@babylonlabs-io/ts-sdk 0.37.2 → 0.38.0

package/dist/assertPsbtUnsignedTxMatches-D7RxpR4A.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"assertPsbtUnsignedTxMatches-D7RxpR4A.js","sources":["../src/tbv/core/primitives/scripts/payout.ts","../src/tbv/core/primitives/psbt/payout.ts","../src/tbv/core/primitives/psbt/assertPsbtUnsignedTxMatches.ts"],"sourcesContent":["/**\n * Payout Script Generator Primitive\n *\n * This module provides pure functions for generating payout scripts and taproot information\n * by wrapping the WASM implementation from @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * The payout script is used for signing payout transactions in the vault system.\n * It defines the spending conditions for the vault output, enabling the depositor\n * to authorize payouts during the peg-in flow (Step 3).\n *\n * @remarks\n * This is a low-level primitive. For most use cases, prefer using {@link buildPayoutPsbt}\n * which handles script creation internally. For high-level wallet orchestration, use\n * PayoutManager from the managers module.\n *\n * @see {@link buildPayoutPsbt} - Higher-level function that uses this internally\n *\n * @module primitives/scripts/payout\n */\n\nimport {\n  createPayoutConnector,\n  type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\n/**\n * Parameters for creating a payout script.\n *\n * These parameters define the participants in a vault and are used to generate\n * the taproot script that controls how funds can be spent from the vault.\n */\nexport interface PayoutScriptParams {\n  /**\n   * Depositor's BTC public key (x-only, 64-char hex without 0x prefix).\n   *\n   * This is the user depositing BTC into the vault. The depositor must sign\n   * payout transactions to authorize fund distribution.\n   */\n  depositor: string;\n\n  /**\n   * Vault provider's BTC public key (x-only, 64-char hex without 0x prefix).\n   *\n   * The service provider managing vault operations. Also referred to as\n   * \"claimer\" in the WASM layer.\n   */\n  vaultProvider: string;\n\n  /**\n   * Array of vault keeper BTC public keys (x-only, 64-char hex without 0x prefix).\n   *\n   * Vault keepers participate in vault operations and script spending conditions.\n   */\n  vaultKeepers: string[];\n\n  /**\n   * Array of universal challenger BTC public keys (x-only, 64-char hex without 0x prefix).\n   *\n   * These parties can challenge the vault under certain conditions.\n   */\n  universalChallengers: string[];\n\n  /**\n   * CSV timelock in blocks for the PegIn output.\n   */\n  timelockPegin: number;\n\n  /**\n   * Bitcoin network for script generation.\n   *\n   * Must match the network used for all other vault operations to ensure\n   * address encoding compatibility.\n   */\n  network: Network;\n}\n\n/**\n * Result of creating a payout script.\n *\n * Contains all the taproot-related data needed for constructing and signing\n * payout transactions from the vault.\n */\nexport interface PayoutScriptResult {\n  /**\n   * The payout script hex used in taproot script path spending.\n   *\n   * This is the raw script bytes that define the spending conditions,\n   * encoded as a hexadecimal string. Used when constructing the\n   * tapLeafScript for PSBT signing.\n   */\n  payoutScript: string;\n\n  /**\n   * The taproot script hash (leaf hash) for the payout script.\n   *\n   * This is the tagged hash of the script used in taproot tree construction.\n   * Required for computing the control block during script path spending.\n   */\n  taprootScriptHash: string;\n\n  /**\n   * The full scriptPubKey for the vault output address.\n   *\n   * This is the complete output script (OP_1 <32-byte-key>) that should be\n   * used when creating the vault output in a peg-in transaction.\n   */\n  scriptPubKey: string;\n\n  /**\n   * The vault Bitcoin address derived from the script.\n   *\n   * A human-readable bech32m address (bc1p... for mainnet, tb1p... for testnet/signet)\n   * that can be used to receive funds into the vault.\n   */\n  address: string;\n\n  /**\n   * Serialized control block for Taproot script path spend (hex encoded).\n   *\n   * Computed by the Rust WASM PeginPayoutConnector. Used directly in\n   * tapLeafScript when building payout PSBTs.\n   */\n  payoutControlBlock: string;\n}\n\n/**\n * Create payout script and taproot information using WASM.\n *\n * This is a pure function that wraps the Rust WASM implementation.\n * The payout connector generates the necessary taproot scripts and information\n * required for signing payout transactions.\n *\n * @remarks\n * The generated script encodes spending conditions that require signatures from\n * the depositor and vault provider (or liquidators in challenge scenarios).\n * This script is used internally by {@link buildPayoutPsbt}.\n *\n * @param params - Payout script parameters defining vault participants and network\n * @returns Payout script and taproot information for PSBT construction\n *\n * @see {@link buildPayoutPsbt} - Use this for building complete payout PSBTs\n */\nexport async function createPayoutScript(\n  params: PayoutScriptParams,\n): Promise<PayoutScriptResult> {\n  // Call the WASM wrapper with the correct parameter structure\n  const connector = await createPayoutConnector(\n    {\n      depositor: params.depositor,\n      vaultProvider: params.vaultProvider,\n      vaultKeepers: params.vaultKeepers,\n      universalChallengers: params.universalChallengers,\n      timelockPegin: params.timelockPegin,\n    },\n    params.network,\n  );\n\n  return {\n    payoutScript: connector.payoutScript,\n    taprootScriptHash: connector.taprootScriptHash,\n    scriptPubKey: connector.scriptPubKey,\n    address: connector.address,\n    payoutControlBlock: connector.payoutControlBlock,\n  };\n}\n","/**\n * Payout PSBT Builder Primitives\n *\n * This module provides pure functions for building unsigned payout PSBTs and extracting\n * Schnorr signatures from signed PSBTs. It uses WASM-generated scripts from the payout\n * connector and bitcoinjs-lib for PSBT construction.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @module primitives/psbt/payout\n */\n\nimport {\n  type Network,\n  tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { createPayoutScript } from \"../scripts/payout\";\nimport {\n  TAPSCRIPT_LEAF_VERSION,\n  hexToUint8Array,\n  isValidHex,\n  stripHexPrefix,\n  uint8ArrayToHex,\n} from \"../utils/bitcoin\";\n\n/**\n * Number of items in a Taproot script-path spend witness stack for a\n * single-signature script: [signature, script, controlBlock].\n *\n * The current payout script requires exactly one depositor signature. If the\n * protocol evolves to require multiple signatures in the payout script, this\n * invariant and the finalized-PSBT extraction path must be revisited because\n * the first witness item would no longer necessarily be the depositor's.\n */\nconst TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE = 3;\n\n/**\n * Parameters for building an unsigned Payout PSBT\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface PayoutParams {\n  /**\n   * Payout transaction hex (unsigned)\n   * This is the transaction that needs to be signed by the depositor\n   */\n  payoutTxHex: string;\n\n  /**\n   * Assert transaction hex\n   * Payout input 1 references Assert output 0\n   */\n  assertTxHex: string;\n\n  /**\n   * Peg-in transaction hex\n   * This transaction created the vault output that we're spending\n   */\n  peginTxHex: string;\n\n  /**\n   * Depositor's BTC public key (x-only, 64-char hex without 0x prefix)\n   */\n  depositorBtcPubkey: string;\n\n  /**\n   * Vault provider's BTC public key (x-only, 64-char hex)\n   */\n  vaultProviderBtcPubkey: string;\n\n  /**\n   * Vault keeper BTC public keys (x-only, 64-char hex)\n   */\n  vaultKeeperBtcPubkeys: string[];\n\n  /**\n   * Universal challenger BTC public keys (x-only, 64-char hex)\n   */\n  universalChallengerBtcPubkeys: string[];\n\n  /**\n   * CSV timelock in blocks for the PegIn output.\n   */\n  timelockPegin: number;\n\n  /**\n   * Bitcoin network\n   */\n  network: Network;\n}\n\n/**\n * Result of building an unsigned payout PSBT\n */\nexport interface PayoutPsbtResult {\n  /**\n   * Unsigned PSBT hex ready for signing\n   */\n  psbtHex: string;\n}\n\n/**\n * Build unsigned Payout PSBT for depositor to sign.\n *\n * Payout is used in the **challenge path** when the claimer proves validity:\n * 1. Vault provider submits Claim transaction\n * 2. Challenge is raised during challenge period\n * 3. Claimer submits Assert transaction to prove validity\n * 4. Payout can be executed (references Assert tx)\n *\n * Payout transactions have the following structure:\n * - Input 0: from PeginTx output0 (signed by depositor)\n * - Input 1: from Assert output0 (NOT signed by depositor)\n *\n * @param params - Payout parameters\n * @returns Unsigned PSBT ready for depositor to sign\n *\n * @throws If payout transaction does not have exactly 2 inputs\n * @throws If input 0 does not reference the pegin transaction\n * @throws If input 1 does not reference the assert transaction\n * @throws If previous output is not found for either input\n */\nexport async function buildPayoutPsbt(\n  params: PayoutParams,\n): Promise<PayoutPsbtResult> {\n  // Normalize hex inputs (strip 0x prefix if present)\n  const payoutTxHex = stripHexPrefix(params.payoutTxHex);\n  const peginTxHex = stripHexPrefix(params.peginTxHex);\n  const assertTxHex = stripHexPrefix(params.assertTxHex);\n\n  // Get payout script from WASM\n  const payoutConnector = await createPayoutScript({\n    depositor: params.depositorBtcPubkey,\n    vaultProvider: params.vaultProviderBtcPubkey,\n    vaultKeepers: params.vaultKeeperBtcPubkeys,\n    universalChallengers: params.universalChallengerBtcPubkeys,\n    timelockPegin: params.timelockPegin,\n    network: params.network,\n  });\n\n  const payoutScriptBytes = hexToUint8Array(payoutConnector.payoutScript);\n  const controlBlock = hexToUint8Array(payoutConnector.payoutControlBlock);\n\n  // Parse transactions\n  const payoutTx = Transaction.fromHex(payoutTxHex);\n  const peginTx = Transaction.fromHex(peginTxHex);\n  const assertTx = Transaction.fromHex(assertTxHex);\n\n  // Create PSBT\n  const psbt = new Psbt();\n  psbt.setVersion(payoutTx.version);\n  psbt.setLocktime(payoutTx.locktime);\n\n  // PayoutTx has exactly 2 inputs:\n  // - Input 0: from PeginTx output0 (signed by depositor using taproot script path)\n  // - Input 1: from Assert output0 (signed by claimer/challengers, not depositor)\n  //\n  // IMPORTANT: For Taproot SIGHASH_DEFAULT (0x00), the sighash commits to ALL inputs'\n  // prevouts, not just the one being signed. Therefore, we must include BOTH inputs\n  // in the PSBT so the wallet computes the correct sighash that the VP expects.\n\n  // Verify payout transaction has expected structure\n  if (payoutTx.ins.length !== 2) {\n    throw new Error(\n      `Payout transaction must have exactly 2 inputs, got ${payoutTx.ins.length}`,\n    );\n  }\n\n  const input0 = payoutTx.ins[0];\n  const input1 = payoutTx.ins[1];\n\n  // Verify input 0 references the pegin transaction\n  const input0Txid = uint8ArrayToHex(\n    new Uint8Array(input0.hash).slice().reverse(),\n  );\n  const peginTxid = peginTx.getId();\n\n  if (input0Txid !== peginTxid) {\n    throw new Error(\n      `Input 0 does not reference pegin transaction. ` +\n        `Expected ${peginTxid}, got ${input0Txid}`,\n    );\n  }\n\n  // Verify input 1 references the assert transaction\n  const input1Txid = uint8ArrayToHex(\n    new Uint8Array(input1.hash).slice().reverse(),\n  );\n  const expectedInput1Txid = assertTx.getId();\n\n  if (input1Txid !== expectedInput1Txid) {\n    throw new Error(\n      `Input 1 does not reference assert transaction. ` +\n        `Expected ${expectedInput1Txid}, got ${input1Txid}`,\n    );\n  }\n\n  const peginPrevOut = peginTx.outs[input0.index];\n  if (!peginPrevOut) {\n    throw new Error(\n      `Previous output not found for input 0 (txid: ${input0Txid}, index: ${input0.index})`,\n    );\n  }\n\n  const input1PrevOut = assertTx.outs[input1.index];\n  if (!input1PrevOut) {\n    throw new Error(\n      `Previous output not found for input 1 (txid: ${input1Txid}, index: ${input1.index})`,\n    );\n  }\n\n  // Input 0: Depositor signs using Taproot script path spend\n  // This input includes tapLeafScript for signing\n  psbt.addInput({\n    hash: input0.hash,\n    index: input0.index,\n    sequence: input0.sequence,\n    witnessUtxo: {\n      script: peginPrevOut.script,\n      value: peginPrevOut.value,\n    },\n    tapLeafScript: [\n      {\n        leafVersion: TAPSCRIPT_LEAF_VERSION,\n        script: Buffer.from(payoutScriptBytes),\n        controlBlock: Buffer.from(controlBlock),\n      },\n    ],\n    tapInternalKey: Buffer.from(tapInternalPubkey),\n    // sighashType omitted - defaults to SIGHASH_DEFAULT (0x00) for Taproot\n  });\n\n  // Input 1: From Assert transaction (NOT signed by depositor)\n  // We include this with witnessUtxo so the sighash is computed correctly,\n  // but we do NOT include tapLeafScript since the depositor doesn't sign it.\n  psbt.addInput({\n    hash: input1.hash,\n    index: input1.index,\n    sequence: input1.sequence,\n    witnessUtxo: {\n      script: input1PrevOut.script,\n      value: input1PrevOut.value,\n    },\n    // No tapLeafScript - depositor doesn't sign this input\n  });\n\n  // Add outputs\n  for (const output of payoutTx.outs) {\n    psbt.addOutput({\n      script: output.script,\n      value: output.value,\n    });\n  }\n\n  return {\n    psbtHex: psbt.toHex(),\n  };\n}\n\n/**\n * Validate that a payout transaction's largest output pays to the registered\n * depositor payout scriptPubKey.\n *\n * Prevents a malicious vault provider from substituting the payout destination\n * (or routing funds through a dust output to the correct address while sending\n * the actual value to an attacker-controlled script).\n *\n * @param payoutTxHex - Raw payout transaction hex\n * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n * @throws If scriptPubKey is invalid hex\n * @throws If the transaction has no outputs\n * @throws If the largest output does not pay to the registered scriptPubKey\n */\nexport function assertPayoutOutputMatchesRegistered(\n  payoutTxHex: string,\n  registeredPayoutScriptPubKey: string,\n): void {\n  if (!isValidHex(registeredPayoutScriptPubKey)) {\n    throw new Error(\"Invalid registeredPayoutScriptPubKey: not valid hex\");\n  }\n\n  const expectedScript = Buffer.from(\n    stripHexPrefix(registeredPayoutScriptPubKey),\n    \"hex\",\n  );\n  const payoutTx = Transaction.fromHex(stripHexPrefix(payoutTxHex));\n\n  if (payoutTx.outs.length === 0) {\n    throw new Error(\"Payout transaction has no outputs\");\n  }\n\n  const largestOutput = payoutTx.outs.reduce((max, output) =>\n    output.value > max.value ? output : max,\n  );\n\n  if (!largestOutput.script.equals(expectedScript)) {\n    throw new Error(\n      \"Payout transaction does not pay to the registered depositor payout address\",\n    );\n  }\n}\n\n/**\n * Extract Schnorr signature from signed payout PSBT.\n *\n * This function supports two cases:\n * 1. Non-finalized PSBT: Extracts from tapScriptSig field\n * 2. Finalized PSBT: Extracts from witness data\n *\n * The signature is returned as a 64-byte hex string (128 hex characters).\n * Payout signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte.\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's public key (x-only, 64-char hex)\n * @param inputIndex - Input index to extract signature from (default: 0)\n * @returns 64-byte Schnorr signature (128 hex characters, no sighash flag)\n *\n * @throws If no signature is found in the PSBT\n * @throws If the signature has an unexpected length\n */\nexport function extractPayoutSignature(\n  signedPsbtHex: string,\n  depositorPubkey: string,\n  inputIndex = 0,\n): string {\n  const signedPsbt = Psbt.fromHex(signedPsbtHex);\n\n  if (inputIndex >= signedPsbt.data.inputs.length) {\n    throw new Error(\n      `Input index ${inputIndex} out of range (${signedPsbt.data.inputs.length} inputs)`,\n    );\n  }\n\n  const input = signedPsbt.data.inputs[inputIndex];\n\n  // Case 1: Non-finalized PSBT — extract from tapScriptSig\n  if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n    const depositorPubkeyBytes = hexToUint8Array(depositorPubkey);\n\n    for (const sigEntry of input.tapScriptSig) {\n      if (sigEntry.pubkey.equals(Buffer.from(depositorPubkeyBytes))) {\n        return extractSchnorrSig(sigEntry.signature, inputIndex);\n      }\n    }\n\n    throw new Error(\n      `No signature found for depositor pubkey: ${depositorPubkey} at input ${inputIndex}`,\n    );\n  }\n\n  // Case 2: Finalized PSBT — extract from finalScriptWitness\n  // Taproot single-signature script-path witness: [signature, script, controlBlock].\n  // Enforce the exact stack size so that if a wallet produces an unexpected\n  // finalization (e.g. a multi-signature stack, an annex, or malformed data),\n  // we fail loudly instead of silently returning witnessStack[0] which may\n  // not be the depositor's signature.\n  if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n    const witnessStack = parseWitnessStack(input.finalScriptWitness);\n    if (witnessStack.length !== TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE) {\n      throw new Error(\n        `Unexpected finalized witness stack size at input ${inputIndex}: ` +\n          `expected ${TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE} items (signature, script, controlBlock), ` +\n          `got ${witnessStack.length}`,\n      );\n    }\n    return extractSchnorrSig(witnessStack[0], inputIndex);\n  }\n\n  throw new Error(\n    `No tapScriptSig or finalScriptWitness found in signed PSBT at input ${inputIndex}`,\n  );\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature.\n * Rejects 65-byte signatures because the appended sighash byte changes the\n * Taproot message being signed; stripping it would produce an unverifiable\n * SIGHASH_DEFAULT signature.\n * @internal\n */\nfunction extractSchnorrSig(sig: Uint8Array, inputIndex: number): string {\n  if (sig.length === 64) {\n    return uint8ArrayToHex(new Uint8Array(sig));\n  }\n  if (sig.length === 65) {\n    throw new Error(\n      `Unexpected sighash byte 0x${sig[64].toString(16).padStart(2, \"0\")} at input ${inputIndex}. ` +\n        \"Expected implicit SIGHASH_DEFAULT as a 64-byte signature.\",\n    );\n  }\n  throw new Error(\n    `Unexpected signature length at input ${inputIndex}: ${sig.length}`,\n  );\n}\n\n/**\n * Parse a BIP-141 serialized witness stack into individual stack items.\n * Format: [varint item_count] [varint len, data]...\n *\n * Throws on malformed input (truncated buffer, 8-byte varints, or trailing\n * bytes) so callers never receive silently-corrupted witness items.\n * @internal\n */\nfunction parseWitnessStack(witness: Buffer): Buffer[] {\n  const items: Buffer[] = [];\n  let offset = 0;\n\n  const requireBytes = (n: number): void => {\n    if (offset + n > witness.length) {\n      throw new Error(\n        `Malformed witness data: need ${n} byte(s) at offset ${offset}, only ${witness.length - offset} remaining`,\n      );\n    }\n  };\n\n  const readVarInt = (): number => {\n    requireBytes(1);\n    const first = witness[offset++];\n    if (first < 0xfd) return first;\n    if (first === 0xfd) {\n      requireBytes(2);\n      const val = (witness[offset] | (witness[offset + 1] << 8)) >>> 0;\n      offset += 2;\n      return val;\n    }\n    if (first === 0xfe) {\n      requireBytes(4);\n      const val =\n        (witness[offset] |\n          (witness[offset + 1] << 8) |\n          (witness[offset + 2] << 16) |\n          (witness[offset + 3] << 24)) >>>\n        0;\n      offset += 4;\n      return val;\n    }\n    // 0xff — 8-byte varint. Not used for witness sizes in practice and JS\n    // numbers cannot represent all 64-bit values exactly, so reject rather\n    // than risk silent truncation.