npm - @babylonlabs-io/ts-sdk - Versions diffs - 0.36.2 → 0.37.1 - Mend

@babylonlabs-io/ts-sdk 0.36.2 → 0.37.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

package/dist/payout-BNFMBXS6.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"payout-BNFMBXS6.js","sources":["../src/tbv/core/primitives/scripts/payout.ts","../src/tbv/core/primitives/psbt/payout.ts"],"sourcesContent":["/**\n * Payout Script Generator Primitive\n *\n * This module provides pure functions for generating payout scripts and taproot information\n * by wrapping the WASM implementation from @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * The payout script is used for signing payout transactions in the vault system.\n * It defines the spending conditions for the vault output, enabling the depositor\n * to authorize payouts during the peg-in flow (Step 3).\n *\n * @remarks\n * This is a low-level primitive. For most use cases, prefer using {@link buildPayoutPsbt}\n * which handles script creation internally. For high-level wallet orchestration, use\n * PayoutManager from the managers module.\n *\n * @see {@link buildPayoutPsbt} - Higher-level function that uses this internally\n *\n * @module primitives/scripts/payout\n */\n\nimport {\n createPayoutConnector,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\n/**\n * Parameters for creating a payout script.\n *\n * These parameters define the participants in a vault and are used to generate\n * the taproot script that controls how funds can be spent from the vault.\n */\nexport interface PayoutScriptParams {\n /**\n * Depositor's BTC public key (x-only, 64-char hex without 0x prefix).\n *\n * This is the user depositing BTC into the vault. The depositor must sign\n * payout transactions to authorize fund distribution.\n */\n depositor: string;\n\n /**\n * Vault provider's BTC public key (x-only, 64-char hex without 0x prefix).\n *\n * The service provider managing vault operations. Also referred to as\n * \"claimer\" in the WASM layer.\n */\n vaultProvider: string;\n\n /**\n * Array of vault keeper BTC public keys (x-only, 64-char hex without 0x prefix).\n *\n * Vault keepers participate in vault operations and script spending conditions.\n */\n vaultKeepers: string[];\n\n /**\n * Array of universal challenger BTC public keys (x-only, 64-char hex without 0x prefix).\n *\n * These parties can challenge the vault under certain conditions.\n */\n universalChallengers: string[];\n\n /**\n * CSV timelock in blocks for the PegIn output.\n */\n timelockPegin: number;\n\n /**\n * Bitcoin network for script generation.\n *\n * Must match the network used for all other vault operations to ensure\n * address encoding compatibility.\n */\n network: Network;\n}\n\n/**\n * Result of creating a payout script.\n *\n * Contains all the taproot-related data needed for constructing and signing\n * payout transactions from the vault.\n */\nexport interface PayoutScriptResult {\n /**\n * The payout script hex used in taproot script path spending.\n *\n * This is the raw script bytes that define the spending conditions,\n * encoded as a hexadecimal string. Used when constructing the\n * tapLeafScript for PSBT signing.\n */\n payoutScript: string;\n\n /**\n * The taproot script hash (leaf hash) for the payout script.\n *\n * This is the tagged hash of the script used in taproot tree construction.\n * Required for computing the control block during script path spending.\n */\n taprootScriptHash: string;\n\n /**\n * The full scriptPubKey for the vault output address.\n *\n * This is the complete output script (OP_1 <32-byte-key>) that should be\n * used when creating the vault output in a peg-in transaction.\n */\n scriptPubKey: string;\n\n /**\n * The vault Bitcoin address derived from the script.\n *\n * A human-readable bech32m address (bc1p... for mainnet, tb1p... for testnet/signet)\n * that can be used to receive funds into the vault.\n */\n address: string;\n\n /**\n * Serialized control block for Taproot script path spend (hex encoded).\n *\n * Computed by the Rust WASM PeginPayoutConnector. Used directly in\n * tapLeafScript when building payout PSBTs.\n */\n payoutControlBlock: string;\n}\n\n/**\n * Create payout script and taproot information using WASM.\n *\n * This is a pure function that wraps the Rust WASM implementation.\n * The payout connector generates the necessary taproot scripts and information\n * required for signing payout transactions.\n *\n * @remarks\n * The generated script encodes spending conditions that require signatures from\n * the depositor and vault provider (or liquidators in challenge scenarios).\n * This script is used internally by {@link buildPayoutPsbt}.\n *\n * @param params - Payout script parameters defining vault participants and network\n * @returns Payout script and taproot information for PSBT construction\n *\n * @see {@link buildPayoutPsbt} - Use this for building complete payout PSBTs\n */\nexport async function createPayoutScript(\n params: PayoutScriptParams,\n): Promise<PayoutScriptResult> {\n // Call the WASM wrapper with the correct parameter structure\n const connector = await createPayoutConnector(\n {\n depositor: params.depositor,\n vaultProvider: params.vaultProvider,\n vaultKeepers: params.vaultKeepers,\n universalChallengers: params.universalChallengers,\n timelockPegin: params.timelockPegin,\n },\n params.network,\n );\n\n return {\n payoutScript: connector.payoutScript,\n taprootScriptHash: connector.taprootScriptHash,\n scriptPubKey: connector.scriptPubKey,\n address: connector.address,\n payoutControlBlock: connector.payoutControlBlock,\n };\n}\n","/**\n * Payout PSBT Builder Primitives\n *\n * This module provides pure functions for building unsigned payout PSBTs and extracting\n * Schnorr signatures from signed PSBTs. It uses WASM-generated scripts from the payout\n * connector and bitcoinjs-lib for PSBT construction.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @module primitives/psbt/payout\n */\n\nimport {\n type Network,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { createPayoutScript } from \"../scripts/payout\";\nimport {\n TAPSCRIPT_LEAF_VERSION,\n hexToUint8Array,\n isValidHex,\n stripHexPrefix,\n uint8ArrayToHex,\n} from \"../utils/bitcoin\";\n\n/**\n * Number of items in a Taproot script-path spend witness stack for a\n * single-signature script: [signature, script, controlBlock].\n *\n * The current payout script requires exactly one depositor signature. If the\n * protocol evolves to require multiple signatures in the payout script, this\n * invariant and the finalized-PSBT extraction path must be revisited because\n * the first witness item would no longer necessarily be the depositor's.\n */\nconst TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE = 3;\n\n/**\n * Parameters for building an unsigned Payout PSBT\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface PayoutParams {\n /**\n * Payout transaction hex (unsigned)\n * This is the transaction that needs to be signed by the depositor\n */\n payoutTxHex: string;\n\n /**\n * Assert transaction hex\n * Payout input 1 references Assert output 0\n */\n assertTxHex: string;\n\n /**\n * Peg-in transaction hex\n * This transaction created the vault output that we're spending\n */\n peginTxHex: string;\n\n /**\n * Depositor's BTC public key (x-only, 64-char hex without 0x prefix)\n */\n depositorBtcPubkey: string;\n\n /**\n * Vault provider's BTC public key (x-only, 64-char hex)\n */\n vaultProviderBtcPubkey: string;\n\n /**\n * Vault keeper BTC public keys (x-only, 64-char hex)\n */\n vaultKeeperBtcPubkeys: string[];\n\n /**\n * Universal challenger BTC public keys (x-only, 64-char hex)\n */\n universalChallengerBtcPubkeys: string[];\n\n /**\n * CSV timelock in blocks for the PegIn output.\n */\n timelockPegin: number;\n\n /**\n * Bitcoin network\n */\n network: Network;\n}\n\n/**\n * Result of building an unsigned payout PSBT\n */\nexport interface PayoutPsbtResult {\n /**\n * Unsigned PSBT hex ready for signing\n */\n psbtHex: string;\n}\n\n/**\n * Build unsigned Payout PSBT for depositor to sign.\n *\n * Payout is used in the **challenge path** when the claimer proves validity:\n * 1. Vault provider submits Claim transaction\n * 2. Challenge is raised during challenge period\n * 3. Claimer submits Assert transaction to prove validity\n * 4. Payout can be executed (references Assert tx)\n *\n * Payout transactions have the following structure:\n * - Input 0: from PeginTx output0 (signed by depositor)\n * - Input 1: from Assert output0 (NOT signed by depositor)\n *\n * @param params - Payout parameters\n * @returns Unsigned PSBT ready for depositor to sign\n *\n * @throws If payout transaction does not have exactly 2 inputs\n * @throws If input 0 does not reference the pegin transaction\n * @throws If input 1 does not reference the assert transaction\n * @throws If previous output is not found for either input\n */\nexport async function buildPayoutPsbt(\n params: PayoutParams,\n): Promise<PayoutPsbtResult> {\n // Normalize hex inputs (strip 0x prefix if present)\n const payoutTxHex = stripHexPrefix(params.payoutTxHex);\n const peginTxHex = stripHexPrefix(params.peginTxHex);\n const assertTxHex = stripHexPrefix(params.assertTxHex);\n\n // Get payout script from WASM\n const payoutConnector = await createPayoutScript({\n depositor: params.depositorBtcPubkey,\n vaultProvider: params.vaultProviderBtcPubkey,\n vaultKeepers: params.vaultKeeperBtcPubkeys,\n universalChallengers: params.universalChallengerBtcPubkeys,\n timelockPegin: params.timelockPegin,\n network: params.network,\n });\n\n const payoutScriptBytes = hexToUint8Array(payoutConnector.payoutScript);\n const controlBlock = hexToUint8Array(payoutConnector.payoutControlBlock);\n\n // Parse transactions\n const payoutTx = Transaction.fromHex(payoutTxHex);\n const peginTx = Transaction.fromHex(peginTxHex);\n const assertTx = Transaction.fromHex(assertTxHex);\n\n // Create PSBT\n const psbt = new Psbt();\n psbt.setVersion(payoutTx.version);\n psbt.setLocktime(payoutTx.locktime);\n\n // PayoutTx has exactly 2 inputs:\n // - Input 0: from PeginTx output0 (signed by depositor using taproot script path)\n // - Input 1: from Assert output0 (signed by claimer/challengers, not depositor)\n //\n // IMPORTANT: For Taproot SIGHASH_DEFAULT (0x00), the sighash commits to ALL inputs'\n // prevouts, not just the one being signed. Therefore, we must include BOTH inputs\n // in the PSBT so the wallet computes the correct sighash that the VP expects.\n\n // Verify payout transaction has expected structure\n if (payoutTx.ins.length !== 2) {\n throw new Error(\n `Payout transaction must have exactly 2 inputs, got ${payoutTx.ins.length}`,\n );\n }\n\n const input0 = payoutTx.ins[0];\n const input1 = payoutTx.ins[1];\n\n // Verify input 0 references the pegin transaction\n const input0Txid = uint8ArrayToHex(\n new Uint8Array(input0.hash).slice().reverse(),\n );\n const peginTxid = peginTx.getId();\n\n if (input0Txid !== peginTxid) {\n throw new Error(\n `Input 0 does not reference pegin transaction. ` +\n `Expected ${peginTxid}, got ${input0Txid}`,\n );\n }\n\n // Verify input 1 references the assert transaction\n const input1Txid = uint8ArrayToHex(\n new Uint8Array(input1.hash).slice().reverse(),\n );\n const expectedInput1Txid = assertTx.getId();\n\n if (input1Txid !== expectedInput1Txid) {\n throw new Error(\n `Input 1 does not reference assert transaction. ` +\n `Expected ${expectedInput1Txid}, got ${input1Txid}`,\n );\n }\n\n const peginPrevOut = peginTx.outs[input0.index];\n if (!peginPrevOut) {\n throw new Error(\n `Previous output not found for input 0 (txid: ${input0Txid}, index: ${input0.index})`,\n );\n }\n\n const input1PrevOut = assertTx.outs[input1.index];\n if (!input1PrevOut) {\n throw new Error(\n `Previous output not found for input 1 (txid: ${input1Txid}, index: ${input1.index})`,\n );\n }\n\n // Input 0: Depositor signs using Taproot script path spend\n // This input includes tapLeafScript for signing\n psbt.addInput({\n hash: input0.hash,\n index: input0.index,\n sequence: input0.sequence,\n witnessUtxo: {\n script: peginPrevOut.script,\n value: peginPrevOut.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(payoutScriptBytes),\n controlBlock: Buffer.from(controlBlock),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n // sighashType omitted - defaults to SIGHASH_DEFAULT (0x00) for Taproot\n });\n\n // Input 1: From Assert transaction (NOT signed by depositor)\n // We include this with witnessUtxo so the sighash is computed correctly,\n // but we do NOT include tapLeafScript since the depositor doesn't sign it.\n psbt.addInput({\n hash: input1.hash,\n index: input1.index,\n sequence: input1.sequence,\n witnessUtxo: {\n script: input1PrevOut.script,\n value: input1PrevOut.value,\n },\n // No tapLeafScript - depositor doesn't sign this input\n });\n\n // Add outputs\n for (const output of payoutTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return {\n psbtHex: psbt.toHex(),\n };\n}\n\n/**\n * Validate that a payout transaction's largest output pays to the registered\n * depositor payout scriptPubKey.\n *\n * Prevents a malicious vault provider from substituting the payout destination\n * (or routing funds through a dust output to the correct address while sending\n * the actual value to an attacker-controlled script).\n *\n * @param payoutTxHex - Raw payout transaction hex\n * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n * @throws If scriptPubKey is invalid hex\n * @throws If the transaction has no outputs\n * @throws If the largest output does not pay to the registered scriptPubKey\n */\nexport function assertPayoutOutputMatchesRegistered(\n payoutTxHex: string,\n registeredPayoutScriptPubKey: string,\n): void {\n if (!isValidHex(registeredPayoutScriptPubKey)) {\n throw new Error(\"Invalid registeredPayoutScriptPubKey: not valid hex\");\n }\n\n const expectedScript = Buffer.from(\n stripHexPrefix(registeredPayoutScriptPubKey),\n \"hex\",\n );\n const payoutTx = Transaction.fromHex(stripHexPrefix(payoutTxHex));\n\n if (payoutTx.outs.length === 0) {\n throw new Error(\"Payout transaction has no outputs\");\n }\n\n const largestOutput = payoutTx.outs.reduce((max, output) =>\n output.value > max.value ? output : max,\n );\n\n if (!largestOutput.script.equals(expectedScript)) {\n throw new Error(\n \"Payout transaction does not pay to the registered depositor payout address\",\n );\n }\n}\n\n/**\n * Extract Schnorr signature from signed payout PSBT.\n *\n * This function supports two cases:\n * 1. Non-finalized PSBT: Extracts from tapScriptSig field\n * 2. Finalized PSBT: Extracts from witness data\n *\n * The signature is returned as a 64-byte hex string (128 hex characters).\n * Payout signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte.\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's public key (x-only, 64-char hex)\n * @param inputIndex - Input index to extract signature from (default: 0)\n * @returns 64-byte Schnorr signature (128 hex characters, no sighash flag)\n *\n * @throws If no signature is found in the PSBT\n * @throws If the signature has an unexpected length\n */\nexport function extractPayoutSignature(\n signedPsbtHex: string,\n depositorPubkey: string,\n inputIndex = 0,\n): string {\n const signedPsbt = Psbt.fromHex(signedPsbtHex);\n\n if (inputIndex >= signedPsbt.data.inputs.length) {\n throw new Error(\n `Input index ${inputIndex} out of range (${signedPsbt.data.inputs.length} inputs)`,\n );\n }\n\n const input = signedPsbt.data.inputs[inputIndex];\n\n // Case 1: Non-finalized PSBT — extract from tapScriptSig\n if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n const depositorPubkeyBytes = hexToUint8Array(depositorPubkey);\n\n for (const sigEntry of input.tapScriptSig) {\n if (sigEntry.pubkey.equals(Buffer.from(depositorPubkeyBytes))) {\n return extractSchnorrSig(sigEntry.signature, inputIndex);\n }\n }\n\n throw new Error(\n `No signature found for depositor pubkey: ${depositorPubkey} at input ${inputIndex}`,\n );\n }\n\n // Case 2: Finalized PSBT — extract from finalScriptWitness\n // Taproot single-signature script-path witness: [signature, script, controlBlock].