@babylonlabs-io/ts-sdk 0.37.3 → 0.38.1

package/dist/PayoutManager-Cf51DBcu.js

@@ -1,208 +0,0 @@
-var f = Object.defineProperty;
-var w = (e, t, s) => t in e ? f(e, t, { enumerable: !0, configurable: !0, writable: !0, value: s }) : e[t] = s;
-var P = (e, t, s) => w(e, typeof t != "symbol" ? t + "" : t, s);
-import { s as H } from "./sha2-BYVxyZzX.js";
-import { c as b } from "./signing-DaLvGwQe.js";
-import "@babylonlabs-io/babylon-tbv-rust-wasm";
-import { b as y, c as p, e as h, a as B } from "./assertPsbtUnsignedTxMatches-Dry5dTfl.js";
-import { v as x } from "./bitcoin-B5aNKtsk.js";
-const d = 66;
-function k(e) {
-  if (!e.startsWith("0x") && !e.startsWith("0X"))
-    throw new Error("Expected 0x-prefixed hex string");
-  const t = e.slice(2);
-  if (t.length % 2 !== 0)
-    throw new Error(`Hex string has odd length: ${t.length}`);
-  if (!/^[0-9a-fA-F]*$/.test(t))
-    throw new Error("Hex string contains non-hex characters");
-  const s = new Uint8Array(t.length / 2);
-  for (let n = 0; n < s.length; n++)
-    s[n] = parseInt(t.slice(n * 2, n * 2 + 2), 16);
-  return s;
-}
-function v(e) {
-  return `0x${Array.from(e).map((t) => t.toString(16).padStart(2, "0")).join("")}`;
-}
-function l(e, t) {
-  if (e.length !== d)
-    throw new Error(
-      `${t} must be exactly 32 bytes (${d} hex chars with 0x prefix), got ${e.length}`
-    );
-}
-function T(e) {
-  l(e, "Secret");
-  const t = k(e), s = H(t);
-  return v(s);
-}
-function C(e, t) {
-  return l(e, "Secret"), l(t, "Hashlock"), k(t), T(e).toLowerCase() === t.toLowerCase();
-}
-class O {
-  /**
-   * Creates a new PayoutManager instance.
-   *
-   * @param config - Manager configuration including wallet
-   */
-  constructor(t) {
-    P(this, "config");
-    this.config = t;
-  }
-  /**
-   * Signs a Payout transaction and extracts the Schnorr signature.
-   *
-   * Flow:
-   * 1. Vault provider submits Claim transaction
-   * 2. Claimer submits Assert transaction to prove validity
-   * 3. Payout can be executed (references Assert tx)
-   *
-   * This method orchestrates the following steps:
-   * 1. Get wallet's public key and convert to x-only format
-   * 2. Validate wallet pubkey matches on-chain depositor pubkey (if provided)
-   * 3. Build unsigned PSBT using primitives
-   * 4. Sign PSBT via btcWallet.signPsbt()
-   * 5. Extract 64-byte Schnorr signature using primitives
-   *
-   * The returned signature can be submitted to the vault provider API.
-   *
-   * @param params - Payout signing parameters
-   * @returns Signature result with 64-byte Schnorr signature and depositor pubkey
-   * @throws Error if wallet pubkey doesn't match depositor pubkey
-   * @throws Error if wallet operations fail or signature extraction fails
-   */
-  async signPayoutTransaction(t) {
-    this.validatePayoutOutputs(
-      t.payoutTxHex,
-      t.registeredPayoutScriptPubKey
-    );
-    const s = await this.config.btcWallet.getPublicKeyHex(), { depositorPubkey: n } = x(
-      s,
-      t.depositorBtcPubkey
-    ), r = await y({
-      payoutTxHex: t.payoutTxHex,
-      peginTxHex: t.peginTxHex,
-      assertTxHex: t.assertTxHex,
-      depositorBtcPubkey: n,
-      vaultProviderBtcPubkey: t.vaultProviderBtcPubkey,
-      vaultKeeperBtcPubkeys: t.vaultKeeperBtcPubkeys,
-      universalChallengerBtcPubkeys: t.universalChallengerBtcPubkeys,
-      timelockPegin: t.timelockPegin,
-      network: this.config.network
-    }), i = await this.config.btcWallet.signPsbt(
-      r.psbtHex,
-      b(s, 1)
-    );
-    return p({
-      requestedPsbtHex: r.psbtHex,
-      returnedPsbtHex: i
-    }), {
-      signature: h(i, n),
-      depositorBtcPubkey: n
-    };
-  }
-  /**
-   * Gets the configured Bitcoin network.
-   *
-   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)
-   */
-  getNetwork() {
-    return this.config.network;
-  }
-  /**
-   * Checks if the wallet supports batch signing (signPsbts).
