@babylonlabs-io/ts-sdk 0.33.8 → 0.35.0

package/dist/vault-registry-reader-PsSxB0JZ.js

@@ -1,1162 +0,0 @@
-var ce = Object.defineProperty;
-var le = (n, e, t) => e in n ? ce(n, e, { enumerable: !0, configurable: !0, writable: !0, value: t }) : n[e] = t;
-var h = (n, e, t) => le(n, typeof e != "symbol" ? e + "" : e, t);
-import { D as ue, J as Y, e as de } from "./types-TiIjyo2b.js";
-import { X as B, C as K, s as C, S as pe, h as he } from "./bitcoin-B0S8SHCX.js";
-import { H as S } from "./validation-CxqROCno.js";
-import * as N from "@bitcoin-js/tiny-secp256k1-asmjs";
-import { payments as ge, Transaction as O } from "bitcoinjs-lib";
-import { Buffer as V } from "buffer";
-import { s as F } from "./sha2-6wN58S6R.js";
-import { B as k } from "./BTCVaultRegistry.abi-DbJ5lsFJ.js";
-import { P as b, A as D } from "./ProtocolParams.abi-DXu8L0Fn.js";
-const G = new Set(Object.values(ue)), fe = 200;
-function c(n) {
-  var e;
-  return ((e = JSON.stringify(n)) == null ? void 0 : e.slice(0, fe)) ?? "undefined";
-}
-const _e = "The vault provider returned an unexpected response. Please try again or contact support.";
-class s extends Error {
-  constructor(t) {
-    super(_e);
-    h(this, "detail");
-    this.name = "VpResponseValidationError", this.detail = t;
-  }
-}
-const A = 64;
-function P(n) {
-  return typeof n == "string" && n.length > 0 && S.test(n);
-}
-function Z(n) {
-  return typeof n == "string" && n.length > 0;
-}
-function Q(n, e) {
-  if (!P(n))
-    throw new s(
-      `VP response validation failed: "${e}" must be a non-empty hex string, got ${c(n)}`
-    );
-}
-function _(n, e) {
-  if (!Z(n))
-    throw new s(
-      `VP response validation failed: "${e}" must be a non-empty string, got ${c(n)}`
-    );
-}
-function ee(n, e) {
-  if (!P(n) || n.length !== B && n.length !== K)
-    throw new s(
-      `VP response validation failed: "${e}" must be a ${B} or ${K}-char hex string (BTC pubkey), got ${c(n)}`
-    );
-}
-function me(n) {
-  const e = n.presigning;
-  if (e == null) return;
-  if (typeof e != "object" || Array.isArray(e))
-    throw new s(
-      'VP response validation failed: "progress.presigning" must be an object if present'
-    );
-  const t = e;
-  if (t.depositor_graph_created !== void 0 && typeof t.depositor_graph_created != "boolean")
-    throw new s(
-      `VP response validation failed: "progress.presigning.depositor_graph_created" must be a boolean if present, got ${c(t.depositor_graph_created)}`
-    );
-  if (t.vk_challenger_presigning_completed !== void 0 && typeof t.vk_challenger_presigning_completed != "number")
-    throw new s(
-      `VP response validation failed: "progress.presigning.vk_challenger_presigning_completed" must be a number if present, got ${c(t.vk_challenger_presigning_completed)}`
-    );
-  if (t.vk_challenger_presigning_total !== void 0 && typeof t.vk_challenger_presigning_total != "number")
-    throw new s(
-      `VP response validation failed: "progress.presigning.vk_challenger_presigning_total" must be a number if present, got ${c(t.vk_challenger_presigning_total)}`
-    );
-}
-function te(n) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      "VP response validation failed: getPeginStatus response is not an object"
-    );
-  const e = n;
-  if (!P(e.pegin_txid) || e.pegin_txid.length !== A)
-    throw new s(
-      `VP response validation failed: "pegin_txid" must be a ${A}-char hex string (txid), got ${c(e.pegin_txid)}`
-    );
-  if (typeof e.status != "string")
-    throw new s(
-      'VP response validation failed: "status" must be a string'
-    );
-  if (!G.has(e.status))
-    throw new s(
-      `VP response validation failed: unrecognized status "${e.status}". Expected one of: ${[...G].join(", ")}`
-    );
-  if (e.progress === null || typeof e.progress != "object" || Array.isArray(e.progress))
-    throw new s(
-      'VP response validation failed: "progress" must be an object'
-    );
-  if (me(e.progress), typeof e.health_info != "string")
-    throw new s(
-      'VP response validation failed: "health_info" must be a string'
-    );
-  if (e.last_error !== void 0 && typeof e.last_error != "string")
-    throw new s(
-      `VP response validation failed: "last_error" must be a string if present, got ${c(e.last_error)}`
-    );
-}
-function be(n) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      "VP response validation failed: requestDepositorPresignTransactions response is not an object"
-    );
-  const e = n;
-  if (!Array.isArray(e.txs))
-    throw new s(
-      'VP response validation failed: "txs" must be an array'
-    );
-  for (let t = 0; t < e.txs.length; t++)
-    ye(e.txs[t], `txs[${t}]`);
-  if (e.depositor_graph === null || typeof e.depositor_graph != "object")
-    throw new s(
-      'VP response validation failed: "depositor_graph" must be an object'