\n    throw new Error(\n      `Malformed witness data: 8-byte varint (0xff) not supported at offset ${offset - 1}`,\n    );\n  };\n\n  const count = readVarInt();\n  for (let i = 0; i < count; i++) {\n    const len = readVarInt();\n    requireBytes(len);\n    items.push(Buffer.from(witness.subarray(offset, offset + len)));\n    offset += len;\n  }\n\n  if (offset !== witness.length) {\n    throw new Error(\n      `Malformed witness data: ${witness.length - offset} trailing byte(s) after parsing ${count} item(s)`,\n    );\n  }\n\n  return items;\n}\n\n","/**\n * Asserts a wallet-returned PSBT encodes the same unsigned transaction\n * as the locally-built PSBT we asked the wallet to sign. Per-input PSBT\n * metadata (witnessUtxo, tapLeafScript, sighashType) is intentionally NOT\n * compared — those fields are committed to the Schnorr sighash and the\n * vault provider's `verify_depositor_signature` rejects mismatches there.\n * This primitive defends the path where a colluding VP would otherwise\n * accept a wallet-substituted signature.\n */\n\nimport { Buffer } from \"buffer\";\n\nimport { Psbt } from \"bitcoinjs-lib\";\n\n/**\n * Thrown when a wallet-returned PSBT encodes a different unsigned\n * transaction than the one the caller asked the wallet to sign.\n */\nexport class PsbtSubstitutionError extends Error {\n  constructor(detail: string) {\n    super(\n      `Wallet returned a PSBT for a different transaction: ${detail}`,\n    );\n    this.name = \"PsbtSubstitutionError\";\n  }\n}\n\nexport interface AssertPsbtUnsignedTxMatchesParams {\n  /** PSBT we built locally and asked the wallet to sign. */\n  requestedPsbtHex: string;\n  /** PSBT the wallet returned after signing. */\n  returnedPsbtHex: string;\n}\n\nfunction parsePsbt(label: \"requested\" | \"returned\", hex: string): Psbt {\n  try {\n    return Psbt.fromHex(hex);\n  } catch (cause) {\n    const reason = cause instanceof Error ? cause.message : String(cause);\n    throw new Error(`Failed to parse ${label} PSBT: ${reason}`);\n  }\n}\n\n/**\n * Length of the hex prefix included in mismatch errors. Short enough that\n * full prevout txids and output scriptPubKeys never reach logs / error\n * trackers, long enough to disambiguate during forensic triage.\n */\nconst REDACTED_HEX_PREFIX_LEN = 8;\n\nfunction redactHex(buf: Buffer): string {\n  return `${buf.toString(\"hex\").slice(0, REDACTED_HEX_PREFIX_LEN)}…`;\n}\n\n/**\n * `bitcoinjs-lib` exposes `txInputs[i].hash` in internal little-endian form;\n * a human reading logs expects the big-endian txid an explorer would show.\n * Reverse before truncating so the surfaced prefix matches what an operator\n * can search for.\n */\nfunction redactTxid(internalHash: Buffer): string {\n  const reversed = Buffer.from(internalHash).reverse();\n  return redactHex(reversed);\n}\n\n/**\n * Compare two PSBTs and throw `PsbtSubstitutionError` unless they encode\n * the same unsigned transaction (version, locktime, inputs, outputs).\n *\n * @throws PsbtSubstitutionError on any mismatch in the unsigned tx\n * @throws Error if either PSBT cannot be parsed\n */\nexport function assertPsbtUnsignedTxMatches(\n  params: AssertPsbtUnsignedTxMatchesParams,\n): void {\n  const requested = parsePsbt(\"requested\", params.requestedPsbtHex);\n  const returned = parsePsbt(\"returned\", params.returnedPsbtHex);\n\n  if (requested.version !== returned.version) {\n    throw new PsbtSubstitutionError(\n      `tx version differs (requested=${requested.version}, returned=${returned.version})`,\n    );\n  }\n  if (requested.locktime !== returned.locktime) {\n    throw new PsbtSubstitutionError(\n      `tx locktime differs (requested=${requested.locktime}, returned=${returned.locktime})`,\n    );\n  }\n  if (requested.txInputs.length !== returned.txInputs.length) {\n    throw new PsbtSubstitutionError(\n      `input count differs (requested=${requested.txInputs.length}, returned=${returned.txInputs.length})`,\n    );\n  }\n  if (requested.txOutputs.length !== returned.txOutputs.length) {\n    throw new PsbtSubstitutionError(\n      `output count differs (requested=${requested.txOutputs.length}, returned=${returned.txOutputs.length})`,\n    );\n  }\n  for (let i = 0; i < requested.txInputs.length; i++) {\n    const r = requested.txInputs[i];\n    const s = returned.txInputs[i];\n    if (!r.hash.equals(s.hash)) {\n      throw new PsbtSubstitutionError(\n        `input ${i} prevout txid differs (requested=${redactTxid(r.hash)}, returned=${redactTxid(s.hash)})`,\n      );\n    }\n    if (r.index !== s.index) {\n      throw new PsbtSubstitutionError(\n        `input ${i} prevout vout differs (requested=${r.index}, returned=${s.index})`,\n      );\n    }\n    if (r.sequence !== s.sequence) {\n      throw new PsbtSubstitutionError(\n        `input ${i} sequence differs (requested=${r.sequence}, returned=${s.sequence})`,\n      );\n    }\n  }\n  for (let i = 0; i < requested.txOutputs.length; i++) {\n    const r = requested.txOutputs[i];\n    const s = returned.txOutputs[i];\n    if (!r.script.equals(s.script)) {\n      throw new PsbtSubstitutionError(\n        `output ${i} scriptPubKey differs (requested=${redactHex(r.script)}, returned=${redactHex(s.script)})`,\n      );\n    }\n    if (r.value !== s.value) {\n      throw new PsbtSubstitutionError(\n        `output ${i} value differs (requested=${r.value}, returned=${s.value})`,\n      );\n    }\n  }\n}\n"],"names":["createPayoutScript","params","connector","createPayoutConnector","TAPROOT_SINGLE_SIG_WITNESS_STACK_SIZE","buildPayoutPsbt","payoutTxHex","stripHexPrefix","peginTxHex","assertTxHex","payoutConnector","payoutScriptBytes","hexToUint8Array","controlBlock","payoutTx","Transaction","peginTx","assertTx","psbt","Psbt","input0","input1","input0Txid","uint8ArrayToHex","peginTxid","input1Txid","expectedInput1Txid","peginPrevOut","input1PrevOut","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","assertPayoutOutputMatchesRegistered","registeredPayoutScriptPubKey","isValidHex","expectedScript","max","extractPayoutSignature","signedPsbtHex","depositorPubkey","inputIndex","signedPsbt","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","witnessStack","parseWitnessStack","sig","witness","items","offset","requireBytes","n","readVarInt","first","val","count","len","PsbtSubstitutionError","detail","parsePsbt","label","hex","cause","reason","REDACTED_HEX_PREFIX_LEN","redactHex","buf","redactTxid","internalHash","reversed","assertPsbtUnsignedTxMatches","requested","returned","i","r"],"mappings":";;;;AA8IA,eAAsBA,EACpBC,GAC6B;AAE7B,QAAMC,IAAY,MAAMC;AAAA,IACtB;AAAA,MACE,WAAWF,EAAO;AAAA,MAClB,eAAeA,EAAO;AAAA,MACtB,cAAcA,EAAO;AAAA,MACrB,sBAAsBA,EAAO;AAAA,MAC7B,eAAeA,EAAO;AAAA,IAAA;AAAA,IAExBA,EAAO;AAAA,EAAA;AAGT,SAAO;AAAA,IACL,cAAcC,EAAU;AAAA,IACxB,mBAAmBA,EAAU;AAAA,IAC7B,cAAcA,EAAU;AAAA,IACxB,SAASA,EAAU;AAAA,IACnB,oBAAoBA,EAAU;AAAA,EAAA;AAElC;AChIA,MAAME,IAAwC;AAyF9C,eAAsBC,EACpBJ,GAC2B;AAE3B,QAAMK,IAAcC,EAAeN,EAAO,WAAW,GAC/CO,IAAaD,EAAeN,EAAO,UAAU,GAC7CQ,IAAcF,EAAeN,EAAO,WAAW,GAG/CS,IAAkB,MAAMV,EAAmB;AAAA,IAC/C,WAAWC,EAAO;AAAA,IAClB,eAAeA,EAAO;AAAA,IACtB,cAAcA,EAAO;AAAA,IACrB,sBAAsBA,EAAO;AAAA,IAC7B,eAAeA,EAAO;AAAA,IACtB,SAASA,EAAO;AAAA,EAAA,CACjB,GAEKU,IAAoBC,EAAgBF,EAAgB,YAAY,GAChEG,IAAeD,EAAgBF,EAAgB,kBAAkB,GAGjEI,IAAWC,EAAY,QAAQT,CAAW,GAC1CU,IAAUD,EAAY,QAAQP,CAAU,GACxCS,IAAWF,EAAY,QAAQN,CAAW,GAG1CS,IAAO,IAAIC,EAAA;AAajB,MAZAD,EAAK,WAAWJ,EAAS,OAAO,GAChCI,EAAK,YAAYJ,EAAS,QAAQ,GAW9BA,EAAS,IAAI,WAAW;AAC1B,UAAM,IAAI;AAAA,MACR,sDAAsDA,EAAS,IAAI,MAAM;AAAA,IAAA;AAI7E,QAAMM,IAASN,EAAS,IAAI,CAAC,GACvBO,IAASP,EAAS,IAAI,CAAC,GAGvBQ,IAAaC;AAAA,IACjB,IAAI,WAAWH,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ,GAExCI,IAAYR,EAAQ,MAAA;AAE1B,MAAIM,MAAeE;AACjB,UAAM,IAAI;AAAA,MACR,0DACcA,CAAS,SAASF,CAAU;AAAA,IAAA;AAK9C,QAAMG,IAAaF;AAAA,IACjB,IAAI,WAAWF,EAAO,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ,GAExCK,IAAqBT,EAAS,MAAA;AAEpC,MAAIQ,MAAeC;AACjB,UAAM,IAAI;AAAA,MACR,2DACcA,CAAkB,SAASD,CAAU;AAAA,IAAA;AAIvD,QAAME,IAAeX,EAAQ,KAAKI,EAAO,KAAK;AAC9C,MAAI,CAACO;AACH,UAAM,IAAI;AAAA,MACR,gDAAgDL,CAAU,YAAYF,EAAO,KAAK;AAAA,IAAA;AAItF,QAAMQ,IAAgBX,EAAS,KAAKI,EAAO,KAAK;AAChD,MAAI,CAACO;AACH,UAAM,IAAI;AAAA,MACR,gDAAgDH,CAAU,YAAYJ,EAAO,KAAK;AAAA,IAAA;AAMtF,EAAAH,EAAK,SAAS;AAAA,IACZ,MAAME,EAAO;AAAA,IACb,OAAOA,EAAO;AAAA,IACd,UAAUA,EAAO;AAAA,IACjB,aAAa;AAAA,MACX,QAAQO,EAAa;AAAA,MACrB,OAAOA,EAAa;AAAA,IAAA;AAAA,IAEtB,eAAe;AAAA,MACb;AAAA,QACE,aAAaE;AAAA,QACb,QAAQC,EAAO,KAAKnB,CAAiB;AAAA,QACrC,cAAcmB,EAAO,KAAKjB,CAAY;AAAA,MAAA;AAAA,IACxC;AAAA,IAEF,gBAAgBiB,EAAO,KAAKC,CAAiB;AAAA;AAAA,EAAA,CAE9C,GAKDb,EAAK,SAAS;AAAA,IACZ,MAAMG,EAAO;AAAA,IACb,OAAOA,EAAO;AAAA,IACd,UAAUA,EAAO;AAAA,IACjB,aAAa;AAAA,MACX,QAAQO,EAAc;AAAA,MACtB,OAAOA,EAAc;AAAA,IAAA;AAAA;AAAA,EACvB,CAED;AAGD,aAAWI,KAAUlB,EAAS;AAC5B,IAAAI,EAAK,UAAU;AAAA,MACb,QAAQc,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAO;AAAA,IACL,SAASd,EAAK,MAAA;AAAA,EAAM;AAExB;AAgBO,SAASe,EACd3B,GACA4B,GACM;AACN,MAAI,CAACC,EAAWD,CAA4B;AAC1C,UAAM,IAAI,MAAM,qDAAqD;AAGvE,QAAME,IAAiBN,EAAO;AAAA,IAC5BvB,EAAe2B,CAA4B;AAAA,IAC3C;AAAA,EAAA,GAEIpB,IAAWC,EAAY,QAAQR,EAAeD,CAAW,CAAC;AAEhE,MAAIQ,EAAS,KAAK,WAAW;AAC3B,UAAM,IAAI,MAAM,mCAAmC;AAOrD,MAAI,CAJkBA,EAAS,KAAK;AAAA,IAAO,CAACuB,GAAKL,MAC/CA,EAAO,QAAQK,EAAI,QAAQL,IAASK;AAAA,EAAA,EAGnB,OAAO,OAAOD,CAAc;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;AAqBO,SAASE,EACdC,GACAC,GACAC,IAAa,GACL;AACR,QAAMC,IAAavB,EAAK,QAAQoB,CAAa;AAE7C,MAAIE,KAAcC,EAAW,KAAK,OAAO;AACvC,UAAM,IAAI;AAAA,MACR,eAAeD,CAAU,kBAAkBC,EAAW,KAAK,OAAO,MAAM;AAAA,IAAA;AAI5E,QAAMC,IAAQD,EAAW,KAAK,OAAOD,CAAU;AAG/C,MAAIE,EAAM,gBAAgBA,EAAM,aAAa,SAAS,GAAG;AACvD,UAAMC,IAAuBhC,EAAgB4B,CAAe;AAE5D,eAAWK,KAAYF,EAAM;AAC3B,UAAIE,EAAS,OAAO,OAAOf,EAAO,KAAKc,CAAoB,CAAC;AAC1D,eAAOE,EAAkBD,EAAS,WAAWJ,CAAU;AAI3D,UAAM,IAAI;AAAA,MACR,4CAA4CD,CAAe,aAAaC,CAAU;AAAA,IAAA;AAAA,EAEtF;AAQA,MAAIE,EAAM,sBAAsBA,EAAM,mBAAmB,SAAS,GAAG;AACnE,UAAMI,IAAeC,EAAkBL,EAAM,kBAAkB;AAC/D,QAAII,EAAa,WAAW3C;AAC1B,YAAM,IAAI;AAAA,QACR,oDAAoDqC,CAAU,cAChDrC,CAAqC,iDAC1C2C,EAAa,MAAM;AAAA,MAAA;AAGhC,WAAOD,EAAkBC,EAAa,CAAC,GAAGN,CAAU;AAAA,EACtD;AAEA,QAAM,IAAI;AAAA,IACR,uEAAuEA,CAAU;AAAA,EAAA;AAErF;AASA,SAASK,EAAkBG,GAAiBR,GAA4B;AACtE,MAAIQ,EAAI,WAAW;AACjB,WAAO1B,EAAgB,IAAI,WAAW0B,CAAG,CAAC;AAE5C,QAAIA,EAAI,WAAW,KACX,IAAI;AAAA,IACR,6BAA6BA,EAAI,EAAE,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,aAAaR,CAAU;AAAA,EAAA,IAIvF,IAAI;AAAA,IACR,wCAAwCA,CAAU,KAAKQ,EAAI,MAAM;AAAA,EAAA;AAErE;AAUA,SAASD,EAAkBE,GAA2B;AACpD,QAAMC,IAAkB,CAAA;AACxB,MAAIC,IAAS;AAEb,QAAMC,IAAe,CAACC,MAAoB;AACxC,QAAIF,IAASE,IAAIJ,EAAQ;AACvB,YAAM,IAAI;AAAA,QACR,gCAAgCI,CAAC,sBAAsBF,CAAM,UAAUF,EAAQ,SAASE,CAAM;AAAA,MAAA;AAAA,EAGpG,GAEMG,IAAa,MAAc;AAC/B,IAAAF,EAAa,CAAC;AACd,UAAMG,IAAQN,EAAQE,GAAQ;AAC9B,QAAII,IAAQ,IAAM,QAAOA;AACzB,QAAIA,MAAU,KAAM;AAClB,MAAAH,EAAa,CAAC;AACd,YAAMI,KAAOP,EAAQE,CAAM,IAAKF,EAAQE,IAAS,CAAC,KAAK,OAAQ;AAC/D,aAAAA,KAAU,GACHK;AAAA,IACT;AACA,QAAID,MAAU,KAAM;AAClB,MAAAH,EAAa,CAAC;AACd,YAAMI,KACHP,EAAQE,CAAM,IACZF,EAAQE,IAAS,CAAC,KAAK,IACvBF,EAAQE,IAAS,CAAC,KAAK,KACvBF,EAAQE,IAAS,CAAC,KAAK,QAC1B;AACF,aAAAA,KAAU,GACHK;AAAA,IACT;AAIA,UAAM,IAAI;AAAA,MACR,wEAAwEL,IAAS,CAAC;AAAA,IAAA;AAAA,EAEtF,GAEMM,IAAQH,EAAA;AACd,WAAS,IAAI,GAAG,IAAIG,GAAO,KAAK;AAC9B,UAAMC,IAAMJ,EAAA;AACZ,IAAAF,EAAaM,CAAG,GAChBR,EAAM,KAAKrB,EAAO,KAAKoB,EAAQ,SAASE,GAAQA,IAASO,CAAG,CAAC,CAAC,GAC9DP,KAAUO;AAAA,EACZ;AAEA,MAAIP,MAAWF,EAAQ;AACrB,UAAM,IAAI;AAAA,MACR,2BAA2BA,EAAQ,SAASE,CAAM,mCAAmCM,CAAK;AAAA,IAAA;AAI9F,SAAOP;AACT;AC7bO,MAAMS,UAA8B,MAAM;AAAA,EAC/C,YAAYC,GAAgB;AAC1B;AAAA,MACE,uDAAuDA,CAAM;AAAA,IAAA,GAE/D,KAAK,OAAO;AAAA,EACd;AACF;AASA,SAASC,EAAUC,GAAiCC,GAAmB;AACrE,MAAI;AACF,WAAO7C,EAAK,QAAQ6C,CAAG;AAAA,EACzB,SAASC,GAAO;AACd,UAAMC,IAASD,aAAiB,QAAQA,EAAM,UAAU,OAAOA,CAAK;AACpE,UAAM,IAAI,MAAM,mBAAmBF,CAAK,UAAUG,CAAM,EAAE;AAAA,EAC5D;AACF;AAOA,MAAMC,IAA0B;AAEhC,SAASC,EAAUC,GAAqB;AACtC,SAAO,GAAGA,EAAI,SAAS,KAAK,EAAE,MAAM,GAAGF,CAAuB,CAAC;AACjE;AAQA,SAASG,EAAWC,GAA8B;AAChD,QAAMC,IAAW1C,EAAO,KAAKyC,CAAY,EAAE,QAAA;AAC3C,SAAOH,EAAUI,CAAQ;AAC3B;AASO,SAASC,EACdxE,GACM;AACN,QAAMyE,IAAYZ,EAAU,aAAa7D,EAAO,gBAAgB,GAC1D0E,IAAWb,EAAU,YAAY7D,EAAO,eAAe;AAE7D,MAAIyE,EAAU,YAAYC,EAAS;AACjC,UAAM,IAAIf;AAAA,MACR,iCAAiCc,EAAU,OAAO,cAAcC,EAAS,OAAO;AAAA,IAAA;AAGpF,MAAID,EAAU,aAAaC,EAAS;AAClC,UAAM,IAAIf;AAAA,MACR,kCAAkCc,EAAU,QAAQ,cAAcC,EAAS,QAAQ;AAAA,IAAA;AAGvF,MAAID,EAAU,SAAS,WAAWC,EAAS,SAAS;AAClD,UAAM,IAAIf;AAAA,MACR,kCAAkCc,EAAU,SAAS,MAAM,cAAcC,EAAS,SAAS,MAAM;AAAA,IAAA;AAGrG,MAAID,EAAU,UAAU,WAAWC,EAAS,UAAU;AACpD,UAAM,IAAIf;AAAA,MACR,mCAAmCc,EAAU,UAAU,MAAM,cAAcC,EAAS,UAAU,MAAM;AAAA,IAAA;AAGxG,WAASC,IAAI,GAAGA,IAAIF,EAAU,SAAS,QAAQE,KAAK;AAClD,UAAMC,IAAIH,EAAU,SAASE,CAAC,GACxB,IAAID,EAAS,SAASC,CAAC;AAC7B,QAAI,CAACC,EAAE,KAAK,OAAO,EAAE,IAAI;AACvB,YAAM,IAAIjB;AAAA,QACR,SAASgB,CAAC,oCAAoCN,EAAWO,EAAE,IAAI,CAAC,cAAcP,EAAW,EAAE,IAAI,CAAC;AAAA,MAAA;AAGpG,QAAIO,EAAE,UAAU,EAAE;AAChB,YAAM,IAAIjB;AAAA,QACR,SAASgB,CAAC,oCAAoCC,EAAE,KAAK,cAAc,EAAE,KAAK;AAAA,MAAA;AAG9E,QAAIA,EAAE,aAAa,EAAE;AACnB,YAAM,IAAIjB;AAAA,QACR,SAASgB,CAAC,gCAAgCC,EAAE,QAAQ,cAAc,EAAE,QAAQ;AAAA,MAAA;AAAA,EAGlF;AACA,WAASD,IAAI,GAAGA,IAAIF,EAAU,UAAU,QAAQE,KAAK;AACnD,UAAMC,IAAIH,EAAU,UAAUE,CAAC,GACzB,IAAID,EAAS,UAAUC,CAAC;AAC9B,QAAI,CAACC,EAAE,OAAO,OAAO,EAAE,MAAM;AAC3B,YAAM,IAAIjB;AAAA,QACR,UAAUgB,CAAC,oCAAoCR,EAAUS,EAAE,MAAM,CAAC,cAAcT,EAAU,EAAE,MAAM,CAAC;AAAA,MAAA;AAGvG,QAAIS,EAAE,UAAU,EAAE;AAChB,YAAM,IAAIjB;AAAA,QACR,UAAUgB,CAAC,6BAA6BC,EAAE,KAAK,cAAc,EAAE,KAAK;AAAA,MAAA;AAAA,EAG1E;AACF;"}

package/dist/buildAndBroadcastRefund-Ck_ddlLk.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"buildAndBroadcastRefund-Ck_ddlLk.js","sources":["../src/tbv/core/services/activation/activateVault.ts","../src/tbv/core/services/deposit/waitForPeginStatus.ts","../src/tbv/core/services/deposit/submitWotsPublicKey.ts","../src/tbv/core/services/deposit/signDepositorGraph.ts","../src/tbv/core/services/deposit/runDepositorPresignFlow.ts","../src/tbv/core/services/deposit/validation.ts","../src/tbv/core/services/deposit/validateOnChainParticipantKeys.ts","../src/tbv/core/services/deposit/verifyRegisteredVaultVersions.ts","../src/tbv/core/services/pegout/state.ts","../src/tbv/core/services/refund/errors.ts","../src/tbv/core/services/refund/buildAndBroadcastRefund.ts"],"sourcesContent":["/**\n * Vault activation — reveal HTLC secret on Ethereum to move the vault from\n * Verified to Active. The on-chain contract validates `sha256(s) == hashlock`\n * and the activation deadline; this function pre-validates inputs (including\n * an optional hashlock check) and delegates the actual contract write to an\n * injected callback so the SDK stays transport-agnostic.\n *\n * @module services/activation\n */\n\nimport type { Abi, Address, Hash, Hex } from \"viem\";\n\nimport { BTCVaultRegistryABI } from \"../../contracts/abis/BTCVaultRegistry.abi\";\nimport { ensureHexPrefix } from \"../../primitives/utils/bitcoin\";\nimport { validateSecretAgainstHashlock } from \"../htlc\";\n\nconst BYTES32_HEX_RE = /^0x[0-9a-fA-F]{64}$/;\nconst ADDRESS_HEX_RE = /^0x[0-9a-fA-F]{40}$/;\n// ETH calldata convention: 0x prefix REQUIRED, even number of hex chars, may\n// be empty (\"0x\"). Named distinctly from the BTC-hex regex in\n// buildAndBroadcastRefund.ts (which allows an optional prefix and requires\n// non-empty) to make the convention explicit at the call site.\nconst ETH_HEX_BYTES_RE = /^0x([0-9a-fA-F]{2})*$/;\n\nfunction assertBytes32(value: string, label: string): void {\n  if (value.length !== 66) {\n    throw new Error(\n      `${label} must be 32 bytes (66 hex chars with 0x prefix), got length ${value.length}`,\n    );\n  }\n  if (!BYTES32_HEX_RE.test(value)) {\n    throw new Error(\n      `${label} must contain only hex characters after the 0x prefix`,\n    );\n  }\n}\n\nfunction assertAddress(value: string, label: string): void {\n  if (!ADDRESS_HEX_RE.test(value)) {\n    throw new Error(\n      `${label} must be a 20-byte 0x-prefixed hex address (42 chars)`,\n    );\n  }\n}\n\nfunction assertHexBytes(value: string, label: string): void {\n  if (!ETH_HEX_BYTES_RE.test(value)) {\n    throw new Error(\n      `${label} must be a 0x-prefixed hex string with an even number of hex chars`,\n    );\n  }\n}\n\n/**\n * A single ETH contract-write call. The SDK assembles these; the caller\n * executes them via viem, wagmi, a wallet provider, or any other transport.\n */\nexport interface EthContractWriteCall {\n  address: Address;\n  abi: Abi;\n  functionName: string;\n  args: readonly unknown[];\n}\n\n/**\n * Minimum shape the SDK requires from any contract-write result. Callers may\n * return richer objects (e.g. including the receipt) — the SDK propagates\n * them unchanged via the generic parameter on {@link EthContractWriter}.\n */\nexport interface EthContractWriteResult {\n  transactionHash: Hash;\n}\n\n/**\n * Caller-provided contract writer. The generic `R` lets callers return any\n * transport-specific result shape (e.g. `{ transactionHash, receipt }`);\n * the SDK forwards that shape back through `activateVault`.\n */\nexport type EthContractWriter<R extends EthContractWriteResult = EthContractWriteResult> = (\n  call: EthContractWriteCall,\n) => Promise<R>;\n\nexport interface ActivateVaultInput<\n  R extends EthContractWriteResult = EthContractWriteResult,\n> {\n  /** BTCVaultRegistry contract address (env-specific). */\n  btcVaultRegistryAddress: Address;\n  /** Vault ID (bytes32, 0x-prefixed). */\n  vaultId: Hex;\n  /**\n   * HTLC secret preimage (bytes32). A missing `0x` prefix or an uppercase\n   * `0X` prefix is normalised before validation.\n   */\n  secret: string;\n  /**\n   * Optional hashlock for client-side pre-validation. When provided, the SDK\n   * rejects before calling `writeContract` if `sha256(secret) != hashlock`.\n   */\n  hashlock?: Hex;\n  /**\n   * Activation metadata passed through to the contract. Required to keep\n   * the \"empty metadata\" convention explicit at the call site — pass `\"0x\"`\n   * (empty bytes) when no metadata is needed. Must be a 0x-prefixed hex\n   * string with an even number of hex chars.\n   */\n  activationMetadata: Hex;\n  /** Caller-provided write callback — see {@link EthContractWriter}. */\n  writeContract: EthContractWriter<R>;\n  /**\n   * Optional abort signal. Checked before validation runs; since validation\n   * is fully synchronous, cancellation between validation and the write is\n   * not observable and callers should rely on the transport's own\n   * cancellation support for that window.\n   */\n  signal?: AbortSignal;\n}\n\n/**\n * Reveal the HTLC secret on Ethereum and activate the vault.\n *\n * Validates inputs, optionally pre-checks the secret against the expected\n * hashlock, and delegates the contract write to `writeContract`. Returns\n * whatever the writer returns so callers can keep richer transport-specific\n * metadata (e.g. viem receipts) end-to-end.\n *\n * @throws `Error` if `btcVaultRegistryAddress` is not a valid 20-byte address\n * @throws `Error` if `vaultId` or `secret` is not a valid 32-byte hex\n * @throws `Error` if `hashlock` is provided and is not a valid 32-byte hex,\n *         or if `sha256(secret) != hashlock`\n * @throws `Error` if `activationMetadata` is not a 0x-prefixed hex byte\n *         string (must have an even number of hex chars). Pass `\"0x\"` for\n *         empty metadata.\n * @throws whatever the injected `writeContract` throws\n * @throws `AbortError` / caller-provided abort reason if `signal` aborts\n */\nexport async function activateVault<\n  R extends EthContractWriteResult = EthContractWriteResult,\n>(input: ActivateVaultInput<R>): Promise<R> {\n  const {\n    btcVaultRegistryAddress,\n    vaultId,\n    hashlock,\n    activationMetadata,\n    writeContract,\n    signal,\n  } = input;\n\n  signal?.throwIfAborted();\n\n  assertAddress(btcVaultRegistryAddress, \"btcVaultRegistryAddress\");\n  assertBytes32(vaultId, \"vaultId\");\n\n  const normalizedSecret = ensureHexPrefix(input.secret);\n  assertBytes32(normalizedSecret, \"secret\");\n\n  if (hashlock !== undefined) {\n    assertBytes32(hashlock, \"hashlock\");\n    if (!validateSecretAgainstHashlock(normalizedSecret, hashlock)) {\n      throw new Error(\n        \"Invalid secret: SHA256(secret) does not match the provided hashlock\",\n      );\n    }\n  }\n\n  assertHexBytes(activationMetadata, \"activationMetadata\");\n\n  return writeContract({\n    address: btcVaultRegistryAddress,\n    abi: BTCVaultRegistryABI,\n    functionName: \"activateVaultWithSecret\",\n    args: [vaultId, normalizedSecret, activationMetadata],\n  });\n}\n","/**\n * Poll `getPeginStatus` until the VP reaches one of the target statuses.