-   *
-   * @returns true if batch signing is supported
-   */
-  supportsBatchSigning() {
-    return typeof this.config.btcWallet.signPsbts == "function";
-  }
-  /**
-   * Batch signs multiple payout transactions (1 per claimer).
-   * This allows signing all transactions with a single wallet interaction.
-   *
-   * @param transactions - Array of payout params to sign
-   * @returns Array of signature results matching input order
-   * @throws Error if wallet doesn't support batch signing
-   * @throws Error if any signing operation fails
-   */
-  async signPayoutTransactionsBatch(t) {
-    if (!this.supportsBatchSigning())
-      throw new Error(
-        "Wallet does not support batch signing (signPsbts method not available)"
-      );
-    const s = await this.config.btcWallet.getPublicKeyHex(), n = [], r = [], i = [];
-    for (const o of t) {
-      this.validatePayoutOutputs(
-        o.payoutTxHex,
-        o.registeredPayoutScriptPubKey
-      );
-      const { depositorPubkey: u } = x(
-        s,
-        o.depositorBtcPubkey
-      );
-      i.push(u);
-      const c = await y({
-        payoutTxHex: o.payoutTxHex,
-        peginTxHex: o.peginTxHex,
-        assertTxHex: o.assertTxHex,
-        depositorBtcPubkey: u,
-        vaultProviderBtcPubkey: o.vaultProviderBtcPubkey,
-        vaultKeeperBtcPubkeys: o.vaultKeeperBtcPubkeys,
-        universalChallengerBtcPubkeys: o.universalChallengerBtcPubkeys,
-        timelockPegin: o.timelockPegin,
-        network: this.config.network
-      });
-      n.push(c.psbtHex), r.push(b(s, 1));
-    }
-    const a = await this.config.btcWallet.signPsbts(
-      n,
-      r
-    );
-    if (a.length !== t.length)
-      throw new Error(
-        `Expected ${t.length} signed PSBTs but received ${a.length}`
-      );
-    const g = [];
-    for (let o = 0; o < t.length; o++) {
-      const u = i[o];
-      p({
-        requestedPsbtHex: n[o],
-        returnedPsbtHex: a[o]
-      });
-      const c = h(
-        a[o],
-        u
-      );
-      g.push({
-        payoutSignature: c,
-        depositorBtcPubkey: u
-      });
-    }
-    return g;
-  }
-  /**
-   * Validates that the payout transaction's largest output pays to the
-   * registered depositor payout address (scriptPubKey).
-   *
-   * This prevents two attack vectors from a malicious vault provider:
-   * 1. Substituting a completely different payout address
-   * 2. Including a dust output to the correct address while routing
-   *    the actual funds to an attacker-controlled address
-   *
-   * @param payoutTxHex - Raw payout transaction hex
-   * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)
-   * @throws Error if scriptPubKey is invalid hex
-   * @throws Error if the largest output does not pay to the registered address
-   */
-  validatePayoutOutputs(t, s) {
-    B(
-      t,
-      s
-    );
-  }
-}
-export {
-  O as P,
-  T as c,
-  C as v
-};
-//# sourceMappingURL=PayoutManager-Cf51DBcu.js.map

package/dist/PayoutManager-Cf51DBcu.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"PayoutManager-Cf51DBcu.js","sources":["../src/tbv/core/services/htlc/index.ts","../src/tbv/core/managers/PayoutManager.ts"],"sourcesContent":["/**\n * HTLC Secret / Hashlock Utilities\n *\n * Pure functions for computing and validating SHA-256 hashlocks used in the\n * vault deposit protocol's HTLC (Hash Time Lock Contract).\n *\n * The SDK does NOT generate secrets — that is the caller's responsibility.\n * Today callers use `crypto.getRandomValues(32)`; when the `deriveContextHash`\n * wallet API ships, callers will use `wallet.deriveContextHash(\"babylon-btc-vault\", ctx)`.