\n // Enforce the exact stack size so that if a wallet produces an unexpected\n // finalization (e.g. a multi-signature stack, an annex, or malformed data),\n // we fail loudly instead of silently returning witnessStack[0] which may\n // not be the depositor's signature.\n if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n const witnessStack = parseWitnessStack(input.finalScriptWitness);\n if (witnessStack.length !== TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE) {\n throw new Error(\n `Unexpected finalized witness stack size at input ${inputIndex}: ` +\n `expected ${TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE} items (signature, script, controlBlock), ` +\n `got ${witnessStack.length}`,\n );\n }\n return extractSchnorrSig(witnessStack[0], inputIndex);\n }\n\n throw new Error(\n `No tapScriptSig or finalScriptWitness found in signed PSBT at input ${inputIndex}`,\n );\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature.\n * Rejects 65-byte signatures because the appended sighash byte changes the\n * Taproot message being signed; stripping it would produce an unverifiable\n * SIGHASH_DEFAULT signature.\n * @internal\n */\nfunction extractSchnorrSig(sig: Uint8Array, inputIndex: number): string {\n if (sig.length === 64) {\n return uint8ArrayToHex(new Uint8Array(sig));\n }\n if (sig.length === 65) {\n throw new Error(\n `Unexpected sighash byte 0x${sig[64].toString(16).padStart(2, \"0\")} at input ${inputIndex}. ` +\n \"Expected implicit SIGHASH_DEFAULT as a 64-byte signature.\",\n );\n }\n throw new Error(\n `Unexpected signature length at input ${inputIndex}: ${sig.length}`,\n );\n}\n\n/**\n * Parse a BIP-141 serialized witness stack into individual stack items.\n * Format: [varint item_count] [varint len, data]...\n *\n * Throws on malformed input (truncated buffer, 8-byte varints, or trailing\n * bytes) so callers never receive silently-corrupted witness items.\n * @internal\n */\nfunction parseWitnessStack(witness: Buffer): Buffer[] {\n const items: Buffer[] = [];\n let offset = 0;\n\n const requireBytes = (n: number): void => {\n if (offset + n > witness.length) {\n throw new Error(\n `Malformed witness data: need ${n} byte(s) at offset ${offset}, only ${witness.length - offset} remaining`,\n );\n }\n };\n\n const readVarInt = (): number => {\n requireBytes(1);\n const first = witness[offset++];\n if (first < 0xfd) return first;\n if (first === 0xfd) {\n requireBytes(2);\n const val = (witness[offset] | (witness[offset + 1] << 8)) >>> 0;\n offset += 2;\n return val;\n }\n if (first === 0xfe) {\n requireBytes(4);\n const val =\n (witness[offset] |\n (witness[offset + 1] << 8) |\n (witness[offset + 2] << 16) |\n (witness[offset + 3] << 24)) >>>\n 0;\n offset += 4;\n return val;\n }\n // 0xff — 8-byte varint. Not used for witness sizes in practice and JS\n // numbers cannot represent all 64-bit values exactly, so reject rather\n // than risk silent truncation.\n throw new Error(\n `Malformed witness data: 8-byte varint (0xff) not supported at offset ${offset - 1}`,\n );\n };\n\n const count = readVarInt();\n for (let i = 0; i < count; i++) {\n const len = readVarInt();\n requireBytes(len);\n items.push(Buffer.from(witness.subarray(offset, offset + len)));\n offset += len;\n }\n\n if (offset !== witness.length) {\n throw new Error(\n `Malformed witness data: ${witness.length - offset} trailing byte(s) after parsing ${count} item(s)`,\n );\n }\n\n return items;\n}\n\n"],"names":["createPayoutScript","params","connector","createPayoutConnector","TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE","buildPayoutPsbt","payoutTxHex","stripHexPrefix","peginTxHex","assertTxHex","payoutConnector","payoutScriptBytes","hexToUint8Array","controlBlock","payoutTx","Transaction","peginTx","assertTx","psbt","Psbt","input0","input1","input0Txid","uint8ArrayToHex","peginTxid","input1Txid","expectedInput1Txid","peginPrevOut","input1PrevOut","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","assertPayoutOutputMatchesRegistered","registeredPayoutScriptPubKey","isValidHex","expectedScript","max","extractPayoutSignature","signedPsbtHex","depositorPubkey","inputIndex","signedPsbt","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","witnessStack","parseWitnessStack","sig","witness","items","offset","requireBytes","n","readVarInt","first","val","count","i","len"],"mappings":";;;;AA8IA,eAAsBA,EACpBC,GAC6B;AAE7B,QAAMC,IAAY,MAAMC;AAAA,IACtB;AAAA,MACE,WAAWF,EAAO;AAAA,MAClB,eAAeA,EAAO;AAAA,MACtB,cAAcA,EAAO;AAAA,MACrB,sBAAsBA,EAAO;AAAA,MAC7B,eAAeA,EAAO;AAAA,IAAA;AAAA,IAExBA,EAAO;AAAA,EAAA;AAGT,SAAO;AAAA,IACL,cAAcC,EAAU;AAAA,IACxB,mBAAmBA,EAAU;AAAA,IAC7B,cAAcA,EAAU;AAAA,IACxB,SAASA,EAAU;AAAA,IACnB,oBAAoBA,EAAU;AAAA,EAAA;AAElC;AChIA,MAAME,IAAwC;AAyF9C,eAAsBC,EACpBJ,GAC2B;AAE3B,QAAMK,IAAcC,EAAeN,EAAO,WAAW,GAC/CO,IAAaD,EAAeN,EAAO,UAAU,GAC7CQ,IAAcF,EAAeN,EAAO,WAAW,GAG/CS,IAAkB,MAAMV,EAAmB;AAAA,IAC/C,WAAWC,EAAO;AAAA,IAClB,eAAeA,EAAO;AAAA,IACtB,cAAcA,EAAO;AAAA,IACrB,sBAAsBA,EAAO;AAAA,IAC7B,eAAeA,EAAO;AAAA,IACtB,SAASA,EAAO;AAAA,EAAA,CACjB,GAEKU,IAAoBC,EAAgBF,EAAgB,YAAY,GAChEG,IAAeD,EAAgBF,EAAgB,kBAAkB,GAGjEI,IAAWC,EAAY,QAAQT,CAAW,GAC1CU,IAAUD,EAAY,QAAQP,CAAU,GACxCS,IAAWF,EAAY,QAAQN,CAAW,GAG1CS,IAAO,IAAIC,EAAA;AAajB,MAZAD,EAAK,WAAWJ,EAAS,OAAO,GAChCI,EAAK,YAAYJ,EAAS,QAAQ,GAW9BA,EAAS,IAAI,WAAW;AAC1B,UAAM,IAAI;AAAA,MACR,sDAAsDA,EAAS,IAAI,MAAM;AAAA,IAAA;AAI7E,QAAMM,IAASN,EAAS,IAAI,CAAC,GACvBO,IAASP,EAAS,IAAI,CAAC,GAGvBQ,IAAaC;AAAA,IACjB,IAAI,WAAWH,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ,GAExCI,IAAYR,EAAQ,MAAA;AAE1B,MAAIM,MAAeE;AACjB,UAAM,IAAI;AAAA,MACR,0DACcA,CAAS,SAASF,CAAU;AAAA,IAAA;AAK9C,QAAMG,IAAaF;AAAA,IACjB,IAAI,WAAWF,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ,GAExCK,IAAqBT,EAAS,MAAA;AAEpC,MAAIQ,MAAeC;AACjB,UAAM,IAAI;AAAA,MACR,2DACcA,CAAkB,SAASD,CAAU;AAAA,IAAA;AAIvD,QAAME,IAAeX,EAAQ,KAAKI,EAAO,KAAK;AAC9C,MAAI,CAACO;AACH,UAAM,IAAI;AAAA,MACR,gDAAgDL,CAAU,YAAYF,EAAO,KAAK;AAAA,IAAA;AAItF,QAAMQ,IAAgBX,EAAS,KAAKI,EAAO,KAAK;AAChD,MAAI,CAACO;AACH,UAAM,IAAI;AAAA,MACR,gDAAgDH,CAAU,YAAYJ,EAAO,KAAK;AAAA,IAAA;AAMtF,EAAAH,EAAK,SAAS;AAAA,IACZ,MAAME,EAAO;AAAA,IACb,OAAOA,EAAO;AAAA,IACd,UAAUA,EAAO;AAAA,IACjB,aAAa;AAAA,MACX,QAAQO,EAAa;AAAA,MACrB,OAAOA,EAAa;AAAA,IAAA;AAAA,IAEtB,eAAe;AAAA,MACb;AAAA,QACE,aAAaE;AAAA,QACb,QAAQC,EAAO,KAAKnB,CAAiB;AAAA,QACrC,cAAcmB,EAAO,KAAKjB,CAAY;AAAA,MAAA;AAAA,IACxC;AAAA,IAEF,gBAAgBiB,EAAO,KAAKC,CAAiB;AAAA;AAAA,EAAA,CAE9C,GAKDb,EAAK,SAAS;AAAA,IACZ,MAAMG,EAAO;AAAA,IACb,OAAOA,EAAO;AAAA,IACd,UAAUA,EAAO;AAAA,IACjB,aAAa;AAAA,MACX,QAAQO,EAAc;AAAA,MACtB,OAAOA,EAAc;AAAA,IAAA;AAAA;AAAA,EACvB,CAED;AAGD,aAAWI,KAAUlB,EAAS;AAC5B,IAAAI,EAAK,UAAU;AAAA,MACb,QAAQc,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAO;AAAA,IACL,SAASd,EAAK,MAAA;AAAA,EAAM;AAExB;AAgBO,SAASe,EACd3B,GACA4B,GACM;AACN,MAAI,CAACC,EAAWD,CAA4B;AAC1C,UAAM,IAAI,MAAM,qDAAqD;AAGvE,QAAME,IAAiBN,EAAO;AAAA,IAC5BvB,EAAe2B,CAA4B;AAAA,IAC3C;AAAA,EAAA,GAEIpB,IAAWC,EAAY,QAAQR,EAAeD,CAAW,CAAC;AAEhE,MAAIQ,EAAS,KAAK,WAAW;AAC3B,UAAM,IAAI,MAAM,mCAAmC;AAOrD,MAAI,CAJkBA,EAAS,KAAK;AAAA,IAAO,CAACuB,GAAKL,MAC/CA,EAAO,QAAQK,EAAI,QAAQL,IAASK;AAAA,EAAA,EAGnB,OAAO,OAAOD,CAAc;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;AAqBO,SAASE,EACdC,GACAC,GACAC,IAAa,GACL;AACR,QAAMC,IAAavB,EAAK,QAAQoB,CAAa;AAE7C,MAAIE,KAAcC,EAAW,KAAK,OAAO;AACvC,UAAM,IAAI;AAAA,MACR,eAAeD,CAAU,kBAAkBC,EAAW,KAAK,OAAO,MAAM;AAAA,IAAA;AAI5E,QAAMC,IAAQD,EAAW,KAAK,OAAOD,CAAU;AAG/C,MAAIE,EAAM,gBAAgBA,EAAM,aAAa,SAAS,GAAG;AACvD,UAAMC,IAAuBhC,EAAgB4B,CAAe;AAE5D,eAAWK,KAAYF,EAAM;AAC3B,UAAIE,EAAS,OAAO,OAAOf,EAAO,KAAKc,CAAoB,CAAC;AAC1D,eAAOE,EAAkBD,EAAS,WAAWJ,CAAU;AAI3D,UAAM,IAAI;AAAA,MACR,4CAA4CD,CAAe,aAAaC,CAAU;AAAA,IAAA;AAAA,EAEtF;AAQA,MAAIE,EAAM,sBAAsBA,EAAM,mBAAmB,SAAS,GAAG;AACnE,UAAMI,IAAeC,EAAkBL,EAAM,kBAAkB;AAC/D,QAAII,EAAa,WAAW3C;AAC1B,YAAM,IAAI;AAAA,QACR,oDAAoDqC,CAAU,cAChDrC,CAAqC,iDAC1C2C,EAAa,MAAM;AAAA,MAAA;AAGhC,WAAOD,EAAkBC,EAAa,CAAC,GAAGN,CAAU;AAAA,EACtD;AAEA,QAAM,IAAI;AAAA,IACR,uEAAuEA,CAAU;AAAA,EAAA;AAErF;AASA,SAASK,EAAkBG,GAAiBR,GAA4B;AACtE,MAAIQ,EAAI,WAAW;AACjB,WAAO1B,EAAgB,IAAI,WAAW0B,CAAG,CAAC;AAE5C,QAAIA,EAAI,WAAW,KACX,IAAI;AAAA,IACR,6BAA6BA,EAAI,EAAE,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,aAAaR,CAAU;AAAA,EAAA,IAIvF,IAAI;AAAA,IACR,wCAAwCA,CAAU,KAAKQ,EAAI,MAAM;AAAA,EAAA;AAErE;AAUA,SAASD,EAAkBE,GAA2B;AACpD,QAAMC,IAAkB,CAAA;AACxB,MAAIC,IAAS;AAEb,QAAMC,IAAe,CAACC,MAAoB;AACxC,QAAIF,IAASE,IAAIJ,EAAQ;AACvB,YAAM,IAAI;AAAA,QACR,gCAAgCI,CAAC,sBAAsBF,CAAM,UAAUF,EAAQ,SAASE,CAAM;AAAA,MAAA;AAAA,EAGpG,GAEMG,IAAa,MAAc;AAC/B,IAAAF,EAAa,CAAC;AACd,UAAMG,IAAQN,EAAQE,GAAQ;AAC9B,QAAII,IAAQ,IAAM,QAAOA;AACzB,QAAIA,MAAU,KAAM;AAClB,MAAAH,EAAa,CAAC;AACd,YAAMI,KAAOP,EAAQE,CAAM,IAAKF,EAAQE,IAAS,CAAC,KAAK,OAAQ;AAC/D,aAAAA,KAAU,GACHK;AAAA,IACT;AACA,QAAID,MAAU,KAAM;AAClB,MAAAH,EAAa,CAAC;AACd,YAAMI,KACHP,EAAQE,CAAM,IACZF,EAAQE,IAAS,CAAC,KAAK,IACvBF,EAAQE,IAAS,CAAC,KAAK,KACvBF,EAAQE,IAAS,CAAC,KAAK,QAC1B;AACF,aAAAA,KAAU,GACHK;AAAA,IACT;AAIA,UAAM,IAAI;AAAA,MACR,wEAAwEL,IAAS,CAAC;AAAA,IAAA;AAAA,EAEtF,GAEMM,IAAQH,EAAA;AACd,WAASI,IAAI,GAAGA,IAAID,GAAOC,KAAK;AAC9B,UAAMC,IAAML,EAAA;AACZ,IAAAF,EAAaO,CAAG,GAChBT,EAAM,KAAKrB,EAAO,KAAKoB,EAAQ,SAASE,GAAQA,IAASQ,CAAG,CAAC,CAAC,GAC9DR,KAAUQ;AAAA,EACZ;AAEA,MAAIR,MAAWF,EAAQ;AACrB,UAAM,IAAI;AAAA,MACR,2BAA2BA,EAAQ,SAASE,CAAM,mCAAmCM,CAAK;AAAA,IAAA;AAI9F,SAAOP;AACT;"}

package/dist/payout-DQ_fmJUA.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";const E=require("@babylonlabs-io/babylon-tbv-rust-wasm"),d=require("buffer"),f=require("bitcoinjs-lib"),u=require("./bitcoin-B3aqjuMP.cjs");async function H(t){const r=await E.createPayoutConnector({depositor:t.depositor,vaultProvider:t.vaultProvider,vaultKeepers:t.vaultKeepers,universalChallengers:t.universalChallengers,timelockPegin:t.timelockPegin},t.network);return{payoutScript:r.payoutScript,taprootScriptHash:r.taprootScriptHash,scriptPubKey:r.scriptPubKey,address:r.address,payoutControlBlock:r.payoutControlBlock}}const b=3;async function k(t){const r=u.stripHexPrefix(t.payoutTxHex),e=u.stripHexPrefix(t.peginTxHex),i=u.stripHexPrefix(t.assertTxHex),s=await H({depositor:t.depositorBtcPubkey,vaultProvider:t.vaultProviderBtcPubkey,vaultKeepers:t.vaultKeeperBtcPubkeys,universalChallengers:t.universalChallengerBtcPubkeys,timelockPegin:t.timelockPegin,network:t.network}),a=u.hexToUint8Array(s.payoutScript),o=u.hexToUint8Array(s.payoutControlBlock),n=f.Transaction.fromHex(r),P=f.Transaction.fromHex(e),S=f.Transaction.fromHex(i),c=new f.Psbt;if(c.setVersion(n.version),c.setLocktime(n.locktime),n.ins.length!==2)throw new Error(`Payout transaction must have exactly 2 inputs, got ${n.ins.length}`);const p=n.ins[0],l=n.ins[1],x=u.uint8ArrayToHex(new Uint8Array(p.hash).slice().reverse()),w=P.getId();if(x!==w)throw new Error(`Input 0 does not reference pegin transaction. Expected ${w}, got ${x}`);const h=u.uint8ArrayToHex(new Uint8Array(l.hash).slice().reverse()),v=S.getId();if(h!==v)throw new Error(`Input 1 does not reference assert transaction. Expected ${v}, got ${h}`);const y=P.outs[p.index];if(!y)throw new Error(`Previous output not found for input 0 (txid: ${x}, index: ${p.index})`);const g=S.outs[l.index];if(!g)throw new Error(`Previous output not found for input 1 (txid: ${h}, index: ${l.index})`);c.addInput({hash:p.hash,index:p.index,sequence:p.sequence,witnessUtxo:{script:y.script,value:y.value},tapLeafScript:[{leafVersion:u.TAPSCRIPT_LEAF_VERSION,script:d.Buffer.from(a),controlBlock:d.Buffer.from(o)}],tapInternalKey:d.Buffer.from(E.tapInternalPubkey)}),c.addInput({hash:l.hash,index:l.index,sequence:l.sequence,witnessUtxo:{script:g.script,value:g.value}});for(const T of n.outs)c.addOutput({script:T.script,value:T.value});return{psbtHex:c.toHex()}}function B(t,r){if(!u.isValidHex(r))throw new Error("Invalid registeredPayoutScriptPubKey: not valid hex");const e=d.Buffer.from(u.stripHexPrefix(r),"hex"),i=f.Transaction.fromHex(u.stripHexPrefix(t));if(i.outs.length===0)throw new Error("Payout transaction has no outputs");if(!i.outs.reduce((a,o)=>o.value>a.value?o:a).script.equals(e))throw new Error("Payout transaction does not pay to the registered depositor payout address")}function A(t,r,e=0){const i=f.Psbt.fromHex(t);if(e>=i.data.inputs.length)throw new Error(`Input index ${e} out of range (${i.data.inputs.length} inputs)`);const s=i.data.inputs[e];if(s.tapScriptSig&&s.tapScriptSig.length>0){const a=u.hexToUint8Array(r);for(const o of s.tapScriptSig)if(o.pubkey.equals(d.Buffer.from(a)))return $(o.signature,e);throw new Error(`No signature found for depositor pubkey: ${r} at input ${e}`)}if(s.finalScriptWitness&&s.finalScriptWitness.length>0){const a=m(s.finalScriptWitness);if(a.length!==b)throw new Error(`Unexpected finalized witness stack size at input ${e}: expected ${b} items (signature, script, controlBlock), got ${a.length}`);return $(a[0],e)}throw new Error(`No tapScriptSig or finalScriptWitness found in signed PSBT at input ${e}`)}function $(t,r){if(t.length===64)return u.uint8ArrayToHex(new Uint8Array(t));throw t.length===65?new Error(`Unexpected sighash byte 0x${t[64].toString(16).padStart(2,"0")} at input ${r}. Expected implicit SIGHASH_DEFAULT as a 64-byte signature.`):new Error(`Unexpected signature length at input ${r}: ${t.length}`)}function m(t){const r=[];let e=0;const i=o=>{if(e+o>t.length)throw new Error(`Malformed witness data: need ${o} byte(s) at offset ${e}, only ${t.length-e} remaining`)},s=()=>{i(1);const o=t[e++];if(o<253)return o;if(o===253){i(2);const n=(t[e]\|t[e+1]<<8)>>>0;return e+=2,n}if(o===254){i(4);const n=(t[e]\|t[e+1]<<8\|t[e+2]<<16\|t[e+3]<<24)>>>0;return e+=4,n}throw new Error(`Malformed witness data: 8-byte varint (0xff) not supported at offset ${e-1}`)},a=s();for(let o=0;o<a;o++){const n=s();i(n),r.push(d.Buffer.from(t.subarray(e,e+n))),e+=n}if(e!==t.length)throw new Error(`Malformed witness data: ${t.length-e} trailing byte(s) after parsing ${a} item(s)`);return r}exports.assertPayoutOutputMatchesRegistered=B;exports.buildPayoutPsbt=k;exports.createPayoutScript=H;exports.extractPayoutSignature=A;
2	- //# sourceMappingURL=payout-DQ_fmJUA.cjs.map