\n *\n * Pure polling utility with no framework dependencies (no localStorage, no React).\n * Handles \"PegIn not found\" as transient (VP hasn't ingested yet).\n */\n\nimport { JsonRpcError } from \"../../clients/vault-provider/json-rpc-client\";\nimport {\n  RpcErrorCode,\n  VP_TERMINAL_STATUSES,\n  type DaemonStatus,\n} from \"../../clients/vault-provider/types\";\nimport type { PeginStatusReader } from \"./interfaces\";\n\n/** Default polling interval (10 seconds). */\nconst DEFAULT_POLL_INTERVAL_MS = 10_000;\n\nexport interface WaitForPeginStatusParams {\n  /** VP client implementing the status reader interface */\n  statusReader: PeginStatusReader;\n  /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n  peginTxid: string;\n  /** Set of acceptable statuses — polling stops when the VP reports one of these */\n  targetStatuses: ReadonlySet<DaemonStatus>;\n  /** Maximum time to wait in milliseconds */\n  timeoutMs: number;\n  /** Polling interval in milliseconds (default: 10s) */\n  pollIntervalMs?: number;\n  /** AbortSignal for cancellation */\n  signal?: AbortSignal;\n}\n\n/**\n * Poll `getPeginStatus` until the VP reaches one of the target statuses.\n *\n * @returns The DaemonStatus string that matched one of the targets\n * @throws Error on timeout, abort, or non-transient RPC error\n */\nexport async function waitForPeginStatus(\n  params: WaitForPeginStatusParams,\n): Promise<DaemonStatus> {\n  const {\n    statusReader,\n    peginTxid,\n    targetStatuses,\n    timeoutMs,\n    pollIntervalMs = DEFAULT_POLL_INTERVAL_MS,\n    signal,\n  } = params;\n\n  const startTime = Date.now();\n\n  while (true) {\n    if (signal?.aborted) {\n      throw new Error(\n        `Polling aborted for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n      );\n    }\n\n    if (Date.now() - startTime >= timeoutMs) {\n      throw new Error(\n        `Polling timeout after ${timeoutMs}ms for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n      );\n    }\n\n    try {\n      const response = await statusReader.getPeginStatus(\n        { pegin_txid: peginTxid },\n        signal,\n      );\n\n      // Reject responses echoing a different pegin txid.\n      if (response.pegin_txid.toLowerCase() !== peginTxid.toLowerCase()) {\n        throw new Error(\n          `getPeginStatus returned status for pegin ${response.pegin_txid.slice(0, 8)}…, requested ${peginTxid.slice(0, 8)}…`,\n        );\n      }\n\n      const status = response.status as DaemonStatus;\n      if (targetStatuses.has(status)) {\n        return status;\n      }\n      // Fail fast on terminal statuses to avoid waiting for timeout\n      if (VP_TERMINAL_STATUSES.has(status) && !targetStatuses.has(status)) {\n        throw new Error(\n          `Pegin ${peginTxid.slice(0, 8)}… reached terminal status \"${status}\" while waiting for ${[...targetStatuses].join(\", \")}`,\n        );\n      }\n    } catch (error) {\n      // \"PegIn not found\" is transient — VP hasn't ingested the pegin yet.\n      // Check structured error code first, fall back to message matching.\n      const isNotFound =\n        (error instanceof JsonRpcError &&\n          error.code === RpcErrorCode.NOT_FOUND) ||\n        (error instanceof Error && error.message.includes(\"PegIn not found\"));\n      if (!isNotFound) {\n        throw error;\n      }\n    }\n\n    // Wait before next poll, with abort support\n    await new Promise<void>((resolve, reject) => {\n      const onAbort = () => {\n        clearTimeout(timeoutId);\n        reject(\n          new Error(\n            `Polling aborted for pegin ${peginTxid.slice(0, 8)}… (target: ${[...targetStatuses].join(\", \")})`,\n          ),\n        );\n      };\n      const timeoutId = setTimeout(() => {\n        signal?.removeEventListener(\"abort\", onAbort);\n        resolve();\n      }, pollIntervalMs);\n      signal?.addEventListener(\"abort\", onAbort, { once: true });\n    });\n  }\n}\n","/**\n * Submit pre-derived WOTS public keys to the vault provider.\n *\n * Polls `getPeginStatus` until the VP reaches `PendingDepositorWotsPK`,\n * then submits the keys. If the VP has already moved past WOTS step\n * (e.g., resume flow), submission is skipped.\n *\n * The caller is responsible for deriving WOTS keys externally using\n * `expandWotsSeed` + `deriveWotsBlocksFromSeed` from the SDK's\n * `tbv/core/vault-secrets` and `tbv/core/wots` modules respectively.\n */\n\nimport {\n  DaemonStatus,\n  POST_WOTS_STATUSES,\n  type WotsBlockPublicKey,\n} from \"../../clients/vault-provider/types\";\nimport type { PeginStatusReader, WotsKeySubmitter } from \"./interfaces\";\nimport { waitForPeginStatus } from \"./waitForPeginStatus\";\n\n/** Maximum time to wait for VP to reach PendingDepositorWotsPK (5 min). */\nconst STATUS_POLL_TIMEOUT_MS = 5 * 60 * 1000;\n\n/** All statuses we accept — either ready for submission or already past it. */\nconst TARGET_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n  DaemonStatus.PENDING_DEPOSITOR_WOTS_PK,\n  ...POST_WOTS_STATUSES,\n]);\n\nexport interface SubmitWotsPublicKeyParams {\n  /** VP client implementing the status reader interface */\n  statusReader: PeginStatusReader;\n  /** VP client implementing the WOTS key submission interface */\n  wotsSubmitter: WotsKeySubmitter;\n  /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n  peginTxid: string;\n  /** Depositor's x-only BTC public key (unprefixed hex, 64 chars) */\n  depositorPk: string;\n  /** Pre-derived WOTS block public keys (one per assert block) */\n  wotsPublicKeys: WotsBlockPublicKey[];\n  /** Maximum time to wait for VP to be ready (default: 5 min) */\n  timeoutMs?: number;\n  /** AbortSignal for cancellation */\n  signal?: AbortSignal;\n}\n\n/**\n * Submit WOTS public keys to the vault provider.\n *\n * @throws Error on timeout, abort, or RPC error\n */\nexport async function submitWotsPublicKey(\n  params: SubmitWotsPublicKeyParams,\n): Promise<void> {\n  const {\n    statusReader,\n    wotsSubmitter,\n    peginTxid,\n    depositorPk,\n    wotsPublicKeys,\n    timeoutMs = STATUS_POLL_TIMEOUT_MS,\n    signal,\n  } = params;\n\n  signal?.throwIfAborted();\n\n  // Wait until VP has ingested the pegin and is ready for the WOTS key.\n  const status = await waitForPeginStatus({\n    statusReader,\n    peginTxid,\n    targetStatuses: TARGET_STATUSES,\n    timeoutMs,\n    signal,\n  });\n\n  // Key was already submitted in a previous session (e.g. resume flow)\n  if (POST_WOTS_STATUSES.has(status)) {\n    return;\n  }\n\n  signal?.throwIfAborted();\n\n  await wotsSubmitter.submitDepositorWotsKey(\n    {\n      pegin_txid: peginTxid,\n      depositor_pk: depositorPk,\n      wots_public_keys: wotsPublicKeys,\n    },\n    signal,\n  );\n}\n","/**\n * Depositor Graph Signing Service\n *\n * Signs the depositor's own graph transactions (Payout, NoPayout per challenger)\n * for the depositor-as-claimer flow.\n *\n * Both PSBTs are constructed locally from authoritative on-chain connector\n * parameters and the VP-advertised transaction hexes (which are themselves\n * cross-checked against on-chain or protocol-defined sinks). Building PSBTs\n * locally is essential: every field that enters the Taproot sighash\n * (witnessUtxo, tapLeafScript, controlBlock, tapInternalKey) must come from\n * trusted sources, otherwise a malicious VP could substitute metadata that\n * makes the depositor's signature valid for a different spend.\n *\n * Transaction counts: 1 Payout + N NoPayout = 1 + N total PSBTs.\n *\n * @see btc-vault docs/pegin.md - \"Automatic Graph Creation & Presigning\"\n * @see btc-vault crates/vault/src/transactions/nopayout.rs - NoPayout structure\n */\n\nimport { type Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Transaction } from \"bitcoinjs-lib\";\n\nimport type { BitcoinWallet, SignPsbtOptions } from \"../../../../shared/wallets/interfaces\";\nimport type {\n  DepositorAsClaimerPresignatures,\n  DepositorGraphTransactions,\n  DepositorPreSigsPerChallenger,\n  PresignDataPerChallenger,\n} from \"../../clients/vault-provider/types\";\nimport {\n  assertPsbtUnsignedTxMatches,\n  type AssertPsbtUnsignedTxMatchesParams,\n} from \"../../primitives/psbt/assertPsbtUnsignedTxMatches\";\nimport {\n  assertNoPayoutOutputMatchesChallenger,\n  buildNoPayoutPsbt,\n} from \"../../primitives/psbt/noPayout\";\nimport {\n  assertPayoutOutputMatchesRegistered,\n  buildPayoutPsbt,\n  extractPayoutSignature,\n} from \"../../primitives/psbt/payout\";\nimport {\n  stripHexPrefix,\n  uint8ArrayToHex,\n  validateWalletPubkey,\n} from \"../../primitives/utils/bitcoin\";\nimport { createTaprootScriptPathSignOptions } from \"../../utils/signing\";\n\n/**\n * The depositor signs exactly one input (index 0) per payout/nopayout PSBT.\n * Used to construct SignPsbtOptions for wallet.signPsbt(). PSBTs may carry\n * additional inputs (the payout PSBT includes the assert prevout; the nopayout\n * PSBT includes the two ChallengeAssert prevouts) so the Taproot SIGHASH_DEFAULT\n * sighash commits to all prevouts, but those inputs are not signed by the\n * depositor.\n */\nconst DEPOSITOR_SIGNED_INPUT_COUNT = 1;\n\n/** Tracks which indices in the flat PSBT array belong to which challenger */\ninterface ChallengerEntry {\n  challengerPubkey: string;\n  noPayoutIdx: number;\n}\n\n/** Result of the collect phase - flat PSBT array with index mapping */\ninterface CollectedDepositorGraphPsbts {\n  psbtHexes: string[];\n  signOptions: SignPsbtOptions[];\n  challengerEntries: ChallengerEntry[];\n}\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/**\n * Compute the local-challenger set for the depositor-as-claimer flow.\n *\n * Per btc-vault `crates/vault/src/tx_graph/graph.rs:144-150` (introduced in\n * PR #1092 / commit 3133b698, 2026-02-18):\n *   Depositor-as-claimer: LocalChallengers = VKs only (VP excluded)\n *\n * Note: the docstring at `crates/vault/src/lib.rs:332` still says\n * `{VaultProvider, VaultKeepers} - {Claimer}` — that wording is stale and\n * predates the depositor-as-claimer special case. This function follows the\n * actual implementation, not the stale docstring.\n *\n * The protocol guarantees the depositor is not a vault keeper\n * (`TxGraphParams::validate` enforces it), so the depositor filter here is\n * defense-in-depth; it surfaces a clear error if a misconfigured context\n * ever violates the invariant.\n */\nfunction deriveLocalChallengers(\n  vaultKeeperBtcPubkeys: string[],\n  depositorBtcPubkey: string,\n): string[] {\n  const depositor = stripHexPrefix(depositorBtcPubkey).toLowerCase();\n  const vks = vaultKeeperBtcPubkeys.map((k) => stripHexPrefix(k).toLowerCase());\n  const filtered = vks.filter((k) => k !== depositor);\n  if (filtered.length === 0) {\n    throw new Error(\n      \"Cannot derive localChallengers: vault keeper set is empty (or contains only the depositor)\",\n    );\n  }\n  if (new Set(filtered).size !== filtered.length) {\n    throw new Error(\n      \"Cannot derive localChallengers: duplicate vaultKeeper key — signing context is misconfigured\",\n    );\n  }\n  return filtered;\n}\n\n/**\n * Reject VP-supplied `challenger_presign_data` whose pubkey set does not\n * exactly equal `localChallengers ∪ universalChallengers`.\n *\n * The daemon's `challenger_presign_data` contains one entry per challenger\n * in `Challengers::all_sorted() = local + universal` (per\n * btc-vault `crates/vault/src/tx_graph/graph.rs:438-458`). For the\n * depositor-as-claimer flow this is `VKs + UCs`.\n *\n * Threat model: a malicious or buggy VP could omit, duplicate, or inject\n * unrelated entries. Missing entries → depositor activates with incomplete\n * recovery material (omitted challenger later becomes unenforceable).\n * Duplicates or extras → wallet signs PSBTs for challengers the protocol\n * doesn't recognize, handing the VP signatures it shouldn't have.\n */\nfunction assertChallengerSetMatchesExpected(\n  challengerPresignData: PresignDataPerChallenger[],\n  localChallengers: string[],\n  universalChallengerBtcPubkeys: string[],\n): void {\n  const universal = universalChallengerBtcPubkeys.map((k) =>\n    stripHexPrefix(k).toLowerCase(),\n  );\n  // Protocol guarantee: local and universal sets are disjoint. Reject\n  // overlap so the depositor doesn't sign for an ambiguous challenger role.\n  const overlap = localChallengers.filter((k) => universal.includes(k));\n  if (overlap.length > 0) {\n    throw new Error(\n      `Cannot validate challenger set: vault keepers and universal challengers overlap (${overlap.join(\", \")})`,\n    );\n  }\n  const expected = [...localChallengers, ...universal];\n\n  const suppliedList = challengerPresignData.map((c) =>\n    stripHexPrefix(c.challenger_pubkey).toLowerCase(),\n  );\n  const suppliedSet = new Set(suppliedList);\n  if (suppliedSet.size !== suppliedList.length) {\n    throw new Error(\n      \"Depositor graph contains duplicate challenger entries in challenger_presign_data\",\n    );\n  }\n  const expectedSet = new Set(expected);\n  const missing = expected.filter((c) => !suppliedSet.has(c));\n  const extra = suppliedList.filter((c) => !expectedSet.has(c));\n  if (missing.length > 0 || extra.length > 0) {\n    throw new Error(\n      `Depositor graph challenger set does not match expected (local ∪ universal)` +\n        (missing.length > 0 ? ` (missing: ${missing.join(\", \")})` : \"\") +\n        (extra.length > 0 ? ` (unexpected: ${extra.join(\", \")})` : \"\"),\n    );\n  }\n}\n\n/**\n * Read the txid that the given input references in the unsigned tx, in display\n * (big-endian) hex order. bitcoinjs-lib stores `input.hash` in internal\n * little-endian byte order, which is the reverse of how txids are normally\n * displayed.\n */\nfunction readInputTxid(tx: Transaction, inputIndex: number): string {\n  const input = tx.ins[inputIndex];\n  return uint8ArrayToHex(new Uint8Array(input.hash).slice().reverse());\n}\n\n/**\n * Verify the noPayout transaction's input at `inputIndex` references the\n * given parent transaction at vout 0 (per nopayout.rs the layout is fixed:\n * Assert:0, ChallengeAssertX:0, ChallengeAssertY:0).\n */\nfunction assertInputReferencesParent(\n  noPayoutTx: Transaction,\n  inputIndex: number,\n  parentTx: Transaction,\n  parentLabel: string,\n  challengerPubkey: string,\n): void {\n  const input = noPayoutTx.ins[inputIndex];\n  if (input.index !== 0) {\n    throw new Error(\n      `NoPayout (challenger ${challengerPubkey}) input ${inputIndex} expected to spend ${parentLabel} vout 0, got vout ${input.index}`,\n    );\n  }\n  const parentTxid = parentTx.getId();\n  const inputTxid = readInputTxid(noPayoutTx, inputIndex);\n  if (inputTxid !== parentTxid) {\n    throw new Error(\n      `NoPayout (challenger ${challengerPubkey}) input ${inputIndex} does not reference ${parentLabel} (expected txid ${parentTxid}, got ${inputTxid})`,\n    );\n  }\n}\n\n// ============================================================================\n// Collect phase\n// ============================================================================\n\n/**\n * Build the depositor's payout PSBT and per-challenger NoPayout PSBTs locally\n * from authoritative connector params.\n *\n * Layout of returned arrays: [Payout, NoPayout_0, NoPayout_1, ...]\n */\nasync function collectDepositorGraphPsbts(\n  depositorGraph: DepositorGraphTransactions,\n  walletPublicKey: string,\n  ctx: DepositorGraphSigningContext,\n): Promise<CollectedDepositorGraphPsbts> {\n  const psbtHexes: string[] = [];\n  const signOptions: SignPsbtOptions[] = [];\n  const challengerEntries: ChallengerEntry[] = [];\n\n  // 1. Fail-fast on a malformed VP response BEFORE doing any PSBT-build\n  //    work that would be wasted if the challenger set is wrong.\n  const localChallengers = deriveLocalChallengers(\n    ctx.vaultKeeperBtcPubkeys,\n    ctx.depositorBtcPubkey,\n  );\n  assertChallengerSetMatchesExpected(\n    depositorGraph.challenger_presign_data,\n    localChallengers,\n    ctx.universalChallengerBtcPubkeys,\n  );\n\n  // 2. Validate the payout transaction's largest output pays to the\n  //    depositor's on-chain registered payout scriptPubKey. The payout tx\n  //    hex is supplied by the VP and otherwise unconstrained; this assertion\n  //    pins the destination of the funds.\n  assertPayoutOutputMatchesRegistered(\n    depositorGraph.payout_tx.tx_hex,\n    ctx.registeredPayoutScriptPubKey,\n  );\n\n  // 3. Build the payout PSBT locally. Every sighash-relevant field\n  //    (witnessUtxo, tapLeafScript, controlBlock, tapInternalKey) is derived\n  //    from on-chain trusted connector params, not from the VP. The VP-\n  //    supplied assert tx hex is implicitly pinned by buildPayoutPsbt's\n  //    input-1 txid check against payoutTx.ins[1].hash.\n  const builtPayout = await buildPayoutPsbt({\n    payoutTxHex: depositorGraph.payout_tx.tx_hex,\n    peginTxHex: ctx.peginTxHex,\n    assertTxHex: depositorGraph.assert_tx.tx_hex,\n    depositorBtcPubkey: ctx.depositorBtcPubkey,\n    vaultProviderBtcPubkey: ctx.vaultProviderBtcPubkey,\n    vaultKeeperBtcPubkeys: ctx.vaultKeeperBtcPubkeys,\n    universalChallengerBtcPubkeys: ctx.universalChallengerBtcPubkeys,\n    timelockPegin: ctx.timelockPegin,\n    network: ctx.network,\n  });\n  psbtHexes.push(builtPayout.psbtHex);\n  signOptions.push(\n    createTaprootScriptPathSignOptions(\n      walletPublicKey,\n      DEPOSITOR_SIGNED_INPUT_COUNT,\n    ),\n  );\n\n  // 4. Per-challenger: build the NoPayout PSBT locally too.\n  const claimerPubkey = stripHexPrefix(ctx.depositorBtcPubkey);\n  const assertTxParsed = Transaction.fromHex(\n    stripHexPrefix(depositorGraph.assert_tx.tx_hex),\n  );\n\n  for (const challenger of depositorGraph.challenger_presign_data) {\n    const challengerPubkey = stripHexPrefix(challenger.challenger_pubkey);\n\n    const noPayoutIdx = psbtHexes.length;\n    const noPayoutHex = await buildLocalNoPayoutPsbt({\n      challenger,\n      challengerPubkey,\n      claimerPubkey,\n      localChallengers,\n      assertTxParsed,\n      ctx,\n    });\n    psbtHexes.push(noPayoutHex);\n    signOptions.push(\n      createTaprootScriptPathSignOptions(\n        walletPublicKey,\n        DEPOSITOR_SIGNED_INPUT_COUNT,\n      ),\n    );\n\n    challengerEntries.push({\n      challengerPubkey,\n      noPayoutIdx,\n    });\n  }\n\n  return { psbtHexes, signOptions, challengerEntries };\n}\n\ninterface BuildLocalNoPayoutPsbtParams {\n  challenger: PresignDataPerChallenger;\n  challengerPubkey: string;\n  claimerPubkey: string;\n  localChallengers: string[];\n  assertTxParsed: Transaction;\n  ctx: DepositorGraphSigningContext;\n}\n\n/**\n * Build a single NoPayout PSBT for one challenger from authoritative\n * inputs. Validates the VP-supplied parent transactions match what the\n * NoPayout transaction commits to via input txids, and asserts the output\n * pays to the protocol-defined challenger sink before returning.\n *\n * NoPayout transaction layout (per\n * btc-vault crates/vault/src/transactions/nopayout.rs):\n * - 3 inputs (fixed order):\n *   - Input 0: Assert tx output 0 (depositor signs - NoPayout path)\n *   - Input 1: ChallengeAssertX tx output 0 (with timelock)\n *   - Input 2: ChallengeAssertY tx output 0 (with timelock)\n * - 1 output: BIP-86 P2TR to the challenger\n */\nasync function buildLocalNoPayoutPsbt(\n  params: BuildLocalNoPayoutPsbtParams,\n): Promise<string> {\n  const {\n    challenger,\n    challengerPubkey,\n    claimerPubkey,\n    localChallengers,\n    assertTxParsed,\n    ctx,\n  } = params;\n\n  // Pin the output sink before doing any sighash-relevant work.\n  assertNoPayoutOutputMatchesChallenger(\n    challenger.nopayout_tx.tx_hex,\n    challengerPubkey,\n    ctx.network,\n  );\n\n  // Parse the NoPayout tx and the two ChallengeAssert parents.\n  const noPayoutTx = Transaction.fromHex(\n    stripHexPrefix(challenger.nopayout_tx.tx_hex),\n  );\n  const challengeAssertXTx = Transaction.fromHex(\n    stripHexPrefix(challenger.challenge_assert_x_tx.tx_hex),\n  );\n  const challengeAssertYTx = Transaction.fromHex(\n    stripHexPrefix(challenger.challenge_assert_y_tx.tx_hex),\n  );\n\n  if (noPayoutTx.ins.length !