\n * These utilities work identically regardless of how the secret was produced.\n *\n * On-chain contract validation (BTCVaultRegistry.activateVaultWithSecret):\n *   if (sha256(abi.encodePacked(s)) != hashlock) revert InvalidSecret();\n *\n * @module htlc\n */\n\nimport { sha256 } from \"@noble/hashes/sha2.js\";\nimport type { Hex } from \"viem\";\n\n/** Expected hex length for a 0x-prefixed bytes32 value. */\nconst HEX_BYTES32_LENGTH = 66; // \"0x\" + 64 hex chars\n\n/**\n * Decode a 0x-prefixed hex string to bytes, with strict validation.\n * @throws if the input is not a valid 0x-prefixed hex string\n */\nfunction hexToBytes(hex: Hex): Uint8Array {\n  if (!hex.startsWith(\"0x\") && !hex.startsWith(\"0X\")) {\n    throw new Error(\"Expected 0x-prefixed hex string\");\n  }\n  const clean = hex.slice(2);\n  if (clean.length % 2 !== 0) {\n    throw new Error(`Hex string has odd length: ${clean.length}`);\n  }\n  if (!/^[0-9a-fA-F]*$/.test(clean)) {\n    throw new Error(\"Hex string contains non-hex characters\");\n  }\n  const bytes = new Uint8Array(clean.length / 2);\n  for (let i = 0; i < bytes.length; i++) {\n    bytes[i] = parseInt(clean.slice(i * 2, i * 2 + 2), 16);\n  }\n  return bytes;\n}\n\n/**\n * Encode a Uint8Array as a 0x-prefixed lowercase hex string.\n */\nfunction bytesToHex(bytes: Uint8Array): Hex {\n  return `0x${Array.from(bytes)\n    .map((b) => b.toString(16).padStart(2, \"0\"))\n    .join(\"\")}`;\n}\n\n/**\n * Validate that a value is a 0x-prefixed bytes32 (exactly 32 bytes).\n * @throws if the value is not exactly 32 bytes\n */\nfunction assertBytes32(value: Hex, label: string): void {\n  if (value.length !== HEX_BYTES32_LENGTH) {\n    throw new Error(\n      `${label} must be exactly 32 bytes (${HEX_BYTES32_LENGTH} hex chars with 0x prefix), got ${value.length}`,\n    );\n  }\n}\n\n/**\n * Compute the SHA-256 hashlock from a secret preimage.\n *\n * Matches the on-chain validation: `sha256(abi.encodePacked(s))` where `s` is a `bytes32`.\n * `abi.encodePacked(bytes32)` is just the raw 32 bytes — no ABI padding.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @returns 0x-prefixed bytes32 SHA-256 hash\n * @throws if secret is not exactly 32 bytes\n */\nexport function computeHashlock(secret: Hex): Hex {\n  assertBytes32(secret, \"Secret\");\n  const secretBytes = hexToBytes(secret);\n  const hash = sha256(secretBytes);\n  return bytesToHex(hash);\n}\n\n/**\n * Validate that a secret's SHA-256 hash matches the expected hashlock.\n *\n * Use this for client-side pre-validation before sending the activation\n * transaction to avoid wasting gas on a contract revert.\n *\n * @param secret - 0x-prefixed bytes32 secret (66 hex chars)\n * @param hashlock - 0x-prefixed bytes32 expected hashlock from the vault\n * @returns true if SHA-256(secret) matches the hashlock\n * @throws if secret or hashlock is not exactly 32 bytes\n */\nexport function validateSecretAgainstHashlock(\n  secret: Hex,\n  hashlock: Hex,\n): boolean {\n  assertBytes32(secret, \"Secret\");\n  assertBytes32(hashlock, \"Hashlock\");\n  // Validate hashlock is valid hex (secret is validated inside computeHashlock)\n  hexToBytes(hashlock);\n\n  const computed = computeHashlock(secret);\n  return computed.toLowerCase() === hashlock.toLowerCase();\n}\n","/**\n * Payout Manager\n *\n * High-level manager that orchestrates the payout signing flow by coordinating\n * SDK primitives ({@link buildPayoutPsbt}, {@link extractPayoutSignature})\n * with a user-provided Bitcoin wallet.\n *\n * The Payout transaction references the Assert transaction (input 1).