIP-86 P2TR address derived from the VK's pubkey\n *\n * Note: BIP-86 derivation for VK claimers requires bitcoinjs-lib's ECC to be initialized.\n */\nfunction resolvePayoutScriptPubKey(\n claimerPubkeyXOnly: string,\n context: PayoutSigningContext,\n): string {\n const claimer = stripHexPrefix(claimerPubkeyXOnly).toLowerCase();\n const vpPubkey = stripHexPrefix(\n context.vaultProviderBtcPubkey,\n ).toLowerCase();\n const depositorPubkey = stripHexPrefix(\n context.depositorBtcPubkey,\n ).toLowerCase();\n\n if (claimer === vpPubkey || claimer === depositorPubkey) {\n return context.registeredPayoutScriptPubKey;\n }\n\n // Verify claimer is a known vault keeper\n const isVaultKeeper = context.vaultKeeperBtcPubkeys.some(\n (vk) => stripHexPrefix(vk).toLowerCase() === claimer,\n );\n if (!isVaultKeeper) {\n throw new Error(\n `Unknown claimer pubkey ${claimer}: not VP, depositor, or a registered vault keeper`,\n );\n }\n\n // VK claimer: derive BIP-86 P2TR scriptPubKey from the VK's x-only pubkey\n const scriptPubKey = deriveBip86ScriptPubKey(claimer);\n return `0x${scriptPubKey}`;\n}\n\nfunction buildPayoutSigningInput(\n tx: PreparedTransaction,\n context: PayoutSigningContext,\n) {\n return {\n payoutTxHex: tx.payoutTxHex,\n peginTxHex: context.peginTxHex,\n assertTxHex: tx.assertTxHex,\n vaultProviderBtcPubkey: context.vaultProviderBtcPubkey,\n vaultKeeperBtcPubkeys: context.vaultKeeperBtcPubkeys,\n universalChallengerBtcPubkeys: context.universalChallengerBtcPubkeys,\n depositorBtcPubkey: context.depositorBtcPubkey,\n timelockPegin: context.timelockPegin,\n registeredPayoutScriptPubKey: resolvePayoutScriptPubKey(\n tx.claimerPubkeyXOnly,\n context,\n ),\n };\n}\n\n/**\n * Sign all payout transactions using PayoutManager.\n * Uses batch signing when wallet supports it, sequential otherwise.\n */\nasync function signPayoutTransactions(\n btcWallet: BitcoinWallet,\n context: PayoutSigningContext,\n transactions: PreparedTransaction[],\n onProgress?: (completed: number, total: number) => void,\n): Promise<Record<string, ClaimerSignatures>> {\n const payoutManager = new PayoutManager({\n network: context.network,\n btcWallet,\n });\n\n const totalClaimers = transactions.length;\n onProgress?.(0, totalClaimers);\n\n let payoutSignatures: string[];\n\n if (payoutManager.supportsBatchSigning()) {\n const results = await payoutManager.signPayoutTransactionsBatch(\n transactions.map((tx) => buildPayoutSigningInput(tx, context)),\n );\n payoutSignatures = results.map((r) => r.payoutSignature);\n } else {\n payoutSignatures = [];\n for (let i = 0; i < transactions.length; i++) {\n onProgress?.(i, totalClaimers);\n const result = await payoutManager.signPayoutTransaction(\n buildPayoutSigningInput(transactions[i], context),\n );\n payoutSignatures.push(result.signature);\n }\n }\n\n const signatures: Record<string, ClaimerSignatures> = {};\n for (let i = 0; i < transactions.length; i++) {\n signatures[transactions[i].claimerPubkeyXOnly] = {\n payout_signature: payoutSignatures[i],\n };\n }\n\n onProgress?.(totalClaimers, totalClaimers);\n return signatures;\n}\n\n// ============================================================================\n// Main entry point\n// ============================================================================\n\n/**\n * Poll for payout transactions, sign them, sign the depositor graph,\n * and submit all signatures to the vault provider.\n *\n * This is the main deposit protocol step between registration and activation.\n *\n * @throws Error on timeout, abort, signing failure, or RPC error\n */\nexport async function runDepositorPresignFlow(\n params: RunDepositorPresignFlowParams,\n): Promise<void> {\n const {\n statusReader,\n presignClient,\n btcWallet,\n peginTxid,\n depositorPk,\n signingContext,\n timeoutMs = MAX_POLLING_TIMEOUT_MS,\n signal,\n onProgress,\n } = params;\n\n // Phase 1: Poll until VP is ready for depositor signatures (or already past)\n const status = await waitForPeginStatus({\n statusReader,\n peginTxid,\n targetStatuses: TARGET_STATUS,\n timeoutMs,\n signal,\n });\n\n // Resume-safe: if VP already moved past payout signing, nothing to do\n if (POST_PAYOUT_STATUSES.has(status)) {\n return;\n }\n\n signal?.throwIfAborted();\n\n // Phase 2: Fetch presign transactions\n const response = await presignClient.requestDepositorPresignTransactions(\n {\n pegin_txid: peginTxid,\n depositor_pk: depositorPk,\n },\n signal,\n );\n\n signal?.throwIfAborted();\n\n // Phase 3: Sign VP/VK claimer payout transactions\n // Filter out the depositor's own claimer entry — its payout is signed\n // separately via signDepositorGraph (Phase 4) using VP-provided PSBTs.\n // Including it here would cause a redundant wallet signing prompt whose\n // result is discarded when the depositor graph signature overwrites it.\n const depositorPkNormalized = processPublicKeyToXOnly(depositorPk);\n const nonDepositorTxs = response.txs.filter(\n (tx) => processPublicKeyToXOnly(tx.claimer_pubkey) !== depositorPkNormalized,\n );\n const preparedTransactions = prepareTransactionsForSigning(nonDepositorTxs);\n const claimerSignatures = await signPayoutTransactions(\n btcWallet,\n signingContext,\n preparedTransactions,\n onProgress,\n );\n\n signal?.throwIfAborted();\n\n // Phase 4: Sign depositor-as-claimer graph. Both Payout and per-challenger\n // NoPayout PSBTs are rebuilt locally inside signDepositorGraph from these\n // authoritative connector params and the on-chain protocol parameters.\n const depositorClaimerPresignatures = await signDepositorGraph({\n depositorGraph: response.depositor_graph,\n btcWallet,\n signingContext: {\n peginTxHex: signingContext.peginTxHex,\n depositorBtcPubkey: depositorPk,\n vaultProviderBtcPubkey: signingContext.vaultProviderBtcPubkey,\n vaultKeeperBtcPubkeys: signingContext.vaultKeeperBtcPubkeys,\n universalChallengerBtcPubkeys:\n signingContext.universalChallengerBtcPubkeys,\n timelockPegin: signingContext.timelockPegin,\n timelockAssert: signingContext.timelockAssert,\n councilMembers: signingContext.councilMembers,\n councilQuorum: signingContext.councilQuorum,\n network: signingContext.network,\n registeredPayoutScriptPubKey: signingContext.registeredPayoutScriptPubKey,\n },\n });\n\n signal?.throwIfAborted();\n\n // Phase 5: Submit all signatures to VP\n // Include depositor's own payout signature in the signatures map\n const allSignatures = { ...claimerSignatures };\n allSignatures[stripHexPrefix(depositorPk)] =\n depositorClaimerPresignatures.payout_signatures;\n\n await presignClient.submitDepositorPresignatures(\n {\n pegin_txid: peginTxid,\n depositor_pk: depositorPk,\n signatures: allSignatures,\n depositor_claimer_presignatures: depositorClaimerPresignatures,\n },\n signal,\n );\n}\n","/**\n * Pure validation functions for deposit operations.