package/dist/payout-DQ_fmJUA.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"payout-DQ_fmJUA.cjs","sources":["../src/tbv/core/primitives/scripts/payout.ts","../src/tbv/core/primitives/psbt/payout.ts"],"sourcesContent":["/**\n * Payout Script Generator Primitive\n *\n * This module provides pure functions for generating payout scripts and taproot information\n * by wrapping the WASM implementation from @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * The payout script is used for signing payout transactions in the vault system.\n * It defines the spending conditions for the vault output, enabling the depositor\n * to authorize payouts during the peg-in flow (Step 3).\n *\n * @remarks\n * This is a low-level primitive. For most use cases, prefer using {@link buildPayoutPsbt}\n * which handles script creation internally. For high-level wallet orchestration, use\n * PayoutManager from the managers module.\n *\n * @see {@link buildPayoutPsbt} - Higher-level function that uses this internally\n *\n * @module primitives/scripts/payout\n */\n\nimport {\n createPayoutConnector,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\n/**\n * Parameters for creating a payout script.\n *\n * These parameters define the participants in a vault and are used to generate\n * the taproot script that controls how funds can be spent from the vault.\n */\nexport interface PayoutScriptParams {\n /**\n * Depositor's BTC public key (x-only, 64-char hex without 0x prefix).\n *\n * This is the user depositing BTC into the vault. The depositor must sign\n * payout transactions to authorize fund distribution.\n */\n depositor: string;\n\n /**\n * Vault provider's BTC public key (x-only, 64-char hex without 0x prefix).\n *\n * The service provider managing vault operations. Also referred to as\n * \"claimer\" in the WASM layer.\n */\n vaultProvider: string;\n\n /**\n * Array of vault keeper BTC public keys (x-only, 64-char hex without 0x prefix).\n *\n * Vault keepers participate in vault operations and script spending conditions.\n */\n vaultKeepers: string[];\n\n /**\n * Array of universal challenger BTC public keys (x-only, 64-char hex without 0x prefix).\n *\n * These parties can challenge the vault under certain conditions.\n */\n universalChallengers: string[];\n\n /**\n * CSV timelock in blocks for the PegIn output.\n */\n timelockPegin: number;\n\n /**\n * Bitcoin network for script generation.\n *\n * Must match the network used for all other vault operations to ensure\n * address encoding compatibility.\n */\n network: Network;\n}\n\n/**\n * Result of creating a payout script.\n *\n * Contains all the taproot-related data needed for constructing and signing\n * payout transactions from the vault.\n */\nexport interface PayoutScriptResult {\n /**\n * The payout script hex used in taproot script path spending.\n *\n * This is the raw script bytes that define the spending conditions,\n * encoded as a hexadecimal string. Used when constructing the\n * tapLeafScript for PSBT signing.\n */\n payoutScript: string;\n\n /**\n * The taproot script hash (leaf hash) for the payout script.\n *\n * This is the tagged hash of the script used in taproot tree construction.\n * Required for computing the control block during script path spending.\n */\n taprootScriptHash: string;\n\n /**\n * The full scriptPubKey for the vault output address.\n *\n * This is the complete output script (OP_1 <32-byte-key>) that should be\n * used when creating the vault output in a peg-in transaction.\n */\n scriptPubKey: string;\n\n /**\n * The vault Bitcoin address derived from the script.\n *\n * A human-readable bech32m address (bc1p... for mainnet, tb1p... for testnet/signet)\n * that can be used to receive funds into the vault.\n */\n address: string;\n\n /**\n * Serialized control block for Taproot script path spend (hex encoded).\n *\n * Computed by the Rust WASM PeginPayoutConnector. Used directly in\n * tapLeafScript when building payout PSBTs.\n */\n payoutControlBlock: string;\n}\n\n/**\n * Create payout script and taproot information using WASM.\n *\n * This is a pure function that wraps the Rust WASM implementation.\n * The payout connector generates the necessary taproot scripts and information\n * required for signing payout transactions.\n *\n * @remarks\n * The generated script encodes spending conditions that require signatures from\n * the depositor and vault provider (or liquidators in challenge scenarios).\n * This script is used internally by {@link buildPayoutPsbt}.\n *\n * @param params - Payout script parameters defining vault participants and network\n * @returns Payout script and taproot information for PSBT construction\n *\n * @see {@link buildPayoutPsbt} - Use this for building complete payout PSBTs\n */\nexport async function createPayoutScript(\n params: PayoutScriptParams,\n): Promise<PayoutScriptResult> {\n // Call the WASM wrapper with the correct parameter structure\n const connector = await createPayoutConnector(\n {\n depositor: params.depositor,\n vaultProvider: params.vaultProvider,\n vaultKeepers: params.vaultKeepers,\n universalChallengers: params.universalChallengers,\n timelockPegin: params.timelockPegin,\n },\n params.network,\n );\n\n return {\n payoutScript: connector.payoutScript,\n taprootScriptHash: connector.taprootScriptHash,\n scriptPubKey: connector.scriptPubKey,\n address: connector.address,\n payoutControlBlock: connector.payoutControlBlock,\n };\n}\n","/**\n * Payout PSBT Builder Primitives\n *\n * This module provides pure functions for building unsigned payout PSBTs and extracting\n * Schnorr signatures from signed PSBTs. It uses WASM-generated scripts from the payout\n * connector and bitcoinjs-lib for PSBT construction.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @module primitives/psbt/payout\n */\n\nimport {\n type Network,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { createPayoutScript } from \"../scripts/payout\";\nimport {\n TAPSCRIPT_LEAF_VERSION,\n hexToUint8Array,\n isValidHex,\n stripHexPrefix,\n uint8ArrayToHex,\n} from \"../utils/bitcoin\";\n\n/**\n * Number of items in a Taproot script-path spend witness stack for a\n * single-signature script: [signature, script, controlBlock].\n *\n * The current payout script requires exactly one depositor signature. If the\n * protocol evolves to require multiple signatures in the payout script, this\n * invariant and the finalized-PSBT extraction path must be revisited because\n * the first witness item would no longer necessarily be the depositor's.\n */\nconst TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE = 3;\n\n/**\n * Parameters for building an unsigned Payout PSBT\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface PayoutParams {\n /**\n * Payout transaction hex (unsigned)\n * This is the transaction that needs to be signed by the depositor\n */\n payoutTxHex: string;\n\n /**\n * Assert transaction hex\n * Payout input 1 references Assert output 0\n */\n assertTxHex: string;\n\n /**\n * Peg-in transaction hex\n * This transaction created the vault output that we're spending\n */\n peginTxHex: string;\n\n /**\n * Depositor's BTC public key (x-only, 64-char hex without 0x prefix)\n */\n depositorBtcPubkey: string;\n\n /**\n * Vault provider's BTC public key (x-only, 64-char hex)\n */\n vaultProviderBtcPubkey: string;\n\n /**\n * Vault keeper BTC public keys (x-only, 64-char hex)\n */\n vaultKeeperBtcPubkeys: string[];\n\n /**\n * Universal challenger BTC public keys (x-only, 64-char hex)\n */\n universalChallengerBtcPubkeys: string[];\n\n /**\n * CSV timelock in blocks for the PegIn output.\n */\n timelockPegin: number;\n\n /**\n * Bitcoin network\n */\n network: Network;\n}\n\n/**\n * Result of building an unsigned payout PSBT\n */\nexport interface PayoutPsbtResult {\n /**\n * Unsigned PSBT hex ready for signing\n */\n psbtHex: string;\n}\n\n/**\n * Build unsigned Payout PSBT for depositor to sign.\n *\n * Payout is used in the **challenge path** when the claimer proves validity:\n * 1. Vault provider submits Claim transaction\n * 2. Challenge is raised during challenge period\n * 3. Claimer submits Assert transaction to prove validity\n * 4. Payout can be executed (references Assert tx)\n *\n * Payout transactions have the following structure:\n * - Input 0: from PeginTx output0 (signed by depositor)\n * - Input 1: from Assert output0 (NOT signed by depositor)\n *\n * @param params - Payout parameters\n * @returns Unsigned PSBT ready for depositor to sign\n *\n * @throws If payout transaction does not have exactly 2 inputs\n * @throws If input 0 does not reference the pegin transaction\n * @throws If input 1 does not reference the assert transaction\n * @throws If previous output is not found for either input\n */\nexport async function buildPayoutPsbt(\n params: PayoutParams,\n): Promise<PayoutPsbtResult> {\n // Normalize hex inputs (strip 0x prefix if present)\n const payoutTxHex = stripHexPrefix(params.payoutTxHex);\n const peginTxHex = stripHexPrefix(params.peginTxHex);\n const assertTxHex = stripHexPrefix(params.assertTxHex);\n\n // Get payout script from WASM\n const payoutConnector = await createPayoutScript({\n depositor: params.depositorBtcPubkey,\n vaultProvider: params.vaultProviderBtcPubkey,\n vaultKeepers: params.vaultKeeperBtcPubkeys,\n universalChallengers: params.universalChallengerBtcPubkeys,\n timelockPegin: params.timelockPegin,\n network: params.network,\n });\n\n const payoutScriptBytes = hexToUint8Array(payoutConnector.payoutScript);\n const controlBlock = hexToUint8Array(payoutConnector.payoutControlBlock);\n\n // Parse transactions\n const payoutTx = Transaction.fromHex(payoutTxHex);\n const peginTx = Transaction.fromHex(peginTxHex);\n const assertTx = Transaction.fromHex(assertTxHex);\n\n // Create PSBT\n const psbt = new Psbt();\n psbt.setVersion(payoutTx.version);\n psbt.setLocktime(payoutTx.locktime);\n\n // PayoutTx has exactly 2 inputs:\n // - Input 0: from PeginTx output0 (signed by depositor using taproot script path)\n // - Input 1: from Assert output0 (signed by claimer/challengers, not depositor)\n //\n // IMPORTANT: For Taproot SIGHASH_DEFAULT (0x00), the sighash commits to ALL inputs'\n // prevouts, not just the one being signed. Therefore, we must include BOTH inputs\n // in the PSBT so the wallet computes the correct sighash that the VP expects.\n\n // Verify payout transaction has expected structure\n if (payoutTx.ins.length !== 2) {\n throw new Error(\n `Payout transaction must have exactly 2 inputs, got ${payoutTx.ins.length}`,\n );\n }\n\n const input0 = payoutTx.ins[0];\n const input1 = payoutTx.ins[1];\n\n // Verify input 0 references the pegin transaction\n const input0Txid = uint8ArrayToHex(\n new Uint8Array(input0.hash).slice().reverse(),\n );\n const peginTxid = peginTx.getId();\n\n if (input0Txid !== peginTxid) {\n throw new Error(\n `Input 0 does not reference pegin transaction. ` +\n `Expected ${peginTxid}, got ${input0Txid}`,\n );\n }\n\n // Verify input 1 references the assert transaction\n const input1Txid = uint8ArrayToHex(\n new Uint8Array(input1.hash).slice().reverse(),\n );\n const expectedInput1Txid = assertTx.getId();\n\n if (input1Txid !== expectedInput1Txid) {\n throw new Error(\n `Input 1 does not reference assert transaction. ` +\n `Expected ${expectedInput1Txid}, got ${input1Txid}`,\n );\n }\n\n const peginPrevOut = peginTx.outs[input0.index];\n if (!peginPrevOut) {\n throw new Error(\n `Previous output not found for input 0 (txid: ${input0Txid}, index: ${input0.index})`,\n );\n }\n\n const input1PrevOut = assertTx.outs[input1.index];\n if (!input1PrevOut) {\n throw new Error(\n `Previous output not found for input 1 (txid: ${input1Txid}, index: ${input1.index})`,\n );\n }\n\n // Input 0: Depositor signs using Taproot script path spend\n // This input includes tapLeafScript for signing\n psbt.addInput({\n hash: input0.hash,\n index: input0.index,\n sequence: input0.sequence,\n witnessUtxo: {\n script: peginPrevOut.script,\n value: peginPrevOut.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(payoutScriptBytes),\n controlBlock: Buffer.from(controlBlock),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n // sighashType omitted - defaults to SIGHASH_DEFAULT (0x00) for Taproot\n });\n\n // Input 1: From Assert transaction (NOT signed by depositor)\n // We include this with witnessUtxo so the sighash is computed correctly,\n // but we do NOT include tapLeafScript since the depositor doesn't sign it.\n psbt.addInput({\n hash: input1.hash,\n index: input1.index,\n sequence: input1.sequence,\n witnessUtxo: {\n script: input1PrevOut.script,\n value: input1PrevOut.value,\n },\n // No tapLeafScript - depositor doesn't sign this input\n });\n\n // Add outputs\n for (const output of payoutTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return {\n psbtHex: psbt.toHex(),\n };\n}\n\n/**\n * Validate that a payout transaction's largest output pays to the registered\n * depositor payout scriptPubKey.\n *\n * Prevents a malicious vault provider from substituting the payout destination\n * (or routing funds through a dust output to the correct address while sending\n * the actual value to an attacker-controlled script).\n *\n * @param payoutTxHex - Raw payout transaction hex\n * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n * @throws If scriptPubKey is invalid hex\n * @throws If the transaction has no outputs\n * @throws If the largest output does not pay to the registered scriptPubKey\n */\nexport function assertPayoutOutputMatchesRegistered(\n payoutTxHex: string,\n registeredPayoutScriptPubKey: string,\n): void {\n if (!isValidHex(registeredPayoutScriptPubKey)) {\n throw new Error(\"Invalid registeredPayoutScriptPubKey: not valid hex\");\n }\n\n const expectedScript = Buffer.from(\n stripHexPrefix(registeredPayoutScriptPubKey),\n \"hex\",\n );\n const payoutTx = Transaction.fromHex(stripHexPrefix(payoutTxHex));\n\n if (payoutTx.outs.length === 0) {\n throw new Error(\"Payout transaction has no outputs\");\n }\n\n const largestOutput = payoutTx.outs.reduce((max, output) =>\n output.value > max.value ? output : max,\n );\n\n if (!largestOutput.script.equals(expectedScript)) {\n throw new Error(\n \"Payout transaction does not pay to the registered depositor payout address\",\n );\n }\n}\n\n/**\n * Extract Schnorr signature from signed payout PSBT.\n *\n * This function supports two cases:\n * 1. Non-finalized PSBT: Extracts from tapScriptSig field\n * 2. Finalized PSBT: Extracts from witness data\n *\n * The signature is returned as a 64-byte hex string (128 hex characters).\n * Payout signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte.\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's public key (x-only, 64-char hex)\n * @param inputIndex - Input index to extract signature from (default: 0)\n * @returns 64-byte Schnorr signature (128 hex characters, no sighash flag)\n *\n * @throws If no signature is found in the PSBT\n * @throws If the signature has an unexpected length\n */\nexport function extractPayoutSignature(\n signedPsbtHex: string,\n depositorPubkey: string,\n inputIndex = 0,\n): string {\n const signedPsbt = Psbt.fromHex(signedPsbtHex);\n\n if (inputIndex >= signedPsbt.data.inputs.length) {\n throw new Error(\n `Input index ${inputIndex} out of range (${signedPsbt.data.inputs.length} inputs)`,\n );\n }\n\n const input = signedPsbt.data.inputs[inputIndex];\n\n // Case 1: Non-finalized PSBT — extract from tapScriptSig\n if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n const depositorPubkeyBytes = hexToUint8Array(depositorPubkey);\n\n for (const sigEntry of input.tapScriptSig) {\n if (sigEntry.pubkey.equals(Buffer.from(depositorPubkeyBytes))) {\n return extractSchnorrSig(sigEntry.signature, inputIndex);\n }\n }\n\n throw new Error(\n `No signature found for depositor pubkey: ${depositorPubkey} at input ${inputIndex}`,\n );\n }\n\n // Case 2: Finalized PSBT — extract from finalScriptWitness\n // Taproot single-signature script-path witness: [signature, script, controlBlock].\n // Enforce the exact stack size so that if a wallet produces an unexpected\n // finalization (e.g. a multi-signature stack, an annex, or malformed data),\n // we fail loudly instead of silently returning witnessStack[0] which may\n // not be the depositor's signature.\n if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n const witnessStack = parseWitnessStack(input.finalScriptWitness);\n if (witnessStack.length !== TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE) {\n throw new Error(\n `Unexpected finalized witness stack size at input ${inputIndex}: ` +\n `expected ${TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE} items (signature, script, controlBlock), ` +\n `got ${witnessStack.length}`,\n );\n }\n return extractSchnorrSig(witnessStack[0], inputIndex);\n }\n\n throw new Error(\n `No tapScriptSig or finalScriptWitness found in signed PSBT at input ${inputIndex}`,\n );\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature.\n * Rejects 65-byte signatures because the appended sighash byte changes the\n * Taproot message being signed; stripping it would produce an unverifiable\n * SIGHASH_DEFAULT signature.