\n *\n * @see {@link PeginManager} - For Steps 1–4 of the peg-in flow\n * @see {@link buildPayoutPsbt} - Lower-level primitive for custom implementations\n * @see {@link extractPayoutSignature} - Extract signatures from signed PSBTs\n *\n * @module managers/PayoutManager\n */\n\nimport type {\n  BitcoinWallet,\n  SignPsbtOptions,\n} from \"../../../shared/wallets\";\nimport { createTaprootScriptPathSignOptions } from \"../utils/signing\";\nimport {\n  assertPayoutOutputMatchesRegistered,\n  assertPsbtUnsignedTxMatches,\n  buildPayoutPsbt,\n  extractPayoutSignature,\n  validateWalletPubkey,\n  type Network,\n} from \"../primitives\";\n\n/**\n * Configuration for the PayoutManager.\n */\nexport interface PayoutManagerConfig {\n  /**\n   * Bitcoin network to use for transactions.\n   */\n  network: Network;\n\n  /**\n   * Bitcoin wallet for signing payout transactions.\n   */\n  btcWallet: BitcoinWallet;\n}\n\n/**\n * Base parameters shared by both payout transaction types.\n */\ninterface SignPayoutBaseParams {\n  /**\n   * Peg-in transaction hex.\n   * The original transaction that created the vault output being spent.\n   */\n  peginTxHex: string;\n\n  /**\n   * Vault provider's BTC public key (x-only, 64-char hex).\n   */\n  vaultProviderBtcPubkey: string;\n\n  /**\n   * Vault keeper BTC public keys (x-only, 64-char hex).\n   */\n  vaultKeeperBtcPubkeys: string[];\n\n  /**\n   * Universal challenger BTC public keys (x-only, 64-char hex).\n   */\n  universalChallengerBtcPubkeys: string[];\n\n  /**\n   * CSV timelock in blocks for the PegIn output.\n   */\n  timelockPegin: number;\n\n  /**\n   * Depositor's BTC public key (x-only, 64-char hex). This MUST be the\n   * key registered on-chain for the vault — typically read from\n   * `BTCVaultRegistry.getBtcVaultBasicInfo(...).depositorBtcPubKey`.\n   *\n   * Required: omitting it would degrade `validateWalletPubkey` to a\n   * self-comparison, allowing the wrong wallet to produce a signature\n   * over a script tree that doesn't match the on-chain UTXO.\n   */\n  depositorBtcPubkey: string;\n\n  /**\n   * The on-chain registered depositor payout scriptPubKey (hex, with or without 0x prefix).\n   * Used to validate that the VP-provided payout transaction actually pays to the\n   * correct depositor payout address before signing.\n   */\n  registeredPayoutScriptPubKey: string;\n}\n\n/**\n * Parameters for signing a Payout transaction.\n *\n * Payout is used in the challenge path after Assert, when the claimer proves validity.\n * Input 1 references the Assert transaction.\n */\nexport interface SignPayoutParams extends SignPayoutBaseParams {\n  /**\n   * Payout transaction hex (unsigned).\n   * This is the transaction from the vault provider that needs depositor signature.\n   */\n  payoutTxHex: string;\n\n  /**\n   * Assert transaction hex.\n   * Payout input 1 references Assert output 0.\n   */\n  assertTxHex: string;\n}\n\n/**\n * Result of signing a payout transaction.\n */\nexport interface PayoutSignatureResult {\n  /**\n   * 64-byte Schnorr signature (128 hex characters).\n   */\n  signature: string;\n\n  /**\n   * Depositor's BTC public key used for signing.\n   */\n  depositorBtcPubkey: string;\n}\n\n/**\n * High-level manager for payout transaction signing.\n *\n * @remarks\n * After registering your peg-in on Ethereum (Step 3), the vault provider prepares\n * claim/payout transaction pairs. You must sign each payout transaction using this\n * manager and submit the signatures to the vault provider's RPC API.\n *\n * **What happens internally:**\n * 1. Validates your wallet's public key matches the vault's depositor\n * 2. Builds an unsigned PSBT with taproot script path spend info\n * 3. Signs input 0 (the vault UTXO) with your wallet\n * 4. Extracts the 64-byte Schnorr signature\n *\n * **Note:** The payout transaction has 2 inputs. PayoutManager only signs input 0\n * (from the peg-in tx). Input 1 (from the assert tx) is signed by the vault provider.