@babylonlabs-io/ts-sdk 0.34.0 → 0.36.0

package/dist/PeginManager-DF1oinIQ.js

@@ -0,0 +1,1172 @@
+var Wt = Object.defineProperty;
+var Lt = (n, t, e) => t in n ? Wt(n, t, { enumerable: !0, configurable: !0, writable: !0, value: e }) : n[t] = e;
+var y = (n, t, e) => Lt(n, typeof t != "symbol" ? t + "" : t, e);
+import { s as tt, c as Tt, H as Ft, r as U, a as F, b as st, u as Mt, d as ot, e as rt, f as it, g as Xt } from "./sha2-BYVxyZzX.js";
+import * as _t from "bitcoinjs-lib";
+import { Transaction as Kt, Psbt as at } from "bitcoinjs-lib";
+import { Buffer as q } from "buffer";
+import { isAddressEqual as ct, encodeFunctionData as lt, zeroAddress as Dt } from "viem";
+import { B as R } from "./BTCVaultRegistry.abi-DbJ5lsFJ.js";
+import { h as A } from "./errors-CznAK5NB.js";
+import { expandWotsSeed as zt, expandHashlockSecret as Gt, expandAuthAnchor as jt, deriveVaultId as ut } from "@babylonlabs-io/babylon-tbv-rust-wasm";
+import { b as ht, a as qt, c as Zt, e as Qt, f as Yt } from "./peginInput-C2QPvuhR.js";
+import { s as T, u as M, h as Z, e as I, p as Jt, g as dt, i as te } from "./bitcoin-B0S8SHCX.js";
+import { c as ee } from "./signing-DaLvGwQe.js";
+import { M as ft } from "./validation-CxqROCno.js";
+import { c as ne } from "./PayoutManager-s_uH8Uuj.js";
+import { s as se, c as K, d as oe, w as gt } from "./waitForTransactionReceiptSmartAware-Cj_DKm0G.js";
+import { p as re, f as ie } from "./fundPeginTransaction-oV-dNJOU.js";
+import { p as ae, f as ce } from "./mempoolApi-CAIge7Nj.js";
+const N = /* @__PURE__ */ BigInt(2 ** 32 - 1), pt = /* @__PURE__ */ BigInt(32);
+function le(n, t = !1) {
+  return t ? { h: Number(n & N), l: Number(n >> pt & N) } : { h: Number(n >> pt & N) | 0, l: Number(n & N) | 0 };
+}
+function ue(n, t = !1) {
+  const e = n.length;
+  let s = new Uint32Array(e), o = new Uint32Array(e);
+  for (let r = 0; r < e; r++) {
+    const { h: i, l: a } = le(n[r], t);
+    [s[r], o[r]] = [i, a];
+  }
+  return [s, o];
+}
+const he = (n, t, e) => n << e | t >>> 32 - e, de = (n, t, e) => t << e | n >>> 32 - e, fe = (n, t, e) => t << e - 32 | n >>> 64 - e, ge = (n, t, e) => n << e - 32 | t >>> 64 - e, pe = 106, me = 32, mt = 34;
+function we(n, t, e) {
+  const s = T(n), o = _t.Transaction.fromHex(s);
+  if (o.outs.length <= t)
+    throw new Error(
+      `Pre-PegIn auth-anchor OP_RETURN missing: tx has ${o.outs.length} outputs, expected at least ${t + 1} (vault outputs + OP_RETURN)`
+    );
+  const r = o.outs[t], i = r.script;
+  if (i.length !== mt || i[0] !== pe || i[1] !== me)
+    throw new Error(
+      `Pre-PegIn auth-anchor OP_RETURN at vout ${t} has unexpected script encoding (got ${i.length}-byte script with prefix 0x${i.slice(0, Math.min(2, i.length)).toString("hex")}; expected ${mt}-byte OP_RETURN + PUSH32 layout)`
+    );
+  const a = i.slice(2).toString("hex").toLowerCase();
+  if (a !== e.toLowerCase())
+    throw new Error(
+      `Pre-PegIn auth-anchor OP_RETURN payload mismatch at vout ${t}: tx pushes ${a}, expected ${e}`
+    );
+  if (r.value !== 0)
+    throw new Error(
+      `Pre-PegIn auth-anchor OP_RETURN at vout ${t} has non-zero value ${r.value}; OP_RETURN outputs must be 0-value`
+    );
+}
+const C = 32, D = 32, Q = 36, vt = 32, X = 4, Pe = X + C + X + vt;
+function Y(n, t, e) {
+  n[t] = e >>> 24 & 255, n[t + 1] = e >>> 16 & 255, n[t + 2] = e >>> 8 & 255, n[t + 3] = e & 255;
+}
+function be(n) {
+  if (n.txid.length !== D)
+    throw new Error(
+      `outpoint.txid must be exactly ${D} bytes, got ${n.txid.length}`
+    );
+  if (!Number.isInteger(n.vout) || n.vout < 0 || n.vout > 4294967295)
+    throw new Error(`outpoint.vout must be a u32, got ${n.vout}`);
+  const t = new Uint8Array(Q);
+  return t.set(n.txid, 0), Y(t, D, n.vout), t;
+}
+function wt(n, t) {
+  const e = Math.min(n.length, t.length);
+  for (let s = 0; s < e; s++)
+    if (n[s] !== t[s]) return n[s] - t[s];
+  return n.length - t.length;
+}
+function xe(n) {
+  if (n.length === 0)
+    throw new Error(
+      "buildFundingOutpointsCommitment: outpoints must be non-empty"
+    );
+  const t = n.map(be);
+  t.sort(wt);
+  for (let s = 1; s < t.length; s++)
+    if (wt(t[s - 1], t[s]) === 0)
+      throw new Error(
+        "buildFundingOutpointsCommitment: duplicate outpoint detected"
+      );
+  const e = new Uint8Array(t.length * Q);
+  for (let s = 0; s < t.length; s++)
+    e.set(t[s], s * Q);
+  return tt(e);
+}
+function ye(n) {
+  if (n.depositorBtcPubkey.length !== C)
+    throw new Error(
+      `vaultContext: depositorBtcPubkey must be exactly ${C} bytes, got ${n.depositorBtcPubkey.length}`
+    );
+  const t = xe(n.fundingOutpoints), e = new Uint8Array(Pe);
+  let s = 0;
+  return Y(e, s, C), s += X, e.set(n.depositorBtcPubkey, s), s += C, Y(e, s, vt), s += X, e.set(t, s), e;
+}
+const ke = "babylon-btc-vault", It = 32, Pt = It * 2, Ee = /^[0-9a-f]+$/;
+async function Te(n, t) {