\n *\n * All validations return a consistent {@link ValidationResult} format or throw\n * on critical failures (e.g. missing protocol participants).\n *\n * Business rules (single-provider limit, max vault count) and form-flow\n * checks (wallet connected) belong in the consumer layer.\n *\n * @module tbv/core/services/deposit/validation\n */\n\nimport {\n formatSatoshisToBtc,\n stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport interface ValidationResult {\n valid: boolean;\n error?: string;\n warnings?: string[];\n}\n\n/**\n * Parameters for checking if a deposit form is valid.\n */\nexport interface DepositFormValidityParams {\n /** Deposit amount in satoshis */\n amountSats: bigint;\n /** Minimum deposit from protocol params */\n minDeposit: bigint;\n /** Maximum deposit from protocol params (optional) */\n maxDeposit?: bigint;\n /** User's available BTC balance in satoshis */\n btcBalance: bigint;\n /** Estimated transaction fee in satoshis */\n estimatedFeeSats?: bigint;\n /** Depositor claim value in satoshis (required output for challenge transactions) */\n depositorClaimValue?: bigint;\n}\n\nexport interface RemainingCapacityParams {\n /** Requested deposit amount in satoshis */\n amount: bigint;\n /**\n * Effective remaining capacity in satoshis (min of protocol-total and\n * per-address remaining). `null` means no cap applies.\n */\n effectiveRemaining: bigint | null;\n}\n\n/** Narrow structural type for UTXO — avoids importing vault-specific types. */\ninterface UtxoLike {\n txid: string;\n vout: number;\n value: number;\n}\n\n/**\n * Parameters for validating multi-vault deposit flow inputs.\n *\n * Callers must resolve any async loading states before calling — the SDK\n * validates resolved data, not React hook state.\n *\n * Form-flow checks (wallet connected, provider selected) are the caller's\n * responsibility and are NOT performed here.\n */\nexport interface MultiVaultDepositFlowInputs {\n vaultAmounts: bigint[];\n confirmedUTXOs: UtxoLike[];\n vaultProviderBtcPubkey: string;\n vaultKeeperBtcPubkeys: string[];\n universalChallengerBtcPubkeys: string[];\n /** Protocol minimum deposit per vault (satoshis) */\n minDeposit: bigint;\n /** Protocol maximum deposit per vault (satoshis) */\n maxDeposit?: bigint;\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers\n// ---------------------------------------------------------------------------\n\nfunction isValidXOnlyHex(hex: string): boolean {\n return /^[0-9a-fA-F]{64}$/.test(hex);\n}\n\n// ---------------------------------------------------------------------------\n// Validation functions\n// ---------------------------------------------------------------------------\n\n/**\n * Check if deposit amount is within valid range and affordable.\n *\n * Returns false when fees/claim value are not yet known (still loading),\n * and includes them in the balance check once available.\n */\nexport function isDepositAmountValid(\n params: DepositFormValidityParams,\n): boolean {\n const {\n amountSats,\n minDeposit,\n maxDeposit,\n btcBalance,\n estimatedFeeSats,\n depositorClaimValue,\n } = params;\n\n if (amountSats <= 0n) return false;\n if (amountSats < minDeposit) return false;\n if (maxDeposit && maxDeposit > 0n && amountSats > maxDeposit) return false;\n\n if (estimatedFeeSats == null || depositorClaimValue == null) return false;\n\n const totalRequired = amountSats + estimatedFeeSats + depositorClaimValue;\n if (totalRequired > btcBalance) return false;\n\n return true;\n}\n\n/**\n * Validate deposit amount against minimum and maximum constraints.\n */\nexport function validateDepositAmount(\n amount: bigint,\n minDeposit: bigint,\n maxDeposit?: bigint,\n): ValidationResult {\n if (amount <= 0n) {\n return {\n valid: false,\n error: \"Deposit amount must be greater than zero\",\n };\n }\n\n if (amount < minDeposit) {\n return {\n valid: false,\n error: `Minimum deposit is ${formatSatoshisToBtc(minDeposit)} BTC`,\n };\n }\n\n if (maxDeposit && maxDeposit > 0n && amount > maxDeposit) {\n return {\n valid: false,\n error: `Maximum deposit is ${formatSatoshisToBtc(maxDeposit)} BTC`,\n };\n }\n\n return { valid: true };\n}\n\n/**\n * Validate that the requested deposit fits within the effective remaining cap.\n */\nexport function validateRemainingCapacity(\n params: RemainingCapacityParams,\n): ValidationResult {\n const { amount, effectiveRemaining } = params;\n if (effectiveRemaining === null) return { valid: true };\n\n if (effectiveRemaining === 0n) {\n return {\n valid: false,\n error: \"Supply cap reached — deposits temporarily paused\",\n };\n }\n\n if (amount > effectiveRemaining) {\n return {\n valid: false,\n error: `Vault size exceeds remaining capacity (${formatSatoshisToBtc(effectiveRemaining)} BTC)`,\n };\n }\n\n return { valid: true };\n}\n\n/**\n * Validate that selected providers exist in the available set.\n *\n * Business rules (e.g. single-provider limit) are the caller's responsibility.\n */\nexport function validateProviderSelection(\n selectedProviders: string[],\n availableProviders: string[],\n): ValidationResult {\n if (!selectedProviders || selectedProviders.length === 0) {\n return {\n valid: false,\n error: \"At least one vault provider must be selected\",\n };\n }\n\n const availableProvidersLower = availableProviders.map((p) =>\n p.toLowerCase(),\n );\n const invalidProviders = selectedProviders.filter(\n (p) => !availableProvidersLower.includes(p.toLowerCase()),\n );\n\n if (invalidProviders.length > 0) {\n return {\n valid: false,\n error: \"Invalid vault provider selected\",\n };\n }\n\n return { valid: true };\n}\n\n/**\n * Validate vault amounts array for multi-vault deposits.\n * Checks count, positivity, and per-vault min/max protocol limits.\n *\n * Max vault count limits are the caller's responsibility.