\n *\n * @see {@link PeginManager} - For the complete peg-in flow context\n * @see {@link buildPayoutPsbt} - Lower-level primitive used internally\n * @see {@link extractPayoutSignature} - Signature extraction primitive\n */\nexport class PayoutManager {\n  private readonly config: PayoutManagerConfig;\n\n  /**\n   * Creates a new PayoutManager instance.\n   *\n   * @param config - Manager configuration including wallet\n   */\n  constructor(config: PayoutManagerConfig) {\n    this.config = config;\n  }\n\n  /**\n   * Signs a Payout transaction and extracts the Schnorr signature.\n   *\n   * Flow:\n   * 1. Vault provider submits Claim transaction\n   * 2. Claimer submits Assert transaction to prove validity\n   * 3. Payout can be executed (references Assert tx)\n   *\n   * This method orchestrates the following steps:\n   * 1. Get wallet's public key and convert to x-only format\n   * 2. Validate wallet pubkey matches on-chain depositor pubkey (if provided)\n   * 3. Build unsigned PSBT using primitives\n   * 4. Sign PSBT via btcWallet.signPsbt()\n   * 5. Extract 64-byte Schnorr signature using primitives\n   *\n   * The returned signature can be submitted to the vault provider API.\n   *\n   * @param params - Payout signing parameters\n   * @returns Signature result with 64-byte Schnorr signature and depositor pubkey\n   * @throws Error if wallet pubkey doesn't match depositor pubkey\n   * @throws Error if wallet operations fail or signature extraction fails\n   */\n  async signPayoutTransaction(\n    params: SignPayoutParams,\n  ): Promise<PayoutSignatureResult> {\n    // Validate payout TX outputs pay to the registered depositor payout address\n    this.validatePayoutOutputs(\n      params.payoutTxHex,\n      params.registeredPayoutScriptPubKey,\n    );\n\n    // Validate wallet pubkey matches depositor and get both formats\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n    const { depositorPubkey } = validateWalletPubkey(\n      walletPubkeyRaw,\n      params.depositorBtcPubkey,\n    );\n\n    // Build unsigned PSBT for Payout (uses Assert tx)\n    const payoutPsbt = await buildPayoutPsbt({\n      payoutTxHex: params.payoutTxHex,\n      peginTxHex: params.peginTxHex,\n      assertTxHex: params.assertTxHex,\n      depositorBtcPubkey: depositorPubkey,\n      vaultProviderBtcPubkey: params.vaultProviderBtcPubkey,\n      vaultKeeperBtcPubkeys: params.vaultKeeperBtcPubkeys,\n      universalChallengerBtcPubkeys: params.universalChallengerBtcPubkeys,\n      timelockPegin: params.timelockPegin,\n      network: this.config.network,\n    });\n\n    // Sign PSBT via wallet (Taproot script-path spend, input 0 only)\n    const signedPsbtHex = await this.config.btcWallet.signPsbt(\n      payoutPsbt.psbtHex,\n      createTaprootScriptPathSignOptions(walletPubkeyRaw, 1),\n    );\n\n    assertPsbtUnsignedTxMatches({\n      requestedPsbtHex: payoutPsbt.psbtHex,\n      returnedPsbtHex: signedPsbtHex,\n    });\n\n    // Extract Schnorr signature\n    const signature = extractPayoutSignature(signedPsbtHex, depositorPubkey);\n\n    return {\n      signature,\n      depositorBtcPubkey: depositorPubkey,\n    };\n  }\n\n  /**\n   * Gets the configured Bitcoin network.\n   *\n   * @returns The Bitcoin network (mainnet, testnet, signet, regtest)\n   */\n  getNetwork(): Network {\n    return this.config.network;\n  }\n\n  /**\n   * Checks if the wallet supports batch signing (signPsbts).