\n * @internal\n */\nfunction extractSchnorrSig(sig: Uint8Array, inputIndex: number): string {\n if (sig.length === 64) {\n return uint8ArrayToHex(new Uint8Array(sig));\n }\n if (sig.length === 65) {\n throw new Error(\n `Unexpected sighash byte 0x${sig[64].toString(16).padStart(2, \"0\")} at input ${inputIndex}. ` +\n \"Expected implicit SIGHASH_DEFAULT as a 64-byte signature.\",\n );\n }\n throw new Error(\n `Unexpected signature length at input ${inputIndex}: ${sig.length}`,\n );\n}\n\n/**\n * Parse a BIP-141 serialized witness stack into individual stack items.\n * Format: [varint item_count] [varint len, data]...\n *\n * Throws on malformed input (truncated buffer, 8-byte varints, or trailing\n * bytes) so callers never receive silently-corrupted witness items.\n * @internal\n */\nfunction parseWitnessStack(witness: Buffer): Buffer[] {\n const items: Buffer[] = [];\n let offset = 0;\n\n const requireBytes = (n: number): void => {\n if (offset + n > witness.length) {\n throw new Error(\n `Malformed witness data: need ${n} byte(s) at offset ${offset}, only ${witness.length - offset} remaining`,\n );\n }\n };\n\n const readVarInt = (): number => {\n requireBytes(1);\n const first = witness[offset++];\n if (first < 0xfd) return first;\n if (first === 0xfd) {\n requireBytes(2);\n const val = (witness[offset] | (witness[offset + 1] << 8)) >>> 0;\n offset += 2;\n return val;\n }\n if (first === 0xfe) {\n requireBytes(4);\n const val =\n (witness[offset] |\n (witness[offset + 1] << 8) |\n (witness[offset + 2] << 16) |\n (witness[offset + 3] << 24)) >>>\n 0;\n offset += 4;\n return val;\n }\n // 0xff — 8-byte varint. Not used for witness sizes in practice and JS\n // numbers cannot represent all 64-bit values exactly, so reject rather\n // than risk silent truncation.\n throw new Error(\n `Malformed witness data: 8-byte varint (0xff) not supported at offset ${offset - 1}`,\n );\n };\n\n const count = readVarInt();\n for (let i = 0; i < count; i++) {\n const len = readVarInt();\n requireBytes(len);\n items.push(Buffer.from(witness.subarray(offset, offset + len)));\n offset += len;\n }\n\n if (offset !== witness.length) {\n throw new Error(\n `Malformed witness data: ${witness.length - offset} trailing byte(s) after parsing ${count} item(s)`,\n );\n }\n\n return items;\n}\n\n"],"names":["createPayoutScript","params","connector","createPayoutConnector","TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE","buildPayoutPsbt","payoutTxHex","stripHexPrefix","peginTxHex","assertTxHex","payoutConnector","payoutScriptBytes","hexToUint8Array","controlBlock","payoutTx","Transaction","peginTx","assertTx","psbt","Psbt","input0","input1","input0Txid","uint8ArrayToHex","peginTxid","input1Txid","expectedInput1Txid","peginPrevOut","input1PrevOut","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","assertPayoutOutputMatchesRegistered","registeredPayoutScriptPubKey","isValidHex","expectedScript","max","extractPayoutSignature","signedPsbtHex","depositorPubkey","inputIndex","signedPsbt","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","witnessStack","parseWitnessStack","sig","witness","items","offset","requireBytes","n","readVarInt","first","val","count","i","len"],"mappings":"yJA8IA,eAAsBA,EACpBC,EAC6B,CAE7B,MAAMC,EAAY,MAAMC,EAAAA,sBACtB,CACE,UAAWF,EAAO,UAClB,cAAeA,EAAO,cACtB,aAAcA,EAAO,aACrB,qBAAsBA,EAAO,qBAC7B,cAAeA,EAAO,aAAA,EAExBA,EAAO,OAAA,EAGT,MAAO,CACL,aAAcC,EAAU,aACxB,kBAAmBA,EAAU,kBAC7B,aAAcA,EAAU,aACxB,QAASA,EAAU,QACnB,mBAAoBA,EAAU,kBAAA,CAElC,CChIA,MAAME,EAAwC,EAyF9C,eAAsBC,EACpBJ,EAC2B,CAE3B,MAAMK,EAAcC,EAAAA,eAAeN,EAAO,WAAW,EAC/CO,EAAaD,EAAAA,eAAeN,EAAO,UAAU,EAC7CQ,EAAcF,EAAAA,eAAeN,EAAO,WAAW,EAG/CS,EAAkB,MAAMV,EAAmB,CAC/C,UAAWC,EAAO,mBAClB,cAAeA,EAAO,uBACtB,aAAcA,EAAO,sBACrB,qBAAsBA,EAAO,8BAC7B,cAAeA,EAAO,cACtB,QAASA,EAAO,OAAA,CACjB,EAEKU,EAAoBC,EAAAA,gBAAgBF,EAAgB,YAAY,EAChEG,EAAeD,EAAAA,gBAAgBF,EAAgB,kBAAkB,EAGjEI,EAAWC,EAAAA,YAAY,QAAQT,CAAW,EAC1CU,EAAUD,EAAAA,YAAY,QAAQP,CAAU,EACxCS,EAAWF,EAAAA,YAAY,QAAQN,CAAW,EAG1CS,EAAO,IAAIC,OAajB,GAZAD,EAAK,WAAWJ,EAAS,OAAO,EAChCI,EAAK,YAAYJ,EAAS,QAAQ,EAW9BA,EAAS,IAAI,SAAW,EAC1B,MAAM,IAAI,MACR,sDAAsDA,EAAS,IAAI,MAAM,EAAA,EAI7E,MAAMM,EAASN,EAAS,IAAI,CAAC,EACvBO,EAASP,EAAS,IAAI,CAAC,EAGvBQ,EAAaC,EAAAA,gBACjB,IAAI,WAAWH,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA,CAAQ,EAExCI,EAAYR,EAAQ,MAAA,EAE1B,GAAIM,IAAeE,EACjB,MAAM,IAAI,MACR,0DACcA,CAAS,SAASF,CAAU,EAAA,EAK9C,MAAMG,EAAaF,EAAAA,gBACjB,IAAI,WAAWF,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA,CAAQ,EAExCK,EAAqBT,EAAS,MAAA,EAEpC,GAAIQ,IAAeC,EACjB,MAAM,IAAI,MACR,2DACcA,CAAkB,SAASD,CAAU,EAAA,EAIvD,MAAME,EAAeX,EAAQ,KAAKI,EAAO,KAAK,EAC9C,GAAI,CAACO,EACH,MAAM,IAAI,MACR,gDAAgDL,CAAU,YAAYF,EAAO,KAAK,GAAA,EAItF,MAAMQ,EAAgBX,EAAS,KAAKI,EAAO,KAAK,EAChD,GAAI,CAACO,EACH,MAAM,IAAI,MACR,gDAAgDH,CAAU,YAAYJ,EAAO,KAAK,GAAA,EAMtFH,EAAK,SAAS,CACZ,KAAME,EAAO,KACb,MAAOA,EAAO,MACd,SAAUA,EAAO,SACjB,YAAa,CACX,OAAQO,EAAa,OACrB,MAAOA,EAAa,KAAA,EAEtB,cAAe,CACb,CACE,YAAaE,EAAAA,uBACb,OAAQC,EAAAA,OAAO,KAAKnB,CAAiB,EACrC,aAAcmB,EAAAA,OAAO,KAAKjB,CAAY,CAAA,CACxC,EAEF,eAAgBiB,EAAAA,OAAO,KAAKC,EAAAA,iBAAiB,CAAA,CAE9C,EAKDb,EAAK,SAAS,CACZ,KAAMG,EAAO,KACb,MAAOA,EAAO,MACd,SAAUA,EAAO,SACjB,YAAa,CACX,OAAQO,EAAc,OACtB,MAAOA,EAAc,KAAA,CACvB,CAED,EAGD,UAAWI,KAAUlB,EAAS,KAC5BI,EAAK,UAAU,CACb,OAAQc,EAAO,OACf,MAAOA,EAAO,KAAA,CACf,EAGH,MAAO,CACL,QAASd,EAAK,MAAA,CAAM,CAExB,CAgBO,SAASe,EACd3B,EACA4B,EACM,CACN,GAAI,CAACC,EAAAA,WAAWD,CAA4B,EAC1C,MAAM,IAAI,MAAM,qDAAqD,EAGvE,MAAME,EAAiBN,EAAAA,OAAO,KAC5BvB,EAAAA,eAAe2B,CAA4B,EAC3C,KAAA,EAEIpB,EAAWC,EAAAA,YAAY,QAAQR,EAAAA,eAAeD,CAAW,CAAC,EAEhE,GAAIQ,EAAS,KAAK,SAAW,EAC3B,MAAM,IAAI,MAAM,mCAAmC,EAOrD,GAAI,CAJkBA,EAAS,KAAK,OAAO,CAACuB,EAAKL,IAC/CA,EAAO,MAAQK,EAAI,MAAQL,EAASK,CAAA,EAGnB,OAAO,OAAOD,CAAc,EAC7C,MAAM,IAAI,MACR,4EAAA,CAGN,CAqBO,SAASE,EACdC,EACAC,EACAC,EAAa,EACL,CACR,MAAMC,EAAavB,EAAAA,KAAK,QAAQoB,CAAa,EAE7C,GAAIE,GAAcC,EAAW,KAAK,OAAO,OACvC,MAAM,IAAI,MACR,eAAeD,CAAU,kBAAkBC,EAAW,KAAK,OAAO,MAAM,UAAA,EAI5E,MAAMC,EAAQD,EAAW,KAAK,OAAOD,CAAU,EAG/C,GAAIE,EAAM,cAAgBA,EAAM,aAAa,OAAS,EAAG,CACvD,MAAMC,EAAuBhC,EAAAA,gBAAgB4B,CAAe,EAE5D,UAAWK,KAAYF,EAAM,aAC3B,GAAIE,EAAS,OAAO,OAAOf,EAAAA,OAAO,KAAKc,CAAoB,CAAC,EAC1D,OAAOE,EAAkBD,EAAS,UAAWJ,CAAU,EAI3D,MAAM,IAAI,MACR,4CAA4CD,CAAe,aAAaC,CAAU,EAAA,CAEtF,CAQA,GAAIE,EAAM,oBAAsBA,EAAM,mBAAmB,OAAS,EAAG,CACnE,MAAMI,EAAeC,EAAkBL,EAAM,kBAAkB,EAC/D,GAAII,EAAa,SAAW3C,EAC1B,MAAM,IAAI,MACR,oDAAoDqC,CAAU,cAChDrC,CAAqC,iDAC1C2C,EAAa,MAAM,EAAA,EAGhC,OAAOD,EAAkBC,EAAa,CAAC,EAAGN,CAAU,CACtD,CAEA,MAAM,IAAI,MACR,uEAAuEA,CAAU,EAAA,CAErF,CASA,SAASK,EAAkBG,EAAiBR,EAA4B,CACtE,GAAIQ,EAAI,SAAW,GACjB,OAAO1B,kBAAgB,IAAI,WAAW0B,CAAG,CAAC,EAE5C,MAAIA,EAAI,SAAW,GACX,IAAI,MACR,6BAA6BA,EAAI,EAAE,EAAE,SAAS,EAAE,EAAE,SAAS,EAAG,GAAG,CAAC,aAAaR,CAAU,6DAAA,EAIvF,IAAI,MACR,wCAAwCA,CAAU,KAAKQ,EAAI,MAAM,EAAA,CAErE,CAUA,SAASD,EAAkBE,EAA2B,CACpD,MAAMC,EAAkB,CAAA,EACxB,IAAIC,EAAS,EAEb,MAAMC,EAAgBC,GAAoB,CACxC,GAAIF,EAASE,EAAIJ,EAAQ,OACvB,MAAM,IAAI,MACR,gCAAgCI,CAAC,sBAAsBF,CAAM,UAAUF,EAAQ,OAASE,CAAM,YAAA,CAGpG,EAEMG,EAAa,IAAc,CAC/BF,EAAa,CAAC,EACd,MAAMG,EAAQN,EAAQE,GAAQ,EAC9B,GAAII,EAAQ,IAAM,OAAOA,EACzB,GAAIA,IAAU,IAAM,CAClBH,EAAa,CAAC,EACd,MAAMI,GAAOP,EAAQE,CAAM,EAAKF,EAAQE,EAAS,CAAC,GAAK,KAAQ,EAC/D,OAAAA,GAAU,EACHK,CACT,CACA,GAAID,IAAU,IAAM,CAClBH,EAAa,CAAC,EACd,MAAMI,GACHP,EAAQE,CAAM,EACZF,EAAQE,EAAS,CAAC,GAAK,EACvBF,EAAQE,EAAS,CAAC,GAAK,GACvBF,EAAQE,EAAS,CAAC,GAAK,MAC1B,EACF,OAAAA,GAAU,EACHK,CACT,CAIA,MAAM,IAAI,MACR,wEAAwEL,EAAS,CAAC,EAAA,CAEtF,EAEMM,EAAQH,EAAA,EACd,QAASI,EAAI,EAAGA,EAAID,EAAOC,IAAK,CAC9B,MAAMC,EAAML,EAAA,EACZF,EAAaO,CAAG,EAChBT,EAAM,KAAKrB,EAAAA,OAAO,KAAKoB,EAAQ,SAASE,EAAQA,EAASQ,CAAG,CAAC,CAAC,EAC9DR,GAAUQ,CACZ,CAEA,GAAIR,IAAWF,EAAQ,OACrB,MAAM,IAAI,MACR,2BAA2BA,EAAQ,OAASE,CAAM,mCAAmCM,CAAK,UAAA,EAI9F,OAAOP,CACT"}

package/dist/reservation-CHUGW0F_.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"reservation-CHUGW0F_.js","sources":["../src/tbv/core/utils/utxo/availability.ts","../src/tbv/core/utils/utxo/reservation.ts"],"sourcesContent":["/**\n * UTXO Availability Validation\n *\n * Validates that UTXOs referenced in a pre-pegin transaction are still unspent\n * BEFORE asking the user to sign. This prevents wasted signing effort when\n * UTXOs have already been spent by unrelated transactions.\n *\n * These functions are pure — they accept pre-fetched UTXOs and perform no I/O.\n * The vault service wrapper is responsible for fetching UTXOs from the mempool.\n */\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport type { UtxoRef } from \"./reservation\";\n\n/**\n * Information about a missing/spent UTXO.\n */\nexport interface MissingUtxoInfo {\n /** Transaction ID of the missing UTXO */\n txid: string;\n /** Output index of the missing UTXO */\n vout: number;\n}\n\n/**\n * Result of UTXO validation.\n */\nexport interface UtxoValidationResult {\n /** Whether all UTXOs are still available */\n allAvailable: boolean;\n /** List of missing UTXOs (if any) */\n missingUtxos: MissingUtxoInfo[];\n /** Total number of inputs checked */\n totalInputs: number;\n}\n\n/**\n * Error thrown when UTXOs are not available.\n */\nexport class UtxoNotAvailableError extends Error {\n public readonly missingUtxos: MissingUtxoInfo[];\n\n constructor(missingUtxos: MissingUtxoInfo[]) {\n const count = missingUtxos.length;\n const message =\n count === 1\n ? \"The UTXO for this peg-in is no longer available. It may have been spent in another transaction. Please create a new peg-in request with a different UTXO.\"\n : `${count} UTXOs for this peg-in are no longer available. They may have been spent. Please create a new peg-in request with different UTXOs.`;\n\n super(message);\n this.name = \"UtxoNotAvailableError\";\n this.missingUtxos = missingUtxos;\n }\n}\n\n/**\n * Extract input references (txid:vout) from an unsigned transaction.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @returns Array of input references\n */\nexport function extractInputsFromTransaction(\n unsignedTxHex: string,\n): Array<{ txid: string; vout: number }> {\n const cleanHex = unsignedTxHex.startsWith(\"0x\")\n ? unsignedTxHex.slice(2)\n : unsignedTxHex;\n\n let tx: Transaction;\n try {\n tx = Transaction.fromHex(cleanHex);\n } catch (error) {\n throw new Error(\n `Failed to parse BTC transaction: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n\n return tx.ins.map((input) => ({\n // Bitcoin stores txid in reverse byte order\n txid: Buffer.from(input.hash).reverse().toString(\"hex\"),\n vout: input.index,\n }));\n}\n\n/**\n * Validate that all UTXOs in a transaction are still available.\n *\n * Pure function — accepts pre-fetched UTXOs instead of making network calls.\n * This should be called BEFORE signing to avoid wasting user effort\n * signing a transaction that will fail to broadcast.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @returns Validation result with missing UTXO details\n */\nexport function validateUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): UtxoValidationResult {\n const inputs = extractInputsFromTransaction(unsignedTxHex);\n\n if (inputs.length === 0) {\n throw new Error(\"Transaction has no inputs\");\n }\n\n // Detect duplicate inputs (same txid:vout referenced more than once).\n // This would produce an invalid Bitcoin transaction.\n const inputKeys = new Set<string>();\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (inputKeys.has(key)) {\n throw new Error(\n `Transaction contains duplicate input ${input.txid}:${input.vout}. ` +\n `This would produce an invalid Bitcoin transaction.`,\n );\n }\n inputKeys.add(key);\n }\n\n // Create a set of available UTXOs for O(1) lookup (lowercase for consistency with reservation.ts)\n const availableSet = new Set(\n availableUtxos.map((utxo) => `${utxo.txid.toLowerCase()}:${utxo.vout}`),\n );\n\n // Check which inputs are missing\n const missingUtxos: MissingUtxoInfo[] = [];\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (!availableSet.has(key)) {\n missingUtxos.push({\n txid: input.txid,\n vout: input.vout,\n });\n }\n }\n\n return {\n allAvailable: missingUtxos.length === 0,\n missingUtxos,\n totalInputs: inputs.length,\n };\n}\n\n/**\n * Validate UTXOs and throw if any are not available.\n *\n * Pure convenience function that combines validation and error throwing.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @throws UtxoNotAvailableError if any UTXOs are not available\n * @throws Error if validation fails\n */\nexport function assertUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): void {\n const result = validateUtxosAvailable(unsignedTxHex, availableUtxos);\n\n if (!result.allAvailable) {\n throw new UtxoNotAvailableError(result.missingUtxos);\n }\n}\n","/**\n * UTXO reservation utilities for vault deposits.\n *\n * Handles tracking which UTXOs are already in use by pending deposits\n * and selecting available UTXOs with smart fallback logic.\n */\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport { stripHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { ContractStatus } from \"../../services/deposit/peginState\";\nimport {\n FEE_SAFETY_MARGIN,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/** A txid:vout pair uniquely identifying a UTXO (outpoint). */\nexport interface UtxoRef {\n txid: string;\n vout: number;\n}\n\n/** Narrow structural type for pending pegin data. */\nexport interface PendingPeginLike {\n /**\n * Optional vault id. When present, used to skip pending pegins that are\n * already indexed on-chain so the canonical vault copy wins over a\n * tamperable off-chain entry.\n */\n id?: string;\n selectedUTXOs?: Array<{ txid: string; vout: number }>;\n unsignedTxHex?: string;\n}\n\n/** Narrow structural type for vault data. */\nexport interface VaultLike {\n /**\n * Optional vault id. When present, enables on-chain correlation with\n * pending pegins sharing the same id.\n */\n id?: string;\n status: number;\n unsignedPrePeginTx: string;\n}\n\nexport interface SelectUtxosForDepositParams<\n T extends { txid: string; vout: number; value: number },\n> {\n /** All available UTXOs from the wallet. */\n availableUtxos: T[];\n /** UTXOs that are reserved/in-flight and should be avoided if possible. */\n reservedUtxoRefs: UtxoRef[];\n /** Required deposit amount in satoshis (excluding fees). */\n requiredAmount: bigint;\n /** Fee rate in sat/vB. Used to estimate fee buffer for sufficiency check. */\n feeRate: number;\n}\n\n/** Narrow structural type for early UTXO reservations (pre-ETH-registration). */\nexport interface UtxoReservationLike {\n unsignedTxHex: string;\n}\n\nexport interface CollectReservedUtxoRefsParams {\n vaults?: VaultLike[];\n pendingPegins?: PendingPeginLike[];\n utxoReservations?: UtxoReservationLike[];\n}\n\n// ============================================================================\n// Internal Helpers\n// ============================================================================\n\n/**\n * Parse a transaction hex and return the UTXO references of all inputs.\n *\n * Parse failures are logged and yield no refs. A malformed hex from an\n * untrusted source (e.g. off-chain storage) must not silently collapse the\n * reservation set — logging makes tampering visible in telemetry instead\n * of swallowing the error.\n */\nfunction extractInputUtxoRefs(txHex: string): UtxoRef[] {\n try {\n const tx = Transaction.fromHex(stripHexPrefix(txHex));\n return tx.ins.map((input) => {\n const txid = Buffer.from(input.hash).reverse().toString(\"hex\");\n return { txid, vout: input.index };\n });\n } catch (error) {\n console.warn(\n \"[utxoReservation] Failed to parse transaction hex; skipping inputs\",\n {\n category: \"utxoReservation\",\n error: error instanceof Error ? error.message : String(error),\n },\n );\n return [];\n }\n}\n\n/** Check if a UTXO matches any reserved ref (case-insensitive txid comparison). */\nfunction isUtxoReserved(\n utxo: { txid: string; vout: number },\n reservedRefs: UtxoRef[],\n): boolean {\n const txidLower = utxo.txid.toLowerCase();\n return reservedRefs.some(\n (ref) => ref.txid.toLowerCase() === txidLower && ref.vout === utxo.vout,\n );\n}\n\n/**\n * Estimate minimum fee buffer for UTXO pre-selection.