== 3) {\n    throw new Error(\n      `NoPayout (challenger ${challengerPubkey}) must have exactly 3 inputs, got ${noPayoutTx.ins.length}`,\n    );\n  }\n\n  // Pin every input's parent. Each parent's outs[0] is the authoritative\n  // prevout - because we verified the parent's txid matches what the NoPayout\n  // tx commits to, the parent cannot be substituted without changing the\n  // NoPayout txid.\n  assertInputReferencesParent(\n    noPayoutTx,\n    0,\n    assertTxParsed,\n    \"Assert\",\n    challengerPubkey,\n  );\n  assertInputReferencesParent(\n    noPayoutTx,\n    1,\n    challengeAssertXTx,\n    \"ChallengeAssertX\",\n    challengerPubkey,\n  );\n  assertInputReferencesParent(\n    noPayoutTx,\n    2,\n    challengeAssertYTx,\n    \"ChallengeAssertY\",\n    challengerPubkey,\n  );\n\n  const prevouts = [\n    assertTxParsed.outs[0],\n    challengeAssertXTx.outs[0],\n    challengeAssertYTx.outs[0],\n  ].map((out) => ({\n    script_pubkey: uint8ArrayToHex(new Uint8Array(out.script)),\n    value: out.value,\n  }));\n\n  return buildNoPayoutPsbt({\n    noPayoutTxHex: challenger.nopayout_tx.tx_hex,\n    challengerPubkey,\n    prevouts,\n    connectorParams: {\n      claimer: claimerPubkey,\n      localChallengers,\n      universalChallengers: ctx.universalChallengerBtcPubkeys,\n      timelockAssert: ctx.timelockAssert,\n      councilMembers: ctx.councilMembers,\n      councilQuorum: ctx.councilQuorum,\n    },\n  });\n}\n\n// ============================================================================\n// Extract phase\n// ============================================================================\n\n/** A pair of a locally-built PSBT and the wallet-returned PSBT for it. */\ntype PsbtPair = AssertPsbtUnsignedTxMatchesParams;\n\n/**\n * Extract all signatures from signed PSBTs and assemble into presignatures.\n * Each pair is asserted to encode the same unsigned tx before its signature\n * is extracted — defends against a wallet that returns a signature for a\n * substituted transaction.\n */\nfunction extractDepositorGraphSignatures(\n  psbtPairs: PsbtPair[],\n  challengerEntries: ChallengerEntry[],\n  depositorPubkey: string,\n): DepositorAsClaimerPresignatures {\n  assertPsbtUnsignedTxMatches(psbtPairs[0]);\n  const payoutSignature = extractPayoutSignature(\n    psbtPairs[0].returnedPsbtHex,\n    depositorPubkey,\n  );\n\n  const perChallenger: Record<string, DepositorPreSigsPerChallenger> = {};\n  for (const entry of challengerEntries) {\n    assertPsbtUnsignedTxMatches(psbtPairs[entry.noPayoutIdx]);\n    perChallenger[entry.challengerPubkey] = {\n      nopayout_signature: extractPayoutSignature(\n        psbtPairs[entry.noPayoutIdx].returnedPsbtHex,\n        depositorPubkey,\n      ),\n    };\n  }\n\n  return {\n    payout_signatures: {\n      payout_signature: payoutSignature,\n    },\n    per_challenger: perChallenger,\n  };\n}\n\n/**\n * Sign multiple PSBTs, using batch signing when the wallet supports it.\n * Falls back to sequential `signPsbt` calls for wallets without `signPsbts`.\n */\nasync function signPsbtsWithFallback(\n  wallet: BitcoinWallet,\n  psbtHexes: string[],\n  options?: SignPsbtOptions[],\n): Promise<string[]> {\n  if (typeof wallet.signPsbts === \"function\") {\n    return wallet.signPsbts(psbtHexes, options);\n  }\n\n  const signed: string[] = [];\n  for (let i = 0; i < psbtHexes.length; i++) {\n    signed.push(await wallet.signPsbt(psbtHexes[i], options?.[i]));\n  }\n  return signed;\n}\n\n// ============================================================================\n// Main entry point\n// ============================================================================\n\n/**\n * Authoritative inputs required to construct the depositor's Payout AND every\n * per-challenger NoPayout PSBT locally. Every field here must come from\n * trusted on-chain sources, not from the vault provider response. They feed\n * directly into the Taproot sighash.\n */\nexport interface DepositorGraphSigningContext {\n  /** Raw pegin BTC transaction hex (provides the depositor's signed prevout) */\n  peginTxHex: string;\n  /** Depositor's BTC public key (x-only, 64-char hex, no 0x prefix) */\n  depositorBtcPubkey: string;\n  /** Vault provider's BTC public key (x-only hex, no prefix) */\n  vaultProviderBtcPubkey: string;\n  /** Sorted vault keeper BTC public keys (x-only hex, no prefix) */\n  vaultKeeperBtcPubkeys: string[];\n  /** Sorted universal challenger BTC public keys (x-only hex, no prefix) */\n  universalChallengerBtcPubkeys: string[];\n  /** Pegin CSV timelock from the locked offchain params version (blocks) */\n  timelockPegin: number;\n  /**\n   * Assert CSV timelock from the locked offchain params version (blocks).\n   * Sourced from the on-chain ProtocolParams contract via\n   * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).timelockAssert`.\n   */\n  timelockAssert: number;\n  /**\n   * Security council member x-only public keys (hex, no prefix). Sourced from\n   * the on-chain ProtocolParams contract via\n   * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).securityCouncilKeys`.\n   */\n  councilMembers: string[];\n  /**\n   * M-of-N council quorum threshold. Sourced from the on-chain ProtocolParams\n   * contract via `ViemProtocolParamsReader.getOffchainParamsByVersion(...).councilQuorum`.\n   */\n  councilQuorum: number;\n  /** BTC network (Mainnet, Testnet, etc.) */\n  network: Network;\n  /**\n   * On-chain registered depositor payout scriptPubKey (hex, with or without\n   * 0x prefix). Used to assert the VP-advertised payout transaction pays to\n   * the depositor's registered address before the wallet produces a signature.\n   */\n  registeredPayoutScriptPubKey: string;\n}\n\nexport interface SignDepositorGraphParams {\n  /** The depositor graph from VP response */\n  depositorGraph: DepositorGraphTransactions;\n  /** Bitcoin wallet for signing */\n  btcWallet: BitcoinWallet;\n  /** Authoritative inputs used to rebuild every PSBT locally */\n  signingContext: DepositorGraphSigningContext;\n}\n\n/**\n * Sign all depositor graph transactions and assemble into presignatures.\n *\n * Flow:\n * 1. Build payout + per-challenger nopayout PSBTs locally\n * 2. Batch sign via wallet.signPsbts() if available, else sequential signPsbt()\n * 3. Extract Schnorr signatures from each signed PSBT\n * 4. Assemble into DepositorAsClaimerPresignatures\n */\nexport async function signDepositorGraph(\n  params: SignDepositorGraphParams,\n): Promise<DepositorAsClaimerPresignatures> {\n  const { depositorGraph, btcWallet, signingContext } = params;\n\n  const walletPublicKey = await btcWallet.getPublicKeyHex();\n  // Fail fast if the connected wallet doesn't match the on-chain registered\n  // depositor key — otherwise extractPayoutSignature later fails after\n  // multiple wallet popups with an opaque \"no signature found\" error.\n  const { depositorPubkey } = validateWalletPubkey(\n    walletPublicKey,\n    stripHexPrefix(signingContext.depositorBtcPubkey),\n  );\n\n  // 1. Build all PSBTs locally\n  const { psbtHexes, signOptions, challengerEntries } =\n    await collectDepositorGraphPsbts(\n      depositorGraph,\n      walletPublicKey,\n      signingContext,\n    );\n\n  // 2. Sign all PSBTs (batch when supported, sequential fallback for mobile)\n  const signedPsbtHexes = await signPsbtsWithFallback(\n    btcWallet,\n    psbtHexes,\n    signOptions,\n  );\n\n  if (signedPsbtHexes.length !== psbtHexes.length) {\n    throw new Error(\n      `Wallet returned ${signedPsbtHexes.length} signed PSBTs, expected ${psbtHexes.length}`,\n    );\n  }\n\n  // 3. Pair requested with signed and extract signatures\n  const psbtPairs: PsbtPair[] = psbtHexes.map((requestedPsbtHex, i) => ({\n    requestedPsbtHex,\n    returnedPsbtHex: signedPsbtHexes[i],\n  }));\n  return extractDepositorGraphSignatures(\n    psbtPairs,\n    challengerEntries,\n    depositorPubkey,\n  );\n}\n","/**\n * Payout Signing Orchestration\n *\n * Polls VP for `PendingDepositorSignatures`, fetches presign transactions,\n * signs payouts via PayoutManager, signs the depositor graph, and submits\n * all signatures back to the VP.\n *\n * This is the main deposit protocol step between registration and activation.\n */\n\nimport type { Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\nimport type { BitcoinWallet } from \"../../../../shared/wallets/interfaces\";\nimport { DaemonStatus } from \"../../clients/vault-provider/types\";\nimport type {\n  ClaimerSignatures,\n  ClaimerTransactions,\n} from \"../../clients/vault-provider/types\";\nimport { PayoutManager } from \"../../managers/PayoutManager\";\nimport {\n  deriveBip86ScriptPubKeyHex,\n  processPublicKeyToXOnly,\n  stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\nimport type { PeginStatusReader, PresignClient } from \"./interfaces\";\nimport { signDepositorGraph } from \"./signDepositorGraph\";\nimport { waitForPeginStatus } from \"./waitForPeginStatus\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Context required for signing payout transactions.\n * Caller builds this from on-chain data (contract queries, GraphQL, config).\n */\nexport interface PayoutSigningContext {\n  /** Raw pegin BTC transaction hex (for PSBT construction) */\n  peginTxHex: string;\n  /** Vault provider's BTC public key (x-only hex, no prefix) */\n  vaultProviderBtcPubkey: string;\n  /** Sorted vault keeper BTC public keys (x-only hex, no prefix) */\n  vaultKeeperBtcPubkeys: string[];\n  /** Sorted universal challenger BTC public keys (x-only hex, no prefix) */\n  universalChallengerBtcPubkeys: string[];\n  /** Depositor's BTC public key (x-only hex, no prefix) */\n  depositorBtcPubkey: string;\n  /** Pegin timelock from the locked offchain params version */\n  timelockPegin: number;\n  /**\n   * Assert CSV timelock from the locked offchain params version (blocks).\n   * Source: ProtocolParams contract via\n   * `ViemProtocolParamsReader.getOffchainParamsByVersion(...).timelockAssert`.\n   * Required for the depositor-graph NoPayout local rebuild.\n   */\n  timelockAssert: number;\n  /**\n   * Security council member x-only public keys (hex, no prefix).\n   * Source: ProtocolParams contract via\n   * `getOffchainParamsByVersion(...).securityCouncilKeys`.\n   * Required for the depositor-graph NoPayout local rebuild.\n   */\n  councilMembers: string[];\n  /**\n   * M-of-N council quorum threshold.\n   * Source: ProtocolParams contract via\n   * `getOffchainParamsByVersion(...).councilQuorum`.\n   * Required for the depositor-graph NoPayout local rebuild.\n   */\n  councilQuorum: number;\n  /** BTC network (Mainnet, Testnet, etc.) */\n  network: Network;\n  /** On-chain registered depositor payout scriptPubKey (hex) */\n  registeredPayoutScriptPubKey: string;\n}\n\nexport interface RunDepositorPresignFlowParams {\n  /** VP client implementing the status reader interface */\n  statusReader: PeginStatusReader;\n  /** VP client implementing the presign transaction flow interface */\n  presignClient: PresignClient;\n  /** Bitcoin wallet for signing */\n  btcWallet: BitcoinWallet;\n  /** BTC pegin transaction ID (unprefixed hex, 64 chars) */\n  peginTxid: string;\n  /** Depositor's x-only BTC public key (unprefixed hex, 64 chars) */\n  depositorPk: string;\n  /** Signing context built from on-chain data */\n  signingContext: PayoutSigningContext;\n  /** Maximum polling timeout in milliseconds (default: 20 min) */\n  timeoutMs?: number;\n  /** AbortSignal for cancellation */\n  signal?: AbortSignal;\n  /** Optional progress callback (completed claimers, total claimers) */\n  onProgress?: (completed: number, total: number) => void;\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** Maximum polling timeout (20 minutes) — VP may take 15-20 min to prepare. */\nconst MAX_POLLING_TIMEOUT_MS = 20 * 60 * 1000;\n\n/** Statuses after payout signatures are submitted — if VP is already here, skip. */\nconst POST_PAYOUT_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n  DaemonStatus.PENDING_ACKS,\n  DaemonStatus.PENDING_ACTIVATION,\n  DaemonStatus.ACTIVATED,\n]);\n\nconst TARGET_STATUS: ReadonlySet<DaemonStatus> = new Set([\n  DaemonStatus.PENDING_DEPOSITOR_SIGNATURES,\n  ...POST_PAYOUT_STATUSES,\n]);\n\n// ============================================================================\n// Internal helpers\n// ============================================================================\n\ninterface PreparedTransaction {\n  claimerPubkeyXOnly: string;\n  payoutTxHex: string;\n  assertTxHex: string;\n}\n\nfunction prepareTransactionsForSigning(\n  claimerTransactions: ClaimerTransactions[],\n): PreparedTransaction[] {\n  return claimerTransactions.map((tx) => ({\n    claimerPubkeyXOnly: processPublicKeyToXOnly(tx.claimer_pubkey),\n    payoutTxHex: tx.payout_tx.tx_hex,\n    assertTxHex: tx.assert_tx.tx_hex,\n  }));\n}\n\n/**\n * Resolve the expected payout scriptPubKey for a given claimer.\n *\n * - VP/Depositor claimer: payout goes to the depositor's registered payout address\n * - VK claimer: payout goes to a BIP-86 P2TR address derived from the VK's pubkey\n *\n * Note: BIP-86 derivation for VK claimers requires bitcoinjs-lib's ECC to be initialized.\n */\nfunction resolvePayoutScriptPubKey(\n  claimerPubkeyXOnly: string,\n  context: PayoutSigningContext,\n): string {\n  const claimer = stripHexPrefix(claimerPubkeyXOnly).toLowerCase();\n  const vpPubkey = stripHexPrefix(\n    context.vaultProviderBtcPubkey,\n  ).toLowerCase();\n  const depositorPubkey = stripHexPrefix(\n    context.depositorBtcPubkey,\n  ).toLowerCase();\n\n  if (claimer === vpPubkey || claimer === depositorPubkey) {\n    return context.registeredPayoutScriptPubKey;\n  }\n\n  // Verify claimer is a known vault keeper\n  const isVaultKeeper = context.vaultKeeperBtcPubkeys.some(\n    (vk) => stripHexPrefix(vk).toLowerCase() === claimer,\n  );\n  if (!isVaultKeeper) {\n    throw new Error(\n      `Unknown claimer pubkey ${claimer}: not VP, depositor, or a registered vault keeper`,\n    );\n  }\n\n  // VK claimer: derive BIP-86 P2TR scriptPubKey from the VK's x-only pubkey\n  return deriveBip86ScriptPubKeyHex(claimer);\n}\n\nfunction buildPayoutSigningInput(\n  tx: PreparedTransaction,\n  context: PayoutSigningContext,\n) {\n  return {\n    payoutTxHex: tx.payoutTxHex,\n    peginTxHex: context.peginTxHex,\n    assertTxHex: tx.assertTxHex,\n    vaultProviderBtcPubkey: context.vaultProviderBtcPubkey,\n    vaultKeeperBtcPubkeys: context.vaultKeeperBtcPubkeys,\n    universalChallengerBtcPubkeys: context.universalChallengerBtcPubkeys,\n    depositorBtcPubkey: context.depositorBtcPubkey,\n    timelockPegin: context.timelockPegin,\n    registeredPayoutScriptPubKey: resolvePayoutScriptPubKey(\n      tx.claimerPubkeyXOnly,\n      context,\n    ),\n  };\n}\n\n/**\n * Sign all payout transactions using PayoutManager.\n * Uses batch signing when wallet supports it, sequential otherwise.\n */\nasync function signPayoutTransactions(\n  btcWallet: BitcoinWallet,\n  context: PayoutSigningContext,\n  transactions: PreparedTransaction[],\n  onProgress?: (completed: number, total: number) => void,\n): Promise<Record<string, ClaimerSignatures>> {\n  const payoutManager = new PayoutManager({\n    network: context.network,\n    btcWallet,\n  });\n\n  const totalClaimers = transactions.length;\n  onProgress?.(0, totalClaimers);\n\n  let payoutSignatures: string[];\n\n  if (payoutManager.supportsBatchSigning()) {\n    const results = await payoutManager.signPayoutTransactionsBatch(\n      transactions.map((tx) => buildPayoutSigningInput(tx, context)),\n    );\n    payoutSignatures = results.map((r) => r.payoutSignature);\n  } else {\n    payoutSignatures = [];\n    for (let i = 0; i < transactions.length; i++) {\n      onProgress?.(i, totalClaimers);\n      const result = await payoutManager.signPayoutTransaction(\n        buildPayoutSigningInput(transactions[i], context),\n      );\n      payoutSignatures.push(result.signature);\n    }\n  }\n\n  const signatures: Record<string, ClaimerSignatures> = {};\n  for (let i = 0; i < transactions.length; i++) {\n    signatures[transactions[i].claimerPubkeyXOnly] = {\n      payout_signature: payoutSignatures[i],\n    };\n  }\n\n  onProgress?.(totalClaimers, totalClaimers);\n  return signatures;\n}\n\n// ============================================================================\n// Main entry point\n// ============================================================================\n\n/**\n * Poll for payout transactions, sign them, sign the depositor graph,\n * and submit all signatures to the vault provider.\n *\n * This is the main deposit protocol step between registration and activation.\n *\n * @throws Error on timeout, abort, signing failure, or RPC error\n */\nexport async function runDepositorPresignFlow(\n  params: RunDepositorPresignFlowParams,\n): Promise<void> {\n  const {\n    statusReader,\n    presignClient,\n    btcWallet,\n    peginTxid,\n    depositorPk,\n    signingContext,\n    timeoutMs = MAX_POLLING_TIMEOUT_MS,\n    signal,\n    onProgress,\n  } = params;\n\n  // Phase 1: Poll until VP is ready for depositor signatures (or already past)\n  const status = await waitForPeginStatus({\n    statusReader,\n    peginTxid,\n    targetStatuses: TARGET_STATUS,\n    timeoutMs,\n    signal,\n  });\n\n  // Resume-safe: if VP already moved past payout signing, nothing to do\n  if (POST_PAYOUT_STATUSES.has(status)) {\n    return;\n  }\n\n  signal?.throwIfAborted();\n\n  // Phase 2: Fetch presign transactions\n  const response = await presignClient.requestDepositorPresignTransactions(\n    {\n      pegin_txid: peginTxid,\n      depositor_pk: depositorPk,\n    },\n    signal,\n  );\n\n  signal?.throwIfAborted();\n\n  // Phase 3: Sign VP/VK claimer payout transactions\n  // Filter out the depositor's own claimer entry — its payout is signed\n  // separately via signDepositorGraph (Phase 4) using VP-provided PSBTs.\n  // Including it here would cause a redundant wallet signing prompt whose\n  // result is discarded when the depositor graph signature overwrites it.\n  const depositorPkNormalized = processPublicKeyToXOnly(depositorPk);\n  const nonDepositorTxs = response.txs.filter(\n    (tx) => processPublicKeyToXOnly(tx.claimer_pubkey) !== depositorPkNormalized,\n  );\n  const preparedTransactions = prepareTransactionsForSigning(nonDepositorTxs);\n  const claimerSignatures = await signPayoutTransactions(\n    btcWallet,\n    signingContext,\n    preparedTransactions,\n    onProgress,\n  );\n\n  signal?.throwIfAborted();\n\n  // Phase 4: Sign depositor-as-claimer graph. Both Payout and per-challenger\n  // NoPayout PSBTs are rebuilt locally inside signDepositorGraph from these\n  // authoritative connector params and the on-chain protocol parameters.\n  const depositorClaimerPresignatures = await signDepositorGraph({\n    depositorGraph: response.depositor_graph,\n    btcWallet,\n    signingContext: {\n      peginTxHex: signingContext.peginTxHex,\n      depositorBtcPubkey: depositorPk,\n      vaultProviderBtcPubkey: signingContext.vaultProviderBtcPubkey,\n      vaultKeeperBtcPubkeys: signingContext.vaultKeeperBtcPubkeys,\n      universalChallengerBtcPubkeys:\n        signingContext.universalChallengerBtcPubkeys,\n      timelockPegin: signingContext.timelockPegin,\n      timelockAssert: signingContext.timelockAssert,\n      councilMembers: signingContext.councilMembers,\n      councilQuorum: signingContext.councilQuorum,\n      network: signingContext.network,\n      registeredPayoutScriptPubKey: signingContext.registeredPayoutScriptPubKey,\n    },\n  });\n\n  signal?.throwIfAborted();\n\n  // Phase 5: Submit all signatures to VP\n  // Include depositor's own payout signature in the signatures map\n  const allSignatures = { ...claimerSignatures };\n  allSignatures[stripHexPrefix(depositorPk)] =\n    depositorClaimerPresignatures.payout_signatures;\n\n  await presignClient.submitDepositorPresignatures(\n    {\n      pegin_txid: peginTxid,\n      depositor_pk: depositorPk,\n      signatures: allSignatures,\n      depositor_claimer_presignatures: depositorClaimerPresignatures,\n    },\n    signal,\n  );\n}\n","/**\n * Pure validation functions for deposit operations.