-    );
-  $e(
-    e.depositor_graph
-  );
-}
-function y(n, e) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: "${e}" must be an object`
-    );
-  Q(n.tx_hex, `${e}.tx_hex`);
-}
-function ye(n, e) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: "${e}" must be an object`
-    );
-  const t = n;
-  ee(t.claimer_pubkey, `${e}.claimer_pubkey`), y(t.claim_tx, `${e}.claim_tx`), y(t.assert_tx, `${e}.assert_tx`), y(t.payout_tx, `${e}.payout_tx`), _(t.payout_psbt, `${e}.payout_psbt`);
-}
-function we(n, e) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: "${e}" must be an object`
-    );
-  const t = n;
-  _(t.wots_pks_json, `${e}.wots_pks_json`), _(t.gc_wots_keys_json, `${e}.gc_wots_keys_json`);
-}
-function Pe(n, e) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: "${e}" must be an object`
-    );
-  const t = n;
-  if (ee(t.challenger_pubkey, `${e}.challenger_pubkey`), y(
-    t.challenge_assert_x_tx,
-    `${e}.challenge_assert_x_tx`
-  ), y(
-    t.challenge_assert_y_tx,
-    `${e}.challenge_assert_y_tx`
-  ), y(t.nopayout_tx, `${e}.nopayout_tx`), _(t.nopayout_psbt, `${e}.nopayout_psbt`), !Array.isArray(t.challenge_assert_connectors))
-    throw new s(
-      `VP response validation failed: "${e}.challenge_assert_connectors" must be an array`
-    );
-  for (let r = 0; r < t.challenge_assert_connectors.length; r++)
-    we(
-      t.challenge_assert_connectors[r],
-      `${e}.challenge_assert_connectors[${r}]`
-    );
-  if (!Array.isArray(t.output_label_hashes))
-    throw new s(
-      `VP response validation failed: "${e}.output_label_hashes" must be an array`
-    );
-  for (let r = 0; r < t.output_label_hashes.length; r++)
-    Q(
-      t.output_label_hashes[r],
-      `${e}.output_label_hashes[${r}]`
-    );
-}
-function xe(n) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      "VP response validation failed: requestDepositorClaimerArtifacts response is not an object"
-    );
-  const e = n;
-  if (!Z(e.tx_graph_json))
-    throw new s(
-      `VP response validation failed: "tx_graph_json" must be a non-empty string, got ${c(e.tx_graph_json)}`
-    );
-  if (!P(e.verifying_key_hex))
-    throw new s(
-      `VP response validation failed: "verifying_key_hex" must be a non-empty hex string, got ${c(e.verifying_key_hex)}`
-    );
-  if (e.babe_sessions === null || typeof e.babe_sessions != "object")
-    throw new s(
-      'VP response validation failed: "babe_sessions" must be an object'
-    );
-  for (const [t, r] of Object.entries(
-    e.babe_sessions
-  )) {
-    if (r === null || typeof r != "object")
-      throw new s(
-        `VP response validation failed: "babe_sessions.${t}" must be an object`
-      );
-    const i = r;
-    if (!P(i.decryptor_artifacts_hex))
-      throw new s(
-        `VP response validation failed: "babe_sessions.${t}.decryptor_artifacts_hex" must be a non-empty hex string, got ${c(i.decryptor_artifacts_hex)}`
-      );
-  }
-}
-function ve(n) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      "VP response validation failed: pegout status payload is not an object"
-    );
-  const e = n;
-  if (!P(e.pegin_txid) || e.pegin_txid.length !== A)
-    throw new s(
-      `VP response validation failed: "pegin_txid" must be a ${A}-char hex string (txid), got ${c(e.pegin_txid)}`
-    );
-  if (typeof e.found != "boolean")
-    throw new s(
-      `VP response validation failed: "found" must be a boolean, got ${c(e.found)}`
-    );
-  if (e.claimer !== null) {
-    if (typeof e.claimer != "object")
-      throw new s(
-        `VP response validation failed: "claimer" must be an object or null, got ${c(e.claimer)}`
-      );
-    Ve(e.claimer);
-  }
-  if (!Array.isArray(e.challengers))
-    throw new s(
-      `VP response validation failed: "challengers" must be an array, got ${c(e.challengers)}`
-    );
-  for (let t = 0; t < e.challengers.length; t++)
-    Ae(e.challengers[t], t);
-}
-function Ve(n) {
-  if (_(n.status, "claimer.status"), typeof n.failed != "boolean")
-    throw new s(
-      `VP response validation failed: "claimer.failed" must be a boolean, got ${c(n.failed)}`
-    );
-  if (_(n.claim_txid, "claimer.claim_txid"), _(n.claimer_pubkey, "claimer.claimer_pubkey"), _(n.assert_txid, "claimer.assert_txid"), n.challenger_pubkey !== null && typeof n.challenger_pubkey != "string")
-    throw new s(
-      `VP response validation failed: "claimer.challenger_pubkey" must be a string or null, got ${c(n.challenger_pubkey)}`
-    );
-  if (typeof n.created_at != "number")
-    throw new s(
-      `VP response validation failed: "claimer.created_at" must be a number, got ${c(n.created_at)}`
-    );
-  if (typeof n.updated_at != "number")
-    throw new s(
-      `VP response validation failed: "claimer.updated_at" must be a number, got ${c(n.updated_at)}`