\n */\nexport function validateVaultAmounts(\n amounts: bigint[],\n minDeposit?: bigint,\n maxDeposit?: bigint,\n): ValidationResult {\n if (!amounts || amounts.length === 0) {\n return {\n valid: false,\n error: \"At least one vault amount required\",\n };\n }\n\n for (let i = 0; i < amounts.length; i++) {\n const amount = amounts[i];\n if (amount <= 0n) {\n return {\n valid: false,\n error: `Vault ${i + 1} amount must be positive`,\n };\n }\n if (minDeposit && amount < minDeposit) {\n return {\n valid: false,\n error: `Vault ${i + 1} amount ${formatSatoshisToBtc(amount)} BTC is below minimum deposit ${formatSatoshisToBtc(minDeposit)} BTC`,\n };\n }\n if (maxDeposit && amount > maxDeposit) {\n return {\n valid: false,\n error: `Vault ${i + 1} amount ${formatSatoshisToBtc(amount)} BTC exceeds maximum deposit ${formatSatoshisToBtc(maxDeposit)} BTC`,\n };\n }\n }\n\n return { valid: true };\n}\n\n/**\n * Validate vault provider BTC public key format.\n */\nexport function validateVaultProviderPubkey(pubkey: string): ValidationResult {\n const stripped = stripHexPrefix(pubkey);\n if (!isValidXOnlyHex(stripped)) {\n return {\n valid: false,\n error:\n \"Invalid pubkey format: must be 64 hex characters (32-byte x-only public key, no 0x prefix)\",\n };\n }\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers for multi-vault validation\n// ---------------------------------------------------------------------------\n\nfunction validateVaultKeepers(vaultKeeperBtcPubkeys: string[]): void {\n if (!vaultKeeperBtcPubkeys || vaultKeeperBtcPubkeys.length === 0) {\n throw new Error(\n \"No vault keepers available. The system requires at least one vault keeper to create a deposit.\",\n );\n }\n}\n\nfunction validateUniversalChallengers(\n universalChallengerBtcPubkeys: string[],\n): void {\n if (\n !universalChallengerBtcPubkeys ||\n universalChallengerBtcPubkeys.length === 0\n ) {\n throw new Error(\n \"No universal challengers available. The system requires at least one universal challenger to create a deposit.\",\n );\n }\n}\n\nfunction validateUTXOState(confirmedUTXOs: UtxoLike[]): void {\n if (confirmedUTXOs.length === 0) {\n throw new Error(\"No spendable UTXOs available\");\n }\n}\n\n// ---------------------------------------------------------------------------\n// Multi-vault composite validation\n// ---------------------------------------------------------------------------\n\n/**\n * Validate protocol-level multi-vault deposit inputs.\n * Throws an error if any validation fails.\n *\n * Form-flow checks (wallet connections, provider selection) must be\n * performed by the caller before invoking this function.\n */\nexport function validateMultiVaultDepositInputs(\n params: MultiVaultDepositFlowInputs,\n): void {\n const {\n vaultAmounts,\n confirmedUTXOs,\n vaultProviderBtcPubkey,\n vaultKeeperBtcPubkeys,\n universalChallengerBtcPubkeys,\n minDeposit,\n maxDeposit,\n } = params;\n\n const amountsValidation = validateVaultAmounts(\n vaultAmounts,\n minDeposit,\n maxDeposit,\n );\n if (!amountsValidation.valid) {\n throw new Error(amountsValidation.error);\n }\n\n // Vault provider pubkey\n const pubkeyValidation = validateVaultProviderPubkey(vaultProviderBtcPubkey);\n if (!pubkeyValidation.valid) {\n throw new Error(pubkeyValidation.error);\n }\n\n validateVaultKeepers(vaultKeeperBtcPubkeys);\n validateUniversalChallengers(universalChallengerBtcPubkeys);\n validateUTXOState(confirmedUTXOs);\n}\n","/**\n * Pegout state definitions and protocol-level terminal checks.\n *\n * Maps VP-reported pegout statuses from `vaultProvider_getPegoutStatus`\n * to protocol lifecycle states.\n *\n * Lifecycle:\n * ClaimEventReceived -> ClaimBroadcast -> AssertBroadcast -> PayoutBroadcast (success)\n * > ChallengeAssertObserved -> WronglyChallengedBroadcast -> PayoutBroadcast\n * > ChallengeAssertObserved -> Failed (challenger won)\n */\n\n/** Claimer-side pegout statuses reported by the VP. */\nexport enum ClaimerPegoutStatusValue {\n CLAIM_EVENT_RECEIVED = \"ClaimEventReceived\",\n CLAIM_BROADCAST = \"ClaimBroadcast\",\n ASSERT_BROADCAST = \"AssertBroadcast\",\n CHALLENGE_ASSERT_OBSERVED = \"ChallengeAssertObserved\",\n WRONGLY_CHALLENGED_BROADCAST = \"WronglyChallengedBroadcast\",\n PAYOUT_BROADCAST = \"PayoutBroadcast\",\n FAILED = \"Failed\",\n}\n\nconst PEGOUT_TERMINAL_STATUSES = new Set<string>([\n ClaimerPegoutStatusValue.PAYOUT_BROADCAST,\n ClaimerPegoutStatusValue.FAILED,\n]);\n\n/** Whether a claimer status string maps to a known pegout state. */\nexport function isRecognizedPegoutStatus(status: string): boolean {\n return Object.values(ClaimerPegoutStatusValue).includes(\n status as ClaimerPegoutStatusValue,\n );\n}\n\n/**\n * Whether a claimer status is a hard-terminal pegout status\n * (PayoutBroadcast or Failed). Soft-terminal conditions (polling\n * thresholds) are a consumer-side concern.\n */\nexport function isPegoutTerminalStatus(\n claimerStatus: string | undefined,\n): boolean {\n return !!claimerStatus && PEGOUT_TERMINAL_STATUSES.has(claimerStatus);\n}\n","/**\n * Domain errors thrown by the refund service.\n *\n * @module services/refund/errors\n */\n\nimport type { Hex } from \"viem\";\n\n/**\n * Thrown when the broadcast transport rejects the refund tx because the CSV\n * timelock has not yet matured (BIP68 non-final). Callers can surface a\n * friendly \"wait until block N\" message; the original transport error is\n * available via {@link cause}.\n */\nexport class BIP68NotMatureError extends Error {\n public readonly vaultId: Hex;\n public override readonly cause: Error;\n\n constructor(vaultId: Hex, cause: Error) {\n super(`Refund not yet mature (BIP68 not final): ${cause.message}`);\n this.name = \"BIP68NotMatureError\";\n this.vaultId = vaultId;\n this.cause = cause;\n }\n}\n","/**\n * Vault refund orchestration — reclaim BTC from an expired Pre-PegIn HTLC via\n * the CSV-timelocked refund script (leaf 1). SDK owns the sequence of:\n * fetch → fee calc → PSBT build → sign → finalize → broadcast. Pre-fetched\n * data (fee rate) is passed by value; the data-flow-dependent reads\n * (`readVault`, `readPrePeginContext(vault)`) and the interactive transports\n * (`signPsbt`, `broadcastTx`) stay as injected callbacks so the caller keeps\n * its transport choice (viem, wagmi, mempool client, etc.) and error decoding.\n *\n * @module services/refund\n */\n\nimport type { Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Psbt } from \"bitcoinjs-lib\";\nimport type { Address, Hex } from \"viem\";\n\nimport type { SignPsbtOptions } from \"../../../../shared/wallets/interfaces/BitcoinWallet\";\nimport { buildRefundPsbt } from \"../../primitives/psbt/refund\";\nimport {\n processPublicKeyToXOnly,\n stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\nimport { createTaprootScriptPathSignOptions } from \"../../utils/signing\";\n\nimport { BIP68NotMatureError } from \"./errors\";\n\nconst BYTES32_HEX_RE = /^0x[0-9a-fA-F]{64}$/;\n// BTC raw-hex convention: 0x prefix optional, even number of hex chars, must\n// be non-empty. Named distinctly from the ETH-hex regex in activateVault.ts\n// (which requires a 0x prefix and allows empty \"0x\") to make the convention\n// explicit at the call site.