\n *\n * All validations return a consistent {@link ValidationResult} format or throw\n * on critical failures (e.g. missing protocol participants).\n *\n * Business rules (single-provider limit, max vault count) and form-flow\n * checks (wallet connected) belong in the consumer layer.\n *\n * @module tbv/core/services/deposit/validation\n */\n\nimport {\n  formatSatoshisToBtc,\n  stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport interface ValidationResult {\n  valid: boolean;\n  error?: string;\n  warnings?: string[];\n}\n\n/**\n * Parameters for checking if a deposit form is valid.\n */\nexport interface DepositFormValidityParams {\n  /** Deposit amount in satoshis */\n  amountSats: bigint;\n  /** Minimum deposit from protocol params */\n  minDeposit: bigint;\n  /** Maximum deposit from protocol params (optional) */\n  maxDeposit?: bigint;\n  /** User's available BTC balance in satoshis */\n  btcBalance: bigint;\n  /** Estimated transaction fee in satoshis */\n  estimatedFeeSats?: bigint;\n  /** Depositor claim value in satoshis (required output for challenge transactions) */\n  depositorClaimValue?: bigint;\n}\n\nexport interface RemainingCapacityParams {\n  /** Requested deposit amount in satoshis */\n  amount: bigint;\n  /**\n   * Effective remaining capacity in satoshis (min of protocol-total and\n   * per-address remaining). `null` means no cap applies.\n   */\n  effectiveRemaining: bigint | null;\n}\n\n/** Narrow structural type for UTXO — avoids importing vault-specific types. */\ninterface UtxoLike {\n  txid: string;\n  vout: number;\n  value: number;\n}\n\n/**\n * Parameters for validating multi-vault deposit flow inputs.\n *\n * Callers must resolve any async loading states before calling — the SDK\n * validates resolved data, not React hook state.\n *\n * Form-flow checks (wallet connected, provider selected) are the caller's\n * responsibility and are NOT performed here.\n */\nexport interface MultiVaultDepositFlowInputs {\n  vaultAmounts: bigint[];\n  confirmedUTXOs: UtxoLike[];\n  vaultProviderBtcPubkey: string;\n  vaultKeeperBtcPubkeys: string[];\n  universalChallengerBtcPubkeys: string[];\n  /** Protocol minimum deposit per vault (satoshis) */\n  minDeposit: bigint;\n  /** Protocol maximum deposit per vault (satoshis) */\n  maxDeposit?: bigint;\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers\n// ---------------------------------------------------------------------------\n\nfunction isValidXOnlyHex(hex: string): boolean {\n  return /^[0-9a-fA-F]{64}$/.test(hex);\n}\n\n// ---------------------------------------------------------------------------\n// Validation functions\n// ---------------------------------------------------------------------------\n\n/**\n * Check if deposit amount is within valid range and affordable.\n *\n * Returns false when fees/claim value are not yet known (still loading),\n * and includes them in the balance check once available.\n */\nexport function isDepositAmountValid(\n  params: DepositFormValidityParams,\n): boolean {\n  const {\n    amountSats,\n    minDeposit,\n    maxDeposit,\n    btcBalance,\n    estimatedFeeSats,\n    depositorClaimValue,\n  } = params;\n\n  if (amountSats <= 0n) return false;\n  if (amountSats < minDeposit) return false;\n  if (maxDeposit && maxDeposit > 0n && amountSats > maxDeposit) return false;\n\n  if (estimatedFeeSats == null || depositorClaimValue == null) return false;\n\n  const totalRequired = amountSats + estimatedFeeSats + depositorClaimValue;\n  if (totalRequired > btcBalance) return false;\n\n  return true;\n}\n\n/**\n * Validate deposit amount against minimum and maximum constraints.\n */\nexport function validateDepositAmount(\n  amount: bigint,\n  minDeposit: bigint,\n  maxDeposit?: bigint,\n): ValidationResult {\n  if (amount <= 0n) {\n    return {\n      valid: false,\n      error: \"Deposit amount must be greater than zero\",\n    };\n  }\n\n  if (amount < minDeposit) {\n    return {\n      valid: false,\n      error: `Minimum deposit is ${formatSatoshisToBtc(minDeposit)} BTC`,\n    };\n  }\n\n  if (maxDeposit && maxDeposit > 0n && amount > maxDeposit) {\n    return {\n      valid: false,\n      error: `Maximum deposit is ${formatSatoshisToBtc(maxDeposit)} BTC`,\n    };\n  }\n\n  return { valid: true };\n}\n\n/**\n * Validate that the requested deposit fits within the effective remaining cap.\n */\nexport function validateRemainingCapacity(\n  params: RemainingCapacityParams,\n): ValidationResult {\n  const { amount, effectiveRemaining } = params;\n  if (effectiveRemaining === null) return { valid: true };\n\n  if (effectiveRemaining === 0n) {\n    return {\n      valid: false,\n      error: \"Supply cap reached — deposits temporarily paused\",\n    };\n  }\n\n  if (amount > effectiveRemaining) {\n    return {\n      valid: false,\n      error: `Vault size exceeds remaining capacity (${formatSatoshisToBtc(effectiveRemaining)} BTC)`,\n    };\n  }\n\n  return { valid: true };\n}\n\n/**\n * Validate that selected providers exist in the available set.\n *\n * Business rules (e.g. single-provider limit) are the caller's responsibility.\n */\nexport function validateProviderSelection(\n  selectedProviders: string[],\n  availableProviders: string[],\n): ValidationResult {\n  if (!selectedProviders || selectedProviders.length === 0) {\n    return {\n      valid: false,\n      error: \"At least one vault provider must be selected\",\n    };\n  }\n\n  const availableProvidersLower = availableProviders.map((p) =>\n    p.toLowerCase(),\n  );\n  const invalidProviders = selectedProviders.filter(\n    (p) => !availableProvidersLower.includes(p.toLowerCase()),\n  );\n\n  if (invalidProviders.length > 0) {\n    return {\n      valid: false,\n      error: \"Invalid vault provider selected\",\n    };\n  }\n\n  return { valid: true };\n}\n\n/**\n * Validate vault amounts array for multi-vault deposits.\n * Checks count, positivity, and per-vault min/max protocol limits.\n *\n * Max vault count limits are the caller's responsibility.\n */\nexport function validateVaultAmounts(\n  amounts: bigint[],\n  minDeposit?: bigint,\n  maxDeposit?: bigint,\n): ValidationResult {\n  if (!amounts || amounts.length === 0) {\n    return {\n      valid: false,\n      error: \"At least one vault amount required\",\n    };\n  }\n\n  for (let i = 0; i < amounts.length; i++) {\n    const amount = amounts[i];\n    if (amount <= 0n) {\n      return {\n        valid: false,\n        error: `Vault ${i + 1} amount must be positive`,\n      };\n    }\n    if (minDeposit && amount < minDeposit) {\n      return {\n        valid: false,\n        error: `Vault ${i + 1} amount ${formatSatoshisToBtc(amount)} BTC is below minimum deposit ${formatSatoshisToBtc(minDeposit)} BTC`,\n      };\n    }\n    if (maxDeposit && amount > maxDeposit) {\n      return {\n        valid: false,\n        error: `Vault ${i + 1} amount ${formatSatoshisToBtc(amount)} BTC exceeds maximum deposit ${formatSatoshisToBtc(maxDeposit)} BTC`,\n      };\n    }\n  }\n\n  return { valid: true };\n}\n\n/**\n * Validate vault provider BTC public key format.\n */\nexport function validateVaultProviderPubkey(pubkey: string): ValidationResult {\n  const stripped = stripHexPrefix(pubkey);\n  if (!isValidXOnlyHex(stripped)) {\n    return {\n      valid: false,\n      error:\n        \"Invalid pubkey format: must be 64 hex characters (32-byte x-only public key, no 0x prefix)\",\n    };\n  }\n  return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers for multi-vault validation\n// ---------------------------------------------------------------------------\n\nfunction validateVaultKeepers(vaultKeeperBtcPubkeys: string[]): void {\n  if (!vaultKeeperBtcPubkeys || vaultKeeperBtcPubkeys.length === 0) {\n    throw new Error(\n      \"No vault keepers available. The system requires at least one vault keeper to create a deposit.\",\n    );\n  }\n}\n\nfunction validateUniversalChallengers(\n  universalChallengerBtcPubkeys: string[],\n): void {\n  if (\n    !universalChallengerBtcPubkeys ||\n    universalChallengerBtcPubkeys.length === 0\n  ) {\n    throw new Error(\n      \"No universal challengers available. The system requires at least one universal challenger to create a deposit.\",\n    );\n  }\n}\n\nfunction validateUTXOState(confirmedUTXOs: UtxoLike[]): void {\n  if (confirmedUTXOs.length === 0) {\n    throw new Error(\"No spendable UTXOs available\");\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Multi-vault composite validation\n// ---------------------------------------------------------------------------\n\n/**\n * Validate protocol-level multi-vault deposit inputs.\n * Throws an error if any validation fails.\n *\n * Form-flow checks (wallet connections, provider selection) must be\n * performed by the caller before invoking this function.\n */\nexport function validateMultiVaultDepositInputs(\n  params: MultiVaultDepositFlowInputs,\n): void {\n  const {\n    vaultAmounts,\n    confirmedUTXOs,\n    vaultProviderBtcPubkey,\n    vaultKeeperBtcPubkeys,\n    universalChallengerBtcPubkeys,\n    minDeposit,\n    maxDeposit,\n  } = params;\n\n  const amountsValidation = validateVaultAmounts(\n    vaultAmounts,\n    minDeposit,\n    maxDeposit,\n  );\n  if (!amountsValidation.valid) {\n    throw new Error(amountsValidation.error);\n  }\n\n  // Vault provider pubkey\n  const pubkeyValidation = validateVaultProviderPubkey(vaultProviderBtcPubkey);\n  if (!pubkeyValidation.valid) {\n    throw new Error(pubkeyValidation.error);\n  }\n\n  validateVaultKeepers(vaultKeeperBtcPubkeys);\n  validateUniversalChallengers(universalChallengerBtcPubkeys);\n  validateUTXOState(confirmedUTXOs);\n}\n","import type { Address } from \"viem\";\n\nimport type {\n  UniversalChallengerReader,\n  VaultKeeperReader,\n  VaultRegistryReader,\n} from \"../../clients/eth/types\";\nimport { processPublicKeyToXOnly } from \"../../primitives/utils/bitcoin\";\n\nexport interface ValidateOnChainParticipantKeysParams {\n  vaultRegistryReader: VaultRegistryReader;\n  vaultKeeperReader: VaultKeeperReader;\n  universalChallengerReader: UniversalChallengerReader;\n  vaultProviderEthAddress: Address;\n  applicationEntryPoint: Address;\n  expectedVaultProviderBtcPubkey: string;\n  expectedVaultKeeperBtcPubkeys: string[];\n  expectedUniversalChallengerBtcPubkeys: string[];\n}\n\nexport interface ValidatedOnChainParticipantKeys {\n  vaultProviderBtcPubkeyXOnly: string;\n  vaultKeeperBtcPubkeysSorted: string[];\n  universalChallengerBtcPubkeysSorted: string[];\n  expectedAppVaultKeepersVersion: number;\n  expectedUniversalChallengersVersion: number;\n}\n\nexport async function validateOnChainParticipantKeys(\n  params: ValidateOnChainParticipantKeysParams,\n): Promise<ValidatedOnChainParticipantKeys> {\n  const {\n    vaultRegistryReader,\n    vaultKeeperReader,\n    universalChallengerReader,\n    vaultProviderEthAddress,\n    applicationEntryPoint,\n    expectedVaultProviderBtcPubkey,\n    expectedVaultKeeperBtcPubkeys,\n    expectedUniversalChallengerBtcPubkeys,\n  } = params;\n\n  const [\n    onChainVpKey,\n    expectedAppVaultKeepersVersion,\n    expectedUniversalChallengersVersion,\n  ] = await Promise.all([\n    vaultRegistryReader.getVaultProviderBtcPubKey(vaultProviderEthAddress),\n    vaultKeeperReader.getCurrentVaultKeepersVersion(applicationEntryPoint),\n    universalChallengerReader.getLatestUniversalChallengersVersion(),\n  ]);\n\n  const [onChainKeepers, onChainChallengers] = await Promise.all([\n    vaultKeeperReader.getVaultKeepersByVersion(\n      applicationEntryPoint,\n      expectedAppVaultKeepersVersion,\n    ),\n    universalChallengerReader.getUniversalChallengersByVersion(\n      expectedUniversalChallengersVersion,\n    ),\n  ]);\n\n  const canonical = (k: string) => processPublicKeyToXOnly(k).toLowerCase();\n  const sortedSet = (keys: string[]) => keys.map(canonical).sort();\n\n  const expectedVpKeyXOnly = canonical(expectedVaultProviderBtcPubkey);\n  if (expectedVpKeyXOnly !== onChainVpKey) {\n    throw new Error(\n      `Vault provider BTC pubkey indexer hint does not match BTCVaultRegistry for ${vaultProviderEthAddress}. Refresh and try again.`,\n    );\n  }\n\n  const expectedKeepers = sortedSet(expectedVaultKeeperBtcPubkeys);\n  const onChainKeepersSorted = sortedSet(\n    onChainKeepers.map((p) => p.btcPubKey),\n  );\n  if (\n    expectedKeepers.length !== onChainKeepersSorted.length ||\n    expectedKeepers.some((k, i) => k !== onChainKeepersSorted[i])\n  ) {\n    throw new Error(\n      `Vault keeper BTC pubkeys (v${expectedAppVaultKeepersVersion}) indexer set does not match ApplicationRegistry on-chain set. Refresh and try again.`,\n    );\n  }\n\n  const expectedChallengers = sortedSet(expectedUniversalChallengerBtcPubkeys);\n  const onChainChallengersSorted = sortedSet(\n    onChainChallengers.map((p) => p.btcPubKey),\n  );\n  if (\n    expectedChallengers.length !== onChainChallengersSorted.length ||\n    expectedChallengers.some((k, i) => k !== onChainChallengersSorted[i])\n  ) {\n    throw new Error(\n      `Universal challenger BTC pubkeys (v${expectedUniversalChallengersVersion}) indexer set does not match ProtocolParams on-chain set. Refresh and try again.`,\n    );\n  }\n\n  return {\n    vaultProviderBtcPubkeyXOnly: onChainVpKey,\n    vaultKeeperBtcPubkeysSorted: onChainKeepersSorted,\n    universalChallengerBtcPubkeysSorted: onChainChallengersSorted,\n    expectedAppVaultKeepersVersion,\n    expectedUniversalChallengersVersion,\n  };\n}\n","import type { Hex } from \"viem\";\n\nimport type { VaultRegistryReader } from \"../../clients/eth/types\";\n\nexport interface VerifyRegisteredVaultVersionsParams {\n  vaultRegistryReader: VaultRegistryReader;\n  vaultIds: readonly Hex[];\n  expectedOffchainParamsVersion: number;\n  expectedAppVaultKeepersVersion: number;\n  expectedUniversalChallengersVersion: number;\n}\n\n// Distinct from a transient RPC failure: the orchestrator removes pending\n// pegin entries only when a real mismatch is confirmed on-chain.\nexport class RegisteredVaultVersionMismatchError extends Error {\n  constructor(message: string) {\n    super(message);\n    this.name = \"RegisteredVaultVersionMismatchError\";\n  }\n}\n\n// `instanceof` alone fails across module boundaries (duplicate SDK copies,\n// test mocks). Fall back to the name field so the cleanup path stays reliable.\nexport function isRegisteredVaultVersionMismatchError(\n  err: unknown,\n): err is RegisteredVaultVersionMismatchError {\n  return (\n    err instanceof RegisteredVaultVersionMismatchError ||\n    (err instanceof Error && err.name === \"RegisteredVaultVersionMismatchError\")\n  );\n}\n\nexport async function verifyRegisteredVaultVersions(\n  params: VerifyRegisteredVaultVersionsParams,\n): Promise<void> {\n  const {\n    vaultRegistryReader,\n    vaultIds,\n    expectedOffchainParamsVersion,\n    expectedAppVaultKeepersVersion,\n    expectedUniversalChallengersVersion,\n  } = params;\n\n  const infos = await vaultRegistryReader.getProtocolInfoBatch(vaultIds);\n\n  const mismatches: string[] = [];\n  infos.forEach((v, i) => {\n    const id = vaultIds[i];\n    if (v.offchainParamsVersion !== expectedOffchainParamsVersion) {\n      mismatches.push(\n        `vault ${id}: offchainParams expected v${expectedOffchainParamsVersion}, got v${v.offchainParamsVersion}`,\n      );\n    }\n    if (v.appVaultKeepersVersion !== expectedAppVaultKeepersVersion) {\n      mismatches.push(\n        `vault ${id}: appVaultKeepers expected v${expectedAppVaultKeepersVersion}, got v${v.appVaultKeepersVersion}`,\n      );\n    }\n    if (v.universalChallengersVersion !== expectedUniversalChallengersVersion) {\n      mismatches.push(\n        `vault ${id}: universalChallengers expected v${expectedUniversalChallengersVersion}, got v${v.universalChallengersVersion}`,\n      );\n    }\n  });\n\n  if (mismatches.length > 0) {\n    throw new RegisteredVaultVersionMismatchError(\n      `Aborting BTC broadcast: signer-set or offchain-params versions changed during registration (${mismatches.join(\"; \")}). The Pre-PegIn was not broadcast; the registered ETH vault will time out per protocol rules.`,\n    );\n  }\n}\n","/**\n * Pegout state definitions and protocol-level terminal checks.\n *\n * Maps VP-reported pegout statuses from `vaultProvider_batchGetPegoutStatus`\n * to protocol lifecycle states.\n *\n * Lifecycle:\n *   ClaimEventReceived -> ClaimBroadcast -> AssertBroadcast -> PayoutBroadcast (success)\n *                                                             > ChallengeAssertObserved -> WronglyChallengedBroadcast -> PayoutBroadcast\n *                                                             > ChallengeAssertObserved -> Failed (challenger won)\n */\n\n/** Claimer-side pegout statuses reported by the VP. */\nexport enum ClaimerPegoutStatusValue {\n  CLAIM_EVENT_RECEIVED = \"ClaimEventReceived\",\n  CLAIM_BROADCAST = \"ClaimBroadcast\",\n  ASSERT_BROADCAST = \"AssertBroadcast\",\n  CHALLENGE_ASSERT_OBSERVED = \"ChallengeAssertObserved\",\n  WRONGLY_CHALLENGED_BROADCAST = \"WronglyChallengedBroadcast\",\n  PAYOUT_BROADCAST = \"PayoutBroadcast\",\n  FAILED = \"Failed\",\n}\n\nconst PEGOUT_TERMINAL_STATUSES = new Set<string>([\n  ClaimerPegoutStatusValue.PAYOUT_BROADCAST,\n  ClaimerPegoutStatusValue.FAILED,\n]);\n\n/** Whether a claimer status string maps to a known pegout state. */\nexport function isRecognizedPegoutStatus(status: string): boolean {\n  return Object.values(ClaimerPegoutStatusValue).includes(\n    status as ClaimerPegoutStatusValue,\n  );\n}\n\n/**\n * Whether a claimer status is a hard-terminal pegout status\n * (PayoutBroadcast or Failed). Soft-terminal conditions (polling\n * thresholds) are a consumer-side concern.\n */\nexport function isPegoutTerminalStatus(\n  claimerStatus: string | undefined,\n): boolean {\n  return !!claimerStatus && PEGOUT_TERMINAL_STATUSES.has(claimerStatus);\n}\n","/**\n * Domain errors thrown by the refund service.\n *\n * @module services/refund/errors\n */\n\nimport type { Hex } from \"viem\";\n\n/**\n * Thrown when the broadcast transport rejects the refund tx because the CSV\n * timelock has not yet matured (BIP68 non-final). Callers can surface a\n * friendly \"wait until block N\" message; the original transport error is\n * available via {@link cause}.\n */\nexport class BIP68NotMatureError extends Error {\n  public readonly vaultId: Hex;\n  public override readonly cause: Error;\n\n  constructor(vaultId: Hex, cause: Error) {\n    super(`Refund not yet mature (BIP68 not final): ${cause.message}`);\n    this.name = \"BIP68NotMatureError\";\n    this.vaultId = vaultId;\n    this.cause = cause;\n  }\n}\n","/**\n * Vault refund orchestration — reclaim BTC from an expired Pre-PegIn HTLC via\n * the CSV-timelocked refund script (leaf 1). SDK owns the sequence of:\n * fetch → fee calc → PSBT build → sign → finalize → broadcast. Pre-fetched\n * data (fee rate) is passed by value; the data-flow-dependent reads\n * (`readVault`, `readPrePeginContext(vault)`) and the interactive transports\n * (`signPsbt`, `broadcastTx`) stay as injected callbacks so the caller keeps\n * its transport choice (viem, wagmi, mempool client, etc.) and error decoding.\n *\n * @module services/refund\n */\n\nimport type { Network } from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Psbt } from \"bitcoinjs-lib\";\nimport type { Address, Hex } from \"viem\";\n\nimport type { SignPsbtOptions } from \"../../../../shared/wallets/interfaces/BitcoinWallet\";\nimport { assertPsbtUnsignedTxMatches } from \"../../primitives/psbt/assertPsbtUnsignedTxMatches\";\nimport { buildRefundPsbt } from \"../../primitives/psbt/refund\";\nimport {\n  processPublicKeyToXOnly,\n  stripHexPrefix,\n} from \"../../primitives/utils/bitcoin\";\nimport { createTaprootScriptPathSignOptions } from \"../../utils/signing\";\n\nimport { BIP68NotMatureError } from \"./errors\";\n\nconst BYTES32_HEX_RE = /^0x[0-9a-fA-F]{64}$/;\n// BTC raw-hex convention: 0x prefix optional, even number of hex chars, must\n// be non-empty. Named distinctly from the ETH-hex regex in activateVault.ts\n// (which requires a 0x prefix and allows empty \"0x\") to make the convention\n// explicit at the call site.