-    );
-}
-function Ae(n, e) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: "challengers[${e}]" must be an object, got ${c(n)}`
-    );
-  const t = n;
-  if (_(t.status, `challengers[${e}].status`), _(t.claim_txid, `challengers[${e}].claim_txid`), _(t.claimer_pubkey, `challengers[${e}].claimer_pubkey`), E(t.assert_txid, `challengers[${e}].assert_txid`), E(
-    t.challenge_assert_x_txid,
-    `challengers[${e}].challenge_assert_x_txid`
-  ), E(
-    t.challenge_assert_y_txid,
-    `challengers[${e}].challenge_assert_y_txid`
-  ), E(t.nopayout_txid, `challengers[${e}].nopayout_txid`), typeof t.created_at != "number")
-    throw new s(
-      `VP response validation failed: "challengers[${e}].created_at" must be a number, got ${c(t.created_at)}`
-    );
-  if (typeof t.updated_at != "number")
-    throw new s(
-      `VP response validation failed: "challengers[${e}].updated_at" must be a number, got ${c(t.updated_at)}`
-    );
-}
-function E(n, e) {
-  if (n !== null && typeof n != "string")
-    throw new s(
-      `VP response validation failed: "${e}" must be a string or null, got ${c(n)}`
-    );
-}
-function Se(n) {
-  ne(n, "batchGetPeginStatus", (e) => {
-    e.result !== null && te(e.result);
-  });
-}
-function ke(n) {
-  ne(n, "batchGetPegoutStatus", (e) => {
-    e.result !== null && ve(e.result);
-  });
-}
-function ne(n, e, t) {
-  if (n === null || typeof n != "object")
-    throw new s(
-      `VP response validation failed: ${e} response is not an object`
-    );
-  const r = n;
-  if (!Array.isArray(r.results))
-    throw new s(
-      `VP response validation failed: "${e}.results" must be an array, got ${c(r.results)}`
-    );
-  for (let i = 0; i < r.results.length; i++) {
-    const a = r.results[i];
-    if (a === null || typeof a != "object")
-      throw new s(
-        `VP response validation failed: "${e}.results[${i}]" must be an object, got ${c(a)}`
-      );
-    const o = a;
-    if (!P(o.pegin_txid) || o.pegin_txid.length !== A)
-      throw new s(
-        `VP response validation failed: "${e}.results[${i}].pegin_txid" must be a ${A}-char hex string, got ${c(o.pegin_txid)}`
-      );
-    if (o.error !== null && typeof o.error != "string")
-      throw new s(
-        `VP response validation failed: "${e}.results[${i}].error" must be a string or null, got ${c(o.error)}`
-      );
-    if (o.result === null && o.error === null)
-      throw new s(
-        `VP response validation failed: "${e}.results[${i}]" has neither "result" nor "error" populated`
-      );
-    if (o.result !== null && o.error !== null)
-      throw new s(
-        `VP response validation failed: "${e}.results[${i}]" has both "result" and "error" populated`
-      );
-    t(o, i);
-  }
-}
-function $e(n) {
-  if (y(n.claim_tx, "depositor_graph.claim_tx"), y(n.assert_tx, "depositor_graph.assert_tx"), y(n.payout_tx, "depositor_graph.payout_tx"), _(n.payout_psbt, "depositor_graph.payout_psbt"), !Array.isArray(n.challenger_presign_data))
-    throw new s(
-      'VP response validation failed: "depositor_graph.challenger_presign_data" must be an array'
-    );
-  for (let e = 0; e < n.challenger_presign_data.length; e++)
-    Pe(
-      n.challenger_presign_data[e],
-      `depositor_graph.challenger_presign_data[${e}]`
-    );
-  if (typeof n.offchain_params_version != "number")
-    throw new s(
-      'VP response validation failed: "depositor_graph.offchain_params_version" must be a number'
-    );
-}
-const Te = 6e4;
-class Ce {
-  constructor(e, t) {
-    h(this, "client");
-    const r = {
-      baseUrl: e,
-      timeout: (t == null ? void 0 : t.timeout) ?? Te,
-      retries: t == null ? void 0 : t.retries,
-      retryDelay: t == null ? void 0 : t.retryDelay,
-      retryableFor: t == null ? void 0 : t.retryableFor,
-      headers: t == null ? void 0 : t.headers,
-      tokenProvider: t == null ? void 0 : t.tokenProvider,
-      maxResponseBytes: t == null ? void 0 : t.maxResponseBytes
-    };
-    this.client = new Y(r);
-  }
-  /**
-   * Request the payout/claim/assert transactions that the depositor
-   * needs to pre-sign before the vault can be activated on Bitcoin.
-   */
-  async requestDepositorPresignTransactions(e, t) {
-    const r = await this.client.call("vaultProvider_requestDepositorPresignTransactions", e, t);
-    return be(r), r;
-  }
-  /**
-   * Submit the depositor's pre-signatures for the payout transactions
-   * and the depositor-as-claimer graph.
-   */
-  async submitDepositorPresignatures(e, t) {
-    return this.client.call(
-      "vaultProvider_submitDepositorPresignatures",
-      e,
-      t
-    );
-  }
-  /**
-   * Submit the depositor's WOTS public key to the vault provider.
-   * Called after the pegin is finalized on Ethereum, when the VP is in
-   * `PendingDepositorWotsPK` status.