\nconst BTC_HEX_BYTES_RE = /^(?:0x)?(?:[0-9a-fA-F]{2})+$/;\n// Pubkeys are either 32 bytes (x-only, 64 hex chars) or 33 bytes (compressed,\n// 66 hex chars). 65 hex chars is not a valid byte length — reject it here\n// rather than letting the malformed value surface as an opaque PSBT/signing\n// failure later.\nconst PUBKEY_HEX_RE = /^(?:0x)?(?:[0-9a-fA-F]{64}|[0-9a-fA-F]{66})$/;\n// Conservative upper bound for the fixed-shape refund tx (1 P2TR script-path\n// input spending the HTLC refund leaf → 1 P2TR/P2WPKH output). Taproot\n// script-path witness: 64-byte Schnorr sig + refund script + control block.\n// This is protocol-owned knowledge; callers don't parameterise it.\nexport const REFUND_VSIZE = 160;\n\n/**\n * Network fee (sats) the SDK will charge for a refund tx at the given\n * sat/vB rate. Mirrors the internal computation in\n * {@link buildAndBroadcastRefund} so callers (e.g. UI fee previews) don't\n * have to duplicate the constant.\n */\nexport function estimateRefundFeeSats(feeRateSatsVb: number): bigint {\n if (!Number.isFinite(feeRateSatsVb) || feeRateSatsVb <= 0) {\n throw new Error(\n `feeRateSatsVb must be a positive finite number, got ${feeRateSatsVb}`,\n );\n }\n return BigInt(Math.ceil(feeRateSatsVb * REFUND_VSIZE));\n}\n// Refund tx has exactly one input — the HTLC output at htlcVout from the\n// Pre-PegIn tx. Used to tell the signer how many sign entries to generate.\n// (Not the taproot leaf index; the leaf is encoded into the PSBT by the\n// WASM PSBT builder based on the refund script path.)\nconst REFUND_INPUT_COUNT = 1;\nconst MAX_VOUT = 0xffff;\nconst BIP68_ERROR_RE = /non-BIP68-final/i;\n\nfunction assertBytes32(value: string, label: string): void {\n if (value.length !== 66) {\n throw new Error(\n `${label} must be 32 bytes (66 hex chars with 0x prefix), got length ${value.length}`,\n );\n }\n if (!BYTES32_HEX_RE.test(value)) {\n throw new Error(\n `${label} must contain only hex characters after the 0x prefix`,\n );\n }\n}\n\n/**\n * Authoritative vault fields needed to build a refund. Versioning fields,\n * the hashlock, and htlcVout must come from the on-chain contract (never the\n * indexer). The amount + `unsignedPrePeginTxHex` + `depositorBtcPubkey` can\n * come from the indexer since they are not security-critical for signing\n * (the PSBT builder re-derives the HTLC script from on-chain params).\n */\nexport interface VaultRefundData {\n hashlock: Hex;\n htlcVout: number;\n offchainParamsVersion: number;\n appVaultKeepersVersion: number;\n universalChallengersVersion: number;\n vaultProvider: Address;\n applicationEntryPoint: Address;\n /** Pre-PegIn HTLC output value in satoshis. */\n amount: bigint;\n /**\n * Funded, pre-witness Pre-PegIn transaction hex. 0x prefix optional.\n * The name mirrors the contract/indexer schema; the bytes are the\n * funded form (refund construction needs real outpoints).\n */\n unsignedPrePeginTxHex: string;\n /** Depositor's BTC public key (x-only or compressed hex; 0x prefix optional). */\n depositorBtcPubkey: string;\n}\n\n/**\n * Version-resolved protocol context that parameterises the HTLC's taproot\n * scripts. The *signer-set* fields (`vaultKeeperPubkeys`,\n * `universalChallengerPubkeys`) and the version-locked numeric protocol\n * params **must** be sourced from the on-chain contract at the version\n * pinned in {@link VaultRefundData} — this is the trust boundary.\n * `vaultProviderPubkey` today is sourced from the GraphQL indexer via\n * `fetchVaultProviderById`; the caller is responsible for any additional\n * cross-check it requires. Keeper and challenger pubkey arrays must be\n * pre-sorted the same way the Rust protocol sorts them (canonical for\n * script derivation).\n */\nexport interface RefundPrePeginContext {\n vaultProviderPubkey: string;\n vaultKeeperPubkeys: readonly string[];\n universalChallengerPubkeys: readonly string[];\n timelockRefund: number;\n feeRate: bigint;\n numLocalChallengers: number;\n councilQuorum: number;\n councilSize: number;\n network: Network;\n}\n\n/** Minimum shape required from a broadcast result. */\nexport interface BtcBroadcastResult {\n txId: string;\n}\n\nexport type BtcBroadcaster<\n R extends BtcBroadcastResult = BtcBroadcastResult,\n> = (signedTxHex: string) => Promise<R>;\n\nexport type RefundPsbtSigner = (\n psbtHex: string,\n opts: SignPsbtOptions,\n) => Promise<string>;\n\nexport interface RefundInput<\n R extends BtcBroadcastResult = BtcBroadcastResult,\n> {\n vaultId: Hex;\n /**\n * Fetch authoritative on-chain + indexer vault data. The SDK passes no\n * arguments — the caller closes over `vaultId` (or any other context it\n * needs).\n */\n readVault: () => Promise<VaultRefundData>;\n /**\n * Fetch the version-pinned refund context (sorted pubkeys, timelock, etc.)\n * derived from the vault's locked versions.\n */\n readPrePeginContext: (\n vault: VaultRefundData,\n ) => Promise<RefundPrePeginContext>;\n /**\n * Mempool-derived sat/vB fee rate to use for the refund tx (positive\n * number). Caller fetches this before invoking — it does not depend on\n * any value the SDK computes, and folding it into the call keeps the\n * orchestration honest.\n */\n feeRate: number;\n /** BTC wallet signer; receives a PSBT hex + taproot script-path options. */\n signPsbt: RefundPsbtSigner;\n /** Broadcast callback — returns whatever shape the caller needs. */\n broadcastTx: BtcBroadcaster<R>;\n /** Checked at every async boundary. */\n signal?: AbortSignal;\n}\n\nfunction assertNonNegativeInteger(value: number, label: string): void {\n if (!Number.isInteger(value) || value < 0) {\n throw new Error(`${label} must be a non-negative integer, got ${value}`);\n }\n}\n\nfunction validateVaultRefundData(v: VaultRefundData): void {\n assertBytes32(v.hashlock, \"hashlock\");\n if (\n !Number.isInteger(v.htlcVout) ||\n v.htlcVout < 0 ||\n v.htlcVout > MAX_VOUT\n ) {\n throw new Error(\n `htlcVout must be an integer 0-${MAX_VOUT}, got ${v.htlcVout}`,\n );\n }\n // Version fields flow directly into on-chain script derivation via\n // `readPrePeginContext` — NaN, negative, or non-integer values would\n // silently produce wrong scripts. Guard here as defence in depth even\n // though the caller sources these from bigint on-chain reads.