+  const e = ye(t), s = M(e), o = await n.deriveContextHash(ke, s);
+  if (typeof o != "string")
+    throw new Error(
+      `deriveVaultRoot: wallet must return a string, got ${typeof o}`
+    );
+  if (o.length !== Pt)
+    throw new Error(
+      `deriveVaultRoot: wallet must return a ${Pt}-character hex string (${It} bytes), got length ${o.length}`
+    );
+  if (!Ee.test(o))
+    throw new Error(
+      "deriveVaultRoot: wallet must return lowercase hex per derive-context-hash.md §2.1; got value with non-lowercase or non-hex characters"
+    );
+  return Z(o);
+}
+const _e = /* @__PURE__ */ Uint8Array.from([
+  7,
+  4,
+  13,
+  1,
+  10,
+  6,
+  15,
+  3,
+  12,
+  0,
+  9,
+  5,
+  2,
+  14,
+  11,
+  8
+]), St = Uint8Array.from(new Array(16).fill(0).map((n, t) => t)), ve = St.map((n) => (9 * n + 5) % 16), Bt = /* @__PURE__ */ (() => {
+  const e = [[St], [ve]];
+  for (let s = 0; s < 4; s++)
+    for (let o of e)
+      o.push(o[s].map((r) => _e[r]));
+  return e;
+})(), At = Bt[0], Ot = Bt[1], Rt = /* @__PURE__ */ [
+  [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8],
+  [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7],
+  [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9],
+  [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6],
+  [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5]
+].map((n) => Uint8Array.from(n)), Ie = /* @__PURE__ */ At.map((n, t) => n.map((e) => Rt[t][e])), Se = /* @__PURE__ */ Ot.map((n, t) => n.map((e) => Rt[t][e])), Be = /* @__PURE__ */ Uint32Array.from([
+  0,
+  1518500249,
+  1859775393,
+  2400959708,
+  2840853838
+]), Ae = /* @__PURE__ */ Uint32Array.from([
+  1352829926,
+  1548603684,
+  1836072691,
+  2053994217,
+  0
+]);
+function bt(n, t, e, s) {
+  return n === 0 ? t ^ e ^ s : n === 1 ? t & e | ~t & s : n === 2 ? (t | ~e) ^ s : n === 3 ? t & s | e & ~s : t ^ (e | ~s);
+}
+const V = /* @__PURE__ */ new Uint32Array(16);
+class Oe extends Ft {
+  constructor() {
+    super(64, 20, 8, !0);
+    y(this, "h0", 1732584193);
+    y(this, "h1", -271733879);
+    y(this, "h2", -1732584194);
+    y(this, "h3", 271733878);
+    y(this, "h4", -1009589776);
+  }
+  get() {
+    const { h0: e, h1: s, h2: o, h3: r, h4: i } = this;
+    return [e, s, o, r, i];
+  }
+  set(e, s, o, r, i) {
+    this.h0 = e | 0, this.h1 = s | 0, this.h2 = o | 0, this.h3 = r | 0, this.h4 = i | 0;
+  }
+  process(e, s) {
+    for (let h = 0; h < 16; h++, s += 4)
+      V[h] = e.getUint32(s, !0);
+    let o = this.h0 | 0, r = o, i = this.h1 | 0, a = i, c = this.h2 | 0, u = c, l = this.h3 | 0, m = l, w = this.h4 | 0, P = w;
+    for (let h = 0; h < 5; h++) {
+      const g = 4 - h, E = Be[h], S = Ae[h], f = At[h], x = Ot[h], d = Ie[h], k = Se[h];
+      for (let b = 0; b < 16; b++) {
+        const p = U(o + bt(h, i, c, l) + V[f[b]] + E, d[b]) + w | 0;
+        o = w, w = l, l = U(c, 10) | 0, c = i, i = p;
+      }
+      for (let b = 0; b < 16; b++) {
+        const p = U(r + bt(g, a, u, m) + V[x[b]] + S, k[b]) + P | 0;
+        r = P, P = m, m = U(u, 10) | 0, u = a, a = p;
+      }
+    }
+    this.set(this.h1 + c + m | 0, this.h2 + l + P | 0, this.h3 + w + r | 0, this.h4 + o + a | 0, this.h0 + i + u | 0);
+  }
+  roundClean() {
+    F(V);
+  }
+  destroy() {
+    this.destroyed = !0, F(this.buffer), this.set(0, 0, 0, 0, 0);
+  }
+}
+const Re = /* @__PURE__ */ Tt(() => new Oe()), He = BigInt(0), H = BigInt(1), $e = BigInt(2), Ce = BigInt(7), Ue = BigInt(256), Ne = BigInt(113), Ht = [], $t = [], Ct = [];
+for (let n = 0, t = H, e = 1, s = 0; n < 24; n++) {
+  [e, s] = [s, (2 * e + 3 * s) % 5], Ht.push(2 * (5 * s + e)), $t.push((n + 1) * (n + 2) / 2 % 64);
+  let o = He;
+  for (let r = 0; r < 7; r++)
+    t = (t << H ^ (t >> Ce) * Ne) % Ue, t & $e && (o ^= H << (H << BigInt(r)) - H);
+  Ct.push(o);
+}
+const Ut = ue(Ct, !0), Ve = Ut[0], We = Ut[1], xt = (n, t, e) => e > 32 ? fe(n, t, e) : he(n, t, e), yt = (n, t, e) => e > 32 ? ge(n, t, e) : de(n, t, e);
+function Le(n, t = 24) {
+  const e = new Uint32Array(10);
+  for (let s = 24 - t; s < 24; s++) {
+    for (let i = 0; i < 10; i++)
+      e[i] = n[i] ^ n[i + 10] ^ n[i + 20] ^ n[i + 30] ^ n[i + 40];
+    for (let i = 0; i < 10; i += 2) {
+      const a = (i + 8) % 10, c = (i + 2) % 10, u = e[c], l = e[c + 1], m = xt(u, l, 1) ^ e[a], w = yt(u, l, 1) ^ e[a + 1];
+      for (let P = 0; P < 50; P += 10)
+        n[i + P] ^= m, n[i + P + 1] ^= w;
+    }
+    let o = n[2], r = n[3];
+    for (let i = 0; i < 24; i++) {
+      const a = $t[i], c = xt(o, r, a), u = yt(o, r, a), l = Ht[i];
+      o = n[l], r = n[l + 1], n[l] = c, n[l + 1] = u;
+    }
+    for (let i = 0; i < 50; i += 10) {
+      for (let a = 0; a < 10; a++)
+        e[a] = n[i + a];
+      for (let a = 0; a < 10; a++)
+        n[i + a] ^= ~e[(a + 2) % 10] & e[(a + 4) % 10];
+    }
+    n[0] ^= Ve[s], n[1] ^= We[s];
+  }
+  F(e);
+}
+class et {
+  // NOTE: we accept arguments in bytes instead of bits here.