-   */
-  async submitDepositorWotsKey(e, t) {
-    return this.client.call(
-      "vaultProvider_submitDepositorWotsKey",
-      e,
-      t
-    );
-  }
-  /**
-   * Request the BaBe DecryptorArtifacts needed for the depositor to
-   * independently evaluate garbled circuits during a challenge.
-   */
-  async requestDepositorClaimerArtifacts(e, t) {
-    const r = await this.client.call("vaultProvider_requestDepositorClaimerArtifacts", e, t);
-    return xe(r), r;
-  }
-  /** Get the current pegin status from the vault provider daemon. */
-  async getPeginStatus(e, t) {
-    const r = await this.client.call(
-      "vaultProvider_getPeginStatus",
-      e,
-      t
-    );
-    return te(r), r;
-  }
-  /**
-   * Get pegin status for many txids in one round trip. Per-result envelope
-   * isolates per-pegin failures from the overall RPC. Caller must chunk
-   * inputs at `VP_BATCH_MAX_SIZE`.
-   */
-  async batchGetPeginStatus(e, t) {
-    const r = await this.client.call("vaultProvider_batchGetPeginStatus", e, t);
-    return Se(r), r;
-  }
-  /**
-   * Get pegout status for many txids in one round trip. Same per-result
-   * envelope semantics as `batchGetPeginStatus`.
-   */
-  async batchGetPegoutStatus(e, t) {
-    const r = await this.client.call("vaultProvider_batchGetPegoutStatus", e, t);
-    return ke(r), r;
-  }
-}
-function Ee(n, e) {
-  const t = /* @__PURE__ */ new Set();
-  for (const d of n)
-    t.add(d.toLowerCase());
-  const r = /* @__PURE__ */ new Map(), i = /* @__PURE__ */ new Set(), a = [], o = [];
-  for (const d of e) {
-    const u = d.pegin_txid.toLowerCase();
-    if (!t.has(u)) {
-      o.push(u);
-      continue;
-    }
-    if (i.has(u)) {
-      a.push(u);
-      continue;
-    }
-    i.add(u), r.set(u, { result: d.result, error: d.error });
-  }
-  const l = [];
-  for (const d of t)
-    i.has(d) || l.push(d);
-  return { byTxid: r, missing: l, unexpected: o, duplicate: a };
-}
-async function tt(n) {
-  const {
-    items: e,
-    getTxid: t,
-    batchCall: r,
-    onItem: i,
-    onMissing: a,
-    onDuplicate: o,
-    onDuplicateBatch: l,
-    onWholeBatchError: d,
-    onUnexpected: u,
-    batchSize: f = de
-  } = n;
-  if (!Number.isInteger(f) || f <= 0)
-    throw new Error(
-      `batchPollByProvider: batchSize must be a positive integer, got ${f}`
-    );
-  for (let w = 0; w < e.length; w += f) {
-    const x = e.slice(w, w + f), $ = /* @__PURE__ */ new Map(), j = [];
-    for (const p of x) {
-      const m = t(p).toLowerCase();
-      $.set(m, p), j.push(m);
-    }
-    let v;
-    try {
-      const p = await r(j);
-      v = Ee(j, p.results);
-    } catch (p) {
-      d(x, p);
-      continue;
-    }
-    u && v.unexpected.length > 0 && u(v.unexpected);
-    const T = new Set(v.duplicate);
-    for (const p of T) {
-      const m = $.get(p);
-      m && o(m);
-    }
-    l && T.size > 0 && l(T.size);
-    for (const p of v.missing) {
-      const m = $.get(p);
-      m && a(m);
-    }
-    for (const [p, m] of v.byTxid) {
-      if (T.has(p)) continue;
-      const M = $.get(p);
-      M && i(M, {
-        pegin_txid: p,
-        result: m.result,
-        error: m.error
-      });
-    }
-  }
-}
-const Ie = "BIP0322-signed-message", Be = "TapTweak", re = 32, Re = 64;
-function se(n, e) {
-  const t = new TextEncoder().encode(n), r = F(t), i = new Uint8Array(r.length * 2 + e.length);
-  return i.set(r, 0), i.set(r, r.length), i.set(e, r.length * 2), F(i);
-}
-function He(n) {
-  if (n.length !== re) return null;
-  const e = se(Be, n), t = N.xOnlyPointAddTweak(n, e);
-  return t ? t.xOnlyPubkey : null;
-}
-function Ne(n, e, t) {
-  if (e.length !== re || t.length !== Re) return !1;
-  try {
-    const r = se(Ie, n), i = ge.p2tr({
-      internalPubkey: V.from(e)
-    });
-    if (!i.output) return !1;
-    const a = i.output, o = 0, l = new O();
-    l.version = 0, l.locktime = 0;
-    const d = V.concat([
-      V.from([0, 32]),
-      V.from(r)
-    ]);
-    l.addInput(
-      V.alloc(32, 0),
-      // prev_txid = 0x0000...0000
-      4294967295,
-      // prev_vout = 0xFFFFFFFF
-      0,
-      // sequence = 0
-      d
-    ), l.addOutput(a, o);
-    const u = new O();
-    u.version = 0, u.locktime = 0;
-    const f = l.getHash();
-    u.addInput(f, 0, 0), u.addOutput(V.from([106]), o);
-    const w = u.hashForWitnessV1(
-      0,
-      [a],
-      [o],
-      O.SIGHASH_DEFAULT
-    ), x = He(e);
-    return x ? N.verifySchnorr(w, x, t) : !1;
-  } catch {
-    return !1;
-  }
-}
-function R(n, e) {
-  const t = (n & 7) << 5, r = typeof e == "bigint" ? e : BigInt(e);
-  if (r < 0n) throw new Error("cborHead: negative argument");
-  if (r < 24n) return new Uint8Array([t | Number(r)]);