\n assertNonNegativeInteger(v.offchainParamsVersion, \"offchainParamsVersion\");\n assertNonNegativeInteger(v.appVaultKeepersVersion, \"appVaultKeepersVersion\");\n assertNonNegativeInteger(\n v.universalChallengersVersion,\n \"universalChallengersVersion\",\n );\n if (typeof v.unsignedPrePeginTxHex !== \"string\" || v.unsignedPrePeginTxHex.length === 0) {\n throw new Error(\"unsignedPrePeginTxHex must be a non-empty hex string\");\n }\n if (!BTC_HEX_BYTES_RE.test(v.unsignedPrePeginTxHex)) {\n throw new Error(\n \"unsignedPrePeginTxHex must be a hex byte string (optional 0x prefix, even length)\",\n );\n }\n if (!v.depositorBtcPubkey || !PUBKEY_HEX_RE.test(v.depositorBtcPubkey)) {\n throw new Error(\n \"depositorBtcPubkey must be 32 or 33 bytes of hex (optional 0x prefix)\",\n );\n }\n if (typeof v.amount !== \"bigint\" || v.amount <= 0n) {\n throw new Error(`amount must be a positive bigint, got ${v.amount}`);\n }\n}\n\nfunction validateRefundPrePeginContext(c: RefundPrePeginContext): void {\n if (!c.vaultProviderPubkey || !PUBKEY_HEX_RE.test(c.vaultProviderPubkey)) {\n throw new Error(\"vaultProviderPubkey must be 32 or 33 bytes of hex\");\n }\n if (c.vaultKeeperPubkeys.length === 0) {\n throw new Error(\"vaultKeeperPubkeys must be non-empty\");\n }\n if (c.universalChallengerPubkeys.length === 0) {\n throw new Error(\"universalChallengerPubkeys must be non-empty\");\n }\n if (!Number.isInteger(c.timelockRefund) || c.timelockRefund <= 0) {\n throw new Error(\n `timelockRefund must be a positive integer, got ${c.timelockRefund}`,\n );\n }\n if (typeof c.feeRate !== \"bigint\" || c.feeRate <= 0n) {\n throw new Error(\n `protocol feeRate must be a positive bigint, got ${c.feeRate}`,\n );\n }\n if (\n !Number.isInteger(c.numLocalChallengers) ||\n c.numLocalChallengers < 0\n ) {\n throw new Error(\"numLocalChallengers must be a non-negative integer\");\n }\n if (\n !Number.isInteger(c.councilQuorum) ||\n !Number.isInteger(c.councilSize) ||\n c.councilQuorum <= 0 ||\n c.councilSize <= 0 ||\n c.councilQuorum > c.councilSize\n ) {\n throw new Error(\n `councilQuorum (${c.councilQuorum}) must be in [1, councilSize=${c.councilSize}]`,\n );\n }\n}\n\nfunction finalizeAndExtract(signedPsbtHex: string): string {\n const psbt = Psbt.fromHex(signedPsbtHex);\n try {\n psbt.finalizeAllInputs();\n } catch (e: unknown) {\n // Some wallets (e.g. Keystone) finalize during signPsbt; bitcoinjs then\n // throws \"Input is already finalized\". Treat that case as a no-op.\n const message = e instanceof Error ? e.message : String(e);\n if (!message.includes(\"already finalized\")) {\n throw new Error(`Failed to finalize refund PSBT: ${message}`);\n }\n }\n return psbt.extractTransaction().toHex();\n}\n\n/**\n * Build, sign, and broadcast a refund transaction for an expired vault.\n *\n * Trust boundary: `readVault` must source the hashlock, htlcVout, and\n * versioning fields from the on-chain contract — an indexer-only path\n * leaves the refund flow open to signer-set substitution. The SDK does\n * not enforce this; it is the caller's responsibility.\n *\n * The broadcast transport is expected to surface Bitcoin's `non-BIP68-final`\n * policy rejection as an `Error` whose message contains that string; when\n * it does, the SDK wraps it in {@link BIP68NotMatureError}. All other\n * transport errors propagate unchanged.\n *\n * @returns whatever the injected `broadcastTx` returns (generic pass-through)\n * @throws `Error` if any validation fails\n * @throws {@link BIP68NotMatureError} if the broadcast is rejected because\n * the refund CSV timelock has not yet matured\n * @throws anything `readVault`, `readPrePeginContext`,\n * `signPsbt`, or `broadcastTx` throws\n */\nexport async function buildAndBroadcastRefund<\n R extends BtcBroadcastResult = BtcBroadcastResult,\n>(input: RefundInput<R>): Promise<R> {\n const {\n vaultId,\n readVault,\n readPrePeginContext,\n feeRate,\n signPsbt,\n broadcastTx,\n signal,\n } = input;\n\n signal?.throwIfAborted();\n assertBytes32(vaultId, \"vaultId\");\n\n const vault = await readVault();\n validateVaultRefundData(vault);\n signal?.throwIfAborted();\n\n const ctx = await readPrePeginContext(vault);\n validateRefundPrePeginContext(ctx);\n signal?.throwIfAborted();\n\n if (!Number.isFinite(feeRate) || feeRate <= 0) {\n throw new Error(`feeRate must be a positive number, got ${feeRate}`);\n }\n const refundFee = BigInt(Math.ceil(feeRate * REFUND_VSIZE));\n signal?.throwIfAborted();\n\n // `vault.depositorBtcPubkey` may arrive as wallet-native compressed sec1\n // (33 bytes) because the caller fetches it live from the wallet for\n // signing. WASM script derivation wants x-only (32 bytes), so normalize\n // here; the raw form is kept for the wallet sign call below.\n const xOnlyDepositorPubkey = processPublicKeyToXOnly(\n vault.depositorBtcPubkey,\n );\n const { psbtHex } = await buildRefundPsbt({\n prePeginParams: {\n depositorPubkey: xOnlyDepositorPubkey,\n vaultProviderPubkey: stripHexPrefix(ctx.vaultProviderPubkey),\n vaultKeeperPubkeys: ctx.vaultKeeperPubkeys.map(stripHexPrefix),\n universalChallengerPubkeys:\n ctx.universalChallengerPubkeys.map(stripHexPrefix),\n hashlocks: [stripHexPrefix(vault.hashlock)],\n timelockRefund: ctx.timelockRefund,\n pegInAmounts: [vault.amount],\n feeRate: ctx.feeRate,\n numLocalChallengers: ctx.numLocalChallengers,\n councilQuorum: ctx.councilQuorum,\n councilSize: ctx.councilSize,\n network: ctx.network,\n },\n fundedPrePeginTxHex: stripHexPrefix(vault.unsignedPrePeginTxHex),\n htlcVout: vault.htlcVout,\n refundFee,\n // buildRefundPsbt's top-level `hashlock` param is documented as \"no 0x\n // prefix\" and flows into the WASM HTLC connector derivation; a prefixed\n // value would derive the wrong refund script leaf and yield an\n // unspendable PSBT. Match the `hashlocks` array handling above.