+  constructor(t, e, s, o = !1, r = 24) {
+    y(this, "state");
+    y(this, "pos", 0);
+    y(this, "posOut", 0);
+    y(this, "finished", !1);
+    y(this, "state32");
+    y(this, "destroyed", !1);
+    y(this, "blockLen");
+    y(this, "suffix");
+    y(this, "outputLen");
+    y(this, "enableXOF", !1);
+    y(this, "rounds");
+    if (this.blockLen = t, this.suffix = e, this.outputLen = s, this.enableXOF = o, this.rounds = r, st(s, "outputLen"), !(0 < t && t < 200))
+      throw new Error("only keccak-f1600 function is supported");
+    this.state = new Uint8Array(200), this.state32 = Mt(this.state);
+  }
+  clone() {
+    return this._cloneInto();
+  }
+  keccak() {
+    ot(this.state32), Le(this.state32, this.rounds), ot(this.state32), this.posOut = 0, this.pos = 0;
+  }
+  update(t) {
+    rt(this), it(t);
+    const { blockLen: e, state: s } = this, o = t.length;
+    for (let r = 0; r < o; ) {
+      const i = Math.min(e - this.pos, o - r);
+      for (let a = 0; a < i; a++)
+        s[this.pos++] ^= t[r++];
+      this.pos === e && this.keccak();
+    }
+    return this;
+  }
+  finish() {
+    if (this.finished)
+      return;
+    this.finished = !0;
+    const { state: t, suffix: e, pos: s, blockLen: o } = this;
+    t[s] ^= e, (e & 128) !== 0 && s === o - 1 && this.keccak(), t[o - 1] ^= 128, this.keccak();
+  }
+  writeInto(t) {
+    rt(this, !1), it(t), this.finish();
+    const e = this.state, { blockLen: s } = this;
+    for (let o = 0, r = t.length; o < r; ) {
+      this.posOut >= s && this.keccak();
+      const i = Math.min(s - this.posOut, r - o);
+      t.set(e.subarray(this.posOut, this.posOut + i), o), this.posOut += i, o += i;
+    }
+    return t;
+  }
+  xofInto(t) {
+    if (!this.enableXOF)
+      throw new Error("XOF is not possible for this instance");
+    return this.writeInto(t);
+  }
+  xof(t) {
+    return st(t), this.xofInto(new Uint8Array(t));
+  }
+  digestInto(t) {
+    if (Xt(t, this), this.finished)
+      throw new Error("digest() was already called");
+    return this.writeInto(t), this.destroy(), t;
+  }
+  digest() {
+    return this.digestInto(new Uint8Array(this.outputLen));
+  }
+  destroy() {
+    this.destroyed = !0, F(this.state);
+  }
+  _cloneInto(t) {
+    const { blockLen: e, suffix: s, outputLen: o, rounds: r, enableXOF: i } = this;
+    return t || (t = new et(e, s, o, i, r)), t.state32.set(this.state32), t.pos = this.pos, t.posOut = this.posOut, t.finished = this.finished, t.rounds = r, t.suffix = s, t.outputLen = o, t.enableXOF = i, t.destroyed = this.destroyed, t;
+  }
+}
+const Fe = (n, t, e, s = {}) => Tt(() => new et(t, n, e), s), Me = /* @__PURE__ */ Fe(1, 136, 32), kt = 64, _ = 20, J = 4, Nt = 2, Xe = 0, Ke = 1, W = [64, 64], De = (n) => Array.from(n).map((t) => t.toString(16).padStart(2, "0")).join("");
+function nt(n) {
+  return Re(tt(n));
+}
+function Vt(n) {
+  return (1 << n) - 1;
+}
+function ze(n) {
+  let t = 1;
+  for (; t * t < n + 1; ) t++;
+  return Math.max(t, 2);
+}
+function Ge(n) {
+  const t = J, e = n * Vt(t);
+  return { d: t, n, checksum_radix: ze(e) };
+}
+function z(n, t) {
+  const e = [];
+  let s = t;
+  for (; s > 0; )
+    e.push(s & 255), s >>>= 8;
+  const o = new Uint8Array(n.length + e.length);
+  o.set(n);
+  for (let r = 0; r < e.length; r++)
+    o[n.length + r] = e[r];
+  return nt(o);
+}
+function G(n, t) {
+  let e = n;
+  for (let s = 0; s < t; s++)
+    e = nt(e);
+  return e;
+}
+function je(n, t) {
+  const e = Vt(t.d), s = t.checksum_radix - 1, o = Math.floor(t.n * e / t.checksum_radix), r = [];
+  for (let l = 0; l < t.n; l++) {
+    const m = z(n, l + Nt), w = G(m, e);
+    r.push(Array.from(w));
+  }
+  const i = z(
+    n,
+    Xe
+  ), a = G(
+    i,
+    s
+  ), c = z(
+    n,
+    Ke
+  ), u = G(
+    c,
+    o
+  );
+  return {
+    config: t,
+    message_terminals: r,
+    checksum_major_terminal: Array.from(u),
+    checksum_minor_terminal: Array.from(a)
+  };
+}
+async function qe(n) {
+  try {
+    if (n.length !== kt)
+      throw new Error(
+        `WOTS seed must be exactly ${kt} bytes, got ${n.length}`
+      );
+    const t = [];
+    for (let e = 0; e < W.length; e++) {
+      const s = W[e], o = Ge(s), r = new Uint8Array(n.length + 1);
+      r.set(n), r[n.length] = e;
+      const i = nt(r);
+      try {
+        const a = je(i, o);
+        if (a.config.d !== J)
+          throw new Error(
+            `Block ${e}: expected d=${J}, got d=${a.config.d}`
+          );
+        if (a.config.n !== s)
+          throw new Error(
+            `Block ${e}: expected n=${s}, got n=${a.config.n}`