\nconst BTC_HEX_BYTES_RE = /^(?:0x)?(?:[0-9a-fA-F]{2})+$/;\n// Pubkeys are either 32 bytes (x-only, 64 hex chars) or 33 bytes (compressed,\n// 66 hex chars). 65 hex chars is not a valid byte length — reject it here\n// rather than letting the malformed value surface as an opaque PSBT/signing\n// failure later.\nconst PUBKEY_HEX_RE = /^(?:0x)?(?:[0-9a-fA-F]{64}|[0-9a-fA-F]{66})$/;\n// Conservative upper bound for the fixed-shape refund tx (1 P2TR script-path\n// input spending the HTLC refund leaf → 1 P2TR/P2WPKH output). Taproot\n// script-path witness: 64-byte Schnorr sig + refund script + control block.\n// This is protocol-owned knowledge; callers don't parameterise it.\nexport const REFUND_VSIZE = 160;\n\n/**\n * Network fee (sats) the SDK will charge for a refund tx at the given\n * sat/vB rate. Mirrors the internal computation in\n * {@link buildAndBroadcastRefund} so callers (e.g. UI fee previews) don't\n * have to duplicate the constant.\n */\nexport function estimateRefundFeeSats(feeRateSatsVb: number): bigint {\n  if (!Number.isFinite(feeRateSatsVb) || feeRateSatsVb <= 0) {\n    throw new Error(\n      `feeRateSatsVb must be a positive finite number, got ${feeRateSatsVb}`,\n    );\n  }\n  return BigInt(Math.ceil(feeRateSatsVb * REFUND_VSIZE));\n}\n// Refund tx has exactly one input — the HTLC output at htlcVout from the\n// Pre-PegIn tx. Used to tell the signer how many sign entries to generate.\n// (Not the taproot leaf index; the leaf is encoded into the PSBT by the\n// WASM PSBT builder based on the refund script path.)\nconst REFUND_INPUT_COUNT = 1;\nconst MAX_VOUT = 0xffff;\nconst BIP68_ERROR_RE = /non-BIP68-final/i;\n\nfunction assertBytes32(value: string, label: string): void {\n  if (value.length !== 66) {\n    throw new Error(\n      `${label} must be 32 bytes (66 hex chars with 0x prefix), got length ${value.length}`,\n    );\n  }\n  if (!BYTES32_HEX_RE.test(value)) {\n    throw new Error(\n      `${label} must contain only hex characters after the 0x prefix`,\n    );\n  }\n}\n\n/**\n * Authoritative vault fields needed to build a refund. Versioning fields,\n * the hashlock, and htlcVout must come from the on-chain contract (never the\n * indexer). The amount + `unsignedPrePeginTxHex` + `depositorBtcPubkey` can\n * come from the indexer since they are not security-critical for signing\n * (the PSBT builder re-derives the HTLC script from on-chain params).\n */\nexport interface VaultRefundData {\n  hashlock: Hex;\n  htlcVout: number;\n  offchainParamsVersion: number;\n  appVaultKeepersVersion: number;\n  universalChallengersVersion: number;\n  vaultProvider: Address;\n  applicationEntryPoint: Address;\n  /** Pre-PegIn HTLC output value in satoshis. */\n  amount: bigint;\n  /**\n   * Funded, pre-witness Pre-PegIn transaction hex. 0x prefix optional.\n   * The name mirrors the contract/indexer schema; the bytes are the\n   * funded form (refund construction needs real outpoints).\n   */\n  unsignedPrePeginTxHex: string;\n  /** Depositor's BTC public key (x-only or compressed hex; 0x prefix optional). */\n  depositorBtcPubkey: string;\n}\n\n/**\n * Version-resolved protocol context that parameterises the HTLC's taproot\n * scripts. The *signer-set* fields (`vaultKeeperPubkeys`,\n * `universalChallengerPubkeys`) and the version-locked numeric protocol\n * params **must** be sourced from the on-chain contract at the version\n * pinned in {@link VaultRefundData} — this is the trust boundary.\n * `vaultProviderPubkey` today is sourced from the GraphQL indexer via\n * `fetchVaultProviderById`; the caller is responsible for any additional\n * cross-check it requires. Keeper and challenger pubkey arrays must be\n * pre-sorted the same way the Rust protocol sorts them (canonical for\n * script derivation).\n */\nexport interface RefundPrePeginContext {\n  vaultProviderPubkey: string;\n  vaultKeeperPubkeys: readonly string[];\n  universalChallengerPubkeys: readonly string[];\n  timelockRefund: number;\n  feeRate: bigint;\n  numLocalChallengers: number;\n  councilQuorum: number;\n  councilSize: number;\n  network: Network;\n}\n\n/** Minimum shape required from a broadcast result. */\nexport interface BtcBroadcastResult {\n  txId: string;\n}\n\nexport type BtcBroadcaster<\n  R extends BtcBroadcastResult = BtcBroadcastResult,\n> = (signedTxHex: string) => Promise<R>;\n\nexport type RefundPsbtSigner = (\n  psbtHex: string,\n  opts: SignPsbtOptions,\n) => Promise<string>;\n\nexport interface RefundInput<\n  R extends BtcBroadcastResult = BtcBroadcastResult,\n> {\n  vaultId: Hex;\n  /**\n   * Fetch authoritative on-chain + indexer vault data. The SDK passes no\n   * arguments — the caller closes over `vaultId` (or any other context it\n   * needs).\n   */\n  readVault: () => Promise<VaultRefundData>;\n  /**\n   * Fetch the version-pinned refund context (sorted pubkeys, timelock, etc.)\n   * derived from the vault's locked versions.\n   */\n  readPrePeginContext: (\n    vault: VaultRefundData,\n  ) => Promise<RefundPrePeginContext>;\n  /**\n   * Mempool-derived sat/vB fee rate to use for the refund tx (positive\n   * number). Caller fetches this before invoking — it does not depend on\n   * any value the SDK computes, and folding it into the call keeps the\n   * orchestration honest.\n   */\n  feeRate: number;\n  /** BTC wallet signer; receives a PSBT hex + taproot script-path options. */\n  signPsbt: RefundPsbtSigner;\n  /** Broadcast callback — returns whatever shape the caller needs. */\n  broadcastTx: BtcBroadcaster<R>;\n  /** Checked at every async boundary. */\n  signal?: AbortSignal;\n}\n\nfunction assertNonNegativeInteger(value: number, label: string): void {\n  if (!Number.isInteger(value) || value < 0) {\n    throw new Error(`${label} must be a non-negative integer, got ${value}`);\n  }\n}\n\nfunction validateVaultRefundData(v: VaultRefundData): void {\n  assertBytes32(v.hashlock, \"hashlock\");\n  if (\n    !Number.isInteger(v.htlcVout) ||\n    v.htlcVout < 0 ||\n    v.htlcVout > MAX_VOUT\n  ) {\n    throw new Error(\n      `htlcVout must be an integer 0-${MAX_VOUT}, got ${v.htlcVout}`,\n    );\n  }\n  // Version fields flow directly into on-chain script derivation via\n  // `readPrePeginContext` — NaN, negative, or non-integer values would\n  // silently produce wrong scripts. Guard here as defence in depth even\n  // though the caller sources these from bigint on-chain reads.\n  assertNonNegativeInteger(v.offchainParamsVersion, \"offchainParamsVersion\");\n  assertNonNegativeInteger(v.appVaultKeepersVersion, \"appVaultKeepersVersion\");\n  assertNonNegativeInteger(\n    v.universalChallengersVersion,\n    \"universalChallengersVersion\",\n  );\n  if (typeof v.unsignedPrePeginTxHex !== \"string\" || v.unsignedPrePeginTxHex.length === 0) {\n    throw new Error(\"unsignedPrePeginTxHex must be a non-empty hex string\");\n  }\n  if (!BTC_HEX_BYTES_RE.test(v.unsignedPrePeginTxHex)) {\n    throw new Error(\n      \"unsignedPrePeginTxHex must be a hex byte string (optional 0x prefix, even length)\",\n    );\n  }\n  if (!v.depositorBtcPubkey || !PUBKEY_HEX_RE.test(v.depositorBtcPubkey)) {\n    throw new Error(\n      \"depositorBtcPubkey must be 32 or 33 bytes of hex (optional 0x prefix)\",\n    );\n  }\n  if (typeof v.amount !== \"bigint\" || v.amount <= 0n) {\n    throw new Error(`amount must be a positive bigint, got ${v.amount}`);\n  }\n}\n\nfunction validateRefundPrePeginContext(c: RefundPrePeginContext): void {\n  if (!c.vaultProviderPubkey || !PUBKEY_HEX_RE.test(c.vaultProviderPubkey)) {\n    throw new Error(\"vaultProviderPubkey must be 32 or 33 bytes of hex\");\n  }\n  if (c.vaultKeeperPubkeys.length === 0) {\n    throw new Error(\"vaultKeeperPubkeys must be non-empty\");\n  }\n  if (c.universalChallengerPubkeys.length === 0) {\n    throw new Error(\"universalChallengerPubkeys must be non-empty\");\n  }\n  if (!Number.isInteger(c.timelockRefund) || c.timelockRefund <= 0) {\n    throw new Error(\n      `timelockRefund must be a positive integer, got ${c.timelockRefund}`,\n    );\n  }\n  if (typeof c.feeRate !== \"bigint\" || c.feeRate <= 0n) {\n    throw new Error(\n      `protocol feeRate must be a positive bigint, got ${c.feeRate}`,\n    );\n  }\n  if (\n    !Number.isInteger(c.numLocalChallengers) ||\n    c.numLocalChallengers < 0\n  ) {\n    throw new Error(\"numLocalChallengers must be a non-negative integer\");\n  }\n  if (\n    !Number.isInteger(c.councilQuorum) ||\n    !Number.isInteger(c.councilSize) ||\n    c.councilQuorum <= 0 ||\n    c.councilSize <= 0 ||\n    c.councilQuorum > c.councilSize\n  ) {\n    throw new Error(\n      `councilQuorum (${c.councilQuorum}) must be in [1, councilSize=${c.councilSize}]`,\n    );\n  }\n}\n\nfunction finalizeAndExtract(signedPsbtHex: string): string {\n  const psbt = Psbt.fromHex(signedPsbtHex);\n  try {\n    psbt.finalizeAllInputs();\n  } catch (e: unknown) {\n    // Some wallets (e.g. Keystone) finalize during signPsbt; bitcoinjs then\n    // throws \"Input is already finalized\". Treat that case as a no-op.\n    const message = e instanceof Error ? e.message : String(e);\n    if (!message.includes(\"already finalized\")) {\n      throw new Error(`Failed to finalize refund PSBT: ${message}`);\n    }\n  }\n  return psbt.extractTransaction().toHex();\n}\n\n/**\n * Build, sign, and broadcast a refund transaction for an expired vault.\n *\n * Trust boundary: `readVault` must source the hashlock, htlcVout, and\n * versioning fields from the on-chain contract — an indexer-only path\n * leaves the refund flow open to signer-set substitution. The SDK does\n * not enforce this; it is the caller's responsibility.\n *\n * The broadcast transport is expected to surface Bitcoin's `non-BIP68-final`\n * policy rejection as an `Error` whose message contains that string; when\n * it does, the SDK wraps it in {@link BIP68NotMatureError}. All other\n * transport errors propagate unchanged.\n *\n * @returns whatever the injected `broadcastTx` returns (generic pass-through)\n * @throws `Error` if any validation fails\n * @throws {@link BIP68NotMatureError} if the broadcast is rejected because\n *         the refund CSV timelock has not yet matured\n * @throws anything `readVault`, `readPrePeginContext`,\n *         `signPsbt`, or `broadcastTx` throws\n */\nexport async function buildAndBroadcastRefund<\n  R extends BtcBroadcastResult = BtcBroadcastResult,\n>(input: RefundInput<R>): Promise<R> {\n  const {\n    vaultId,\n    readVault,\n    readPrePeginContext,\n    feeRate,\n    signPsbt,\n    broadcastTx,\n    signal,\n  } = input;\n\n  signal?.throwIfAborted();\n  assertBytes32(vaultId, \"vaultId\");\n\n  const vault = await readVault();\n  validateVaultRefundData(vault);\n  signal?.throwIfAborted();\n\n  const ctx = await readPrePeginContext(vault);\n  validateRefundPrePeginContext(ctx);\n  signal?.throwIfAborted();\n\n  if (!Number.isFinite(feeRate) || feeRate <= 0) {\n    throw new Error(`feeRate must be a positive number, got ${feeRate}`);\n  }\n  const refundFee = BigInt(Math.ceil(feeRate * REFUND_VSIZE));\n  signal?.throwIfAborted();\n\n  // `vault.depositorBtcPubkey` may arrive as wallet-native compressed sec1\n  // (33 bytes) because the caller fetches it live from the wallet for\n  // signing. WASM script derivation wants x-only (32 bytes), so normalize\n  // here; the raw form is kept for the wallet sign call below.\n  const xOnlyDepositorPubkey = processPublicKeyToXOnly(\n    vault.depositorBtcPubkey,\n  );\n  const { psbtHex } = await buildRefundPsbt({\n    prePeginParams: {\n      depositorPubkey: xOnlyDepositorPubkey,\n      vaultProviderPubkey: stripHexPrefix(ctx.vaultProviderPubkey),\n      vaultKeeperPubkeys: ctx.vaultKeeperPubkeys.map(stripHexPrefix),\n      universalChallengerPubkeys:\n        ctx.universalChallengerPubkeys.map(stripHexPrefix),\n      hashlocks: [stripHexPrefix(vault.hashlock)],\n      timelockRefund: ctx.timelockRefund,\n      pegInAmounts: [vault.amount],\n      feeRate: ctx.feeRate,\n      numLocalChallengers: ctx.numLocalChallengers,\n      councilQuorum: ctx.councilQuorum,\n      councilSize: ctx.councilSize,\n      network: ctx.network,\n    },\n    fundedPrePeginTxHex: stripHexPrefix(vault.unsignedPrePeginTxHex),\n    htlcVout: vault.htlcVout,\n    refundFee,\n    // buildRefundPsbt's top-level `hashlock` param is documented as \"no 0x\n    // prefix\" and flows into the WASM HTLC connector derivation; a prefixed\n    // value would derive the wrong refund script leaf and yield an\n    // unspendable PSBT. Match the `hashlocks` array handling above.\n    hashlock: stripHexPrefix(vault.hashlock),\n  });\n  signal?.throwIfAborted();\n\n  const signOptions = createTaprootScriptPathSignOptions(\n    vault.depositorBtcPubkey,\n    REFUND_INPUT_COUNT,\n  );\n  const signedPsbtHex = await signPsbt(psbtHex, signOptions);\n\n  assertPsbtUnsignedTxMatches({\n    requestedPsbtHex: psbtHex,\n    returnedPsbtHex: signedPsbtHex,\n  });\n\n  const signedTxHex = finalizeAndExtract(signedPsbtHex);\n  signal?.throwIfAborted();\n\n  try {\n    return await broadcastTx(signedTxHex);\n  } catch (error) {\n    if (error instanceof Error && BIP68_ERROR_RE.test(error.message)) {\n      throw new BIP68NotMatureError(vaultId, error);\n    }\n    throw error;\n  }\n}\n"],"names":["BYTES32_HEX_RE","ADDRESS_HEX_RE","ETH_HEX_BYTES_RE","assertBytes32","value","label","assertAddress","assertHexBytes","activateVault","input","btcVaultRegistryAddress","vaultId","hashlock","activationMetadata","writeContract","signal","normalizedSecret","ensureHexPrefix","validateSecretAgainstHashlock","BTCVaultRegistryABI","DEFAULT_POLL_INTERVAL_MS","waitForPeginStatus","params","statusReader","peginTxid","targetStatuses","timeoutMs","pollIntervalMs","startTime","response","status","VP_TERMINAL_STATUSES","error","JsonRpcError","RpcErrorCode","resolve","reject","onAbort","timeoutId","STATUS_POLL_TIMEOUT_MS","TARGET_STATUSES","DaemonStatus","POST_WOTS_STATUSES","submitWotsPublicKey","wotsSubmitter","depositorPk","wotsPublicKeys","DEPOSITOR_SIGNED_INPUT_COUNT","deriveLocalChallengers","vaultKeeperBtcPubkeys","depositorBtcPubkey","depositor","stripHexPrefix","filtered","k","assertChallengerSetMatchesExpected","challengerPresignData","localChallengers","universalChallengerBtcPubkeys","universal","overlap","expected","suppliedList","suppliedSet","expectedSet","missing","extra","readInputTxid","tx","inputIndex","uint8ArrayToHex","assertInputReferencesParent","noPayoutTx","parentTx","parentLabel","challengerPubkey","parentTxid","inputTxid","collectDepositorGraphPsbts","depositorGraph","walletPublicKey","ctx","psbtHexes","signOptions","challengerEntries","assertPayoutOutputMatchesRegistered","builtPayout","buildPayoutPsbt","createTaprootScriptPathSignOptions","claimerPubkey","assertTxParsed","Transaction","challenger","noPayoutIdx","noPayoutHex","buildLocalNoPayoutPsbt","assertNoPayoutOutputMatchesChallenger","challengeAssertXTx","challengeAssertYTx","prevouts","out","buildNoPayoutPsbt","extractDepositorGraphSignatures","psbtPairs","depositorPubkey","assertPsbtUnsignedTxMatches","payoutSignature","extractPayoutSignature","perChallenger","entry","signPsbtsWithFallback","wallet","options","signed","i","signDepositorGraph","btcWallet","signingContext","validateWalletPubkey","signedPsbtHexes","requestedPsbtHex","MAX_POLLING_TIMEOUT_MS","POST_PAYOUT_STATUSES","TARGET_STATUS","prepareTransactionsForSigning","claimerTransactions","processPublicKeyToXOnly","resolvePayoutScriptPubKey","claimerPubkeyXOnly","context","claimer","vpPubkey","vk","deriveBip86ScriptPubKeyHex","buildPayoutSigningInput","signPayoutTransactions","transactions","onProgress","payoutManager","PayoutManager","totalClaimers","payoutSignatures","r","result","signatures","runDepositorPresignFlow","presignClient","depositorPkNormalized","nonDepositorTxs","preparedTransactions","claimerSignatures","depositorClaimerPresignatures","allSignatures","isValidXOnlyHex","hex","isDepositAmountValid","amountSats","minDeposit","maxDeposit","btcBalance","estimatedFeeSats","depositorClaimValue","validateDepositAmount","amount","formatSatoshisToBtc","validateRemainingCapacity","effectiveRemaining","validateProviderSelection","selectedProviders","availableProviders","availableProvidersLower","p","validateVaultAmounts","amounts","validateVaultProviderPubkey","pubkey","stripped","validateVaultKeepers","validateUniversalChallengers","validateUTXOState","confirmedUTXOs","validateMultiVaultDepositInputs","vaultAmounts","vaultProviderBtcPubkey","amountsValidation","pubkeyValidation","validateOnChainParticipantKeys","vaultRegistryReader","vaultKeeperReader","universalChallengerReader","vaultProviderEthAddress","applicationEntryPoint","expectedVaultProviderBtcPubkey","expectedVaultKeeperBtcPubkeys","expectedUniversalChallengerBtcPubkeys","onChainVpKey","expectedAppVaultKeepersVersion","expectedUniversalChallengersVersion","onChainKeepers","onChainChallengers","canonical","sortedSet","keys","expectedKeepers","onChainKeepersSorted","expectedChallengers","onChainChallengersSorted","RegisteredVaultVersionMismatchError","message","isRegisteredVaultVersionMismatchError","err","verifyRegisteredVaultVersions","vaultIds","expectedOffchainParamsVersion","infos","mismatches","v","id","ClaimerPegoutStatusValue","PEGOUT_TERMINAL_STATUSES","isRecognizedPegoutStatus","isPegoutTerminalStatus","claimerStatus","BIP68NotMatureError","cause","__publicField","BTC_HEX_BYTES_RE","PUBKEY_HEX_RE","REFUND_VSIZE","estimateRefundFeeSats","feeRateSatsVb","REFUND_INPUT_COUNT","MAX_VOUT","BIP68_ERROR_RE","assertNonNegativeInteger","validateVaultRefundData","validateRefundPrePeginContext","c","finalizeAndExtract","signedPsbtHex","psbt","Psbt","e","buildAndBroadcastRefund","readVault","readPrePeginContext","feeRate","signPsbt","broadcastTx","vault","refundFee","xOnlyDepositorPubkey","psbtHex","buildRefundPsbt","signedTxHex"],"mappings":";;;;;;;;;;;AAgBA,MAAMA,KAAiB,uBACjBC,KAAiB,uBAKjBC,KAAmB;AAEzB,SAASC,EAAcC,GAAeC,GAAqB;AACzD,MAAID,EAAM,WAAW;AACnB,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK,+DAA+DD,EAAM,MAAM;AAAA,IAAA;AAGvF,MAAI,CAACJ,GAAe,KAAKI,CAAK;AAC5B,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK;AAAA,IAAA;AAGd;AAEA,SAASC,GAAcF,GAAeC,GAAqB;AACzD,MAAI,CAACJ,GAAe,KAAKG,CAAK;AAC5B,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK;AAAA,IAAA;AAGd;AAEA,SAASE,GAAeH,GAAeC,GAAqB;AAC1D,MAAI,CAACH,GAAiB,KAAKE,CAAK;AAC9B,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK;AAAA,IAAA;AAGd;AAoFA,eAAsBG,GAEpBC,GAA0C;AAC1C,QAAM;AAAA,IACJ,yBAAAC;AAAA,IACA,SAAAC;AAAA,IACA,UAAAC;AAAA,IACA,oBAAAC;AAAA,IACA,eAAAC;AAAA,IACA,QAAAC;AAAA,EAAA,IACEN;AAEJ,EAAAM,KAAA,QAAAA,EAAQ,kBAERT,GAAcI,GAAyB,yBAAyB,GAChEP,EAAcQ,GAAS,SAAS;AAEhC,QAAMK,IAAmBC,EAAgBR,EAAM,MAAM;AAGrD,MAFAN,EAAca,GAAkB,QAAQ,GAEpCJ,MAAa,WACfT,EAAcS,GAAU,UAAU,GAC9B,CAACM,EAA8BF,GAAkBJ,CAAQ;AAC3D,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAKN,SAAAL,GAAeM,GAAoB,oBAAoB,GAEhDC,EAAc;AAAA,IACnB,SAASJ;AAAA,IACT,KAAKS;AAAA,IACL,cAAc;AAAA,IACd,MAAM,CAACR,GAASK,GAAkBH,CAAkB;AAAA,EAAA,CACrD;AACH;AC5JA,MAAMO,KAA2B;AAuBjC,eAAsBC,EACpBC,GACuB;AACvB,QAAM;AAAA,IACJ,cAAAC;AAAA,IACA,WAAAC;AAAA,IACA,gBAAAC;AAAA,IACA,WAAAC;AAAA,IACA,gBAAAC,IAAiBP;AAAA,IACjB,QAAAL;AAAA,EAAA,IACEO,GAEEM,IAAY,KAAK,IAAA;AAEvB,aAAa;AACX,QAAIb,KAAA,QAAAA,EAAQ;AACV,YAAM,IAAI;AAAA,QACR,6BAA6BS,EAAU,MAAM,GAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC;AAAA,MAAA;AAIlG,QAAI,KAAK,QAAQG,KAAaF;AAC5B,YAAM,IAAI;AAAA,QACR,yBAAyBA,CAAS,gBAAgBF,EAAU,MAAM,GAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC;AAAA,MAAA;AAIvH,QAAI;AACF,YAAMI,IAAW,MAAMN,EAAa;AAAA,QAClC,EAAE,YAAYC,EAAA;AAAA,QACdT;AAAA,MAAA;AAIF,UAAIc,EAAS,WAAW,YAAA,MAAkBL,EAAU;AAClD,cAAM,IAAI;AAAA,UACR,4CAA4CK,EAAS,WAAW,MAAM,GAAG,CAAC,CAAC,gBAAgBL,EAAU,MAAM,GAAG,CAAC,CAAC;AAAA,QAAA;AAIpH,YAAMM,IAASD,EAAS;AACxB,UAAIJ,EAAe,IAAIK,CAAM;AAC3B,eAAOA;AAGT,UAAIC,GAAqB,IAAID,CAAM,KAAK,CAACL,EAAe,IAAIK,CAAM;AAChE,cAAM,IAAI;AAAA,UACR,SAASN,EAAU,MAAM,GAAG,CAAC,CAAC,8BAA8BM,CAAM,uBAAuB,CAAC,GAAGL,CAAc,EAAE,KAAK,IAAI,CAAC;AAAA,QAAA;AAAA,IAG7H,SAASO,GAAO;AAOd,UAAI,EAHDA,aAAiBC,MAChBD,EAAM,SAASE,GAAa,aAC7BF,