\n hashlock: stripHexPrefix(vault.hashlock),\n });\n signal?.throwIfAborted();\n\n const signOptions = createTaprootScriptPathSignOptions(\n vault.depositorBtcPubkey,\n REFUND_INPUT_COUNT,\n );\n const signedPsbtHex = await signPsbt(psbtHex, signOptions);\n const signedTxHex = finalizeAndExtract(signedPsbtHex);\n signal?.throwIfAborted();\n\n try {\n return await broadcastTx(signedTxHex);\n } catch (error) {\n if (error instanceof Error && BIP68_ERROR_RE.test(error.message)) {\n throw new BIP68NotMatureError(vaultId, error);\n }\n throw error;\n }\n}\n"],"names":["BYTES32_HEX_RE","ADDRESS_HEX_RE","ETH_HEX_BYTES_RE","assertBytes32","value","label","assertAddress","assertHexBytes","activateVault","input","btcVaultRegistryAddress","vaultId","hashlock","activationMetadata","writeContract","signal","normalizedSecret","ensureHexPrefix","validateSecretAgainstHashlock","BTCVaultRegistryABI","DEFAULT_POLL_INTERVAL_MS","waitForPeginStatus","params","statusReader","peginTxid","targetStatuses","timeoutMs","pollIntervalMs","startTime","status","VP_TERMINAL_STATUSES","error","JsonRpcError","RpcErrorCode","resolve","reject","onAbort","timeoutId","STATUS_POLL_TIMEOUT_MS","TARGET_STATUSES","DaemonStatus","POST_WOTS_STATUSES","submitWotsPublicKey","wotsSubmitter","depositorPk","wotsPublicKeys","DEPOSITOR_SIGNED_INPUT_COUNT","deriveLocalChallengers","vaultProviderBtcPubkey","vaultKeeperBtcPubkeys","depositorBtcPubkey","depositor","stripHexPrefix","filtered","k","readInputTxid","tx","inputIndex","uint8ArrayToHex","assertInputReferencesParent","noPayoutTx","parentTx","parentLabel","challengerPubkey","parentTxid","inputTxid","collectDepositorGraphPsbts","depositorGraph","walletPublicKey","ctx","psbtHexes","signOptions","challengerEntries","assertPayoutOutputMatchesRegistered","builtPayout","buildPayoutPsbt","createTaprootScriptPathSignOptions","localChallengers","claimerPubkey","assertTxParsed","Transaction","challenger","noPayoutIdx","noPayoutHex","buildLocalNoPayoutPsbt","assertNoPayoutOutputMatchesChallenger","challengeAssertXTx","challengeAssertYTx","prevouts","out","buildNoPayoutPsbt","extractDepositorGraphSignatures","signedPsbtHexes","depositorPubkey","payoutSignature","extractPayoutSignature","perChallenger","entry","signPsbtsWithFallback","wallet","options","signed","i","signDepositorGraph","btcWallet","signingContext","MAX_POLLING_TIMEOUT_MS","POST_PAYOUT_STATUSES","TARGET_STATUS","prepareTransactionsForSigning","claimerTransactions","processPublicKeyToXOnly","deriveBip86ScriptPubKey","xOnlyPubkeyHex","output","bitcoin","Buffer","resolvePayoutScriptPubKey","claimerPubkeyXOnly","context","claimer","vpPubkey","vk","buildPayoutSigningInput","signPayoutTransactions","transactions","onProgress","payoutManager","PayoutManager","totalClaimers","payoutSignatures","r","result","signatures","runDepositorPresignFlow","presignClient","response","depositorPkNormalized","nonDepositorTxs","preparedTransactions","claimerSignatures","depositorClaimerPresignatures","allSignatures","isValidXOnlyHex","hex","isDepositAmountValid","amountSats","minDeposit","maxDeposit","btcBalance","estimatedFeeSats","depositorClaimValue","validateDepositAmount","amount","formatSatoshisToBtc","validateRemainingCapacity","effectiveRemaining","validateProviderSelection","selectedProviders","availableProviders","availableProvidersLower","p","validateVaultAmounts","amounts","validateVaultProviderPubkey","pubkey","stripped","validateVaultKeepers","validateUniversalChallengers","universalChallengerBtcPubkeys","validateUTXOState","confirmedUTXOs","validateMultiVaultDepositInputs","vaultAmounts","amountsValidation","pubkeyValidation","ClaimerPegoutStatusValue","PEGOUT_TERMINAL_STATUSES","isRecognizedPegoutStatus","isPegoutTerminalStatus","claimerStatus","BIP68NotMatureError","cause","__publicField","BTC_HEX_BYTES_RE","PUBKEY_HEX_RE","REFUND_VSIZE","estimateRefundFeeSats","feeRateSatsVb","REFUND_INPUT_COUNT","MAX_VOUT","BIP68_ERROR_RE","assertNonNegativeInteger","validateVaultRefundData","v","validateRefundPrePeginContext","c","finalizeAndExtract","signedPsbtHex","psbt","Psbt","e","message","buildAndBroadcastRefund","readVault","readPrePeginContext","feeRate","signPsbt","broadcastTx","vault","refundFee","xOnlyDepositorPubkey","psbtHex","buildRefundPsbt","signedTxHex"],"mappings":"6wBAgBMA,EAAiB,sBACjBC,EAAiB,sBAKjBC,EAAmB,wBAEzB,SAASC,EAAcC,EAAeC,EAAqB,CACzD,GAAID,EAAM,SAAW,GACnB,MAAM,IAAI,MACR,GAAGC,CAAK,+DAA+DD,EAAM,MAAM,EAAA,EAGvF,GAAI,CAACJ,EAAe,KAAKI,CAAK,EAC5B,MAAM,IAAI,MACR,GAAGC,CAAK,uDAAA,CAGd,CAEA,SAASC,EAAcF,EAAeC,EAAqB,CACzD,GAAI,CAACJ,EAAe,KAAKG,CAAK,EAC5B,MAAM,IAAI,MACR,GAAGC,CAAK,uDAAA,CAGd,CAEA,SAASE,EAAeH,EAAeC,EAAqB,CAC1D,GAAI,CAACH,EAAiB,KAAKE,CAAK,EAC9B,MAAM,IAAI,MACR,GAAGC,CAAK,oEAAA,CAGd,CAoFA,eAAsBG,GAEpBC,EAA0C,CAC1C,KAAM,CACJ,wBAAAC,EACA,QAAAC,EACA,SAAAC,EACA,mBAAAC,EACA,cAAAC,EACA,OAAAC,CAAA,EACEN,EAEJM,GAAA,MAAAA,EAAQ,iBAERT,EAAcI,EAAyB,yBAAyB,EAChEP,EAAcQ,EAAS,SAAS,EAEhC,MAAMK,EAAmBC,EAAAA,gBAAgBR,EAAM,MAAM,EAGrD,GAFAN,EAAca,EAAkB,QAAQ,EAEpCJ,IAAa,SACfT,EAAcS,EAAU,UAAU,EAC9B,CAACM,EAAAA,8BAA8BF,EAAkBJ,CAAQ,GAC3D,MAAM,IAAI,MACR,qEAAA,EAKN,OAAAL,EAAeM,EAAoB,oBAAoB,EAEhDC,EAAc,CACnB,QAASJ,EACT,IAAKS,EAAAA,oBACL,aAAc,0BACd,KAAM,CAACR,EAASK,EAAkBH,CAAkB,CAAA,CACrD,CACH,CC5JA,MAAMO,GAA2B,IAuBjC,eAAsBC,EACpBC,EACuB,CACvB,KAAM,CACJ,aAAAC,EACA,UAAAC,EACA,eAAAC,EACA,UAAAC,EACA,eAAAC,EAAiBP,GACjB,OAAAL,CAAA,EACEO,EAEEM,EAAY,KAAK,IAAA,EAEvB,OAAa,CACX,GAAIb,GAAA,MAAAA,EAAQ,QACV,MAAM,IAAI,MACR,6BAA6BS,EAAU,MAAM,EAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC,GAAA,EAIlG,GAAI,KAAK,MAAQG,GAAaF,EAC5B,MAAM,IAAI,MACR,yBAAyBA,CAAS,gBAAgBF,EAAU,MAAM,EAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC,GAAA,EAIvH,GAAI,CAMF,MAAMI,GALW,MAAMN,EAAa,eAClC,CAAE,WAAYC,CAAA,EACdT,CAAA,GAGsB,OACxB,GAAIU,EAAe,IAAII,CAAM,EAC3B,OAAOA,EAGT,GAAIC,EAAAA,qBAAqB,IAAID,CAAM,GAAK,CAACJ,EAAe,IAAII,CAAM,EAChE,MAAM,IAAI,MACR,SAASL,EAAU,MAAM,EAAG,CAAC,CAAC,8BAA8BK,CAAM,uBAAuB,CAAC,GAAGJ,CAAc,EAAE,KAAK,IAAI,CAAC,EAAA,CAG7H,OAASM,EAAO,CAOd,GAAI,EAHDA,aAAiBC,EAAAA,cAChBD,EAAM,OAASE,EAAAA,aAAa,WAC7BF,aAAiB,OAASA,EAAM,QAAQ,SAAS,iBAAiB,GAEnE,MAAMA,CAEV,CAGA,MAAM,IAAI,QAAc,CAACG,EAASC,IAAW,CAC3C,MAAMC,EAAU,IAAM,CACpB,aAAaC,CAAS,EACtBF,EACE,IAAI,MACF,6BAA6BX,EAAU,MAAM,EAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC,GAAA,CAChG,CAEJ,EACMY,EAAY,WAAW,IAAM,CACjCtB,GAAA,MAAAA,EAAQ,oBAAoB,QAASqB,GACrCF,EAAA,CACF,EAAGP,CAAc,EACjBZ,GAAA,MAAAA,EAAQ,iBAAiB,QAASqB,EAAS,CAAE,KAAM,IACrD,CAAC,CACH,CACF,CC1FA,MAAME,GAAyB,IAAS,IAGlCC,OAAiD,IAAI,CACzDC,EAAAA,aAAa,0BACb,GAAGC,EAAAA,kBACL,CAAC,EAwBD,eAAsBC,GACpBpB,EACe,CACf,KAAM,CACJ,aAAAC,EACA,cAAAoB,EACA,UAAAnB,EACA,YAAAoB,EACA,eAAAC,EACA,UAAAnB,EAAYY,GACZ,OAAAvB,CAAA,EACEO,EAEJP,GAAA,MAAAA,EAAQ,iBAGR,MAAMc,EAAS,MAAMR,EAAmB,CACtC,aAAAE,EACA,UAAAC,EACA,eAAgBe,GAChB,UAAAb,EACA,OAAAX,CAAA,CACD,EAGG0B,EAAAA,mBAAmB,IAAIZ,CAAM,IAIjCd,GAAA,MAAAA,EAAQ,iBAER,MAAM4B,EAAc,uBAClB,CACE,WAAYnB,EACZ,aAAcoB,EACd,iBAAkBC,CAAA,EAEpB9B,CAAA,EAEJ,CCrCA,MAAM+B,EAA+B,EA6BrC,SAASC,GACPC,EACAC,EACAC,EACU,CACV,MAAMC,EAAYC,EAAAA,eAAeF,CAAkB,EAAE,YAAA,EAI/CG,EAHM,CAACL,EAAwB,GAAGC,CAAqB,EAAE,IAAKK,GAClEF,EAAAA,eAAeE,CAAC,EAAE,YAAA,CAAY,EAEX,OAAQA,GAAMA,IAAMH,CAAS,EAClD,GAAIE,EAAS,SAAW,EACtB,MAAM,IAAI,MACR,yGAAA,EAGJ,OAAOA,CACT,CAQA,SAASE,GAAcC,EAAiBC,EAA4B,CAClE,MAAMhD,EAAQ+C,EAAG,IAAIC,CAAU,EAC/B,OAAOC,EAAAA,gBAAgB,IAAI,WAAWjD,EAAM,IAAI,EAAE,MAAA,EAAQ,SAAS,CACrE,CAOA,SAASkD,EACPC,EACAH,EACAI,EACAC,EACAC,EACM,CACN,MAAMtD,EAAQmD,EAAW,IAAIH,CAAU,EACvC,GAAIhD,EAAM,QAAU,EAClB,MAAM,IAAI,MACR,wBAAwBsD,CAAgB,WAAWN,CAAU,sBAAsBK,CAAW,qBAAqBrD,EAAM,KAAK,EAAA,EAGlI,MAAMuD,EAAaH,EAAS,MAAA,EACtBI,EAAYV,GAAcK,EAAYH,CAAU,EACtD,GAAIQ,IAAcD,EAChB,MAAM,IAAI,MACR,wBAAwBD,CAAgB,WAAWN,CAAU,uBAAuBK,CAAW,mBAAmBE,CAAU,SAASC,CAAS,GAAA,CAGpJ,CAYA,eAAeC,GACbC,EACAC,EACAC,EACuC,CACvC,MAAMC,EAAsB,CAAA,EACtBC,EAAiC,CAAA,EACjCC,EAAuC,CAAA,EAM7CC,EAAAA,oCACEN,EAAe,UAAU,OACzBE,EAAI,4BAAA,EAQN,MAAMK,EAAc,MAAMC,kBAAgB,CACxC,YAAaR,EAAe,UAAU,OACtC,WAAYE,EAAI,WAChB,YAAaF,EAAe,UAAU,OACtC,mBAAoBE,EAAI,mBACxB,uBAAwBA,EAAI,uBAC5B,sBAAuBA,EAAI,sBAC3B,8BAA+BA,EAAI,8BACnC,cAAeA,EAAI,cACnB,QAASA,EAAI,OAAA,CACd,EACDC,EAAU,KAAKI,EAAY,OAAO,EAClCH,EAAY,KACVK,EAAAA,mCACER,EACAtB,CAAA,CACF,EAIF,MAAM+B,EAAmB9B,GACvBsB,EAAI,uBACJA,EAAI,sBACJA,EAAI,kBAAA,EAEAS,EAAgB1B,EAAAA,eAAeiB,EAAI,kBAAkB,EACrDU,EAAiBC,EAAAA,YAAY,QACjC5B,iBAAee,EAAe,UAAU,MAAM,CAAA,EAGhD,UAAWc,KAAcd,EAAe,wBAAyB,CAC/D,MAAMJ,EAAmBX,EAAAA,eAAe6B,EAAW,iBAAiB,EAE9DC,EAAcZ,EAAU,OACxBa,EAAc,MAAMC,GAAuB,CAC/C,WAAAH,EACA,iBAAAlB,EACA,cAAAe,EACA,iBAAAD,EACA,eAAAE,EACA,IAAAV,CAAA,CACD,EACDC,EAAU,KAAKa,CAAW,EAC1BZ,EAAY,KACVK,EAAAA,mCACER,EACAtB,CAAA,CACF,EAGF0B,EAAkB,KAAK,CACrB,iBAAAT,EACA,YAAAmB,CAAA,CACD,CACH,CAEA,MAAO,CAAE,UAAAZ,EAAW,YAAAC,EAAa,kBAAAC,CAAA,CACnC,CAyBA,eAAeY,GACb9D,EACiB,CACjB,KAAM,CACJ,WAAA2D,EACA,iBAAAlB,EACA,cAAAe,EACA,iBAAAD,EACA,eAAAE,EACA,IAAAV,CAAA,EACE/C,EAGJ+D,EAAAA,sCACEJ,EAAW,YAAY,OACvBlB,EACAM,EAAI,OAAA,EAIN,MAAMT,EAAaoB,EAAAA,YAAY,QAC7B5B,iBAAe6B,EAAW,YAAY,MAAM,CAAA,EAExCK,EAAqBN,EAAAA,YAAY,QACrC5B,iBAAe6B,EAAW,sBAAsB,MAAM,CAAA,EAElDM,EAAqBP,EAAAA,YAAY,QACrC5B,iBAAe6B,EAAW,sBAAsB,MAAM,CAAA,EAGxD,GAAIrB,EAAW,IAAI,SAAW,EAC5B,MAAM,IAAI,MACR,wBAAwBG,CAAgB,qCAAqCH,EAAW,IAAI,MAAM,EAAA,EAQtGD,EACEC,EACA,EACAmB,EACA,SACAhB,CAAA,EAEFJ,EACEC,EACA,EACA0B,EACA,mBACAvB,CAAA,EAEFJ,EACEC,EACA,EACA2B,EACA,mBACAxB,CAAA,EAGF,MAAMyB,EAAW,CACfT,EAAe,KAAK,CAAC,EACrBO,EAAmB,KAAK,CAAC,EACzBC,EAAmB,KAAK,CAAC,CAAA,EACzB,IAAKE,IAAS,CACd,cAAe/B,EAAAA,gBAAgB,IAAI,WAAW+B,EAAI,MAAM,CAAC,EACzD,MAAOA,EAAI,KAAA,EACX,EAEF,OAAOC,oBAAkB,CACvB,cAAeT,EAAW,YAAY,OACtC,iBAAAlB,EACA,SAAAyB,EACA,gBAAiB,CACf,QAASV,EACT,iBAAAD,EACA,qBAAsBR,EAAI,8BAC1B,eAAgBA,EAAI,eACpB,eAAgBA,EAAI,eACpB,cAAeA,EAAI,aAAA,CACrB,CACD,CACH,CASA,SAASsB,GACPC,EACApB,EACAqB,EACiC,CACjC,MAAMC,EAAkBC,EAAAA,uBACtBH,EAAgB,CAAC,EACjBC,CAAA,EAGIG,EAA+D,CAAA,EACrE,UAAWC,KAASzB,EAClBwB,EAAcC,EAAM,gBAAgB,EAAI,CACtC,mBAAoBF,EAAAA,uBAClBH,EAAgBK,EAAM,WAAW,EACjCJ,CAAA,CACF,EAIJ,MAAO,CACL,kBAAmB,CACjB,iBAAkBC,CAAA,EAEpB,eAAgBE,CAAA,CAEpB,CAMA,eAAeE,GACbC,EACA7B,EACA8B,EACmB,CACnB,GAAI,OAAOD,EAAO,WAAc,WAC9B,OAAOA,EAAO,UAAU7B,EAAW8B,CAAO,EAG5C,MAAMC,EAAmB,CAAA,EACzB,QAASC,EAAI,EAAGA,EAAIhC,EAAU,OAAQgC,IACpCD,EAAO,KAAK,MAAMF,EAAO,SAAS7B,EAAUgC,CAAC,EAAGF,GAAA,YAAAA,EAAUE,EAAE,CAAC,EAE/D,OAAOD,CACT,CAsEA,eAAsBE,EACpBjF,EAC0C,CAC1C,KAAM,CAAE,eAAA6C,EAAgB,UAAAqC,EAAW,eAAAC,CAAA,EAAmBnF,EAEhDuE,EAAkBzC,EAAAA,eAAeqD,EAAe,kBAAkB,EAClErC,EAAkB,MAAMoC,EAAU,gBAAA,EAGlC,CAAE,UAAAlC,EAAW,YAAAC,EAAa,kBAAAC,CAAA,EAC9B,MAAMN,GACJC,EACAC,EACAqC,CAAA,EAIEb,EAAkB,MAAMM,GAC5BM,EACAlC,EACAC,CAAA,EAGF,GAAIqB,EAAgB,SAAWtB,EAAU,OACvC,MAAM,IAAI,MACR,mBAAmBsB,EAAgB,MAAM,2BAA2BtB,EAAU,MAAM,EAAA,EAKxF,OAAOqB,GACLC,EACApB,EACAqB,CAAA,CAEJ,CC1YA,MAAMa,GAAyB,KAAU,IAGnCC,MAAsD,IAAI,CAC9DnE,EAAAA,aAAa,aACbA,EAAAA,aAAa,mBACbA,eAAa,SACf,CAAC,EAEKoE,OAA+C,IAAI,CACvDpE,EAAAA,aAAa,6BACb,GAAGmE,CACL,CAAC,EAYD,SAASE,GACPC,EACuB,CACvB,OAAOA,EAAoB,IAAKtD,IAAQ,CACtC,mBAAoBuD,EAAAA,wBAAwBvD,EAAG,cAAc,EAC7D,YAAaA,EAAG,UAAU,OAC1B,YAAaA,EAAG,UAAU,MAAA,EAC1B,CACJ,CAMA,SAASwD,GAAwBC,EAAgC,CAC/D,KAAM,CAAE,OAAAC,CAAA,EAAWC,EAAQ,SAAS,KAAK,CACvC,eAAgBC,EAAAA,OAAO,KAAKH,EAAgB,KAAK,CAAA,CAClD,EACD,GAAI,CAACC,EACH,MAAM,IAAI,MAAM,2CAA2C,EAE7D,OAAOA,EAAO,SAAS,KAAK,CAC9B,CAUA,SAASG,GACPC,EACAC,EACQ,CACR,MAAMC,EAAUpE,EAAAA,eAAekE,CAAkB,EAAE,YAAA,EAC7CG,EAAWrE,EAAAA,eACfmE,EAAQ,sBAAA,EACR,YAAA,EACI1B,EAAkBzC,EAAAA,eACtBmE,EAAQ,kBAAA,EACR,YAAA,EAEF,GAAIC,IAAYC,GAAYD,IAAY3B,EACtC,OAAO0B,EAAQ,6BAOjB,GAAI,CAHkBA,EAAQ,sBAAsB,KACjDG,GAAOtE,EAAAA,eAAesE,CAAE,EAAE,gBAAkBF,CAAA,EAG7C,MAAM,IAAI,MACR,0BAA0BA,CAAO,mDAAA,EAMrC,MAAO,KADcR,GAAwBQ,CAAO,CAC5B,EAC1B,CAEA,SAASG,EACPnE,EACA+D,EACA,CACA,MAAO,CACL,YAAa/D,EAAG,YAChB,WAAY+D,EAAQ,WACpB,YAAa/D,EAAG,YAChB,uBAAwB+D,EAAQ,uBAChC,sBAAuBA,EAAQ,sBAC/B,8BAA+BA,EAAQ,8BACvC,mBAAoBA,EAAQ,mBAC5B,cAAeA,EAAQ,cACvB,6BAA8BF,GAC5B7D,EAAG,mBACH+D,CAAA,CACF,CAEJ,CAMA,eAAeK,GACbpB,EACAe,EACAM,EACAC,EAC4C,CAC5C,MAAMC,EAAgB,IAAIC,gBAAc,CACtC,QAAST,EAAQ,QACjB,UAAAf,CAAA,CACD,EAEKyB,EAAgBJ,EAAa,OACnCC,GAAA,MAAAA,EAAa,EAAGG,GAEhB,IAAIC,EAEJ,GAAIH,EAAc,uBAIhBG,GAHgB,MAAMH,EAAc,4BAClCF,EAAa,IAAKrE,GAAOmE,EAAwBnE,EAAI+D,CAAO,CAAC,CAAA,GAEpC,IAAKY,GAAMA,EAAE,eAAe,MAClD,CACLD,EAAmB,CAAA,EACnB,QAAS,EAAI,EAAG,EAAIL,EAAa,OAAQ,IAAK,CAC5CC,GAAA,MAAAA,EAAa,EAAGG,GAChB,MAAMG,EAAS,MAAML,EAAc,sBACjCJ,EAAwBE,EAAa,CAAC,EAAGN,CAAO,CAAA,EAElDW,EAAiB,KAAKE,EAAO,SAAS,CACxC,CACF,CAEA,MAAMC,EAAgD,CAAA,EACtD,QAAS,EAAI,EAAG,EAAIR,EAAa,OAAQ,IACvCQ,EAAWR,EAAa,CAAC,EAAE,kBAAkB,EAAI,CAC/C,iBAAkBK,EAAiB,CAAC,CAAA,EAIxC,OAAAJ,GAAA,MAAAA,EAAaG,EAAeA,GACrBI,CACT,CAcA,eAAsBC,GACpBhH,EACe,CACf,KAAM,CACJ,aAAAC,EACA,cAAAgH,EACA,UAAA/B,EACA,UAAAhF,EACA,YAAAoB,EACA,eAAA6D,EACA,UAAA/E,EAAYgF,GACZ,OAAA3F,EACA,WAAA+G,CAAA,EACExG,EAGEO,EAAS,MAAMR,EAAmB,CACtC,aAAAE,EACA,UAAAC,EACA,eAAgBoF,GAChB,UAAAlF,EACA,OAAAX,CAAA,CACD,EAGD,GAAI4F,EAAqB,IAAI9E,CAAM,EACjC,OAGFd,GAAA,MAAAA,EAAQ,iBAGR,MAAMyH,EAAW,MAAMD,EAAc,oCACnC,CACE,WAAY/G,EACZ,aAAcoB,CAAA,EAEhB7B,CAAA,EAGFA,GAAA,MAAAA,EAAQ,iBAOR,MAAM0H,EAAwB1B,EAAAA,wBAAwBnE,CAAW,EAC3D8F,EAAkBF,EAAS,IAAI,OAClChF,GAAOuD,EAAAA,wBAAwBvD,EAAG,cAAc,IAAMiF,CAAA,EAEnDE,EAAuB9B,GAA8B6B,CAAe,EACpEE,EAAoB,MAAMhB,GAC9BpB,EACAC,EACAkC,EACAb,CAAA,EAGF/G,GAAA,MAAAA,EAAQ,iBAKR,MAAM8H,EAAgC,MAAMtC,EAAmB,CAC7D,eAAgBiC,EAAS,gBACzB,UAAAhC,EACA,eAAgB,CACd,WAAYC,EAAe,WAC3B,mBAAoB7D,EACpB,uBAAwB6D,EAAe,uBACvC,sBAAuBA,EAAe,sBACtC,8BACEA,EAAe,8BACjB,cAAeA,EAAe,cAC9B,eAAgBA,EAAe,eAC/B,eAAgBA,EAAe,eAC/B,cAAeA,EAAe,cAC9B,QAASA,EAAe,QACxB,6BAA8BA,EAAe,4BAAA,CAC/C,CACD,EAED1F,GAAA,MAAAA,EAAQ,iBAIR,MAAM+H,EAAgB,CAAE,GAAGF,CAAA,EAC3BE,EAAc1F,EAAAA,eAAeR,CAAW,CAAC,EACvCiG,EAA8B,kBAEhC,MAAMN,EAAc,6BAClB,CACE,WAAY/G,EACZ,aAAcoB,EACd,WAAYkG,EACZ,gCAAiCD,CAAA,EAEnC9H,CAAA,CAEJ,CC1RA,SAASgI,GAAgBC,EAAsB,CAC7C,MAAO,oBAAoB,KAAKA,CAAG,CACrC,CAYO,SAASC,GACd3H,EACS,CACT,KAAM,CACJ,WAAA4H,EACA,WAAAC,EACA,WAAAC,EACA,WAAAC,EACA,iBAAAC,EACA,oBAAAC,CAAA,EACEjI,EASJ,MAPI,EAAA4H,GAAc,IACdA,EAAaC,GACbC,GAAcA,EAAa,IAAMF,EAAaE,GAE9CE,GAAoB,MAAQC,GAAuB,MAEjCL,EAAaI,EAAmBC,EAClCF,EAGtB,CAKO,SAASG,GACdC,EACAN,EACAC,EACkB,CAClB,OAAIK,GAAU,GACL,CACL,MAAO,GACP,MAAO,0CAAA,EAIPA,EAASN,EACJ,CACL,MAAO,GACP,MAAO,sBAAsBO,sBAAoBP,CAAU,CAAC,MAAA,EAI5DC,GAAcA,EAAa,IAAMK,EAASL,EACrC,CACL,MAAO,GACP,MAAO,sBAAsBM,sBAAoBN,CAAU,CAAC,MAAA,EAIzD,CAAE,MAAO,EAAA,CAClB,CAKO,SAASO,GACdrI,EACkB,CAClB,KAAM,CAAE,OAAAmI,EAAQ,mBAAAG,CAAA,EAAuBtI,EACvC,OAAIsI,IAAuB,KAAa,CAAE,MAAO,EAAA,EAE7CA,IAAuB,GAClB,CACL,MAAO,GACP,MAAO,kDAAA,EAIPH,EAASG,EACJ,CACL,MAAO,GACP,MAAO,0CAA0CF,sBAAoBE,CAAkB,CAAC,OAAA,EAIrF,CAAE,MAAO,EAAA,CAClB,CAOO,SAASC,GACdC,EACAC,EACkB,CAClB,GAAI,CAACD,GAAqBA,EAAkB,SAAW,EACrD,MAAO,CACL,MAAO,GACP,MAAO,8CAAA,EAIX,MAAME,EAA0BD,EAAmB,IAAKE,GACtDA,EAAE,YAAA,CAAY,EAMhB,OAJyBH,EAAkB,OACxCG,GAAM,CAACD,EAAwB,SAASC,EAAE,aAAa,CAAA,EAGrC,OAAS,EACrB,CACL,MAAO,GACP,MAAO,iCAAA,EAIJ,CAAE,MAAO,EAAA,CAClB,CAQO,SAASC,EACdC,EACAhB,EACAC,EACkB,CAClB,GAAI,CAACe,GAAWA,EAAQ,SAAW,EACjC,MAAO,CACL,MAAO,GACP,MAAO,oCAAA,EAIX,QAAS7D,EAAI,EAAGA,EAAI6D,EAAQ,OAAQ7D,IAAK,CACvC,MAAMmD,EAASU,EAAQ7D,CAAC,EACxB,GAAImD,GAAU,GACZ,MAAO,CACL,MAAO,GACP,MAAO,SAASnD,EAAI,CAAC,0BAAA,EAGzB,GAAI6C,GAAcM,EAASN,EACzB,MAAO,CACL,MAAO,GACP,MAAO,SAAS7C,EAAI,CAAC,WAAWoD,sBAAoBD,CAAM,CAAC,iCAAiCC,sBAAoBP,CAAU,CAAC,MAAA,EAG/H,GAAIC,GAAcK,EAASL,EACzB,MAAO,CACL,MAAO,GACP,MAAO,SAAS9C,EAAI,CAAC,WAAWoD,sBAAoBD,CAAM,CAAC,gCAAgCC,sBAAoBN,CAAU,CAAC,MAAA,CAGhI,CAEA,MAAO,CAAE,MAAO,EAAA,CAClB,CAKO,SAASgB,EAA4BC,EAAkC,CAC5E,MAAMC,EAAWlH,EAAAA,eAAeiH,CAAM,EACtC,OAAKtB,GAAgBuB,CAAQ,EAOtB,CAAE,MAAO,EAAA,EANP,CACL,MAAO,GACP,MACE,4FAAA,CAIR,CAMA,SAASC,GAAqBtH,EAAuC,CACnE,GAAI,CAACA,GAAyBA,EAAsB,SAAW,EAC7D,MAAM,IAAI,MACR,gGAAA,CAGN,CAEA,SAASuH,GACPC,EACM,CACN,GACE,CAACA,GACDA,EAA8B,SAAW,EAEzC,MAAM,IAAI,MACR,gHAAA,CAGN,CAEA,SAASC,GAAkBC,EAAkC,CAC3D,GAAIA,EAAe,SAAW,EAC5B,MAAM,IAAI,MAAM,8BAA8B,CAElD,CAaO,SAASC,GACdtJ,EACM,CACN,KAAM,CACJ,aAAAuJ,EACA,eAAAF,EACA,uBAAA3H,EACA,sBAAAC,EACA,8BAAAwH,EACA,WAAAtB,EACA,WAAAC,CAAA,EACE9H,EAEEwJ,EAAoBZ,EACxBW,EACA1B,EACAC,CAAA,EAEF,GAAI,CAAC0B,EAAkB,MACrB,MAAM,IAAI,MAAMA,EAAkB,KAAK,EAIzC,MAAMC,EAAmBX,EAA4BpH,CAAsB,EAC3E,GAAI,CAAC+H,EAAiB,MACpB,MAAM,IAAI,MAAMA,EAAiB,KAAK,EAGxCR,GAAqBtH,CAAqB,EAC1CuH,GAA6BC,CAA6B,EAC1DC,GAAkBC,CAAc,CAClC,CC9UO,IAAKK,GAAAA,IACVA,EAAA,qBAAuB,qBACvBA,EAAA,gBAAkB,iBAClBA,EAAA,iBAAmB,kBACnBA,EAAA,0BAA4B,0BAC5BA,EAAA,6BAA+B,6BAC/BA,EAAA,iBAAmB,kBACnBA,EAAA,OAAS,SAPCA,IAAAA,GAAA,CAAA,CAAA,EAUZ,MAAMC,OAA+B,IAAY,CAC/C,kBACA,QACF,CAAC,EAGM,SAASC,GAAyBrJ,EAAyB,CAChE,OAAO,OAAO,OAAOmJ,CAAwB,EAAE,SAC7CnJ,CAAA,CAEJ,CAOO,SAASsJ,GACdC,EACS,CACT,MAAO,CAAC,CAACA,GAAiBH,GAAyB,IAAIG,CAAa,CACtE,CC9BO,MAAMC,UAA4B,KAAM,CAI7C,YAAY1K,EAAc2K,EAAc,CACtC,MAAM,4CAA4CA,EAAM,OAAO,EAAE,EAJnDC,EAAA,gBACSA,EAAA,cAIvB,KAAK,KAAO,sBACZ,KAAK,QAAU5K,EACf,KAAK,MAAQ2K,CACf,CACF,CCEA,MAAMtL,GAAiB,sBAKjBwL,GAAmB,+BAKnBC,EAAgB,+CAKTC,EAAe,IAQrB,SAASC,GAAsBC,EAA+B,CACnE,GAAI,CAAC,OAAO,SAASA,CAAa,GAAKA,GAAiB,EACtD,MAAM,IAAI,MACR,uDAAuDA,CAAa,EAAA,EAGxE,OAAO,OAAO,KAAK,KAAKA,EAAgBF,CAAY,CAAC,CACvD,CAKA,MAAMG,GAAqB,EACrBC,EAAW,MACXC,GAAiB,mBAEvB,SAAS5L,EAAcC,EAAeC,EAAqB,CACzD,GAAID,EAAM,SAAW,GACnB,MAAM,IAAI,MACR,GAAGC,CAAK,+DAA+DD,EAAM,MAAM,EAAA,EAGvF,GAAI,CAACJ,GAAe,KAAKI,CAAK,EAC5B,MAAM,IAAI,MACR,GAAGC,CAAK,uDAAA,CAGd,CAmGA,SAAS2L,EAAyB5L,EAAeC,EAAqB,CACpE,GAAI,CAAC,OAAO,UAAUD,CAAK,GAAKA,EAAQ,EACtC,MAAM,IAAI,MAAM,GAAGC,CAAK,wCAAwCD,CAAK,EAAE,CAE3E,CAEA,SAAS6L,GAAwBC,EAA0B,CAEzD,GADA/L,EAAc+L,EAAE,SAAU,UAAU,EAElC,CAAC,OAAO,UAAUA,EAAE,QAAQ,GAC5BA,EAAE,SAAW,GACbA,EAAE,SAAWJ,EAEb,MAAM,IAAI,MACR,iCAAiCA,CAAQ,SAASI,EAAE,QAAQ,EAAA,EAahE,GANAF,EAAyBE,EAAE,sBAAuB,uBAAuB,EACzEF,EAAyBE,EAAE,uBAAwB,wBAAwB,EAC3EF,EACEE,EAAE,4BACF,6BAAA,EAEE,OAAOA,EAAE,uBAA0B,UAAYA,EAAE,sBAAsB,SAAW,EACpF,MAAM,IAAI,MAAM,sDAAsD,EAExE,GAAI,CAACV,GAAiB,KAAKU,EAAE,qBAAqB,EAChD,MAAM,IAAI,MACR,mFAAA,EAGJ,GAAI,CAACA,EAAE,oBAAsB,CAACT,EAAc,KAAKS,EAAE,kBAAkB,EACnE,MAAM,IAAI,MACR,uEAAA,EAGJ,GAAI,OAAOA,EAAE,QAAW,UAAYA,EAAE,QAAU,GAC9C,MAAM,IAAI,MAAM,yCAAyCA,EAAE,MAAM,EAAE,CAEvE,CAEA,SAASC,GAA8BC,EAAgC,CACrE,GAAI,CAACA,EAAE,qBAAuB,CAACX,EAAc,KAAKW,EAAE,mBAAmB,EACrE,MAAM,IAAI,MAAM,mDAAmD,EAErE,GAAIA,EAAE,mBAAmB,SAAW,EAClC,MAAM,IAAI,MAAM,sCAAsC,EAExD,GAAIA,EAAE,2BAA2B,SAAW,EAC1C,MAAM,IAAI,MAAM,8CAA8C,EAEhE,GAAI,CAAC,OAAO,UAAUA,EAAE,cAAc,GAAKA,EAAE,gBAAkB,EAC7D,MAAM,IAAI,MACR,kDAAkDA,EAAE,cAAc,EAAA,EAGtE,GAAI,OAAOA,EAAE,SAAY,UAAYA,EAAE,SAAW,GAChD,MAAM,IAAI,MACR,mDAAmDA,EAAE,OAAO,EAAA,EAGhE,GACE,CAAC,OAAO,UAAUA,EAAE,mBAAmB,GACvCA,EAAE,oBAAsB,EAExB,MAAM,IAAI,MAAM,oDAAoD,EAEtE,GACE,CAAC,OAAO,UAAUA,EAAE,aAAa,GACjC,CAAC,OAAO,UAAUA,EAAE,WAAW,GAC/BA,EAAE,eAAiB,GACnBA,EAAE,aAAe,GACjBA,EAAE,cAAgBA,EAAE,YAEpB,MAAM,IAAI,MACR,kBAAkBA,EAAE,aAAa,gCAAgCA,EAAE,WAAW,GAAA,CAGpF,CAEA,SAASC,GAAmBC,EAA+B,CACzD,MAAMC,EAAOC,EAAAA,KAAK,QAAQF,CAAa,EACvC,GAAI,CACFC,EAAK,kBAAA,CACP,OAASE,EAAY,CAGnB,MAAMC,EAAUD,aAAa,MAAQA,EAAE,QAAU,OAAOA,CAAC,EACzD,GAAI,CAACC,EAAQ,SAAS,mBAAmB,EACvC,MAAM,IAAI,MAAM,mCAAmCA,CAAO,EAAE,CAEhE,CACA,OAAOH,EAAK,mBAAA,EAAqB,MAAA,CACnC,CAsBA,eAAsBI,GAEpBlM,EAAmC,CACnC,KAAM,CACJ,QAAAE,EACA,UAAAiM,EACA,oBAAAC,EACA,QAAAC,EACA,SAAAC,EACA,YAAAC,EACA,OAAAjM,CAAA,EACEN,EAEJM,GAAA,MAAAA,EAAQ,iBACRZ,EAAcQ,EAAS,SAAS,EAEhC,MAAMsM,EAAQ,MAAML,EAAA,EACpBX,GAAwBgB,CAAK,EAC7BlM,GAAA,MAAAA,EAAQ,iBAER,MAAMsD,EAAM,MAAMwI,EAAoBI,CAAK,EAI3C,GAHAd,GAA8B9H,CAAG,EACjCtD,GAAA,MAAAA,EAAQ,iBAEJ,CAAC,OAAO,SAAS+L,CAAO,GAAKA,GAAW,EAC1C,MAAM,IAAI,MAAM,0CAA0CA,CAAO,EAAE,EAErE,MAAMI,EAAY,OAAO,KAAK,KAAKJ,EAAUpB,CAAY,CAAC,EAC1D3K,GAAA,MAAAA,EAAQ,iBAMR,MAAMoM,EAAuBpG,EAAAA,wBAC3BkG,EAAM,kBAAA,EAEF,CAAE,QAAAG,GAAY,MAAMC,kBAAgB,CACxC,eAAgB,CACd,gBAAiBF,EACjB,oBAAqB/J,EAAAA,eAAeiB,EAAI,mBAAmB,EAC3D,mBAAoBA,EAAI,mBAAmB,IAAIjB,EAAAA,cAAc,EAC7D,2BACEiB,EAAI,2BAA2B,IAAIjB,EAAAA,cAAc,EACnD,UAAW,CAACA,EAAAA,eAAe6J,EAAM,QAAQ,CAAC,EAC1C,eAAgB5I,EAAI,eACpB,aAAc,CAAC4I,EAAM,MAAM,EAC3B,QAAS5I,EAAI,QACb,oBAAqBA,EAAI,oBACzB,cAAeA,EAAI,cACnB,YAAaA,EAAI,YACjB,QAASA,EAAI,OAAA,EAEf,oBAAqBjB,EAAAA,eAAe6J,EAAM,qBAAqB,EAC/D,SAAUA,EAAM,SAChB,UAAAC,EAKA,SAAU9J,EAAAA,eAAe6J,EAAM,QAAQ,CAAA,CACxC,EACDlM,GAAA,MAAAA,EAAQ,iBAER,MAAMwD,EAAcK,EAAAA,mCAClBqI,EAAM,mBACNpB,EAAA,EAEIS,EAAgB,MAAMS,EAASK,EAAS7I,CAAW,EACnD+I,EAAcjB,GAAmBC,CAAa,EACpDvL,GAAA,MAAAA,EAAQ,iBAER,GAAI,CACF,OAAO,MAAMiM,EAAYM,CAAW,CACtC,OAASvL,EAAO,CACd,MAAIA,aAAiB,OAASgK,GAAe,KAAKhK,EAAM,OAAO,EACvD,IAAIsJ,EAAoB1K,EAASoB,CAAK,EAExCA,CACR,CACF"}