-  if (r < 0x100n) return new Uint8Array([t | 24, Number(r)]);
-  if (r < 0x10000n) {
-    const a = Number(r);
-    return new Uint8Array([t | 25, a >>> 8 & 255, a & 255]);
-  }
-  if (r < 0x100000000n) {
-    const a = Number(r);
-    return new Uint8Array([
-      t | 26,
-      a >>> 24 & 255,
-      a >>> 16 & 255,
-      a >>> 8 & 255,
-      a & 255
-    ]);
-  }
-  const i = new Uint8Array(9);
-  i[0] = t | 27;
-  for (let a = 7; a >= 0; a--)
-    i[1 + a] = Number(r >> BigInt((7 - a) * 8)) & 255;
-  return i;
-}
-function ie(...n) {
-  const e = n.reduce((i, a) => i + a.length, 0), t = new Uint8Array(e);
-  let r = 0;
-  for (const i of n)
-    t.set(i, r), r += i.length;
-  return t;
-}
-function X(n) {
-  const t = [R(4, n.length)];
-  for (const r of n)
-    t.push(R(0, r));
-  return ie(...t);
-}
-function je(n, e, t) {
-  if (!Number.isSafeInteger(t) || t < 0)
-    throw new Error(
-      `encodeServerIdentityPayload: expires_at must be a non-negative safe integer, got ${t}`
-    );
-  const r = R(4, 3), i = X(n), a = X(e), o = R(0, t);
-  return ie(r, i, a, o);
-}
-const Oe = new TextEncoder().encode(
-  "btc-auth.server-identity.v1"
-), De = 2 * 3600;
-class g extends Error {
-  constructor(e, t) {
-    super(e), this.reason = t, this.name = "ServerIdentityError";
-  }
-}
-function I(n) {
-  const e = new Uint8Array(n.length / 2);
-  for (let t = 0; t < e.length; t++)
-    e[t] = parseInt(n.slice(t * 2, t * 2 + 2), 16);
-  return e;
-}
-function Ue(n) {
-  const { proof: e, pinnedServerPubkey: t, now: r } = n, i = n.maxLifetimeSecs ?? De, a = C(t).toLowerCase();
-  if (a.length !== B || !S.test(a))
-    throw new g(
-      `pinnedServerPubkey must be 32-byte hex; got ${a.length} chars`,
-      "invalid_pubkey_encoding"
-    );
-  const o = C(e.server_pubkey).toLowerCase();
-  if (o.length !== B || !S.test(o))
-    throw new g(
-      `server_pubkey must be 32-byte hex; got ${o.length} chars`,
-      "invalid_pubkey_encoding"
-    );
-  if (o !== a)
-    throw new g(
-      `server_pubkey does not match pinned value: expected ${a}, got ${o}`,
-      "pinned_pubkey_mismatch"
-    );
-  if (!Number.isSafeInteger(e.expires_at))
-    throw new g(
-      `expires_at must be a finite integer; got ${JSON.stringify(e.expires_at)}`,
-      "invalid_expires_at"
-    );
-  if (!Number.isSafeInteger(r))
-    throw new g(
-      `now must be a finite integer; got ${JSON.stringify(r)}`,
-      "invalid_expires_at"
-    );
-  if (e.expires_at <= r)
-    throw new g(
-      `server identity proof expired at ${e.expires_at}, now ${r}`,
-      "expired"
-    );
-  if (!Number.isSafeInteger(i) || i <= 0)
-    throw new g(
-      `maxLifetimeSecs must be a positive safe integer; got ${JSON.stringify(i)}`,
-      "invalid_max_lifetime"
-    );
-  if (e.expires_at - r > i)
-    throw new g(
-      `server identity proof expires too far in the future: expires_at=${e.expires_at}, now=${r}, max lifetime=${i}s`,
-      "expires_too_far"
-    );
-  const l = C(e.ephemeral_pubkey).toLowerCase();
-  if (l.length !== K || !S.test(l))
-    throw new g(
-      `ephemeral_pubkey must be 33-byte compressed hex; got ${l.length} chars`,
-      "invalid_ephemeral_pubkey"
-    );
-  const d = l.slice(0, 2);
-  if (d !== "02" && d !== "03")
-    throw new g(
-      `ephemeral_pubkey must be compressed (prefix 02/03); got ${d}`,
-      "invalid_ephemeral_pubkey"
-    );
-  const u = I(l);
-  if (!N.isPoint(u))
-    throw new g(
-      "ephemeral_pubkey is not a valid secp256k1 point",
-      "invalid_ephemeral_pubkey"
-    );
-  const f = C(e.signature).toLowerCase();
-  if (f.length !== pe || !S.test(f))
-    throw new g(
-      `signature must be 64-byte Schnorr hex; got ${f.length} chars`,
-      "invalid_signature_encoding"
-    );
-  const w = je(
-    Oe,
-    I(l),
-    e.expires_at
-  );
-  if (!Ne(w, I(o), I(f)))
-    throw new g(
-      "BIP-322 signature verification failed — ephemeral key is not attested by pinned server pubkey",
-      "signature_verification_failed"
-    );
-}
-const Ke = /* @__PURE__ */ new Set([
-  "vaultProvider_submitDepositorWotsKey",
-  "vaultProvider_submitDepositorPresignatures",
-  "vaultProvider_requestDepositorPresignTransactions"
-]), Le = 6e4, L = "auth_createDepositorToken";
-function ae(n, e) {
-  return new Y({
-    baseUrl: n,
-    timeout: Le,
-    headers: e,
-    retryableFor: (t) => t === L
-  });
-}
-const q = 4102444800, Me = 30;
-class Fe {
-  constructor(e) {
-    // `client` is the only mutable field — see `setClient`. The
-    // identity-bearing fields (peginTxid/authAnchorHex/pinnedServerPubkey)
-    // remain readonly and are checked against re-registration in the
-    // registry's `getOrCreate`.