\n   *\n   * @returns true if batch signing is supported\n   */\n  supportsBatchSigning(): boolean {\n    return typeof this.config.btcWallet.signPsbts === \"function\";\n  }\n\n  /**\n   * Batch signs multiple payout transactions (1 per claimer).\n   * This allows signing all transactions with a single wallet interaction.\n   *\n   * @param transactions - Array of payout params to sign\n   * @returns Array of signature results matching input order\n   * @throws Error if wallet doesn't support batch signing\n   * @throws Error if any signing operation fails\n   */\n  async signPayoutTransactionsBatch(\n    transactions: SignPayoutParams[],\n  ): Promise<\n    Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }>\n  > {\n    if (!this.supportsBatchSigning()) {\n      throw new Error(\n        \"Wallet does not support batch signing (signPsbts method not available)\",\n      );\n    }\n\n    // Get wallet pubkey once\n    const walletPubkeyRaw = await this.config.btcWallet.getPublicKeyHex();\n\n    // Build all PSBTs (1 per claimer)\n    const psbtsToSign: string[] = [];\n    const signOptions: SignPsbtOptions[] = [];\n    const depositorPubkeys: string[] = [];\n\n    for (const tx of transactions) {\n      // Validate payout TX outputs pay to the registered depositor payout address\n      this.validatePayoutOutputs(\n        tx.payoutTxHex,\n        tx.registeredPayoutScriptPubKey,\n      );\n\n      // Validate wallet pubkey matches depositor\n      const { depositorPubkey } = validateWalletPubkey(\n        walletPubkeyRaw,\n        tx.depositorBtcPubkey,\n      );\n      depositorPubkeys.push(depositorPubkey);\n\n      // Build Payout PSBT\n      const payoutPsbt = await buildPayoutPsbt({\n        payoutTxHex: tx.payoutTxHex,\n        peginTxHex: tx.peginTxHex,\n        assertTxHex: tx.assertTxHex,\n        depositorBtcPubkey: depositorPubkey,\n        vaultProviderBtcPubkey: tx.vaultProviderBtcPubkey,\n        vaultKeeperBtcPubkeys: tx.vaultKeeperBtcPubkeys,\n        universalChallengerBtcPubkeys: tx.universalChallengerBtcPubkeys,\n        timelockPegin: tx.timelockPegin,\n        network: this.config.network,\n      });\n      psbtsToSign.push(payoutPsbt.psbtHex);\n      signOptions.push(createTaprootScriptPathSignOptions(walletPubkeyRaw, 1));\n    }\n\n    // Batch sign all PSBTs with single wallet interaction\n    const signedPsbts = await this.config.btcWallet.signPsbts!(\n      psbtsToSign,\n      signOptions,\n    );\n\n    // Validate that wallet returned the expected number of signed PSBTs\n    if (signedPsbts.length !== transactions.length) {\n      throw new Error(\n        `Expected ${transactions.length} signed PSBTs but received ${signedPsbts.length}`,\n      );\n    }\n\n    // Extract signatures from signed PSBTs\n    const results: Array<{\n      payoutSignature: string;\n      depositorBtcPubkey: string;\n    }> = [];\n\n    for (let i = 0; i < transactions.length; i++) {\n      const depositorPubkey = depositorPubkeys[i];\n      assertPsbtUnsignedTxMatches({\n        requestedPsbtHex: psbtsToSign[i],\n        returnedPsbtHex: signedPsbts[i],\n      });\n      const payoutSignature = extractPayoutSignature(\n        signedPsbts[i],\n        depositorPubkey,\n      );\n\n      results.push({\n        payoutSignature,\n        depositorBtcPubkey: depositorPubkey,\n      });\n    }\n\n    return results;\n  }\n\n  /**\n   * Validates that the payout transaction's largest output pays to the\n   * registered depositor payout address (scriptPubKey).