aAAiB,SAASA,EAAM,QAAQ,SAAS,iBAAiB;AAEnE,cAAMA;AAAA,IAEV;AAGA,UAAM,IAAI,QAAc,CAACG,GAASC,MAAW;AAC3C,YAAMC,IAAU,MAAM;AACpB,qBAAaC,CAAS,GACtBF;AAAA,UACE,IAAI;AAAA,YACF,6BAA6BZ,EAAU,MAAM,GAAG,CAAC,CAAC,cAAc,CAAC,GAAGC,CAAc,EAAE,KAAK,IAAI,CAAC;AAAA,UAAA;AAAA,QAChG;AAAA,MAEJ,GACMa,IAAY,WAAW,MAAM;AACjC,QAAAvB,KAAA,QAAAA,EAAQ,oBAAoB,SAASsB,IACrCF,EAAA;AAAA,MACF,GAAGR,CAAc;AACjB,MAAAZ,KAAA,QAAAA,EAAQ,iBAAiB,SAASsB,GAAS,EAAE,MAAM;IACrD,CAAC;AAAA,EACH;AACF;ACjGA,MAAME,KAAyB,MAAS,KAGlCC,yBAAiD,IAAI;AAAA,EACzDC,EAAa;AAAA,EACb,GAAGC;AACL,CAAC;AAwBD,eAAsBC,GACpBrB,GACe;AACf,QAAM;AAAA,IACJ,cAAAC;AAAA,IACA,eAAAqB;AAAA,IACA,WAAApB;AAAA,IACA,aAAAqB;AAAA,IACA,gBAAAC;AAAA,IACA,WAAApB,IAAYa;AAAA,IACZ,QAAAxB;AAAA,EAAA,IACEO;AAEJ,EAAAP,KAAA,QAAAA,EAAQ;AAGR,QAAMe,IAAS,MAAMT,EAAmB;AAAA,IACtC,cAAAE;AAAA,IACA,WAAAC;AAAA,IACA,gBAAgBgB;AAAA,IAChB,WAAAd;AAAA,IACA,QAAAX;AAAA,EAAA,CACD;AAGD,EAAI2B,EAAmB,IAAIZ,CAAM,MAIjCf,KAAA,QAAAA,EAAQ,kBAER,MAAM6B,EAAc;AAAA,IAClB;AAAA,MACE,YAAYpB;AAAA,MACZ,cAAcqB;AAAA,MACd,kBAAkBC;AAAA,IAAA;AAAA,IAEpB/B;AAAA,EAAA;AAEJ;AChCA,MAAMgC,IAA+B;AAoCrC,SAASC,GACPC,GACAC,GACU;AACV,QAAMC,IAAYC,EAAeF,CAAkB,EAAE,YAAA,GAE/CG,IADMJ,EAAsB,IAAI,CAACK,MAAMF,EAAeE,CAAC,EAAE,aAAa,EACvD,OAAO,CAACA,MAAMA,MAAMH,CAAS;AAClD,MAAIE,EAAS,WAAW;AACtB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGJ,MAAI,IAAI,IAAIA,CAAQ,EAAE,SAASA,EAAS;AACtC,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGJ,SAAOA;AACT;AAiBA,SAASE,GACPC,GACAC,GACAC,GACM;AACN,QAAMC,IAAYD,EAA8B;AAAA,IAAI,CAACJ,MACnDF,EAAeE,CAAC,EAAE,YAAA;AAAA,EAAY,GAI1BM,IAAUH,EAAiB,OAAO,CAACH,MAAMK,EAAU,SAASL,CAAC,CAAC;AACpE,MAAIM,EAAQ,SAAS;AACnB,UAAM,IAAI;AAAA,MACR,oFAAoFA,EAAQ,KAAK,IAAI,CAAC;AAAA,IAAA;AAG1G,QAAMC,IAAW,CAAC,GAAGJ,GAAkB,GAAGE,CAAS,GAE7CG,IAAeN,EAAsB;AAAA,IAAI,CAAC,MAC9CJ,EAAe,EAAE,iBAAiB,EAAE,YAAA;AAAA,EAAY,GAE5CW,IAAc,IAAI,IAAID,CAAY;AACxC,MAAIC,EAAY,SAASD,EAAa;AACpC,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGJ,QAAME,IAAc,IAAI,IAAIH,CAAQ,GAC9BI,IAAUJ,EAAS,OAAO,CAAC,MAAM,CAACE,EAAY,IAAI,CAAC,CAAC,GACpDG,IAAQJ,EAAa,OAAO,CAAC,MAAM,CAACE,EAAY,IAAI,CAAC,CAAC;AAC5D,MAAIC,EAAQ,SAAS,KAAKC,EAAM,SAAS;AACvC,UAAM,IAAI;AAAA,MACR,gFACGD,EAAQ,SAAS,IAAI,cAAcA,EAAQ,KAAK,IAAI,CAAC,MAAM,OAC3DC,EAAM,SAAS,IAAI,iBAAiBA,EAAM,KAAK,IAAI,CAAC,MAAM;AAAA,IAAA;AAGnE;AAQA,SAASC,GAAcC,GAAiBC,GAA4B;AAClE,QAAM5D,IAAQ2D,EAAG,IAAIC,CAAU;AAC/B,SAAOC,EAAgB,IAAI,WAAW7D,EAAM,IAAI,EAAE,MAAA,EAAQ,SAAS;AACrE;AAOA,SAAS8D,EACPC,GACAH,GACAI,GACAC,GACAC,GACM;AACN,QAAMlE,IAAQ+D,EAAW,IAAIH,CAAU;AACvC,MAAI5D,EAAM,UAAU;AAClB,UAAM,IAAI;AAAA,MACR,wBAAwBkE,CAAgB,WAAWN,CAAU,sBAAsBK,CAAW,qBAAqBjE,EAAM,KAAK;AAAA,IAAA;AAGlI,QAAMmE,IAAaH,EAAS,MAAA,GACtBI,IAAYV,GAAcK,GAAYH,CAAU;AACtD,MAAIQ,MAAcD;AAChB,UAAM,IAAI;AAAA,MACR,wBAAwBD,CAAgB,WAAWN,CAAU,uBAAuBK,CAAW,mBAAmBE,CAAU,SAASC,CAAS;AAAA,IAAA;AAGpJ;AAYA,eAAeC,GACbC,GACAC,GACAC,GACuC;AACvC,QAAMC,IAAsB,CAAA,GACtBC,IAAiC,CAAA,GACjCC,IAAuC,CAAA,GAIvC3B,IAAmBT;AAAA,IACvBiC,EAAI;AAAA,IACJA,EAAI;AAAA,EAAA;AAEN,EAAA1B;AAAA,IACEwB,EAAe;AAAA,IACftB;AAAA,IACAwB,EAAI;AAAA,EAAA,GAONI;AAAA,IACEN,EAAe,UAAU;AAAA,IACzBE,EAAI;AAAA,EAAA;AAQN,QAAMK,IAAc,MAAMC,GAAgB;AAAA,IACxC,aAAaR,EAAe,UAAU;AAAA,IACtC,YAAYE,EAAI;AAAA,IAChB,aAAaF,EAAe,UAAU;AAAA,IACtC,oBAAoBE,EAAI;AAAA,IACxB,wBAAwBA,EAAI;AAAA,IAC5B,uBAAuBA,EAAI;AAAA,IAC3B,+BAA+BA,EAAI;AAAA,IACnC,eAAeA,EAAI;AAAA,IACnB,SAASA,EAAI;AAAA,EAAA,CACd;AACD,EAAAC,EAAU,KAAKI,EAAY,OAAO,GAClCH,EAAY;AAAA,IACVK;AAAA,MACER;AAAA,MACAjC;AAAA,IAAA;AAAA,EACF;AAIF,QAAM0C,IAAgBrC,EAAe6B,EAAI,kBAAkB,GACrDS,IAAiBC,EAAY;AAAA,IACjCvC,EAAe2B,EAAe,UAAU,MAAM;AAAA,EAAA;AAGhD,aAAWa,KAAcb,EAAe,yBAAyB;AAC/D,UAAMJ,IAAmBvB,EAAewC,EAAW,iBAAiB,GAE9DC,IAAcX,EAAU,QACxBY,IAAc,MAAMC,GAAuB;AAAA,MAC/C,YAAAH;AAAA,MACA,kBAAAjB;AAAA,MACA,eAAAc;AAAA,MACA,kBAAAhC;AAAA,MACA,gBAAAiC;AAAA,MACA,KAAAT;AAAA,IAAA,CACD;AACD,IAAAC,EAAU,KAAKY,CAAW,GAC1BX,EAAY;AAAA,MACVK;AAAA,QACER;AAAA,QACAjC;AAAA,MAAA;AAAA,IACF,GAGFqC,EAAkB,KAAK;AAAA,MACrB,kBAAAT;AAAA,MACA,aAAAkB;AAAA,IAAA,CACD;AAAA,EACH;AAEA,SAAO,EAAE,WAAAX,GAAW,aAAAC,GAAa,mBAAAC,EAAA;AACnC;AAyBA,eAAeW,GACbzE,GACiB;AACjB,QAAM;AAAA,IACJ,YAAAsE;AAAA,IACA,kBAAAjB;AAAA,IACA,eAAAc;AAAA,IACA,kBAAAhC;AAAA,IACA,gBAAAiC;AAAA,IACA,KAAAT;AAAA,EAAA,IACE3D;AAGJ,EAAA0E;AAAA,IACEJ,EAAW,YAAY;AAAA,IACvBjB;AAAA,IACAM,EAAI;AAAA,EAAA;AAIN,QAAMT,IAAamB,EAAY;AAAA,IAC7BvC,EAAewC,EAAW,YAAY,MAAM;AAAA,EAAA,GAExCK,IAAqBN,EAAY;AAAA,IACrCvC,EAAewC,EAAW,sBAAsB,MAAM;AAAA,EAAA,GAElDM,IAAqBP,EAAY;AAAA,IACrCvC,EAAewC,EAAW,sBAAsB,MAAM;AAAA,EAAA;AAGxD,MAAIpB,EAAW,IAAI,WAAW;AAC5B,UAAM,IAAI;AAAA,MACR,wBAAwBG,CAAgB,qCAAqCH,EAAW,IAAI,MAAM;AAAA,IAAA;AAQtG,EAAAD;AAAA,IACEC;AAAA,IACA;AAAA,IACAkB;AAAA,IACA;AAAA,IACAf;AAAA,EAAA,GAEFJ;AAAA,IACEC;AAAA,IACA;AAAA,IACAyB;AAAA,IACA;AAAA,IACAtB;AAAA,EAAA,GAEFJ;AAAA,IACEC;AAAA,IACA;AAAA,IACA0B;AAAA,IACA;AAAA,IACAvB;AAAA,EAAA;AAGF,QAAMwB,IAAW;AAAA,IACfT,EAAe,KAAK,CAAC;AAAA,IACrBO,EAAmB,KAAK,CAAC;AAAA,IACzBC,EAAmB,KAAK,CAAC;AAAA,EAAA,EACzB,IAAI,CAACE,OAAS;AAAA,IACd,eAAe9B,EAAgB,IAAI,WAAW8B,EAAI,MAAM,CAAC;AAAA,IACzD,OAAOA,EAAI;AAAA,EAAA,EACX;AAEF,SAAOC,GAAkB;AAAA,IACvB,eAAeT,EAAW,YAAY;AAAA,IACtC,kBAAAjB;AAAA,IACA,UAAAwB;AAAA,IACA,iBAAiB;AAAA,MACf,SAASV;AAAA,MACT,kBAAAhC;AAAA,MACA,sBAAsBwB,EAAI;AAAA,MAC1B,gBAAgBA,EAAI;AAAA,MACpB,gBAAgBA,EAAI;AAAA,MACpB,eAAeA,EAAI;AAAA,IAAA;AAAA,EACrB,CACD;AACH;AAeA,SAASqB,GACPC,GACAnB,GACAoB,GACiC;AACjC,EAAAC,EAA4BF,EAAU,CAAC,CAAC;AACxC,QAAMG,IAAkBC;AAAA,IACtBJ,EAAU,CAAC,EAAE;AAAA,IACbC;AAAA,EAAA,GAGII,IAA+D,CAAA;AACrE,aAAWC,KAASzB;AAClB,IAAAqB,EAA4BF,EAAUM,EAAM,WAAW,CAAC,GACxDD,EAAcC,EAAM,gBAAgB,IAAI;AAAA,MACtC,oBAAoBF;AAAA,QAClBJ,EAAUM,EAAM,WAAW,EAAE;AAAA,QAC7BL;AAAA,MAAA;AAAA,IACF;AAIJ,SAAO;AAAA,IACL,mBAAmB;AAAA,MACjB,kBAAkBE;AAAA,IAAA;AAAA,IAEpB,gBAAgBE;AAAA,EAAA;AAEpB;AAMA,eAAeE,GACbC,GACA7B,GACA8B,GACmB;AACnB,MAAI,OAAOD,EAAO,aAAc;AAC9B,WAAOA,EAAO,UAAU7B,GAAW8B,CAAO;AAG5C,QAAMC,IAAmB,CAAA;AACzB,WAASC,IAAI,GAAGA,IAAIhC,EAAU,QAAQgC;AACpC,IAAAD,EAAO,KAAK,MAAMF,EAAO,SAAS7B,EAAUgC,CAAC,GAAGF,KAAA,gBAAAA,EAAUE,EAAE,CAAC;AAE/D,SAAOD;AACT;AAsEA,eAAsBE,GACpB7F,GAC0C;AAC1C,QAAM,EAAE,gBAAAyD,GAAgB,WAAAqC,GAAW,gBAAAC,EAAA,IAAmB/F,GAEhD0D,IAAkB,MAAMoC,EAAU,gBAAA,GAIlC,EAAE,iBAAAZ,MAAoBc;AAAA,IAC1BtC;AAAA,IACA5B,EAAeiE,EAAe,kBAAkB;AAAA,EAAA,GAI5C,EAAE,WAAAnC,GAAW,aAAAC,GAAa,mBAAAC,EAAA,IAC9B,MAAMN;AAAA,IACJC;AAAA,IACAC;AAAA,IACAqC;AAAA,EAAA,GAIEE,IAAkB,MAAMT;AAAA,IAC5BM;AAAA,IACAlC;AAAA,IACAC;AAAA,EAAA;AAGF,MAAIoC,EAAgB,WAAWrC,EAAU;AACvC,UAAM,IAAI;AAAA,MACR,mBAAmBqC,EAAgB,MAAM,2BAA2BrC,EAAU,MAAM;AAAA,IAAA;AAKxF,QAAMqB,IAAwBrB,EAAU,IAAI,CAACsC,GAAkBN,OAAO;AAAA,IACpE,kBAAAM;AAAA,IACA,iBAAiBD,EAAgBL,CAAC;AAAA,EAAA,EAClC;AACF,SAAOZ;AAAA,IACLC;AAAA,IACAnB;AAAA,IACAoB;AAAA,EAAA;AAEJ;ACxeA,MAAMiB,KAAyB,OAAU,KAGnCC,wBAAsD,IAAI;AAAA,EAC9DjF,EAAa;AAAA,EACbA,EAAa;AAAA,EACbA,EAAa;AACf,CAAC,GAEKkF,yBAA+C,IAAI;AAAA,EACvDlF,EAAa;AAAA,EACb,GAAGiF;AACL,CAAC;AAYD,SAASE,GACPC,GACuB;AACvB,SAAOA,EAAoB,IAAI,CAACzD,OAAQ;AAAA,IACtC,oBAAoB0D,EAAwB1D,EAAG,cAAc;AAAA,IAC7D,aAAaA,EAAG,UAAU;AAAA,IAC1B,aAAaA,EAAG,UAAU;AAAA,EAAA,EAC1B;AACJ;AAUA,SAAS2D,GACPC,GACAC,GACQ;AACR,QAAMC,IAAU9E,EAAe4E,CAAkB,EAAE,YAAA,GAC7CG,IAAW/E;AAAA,IACf6E,EAAQ;AAAA,EAAA,EACR,YAAA,GACIzB,IAAkBpD;AAAA,IACtB6E,EAAQ;AAAA,EAAA,EACR,YAAA;AAEF,MAAIC,MAAYC,KAAYD,MAAY1B;AACtC,WAAOyB,EAAQ;AAOjB,MAAI,CAHkBA,EAAQ,sBAAsB;AAAA,IAClD,CAACG,MAAOhF,EAAegF,CAAE,EAAE,kBAAkBF;AAAA,EAAA;AAG7C,UAAM,IAAI;AAAA,MACR,0BAA0BA,CAAO;AAAA,IAAA;AAKrC,SAAOG,EAA2BH,CAAO;AAC3C;AAEA,SAASI,EACPlE,GACA6D,GACA;AACA,SAAO;AAAA,IACL,aAAa7D,EAAG;AAAA,IAChB,YAAY6D,EAAQ;AAAA,IACpB,aAAa7D,EAAG;AAAA,IAChB,wBAAwB6D,EAAQ;AAAA,IAChC,uBAAuBA,EAAQ;AAAA,IAC/B,+BAA+BA,EAAQ;AAAA,IACvC,oBAAoBA,EAAQ;AAAA,IAC5B,eAAeA,EAAQ;AAAA,IACvB,8BAA8BF;AAAA,MAC5B3D,EAAG;AAAA,MACH6D;AAAA,IAAA;AAAA,EACF;AAEJ;AAMA,eAAeM,GACbnB,GACAa,GACAO,GACAC,GAC4C;AAC5C,QAAMC,IAAgB,IAAIC,GAAc;AAAA,IACtC,SAASV,EAAQ;AAAA,IACjB,WAAAb;AAAA,EAAA,CACD,GAEKwB,IAAgBJ,EAAa;AACnC,EAAAC,KAAA,QAAAA,EAAa,GAAGG;AAEhB,MAAIC;AAEJ,MAAIH,EAAc;AAIhB,IAAAG,KAHgB,MAAMH,EAAc;AAAA,MAClCF,EAAa,IAAI,CAACpE,MAAOkE,EAAwBlE,GAAI6D,CAAO,CAAC;AAAA,IAAA,GAEpC,IAAI,CAACa,MAAMA,EAAE,eAAe;AAAA,OAClD;AACL,IAAAD,IAAmB,CAAA;AACnB,aAAS3B,IAAI,GAAGA,IAAIsB,EAAa,QAAQtB,KAAK;AAC5C,MAAAuB,KAAA,QAAAA,EAAavB,GAAG0B;AAChB,YAAMG,IAAS,MAAML,EAAc;AAAA,QACjCJ,EAAwBE,EAAatB,CAAC,GAAGe,CAAO;AAAA,MAAA;AAElD,MAAAY,EAAiB,KAAKE,EAAO,SAAS;AAAA,IACxC;AAAA,EACF;AAEA,QAAMC,IAAgD,CAAA;AACtD,WAAS9B,IAAI,GAAGA,IAAIsB,EAAa,QAAQtB;AACvC,IAAA8B,EAAWR,EAAatB,CAAC,EAAE,kBAAkB,IAAI;AAAA,MAC/C,kBAAkB2B,EAAiB3B,CAAC;AAAA,IAAA;AAIxC,SAAAuB,KAAA,QAAAA,EAAaG,GAAeA,IACrBI;AACT;AAcA,eAAsBC,GACpB3H,GACe;AACf,QAAM;AAAA,IACJ,cAAAC;AAAA,IACA,eAAA2H;AAAA,IACA,WAAA9B;AAAA,IACA,WAAA5F;AAAA,IACA,aAAAqB;AAAA,IACA,gBAAAwE;AAAA,IACA,WAAA3F,IAAY+F;AAAA,IACZ,QAAA1G;AAAA,IACA,YAAA0H;AAAA,EAAA,IACEnH,GAGEQ,IAAS,MAAMT,EAAmB;AAAA,IACtC,cAAAE;AAAA,IACA,WAAAC;AAAA,IACA,gBAAgBmG;AAAA,IAChB,WAAAjG;AAAA,IACA,QAAAX;AAAA,EAAA,CACD;AAGD,MAAI2G,EAAqB,IAAI5F,CAAM;AACjC;AAGF,EAAAf,KAAA,QAAAA,EAAQ;AAGR,QAAMc,IAAW,MAAMqH,EAAc;AAAA,IACnC;AAAA,MACE,YAAY1H;AAAA,MACZ,cAAcqB;AAAA,IAAA;AAAA,IAEhB9B;AAAA,EAAA;AAGF,EAAAA,KAAA,QAAAA,EAAQ;AAOR,QAAMoI,IAAwBrB,EAAwBjF,CAAW,GAC3DuG,IAAkBvH,EAAS,IAAI;AAAA,IACnC,CAACuC,MAAO0D,EAAwB1D,EAAG,cAAc,MAAM+E;AAAA,EAAA,GAEnDE,IAAuBzB,GAA8BwB,CAAe,GACpEE,IAAoB,MAAMf;AAAA,IAC9BnB;AAAA,IACAC;AAAA,IACAgC;AAAA,IACAZ;AAAA,EAAA;AAGF,EAAA1H,KAAA,QAAAA,EAAQ;AAKR,QAAMwI,IAAgC,MAAMpC,GAAmB;AAAA,IAC7D,gBAAgBtF,EAAS;AAAA,IACzB,WAAAuF;AAAA,IACA,gBAAgB;AAAA,MACd,YAAYC,EAAe;AAAA,MAC3B,oBAAoBxE;AAAA,MACpB,wBAAwBwE,EAAe;AAAA,MACvC,uBAAuBA,EAAe;AAAA,MACtC,+BACEA,EAAe;AAAA,MACjB,eAAeA,EAAe;AAAA,MAC9B,gBAAgBA,EAAe;AAAA,MAC/B,gBAAgBA,EAAe;AAAA,MAC/B,eAAeA,EAAe;AAAA,MAC9B,SAASA,EAAe;AAAA,MACxB,8BAA8BA,EAAe;AAAA,IAAA;AAAA,EAC/C,CACD;AAED,EAAAtG,KAAA,QAAAA,EAAQ;AAIR,QAAMyI,IAAgB,EAAE,GAAGF,EAAA;AAC3B,EAAAE,EAAcpG,EAAeP,CAAW,CAAC,IACvC0G,EAA8B,mBAEhC,MAAML,EAAc;AAAA,IAClB;AAAA,MACE,YAAY1H;AAAA,MACZ,cAAcqB;AAAA,MACd,YAAY2G;AAAA,MACZ,iCAAiCD;AAAA,IAAA;AAAA,IAEnCxI;AAAA,EAAA;AAEJ;AC1QA,SAAS0I,GAAgBC,GAAsB;AAC7C,SAAO,oBAAoB,KAAKA,CAAG;AACrC;AAYO,SAASC,GACdrI,GACS;AACT,QAAM;AAAA,IACJ,YAAAsI;AAAA,IACA,YAAAC;AAAA,IACA,YAAAC;AAAA,IACA,YAAAC;AAAA,IACA,kBAAAC;AAAA,IACA,qBAAAC;AAAA,EAAA,IACE3I;AASJ,SAPI,EAAAsI,KAAc,MACdA,IAAaC,KACbC,KAAcA,IAAa,MAAMF,IAAaE,KAE9CE,KAAoB,QAAQC,KAAuB,QAEjCL,IAAaI,IAAmBC,IAClCF;AAGtB;AAKO,SAASG,GACdC,GACAN,GACAC,GACkB;AAClB,SAAIK,KAAU,KACL;AAAA,IACL,OAAO;AAAA,IACP,OAAO;AAAA,EAAA,IAIPA,IAASN,IACJ;AAAA,IACL,OAAO;AAAA,IACP,OAAO,sBAAsBO,EAAoBP,CAAU,CAAC;AAAA,EAAA,IAI5DC,KAAcA,IAAa,MAAMK,IAASL,IACrC;AAAA,IACL,OAAO;AAAA,IACP,OAAO,sBAAsBM,EAAoBN,CAAU,CAAC;AAAA,EAAA,IAIzD,EAAE,OAAO,GAAA;AAClB;AAKO,SAASO,GACd/I,GACkB;AAClB,QAAM,EAAE,QAAA6I,GAAQ,oBAAAG,EAAA,IAAuBhJ;AACvC,SAAIgJ,MAAuB,OAAa,EAAE,OAAO,GAAA,IAE7CA,MAAuB,KAClB;AAAA,IACL,OAAO;AAAA,IACP,OAAO;AAAA,EAAA,IAIPH,IAASG,IACJ;AAAA,IACL,OAAO;AAAA,IACP,OAAO,0CAA0CF,EAAoBE,CAAkB,CAAC;AAAA,EAAA,IAIrF,EAAE,OAAO,GAAA;AAClB;AAOO,SAASC,GACdC,GACAC,GACkB;AAClB,MAAI,CAACD,KAAqBA,EAAkB,WAAW;AACrD,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAIX,QAAME,IAA0BD,EAAmB;AAAA,IAAI,CAACE,MACtDA,EAAE,YAAA;AAAA,EAAY;AAMhB,SAJyBH,EAAkB;AAAA,IACzC,CAACG,MAAM,CAACD,EAAwB,SAASC,EAAE,aAAa;AAAA,EAAA,EAGrC,SAAS,IACrB;AAAA,IACL,OAAO;AAAA,IACP,OAAO;AAAA,EAAA,IAIJ,EAAE,OAAO,GAAA;AAClB;AAQO,SAASC,GACdC,GACAhB,GACAC,GACkB;AAClB,MAAI,CAACe,KAAWA,EAAQ,WAAW;AACjC,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAIX,WAAS3D,IAAI,GAAGA,IAAI2D,EAAQ,QAAQ3D,KAAK;AACvC,UAAMiD,IAASU,EAAQ3D,CAAC;AACxB,QAAIiD,KAAU;AACZ,aAAO;AAAA,QACL,OAAO;AAAA,QACP,OAAO,SAASjD,IAAI,CAAC;AAAA,MAAA;AAGzB,QAAI2C,KAAcM,IAASN;AACzB,aAAO;AAAA,QACL,OAAO;AAAA,QACP,OAAO,SAAS3C,IAAI,CAAC,WAAWkD,EAAoBD,CAAM,CAAC,iCAAiCC,EAAoBP,CAAU,CAAC;AAAA,MAAA;AAG/H,QAAIC,KAAcK,IAASL;AACzB,aAAO;AAAA,QACL,OAAO;AAAA,QACP,OAAO,SAAS5C,IAAI,CAAC,WAAWkD,EAAoBD,CAAM,CAAC,gCAAgCC,EAAoBN,CAAU,CAAC;AAAA,MAAA;AAAA,EAGhI;AAEA,SAAO,EAAE,OAAO,GAAA;AAClB;AAKO,SAASgB,GAA4BC,GAAkC;AAC5E,QAAMC,IAAW5H,EAAe2H,CAAM;AACtC,SAAKtB,GAAgBuB,CAAQ,IAOtB,EAAE,OAAO,GAAA,IANP;AAAA,IACL,OAAO;AAAA,IACP,OACE;AAAA,EAAA;AAIR;AAMA,SAASC,GAAqBhI,GAAuC;AACnE,MAAI,CAACA,KAAyBA,EAAsB,WAAW;AAC7D,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;AAEA,SAASiI,GACPxH,GACM;AACN,MACE,CAACA,KACDA,EAA8B,WAAW;AAEzC,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;AAEA,SAASyH,GAAkBC,GAAkC;AAC3D,MAAIA,EAAe,WAAW;AAC5B,UAAM,IAAI,MAAM,8BAA8B;AAElD;AAaO,SAASC,GACd/J,GACM;AACN,QAAM;AAAA,IACJ,cAAAgK;AAAA,IACA,gBAAAF;AAAA,IACA,wBAAAG;AAAA,IACA,uBAAAtI;AAAA,IACA,+BAAAS;AAAA,IACA,YAAAmG;AAAA,IACA,YAAAC;AAAA,EAAA,IACExI,GAEEkK,IAAoBZ;AAAA,IACxBU;AAAA,IACAzB;AAAA,IACAC;AAAA,EAAA;AAEF,MAAI,CAAC0B,EAAkB;AACrB,UAAM,IAAI,MAAMA,EAAkB,KAAK;AAIzC,QAAMC,IAAmBX,GAA4BS,CAAsB;AAC3E,MAAI,CAACE,EAAiB;AACpB,UAAM,IAAI,MAAMA,EAAiB,KAAK;AAGxC,EAAAR,GAAqBhI,CAAqB,GAC1CiI,GAA6BxH,CAA6B,GAC1DyH,GAAkBC,CAAc;AAClC;AC/TA,eAAsBM,GACpBpK,GAC0C;AAC1C,QAAM;AAAA,IACJ,qBAAAqK;AAAA,IACA,mBAAAC;AAAA,IACA,2BAAAC;AAAA,IACA,yBAAAC;AAAA,IACA,uBAAAC;AAAA,IACA,gCAAAC;AAAA,IACA,+BAAAC;AAAA,IACA,uCAAAC;AAAA,EAAA,IACE5K,GAEE;AAAA,IACJ6K;AAAA,IACAC;AAAA,IACAC;AAAA,EAAA,IACE,MAAM,QAAQ,IAAI;AAAA,IACpBV,EAAoB,0BAA0BG,CAAuB;AAAA,IACrEF,EAAkB,8BAA8BG,CAAqB;AAAA,IACrEF,EAA0B,qCAAA;AAAA,EAAqC,CAChE,GAEK,CAACS,GAAgBC,CAAkB,IAAI,MAAM,QAAQ,IAAI;AAAA,IAC7DX,EAAkB;AAAA,MAChBG;AAAA,MACAK;AAAA,IAAA;AAAA,IAEFP,EAA0B;AAAA,MACxBQ;AAAA,IAAA;AAAA,EACF,CACD,GAEKG,IAAY,CAAClJ,MAAcwE,EAAwBxE,CAAC,EAAE,YAAA,GACtDmJ,IAAY,CAACC,MAAmBA,EAAK,IAAIF,CAAS,EAAE,KAAA;AAG1D,MAD2BA,EAAUR,CAA8B,MACxCG;AACzB,UAAM,IAAI;AAAA,MACR,8EAA8EL,CAAuB;AAAA,IAAA;AAIzG,QAAMa,IAAkBF,EAAUR,CAA6B,GACzDW,IAAuBH;AAAA,IAC3BH,EAAe,IAAI,CAAC,MAAM,EAAE,SAAS;AAAA,EAAA;AAEvC,MACEK,EAAgB,WAAWC,EAAqB,UAChDD,EAAgB,KAAK,CAACrJ,GAAG4D,MAAM5D,MAAMsJ,EAAqB1F,CAAC,CAAC;AAE5D,UAAM,IAAI;AAAA,MACR,8BAA8BkF,CAA8B;AAAA,IAAA;AAIhE,QAAMS,IAAsBJ,EAAUP,CAAqC,GACrEY,IAA2BL;AAAA,IAC/BF,EAAmB,IAAI,CAAC,MAAM,EAAE,SAAS;AAAA,EAAA;AAE3C,MACEM,EAAoB,WAAWC,EAAyB,UACxDD,EAAoB,KAAK,CAACvJ,GAAG4D,MAAM5D,MAAMwJ,EAAyB5F,CAAC,CAAC;AAEpE,UAAM,IAAI;AAAA,MACR,sCAAsCmF,CAAmC;AAAA,IAAA;AAI7E,SAAO;AAAA,IACL,6BAA6BF;AAAA,IAC7B,6BAA6BS;AAAA,IAC7B,qCAAqCE;AAAA,IACrC,gCAAAV;AAAA,IACA,qCAAAC;AAAA,EAAA;AAEJ;AC3FO,MAAMU,UAA4C,MAAM;AAAA,EAC7D,YAAYC,GAAiB;AAC3B,UAAMA,CAAO,GACb,KAAK,OAAO;AAAA,EACd;AACF;AAIO,SAASC,GACdC,GAC4C;AAC5C,SACEA,aAAeH,KACdG,aAAe,SAASA,EAAI,SAAS;AAE1C;AAEA,eAAsBC,GACpB7L,GACe;AACf,QAAM;AAAA,IACJ,qBAAAqK;AAAA,IACA,UAAAyB;AAAA,IACA,+BAAAC;AAAA,IACA,gCAAAjB;AAAA,IACA,qCAAAC;AAAA,EAAA,IACE/K,GAEEgM,IAAQ,MAAM3B,EAAoB,qBAAqByB,CAAQ,GAE/DG,IAAuB,CAAA;AAoB7B,MAnBAD,EAAM,QAAQ,CAACE,GAAGtG,MAAM;AACtB,UAAMuG,IAAKL,EAASlG,CAAC;AACrB,IAAIsG,EAAE,0BAA0BH,KAC9BE,EAAW;AAAA,MACT,SAASE,CAAE,8BAA8BJ,CAA6B,UAAUG,EAAE,qBAAqB;AAAA,IAAA,GAGvGA,EAAE,2BAA2BpB,KAC/BmB,EAAW;AAAA,MACT,SAASE,CAAE,+BAA+BrB,CAA8B,UAAUoB,EAAE,sBAAsB;AAAA,IAAA,GAG1GA,EAAE,gCAAgCnB,KACpCkB,EAAW;AAAA,MACT,SAASE,CAAE,oCAAoCpB,CAAmC,UAAUmB,EAAE,2BAA2B;AAAA,IAAA;AAAA,EAG/H,CAAC,GAEGD,EAAW,SAAS;AACtB,UAAM,IAAIR;AAAA,MACR,+FAA+FQ,EAAW,KAAK,IAAI,CAAC;AAAA,IAAA;AAG1H;ACzDO,IAAKG,sBAAAA,OACVA,EAAA,uBAAuB,sBACvBA,EAAA,kBAAkB,kBAClBA,EAAA,mBAAmB,mBACnBA,EAAA,4BAA4B,2BAC5BA,EAAA,+BAA+B,8BAC/BA,EAAA,mBAAmB,mBACnBA,EAAA,SAAS,UAPCA,IAAAA,KAAA,CAAA,CAAA;AAUZ,MAAMC,yBAA+B,IAAY;AAAA,EAC/C;AAAA,EACA;AAAA;AACF,CAAC;AAGM,SAASC,GAAyB9L,GAAyB;AAChE,SAAO,OAAO,OAAO4L,CAAwB,EAAE;AAAA,IAC7C5L;AAAA,EAAA;AAEJ;AAOO,SAAS+L,GACdC,GACS;AACT,SAAO,CAAC,CAACA,KAAiBH,GAAyB,IAAIG,CAAa;AACtE;AC9BO,MAAMC,WAA4B,MAAM;AAAA,EAI7C,YAAYpN,GAAcqN,GAAc;AACtC,UAAM,4CAA4CA,EAAM,OAAO,EAAE;AAJnD,IAAAC,EAAA;AACS,IAAAA,EAAA;AAIvB,SAAK,OAAO,uBACZ,KAAK,UAAUtN,GACf,KAAK,QAAQqN;AAAA,EACf;AACF;ACGA,MAAMhO,KAAiB,uBAKjBkO,KAAmB,gCAKnBC,IAAgB,gDAKTC,IAAe;AAQrB,SAASC,GAAsBC,GAA+B;AACnE,MAAI,CAAC,OAAO,SAASA,CAAa,KAAKA,KAAiB;AACtD,UAAM,IAAI;AAAA,MACR,uDAAuDA,CAAa;AAAA,IAAA;AAGxE,SAAO,OAAO,KAAK,KAAKA,IAAgBF,CAAY,CAAC;AACvD;AAKA,MAAMG,KAAqB,GACrBC,IAAW,OACXC,KAAiB;AAEvB,SAAStO,EAAcC,GAAeC,GAAqB;AACzD,MAAID,EAAM,WAAW;AACnB,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK,+DAA+DD,EAAM,MAAM;AAAA,IAAA;AAGvF,MAAI,CAACJ,GAAe,KAAKI,CAAK;AAC5B,UAAM,IAAI;AAAA,MACR,GAAGC,CAAK;AAAA,IAAA;AAGd;AAmGA,SAASqO,EAAyBtO,GAAeC,GAAqB;AACpE,MAAI,CAAC,OAAO,UAAUD,CAAK,KAAKA,IAAQ;AACtC,UAAM,IAAI,MAAM,GAAGC,CAAK,wCAAwCD,CAAK,EAAE;AAE3E;AAEA,SAASuO,GAAwBnB,GAA0B;AAEzD,MADArN,EAAcqN,EAAE,UAAU,UAAU,GAElC,CAAC,OAAO,UAAUA,EAAE,QAAQ,KAC5BA,EAAE,WAAW,KACbA,EAAE,WAAWgB;AAEb,UAAM,IAAI;AAAA,MACR,iCAAiCA,CAAQ,SAAShB,EAAE,QAAQ;AAAA,IAAA;AAahE,MANAkB,EAAyBlB,EAAE,uBAAuB,uBAAuB,GACzEkB,EAAyBlB,EAAE,wBAAwB,wBAAwB,GAC3EkB;AAAA,IACElB,EAAE;AAAA,IACF;AAAA,EAAA,GAEE,OAAOA,EAAE,yBAA0B,YAAYA,EAAE,sBAAsB,WAAW;AACpF,UAAM,IAAI,MAAM,sDAAsD;AAExE,MAAI,CAACU,GAAiB,KAAKV,EAAE,qBAAqB;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGJ,MAAI,CAACA,EAAE,sBAAsB,CAACW,EAAc,KAAKX,EAAE,kBAAkB;AACnE,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGJ,MAAI,OAAOA,EAAE,UAAW,YAAYA,EAAE,UAAU;AAC9C,UAAM,IAAI,MAAM,yCAAyCA,EAAE,MAAM,EAAE;AAEvE;AAEA,SAASoB,GAA8BC,GAAgC;AACrE,MAAI,CAACA,EAAE,uBAAuB,CAACV,EAAc,KAAKU,EAAE,mBAAmB;AACrE,UAAM,IAAI,MAAM,mDAAmD;AAErE,MAAIA,EAAE,mBAAmB,WAAW;AAClC,UAAM,IAAI,MAAM,sCAAsC;AAExD,MAAIA,EAAE,2BAA2B,WAAW;AAC1C,UAAM,IAAI,MAAM,8CAA8C;AAEhE,MAAI,CAAC,OAAO,UAAUA,EAAE,cAAc,KAAKA,EAAE,kBAAkB;AAC7D,UAAM,IAAI;AAAA,MACR,kDAAkDA,EAAE,cAAc;AAAA,IAAA;AAGtE,MAAI,OAAOA,EAAE,WAAY,YAAYA,EAAE,WAAW;AAChD,UAAM,IAAI;AAAA,MACR,mDAAmDA,EAAE,OAAO;AAAA,IAAA;AAGhE,MACE,CAAC,OAAO,UAAUA,EAAE,mBAAmB,KACvCA,EAAE,sBAAsB;AAExB,UAAM,IAAI,MAAM,oDAAoD;AAEtE,MACE,CAAC,OAAO,UAAUA,EAAE,aAAa,KACjC,CAAC,OAAO,UAAUA,EAAE,WAAW,KAC/BA,EAAE,iBAAiB,KACnBA,EAAE,eAAe,KACjBA,EAAE,gBAAgBA,EAAE;AAEpB,UAAM,IAAI;AAAA,MACR,kBAAkBA,EAAE,aAAa,gCAAgCA,EAAE,WAAW;AAAA,IAAA;AAGpF;AAEA,SAASC,GAAmBC,GAA+B;AACzD,QAAMC,IAAOC,GAAK,QAAQF,CAAa;AACvC,MAAI;AACF,IAAAC,EAAK,kBAAA;AAAA,EACP,SAASE,GAAY;AAGnB,UAAMlC,IAAUkC,aAAa,QAAQA,EAAE,UAAU,OAAOA,CAAC;AACzD,QAAI,CAAClC,EAAQ,SAAS,mBAAmB;AACvC,YAAM,IAAI,MAAM,mCAAmCA,CAAO,EAAE;AAAA,EAEhE;AACA,SAAOgC,EAAK,mBAAA,EAAqB,MAAA;AACnC;AAsBA,eAAsBG,GAEpB1O,GAAmC;AACnC,QAAM;AAAA,IACJ,SAAAE;AAAA,IACA,WAAAyO;AAAA,IACA,qBAAAC;AAAA,IACA,SAAAC;AAAA,IACA,UAAAC;AAAA,IACA,aAAAC;AAAA,IACA,QAAAzO;AAAA,EAAA,IACEN;AAEJ,EAAAM,KAAA,QAAAA,EAAQ,kBACRZ,EAAcQ,GAAS,SAAS;AAEhC,QAAM8O,IAAQ,MAAML,EAAA;AACpB,EAAAT,GAAwBc,CAAK,GAC7B1O,KAAA,QAAAA,EAAQ;AAER,QAAMkE,IAAM,MAAMoK,EAAoBI,CAAK;AAI3C,MAHAb,GAA8B3J,CAAG,GACjClE,KAAA,QAAAA,EAAQ,kBAEJ,CAAC,OAAO,SAASuO,CAAO,KAAKA,KAAW;AAC1C,UAAM,IAAI,MAAM,0CAA0CA,CAAO,EAAE;AAErE,QAAMI,IAAY,OAAO,KAAK,KAAKJ,IAAUlB,CAAY,CAAC;AAC1D,EAAArN,KAAA,QAAAA,EAAQ;AAMR,QAAM4O,IAAuB7H;AAAA,IAC3B2H,EAAM;AAAA,EAAA,GAEF,EAAE,SAAAG,MAAY,MAAMC,GAAgB;AAAA,IACxC,gBAAgB;AAAA,MACd,iBAAiBF;AAAA,MACjB,qBAAqBvM,EAAe6B,EAAI,mBAAmB;AAAA,MAC3D,oBAAoBA,EAAI,mBAAmB,IAAI7B,CAAc;AAAA,MAC7D,4BACE6B,EAAI,2BAA2B,IAAI7B,CAAc;AAAA,MACnD,WAAW,CAACA,EAAeqM,EAAM,QAAQ,CAAC;AAAA,MAC1C,gBAAgBxK,EAAI;AAAA,MACpB,cAAc,CAACwK,EAAM,MAAM;AAAA,MAC3B,SAASxK,EAAI;AAAA,MACb,qBAAqBA,EAAI;AAAA,MACzB,eAAeA,EAAI;AAAA,MACnB,aAAaA,EAAI;AAAA,MACjB,SAASA,EAAI;AAAA,IAAA;AAAA,IAEf,qBAAqB7B,EAAeqM,EAAM,qBAAqB;AAAA,IAC/D,UAAUA,EAAM;AAAA,IAChB,WAAAC;AAAA;AAAA;AAAA;AAAA;AAAA,IAKA,UAAUtM,EAAeqM,EAAM,QAAQ;AAAA,EAAA,CACxC;AACD,EAAA1O,KAAA,QAAAA,EAAQ;AAER,QAAMoE,IAAcK;AAAA,IAClBiK,EAAM;AAAA,IACNlB;AAAA,EAAA,GAEIQ,IAAgB,MAAMQ,EAASK,GAASzK,CAAW;AAEzD,EAAAsB,EAA4B;AAAA,IAC1B,kBAAkBmJ;AAAA,IAClB,iBAAiBb;AAAA,EAAA,CAClB;AAED,QAAMe,IAAchB,GAAmBC,CAAa;AACpD,EAAAhO,KAAA,QAAAA,EAAQ;AAER,MAAI;AACF,WAAO,MAAMyO,EAAYM,CAAW;AAAA,EACtC,SAAS9N,GAAO;AACd,UAAIA,aAAiB,SAASyM,GAAe,KAAKzM,EAAM,OAAO,IACvD,IAAI+L,GAAoBpN,GAASqB,CAAK,IAExCA;AAAA,EACR;AACF;"}

package/dist/buildAndBroadcastRefund-DyPQyghx.cjs

@@ -1,2 +0,0 @@