+          );
+        if (a.message_terminals.length !== s)
+          throw new Error(
+            `Block ${e}: expected ${s} message terminals, got ${a.message_terminals.length}`
+          );
+        for (let c = 0; c < a.message_terminals.length; c++)
+          if (a.message_terminals[c].length !== _)
+            throw new Error(
+              `Block ${e} terminal ${c}: expected ${_} bytes, got ${a.message_terminals[c].length}`
+            );
+        if (a.checksum_minor_terminal.length !== _)
+          throw new Error(
+            `Block ${e} checksum_minor: expected ${_} bytes`
+          );
+        if (a.checksum_major_terminal.length !== _)
+          throw new Error(
+            `Block ${e} checksum_major: expected ${_} bytes`
+          );
+        t.push(a);
+      } finally {
+        r.fill(0), i.fill(0);
+      }
+    }
+    if (t.length !== W.length)
+      throw new Error(
+        `Expected ${W.length} blocks, got ${t.length}`
+      );
+    return t;
+  } finally {
+    n.fill(0);
+  }
+}
+function j(n, t, e) {
+  if (n.length !== _)
+    throw new Error(
+      `Block ${t} ${e}: expected ${_} bytes, got ${n.length}`
+    );
+  for (let s = 0; s < n.length; s++) {
+    const o = n[s];
+    if (!Number.isInteger(o) || o < 0 || o > 255)
+      throw new Error(
+        `Block ${t} ${e}[${s}]: invalid byte value ${o}`
+      );
+  }
+}
+function Ze(n) {
+  if (n.length === 0)
+    throw new Error("Public keys array must not be empty");
+  for (let r = 0; r < n.length; r++) {
+    const i = n[r];
+    j(i.checksum_minor_terminal, r, "checksum_minor_terminal"), j(i.checksum_major_terminal, r, "checksum_major_terminal");
+    for (let a = 0; a < i.message_terminals.length; a++)
+      j(i.message_terminals[a], r, `message_terminal[${a}]`);
+  }
+  let t = 0;
+  for (const r of n)
+    t += Nt + r.message_terminals.length;
+  const e = new Uint8Array(t * _);
+  let s = 0;
+  for (const r of n) {
+    e.set(r.checksum_minor_terminal, s), s += _, e.set(r.checksum_major_terminal, s), s += _;
+    for (const i of r.message_terminals)
+      e.set(i, s), s += _;
+  }
+  const o = Me(e);
+  return `0x${De(o)}`;
+}
+async function Qe(n, t) {
+  const e = [], s = [], o = [], r = [];
+  try {
+    for (let i = 0; i < t; i++) {
+      const a = await zt(n, i);
+      try {
+        const u = await qe(a);
+        e.push(u), s.push(Ze(u));
+      } finally {
+        a.fill(0);
+      }
+      const c = await Gt(n, i);
+      try {
+        const u = M(c);
+        o.push(u), r.push(ne(I(u)).slice(2));
+      } finally {
+        c.fill(0);
+      }
+    }
+  } finally {
+    n.fill(0);
+  }
+  return { perVaultWotsKeys: e, wotsPkHashes: s, htlcSecretHexes: o, hashlocks: r };
+}
+const Ye = /^0x[0-9a-f]+$/i, Je = /^[0-9a-f]+$/i, tn = /^[A-Za-z0-9+/]+={0,2}$/;
+function $(n) {
+  if (typeof n != "string" || n.length === 0)
+    throw new Error("BTC wallet returned empty public key");
+  return Jt(n).toLowerCase();
+}
+function en(n) {
+  if (typeof n != "string" || n.length === 0)
+    throw new Error("BTC wallet returned empty BIP-322 signature");
+  if (n.startsWith("0x") || n.startsWith("0X")) {
+    if (!Ye.test(n) || n.length < 4 || n.length % 2 !== 0)
+      throw new Error("BTC wallet returned malformed hex BIP-322 signature");
+    return n.toLowerCase();
+  }
+  if (Je.test(n)) {
+    if (n.length % 2 !== 0)
+      throw new Error("BTC wallet returned malformed hex BIP-322 signature");
+    return `0x${n.toLowerCase()}`;
+  }
+  if (!tn.test(n) || n.length % 4 !== 0)
+    throw new Error("BTC wallet returned malformed base64 BIP-322 signature");
+  const t = q.from(n, "base64");
+  if (t.length === 0 || t.toString("base64") !== n)
+    throw new Error("BTC wallet returned malformed base64 BIP-322 signature");
+  return `0x${t.toString("hex")}`;
+}
+async function nn(n, t, e) {
+  if (typeof n.signPsbts == "function") {
+    const o = await n.signPsbts(t, e);
+    if (o.length !== t.length)
+      throw new Error(
+        `Expected ${t.length} signed PSBTs but received ${o.length}`
+      );
+    return o;
+  }
+  const s = [];
+  for (let o = 0; o < t.length; o++) {
+    const r = await n.signPsbt(t[o], e[o]);
+    s.push(r);
+  }
+  return s;
+}
+const sn = 0, L = "00".repeat(32);
+function on(n, t, e, s) {
+  const o = e == null ? void 0 : e[`${n}:${t}`];
+  return o ? Promise.resolve({
+    txid: n,
+    vout: t,
+    value: o.value,
+    scriptPubKey: o.scriptPubKey
+  }) : ce(n, t, s);
+}
+const Et = 12e4;
+class kn {
+  /**
+   * Creates a new PeginManager instance.