-    h(this, "client");
-    h(this, "peginTxid");
-    h(this, "authAnchorHex");
-    h(this, "pinnedServerPubkey");
-    h(this, "authGatedMethods");
-    h(this, "refreshSkewSecs");
-    h(this, "now");
-    h(this, "cached", null);
-    h(this, "inFlight", null);
-    this.client = e.client, this.peginTxid = e.peginTxid, this.authAnchorHex = e.authAnchorHex, this.pinnedServerPubkey = e.pinnedServerPubkey, this.authGatedMethods = e.authGatedMethods, this.refreshSkewSecs = e.refreshSkewSecs ?? Me, this.now = e.now ?? (() => Math.floor(Date.now() / 1e3));
-  }
-  /**
-   * Return a bearer token for `method`, or `null` if `method` is not
-   * auth-gated. Triggers a token acquisition if no token is cached or
-   * the cached token is within {@link refreshSkewSecs} of expiry.
-   *
-   * The token-issuing method itself is hard-exempted from the gate —
-   * if `auth_createDepositorToken` were ever included in
-   * `authGatedMethods` (caller misconfiguration) the provider would
-   * recurse into `acquireSingleFlight` from inside the JSON-RPC header
-   * builder before `inFlight` is assigned, defeating the single-flight
-   * guard. Returning `null` here breaks that recursion deterministically.
-   */
-  async getToken(e) {
-    if (e === L || !this.authGatedMethods.has(e)) return null;
-    const t = this.cached;
-    return t && this.now() + this.refreshSkewSecs < t.expiresAt ? t.token : (await this.acquireSingleFlight()).token;
-  }
-  /**
-   * Drop the cached token. Next `getToken` call re-acquires.
-   * Called by `JsonRpcClient` on wire `auth_expired` responses.
-   */
-  invalidate() {
-    this.cached = null;
-  }
-  /**
-   * Swap in a different transport for subsequent token-issuing calls.
-   * Used by the registry when a later caller registers the same
-   * `peginTxid` against a different `baseUrl` — the cached token
-   * (bound to identity, not transport) stays valid, but future
-   * refreshes hit the new URL. An in-flight acquire keeps using the
-   * old client (it captured the reference); next call uses the new.
-   */
-  setClient(e) {
-    this.client = e;
-  }
-  acquireSingleFlight() {
-    const e = this.inFlight;
-    if (e) return e;
-    const t = (async () => {
-      try {
-        const r = await this.client.call(L, {
-          pegin_txid: this.peginTxid,
-          auth_anchor: this.authAnchorHex
-        });
-        if (Ue({
-          proof: r.server_identity,
-          pinnedServerPubkey: this.pinnedServerPubkey,
-          now: this.now()
-        }), typeof r.token != "string" || r.token.length === 0)
-          throw new Error(
-            `VpTokenProvider: invalid token in acquire response (expected non-empty string, got ${typeof r.token})`
-          );
-        const i = this.now();
-        if (!Number.isSafeInteger(r.expires_at) || r.expires_at <= i || r.expires_at > q)
-          throw new Error(
-            `VpTokenProvider: invalid expires_at in acquire response (got ${JSON.stringify(r.expires_at)}; must be a safe integer in (${i}, ${q}])`
-          );
-        const a = {
-          token: r.token,
-          expiresAt: r.expires_at
-        };
-        return this.cached = a, a;
-      } finally {
-        this.inFlight = null;
-      }
-    })();
-    return this.inFlight = t, t;
-  }
-}
-class Ge {
-  constructor() {
-    h(this, "entries", /* @__PURE__ */ new Map());
-  }
-  /**
-   * Return the cached `VpTokenProvider` for `peginTxid` if one exists
-   * with matching `authAnchorHex` and `pinnedServerPubkey`, otherwise
-   * construct and cache a fresh provider. A mismatch on either field
-   * throws — silent overwrite would mask derivation drift or VP
-   * pubkey rotation.