\n *\n * WARNING: This is a ROUGH ESTIMATE used only to check if unreserved UTXOs\n * are likely sufficient BEFORE the actual signing flow begins. The actual\n * fee calculation happens in the SDK's `selectUtxosForPegin` during signing.\n *\n * Assumptions:\n * - 2 inputs (conservative estimate for most deposits)\n * - 1 vault output (P2TR, 43 vBytes)\n * - 1 change output (P2TR, 43 vBytes)\n * - Transaction overhead (11 vBytes)\n * - 10% safety margin\n */\nfunction estimateMinimumFeeBuffer(feeRate: number): bigint {\n const ASSUMED_INPUTS = 2;\n\n const estimatedTxSize =\n ASSUMED_INPUTS * P2TR_INPUT_SIZE +\n MAX_NON_LEGACY_OUTPUT_SIZE + // vault output\n MAX_NON_LEGACY_OUTPUT_SIZE + // change output\n TX_BUFFER_SIZE_OVERHEAD;\n\n const estimatedFee = Math.ceil(estimatedTxSize * feeRate * FEE_SAFETY_MARGIN);\n return BigInt(estimatedFee);\n}\n\n// ============================================================================\n// Public API\n// ============================================================================\n\n/**\n * Collect UTXO refs from in-flight deposits (PENDING/VERIFIED vaults and\n * pending pegins).\n *\n * On-chain vault data is canonical: for any pending pegin whose `id` matches\n * an indexed on-chain vault, the pending-pegin copy is ignored entirely —\n * the `vaults` branch below extracts refs from the indexer-supplied\n * `unsignedPrePeginTx` so tampered off-chain data cannot poison the\n * reservation set once the vault is indexed.\n *\n * For pegins not yet indexed, refs are derived from the stored\n * `unsignedTxHex` only. The `selectedUTXOs` sidecar is NOT used for\n * reservation: if it disagreed with the transaction's inputs (e.g. because\n * the off-chain source was tampered), trusting it would poison the reserved\n * set. The transaction hex must be validated at the source boundary before\n * being handed to this function; parsing and using its inputs is the single\n * source of truth here.\n */\nexport function collectReservedUtxoRefs(\n params: CollectReservedUtxoRefsParams,\n): UtxoRef[] {\n const reserved: UtxoRef[] = [];\n const {\n vaults = [],\n pendingPegins = [],\n utxoReservations = [],\n } = params;\n\n const onChainVaultIds = new Set(\n vaults\n .map((v) => v.id?.toLowerCase())\n .filter((id): id is string => id !== undefined),\n );\n\n for (const pending of pendingPegins) {\n if (pending.id && onChainVaultIds.has(pending.id.toLowerCase())) {\n continue;\n }\n if (pending.unsignedTxHex) {\n reserved.push(...extractInputUtxoRefs(pending.unsignedTxHex));\n }\n }\n\n for (const vault of vaults) {\n if (\n vault.status !== ContractStatus.PENDING &&\n vault.status !== ContractStatus.VERIFIED\n ) {\n continue;\n }\n reserved.push(...extractInputUtxoRefs(vault.unsignedPrePeginTx));\n }\n\n // Early reservations written before ETH registration to prevent cross-tab\n // UTXO conflicts. These are cleaned up when the deposit completes or fails.\n for (const reservation of utxoReservations) {\n reserved.push(...extractInputUtxoRefs(reservation.unsignedTxHex));\n }\n\n return reserved;\n}\n\n/**\n * Select UTXOs for a deposit, filtering out reserved ones.\n *\n * Logic:\n * 1. Filter out reserved UTXOs from the available pool\n * 2. If unreserved UTXOs are sufficient for the required amount + estimated fee, return them\n * 3. Otherwise, throw — never silently reuse reserved UTXOs, as this risks double-spend\n * failures that strand registered-but-unbroadcastable vaults\n *\n * @param params - Selection parameters\n * @returns Array of unreserved UTXOs to use for the deposit\n * @throws When all UTXOs are reserved or unreserved UTXOs are insufficient\n */\nexport function selectUtxosForDeposit<\n T extends { txid: string; vout: number; value: number },\n>(params: SelectUtxosForDepositParams<T>): T[] {\n const { availableUtxos, reservedUtxoRefs, requiredAmount, feeRate } = params;\n\n // Edge case: no UTXOs available\n if (!availableUtxos || availableUtxos.length === 0) {\n return [];\n }\n\n // Edge case: no reservations, return all\n if (reservedUtxoRefs.length === 0) {\n return availableUtxos;\n }\n\n // Filter out reserved UTXOs\n const unreserved = availableUtxos.filter(\n (utxo) => !isUtxoReserved(utxo, reservedUtxoRefs),\n );\n\n if (unreserved.length === 0) {\n throw new Error(\n \"All available UTXOs are reserved by pending deposits. \" +\n \"Wait for pending deposits to confirm or cancel them before starting a new deposit.\",\n );\n }\n\n const feeBuffer = estimateMinimumFeeBuffer(feeRate);\n const totalRequired = requiredAmount + feeBuffer;\n const unreservedTotal = unreserved.reduce(\n (sum, u) => sum + BigInt(u.value),\n 0n,\n );\n if (unreservedTotal < totalRequired) {\n throw new Error(\n \"Insufficient unreserved UTXOs for this deposit amount. \" +\n \"Wait for pending deposits to confirm or cancel them.\",\n );\n }\n\n return unreserved;\n}\n"],"names":["UtxoNotAvailableError","missingUtxos","count","message","__publicField","extractInputsFromTransaction","unsignedTxHex","cleanHex","tx","Transaction","error","input","Buffer","validateUtxosAvailable","availableUtxos","inputs","inputKeys","key","availableSet","utxo","assertUtxosAvailable","result","extractInputUtxoRefs","txHex","stripHexPrefix","isUtxoReserved","reservedRefs","txidLower","ref","estimateMinimumFeeBuffer","feeRate","estimatedTxSize","P2TR_INPUT_SIZE","MAX_NON_LEGACY_OUTPUT_SIZE","TX_BUFFER_SIZE_OVERHEAD","estimatedFee","FEE_SAFETY_MARGIN","collectReservedUtxoRefs","params","reserved","vaults","pendingPegins","utxoReservations","onChainVaultIds","v","_a","id","pending","vault","ContractStatus","reservation","selectUtxosForDeposit","reservedUtxoRefs","requiredAmount","unreserved","feeBuffer","totalRequired","sum","u"],"mappings":";;;;;;;;AAyCO,MAAMA,UAA8B,MAAM;AAAA,EAG/C,YAAYC,GAAiC;AAC3C,UAAMC,IAAQD,EAAa,QACrBE,IACJD,MAAU,IACN,8JACA,GAAGA,CAAK;AAEd,UAAMC,CAAO;AATC,IAAAC,EAAA;AAUd,SAAK,OAAO,yBACZ,KAAK,eAAeH;AAAA,EACtB;AACF;AAQO,SAASI,EACdC,GACuC;AACvC,QAAMC,IAAWD,EAAc,WAAW,IAAI,IAC1CA,EAAc,MAAM,CAAC,IACrBA;AAEJ,MAAIE;AACJ,MAAI;AACF,IAAAA,IAAKC,EAAY,QAAQF,CAAQ;AAAA,EACnC,SAASG,GAAO;AACd,UAAM,IAAI;AAAA,MACR,oCAAoCA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK,CAAC;AAAA,IAAA;AAAA,EAE9F;AAEA,SAAOF,EAAG,IAAI,IAAI,CAACG,OAAW;AAAA;AAAA,IAE5B,MAAMC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK;AAAA,IACtD,MAAMA,EAAM;AAAA,EAAA,EACZ;AACJ;AAaO,SAASE,EACdP,GACAQ,GACsB;AACtB,QAAMC,IAASV,EAA6BC,CAAa;AAEzD,MAAIS,EAAO,WAAW;AACpB,UAAM,IAAI,MAAM,2BAA2B;AAK7C,QAAMC,wBAAgB,IAAA;AACtB,aAAWL,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,QAAIK,EAAU,IAAIC,CAAG;AACnB,YAAM,IAAI;AAAA,QACR,wCAAwCN,EAAM,IAAI,IAAIA,EAAM,IAAI;AAAA,MAAA;AAIpE,IAAAK,EAAU,IAAIC,CAAG;AAAA,EACnB;AAGA,QAAMC,IAAe,IAAI;AAAA,IACvBJ,EAAe,IAAI,CAACK,MAAS,GAAGA,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI,EAAE;AAAA,EAAA,GAIlElB,IAAkC,CAAA;AACxC,aAAWU,KAASI,GAAQ;AAC1B,UAAME,IAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI;AACrD,IAAKO,EAAa,IAAID,CAAG,KACvBhB,EAAa,KAAK;AAAA,MAChB,MAAMU,EAAM;AAAA,MACZ,MAAMA,EAAM;AAAA,IAAA,CACb;AAAA,EAEL;AAEA,SAAO;AAAA,IACL,cAAcV,EAAa,WAAW;AAAA,IACtC,cAAAA;AAAA,IACA,aAAac,EAAO;AAAA,EAAA;AAExB;AAYO,SAASK,EACdd,GACAQ,GACM;AACN,QAAMO,IAASR,EAAuBP,GAAeQ,CAAc;AAEnE,MAAI,CAACO,EAAO;AACV,UAAM,IAAIrB,EAAsBqB,EAAO,YAAY;AAEvD;AC5EA,SAASC,EAAqBC,GAA0B;AACtD,MAAI;AAEF,WADWd,EAAY,QAAQe,EAAeD,CAAK,CAAC,EAC1C,IAAI,IAAI,CAACZ,OAEV,EAAE,MADIC,EAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK,GAC9C,MAAMA,EAAM,MAAA,EAC5B;AAAA,EACH,SAASD,GAAO;AACd,mBAAQ;AAAA,MACN;AAAA,MACA;AAAA,QACE,UAAU;AAAA,QACV,OAAOA,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK;AAAA,MAAA;AAAA,IAC9D,GAEK,CAAA;AAAA,EACT;AACF;AAGA,SAASe,EACPN,GACAO,GACS;AACT,QAAMC,IAAYR,EAAK,KAAK,YAAA;AAC5B,SAAOO,EAAa;AAAA,IAClB,CAACE,MAAQA,EAAI,KAAK,kBAAkBD,KAAaC,EAAI,SAAST,EAAK;AAAA,EAAA;AAEvE;AAgBA,SAASU,EAAyBC,GAAyB;AAGzD,QAAMC,IACJ,IAAiBC,IACjBC;AAAA,EACAA;AAAA,EACAC,GAEIC,IAAe,KAAK,KAAKJ,IAAkBD,IAAUM,CAAiB;AAC5E,SAAO,OAAOD,CAAY;AAC5B;AAwBO,SAASE,EACdC,GACW;AACX,QAAMC,IAAsB,CAAA,GACtB;AAAA,IACJ,QAAAC,IAAS,CAAA;AAAA,IACT,eAAAC,IAAgB,CAAA;AAAA,IAChB,kBAAAC,IAAmB,CAAA;AAAA,EAAC,IAClBJ,GAEEK,IAAkB,IAAI;AAAA,IAC1BH,EACG,IAAI,CAACI,MAAA;;AAAM,cAAAC,IAAAD,EAAE,OAAF,gBAAAC,EAAM;AAAA,KAAa,EAC9B,OAAO,CAACC,MAAqBA,MAAO,MAAS;AAAA,EAAA;AAGlD,aAAWC,KAAWN;AACpB,IAAIM,EAAQ,MAAMJ,EAAgB,IAAII,EAAQ,GAAG,YAAA,CAAa,KAG1DA,EAAQ,iBACVR,EAAS,KAAK,GAAGjB,EAAqByB,EAAQ,aAAa,CAAC;AAIhE,aAAWC,KAASR;AAClB,IACEQ,EAAM,WAAWC,EAAe,WAChCD,EAAM,WAAWC,EAAe,YAIlCV,EAAS,KAAK,GAAGjB,EAAqB0B,EAAM,kBAAkB,CAAC;AAKjE,aAAWE,KAAeR;AACxB,IAAAH,EAAS,KAAK,GAAGjB,EAAqB4B,EAAY,aAAa,CAAC;AAGlE,SAAOX;AACT;AAeO,SAASY,EAEdb,GAA6C;AAC7C,QAAM,EAAE,gBAAAxB,GAAgB,kBAAAsC,GAAkB,gBAAAC,GAAgB,SAAAvB,MAAYQ;AAGtE,MAAI,CAACxB,KAAkBA,EAAe,WAAW;AAC/C,WAAO,CAAA;AAIT,MAAIsC,EAAiB,WAAW;AAC9B,WAAOtC;AAIT,QAAMwC,IAAaxC,EAAe;AAAA,IAChC,CAACK,MAAS,CAACM,EAAeN,GAAMiC,CAAgB;AAAA,EAAA;AAGlD,MAAIE,EAAW,WAAW;AACxB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,QAAMC,IAAY1B,EAAyBC,CAAO,GAC5C0B,IAAgBH,IAAiBE;AAKvC,MAJwBD,EAAW;AAAA,IACjC,CAACG,GAAKC,MAAMD,IAAM,OAAOC,EAAE,KAAK;AAAA,IAChC;AAAA,EAAA,IAEoBF;AACpB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKJ,SAAOF;AACT;"}

package/dist/reservation-ho7mjW3X.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";var T=Object.defineProperty;var m=(o,e,t)=>e in o?T(o,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):o[e]=t;var f=(o,e,t)=>m(o,typeof e!="symbol"?e+"":e,t);const x=require("bitcoinjs-lib"),v=require("buffer"),w=require("./bitcoin-B3aqjuMP.cjs"),d=require("./peginState-BijNNT15.cjs"),c=require("./fundPeginTransaction-DaWoYCgO.cjs");class h extends Error{constructor(t){const r=t.length,a=r===1?"The UTXO for this peg-in is no longer available. It may have been spent in another transaction. Please create a new peg-in request with a different UTXO.":`${r} UTXOs for this peg-in are no longer available. They may have been spent. Please create a new peg-in request with different UTXOs.`;super(a);f(this,"missingUtxos");this.name="UtxoNotAvailableError",this.missingUtxos=t}}function p(o){const e=o.startsWith("0x")?o.slice(2):o;let t;try{t=x.Transaction.fromHex(e)}catch(r){throw new Error(`Failed to parse BTC transaction: ${r instanceof Error?r.message:String(r)}`)}return t.ins.map(r=>({txid:v.Buffer.from(r.hash).reverse().toString("hex"),vout:r.index}))}function g(o,e){const t=p(o);if(t.length===0)throw new Error("Transaction has no inputs");const r=new Set;for(const n of t){const i=`${n.txid.toLowerCase()}:${n.vout}`;if(r.has(i))throw new Error(`Transaction contains duplicate input ${n.txid}:${n.vout}. This would produce an invalid Bitcoin transaction.`);r.add(i)}const a=new Set(e.map(n=>`${n.txid.toLowerCase()}:${n.vout}`)),s=[];for(const n of t){const i=`${n.txid.toLowerCase()}:${n.vout}`;a.has(i)\|\|s.push({txid:n.txid,vout:n.vout})}return{allAvailable:s.length===0,missingUtxos:s,totalInputs:t.length}}function E(o,e){const t=g(o,e);if(!t.allAvailable)throw new h(t.missingUtxos)}function l(o){try{return x.Transaction.fromHex(w.stripHexPrefix(o)).ins.map(t=>({txid:v.Buffer.from(t.hash).reverse().toString("hex"),vout:t.index}))}catch(e){return console.warn("[utxoReservation] Failed to parse transaction hex; skipping inputs",{category:"utxoReservation",error:e instanceof Error?e.message:String(e)}),[]}}function S(o,e){const t=o.txid.toLowerCase();return e.some(r=>r.txid.toLowerCase()===t&&r.vout===o.vout)}function b(o){const t=2c.P2TR_INPUT_SIZE+c.MAX_NON_LEGACY_OUTPUT_SIZE+c.MAX_NON_LEGACY_OUTPUT_SIZE+c.TX_BUFFER_SIZE_OVERHEAD,r=Math.ceil(to*c.FEE_SAFETY_MARGIN);return BigInt(r)}function A(o){const e=[],{vaults:t=[],pendingPegins:r=[],utxoReservations:a=[]}=o,s=new Set(t.map(n=>{var i;return(i=n.id)==null?void 0:i.toLowerCase()}).filter(n=>n!==void 0));for(const n of r)n.id&&s.has(n.id.toLowerCase())\|\|n.unsignedTxHex&&e.push(...l(n.unsignedTxHex));for(const n of t)n.status!==d.ContractStatus.PENDING&&n.status!==d.ContractStatus.VERIFIED\|\|e.push(...l(n.unsignedPrePeginTx));for(const n of a)e.push(...l(n.unsignedTxHex));return e}function I(o){const{availableUtxos:e,reservedUtxoRefs:t,requiredAmount:r,feeRate:a}=o;if(!e\|\|e.length===0)return[];if(t.length===0)return e;const s=e.filter(u=>!S(u,t));if(s.length===0)throw new Error("All available UTXOs are reserved by pending deposits. Wait for pending deposits to confirm or cancel them before starting a new deposit.");const n=b(a),i=r+n;if(s.reduce((u,U)=>u+BigInt(U.value),0n)<i)throw new Error("Insufficient unreserved UTXOs for this deposit amount. Wait for pending deposits to confirm or cancel them.");return s}exports.UtxoNotAvailableError=h;exports.assertUtxosAvailable=E;exports.collectReservedUtxoRefs=A;exports.extractInputsFromTransaction=p;exports.selectUtxosForDeposit=I;exports.validateUtxosAvailable=g;
2	- //# sourceMappingURL=reservation-ho7mjW3X.cjs.map

package/dist/reservation-ho7mjW3X.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"reservation-ho7mjW3X.cjs","sources":["../src/tbv/core/utils/utxo/availability.ts","../src/tbv/core/utils/utxo/reservation.ts"],"sourcesContent":["/**\n * UTXO Availability Validation\n *\n * Validates that UTXOs referenced in a pre-pegin transaction are still unspent\n * BEFORE asking the user to sign. This prevents wasted signing effort when\n * UTXOs have already been spent by unrelated transactions.\n *\n * These functions are pure — they accept pre-fetched UTXOs and perform no I/O.\n * The vault service wrapper is responsible for fetching UTXOs from the mempool.\n */\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport type { UtxoRef } from \"./reservation\";\n\n/**\n * Information about a missing/spent UTXO.\n */\nexport interface MissingUtxoInfo {\n /** Transaction ID of the missing UTXO */\n txid: string;\n /** Output index of the missing UTXO */\n vout: number;\n}\n\n/**\n * Result of UTXO validation.\n */\nexport interface UtxoValidationResult {\n /** Whether all UTXOs are still available */\n allAvailable: boolean;\n /** List of missing UTXOs (if any) */\n missingUtxos: MissingUtxoInfo[];\n /** Total number of inputs checked */\n totalInputs: number;\n}\n\n/**\n * Error thrown when UTXOs are not available.\n */\nexport class UtxoNotAvailableError extends Error {\n public readonly missingUtxos: MissingUtxoInfo[];\n\n constructor(missingUtxos: MissingUtxoInfo[]) {\n const count = missingUtxos.length;\n const message =\n count === 1\n ? \"The UTXO for this peg-in is no longer available. It may have been spent in another transaction. Please create a new peg-in request with a different UTXO.\"\n : `${count} UTXOs for this peg-in are no longer available. They may have been spent. Please create a new peg-in request with different UTXOs.`;\n\n super(message);\n this.name = \"UtxoNotAvailableError\";\n this.missingUtxos = missingUtxos;\n }\n}\n\n/**\n * Extract input references (txid:vout) from an unsigned transaction.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @returns Array of input references\n */\nexport function extractInputsFromTransaction(\n unsignedTxHex: string,\n): Array<{ txid: string; vout: number }> {\n const cleanHex = unsignedTxHex.startsWith(\"0x\")\n ? unsignedTxHex.slice(2)\n : unsignedTxHex;\n\n let tx: Transaction;\n try {\n tx = Transaction.fromHex(cleanHex);\n } catch (error) {\n throw new Error(\n `Failed to parse BTC transaction: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n\n return tx.ins.map((input) => ({\n // Bitcoin stores txid in reverse byte order\n txid: Buffer.from(input.hash).reverse().toString(\"hex\"),\n vout: input.index,\n }));\n}\n\n/**\n * Validate that all UTXOs in a transaction are still available.\n *\n * Pure function — accepts pre-fetched UTXOs instead of making network calls.