+   *
+   * @param config - Manager configuration including wallets and contract addresses
+   */
+  constructor(t) {
+    y(this, "config");
+    this.config = t;
+  }
+  /**
+   * Prepare a peg-in: sizing pass → vault-root derivation (one wallet
+   * popup) → per-vault WOTS / hashlock derivation → commit pass with
+   * batch PSBT signing (one popup). Returns broadcast-ready txs, the
+   * pubkey snapshot, and the sensitive derived material.
+   *
+   * @throws If the wallet rejects, insufficient funds, or an internal
+   *         invariant violation.
+   */
+  async preparePegin(t) {
+    if (t.amounts.length === 0)
+      throw new Error("amounts must contain at least one entry");
+    const e = await this.config.btcWallet.getPublicKeyHex(), s = $(e), o = await this.prepareSizing(s, t), r = o.selectedUTXOs.map(
+      (g) => ({
+        txid: Z(g.txid),
+        vout: g.vout
+      })
+    ), i = await Te(this.config.btcWallet, {
+      depositorBtcPubkey: Z(s),
+      fundingOutpoints: r
+    });
+    let a, c;
+    try {
+      const g = await jt(i);
+      try {
+        a = M(g), c = M(tt(g));
+      } finally {
+        g.fill(0);
+      }
+    } catch (g) {
+      throw i.fill(0), g;
+    }
+    const u = await Qe(i, t.amounts.length), { perVaultWotsKeys: l, wotsPkHashes: m, htlcSecretHexes: w, hashlocks: P } = u, h = await this.preparePeginCommit({
+      depositorBtcPubkeyRaw: e,
+      depositorBtcPubkey: s,
+      hashlocks: P,
+      authAnchorHash: c,
+      sizing: o,
+      params: t
+    });
+    for (let g = 0; g < h.perVault.length; g++)
+      if (h.perVault[g].htlcVout !== g)
+        throw new Error(
+          `Internal invariant violation: htlcVout/index mismatch at vault ${g} (expected ${g}, got ${h.perVault[g].htlcVout})`
+        );
+    return we(
+      h.fundedPrePeginTxHex,
+      t.amounts.length,
+      c
+    ), {
+      transaction: {
+        ...h,
+        selectedUTXOs: o.selectedUTXOs,
+        fee: o.fee,
+        changeAmount: o.changeAmount
+      },
+      depositorBtcPubkey: s,
+      derivedSecrets: {
+        perVaultWotsKeys: l,
+        wotsPkHashes: m,
+        htlcSecretHexes: w,
+        authAnchorHex: a
+      }
+    };
+  }
+  /**
+   * Build unfunded Pre-PegIn + select UTXOs. No PSBT signing.
+   *
+   * Returns the full selection result (UTXOs, fee, changeAmount) so the
+   * commit pass funds the broadcast tx with the exact same set used to
+   * build the vault-context funding-outpoints commitment. Re-running
+   * `selectUtxosForPegin` in the commit pass would be deterministic given
+   * the same inputs, but threading the result through guarantees the
+   * domain separator structurally matches the funded tx inputs.
+   *
+   * Sizing runs before the wallet popup, so neither the real per-vault
+   * hashlocks nor the real `authAnchorHash` are known yet. Both slots
+   * are filled with a 32-byte placeholder; the commit pass swaps in the
+   * real values. Output budget is identical (32-byte push regardless of
+   * content), so UTXO selection is invariant under substitution.