-   */
-  getOrCreate(e) {
-    const t = this.entries.get(e.peginTxid);
-    if (t) {
-      if (t.authAnchorHex !== e.authAnchorHex)
-        throw new Error(
-          `VpTokenRegistry: peginTxid ${e.peginTxid} already bound to authAnchorHex ${t.authAnchorHex.slice(0, 8)}…; got ${e.authAnchorHex.slice(0, 8)}…`
-        );
-      if (t.pinnedServerPubkey !== e.pinnedServerPubkey)
-        throw new Error(
-          `VpTokenRegistry: peginTxid ${e.peginTxid} already bound to pinnedServerPubkey ${t.pinnedServerPubkey.slice(0, 8)}…; got ${e.pinnedServerPubkey.slice(0, 8)}…`
-        );
-      return t.provider.setClient(e.client), t.provider;
-    }
-    const r = new Fe({
-      client: e.client,
-      peginTxid: e.peginTxid,
-      authAnchorHex: e.authAnchorHex,
-      pinnedServerPubkey: e.pinnedServerPubkey,
-      authGatedMethods: Ke
-    });
-    return this.entries.set(e.peginTxid, {
-      provider: r,
-      authAnchorHex: e.authAnchorHex,
-      pinnedServerPubkey: e.pinnedServerPubkey
-    }), r;
-  }
-  /** Return the cached provider, or `undefined` if none. */
-  peek(e) {
-    var t;
-    return (t = this.entries.get(e)) == null ? void 0 : t.provider;
-  }
-  /**
-   * Evict the entry for `peginTxid`. Idempotent. Called on terminal
-   * paths — activation success, user-cancel, or component unmount —
-   * so `authAnchorHex` doesn't outlive the deposit session.
-   */
-  release(e) {
-    this.entries.delete(e);
-  }
-  /**
-   * Wipe every cached entry. Test-only escape hatch — not exposed on
-   * the public {@link VpTokenRegistryPublic} singleton type.
-   *
-   * @internal
-   */
-  clear() {
-    this.entries.clear();
-  }
-  get size() {
-    return this.entries.size;
-  }
-}
-const oe = new Ge();
-function nt(n) {
-  var r;
-  const e = ae(
-    n.baseUrl,
-    (r = n.options) == null ? void 0 : r.headers
-  ), t = oe.getOrCreate({
-    client: e,
-    peginTxid: n.peginTxid,
-    authAnchorHex: n.authAnchorHex,
-    pinnedServerPubkey: n.pinnedServerPubkey
-  });
-  return new Ce(n.baseUrl, {
-    ...n.options,
-    tokenProvider: t
-  });
-}
-function rt(n) {
-  oe.getOrCreate({
-    client: ae(n.baseUrl, n.headers),
-    peginTxid: n.peginTxid,
-    authAnchorHex: n.authAnchorHex,
-    pinnedServerPubkey: n.pinnedServerPubkey
-  });
-}
-async function st(n, e) {
-  const [t, r] = await n.multicall({
-    contracts: [
-      {
-        address: e,
-        abi: k,
-        functionName: "protocolParams"
-      },
-      {
-        address: e,
-        abi: k,
-        functionName: "applicationRegistry"
-      }
-    ],
-    allowFailure: !1
-  });
-  return {
-    protocolParams: t,
-    applicationRegistry: r
-  };
-}
-const W = 65535;
-function U(n) {
-  return {
-    timelockAssert: n.timelockAssert,
-    timelockChallengeAssert: n.timelockChallengeAssert,
-    securityCouncilKeys: [...n.securityCouncilKeys],
-    councilQuorum: n.councilQuorum,
-    feeRate: n.feeRate,
-    babeTotalInstances: n.babeTotalInstances,
-    babeInstancesToFinalize: n.babeInstancesToFinalize,
-    minVpCommissionBps: n.minVpCommissionBps,
-    tRefund: n.tRefund,
-    tStale: n.tStale,
-    minPeginFeeRate: n.minPeginFeeRate,
-    proverProgramVersion: n.proverProgramVersion,
-    minPrepeginDepth: n.minPrepeginDepth
-  };
-}
-function z(n) {
-  return {
-    minimumPegInAmount: n.minimumPegInAmount,
-    maxPegInAmount: n.maxPegInAmount,
-    pegInAckTimeout: n.pegInAckTimeout,
-    pegInActivationTimeout: n.pegInActivationTimeout,
-    maxHtlcOutputCount: n.maxHtlcOutputCount
-  };
-}
-function J(n) {
-  if (n > BigInt(W))
-    throw new Error(
-      `timelockAssert value ${n} exceeds uint16 max (${W})`
-    );
-  return Number(n);
-}
-class it {
-  constructor(e, t) {
-    this.publicClient = e, this.contractAddress = t;
-  }
-  async getTBVProtocolParams() {
-    const e = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "getTBVProtocolParams"
-    });
-    return z(e);
-  }
-  async getLatestOffchainParams() {
-    const e = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "getLatestOffchainParams"
-    });
-    return U(e);
-  }
-  async getOffchainParamsByVersion(e) {
-    const t = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "getOffchainParamsByVersion",
-      args: [e]
-    });
-    return U(t);
-  }
-  async getLatestOffchainParamsVersion() {
-    return await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "latestOffchainParamsVersion"
-    });
-  }
-  async getTimelockPeginByVersion(e) {
-    const t = await this.getOffchainParamsByVersion(e);
-    return J(t.timelockAssert);
-  }
-  /**
-   * Read TBV protocol params and latest offchain params atomically via multicall.
-   * Prevents TOCTOU inconsistency if governance updates params between reads.