\n * This should be called BEFORE signing to avoid wasting user effort\n * signing a transaction that will fail to broadcast.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @returns Validation result with missing UTXO details\n */\nexport function validateUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): UtxoValidationResult {\n const inputs = extractInputsFromTransaction(unsignedTxHex);\n\n if (inputs.length === 0) {\n throw new Error(\"Transaction has no inputs\");\n }\n\n // Detect duplicate inputs (same txid:vout referenced more than once).\n // This would produce an invalid Bitcoin transaction.\n const inputKeys = new Set<string>();\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (inputKeys.has(key)) {\n throw new Error(\n `Transaction contains duplicate input ${input.txid}:${input.vout}. ` +\n `This would produce an invalid Bitcoin transaction.`,\n );\n }\n inputKeys.add(key);\n }\n\n // Create a set of available UTXOs for O(1) lookup (lowercase for consistency with reservation.ts)\n const availableSet = new Set(\n availableUtxos.map((utxo) => `${utxo.txid.toLowerCase()}:${utxo.vout}`),\n );\n\n // Check which inputs are missing\n const missingUtxos: MissingUtxoInfo[] = [];\n for (const input of inputs) {\n const key = `${input.txid.toLowerCase()}:${input.vout}`;\n if (!availableSet.has(key)) {\n missingUtxos.push({\n txid: input.txid,\n vout: input.vout,\n });\n }\n }\n\n return {\n allAvailable: missingUtxos.length === 0,\n missingUtxos,\n totalInputs: inputs.length,\n };\n}\n\n/**\n * Validate UTXOs and throw if any are not available.\n *\n * Pure convenience function that combines validation and error throwing.\n *\n * @param unsignedTxHex - Unsigned transaction hex\n * @param availableUtxos - Pre-fetched list of available UTXOs for the depositor\n * @throws UtxoNotAvailableError if any UTXOs are not available\n * @throws Error if validation fails\n */\nexport function assertUtxosAvailable(\n unsignedTxHex: string,\n availableUtxos: UtxoRef[],\n): void {\n const result = validateUtxosAvailable(unsignedTxHex, availableUtxos);\n\n if (!result.allAvailable) {\n throw new UtxoNotAvailableError(result.missingUtxos);\n }\n}\n","/**\n * UTXO reservation utilities for vault deposits.\n *\n * Handles tracking which UTXOs are already in use by pending deposits\n * and selecting available UTXOs with smart fallback logic.\n */\n\nimport { Transaction } from \"bitcoinjs-lib\";\nimport { Buffer } from \"buffer\";\n\nimport { stripHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { ContractStatus } from \"../../services/deposit/peginState\";\nimport {\n FEE_SAFETY_MARGIN,\n MAX_NON_LEGACY_OUTPUT_SIZE,\n P2TR_INPUT_SIZE,\n TX_BUFFER_SIZE_OVERHEAD,\n} from \"../fee/constants\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/** A txid:vout pair uniquely identifying a UTXO (outpoint). */\nexport interface UtxoRef {\n txid: string;\n vout: number;\n}\n\n/** Narrow structural type for pending pegin data. */\nexport interface PendingPeginLike {\n /**\n * Optional vault id. When present, used to skip pending pegins that are\n * already indexed on-chain so the canonical vault copy wins over a\n * tamperable off-chain entry.\n */\n id?: string;\n selectedUTXOs?: Array<{ txid: string; vout: number }>;\n unsignedTxHex?: string;\n}\n\n/** Narrow structural type for vault data. */\nexport interface VaultLike {\n /**\n * Optional vault id. When present, enables on-chain correlation with\n * pending pegins sharing the same id.\n */\n id?: string;\n status: number;\n unsignedPrePeginTx: string;\n}\n\nexport interface SelectUtxosForDepositParams<\n T extends { txid: string; vout: number; value: number },\n> {\n /** All available UTXOs from the wallet. */\n availableUtxos: T[];\n /** UTXOs that are reserved/in-flight and should be avoided if possible. */\n reservedUtxoRefs: UtxoRef[];\n /** Required deposit amount in satoshis (excluding fees). */\n requiredAmount: bigint;\n /** Fee rate in sat/vB. Used to estimate fee buffer for sufficiency check. */\n feeRate: number;\n}\n\n/** Narrow structural type for early UTXO reservations (pre-ETH-registration). */\nexport interface UtxoReservationLike {\n unsignedTxHex: string;\n}\n\nexport interface CollectReservedUtxoRefsParams {\n vaults?: VaultLike[];\n pendingPegins?: PendingPeginLike[];\n utxoReservations?: UtxoReservationLike[];\n}\n\n// ============================================================================\n// Internal Helpers\n// ============================================================================\n\n/**\n * Parse a transaction hex and return the UTXO references of all inputs.\n *\n * Parse failures are logged and yield no refs. A malformed hex from an\n * untrusted source (e.g. off-chain storage) must not silently collapse the\n * reservation set — logging makes tampering visible in telemetry instead\n * of swallowing the error.\n */\nfunction extractInputUtxoRefs(txHex: string): UtxoRef[] {\n try {\n const tx = Transaction.fromHex(stripHexPrefix(txHex));\n return tx.ins.map((input) => {\n const txid = Buffer.from(input.hash).reverse().toString(\"hex\");\n return { txid, vout: input.index };\n });\n } catch (error) {\n console.warn(\n \"[utxoReservation] Failed to parse transaction hex; skipping inputs\",\n {\n category: \"utxoReservation\",\n error: error instanceof Error ? error.message : String(error),\n },\n );\n return [];\n }\n}\n\n/** Check if a UTXO matches any reserved ref (case-insensitive txid comparison). */\nfunction isUtxoReserved(\n utxo: { txid: string; vout: number },\n reservedRefs: UtxoRef[],\n): boolean {\n const txidLower = utxo.txid.toLowerCase();\n return reservedRefs.some(\n (ref) => ref.txid.toLowerCase() === txidLower && ref.vout === utxo.vout,\n );\n}\n\n/**\n * Estimate minimum fee buffer for UTXO pre-selection.\n *\n * WARNING: This is a ROUGH ESTIMATE used only to check if unreserved UTXOs\n * are likely sufficient BEFORE the actual signing flow begins. The actual\n * fee calculation happens in the SDK's `selectUtxosForPegin` during signing.\n *\n * Assumptions:\n * - 2 inputs (conservative estimate for most deposits)\n * - 1 vault output (P2TR, 43 vBytes)\n * - 1 change output (P2TR, 43 vBytes)\n * - Transaction overhead (11 vBytes)\n * - 10% safety margin\n */\nfunction estimateMinimumFeeBuffer(feeRate: number): bigint {\n const ASSUMED_INPUTS = 2;\n\n const estimatedTxSize =\n ASSUMED_INPUTS * P2TR_INPUT_SIZE +\n MAX_NON_LEGACY_OUTPUT_SIZE + // vault output\n MAX_NON_LEGACY_OUTPUT_SIZE + // change output\n TX_BUFFER_SIZE_OVERHEAD;\n\n const estimatedFee = Math.ceil(estimatedTxSize * feeRate * FEE_SAFETY_MARGIN);\n return BigInt(estimatedFee);\n}\n\n// ============================================================================\n// Public API\n// ============================================================================\n\n/**\n * Collect UTXO refs from in-flight deposits (PENDING/VERIFIED vaults and\n * pending pegins).\n *\n * On-chain vault data is canonical: for any pending pegin whose `id` matches\n * an indexed on-chain vault, the pending-pegin copy is ignored entirely —\n * the `vaults` branch below extracts refs from the indexer-supplied\n * `unsignedPrePeginTx` so tampered off-chain data cannot poison the\n * reservation set once the vault is indexed.\n *\n * For pegins not yet indexed, refs are derived from the stored\n * `unsignedTxHex` only. The `selectedUTXOs` sidecar is NOT used for\n * reservation: if it disagreed with the transaction's inputs (e.g. because\n * the off-chain source was tampered), trusting it would poison the reserved\n * set. The transaction hex must be validated at the source boundary before\n * being handed to this function; parsing and using its inputs is the single\n * source of truth here.\n */\nexport function collectReservedUtxoRefs(\n params: CollectReservedUtxoRefsParams,\n): UtxoRef[] {\n const reserved: UtxoRef[] = [];\n const {\n vaults = [],\n pendingPegins = [],\n utxoReservations = [],\n } = params;\n\n const onChainVaultIds = new Set(\n vaults\n .map((v) => v.id?.toLowerCase())\n .filter((id): id is string => id !== undefined),\n );\n\n for (const pending of pendingPegins) {\n if (pending.id && onChainVaultIds.has(pending.id.toLowerCase())) {\n continue;\n }\n if (pending.unsignedTxHex) {\n reserved.push(...extractInputUtxoRefs(pending.unsignedTxHex));\n }\n }\n\n for (const vault of vaults) {\n if (\n vault.status !== ContractStatus.PENDING &&\n vault.status !== ContractStatus.VERIFIED\n ) {\n continue;\n }\n reserved.push(...extractInputUtxoRefs(vault.unsignedPrePeginTx));\n }\n\n // Early reservations written before ETH registration to prevent cross-tab\n // UTXO conflicts. These are cleaned up when the deposit completes or fails.\n for (const reservation of utxoReservations) {\n reserved.push(...extractInputUtxoRefs(reservation.unsignedTxHex));\n }\n\n return reserved;\n}\n\n/**\n * Select UTXOs for a deposit, filtering out reserved ones.\n *\n * Logic:\n * 1. Filter out reserved UTXOs from the available pool\n * 2. If unreserved UTXOs are sufficient for the required amount + estimated fee, return them\n * 3. Otherwise, throw — never silently reuse reserved UTXOs, as this risks double-spend\n * failures that strand registered-but-unbroadcastable vaults\n *\n * @param params - Selection parameters\n * @returns Array of unreserved UTXOs to use for the deposit\n * @throws When all UTXOs are reserved or unreserved UTXOs are insufficient\n */\nexport function selectUtxosForDeposit<\n T extends { txid: string; vout: number; value: number },\n>(params: SelectUtxosForDepositParams<T>): T[] {\n const { availableUtxos, reservedUtxoRefs, requiredAmount, feeRate } = params;\n\n // Edge case: no UTXOs available\n if (!availableUtxos || availableUtxos.length === 0) {\n return [];\n }\n\n // Edge case: no reservations, return all\n if (reservedUtxoRefs.length === 0) {\n return availableUtxos;\n }\n\n // Filter out reserved UTXOs\n const unreserved = availableUtxos.filter(\n (utxo) => !isUtxoReserved(utxo, reservedUtxoRefs),\n );\n\n if (unreserved.length === 0) {\n throw new Error(\n \"All available UTXOs are reserved by pending deposits. \" +\n \"Wait for pending deposits to confirm or cancel them before starting a new deposit.\",\n );\n }\n\n const feeBuffer = estimateMinimumFeeBuffer(feeRate);\n const totalRequired = requiredAmount + feeBuffer;\n const unreservedTotal = unreserved.reduce(\n (sum, u) => sum + BigInt(u.value),\n 0n,\n );\n if (unreservedTotal < totalRequired) {\n throw new Error(\n \"Insufficient unreserved UTXOs for this deposit amount. \" +\n \"Wait for pending deposits to confirm or cancel them.\",\n );\n }\n\n return unreserved;\n}\n"],"names":["UtxoNotAvailableError","missingUtxos","count","message","__publicField","extractInputsFromTransaction","unsignedTxHex","cleanHex","tx","Transaction","error","input","Buffer","validateUtxosAvailable","availableUtxos","inputs","inputKeys","key","availableSet","utxo","assertUtxosAvailable","result","extractInputUtxoRefs","txHex","stripHexPrefix","isUtxoReserved","reservedRefs","txidLower","ref","estimateMinimumFeeBuffer","feeRate","estimatedTxSize","P2TR_INPUT_SIZE","MAX_NON_LEGACY_OUTPUT_SIZE","TX_BUFFER_SIZE_OVERHEAD","estimatedFee","FEE_SAFETY_MARGIN","collectReservedUtxoRefs","params","reserved","vaults","pendingPegins","utxoReservations","onChainVaultIds","v","_a","id","pending","vault","ContractStatus","reservation","selectUtxosForDeposit","reservedUtxoRefs","requiredAmount","unreserved","feeBuffer","totalRequired","sum","u"],"mappings":"kWAyCO,MAAMA,UAA8B,KAAM,CAG/C,YAAYC,EAAiC,CAC3C,MAAMC,EAAQD,EAAa,OACrBE,EACJD,IAAU,EACN,4JACA,GAAGA,CAAK,qIAEd,MAAMC,CAAO,EATCC,EAAA,qBAUd,KAAK,KAAO,wBACZ,KAAK,aAAeH,CACtB,CACF,CAQO,SAASI,EACdC,EACuC,CACvC,MAAMC,EAAWD,EAAc,WAAW,IAAI,EAC1CA,EAAc,MAAM,CAAC,EACrBA,EAEJ,IAAIE,EACJ,GAAI,CACFA,EAAKC,EAAAA,YAAY,QAAQF,CAAQ,CACnC,OAASG,EAAO,CACd,MAAM,IAAI,MACR,oCAAoCA,aAAiB,MAAQA,EAAM,QAAU,OAAOA,CAAK,CAAC,EAAA,CAE9F,CAEA,OAAOF,EAAG,IAAI,IAAKG,IAAW,CAE5B,KAAMC,EAAAA,OAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK,EACtD,KAAMA,EAAM,KAAA,EACZ,CACJ,CAaO,SAASE,EACdP,EACAQ,EACsB,CACtB,MAAMC,EAASV,EAA6BC,CAAa,EAEzD,GAAIS,EAAO,SAAW,EACpB,MAAM,IAAI,MAAM,2BAA2B,EAK7C,MAAMC,MAAgB,IACtB,UAAWL,KAASI,EAAQ,CAC1B,MAAME,EAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI,GACrD,GAAIK,EAAU,IAAIC,CAAG,EACnB,MAAM,IAAI,MACR,wCAAwCN,EAAM,IAAI,IAAIA,EAAM,IAAI,sDAAA,EAIpEK,EAAU,IAAIC,CAAG,CACnB,CAGA,MAAMC,EAAe,IAAI,IACvBJ,EAAe,IAAKK,GAAS,GAAGA,EAAK,KAAK,aAAa,IAAIA,EAAK,IAAI,EAAE,CAAA,EAIlElB,EAAkC,CAAA,EACxC,UAAWU,KAASI,EAAQ,CAC1B,MAAME,EAAM,GAAGN,EAAM,KAAK,aAAa,IAAIA,EAAM,IAAI,GAChDO,EAAa,IAAID,CAAG,GACvBhB,EAAa,KAAK,CAChB,KAAMU,EAAM,KACZ,KAAMA,EAAM,IAAA,CACb,CAEL,CAEA,MAAO,CACL,aAAcV,EAAa,SAAW,EACtC,aAAAA,EACA,YAAac,EAAO,MAAA,CAExB,CAYO,SAASK,EACdd,EACAQ,EACM,CACN,MAAMO,EAASR,EAAuBP,EAAeQ,CAAc,EAEnE,GAAI,CAACO,EAAO,aACV,MAAM,IAAIrB,EAAsBqB,EAAO,YAAY,CAEvD,CC5EA,SAASC,EAAqBC,EAA0B,CACtD,GAAI,CAEF,OADWd,EAAAA,YAAY,QAAQe,EAAAA,eAAeD,CAAK,CAAC,EAC1C,IAAI,IAAKZ,IAEV,CAAE,KADIC,SAAO,KAAKD,EAAM,IAAI,EAAE,QAAA,EAAU,SAAS,KAAK,EAC9C,KAAMA,EAAM,KAAA,EAC5B,CACH,OAASD,EAAO,CACd,eAAQ,KACN,qEACA,CACE,SAAU,kBACV,MAAOA,aAAiB,MAAQA,EAAM,QAAU,OAAOA,CAAK,CAAA,CAC9D,EAEK,CAAA,CACT,CACF,CAGA,SAASe,EACPN,EACAO,EACS,CACT,MAAMC,EAAYR,EAAK,KAAK,YAAA,EAC5B,OAAOO,EAAa,KACjBE,GAAQA,EAAI,KAAK,gBAAkBD,GAAaC,EAAI,OAAST,EAAK,IAAA,CAEvE,CAgBA,SAASU,EAAyBC,EAAyB,CAGzD,MAAMC,EACJ,EAAiBC,EAAAA,gBACjBC,EAAAA,2BACAA,EAAAA,2BACAC,EAAAA,wBAEIC,EAAe,KAAK,KAAKJ,EAAkBD,EAAUM,EAAAA,iBAAiB,EAC5E,OAAO,OAAOD,CAAY,CAC5B,CAwBO,SAASE,EACdC,EACW,CACX,MAAMC,EAAsB,CAAA,EACtB,CACJ,OAAAC,EAAS,CAAA,EACT,cAAAC,EAAgB,CAAA,EAChB,iBAAAC,EAAmB,CAAA,CAAC,EAClBJ,EAEEK,EAAkB,IAAI,IAC1BH,EACG,IAAKI,GAAA,OAAM,OAAAC,EAAAD,EAAE,KAAF,YAAAC,EAAM,cAAa,EAC9B,OAAQC,GAAqBA,IAAO,MAAS,CAAA,EAGlD,UAAWC,KAAWN,EAChBM,EAAQ,IAAMJ,EAAgB,IAAII,EAAQ,GAAG,YAAA,CAAa,GAG1DA,EAAQ,eACVR,EAAS,KAAK,GAAGjB,EAAqByB,EAAQ,aAAa,CAAC,EAIhE,UAAWC,KAASR,EAEhBQ,EAAM,SAAWC,iBAAe,SAChCD,EAAM,SAAWC,EAAAA,eAAe,UAIlCV,EAAS,KAAK,GAAGjB,EAAqB0B,EAAM,kBAAkB,CAAC,EAKjE,UAAWE,KAAeR,EACxBH,EAAS,KAAK,GAAGjB,EAAqB4B,EAAY,aAAa,CAAC,EAGlE,OAAOX,CACT,CAeO,SAASY,EAEdb,EAA6C,CAC7C,KAAM,CAAE,eAAAxB,EAAgB,iBAAAsC,EAAkB,eAAAC,EAAgB,QAAAvB,GAAYQ,EAGtE,GAAI,CAACxB,GAAkBA,EAAe,SAAW,EAC/C,MAAO,CAAA,EAIT,GAAIsC,EAAiB,SAAW,EAC9B,OAAOtC,EAIT,MAAMwC,EAAaxC,EAAe,OAC/BK,GAAS,CAACM,EAAeN,EAAMiC,CAAgB,CAAA,EAGlD,GAAIE,EAAW,SAAW,EACxB,MAAM,IAAI,MACR,0IAAA,EAKJ,MAAMC,EAAY1B,EAAyBC,CAAO,EAC5C0B,EAAgBH,EAAiBE,EAKvC,GAJwBD,EAAW,OACjC,CAACG,EAAKC,IAAMD,EAAM,OAAOC,EAAE,KAAK,EAChC,EAAA,EAEoBF,EACpB,MAAM,IAAI,MACR,6GAAA,EAKJ,OAAOF,CACT"}