+   */
+  async prepareSizing(t, e) {
+    const s = e.amounts.map(
+      () => L
+    ), o = e.vaultKeeperBtcPubkeys.length, r = await ht({
+      depositorPubkey: t,
+      vaultProviderPubkey: T(e.vaultProviderBtcPubkey),
+      vaultKeeperPubkeys: e.vaultKeeperBtcPubkeys.map(T),
+      universalChallengerPubkeys: e.universalChallengerBtcPubkeys.map(T),
+      hashlocks: s,
+      timelockRefund: e.timelockRefund,
+      pegInAmounts: e.amounts,
+      feeRate: e.protocolFeeRate,
+      numLocalChallengers: o,
+      councilQuorum: e.councilQuorum,
+      councilSize: e.councilSize,
+      network: this.config.btcNetwork,
+      authAnchorHash: L
+    }), i = se(
+      [...e.availableUTXOs],
+      r.totalOutputValue,
+      e.mempoolFeeRate,
+      re(
+        r.htlcValues.length,
+        L
+      )
+    );
+    return {
+      selectedUTXOs: i.selectedUTXOs,
+      fee: i.fee,
+      changeAmount: i.changeAmount
+    };
+  }
+  /** Build PegIn txs and batch-sign their inputs with real hashlocks. */
+  async preparePeginCommit(t) {
+    const {
+      depositorBtcPubkeyRaw: e,
+      depositorBtcPubkey: s,
+      hashlocks: o,
+      authAnchorHash: r,
+      sizing: i,
+      params: a
+    } = t, c = L.toLowerCase();
+    for (let p = 0; p < o.length; p++)
+      if (o[p].toLowerCase() === c)
+        throw new Error(
+          `preparePeginCommit refusing to build with sizing-pass placeholder hashlock at vault ${p} — internal substitution bug`
+        );
+    if (r.toLowerCase() === c)
+      throw new Error(
+        "preparePeginCommit refusing to build with sizing-pass placeholder auth-anchor hash — internal substitution bug"
+      );
+    const u = T(a.vaultProviderBtcPubkey), l = a.vaultKeeperBtcPubkeys.map(T), m = a.universalChallengerBtcPubkeys.map(T), w = l.length, P = {
+      depositorPubkey: s,
+      vaultProviderPubkey: u,
+      vaultKeeperPubkeys: l,
+      universalChallengerPubkeys: m,
+      hashlocks: o,
+      timelockRefund: a.timelockRefund,
+      pegInAmounts: a.amounts,
+      feeRate: a.protocolFeeRate,
+      numLocalChallengers: w,
+      councilQuorum: a.councilQuorum,
+      councilSize: a.councilSize,
+      network: this.config.btcNetwork,
+      authAnchorHash: r
+    }, h = await ht(P), g = dt(this.config.btcNetwork), E = ie({
+      unfundedTxHex: h.psbtHex,
+      selectedUTXOs: i.selectedUTXOs,
+      changeAddress: a.changeAddress,
+      changeAmount: i.changeAmount,
+      network: g
+    }), S = T(K(E)), f = [], x = [], d = [];
+    for (let p = 0; p < o.length; p++) {
+      const v = await qt({
+        prePeginParams: P,
+        timelockPegin: a.timelockPegin,
+        fundedPrePeginTxHex: E,
+        htlcVout: p
+      }), B = await Zt({
+        peginTxHex: v.txHex,
+        fundedPrePeginTxHex: E,
+        depositorPubkey: s,
+        vaultProviderPubkey: u,
+        vaultKeeperPubkeys: l,
+        universalChallengerPubkeys: m,
+        hashlock: o[p],
+        timelockRefund: a.timelockRefund,
+        network: this.config.btcNetwork
+      });
+      f.push(v), x.push(B.psbtHex), d.push(
+        ee(e, 1)
+      );
+    }
+    const k = await nn(
+      this.config.btcWallet,
+      x,
+      d
+    ), b = [];
+    for (let p = 0; p < k.length; p++) {
+      const v = Qt(
+        k[p],
+        s
+      ), B = Yt(k[p]);
+      b.push({
+        htlcVout: p,
+        htlcValue: h.htlcValues[p],
+        peginTxHex: B,
+        peginTxid: f[p].txid,
+        peginInputSignature: v,
+        vaultScriptPubKey: f[p].vaultScriptPubKey
+      });
+    }
+    return {
+      fundedPrePeginTxHex: E,
+      prePeginTxid: S,
+      perVault: b
+    };
+  }
+  /**
+   * Signs and broadcasts a funded peg-in transaction to the Bitcoin network.
+   *
+   * This method:
+   * 1. Parses the funded transaction hex
+   * 2. Fetches UTXO data from mempool for each input
+   * 3. Creates a PSBT with proper witnessUtxo/tapInternalKey
+   * 4. Signs via btcWallet.signPsbt()
+   * 5. Finalizes and extracts the transaction
+   * 6. Broadcasts via mempool API
+   *
+   * @param params - Transaction hex and depositor public key
+   * @returns The broadcasted Bitcoin transaction ID
+   * @throws Error if signing or broadcasting fails
+   */
+  async signAndBroadcast(t) {
+    const { fundedPrePeginTxHex: e, depositorBtcPubkey: s } = t, o = e.startsWith("0x") ? e.slice(2) : e, r = Kt.fromHex(o);
+    if (r.ins.length === 0)
+      throw new Error("Transaction has no inputs");
+    const i = new at();
+    i.setVersion(r.version), i.setLocktime(r.locktime);
+    const a = q.from(
+      $(s),
+      "hex"
+    ), c = this.config.mempoolApiUrl, u = r.ins.map((f) => {
+      const x = q.from(f.hash).reverse().toString("hex"), d = f.index;
+      return on(x, d, t.localPrevouts, c).then(
+        (k) => ({ input: f, utxoData: k, txid: x, vout: d })
+      );
+    }), l = await Promise.all(u), m = l.reduce(
+      (f, x) => f + BigInt(x.utxoData.value),
+      0n
+    ), w = r.outs.reduce(
+      (f, x) => f + BigInt(x.value),
+      0n
+    );
+    if (m < w)
+      throw new Error(
+        `UTXO value mismatch: total input value (${m} sat) is less than total output value (${w} sat). This may indicate the mempool API returned manipulated UTXO data.`
+      );
+    const P = m - w;
+    if (P > ft)
+      throw new Error(
+        `Implied transaction fee (${P} sat) exceeds maximum reasonable fee (${ft} sat). This may indicate manipulated UTXO data.`
+      );
+    for (const { input: f, utxoData: x, txid: d, vout: k } of l) {
+      const b = oe(
+        {
+          value: x.value,
+          scriptPubKey: x.scriptPubKey
+        },
+        a
+      );
+      i.addInput({
+        hash: f.hash,
+        index: f.index,
+        sequence: f.sequence,
+        ...b
+      });
+    }
+    for (const f of r.outs)
+      i.addOutput({
+        script: f.script,
+        value: f.value
+      });
+    const h = await this.config.btcWallet.signPsbt(i.toHex()), g = at.fromHex(h);
+    try {
+      g.finalizeAllInputs();
+    } catch (f) {
+      if (!g.data.inputs.every(
+        (d) => d.finalScriptWitness || d.finalScriptSig
+      ))
+        throw new Error(
+          `PSBT finalization failed and wallet did not auto-finalize: ${f}`
+        );
+    }
+    const E = g.extractTransaction().toHex();
+    return await ae(E, c);
+  }
+  /**
+   * Registers a peg-in on Ethereum by calling the BTCVaultRegistry contract.