\n   *\n   * This prevents two attack vectors from a malicious vault provider:\n   * 1. Substituting a completely different payout address\n   * 2. Including a dust output to the correct address while routing\n   *    the actual funds to an attacker-controlled address\n   *\n   * @param payoutTxHex - Raw payout transaction hex\n   * @param registeredPayoutScriptPubKey - On-chain registered scriptPubKey (hex, with or without 0x prefix)\n   * @throws Error if scriptPubKey is invalid hex\n   * @throws Error if the largest output does not pay to the registered address\n   */\n  private validatePayoutOutputs(\n    payoutTxHex: string,\n    registeredPayoutScriptPubKey: string,\n  ): void {\n    assertPayoutOutputMatchesRegistered(\n      payoutTxHex,\n      registeredPayoutScriptPubKey,\n    );\n  }\n}\n"],"names":["HEX_BYTES32_LENGTH","hexToBytes","hex","clean","bytes","i","bytesToHex","b","assertBytes32","value","label","computeHashlock","secret","secretBytes","hash","sha256","validateSecretAgainstHashlock","hashlock","PayoutManager","config","__publicField","params","walletPubkeyRaw","depositorPubkey","validateWalletPubkey","payoutPsbt","buildPayoutPsbt","signedPsbtHex","createTaprootScriptPathSignOptions","assertPsbtUnsignedTxMatches","extractPayoutSignature","transactions","psbtsToSign","signOptions","depositorPubkeys","tx","signedPsbts","results","payoutSignature","payoutTxHex","registeredPayoutScriptPubKey","assertPayoutOutputMatchesRegistered"],"mappings":";;;;;;;;AAqBA,MAAMA,IAAqB;AAM3B,SAASC,EAAWC,GAAsB;AACxC,MAAI,CAACA,EAAI,WAAW,IAAI,KAAK,CAACA,EAAI,WAAW,IAAI;AAC/C,UAAM,IAAI,MAAM,iCAAiC;AAEnD,QAAMC,IAAQD,EAAI,MAAM,CAAC;AACzB,MAAIC,EAAM,SAAS,MAAM;AACvB,UAAM,IAAI,MAAM,8BAA8BA,EAAM,MAAM,EAAE;AAE9D,MAAI,CAAC,iBAAiB,KAAKA,CAAK;AAC9B,UAAM,IAAI,MAAM,wCAAwC;AAE1D,QAAMC,IAAQ,IAAI,WAAWD,EAAM,SAAS,CAAC;AAC7C,WAASE,IAAI,GAAGA,IAAID,EAAM,QAAQC;AAChC,IAAAD,EAAMC,CAAC,IAAI,SAASF,EAAM,MAAME,IAAI,GAAGA,IAAI,IAAI,CAAC,GAAG,EAAE;AAEvD,SAAOD;AACT;AAKA,SAASE,EAAWF,GAAwB;AAC1C,SAAO,KAAK,MAAM,KAAKA,CAAK,EACzB,IAAI,CAACG,MAAMA,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE,CAAC;AACb;AAMA,SAASC,EAAcC,GAAYC,GAAqB;AACtD,MAAID,EAAM,WAAWT;AACnB,UAAM,IAAI;AAAA,MACR,GAAGU,CAAK,8BAA8BV,CAAkB,mCAAmCS,EAAM,MAAM;AAAA,IAAA;AAG7G;AAYO,SAASE,EAAgBC,GAAkB;AAChD,EAAAJ,EAAcI,GAAQ,QAAQ;AAC9B,QAAMC,IAAcZ,EAAWW,CAAM,GAC/BE,IAAOC,EAAOF,CAAW;AAC/B,SAAOP,EAAWQ,CAAI;AACxB;AAaO,SAASE,EACdJ,GACAK,GACS;AACT,SAAAT,EAAcI,GAAQ,QAAQ,GAC9BJ,EAAcS,GAAU,UAAU,GAElChB,EAAWgB,CAAQ,GAEFN,EAAgBC,CAAM,EACvB,kBAAkBK,EAAS,YAAA;AAC7C;AC6CO,MAAMC,EAAc;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQzB,YAAYC,GAA6B;AAPxB,IAAAC,EAAA;AAQf,SAAK,SAASD;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAwBA,MAAM,sBACJE,GACgC;AAEhC,SAAK;AAAA,MACHA,EAAO;AAAA,MACPA,EAAO;AAAA,IAAA;AAIT,UAAMC,IAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,GAC9C,EAAE,iBAAAC,MAAoBC;AAAA,MAC1BF;AAAA,MACAD,EAAO;AAAA,IAAA,GAIHI,IAAa,MAAMC,EAAgB;AAAA,MACvC,aAAaL,EAAO;AAAA,MACpB,YAAYA,EAAO;AAAA,MACnB,aAAaA,EAAO;AAAA,MACpB,oBAAoBE;AAAA,MACpB,wBAAwBF,EAAO;AAAA,MAC/B,uBAAuBA,EAAO;AAAA,MAC9B,+BAA+BA,EAAO;AAAA,MACtC,eAAeA,EAAO;AAAA,MACtB,SAAS,KAAK,OAAO;AAAA,IAAA,CACtB,GAGKM,IAAgB,MAAM,KAAK,OAAO,UAAU;AAAA,MAChDF,EAAW;AAAA,MACXG,EAAmCN,GAAiB,CAAC;AAAA,IAAA;AAGvD,WAAAO,EAA4B;AAAA,MAC1B,kBAAkBJ,EAAW;AAAA,MAC7B,iBAAiBE;AAAA,IAAA,CAClB,GAKM;AAAA,MACL,WAHgBG,EAAuBH,GAAeJ,CAAe;AAAA,MAIrE,oBAAoBA;AAAA,IAAA;AAAA,EAExB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAsB;AACpB,WAAO,KAAK,OAAO;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,uBAAgC;AAC9B,WAAO,OAAO,KAAK,OAAO,UAAU,aAAc;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,4BACJQ,GAMA;AACA,QAAI,CAAC,KAAK;AACR,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAKJ,UAAMT,IAAkB,MAAM,KAAK,OAAO,UAAU,gBAAA,GAG9CU,IAAwB,CAAA,GACxBC,IAAiC,CAAA,GACjCC,IAA6B,CAAA;AAEnC,eAAWC,KAAMJ,GAAc;AAE7B,WAAK;AAAA,QACHI,EAAG;AAAA,