package/dist/vault-registry-reader-CLnhAUN4.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";var _e=Object.defineProperty;var be=(t,e,n)=>e in t?_e(t,e,{enumerable:!0,configurable:!0,writable:!0,value:n}):t[e]=n;var f=(t,e,n)=>be(t,typeof e!="symbol"?e+"":e,n);const j=require("./types-DnyyBNcC.cjs"),m=require("./bitcoin-B3aqjuMP.cjs"),C=require("./validation-u8W7Lp2x.cjs"),Pe=require("@bitcoin-js/tiny-secp256k1-asmjs"),E=require("bitcoinjs-lib"),T=require("buffer"),z=require("./sha2-DsrLC4NM.cjs"),v=require("./BTCVaultRegistry.abi-ZdPpION2.cjs"),g=require("./ProtocolParams.abi-BmvHwQJV.cjs");function ye(t){const e=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(t){for(const n in t)if(n!=="default"){const r=Object.getOwnPropertyDescriptor(t,n);Object.defineProperty(e,n,r.get?r:{enumerable:!0,get:()=>t[n]})}}return e.default=t,Object.freeze(e)}const K=ye(Pe),Y=new Set(Object.values(j.DaemonStatus)),we=200;function l(t){var e;return((e=JSON.stringify(t))==null?void 0:e.slice(0,we))??"undefined"}const ve="The vault provider returned an unexpected response. Please try again or contact support.";class o extends Error{constructor(n){super(ve);f(this,"detail");this.name="VpResponseValidationError",this.detail=n}}const $=64;function x(t){return typeof t=="string"&&t.length>0&&C.HEX_RE.test(t)}function re(t){return typeof t=="string"&&t.length>0}function ie(t,e){if(!x(t))throw new o(`VP response validation failed: "${e}" must be a non-empty hex string, got ${l(t)}`)}function b(t,e){if(!re(t))throw new o(`VP response validation failed: "${e}" must be a non-empty string, got ${l(t)}`)}function se(t,e){if(!x(t)\|\|t.length!==m.X_ONLY_PUBKEY_HEX_LEN&&t.length!==m.COMPRESSED_PUBKEY_HEX_LEN)throw new o(`VP response validation failed: "${e}" must be a ${m.X_ONLY_PUBKEY_HEX_LEN} or ${m.COMPRESSED_PUBKEY_HEX_LEN}-char hex string (BTC pubkey), got ${l(t)}`)}function xe(t){const e=t.presigning;if(e==null)return;if(typeof e!="object"\|\|Array.isArray(e))throw new o('VP response validation failed: "progress.presigning" must be an object if present');const n=e;if(n.depositor_graph_created!==void 0&&typeof n.depositor_graph_created!="boolean")throw new o(`VP response validation failed: "progress.presigning.depositor_graph_created" must be a boolean if present, got ${l(n.depositor_graph_created)}`);if(n.vk_challenger_presigning_completed!==void 0&&typeof n.vk_challenger_presigning_completed!="number")throw new o(`VP response validation failed: "progress.presigning.vk_challenger_presigning_completed" must be a number if present, got ${l(n.vk_challenger_presigning_completed)}`);if(n.vk_challenger_presigning_total!==void 0&&typeof n.vk_challenger_presigning_total!="number")throw new o(`VP response validation failed: "progress.presigning.vk_challenger_presigning_total" must be a number if present, got ${l(n.vk_challenger_presigning_total)}`)}function oe(t){if(t===null\|\|typeof t!="object")throw new o("VP response validation failed: getPeginStatus response is not an object");const e=t;if(!x(e.pegin_txid)\|\|e.pegin_txid.length!==$)throw new o(`VP response validation failed: "pegin_txid" must be a ${$}-char hex string (txid), got ${l(e.pegin_txid)}`);if(typeof e.status!="string")throw new o('VP response validation failed: "status" must be a string');if(!Y.has(e.status))throw new o(`VP response validation failed: unrecognized status "${e.status}". Expected one of: ${[...Y].join(", ")}`);if(e.progress===null\|\|typeof e.progress!="object"\|\|Array.isArray(e.progress))throw new o('VP response validation failed: "progress" must be an object');if(xe(e.progress),typeof e.health_info!="string")throw new o('VP response validation failed: "health_info" must be a string');if(e.last_error!==void 0&&typeof e.last_error!="string")throw new o(`VP response validation failed: "last_error" must be a string if present, got ${l(e.last_error)}`)}function Ve(t){if(t===null\|\|typeof t!="object")throw new o("VP response validation failed: requestDepositorPresignTransactions response is not an object");const e=t;if(!Array.isArray(e.txs))throw new o('VP response validation failed: "txs" must be an array');for(let n=0;n<e.txs.length;n++)Ae(e.txs[n],`txs[${n}]`);if(e.depositor_graph===null\|\|typeof e.depositor_graph!="object")throw new o('VP response validation failed: "depositor_graph" must be an object');Be(e.depositor_graph)}function y(t,e){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: "${e}" must be an object`);ie(t.tx_hex,`${e}.tx_hex`)}function Ae(t,e){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: "${e}" must be an object`);const n=t;se(n.claimer_pubkey,`${e}.claimer_pubkey`),y(n.claim_tx,`${e}.claim_tx`),y(n.assert_tx,`${e}.assert_tx`),y(n.payout_tx,`${e}.payout_tx`),b(n.payout_psbt,`${e}.payout_psbt`)}function Te(t,e){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: "${e}" must be an object`);const n=t;b(n.wots_pks_json,`${e}.wots_pks_json`),b(n.gc_wots_keys_json,`${e}.gc_wots_keys_json`)}function $e(t,e){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: "${e}" must be an object`);const n=t;if(se(n.challenger_pubkey,`${e}.challenger_pubkey`),y(n.challenge_assert_x_tx,`${e}.challenge_assert_x_tx`),y(n.challenge_assert_y_tx,`${e}.challenge_assert_y_tx`),y(n.nopayout_tx,`${e}.nopayout_tx`),b(n.nopayout_psbt,`${e}.nopayout_psbt`),!Array.isArray(n.challenge_assert_connectors))throw new o(`VP response validation failed: "${e}.challenge_assert_connectors" must be an array`);for(let r=0;r<n.challenge_assert_connectors.length;r++)Te(n.challenge_assert_connectors[r],`${e}.challenge_assert_connectors[${r}]`);if(!Array.isArray(n.output_label_hashes))throw new o(`VP response validation failed: "${e}.output_label_hashes" must be an array`);for(let r=0;r<n.output_label_hashes.length;r++)ie(n.output_label_hashes[r],`${e}.output_label_hashes[${r}]`)}function ae(t){if(t===null\|\|typeof t!="object")throw new o("VP response validation failed: requestDepositorClaimerArtifacts response is not an object");const e=t;if(!re(e.tx_graph_json))throw new o(`VP response validation failed: "tx_graph_json" must be a non-empty string, got ${l(e.tx_graph_json)}`);if(!x(e.verifying_key_hex))throw new o(`VP response validation failed: "verifying_key_hex" must be a non-empty hex string, got ${l(e.verifying_key_hex)}`);if(e.babe_sessions===null\|\|typeof e.babe_sessions!="object")throw new o('VP response validation failed: "babe_sessions" must be an object');for(const[n,r]of Object.entries(e.babe_sessions)){if(r===null\|\|typeof r!="object")throw new o(`VP response validation failed: "babe_sessions.${n}" must be an object`);const s=r;if(!x(s.decryptor_artifacts_hex))throw new o(`VP response validation failed: "babe_sessions.${n}.decryptor_artifacts_hex" must be a non-empty hex string, got ${l(s.decryptor_artifacts_hex)}`)}}function Ce(t){if(t===null\|\|typeof t!="object")throw new o("VP response validation failed: pegout status payload is not an object");const e=t;if(!x(e.pegin_txid)\|\|e.pegin_txid.length!==$)throw new o(`VP response validation failed: "pegin_txid" must be a ${$}-char hex string (txid), got ${l(e.pegin_txid)}`);if(typeof e.found!="boolean")throw new o(`VP response validation failed: "found" must be a boolean, got ${l(e.found)}`);if(e.claimer!==null){if(typeof e.claimer!="object")throw new o(`VP response validation failed: "claimer" must be an object or null, got ${l(e.claimer)}`);Se(e.claimer)}if(!Array.isArray(e.challengers))throw new o(`VP response validation failed: "challengers" must be an array, got ${l(e.challengers)}`);for(let n=0;n<e.challengers.length;n++)ke(e.challengers[n],n)}function Se(t){if(b(t.status,"claimer.status"),typeof t.failed!="boolean")throw new o(`VP response validation failed: "claimer.failed" must be a boolean, got ${l(t.failed)}`);if(b(t.claim_txid,"claimer.claim_txid"),b(t.claimer_pubkey,"claimer.claimer_pubkey"),b(t.assert_txid,"claimer.assert_txid"),t.challenger_pubkey!==null&&typeof t.challenger_pubkey!="string")throw new o(`VP response validation failed: "claimer.challenger_pubkey" must be a string or null, got ${l(t.challenger_pubkey)}`);if(typeof t.created_at!="number")throw new o(`VP response validation failed: "claimer.created_at" must be a number, got ${l(t.created_at)}`);if(typeof t.updated_at!="number")throw new o(`VP response validation failed: "claimer.updated_at" must be a number, got ${l(t.updated_at)}`)}function ke(t,e){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: "challengers[${e}]" must be an object, got ${l(t)}`);const n=t;if(b(n.status,`challengers[${e}].status`),b(n.claim_txid,`challengers[${e}].claim_txid`),b(n.claimer_pubkey,`challengers[${e}].claimer_pubkey`),B(n.assert_txid,`challengers[${e}].assert_txid`),B(n.challenge_assert_x_txid,`challengers[${e}].challenge_assert_x_txid`),B(n.challenge_assert_y_txid,`challengers[${e}].challenge_assert_y_txid`),B(n.nopayout_txid,`challengers[${e}].nopayout_txid`),typeof n.created_at!="number")throw new o(`VP response validation failed: "challengers[${e}].created_at" must be a number, got ${l(n.created_at)}`);if(typeof n.updated_at!="number")throw new o(`VP response validation failed: "challengers[${e}].updated_at" must be a number, got ${l(n.updated_at)}`)}function B(t,e){if(t!==null&&typeof t!="string")throw new o(`VP response validation failed: "${e}" must be a string or null, got ${l(t)}`)}function Ie(t){ce(t,"batchGetPeginStatus",e=>{e.result!==null&&oe(e.result)})}function Ee(t){ce(t,"batchGetPegoutStatus",e=>{e.result!==null&&Ce(e.result)})}function ce(t,e,n){if(t===null\|\|typeof t!="object")throw new o(`VP response validation failed: ${e} response is not an object`);const r=t;if(!Array.isArray(r.results))throw new o(`VP response validation failed: "${e}.results" must be an array, got ${l(r.results)}`);for(let s=0;s<r.results.length;s++){const i=r.results[s];if(i===null\|\|typeof i!="object")throw new o(`VP response validation failed: "${e}.results[${s}]" must be an object, got ${l(i)}`);const a=i;if(!x(a.pegin_txid)\|\|a.pegin_txid.length!==$)throw new o(`VP response validation failed: "${e}.results[${s}].pegin_txid" must be a ${$}-char hex string, got ${l(a.pegin_txid)}`);if(a.error!==null&&typeof a.error!="string")throw new o(`VP response validation failed: "${e}.results[${s}].error" must be a string or null, got ${l(a.error)}`);if(a.result===null&&a.error===null)throw new o(`VP response validation failed: "${e}.results[${s}]" has neither "result" nor "error" populated`);if(a.result!==null&&a.error!==null)throw new o(`VP response validation failed: "${e}.results[${s}]" has both "result" and "error" populated`);n(a,s)}}function Be(t){if(y(t.claim_tx,"depositor_graph.claim_tx"),y(t.assert_tx,"depositor_graph.assert_tx"),y(t.payout_tx,"depositor_graph.payout_tx"),b(t.payout_psbt,"depositor_graph.payout_psbt"),!Array.isArray(t.challenger_presign_data))throw new o('VP response validation failed: "depositor_graph.challenger_presign_data" must be an array');for(let e=0;e<t.challenger_presign_data.length;e++)$e(t.challenger_presign_data[e],`depositor_graph.challenger_presign_data[${e}]`);if(typeof t.offchain_params_version!="number")throw new o('VP response validation failed: "depositor_graph.offchain_params_version" must be a number')}const Re=6e4;class le{constructor(e,n){f(this,"client");const r={baseUrl:e,timeout:(n==null?void 0:n.timeout)??Re,retries:n==null?void 0:n.retries,retryDelay:n==null?void 0:n.retryDelay,retryableFor:n==null?void 0:n.retryableFor,headers:n==null?void 0:n.headers,tokenProvider:n==null?void 0:n.tokenProvider,maxResponseBytes:n==null?void 0:n.maxResponseBytes};this.client=new j.JsonRpcClient(r)}async requestDepositorPresignTransactions(e,n){const r=await this.client.call("vaultProvider_requestDepositorPresignTransactions",e,n);return Ve(r),r}async submitDepositorPresignatures(e,n){return this.client.call("vaultProvider_submitDepositorPresignatures",e,n)}async submitDepositorWotsKey(e,n){return this.client.call("vaultProvider_submitDepositorWotsKey",e,n)}async requestDepositorClaimerArtifacts(e,n){const r=await this.client.call("vaultProvider_requestDepositorClaimerArtifacts",e,n);return ae(r),r}async getPeginStatus(e,n){const r=await this.client.call("vaultProvider_getPeginStatus",e,n);return oe(r),r}async batchGetPeginStatus(e,n){const r=await this.client.call("vaultProvider_batchGetPeginStatus",e,n);return Ie(r),r}async batchGetPegoutStatus(e,n){const r=await this.client.call("vaultProvider_batchGetPegoutStatus",e,n);return Ee(r),r}}function Ne(t,e){const n=new Set;for(const u of t)n.add(u.toLowerCase());const r=new Map,s=new Set,i=[],a=[];for(const u of e){const d=u.pegin_txid.toLowerCase();if(!n.has(d)){a.push(d);continue}if(s.has(d)){i.push(d);continue}s.add(d),r.set(d,{result:u.result,error:u.error})}const c=[];for(const u of n)s.has(u)\|\|c.push(u);return{byTxid:r,missing:c,unexpected:a,duplicate:i}}async function He(t){const{items:e,getTxid:n,batchCall:r,onItem:s,onMissing:i,onDuplicate:a,onDuplicateBatch:c,onWholeBatchError:u,onUnexpected:d,batchSize:_=j.VP_BATCH_MAX_SIZE}=t;if(!Number.isInteger(_)\|\|_<=0)throw new Error(`batchPollByProvider: batchSize must be a positive integer, got ${_}`);for(let w=0;w<e.length;w+=_){const V=e.slice(w,w+_),k=new Map,U=[];for(const h of V){const P=n(h).toLowerCase();k.set(P,h),U.push(P)}let A;try{const h=await r(U);A=Ne(U,h.results)}catch(h){u(V,h);continue}d&&A.unexpected.length>0&&d(A.unexpected);const I=new Set(A.duplicate);for(const h of I){const P=k.get(h);P&&a(P)}c&&I.size>0&&c(I.size);for(const h of A.missing){const P=k.get(h);P&&i(P)}for(const[h,P]of A.byTxid){if(I.has(h))continue;const G=k.get(h);G&&s(G,{pegin_txid:h,result:P.result,error:P.error})}}}const Oe="BIP0322-signed-message",De="TapTweak",ue=32,je=64;function de(t,e){const n=new TextEncoder().encode(t),r=z.sha256(n),s=new Uint8Array(r.length2+e.length);return s.set(r,0),s.set(r,r.length),s.set(e,r.length2),z.sha256(s)}function Ke(t){if(t.length!==ue)return null;const e=de(De,t),n=K.xOnlyPointAddTweak(t,e);return n?n.xOnlyPubkey:null}function Ue(t,e,n){if(e.length!==ue\|\|n.length!==je)return!1;try{const r=de(Oe,t),s=E.payments.p2tr({internalPubkey:T.Buffer.from(e)});if(!s.output)return!1;const i=s.output,a=0,c=new E.Transaction;c.version=0,c.locktime=0;const u=T.Buffer.concat([T.Buffer.from([0,32]),T.Buffer.from(r)]);c.addInput(T.Buffer.alloc(32,0),4294967295,0,u),c.addOutput(i,a);const d=new E.Transaction;d.version=0,d.locktime=0;const _=c.getHash();d.addInput(_,0,0),d.addOutput(T.Buffer.from([106]),a);const w=d.hashForWitnessV1(0,[i],[a],E.Transaction.SIGHASH_DEFAULT),V=Ke(e);return V?K.verifySchnorr(w,V,n):!1}catch{return!1}}function H(t,e){const n=(t&7)<<5,r=typeof e=="bigint"?e:BigInt(e);if(r<0n)throw new Error("cborHead: negative argument");if(r<24n)return new Uint8Array([n\|Number(r)]);if(r<0x100n)return new Uint8Array([n\|24,Number(r)]);if(r<0x10000n){const i=Number(r);return new Uint8Array([n\|25,i>>>8&255,i&255])}if(r<0x100000000n){const i=Number(r);return new Uint8Array([n\|26,i>>>24&255,i>>>16&255,i>>>8&255,i&255])}const s=new Uint8Array(9);s[0]=n\|27;for(let i=7;i>=0;i--)s[1+i]=Number(r>>BigInt((7-i)8))&255;return s}function he(...t){const e=t.reduce((s,i)=>s+i.length,0),n=new Uint8Array(e);let r=0;for(const s of t)n.set(s,r),r+=s.length;return n}function W(t){const n=[H(4,t.length)];for(const r of t)n.push(H(0,r));return he(...n)}function Le(t,e,n){if(!Number.isSafeInteger(n)\|\|n<0)throw new Error(`encodeServerIdentityPayload: expires_at must be a non-negative safe integer, got ${n}`);const r=H(4,3),s=W(t),i=W(e),a=H(0,n);return he(r,s,i,a)}const Fe=new TextEncoder().encode("btc-auth.server-identity.v1"),Me=23600;class p extends Error{constructor(e,n){super(e),this.reason=n,this.name="ServerIdentityError"}}function R(t){const e=new Uint8Array(t.length/2);for(let n=0;n<e.length;n++)e[n]=parseInt(t.slice(n2,n2+2),16);return e}function pe(t){const{proof:e,pinnedServerPubkey:n,now:r}=t,s=t.maxLifetimeSecs??Me,i=m.stripHexPrefix(n).toLowerCase();if(i.length!==m.X_ONLY_PUBKEY_HEX_LEN\|\|!C.HEX_RE.test(i))throw new p(`pinnedServerPubkey must be 32-byte hex; got ${i.length} chars`,"invalid_pubkey_encoding");const a=m.stripHexPrefix(e.server_pubkey).toLowerCase();if(a.length!==m.X_ONLY_PUBKEY_HEX_LEN\|\|!C.HEX_RE.test(a))throw new p(`server_pubkey must be 32-byte hex; got ${a.length} chars`,"invalid_pubkey_encoding");if(a!==i)throw new p(`server_pubkey does not match pinned value: expected ${i}, got ${a}`,"pinned_pubkey_mismatch");if(!Number.isSafeInteger(e.expires_at))throw new p(`expires_at must be a finite integer; got ${JSON.stringify(e.expires_at)}`,"invalid_expires_at");if(!Number.isSafeInteger(r))throw new p(`now must be a finite integer; got ${JSON.stringify(r)}`,"invalid_expires_at");if(e.expires_at<=r)throw new p(`server identity proof expired at ${e.expires_at}, now ${r}`,"expired");if(!Number.isSafeInteger(s)\|\|s<=0)throw new p(`maxLifetimeSecs must be a positive safe integer; got ${JSON.stringify(s)}`,"invalid_max_lifetime");if(e.expires_at-r>s)throw new p(`server identity proof expires too far in the future: expires_at=${e.expires_at}, now=${r}, max lifetime=${s}s`,"expires_too_far");const c=m.stripHexPrefix(e.ephemeral_pubkey).toLowerCase();if(c.length!