+   *
+   * This method:
+   * 1. Re-verifies the PopSignature against the currently connected ETH
+   *    and BTC wallets — refuses to proceed if either has changed
+   * 2. Derives vault ID and checks if it already exists (pre-flight)
+   * 3. Encodes the contract call using viem
+   * 4. Estimates gas (catches contract errors early with proper revert
+   *    reasons)
+   * 5. Sends transaction with pre-estimated gas via
+   *    ethWallet.sendTransaction()
+   *
+   * The PopSignature must be obtained via
+   * {@link signProofOfPossession} before this call.
+   *
+   * @param params - Registration parameters including the PopSignature
+   *                 and the prepared Pre-PegIn / PegIn transactions
+   * @returns Result containing Ethereum transaction hash and vault ID
+   * @throws Error if the PopSignature does not match the connected wallets
+   * @throws Error if the vault already exists
+   * @throws Error if contract simulation fails (e.g., invalid signature,
+   *         unauthorized)
+   */
+  async registerPeginOnChain(t) {
+    const {
+      unsignedPrePeginTx: e,
+      depositorSignedPeginTx: s,
+      vaultProvider: o,
+      hashlock: r,
+      htlcVout: i,
+      depositorPayoutBtcAddress: a,
+      depositorWotsPkHash: c,
+      popSignature: u
+    } = t;
+    if (!this.config.ethWallet.account)
+      throw new Error("Ethereum wallet account not found");
+    const l = this.config.ethWallet.account.address;
+    if (!ct(u.depositorEthAddress, l))
+      throw new Error(
+        `Proof of possession was signed for ${u.depositorEthAddress} but the Ethereum wallet is currently connected to ${l}. Reconnect the original account or call signProofOfPossession() again.`
+      );
+    await this.assertPopMatchesBtcWallet(u);
+    const m = u.btcPopSignature, w = I(u.depositorBtcPubkey), P = I(e), h = I(s), g = await this.resolvePayoutScriptPubKey(
+      a
+    ), E = K(h), S = await ut(
+      T(E),
+      T(l)
+    ), f = I(S);
+    if (await this.checkVaultExists(f))
+      throw new Error(
+        `Vault already exists (ID: ${f}, peginTxHash: ${E}). Vault IDs are derived from the pegin transaction hash and depositor address. To create a new vault, use different UTXOs or a different amount to generate a unique transaction.`
+      );
+    const d = this.config.publicClient;
+    let k;
+    try {
+      k = await d.readContract({
+        address: this.config.vaultContracts.btcVaultRegistry,
+        abi: R,
+        functionName: "getPegInFee",
+        args: [o]
+      });
+    } catch (O) {
+      throw new Error(
+        "Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",
+        { cause: O }
+      );
+    }
+    const b = lt({
+      abi: R,
+      functionName: "submitPeginRequest",
+      args: [
+        l,
+        w,
+        m,
+        P,
+        h,
+        o,
+        r,
+        i,
+        g,
+        c
+      ]
+    });
+    let p;
+    try {
+      p = await d.estimateGas({
+        to: this.config.vaultContracts.btcVaultRegistry,
+        data: b,
+        value: k,
+        account: this.config.ethWallet.account.address
+      });
+    } catch (O) {
+      A(O);
+    }
+    let v;
+    try {
+      v = await this.config.ethWallet.sendTransaction({
+        to: this.config.vaultContracts.btcVaultRegistry,
+        data: b,
+        value: k,
+        account: this.config.ethWallet.account,
+        chain: this.config.ethChain,
+        gas: p
+      });
+    } catch (O) {
+      A(O);
+    }
+    const B = await gt({
+      publicClient: d,
+      walletAddress: this.config.ethWallet.account.address,
+      hash: v,
+      timeout: Et
+    });
+    return B.status === "reverted" && A(
+      new Error(
+        `Transaction reverted. Hash: ${B.transactionHash}. Check the transaction on block explorer for details.`
+      )
+    ), {
+      ethTxHash: B.transactionHash,
+      vaultId: f,
+      peginTxHash: E
+    };
+  }
+  /**
+   * Register multiple pegins on Ethereum in a single transaction.
+   *
+   * Uses the contract's submitPeginRequestBatch() to submit all vault
+   * registrations atomically. All vaults must share the same vault provider.
+   * The PoP signature is signed once and included in each request.