-   */
-  async getPegInConfiguration() {
-    const e = await this.publicClient.multicall({
-      contracts: [
-        {
-          address: this.contractAddress,
-          abi: b,
-          functionName: "getTBVProtocolParams"
-        },
-        {
-          address: this.contractAddress,
-          abi: b,
-          functionName: "getLatestOffchainParams"
-        }
-      ],
-      allowFailure: !1
-    }), t = z(e[0]), r = U(e[1]);
-    return {
-      minimumPegInAmount: t.minimumPegInAmount,
-      maxPegInAmount: t.maxPegInAmount,
-      pegInAckTimeout: t.pegInAckTimeout,
-      pegInActivationTimeout: t.pegInActivationTimeout,
-      maxHtlcOutputCount: t.maxHtlcOutputCount,
-      timelockPegin: J(r.timelockAssert),
-      timelockRefund: r.tRefund,
-      minVpCommissionBps: r.minVpCommissionBps,
-      offchainParams: r
-    };
-  }
-}
-function H(n) {
-  return n.map((e) => ({
-    ethAddress: e.ethAddress,
-    btcPubKey: e.btcPubKey
-  }));
-}
-class at {
-  constructor(e, t) {
-    this.publicClient = e, this.contractAddress = t;
-  }
-  async getVaultKeepersByVersion(e, t) {
-    const r = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: D,
-      functionName: "getVaultKeepersByVersion",
-      args: [e, t]
-    });
-    return H(r);
-  }
-  async getCurrentVaultKeepers(e) {
-    const t = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: D,
-      functionName: "getCurrentVaultKeepers",
-      args: [e]
-    });
-    return H(t);
-  }
-  async getCurrentVaultKeepersVersion(e) {
-    return await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: D,
-      functionName: "getCurrentVaultKeepersVersion",
-      args: [e]
-    });
-  }
-}
-class ot {
-  constructor(e, t) {
-    this.publicClient = e, this.contractAddress = t;
-  }
-  async getUniversalChallengersByVersion(e) {
-    const t = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "getUniversalChallengersByVersion",
-      args: [e]
-    });
-    return H(t);
-  }
-  async getCurrentUniversalChallengers() {
-    const e = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "getCurrentUniversalChallengers"
-    });
-    return H(e);
-  }
-  async getLatestUniversalChallengersVersion() {
-    return await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: b,
-      functionName: "latestUniversalChallengersVersion"
-    });
-  }
-}
-class ct {
-  constructor(e, t) {
-    this.publicClient = e, this.contractAddress = t;
-  }
-  /**
-   * Read the VP's persistent x-only BTC pubkey from the on-chain
-   * registry. Validates length, hex form, and secp256k1 curve
-   * membership before minting the brand. Returns 64-char lowercase
-   * hex without the `0x` prefix.
-   */
-  async getVaultProviderBtcPubKey(e) {
-    const r = (await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: k,
-      functionName: "getVaultProviderBTCKey",
-      args: [e]
-    })).toLowerCase();
-    if (!/^0x[0-9a-f]{64}$/.test(r))
-      throw new Error(
-        `getVaultProviderBTCKey returned an unexpected value (vp=${e}, length ${r.length}, prefix "${r.slice(0, 2)}")`
-      );
-    const i = r.slice(2);
-    if (!N.isXOnlyPoint(he(i)))
-      throw new Error(
-        `getVaultProviderBTCKey returned a value that is not on the secp256k1 curve (vp=${e})`
-      );
-    return i;
-  }
-  async getVaultBasicInfo(e) {
-    const t = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: k,
-      functionName: "getBtcVaultBasicInfo",
-      args: [e]
-    });
-    return {
-      depositor: t.depositor,
-      depositorBtcPubKey: t.depositorBtcPubKey,
-      amount: t.amount,
-      vaultProvider: t.vaultProvider,
-      status: t.status,
-      applicationEntryPoint: t.applicationEntryPoint,
-      createdAt: t.createdAt
-    };
-  }
-  async getVaultProtocolInfo(e) {
-    const t = await this.publicClient.readContract({
-      address: this.contractAddress,
-      abi: k,
-      functionName: "getBtcVaultProtocolInfo",
-      args: [e]
-    });
-    return {
-      depositorSignedPeginTx: t.depositorSignedPeginTx,
-      universalChallengersVersion: t.universalChallengersVersion,
-      appVaultKeepersVersion: t.appVaultKeepersVersion,
-      offchainParamsVersion: t.offchainParamsVersion,
-      verifiedAt: t.verifiedAt,
-      depositorWotsPkHash: t.depositorWotsPkHash,
-      hashlock: t.hashlock,
-      htlcVout: t.htlcVout,
-      depositorPopSignature: t.depositorPopSignature,
-      prePeginTxHash: t.prePeginTxHash,
-      vaultProviderCommissionBps: t.vaultProviderCommissionBps
-    };
-  }
-  async getVaultData(e) {
-    const [t, r] = await Promise.all([
-      this.getVaultBasicInfo(e),
-      this.getVaultProtocolInfo(e)
-    ]);
-    if (!r.depositorSignedPeginTx || r.depositorSignedPeginTx === "0x")
-      throw new Error(
-        `Vault ${e} not found on-chain or has no pegin transaction`
-      );
-    return { basic: t, protocol: r };
-  }
-}
-export {
-  g as S,
-  Ce as V,
-  s as a,
-  tt as b,
-  Ue as c,
-  Ge as d,
-  oe as e,
-  nt as f,
-  it as g,
-  ot as h,
-  at as i,
-  ct as j,
-  rt as p,
-  st as r,
-  xe as v
-};
-//# sourceMappingURL=vault-registry-reader-PsSxB0JZ.js.map