==m.COMPRESSED_PUBKEY_HEX_LEN\|\|!C.HEX_RE.test(c))throw new p(`ephemeral_pubkey must be 33-byte compressed hex; got ${c.length} chars`,"invalid_ephemeral_pubkey");const u=c.slice(0,2);if(u!=="02"&&u!=="03")throw new p(`ephemeral_pubkey must be compressed (prefix 02/03); got ${u}`,"invalid_ephemeral_pubkey");const d=R(c);if(!K.isPoint(d))throw new p("ephemeral_pubkey is not a valid secp256k1 point","invalid_ephemeral_pubkey");const _=m.stripHexPrefix(e.signature).toLowerCase();if(_.length!==m.SCHNORR_SIG_HEX_LEN\|\|!C.HEX_RE.test(_))throw new p(`signature must be 64-byte Schnorr hex; got ${_.length} chars`,"invalid_signature_encoding");const w=Le(Fe,R(c),e.expires_at);if(!Ue(w,R(a),R(_)))throw new p("BIP-322 signature verification failed — ephemeral key is not attested by pinned server pubkey","signature_verification_failed")}const Xe=new Set(["vaultProvider_submitDepositorWotsKey","vaultProvider_submitDepositorPresignatures","vaultProvider_requestDepositorPresignTransactions","vaultProvider_requestDepositorClaimerArtifacts"]),qe=6e4,F="auth_createDepositorToken";function ge(t,e){return new j.JsonRpcClient({baseUrl:t,timeout:qe,headers:e,retryableFor:n=>n===F})}const Q=4102444800,Ge=30;class ze{constructor(e){f(this,"client");f(this,"peginTxid");f(this,"authAnchorHex");f(this,"pinnedServerPubkey");f(this,"authGatedMethods");f(this,"refreshSkewSecs");f(this,"now");f(this,"cached",null);f(this,"inFlight",null);this.client=e.client,this.peginTxid=e.peginTxid,this.authAnchorHex=e.authAnchorHex,this.pinnedServerPubkey=e.pinnedServerPubkey,this.authGatedMethods=e.authGatedMethods,this.refreshSkewSecs=e.refreshSkewSecs??Ge,this.now=e.now??(()=>Math.floor(Date.now()/1e3))}async getToken(e){if(e===F\|\|!this.authGatedMethods.has(e))return null;const n=this.cached;return n&&this.now()+this.refreshSkewSecs<n.expiresAt?n.token:(await this.acquireSingleFlight()).token}invalidate(){this.cached=null}setClient(e){this.client=e}acquireSingleFlight(){const e=this.inFlight;if(e)return e;const n=(async()=>{try{const r=await this.client.call(F,{pegin_txid:this.peginTxid,auth_anchor:this.authAnchorHex});if(pe({proof:r.server_identity,pinnedServerPubkey:this.pinnedServerPubkey,now:this.now()}),typeof r.token!="string"\|\|r.token.length===0)throw new Error(`VpTokenProvider: invalid token in acquire response (expected non-empty string, got ${typeof r.token})`);const s=this.now();if(!Number.isSafeInteger(r.expires_at)\|\|r.expires_at<=s\|\|r.expires_at>Q)throw new Error(`VpTokenProvider: invalid expires_at in acquire response (got ${JSON.stringify(r.expires_at)}; must be a safe integer in (${s}, ${Q}])`);const i={token:r.token,expiresAt:r.expires_at};return this.cached=i,i}finally{this.inFlight=null}})();return this.inFlight=n,n}}class fe{constructor(){f(this,"entries",new Map)}getOrCreate(e){const n=this.entries.get(e.peginTxid);if(n){if(n.authAnchorHex!==e.authAnchorHex)throw new Error(`VpTokenRegistry: peginTxid ${e.peginTxid} already bound to authAnchorHex ${n.authAnchorHex.slice(0,8)}…; got ${e.authAnchorHex.slice(0,8)}…`);if(n.pinnedServerPubkey!==e.pinnedServerPubkey)throw new Error(`VpTokenRegistry: peginTxid ${e.peginTxid} already bound to pinnedServerPubkey ${n.pinnedServerPubkey.slice(0,8)}…; got ${e.pinnedServerPubkey.slice(0,8)}…`);return n.provider.setClient(e.client),n.provider}const r=new ze({client:e.client,peginTxid:e.peginTxid,authAnchorHex:e.authAnchorHex,pinnedServerPubkey:e.pinnedServerPubkey,authGatedMethods:Xe});return this.entries.set(e.peginTxid,{provider:r,authAnchorHex:e.authAnchorHex,pinnedServerPubkey:e.pinnedServerPubkey}),r}peek(e){var n;return(n=this.entries.get(e))==null?void 0:n.provider}release(e){this.entries.delete(e)}clear(){this.entries.clear()}get size(){return this.entries.size}}const X=new fe;function Ye(t){var r;const e=ge(t.baseUrl,(r=t.options)==null?void 0:r.headers),n=X.getOrCreate({client:e,peginTxid:t.peginTxid,authAnchorHex:t.authAnchorHex,pinnedServerPubkey:t.pinnedServerPubkey});return new le(t.baseUrl,{...t.options,tokenProvider:n})}function We(t){X.getOrCreate({client:ge(t.baseUrl,t.headers),peginTxid:t.peginTxid,authAnchorHex:t.authAnchorHex,pinnedServerPubkey:t.pinnedServerPubkey})}async function Qe(t,e){const[n,r]=await t.multicall({contracts:[{address:e,abi:v.BTCVaultRegistryABI,functionName:"protocolParams"},{address:e,abi:v.BTCVaultRegistryABI,functionName:"applicationRegistry"}],allowFailure:!1});return{protocolParams:n,applicationRegistry:r}}const L=65535,J=1e4,O=4294967295,Z=255;function M(t){if(!Number.isInteger(t)\|\|t<0\|\|t>O)throw new Error(`Invalid offchainParamsVersion from contract: must be a uint32, got ${t}`)}function S(t){const e=[];if(t.timelockAssert<=0n&&e.push(`timelockAssert must be positive, got ${t.timelockAssert}`),t.timelockAssert>BigInt(L)&&e.push(`timelockAssert ${t.timelockAssert} exceeds uint16 max (${L})`),t.timelockChallengeAssert<=0n&&e.push(`timelockChallengeAssert must be positive, got ${t.timelockChallengeAssert}`),t.tRefund<=0&&e.push(`tRefund must be positive, got ${t.tRefund}`),t.tStale<=0&&e.push(`tStale must be positive, got ${t.tStale}`),t.securityCouncilKeys.length===0&&e.push("securityCouncilKeys must not be empty"),t.councilQuorum<=0&&e.push(`councilQuorum must be positive, got ${t.councilQuorum}`),t.councilQuorum>t.securityCouncilKeys.length&&e.push(`councilQuorum (${t.councilQuorum}) exceeds securityCouncilKeys count (${t.securityCouncilKeys.length})`),t.feeRate<=0n&&e.push(`feeRate must be positive, got ${t.feeRate}`),t.minPeginFeeRate<=0n&&e.push(`minPeginFeeRate must be positive, got ${t.minPeginFeeRate}`),(!Number.isInteger(t.proverProgramVersion)\|\|t.proverProgramVersion<0\|\|t.proverProgramVersion>L)&&e.push(`proverProgramVersion must be a uint16, got ${t.proverProgramVersion}`),(!Number.isInteger(t.minPrepeginDepth)\|\|t.minPrepeginDepth<=0\|\|t.minPrepeginDepth>O)&&e.push(`minPrepeginDepth must be a uint32 in [1, ${O}], got ${t.minPrepeginDepth}`),t.babeTotalInstances<=0&&e.push(`babeTotalInstances must be positive, got ${t.babeTotalInstances}`),t.babeInstancesToFinalize<=0&&e.push(`babeInstancesToFinalize must be positive, got ${t.babeInstancesToFinalize}`),t.babeInstancesToFinalize>t.babeTotalInstances&&e.push(`babeInstancesToFinalize (${t.babeInstancesToFinalize}) exceeds babeTotalInstances (${t.babeTotalInstances})`),(t.minVpCommissionBps<0\|\|t.minVpCommissionBps>J)&&e.push(`minVpCommissionBps must be in [0, ${J}], got ${t.minVpCommissionBps}`),e.length>0)throw new Error(`Invalid offchain protocol parameters: ${e.join("; ")}`)}function q(t){const e=[];if(t.minimumPegInAmount<=0n&&e.push(`minimumPegInAmount must be positive, got ${t.minimumPegInAmount}`),t.maxPegInAmount<t.minimumPegInAmount&&e.push(`maxPegInAmount (${t.maxPegInAmount}) must be >= minimumPegInAmount (${t.minimumPegInAmount})`),t.pegInAckTimeout<=0n&&e.push(`pegInAckTimeout must be positive, got ${t.pegInAckTimeout}`),t.pegInActivationTimeout<=0n&&e.push(`pegInActivationTimeout must be positive, got ${t.pegInActivationTimeout}`),(!Number.isInteger(t.maxHtlcOutputCount)\|\|t.maxHtlcOutputCount<=0\|\|t.maxHtlcOutputCount>Z)&&e.push(`maxHtlcOutputCount must be an integer in [1, ${Z}], got ${t.maxHtlcOutputCount}`),e.length>0)throw new Error(`Invalid TBV protocol parameters: ${e.join("; ")}`)}function me(t){if(q(t),S(t.offchainParams),!Number.isInteger(t.offchainParamsVersion)\|\|t.offchainParamsVersion<0\|\|t.offchainParamsVersion>O)throw new Error(`Invalid peg-in configuration: offchainParamsVersion must be a uint32, got ${t.offchainParamsVersion}`)}const ee=65535;function N(t){return{timelockAssert:t.timelockAssert,timelockChallengeAssert:t.timelockChallengeAssert,securityCouncilKeys:[...t.securityCouncilKeys],councilQuorum:t.councilQuorum,feeRate:t.feeRate,babeTotalInstances:t.babeTotalInstances,babeInstancesToFinalize:t.babeInstancesToFinalize,minVpCommissionBps:t.minVpCommissionBps,tRefund:t.tRefund,tStale:t.tStale,minPeginFeeRate:t.minPeginFeeRate,proverProgramVersion:t.proverProgramVersion,minPrepeginDepth:t.minPrepeginDepth}}function te(t){return{minimumPegInAmount:t.minimumPegInAmount,maxPegInAmount:t.maxPegInAmount,pegInAckTimeout:t.pegInAckTimeout,pegInActivationTimeout:t.pegInActivationTimeout,maxHtlcOutputCount:t.maxHtlcOutputCount}}function ne(t){if(t>BigInt(ee))throw new Error(`timelockAssert value ${t} exceeds uint16 max (${ee})`);return Number(t)}class Je{constructor(e,n){this.publicClient=e,this.contractAddress=n}async getTBVProtocolParams(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getTBVProtocolParams"}),n=te(e);return q(n),n}async getLatestOffchainParams(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getLatestOffchainParams"}),n=N(e);return S(n),n}async getOffchainParamsByVersion(e){const n=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getOffchainParamsByVersion",args:[e]}),r=N(n);return S(r),r}async getLatestOffchainParamsVersion(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"latestOffchainParamsVersion"}),n=Number(e);return M(n),n}async getTimelockPeginByVersion(e){const n=await this.getOffchainParamsByVersion(e);return ne(n.timelockAssert)}async getPegInConfiguration(){const e=await this.publicClient.multicall({contracts:[{address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getTBVProtocolParams"},{address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getLatestOffchainParams"},{address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"latestOffchainParamsVersion"}],allowFailure:!1}),n=te(e[0]),r=N(e[1]),s=Number(e[2]),i={minimumPegInAmount:n.minimumPegInAmount,maxPegInAmount:n.maxPegInAmount,pegInAckTimeout:n.pegInAckTimeout,pegInActivationTimeout:n.pegInActivationTimeout,maxHtlcOutputCount:n.maxHtlcOutputCount,timelockPegin:ne(r.timelockAssert),timelockRefund:r.tRefund,minVpCommissionBps:r.minVpCommissionBps,offchainParams:r,offchainParamsVersion:s};return me(i),i}async fetchAllOffchainParams(e){const n=await this.getLatestOffchainParamsVersion();if(n===0)return{byVersion:new Map,latestVersion:0};const r=Array.from({length:n},(c,u)=>u+1),s=r.map(c=>({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getOffchainParamsByVersion",args:[c]})),i=await this.publicClient.multicall({contracts:s,allowFailure:!1}),a=new Map;for(let c=0;c<r.length;c++){const u=N(i[c]);try{S(u),a.set(r[c],u)}catch(d){e==null\|\|e(r[c],d instanceof Error?d:new Error(String(d)))}}return{byVersion:a,latestVersion:n}}}function D(t){return t.map(e=>({ethAddress:e.ethAddress,btcPubKey:e.btcPubKey}))}class Ze{constructor(e,n){this.publicClient=e,this.contractAddress=n}async getVaultKeepersByVersion(e,n){const r=await this.publicClient.readContract({address:this.contractAddress,abi:g.ApplicationRegistryABI,functionName:"getVaultKeepersByVersion",args:[e,n]});return D(r)}async getCurrentVaultKeepers(e){const n=await this.publicClient.readContract({address:this.contractAddress,abi:g.ApplicationRegistryABI,functionName:"getCurrentVaultKeepers",args:[e]});return D(n)}async getCurrentVaultKeepersVersion(e){return await this.publicClient.readContract({address:this.contractAddress,abi:g.ApplicationRegistryABI,functionName:"getCurrentVaultKeepersVersion",args:[e]})}}class et{constructor(e,n){this.publicClient=e,this.contractAddress=n}async getUniversalChallengersByVersion(e){const n=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getUniversalChallengersByVersion",args:[e]});return D(n)}async getCurrentUniversalChallengers(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"getCurrentUniversalChallengers"});return D(e)}async getLatestUniversalChallengersVersion(){return await this.publicClient.readContract({address:this.contractAddress,abi:g.ProtocolParamsABI,functionName:"latestUniversalChallengersVersion"})}}class tt{constructor(e,n){this.publicClient=e,this.contractAddress=n}async getVaultProviderBtcPubKey(e){const r=(await this.publicClient.readContract({address:this.contractAddress,abi:v.BTCVaultRegistryABI,functionName:"getVaultProviderBTCKey",args:[e]})).toLowerCase();if(!/^0x[0-9a-f]{64}$/.test(r))throw new Error(`getVaultProviderBTCKey returned an unexpected value (vp=${e}, length ${r.length}, prefix "${r.slice(0,2)}")`);const s=r.slice(2);if(!K.isXOnlyPoint(m.hexToUint8Array(s)))throw new Error(`getVaultProviderBTCKey returned a value that is not on the secp256k1 curve (vp=${e})`);return s}async getVaultBasicInfo(e){const n=await this.publicClient.readContract({address:this.contractAddress,abi:v.BTCVaultRegistryABI,functionName:"getBtcVaultBasicInfo",args:[e]});return{depositor:n.depositor,depositorBtcPubKey:n.depositorBtcPubKey,amount:n.amount,vaultProvider:n.vaultProvider,status:n.status,applicationEntryPoint:n.applicationEntryPoint,createdAt:n.createdAt}}async getVaultProtocolInfo(e){const n=await this.publicClient.readContract({address:this.contractAddress,abi:v.BTCVaultRegistryABI,functionName:"getBtcVaultProtocolInfo",args:[e]}),r=Number(n.offchainParamsVersion);return M(r),{depositorSignedPeginTx:n.depositorSignedPeginTx,universalChallengersVersion:n.universalChallengersVersion,appVaultKeepersVersion:n.appVaultKeepersVersion,offchainParamsVersion:r,verifiedAt:n.verifiedAt,depositorWotsPkHash:n.depositorWotsPkHash,hashlock:n.hashlock,htlcVout:n.htlcVout,depositorPopSignature:n.depositorPopSignature,prePeginTxHash:n.prePeginTxHash,vaultProviderCommissionBps:n.vaultProviderCommissionBps}}async getProtocolInfoBatch(e){return e.length===0?[]:(await this.publicClient.multicall({contracts:e.map(r=>({address:this.contractAddress,abi:v.BTCVaultRegistryABI,functionName:"getBtcVaultProtocolInfo",args:[r]})),allowFailure:!1})).map((r,s)=>{const i=r;if(!i.depositorSignedPeginTx\|\|i.depositorSignedPeginTx==="0x")throw new Error(`Vault ${e[s]} not found on-chain or has no pegin transaction`);return{depositorSignedPeginTx:i.depositorSignedPeginTx,universalChallengersVersion:i.universalChallengersVersion,appVaultKeepersVersion:i.appVaultKeepersVersion,offchainParamsVersion:i.offchainParamsVersion,verifiedAt:i.verifiedAt,depositorWotsPkHash:i.depositorWotsPkHash,hashlock:i.hashlock,htlcVout:i.htlcVout,depositorPopSignature:i.depositorPopSignature,prePeginTxHash:i.prePeginTxHash,vaultProviderCommissionBps:i.vaultProviderCommissionBps}})}async getVaultData(e){const[n,r]=await Promise.all([this.getVaultBasicInfo(e),this.getVaultProtocolInfo(e)]);if(!r.depositorSignedPeginTx\|\|r.depositorSignedPeginTx==="0x")throw new Error(`Vault ${e} not found on-chain or has no pegin transaction`);return{basic:n,protocol:r}}async getOffchainParamsVersionsByVaultIds(e){return e.length===0?[]:(await this.publicClient.multicall({contracts:e.map(r=>({address:this.contractAddress,abi:v.BTCVaultRegistryABI,functionName:"getBtcVaultProtocolInfo",args:[r]})),allowFailure:!1})).map(r=>{const s=r;if(!s.depositorSignedPeginTx\|\|s.depositorSignedPeginTx==="0x")throw new Error("Vault not found on-chain or has no pegin transaction while reading offchain params version");const i=Number(s.offchainParamsVersion);return M(i),i})}}exports.ServerIdentityError=p;exports.VaultProviderRpcClient=le;exports.ViemProtocolParamsReader=Je;exports.ViemUniversalChallengerReader=et;exports.ViemVaultKeeperReader=Ze;exports.ViemVaultRegistryReader=tt;exports.VpResponseValidationError=o;exports.VpTokenRegistry=fe;exports.batchPollByProvider=He;exports.createAuthenticatedVpClient=Ye;exports.primeVpTokenRegistry=We;exports.resolveProtocolAddresses=Qe;exports.validateOffchainParams=S;exports.validatePegInConfiguration=me;exports.validateRequestDepositorClaimerArtifactsResponse=ae;exports.validateTBVProtocolParams=q;exports.verifyServerIdentity=pe;exports.vpTokenRegistry=X;
2	- //# sourceMappingURL=vault-registry-reader-CLnhAUN4.cjs.map