+   *
+   * @param params - Batch registration parameters
+   * @returns Batch result with per-vault IDs and single ETH tx hash
+   */
+  async registerPeginBatchOnChain(t) {
+    const { vaultProvider: e, unsignedPrePeginTx: s, requests: o, popSignature: r } = t;
+    if (o.length === 0)
+      throw new Error("Batch pegin requires at least one request");
+    if (!this.config.ethWallet.account)
+      throw new Error("Ethereum wallet account not found");
+    const i = this.config.ethWallet.account.address;
+    if (!ct(r.depositorEthAddress, i))
+      throw new Error(
+        `Proof of possession was signed for ${r.depositorEthAddress} but the Ethereum wallet is currently connected to ${i}. Reconnect the original account or call signProofOfPossession() again.`
+      );
+    await this.assertPopMatchesBtcWallet(r);
+    const a = r.btcPopSignature, c = [];
+    for (const d of o)
+      c.push(
+        await this.resolvePayoutScriptPubKey(d.depositorPayoutBtcAddress)
+      );
+    const u = [];
+    for (const d of o) {
+      const k = I(
+        d.depositorSignedPeginTx
+      ), b = K(k), p = await ut(
+        T(b),
+        T(i)
+      ), v = I(p);
+      if (await this.checkVaultExists(v))
+        throw new Error(
+          `Vault already exists (ID: ${v}, peginTxHash: ${b}). To create a new vault, use different UTXOs or a different amount.`
+        );
+      u.push({ vaultId: v, peginTxHash: b });
+    }
+    const l = this.config.publicClient;
+    let m;
+    try {
+      m = await l.readContract({
+        address: this.config.vaultContracts.btcVaultRegistry,
+        abi: R,
+        functionName: "getPegInFee",
+        args: [e]
+      });
+    } catch (d) {
+      throw new Error(
+        "Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",
+        { cause: d }
+      );
+    }
+    const w = m * BigInt(o.length), P = I(
+      r.depositorBtcPubkey
+    ), h = I(s), g = o.map((d, k) => ({
+      depositorBtcPubKey: P,
+      btcPopSignature: a,
+      unsignedPrePeginTx: h,
+      depositorSignedPeginTx: I(
+        d.depositorSignedPeginTx
+      ),
+      hashlock: d.hashlock,
+      htlcVout: d.htlcVout,
+      referralCode: sn,
+      depositorPayoutBtcAddress: c[k],
+      depositorWotsPkHash: d.depositorWotsPkHash
+    })), E = lt({
+      abi: R,
+      functionName: "submitPeginRequestBatch",
+      args: [i, e, g]
+    });
+    let S;
+    try {
+      S = await l.estimateGas({
+        to: this.config.vaultContracts.btcVaultRegistry,
+        data: E,
+        value: w,
+        account: this.config.ethWallet.account.address
+      });
+    } catch (d) {
+      A(d);
+    }
+    let f;
+    try {
+      f = await this.config.ethWallet.sendTransaction({
+        to: this.config.vaultContracts.btcVaultRegistry,
+        data: E,
+        value: w,
+        account: this.config.ethWallet.account,
+        chain: this.config.ethChain,
+        gas: S
+      });
+    } catch (d) {
+      A(d);
+    }
+    const x = await gt({
+      publicClient: l,
+      walletAddress: this.config.ethWallet.account.address,
+      hash: f,
+      timeout: Et
+    });
+    return x.status === "reverted" && A(
+      new Error(
+        `Batch transaction reverted. Hash: ${x.transactionHash}. Check the transaction on block explorer for details.`
+      )
+    ), {
+      ethTxHash: x.transactionHash,
+      vaults: u
+    };
+  }
+  /**
+   * Check if a vault already exists for a given vault ID.
+   *
+   * The contract returns a default struct (with `depositor === zeroAddress`)
+   * when no vault is registered, so existence is signalled in the response,
+   * not via a thrown error. RPC/network failures are propagated rather than
+   * silently treated as "vault doesn't exist", which would otherwise let
+   * downstream calls run with stale assumptions.
+   *
+   * @param vaultId - The Bitcoin transaction hash (vault ID)
+   * @returns True if vault exists, false otherwise
+   * @throws If the underlying RPC read fails
+   */
+  async checkVaultExists(t) {
+    return (await this.config.publicClient.readContract({
+      address: this.config.vaultContracts.btcVaultRegistry,
+      abi: R,
+      functionName: "getBtcVaultBasicInfo",
+      args: [t]
+    })).depositor !== Dt;
+  }
+  /**
+   * Resolve the BTC payout address to a scriptPubKey hex for the contract.
+   *
+   * If a payout address is provided, converts it directly.
+   * If omitted, uses the wallet's address and validates it against the
+   * wallet's public key to guard against a compromised wallet provider.
+   */
+  async resolvePayoutScriptPubKey(t) {
+    let e;
+    if (t)
+      e = t;
+    else {
+      e = await this.config.btcWallet.getAddress();
+      const o = await this.config.btcWallet.getPublicKeyHex();
+      if (!te(
+        e,
+        o,
+        this.config.btcNetwork
+      ))
+        throw new Error(
+          "The BTC address from your wallet does not match the wallet's public key. Please ensure your wallet is using a supported address type (Taproot or Native SegWit)."
+        );
+    }
+    const s = dt(this.config.btcNetwork);
+    try {
+      return `0x${_t.address.toOutputScript(e, s).toString("hex")}`;
+    } catch {
+      throw new Error(
+        `Invalid BTC payout address: "${e}". Please provide a valid Bitcoin address for the ${this.config.btcNetwork} network.`
+      );
+    }
+  }
+  /**
+   * Sign a BIP-322 BTC Proof-of-Possession binding the connected BTC
+   * wallet to the connected ETH account for this chain and vault
+   * registry. The returned {@link PopSignature} can be reused across
+   * every register call in the same session.
+   */
+  async signProofOfPossession() {
+    if (!this.config.ethWallet.account)
+      throw new Error("Ethereum wallet account not found");
+    const t = this.config.ethWallet.account.address, e = $(
+      await this.config.btcWallet.getPublicKeyHex()
+    ), s = this.config.vaultContracts.btcVaultRegistry, o = `${t.toLowerCase()}:${this.config.ethChain.id}:pegin:${s.toLowerCase()}`, r = await this.config.btcWallet.signMessage(
+      o,
+      "bip322-simple"
+    );
+    return {
+      btcPopSignature: en(r),
+      depositorEthAddress: t,
+      depositorBtcPubkey: e
+    };
+  }
+  async assertPopMatchesBtcWallet(t) {
+    const e = $(
+      await this.config.btcWallet.getPublicKeyHex()
+    ), s = $(t.depositorBtcPubkey);
+    if (e !== s)
+      throw new Error(
+        `Proof of possession was signed with BTC pubkey ${s} but the BTC wallet is currently connected to ${e}. Reconnect the original wallet or call signProofOfPossession() again.`
+      );
+  }
+  /**
+   * Gets the configured Bitcoin network.
+   *
+   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)
+   */
+  getNetwork() {
+    return this.config.btcNetwork;
+  }
+  /**
+   * Gets the configured BTCVaultRegistry contract address.
+   *
+   * @returns The Ethereum address of the BTCVaultRegistry contract
+   */
+  getVaultContractAddress() {
+    return this.config.vaultContracts.btcVaultRegistry;
+  }
+}
+export {
+  kn as P,
+  ke as V,
+  ye as a,
+  xe as b,
+  Ze as c,
+  qe as d,
+  Te as e
+};
+//# sourceMappingURL=PeginManager-DF1oinIQ.js.map