-"use strict";var W=Object.defineProperty;var Q=(e,t,r)=>t in e?W(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r;var S=(e,t,r)=>Q(e,typeof t!="symbol"?t+"":t,r);const Y=require("./BTCVaultRegistry.abi-ZdPpION2.cjs"),c=require("./bitcoin-CHfKAhcI.cjs"),M=require("./PayoutManager-BxAY2x0g.cjs"),f=require("./types-DnyyBNcC.cjs"),T=require("bitcoinjs-lib"),m=require("./assertPsbtUnsignedTxMatches-BoHwgW30.cjs"),A=require("./noPayout-B6s8vrW6.cjs"),V=require("./signing-Bnsro0hE.cjs"),j=/^0x[0-9a-fA-F]{64}$/,Z=/^0x[0-9a-fA-F]{40}$/,J=/^0x([0-9a-fA-F]{2})*$/;function _(e,t){if(e.length!==66)throw new Error(`${t} must be 32 bytes (66 hex chars with 0x prefix), got length ${e.length}`);if(!j.test(e))throw new Error(`${t} must contain only hex characters after the 0x prefix`)}function ee(e,t){if(!Z.test(e))throw new Error(`${t} must be a 20-byte 0x-prefixed hex address (42 chars)`)}function te(e,t){if(!J.test(e))throw new Error(`${t} must be a 0x-prefixed hex string with an even number of hex chars`)}async function re(e){const{btcVaultRegistryAddress:t,vaultId:r,hashlock:n,activationMetadata:i,writeContract:u,signal:s}=e;s==null||s.throwIfAborted(),ee(t,"btcVaultRegistryAddress"),_(r,"vaultId");const a=c.ensureHexPrefix(e.secret);if(_(a,"secret"),n!==void 0&&(_(n,"hashlock"),!M.validateSecretAgainstHashlock(a,n)))throw new Error("Invalid secret: SHA256(secret) does not match the provided hashlock");return te(i,"activationMetadata"),u({address:t,abi:Y.BTCVaultRegistryABI,functionName:"activateVaultWithSecret",args:[r,a,i]})}const ne=1e4;async function R(e){const{statusReader:t,peginTxid:r,targetStatuses:n,timeoutMs:i,pollIntervalMs:u=ne,signal:s}=e,a=Date.now();for(;;){if(s!=null&&s.aborted)throw new Error(`Polling aborted for pegin ${r.slice(0,8)}… (target: ${[...n].join(", ")})`);if(Date.now()-a>=i)throw new Error(`Polling timeout after ${i}ms for pegin ${r.slice(0,8)}… (target: ${[...n].join(", ")})`);try{const o=await t.getPeginStatus({pegin_txid:r},s);if(o.pegin_txid.toLowerCase()!==r.toLowerCase())throw new Error(`getPeginStatus returned status for pegin ${o.pegin_txid.slice(0,8)}…, requested ${r.slice(0,8)}…`);const l=o.status;if(n.has(l))return l;if(f.VP_TERMINAL_STATUSES.has(l)&&!n.has(l))throw new Error(`Pegin ${r.slice(0,8)}… reached terminal status "${l}" while waiting for ${[...n].join(", ")}`)}catch(o){if(!(o instanceof f.JsonRpcError&&o.code===f.RpcErrorCode.NOT_FOUND||o instanceof Error&&o.message.includes("PegIn not found")))throw o}await new Promise((o,l)=>{const p=()=>{clearTimeout(d),l(new Error(`Polling aborted for pegin ${r.slice(0,8)}… (target: ${[...n].join(", ")})`))},d=setTimeout(()=>{s==null||s.removeEventListener("abort",p),o()},u);s==null||s.addEventListener("abort",p,{once:!0})})}}const oe=300*1e3,ie=new Set([f.DaemonStatus.PENDING_DEPOSITOR_WOTS_PK,...f.POST_WOTS_STATUSES]);async function se(e){const{statusReader:t,wotsSubmitter:r,peginTxid:n,depositorPk:i,wotsPublicKeys:u,timeoutMs:s=oe,signal:a}=e;a==null||a.throwIfAborted();const o=await R({statusReader:t,peginTxid:n,targetStatuses:ie,timeoutMs:s,signal:a});f.POST_WOTS_STATUSES.has(o)||(a==null||a.throwIfAborted(),await r.submitDepositorWotsKey({pegin_txid:n,depositor_pk:i,wots_public_keys:u},a))}const K=1;function ae(e,t){const r=c.stripHexPrefix(t).toLowerCase(),i=e.map(u=>c.stripHexPrefix(u).toLowerCase()).filter(u=>u!==r);if(i.length===0)throw new Error("Cannot derive localChallengers: vault keeper set is empty (or contains only the depositor)");if(new Set(i).size!==i.length)throw new Error("Cannot derive localChallengers: duplicate vaultKeeper key — signing context is misconfigured");return i}function ue(e,t,r){const n=r.map(d=>c.stripHexPrefix(d).toLowerCase()),i=t.filter(d=>n.includes(d));if(i.length>0)throw new Error(`Cannot validate challenger set: vault keepers and universal challengers overlap (${i.join(", ")})`);const u=[...t,...n],s=e.map(d=>c.stripHexPrefix(d.challenger_pubkey).toLowerCase()),a=new Set(s);if(a.size!==s.length)throw new Error("Depositor graph contains duplicate challenger entries in challenger_presign_data");const o=new Set(u),l=u.filter(d=>!a.has(d)),p=s.filter(d=>!o.has(d));if(l.length>0||p.length>0)throw new Error("Depositor graph challenger set does not match expected (local ∪ universal)"+(l.length>0?` (missing: ${l.join(", ")})`:"")+(p.length>0?` (unexpected: ${p.join(", ")})`:""))}function le(e,t){const r=e.ins[t];return c.uint8ArrayToHex(new Uint8Array(r.hash).slice().reverse())}function C(e,t,r,n,i){const u=e.ins[t];if(u.index!==0)throw new Error(`NoPayout (challenger ${i}) input ${t} expected to spend ${n} vout 0, got vout ${u.index}`);const s=r.getId(),a=le(e,t);if(a!==s)throw new Error(`NoPayout (challenger ${i}) input ${t} does not reference ${n} (expected txid ${s}, got ${a})`)}async function ce(e,t,r){const n=[],i=[],u=[],s=ae(r.vaultKeeperBtcPubkeys,r.depositorBtcPubkey);ue(e.challenger_presign_data,s,r.universalChallengerBtcPubkeys),m.assertPayoutOutputMatchesRegistered(e.payout_tx.tx_hex,r.registeredPayoutScriptPubKey);const a=await m.buildPayoutPsbt({payoutTxHex:e.payout_tx.tx_hex,peginTxHex:r.peginTxHex,assertTxHex:e.assert_tx.tx_hex,depositorBtcPubkey:r.depositorBtcPubkey,vaultProviderBtcPubkey:r.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:r.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:r.universalChallengerBtcPubkeys,timelockPegin:r.timelockPegin,network:r.network});n.push(a.psbtHex),i.push(V.createTaprootScriptPathSignOptions(t,K));const o=c.stripHexPrefix(r.depositorBtcPubkey),l=T.Transaction.fromHex(c.stripHexPrefix(e.assert_tx.tx_hex));for(const p of e.challenger_presign_data){const d=c.stripHexPrefix(p.challenger_pubkey),g=n.length,x=await de({challenger:p,challengerPubkey:d,claimerPubkey:o,localChallengers:s,assertTxParsed:l,ctx:r});n.push(x),i.push(V.createTaprootScriptPathSignOptions(t,K)),u.push({challengerPubkey:d,noPayoutIdx:g})}return{psbtHexes:n,signOptions:i,challengerEntries:u}}async function de(e){const{challenger:t,challengerPubkey:r,claimerPubkey:n,localChallengers:i,assertTxParsed:u,ctx:s}=e;A.assertNoPayoutOutputMatchesChallenger(t.nopayout_tx.tx_hex,r,s.network);const a=T.Transaction.fromHex(c.stripHexPrefix(t.nopayout_tx.tx_hex)),o=T.Transaction.fromHex(c.stripHexPrefix(t.challenge_assert_x_tx.tx_hex)),l=T.Transaction.fromHex(c.stripHexPrefix(t.challenge_assert_y_tx.tx_hex));if(a.ins.length!==3)throw new Error(`NoPayout (challenger ${r}) must have exactly 3 inputs, got ${a.ins.length}`);C(a,0,u,"Assert",r),C(a,1,o,"ChallengeAssertX",r),C(a,2,l,"ChallengeAssertY",r);const p=[u.outs[0],o.outs[0],l.outs[0]].map(d=>({script_pubkey:c.uint8ArrayToHex(new Uint8Array(d.script)),value:d.value}));return A.buildNoPayoutPsbt({noPayoutTxHex:t.nopayout_tx.tx_hex,challengerPubkey:r,prevouts:p,connectorParams:{claimer:n,localChallengers:i,universalChallengers:s.universalChallengerBtcPubkeys,timelockAssert:s.timelockAssert,councilMembers:s.councilMembers,councilQuorum:s.councilQuorum}})}function pe(e,t,r){m.assertPsbtUnsignedTxMatches(e[0]);const n=m.extractPayoutSignature(e[0].returnedPsbtHex,r),i={};for(const u of t)m.assertPsbtUnsignedTxMatches(e[u.noPayoutIdx]),i[u.challengerPubkey]={nopayout_signature:m.extractPayoutSignature(e[u.noPayoutIdx].returnedPsbtHex,r)};return{payout_signatures:{payout_signature:n},per_challenger:i}}async function he(e,t,r){if(typeof e.signPsbts=="function")return e.signPsbts(t,r);const n=[];for(let i=0;i<t.length;i++)n.push(await e.signPsbt(t[i],r==null?void 0:r[i]));return n}async function L(e){const{depositorGraph:t,btcWallet:r,signingContext:n}=e,i=await r.getPublicKeyHex(),{depositorPubkey:u}=c.validateWalletPubkey(i,c.stripHexPrefix(n.depositorBtcPubkey)),{psbtHexes:s,signOptions:a,challengerEntries:o}=await ce(t,i,n),l=await he(r,s,a);if(l.length!==s.length)throw new Error(`Wallet returned ${l.length} signed PSBTs, expected ${s.length}`);const p=s.map((d,g)=>({requestedPsbtHex:d,returnedPsbtHex:l[g]}));return pe(p,o,u)}const ge=1200*1e3,U=new Set([f.DaemonStatus.PENDING_ACKS,f.DaemonStatus.PENDING_ACTIVATION,f.DaemonStatus.ACTIVATED]),fe=new Set([f.DaemonStatus.PENDING_DEPOSITOR_SIGNATURES,...U]);function Pe(e){return e.map(t=>({claimerPubkeyXOnly:c.processPublicKeyToXOnly(t.claimer_pubkey),payoutTxHex:t.payout_tx.tx_hex,assertTxHex:t.assert_tx.tx_hex}))}function ye(e,t){const r=c.stripHexPrefix(e).toLowerCase(),n=c.stripHexPrefix(t.vaultProviderBtcPubkey).toLowerCase(),i=c.stripHexPrefix(t.depositorBtcPubkey).toLowerCase();if(r===n||r===i)return t.registeredPayoutScriptPubKey;if(!t.vaultKeeperBtcPubkeys.some(s=>c.stripHexPrefix(s).toLowerCase()===r))throw new Error(`Unknown claimer pubkey ${r}: not VP, depositor, or a registered vault keeper`);return c.deriveBip86ScriptPubKeyHex(r)}function N(e,t){return{payoutTxHex:e.payoutTxHex,peginTxHex:t.peginTxHex,assertTxHex:e.assertTxHex,vaultProviderBtcPubkey:t.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:t.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:t.universalChallengerBtcPubkeys,depositorBtcPubkey:t.depositorBtcPubkey,timelockPegin:t.timelockPegin,registeredPayoutScriptPubKey:ye(e.claimerPubkeyXOnly,t)}}async function xe(e,t,r,n){const i=new M.PayoutManager({network:t.network,btcWallet:e}),u=r.length;n==null||n(0,u);let s;if(i.supportsBatchSigning())s=(await i.signPayoutTransactionsBatch(r.map(l=>N(l,t)))).map(l=>l.payoutSignature);else{s=[];for(let o=0;o<r.length;o++){n==null||n(o,u);const l=await i.signPayoutTransaction(N(r[o],t));s.push(l.signature)}}const a={};for(let o=0;o<r.length;o++)a[r[o].claimerPubkeyXOnly]={payout_signature:s[o]};return n==null||n(u,u),a}async function be(e){const{statusReader:t,presignClient:r,btcWallet:n,peginTxid:i,depositorPk:u,signingContext:s,timeoutMs:a=ge,signal:o,onProgress:l}=e,p=await R({statusReader:t,peginTxid:i,targetStatuses:fe,timeoutMs:a,signal:o});if(U.has(p))return;o==null||o.throwIfAborted();const d=await r.requestDepositorPresignTransactions({pegin_txid:i,depositor_pk:u},o);o==null||o.throwIfAborted();const g=c.processPublicKeyToXOnly(u),x=d.txs.filter(w=>c.processPublicKeyToXOnly(w.claimer_pubkey)!==g),b=Pe(x),P=await xe(n,s,b,l);o==null||o.throwIfAborted();const y=await L({depositorGraph:d.depositor_graph,btcWallet:n,signingContext:{peginTxHex:s.peginTxHex,depositorBtcPubkey:u,vaultProviderBtcPubkey:s.vaultProviderBtcPubkey,vaultKeeperBtcPubkeys:s.vaultKeeperBtcPubkeys,universalChallengerBtcPubkeys:s.universalChallengerBtcPubkeys,timelockPegin:s.timelockPegin,timelockAssert:s.timelockAssert,councilMembers:s.councilMembers,councilQuorum:s.councilQuorum,network:s.network,registeredPayoutScriptPubKey:s.registeredPayoutScriptPubKey}});o==null||o.throwIfAborted();const v={...P};v[c.stripHexPrefix(u)]=y.payout_signatures,await r.submitDepositorPresignatures({pegin_txid:i,depositor_pk:u,signatures:v,depositor_claimer_presignatures:y},o)}function me(e){return/^[0-9a-fA-F]{64}$/.test(e)}function ve(e){const{amountSats:t,minDeposit:r,maxDeposit:n,btcBalance:i,estimatedFeeSats:u,depositorClaimValue:s}=e;return!(t<=0n||t<r||n&&n>0n&&t>n||u==null||s==null||t+u+s>i)}function we(e,t,r){return e<=0n?{valid:!1,error:"Deposit amount must be greater than zero"}:e<t?{valid:!1,error:`Minimum deposit is ${c.formatSatoshisToBtc(t)} BTC`}:r&&r>0n&&e>r?{valid:!1,error:`Maximum deposit is ${c.formatSatoshisToBtc(r)} BTC`}:{valid:!0}}function Te(e){const{amount:t,effectiveRemaining:r}=e;return r===null?{valid:!0}:r===0n?{valid:!1,error:"Supply cap reached — deposits temporarily paused"}:t>r?{valid:!1,error:`Vault size exceeds remaining capacity (${c.formatSatoshisToBtc(r)} BTC)`}:{valid:!0}}function Ee(e,t){if(!e||e.length===0)return{valid:!1,error:"At least one vault provider must be selected"};const r=t.map(i=>i.toLowerCase());return e.filter(i=>!r.includes(i.toLowerCase())).length>0?{valid:!1,error:"Invalid vault provider selected"}:{valid:!0}}function F(e,t,r){if(!e||e.length===0)return{valid:!1,error:"At least one vault amount required"};for(let n=0;n<e.length;n++){const i=e[n];if(i<=0n)return{valid:!1,error:`Vault ${n+1} amount must be positive`};if(t&&i<t)return{valid:!1,error:`Vault ${n+1} amount ${c.formatSatoshisToBtc(i)} BTC is below minimum deposit ${c.formatSatoshisToBtc(t)} BTC`};if(r&&i>r)return{valid:!1,error:`Vault ${n+1} amount ${c.formatSatoshisToBtc(i)} BTC exceeds maximum deposit ${c.formatSatoshisToBtc(r)} BTC`}}return{valid:!0}}function X(e){const t=c.stripHexPrefix(e);return me(t)?{valid:!0}:{valid:!1,error:"Invalid pubkey format: must be 64 hex characters (32-byte x-only public key, no 0x prefix)"}}function ke(e){if(!e||e.length===0)throw new Error("No vault keepers available. The system requires at least one vault keeper to create a deposit.")}function Se(e){if(!e||e.length===0)throw new Error("No universal challengers available. The system requires at least one universal challenger to create a deposit.")}function _e(e){if(e.length===0)throw new Error("No spendable UTXOs available")}function Ce(e){const{vaultAmounts:t,confirmedUTXOs:r,vaultProviderBtcPubkey:n,vaultKeeperBtcPubkeys:i,universalChallengerBtcPubkeys:u,minDeposit:s,maxDeposit:a}=e,o=F(t,s,a);if(!o.valid)throw new Error(o.error);const l=X(n);if(!l.valid)throw new Error(l.error);ke(i),Se(u),_e(r)}async function Be(e){const{vaultRegistryReader:t,vaultKeeperReader:r,universalChallengerReader:n,vaultProviderEthAddress:i,applicationEntryPoint:u,expectedVaultProviderBtcPubkey:s,expectedVaultKeeperBtcPubkeys:a,expectedUniversalChallengerBtcPubkeys:o}=e,[l,p,d]=await Promise.all([t.getVaultProviderBtcPubKey(i),r.getCurrentVaultKeepersVersion(u),n.getLatestUniversalChallengersVersion()]),[g,x]=await Promise.all([r.getVaultKeepersByVersion(u,p),n.getUniversalChallengersByVersion(d)]),b=h=>c.processPublicKeyToXOnly(h).toLowerCase(),P=h=>h.map(b).sort();if(b(s)!==l)throw new Error(`Vault provider BTC pubkey indexer hint does not match BTCVaultRegistry for ${i}. Refresh and try again.`);const v=P(a),w=P(g.map(h=>h.btcPubKey));if(v.length!==w.length||v.some((h,k)=>h!==w[k]))throw new Error(`Vault keeper BTC pubkeys (v${p}) indexer set does not match ApplicationRegistry on-chain set. Refresh and try again.`);const O=P(o),E=P(x.map(h=>h.btcPubKey));if(O.length!==E.length||O.some((h,k)=>h!==E[k]))throw new Error(`Universal challenger BTC pubkeys (v${d}) indexer set does not match ProtocolParams on-chain set. Refresh and try again.`);return{vaultProviderBtcPubkeyXOnly:l,vaultKeeperBtcPubkeysSorted:w,universalChallengerBtcPubkeysSorted:E,expectedAppVaultKeepersVersion:p,expectedUniversalChallengersVersion:d}}class $ extends Error{constructor(t){super(t),this.name="RegisteredVaultVersionMismatchError"}}function Ae(e){return e instanceof $||e instanceof Error&&e.name==="RegisteredVaultVersionMismatchError"}async function Ve(e){const{vaultRegistryReader:t,vaultIds:r,expectedOffchainParamsVersion:n,expectedAppVaultKeepersVersion:i,expectedUniversalChallengersVersion:u}=e,s=await t.getProtocolInfoBatch(r),a=[];if(s.forEach((o,l)=>{const p=r[l];o.offchainParamsVersion!==n&&a.push(`vault ${p}: offchainParams expected v${n}, got v${o.offchainParamsVersion}`),o.appVaultKeepersVersion!==i&&a.push(`vault ${p}: appVaultKeepers expected v${i}, got v${o.appVaultKeepersVersion}`),o.universalChallengersVersion!==u&&a.push(`vault ${p}: universalChallengers expected v${u}, got v${o.universalChallengersVersion}`)}),a.length>0)throw new $(`Aborting BTC broadcast: signer-set or offchain-params versions changed during registration (${a.join("; ")}). The Pre-PegIn was not broadcast; the registered ETH vault will time out per protocol rules.`)}var H=(e=>(e.CLAIM_EVENT_RECEIVED="ClaimEventReceived",e.CLAIM_BROADCAST="ClaimBroadcast",e.ASSERT_BROADCAST="AssertBroadcast",e.CHALLENGE_ASSERT_OBSERVED="ChallengeAssertObserved",e.WRONGLY_CHALLENGED_BROADCAST="WronglyChallengedBroadcast",e.PAYOUT_BROADCAST="PayoutBroadcast",e.FAILED="Failed",e))(H||{});const Re=new Set(["PayoutBroadcast","Failed"]);function $e(e){return Object.values(H).includes(e)}function He(e){return!!e&&Re.has(e)}class z extends Error{constructor(r,n){super(`Refund not yet mature (BIP68 not final): ${n.message}`);S(this,"vaultId");S(this,"cause");this.name="BIP68NotMatureError",this.vaultId=r,this.cause=n}}const Ie=/^0x[0-9a-fA-F]{64}$/,Oe=/^(?:0x)?(?:[0-9a-fA-F]{2})+$/,q=/^(?:0x)?(?:[0-9a-fA-F]{64}|[0-9a-fA-F]{66})$/,I=160;function Ke(e){if(!Number.isFinite(e)||e<=0)throw new Error(`feeRateSatsVb must be a positive finite number, got ${e}`);return BigInt(Math.ceil(e*I))}const Ne=1,D=65535,De=/non-BIP68-final/i;function G(e,t){if(e.length!==66)throw new Error(`${t} must be 32 bytes (66 hex chars with 0x prefix), got length ${e.length}`);if(!Ie.test(e))throw new Error(`${t} must contain only hex characters after the 0x prefix`)}function B(e,t){if(!Number.isInteger(e)||e<0)throw new Error(`${t} must be a non-negative integer, got ${e}`)}function Me(e){if(G(e.hashlock,"hashlock"),!Number.isInteger(e.htlcVout)||e.htlcVout<0||e.htlcVout>D)throw new Error(`htlcVout must be an integer 0-${D}, got ${e.htlcVout}`);if(B(e.offchainParamsVersion,"offchainParamsVersion"),B(e.appVaultKeepersVersion,"appVaultKeepersVersion"),B(e.universalChallengersVersion,"universalChallengersVersion"),typeof e.unsignedPrePeginTxHex!="string"||e.unsignedPrePeginTxHex.length===0)throw new Error("unsignedPrePeginTxHex must be a non-empty hex string");if(!Oe.test(e.unsignedPrePeginTxHex))throw new Error("unsignedPrePeginTxHex must be a hex byte string (optional 0x prefix, even length)");if(!e.depositorBtcPubkey||!q.test(e.depositorBtcPubkey))throw new Error("depositorBtcPubkey must be 32 or 33 bytes of hex (optional 0x prefix)");if(typeof e.amount!="bigint"||e.amount<=0n)throw new Error(`amount must be a positive bigint, got ${e.amount}`)}function Le(e){if(!e.vaultProviderPubkey||!q.test(e.vaultProviderPubkey))throw new Error("vaultProviderPubkey must be 32 or 33 bytes of hex");if(e.vaultKeeperPubkeys.length===0)throw new Error("vaultKeeperPubkeys must be non-empty");if(e.universalChallengerPubkeys.length===0)throw new Error("universalChallengerPubkeys must be non-empty");if(!Number.isInteger(e.timelockRefund)||e.timelockRefund<=0)throw new Error(`timelockRefund must be a positive integer, got ${e.timelockRefund}`);if(typeof e.feeRate!="bigint"||e.feeRate<=0n)throw new Error(`protocol feeRate must be a positive bigint, got ${e.feeRate}`);if(!Number.isInteger(e.numLocalChallengers)||e.numLocalChallengers<0)throw new Error("numLocalChallengers must be a non-negative integer");if(!Number.isInteger(e.councilQuorum)||!Number.isInteger(e.councilSize)||e.councilQuorum<=0||e.councilSize<=0||e.councilQuorum>e.councilSize)throw new Error(`councilQuorum (${e.councilQuorum}) must be in [1, councilSize=${e.councilSize}]`)}function Ue(e){const t=T.Psbt.fromHex(e);try{t.finalizeAllInputs()}catch(r){const n=r instanceof Error?r.message:String(r);if(!n.includes("already finalized"))throw new Error(`Failed to finalize refund PSBT: ${n}`)}return t.extractTransaction().toHex()}async function Fe(e){const{vaultId:t,readVault:r,readPrePeginContext:n,feeRate:i,signPsbt:u,broadcastTx:s,signal:a}=e;a==null||a.throwIfAborted(),G(t,"vaultId");const o=await r();Me(o),a==null||a.throwIfAborted();const l=await n(o);if(Le(l),a==null||a.throwIfAborted(),!Number.isFinite(i)||i<=0)throw new Error(`feeRate must be a positive number, got ${i}`);const p=BigInt(Math.ceil(i*I));a==null||a.throwIfAborted();const d=c.processPublicKeyToXOnly(o.depositorBtcPubkey),{psbtHex:g}=await A.buildRefundPsbt({prePeginParams:{depositorPubkey:d,vaultProviderPubkey:c.stripHexPrefix(l.vaultProviderPubkey),vaultKeeperPubkeys:l.vaultKeeperPubkeys.map(c.stripHexPrefix),universalChallengerPubkeys:l.universalChallengerPubkeys.map(c.stripHexPrefix),hashlocks:[c.stripHexPrefix(o.hashlock)],timelockRefund:l.timelockRefund,pegInAmounts:[o.amount],feeRate:l.feeRate,numLocalChallengers:l.numLocalChallengers,councilQuorum:l.councilQuorum,councilSize:l.councilSize,network:l.network},fundedPrePeginTxHex:c.stripHexPrefix(o.unsignedPrePeginTxHex),htlcVout:o.htlcVout,refundFee:p,hashlock:c.stripHexPrefix(o.hashlock)});a==null||a.throwIfAborted();const x=V.createTaprootScriptPathSignOptions(o.depositorBtcPubkey,Ne),b=await u(g,x);m.assertPsbtUnsignedTxMatches({requestedPsbtHex:g,returnedPsbtHex:b});const P=Ue(b);a==null||a.throwIfAborted();try{return await s(P)}catch(y){throw y instanceof Error&&De.test(y.message)?new z(t,y):y}}exports.BIP68NotMatureError=z;exports.ClaimerPegoutStatusValue=H;exports.REFUND_VSIZE=I;exports.RegisteredVaultVersionMismatchError=$;exports.activateVault=re;exports.buildAndBroadcastRefund=Fe;exports.estimateRefundFeeSats=Ke;exports.isDepositAmountValid=ve;exports.isPegoutTerminalStatus=He;exports.isRecognizedPegoutStatus=$e;exports.isRegisteredVaultVersionMismatchError=Ae;exports.runDepositorPresignFlow=be;exports.signDepositorGraph=L;exports.submitWotsPublicKey=se;exports.validateDepositAmount=we;exports.validateMultiVaultDepositInputs=Ce;exports.validateOnChainParticipantKeys=Be;exports.validateProviderSelection=Ee;exports.validateRemainingCapacity=Te;exports.validateVaultAmounts=F;exports.validateVaultProviderPubkey=X;exports.verifyRegisteredVaultVersions=Ve;exports.waitForPeginStatus=R;
-//# sourceMappingURL=buildAndBroadcastRefund-DyPQyghx.cjs.map