QACHA,EAAG;AAAA,MAAA;AAIL,YAAM,EAAE,iBAAAZ,MAAoBC;AAAA,QAC1BF;AAAA,QACAa,EAAG;AAAA,MAAA;AAEL,MAAAD,EAAiB,KAAKX,CAAe;AAGrC,YAAME,IAAa,MAAMC,EAAgB;AAAA,QACvC,aAAaS,EAAG;AAAA,QAChB,YAAYA,EAAG;AAAA,QACf,aAAaA,EAAG;AAAA,QAChB,oBAAoBZ;AAAA,QACpB,wBAAwBY,EAAG;AAAA,QAC3B,uBAAuBA,EAAG;AAAA,QAC1B,+BAA+BA,EAAG;AAAA,QAClC,eAAeA,EAAG;AAAA,QAClB,SAAS,KAAK,OAAO;AAAA,MAAA,CACtB;AACD,MAAAH,EAAY,KAAKP,EAAW,OAAO,GACnCQ,EAAY,KAAKL,EAAmCN,GAAiB,CAAC,CAAC;AAAA,IACzE;AAGA,UAAMc,IAAc,MAAM,KAAK,OAAO,UAAU;AAAA,MAC9CJ;AAAA,MACAC;AAAA,IAAA;AAIF,QAAIG,EAAY,WAAWL,EAAa;AACtC,YAAM,IAAI;AAAA,QACR,YAAYA,EAAa,MAAM,8BAA8BK,EAAY,MAAM;AAAA,MAAA;AAKnF,UAAMC,IAGD,CAAA;AAEL,aAAShC,IAAI,GAAGA,IAAI0B,EAAa,QAAQ1B,KAAK;AAC5C,YAAMkB,IAAkBW,EAAiB7B,CAAC;AAC1C,MAAAwB,EAA4B;AAAA,QAC1B,kBAAkBG,EAAY3B,CAAC;AAAA,QAC/B,iBAAiB+B,EAAY/B,CAAC;AAAA,MAAA,CAC/B;AACD,YAAMiC,IAAkBR;AAAA,QACtBM,EAAY/B,CAAC;AAAA,QACbkB;AAAA,MAAA;AAGF,MAAAc,EAAQ,KAAK;AAAA,QACX,iBAAAC;AAAA,QACA,oBAAoBf;AAAA,MAAA,CACrB;AAAA,IACH;AAEA,WAAOc;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBQ,sBACNE,GACAC,GACM;AACN,IAAAC;AAAA,MACEF;AAAA,MACAC;AAAA,IAAA;AAAA,EAEJ;AACF;"}

package/dist/PeginManager-CTznAVPT.cjs

@@ -1,2 +0,0 @@
-"use strict";var Vt=Object.defineProperty;var Nt=(n,t,e)=>t in n?Vt(n,t,{enumerable:!0,configurable:!0,writable:!0,value:e}):n[t]=e;var T=(n,t,e)=>Nt(n,typeof t!="symbol"?t+"":t,e);const m=require("./sha2-DsrLC4NM.cjs"),K=require("bitcoinjs-lib"),Y=require("buffer"),C=require("viem"),$=require("./BTCVaultRegistry.abi-ZdPpION2.cjs"),S=require("./errors-BP73_stm.cjs"),L=require("@babylonlabs-io/babylon-tbv-rust-wasm"),R=require("./peginInput-57FK2O99.cjs"),rt=require("./assertPsbtUnsignedTxMatches-CagW7XqW.cjs"),h=require("./bitcoin-CHfKAhcI.cjs"),Lt=require("./signing-Bnsro0hE.cjs"),ot=require("./validation-u8W7Lp2x.cjs"),Wt=require("./PayoutManager-BfT0V-tm.cjs"),I=require("./waitForTransactionReceiptSmartAware-tv1mtSIY.cjs"),it=require("./fundPeginTransaction-BBE3wTjR.cjs"),Pt=require("./mempoolApi-YNkKjQCU.cjs");function Ft(n){const t=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(n){for(const e in n)if(e!=="default"){const s=Object.getOwnPropertyDescriptor(n,e);Object.defineProperty(t,e,s.get?s:{enumerable:!0,get:()=>n[e]})}}return t.default=n,Object.freeze(t)}const mt=Ft(K),W=BigInt(2**32-1),at=BigInt(32);function Mt(n,t=!1){return t?{h:Number(n&W),l:Number(n>>at&W)}:{h:Number(n>>at&W)|0,l:Number(n&W)|0}}function Xt(n,t=!1){const e=n.length;let s=new Uint32Array(e),r=new Uint32Array(e);for(let o=0;o<e;o++){const{h:i,l:a}=Mt(n[o],t);[s[o],r[o]]=[i,a]}return[s,r]}const Kt=(n,t,e)=>n<<e|t>>>32-e,Dt=(n,t,e)=>t<<e|n>>>32-e,qt=(n,t,e)=>t<<e-32|n>>>64-e,zt=(n,t,e)=>n<<e-32|t>>>64-e,jt=106,Gt=32,ct=34;function Zt(n,t,e){const s=h.stripHexPrefix(n),r=mt.Transaction.fromHex(s);if(r.outs.length<=t)throw new Error(`Pre-PegIn auth-anchor OP_RETURN missing: tx has ${r.outs.length} outputs, expected at least ${t+1} (vault outputs + OP_RETURN)`);const o=r.outs[t],i=o.script;if(i.length!==ct||i[0]!==jt||i[1]!==Gt)throw new Error(`Pre-PegIn auth-anchor OP_RETURN at vout ${t} has unexpected script encoding (got ${i.length}-byte script with prefix 0x${i.slice(0,Math.min(2,i.length)).toString("hex")}; expected ${ct}-byte OP_RETURN + PUSH32 layout)`);const a=i.slice(2).toString("hex").toLowerCase();if(a!==e.toLowerCase())throw new Error(`Pre-PegIn auth-anchor OP_RETURN payload mismatch at vout ${t}: tx pushes ${a}, expected ${e}`);if(o.value!==0)throw new Error(`Pre-PegIn auth-anchor OP_RETURN at vout ${t} has non-zero value ${o.value}; OP_RETURN outputs must be 0-value`)}const N=32,j=32,J=36,xt=32,D=4,Qt=D+N+D+xt;function tt(n,t,e){n[t]=e>>>24&255,n[t+1]=e>>>16&255,n[t+2]=e>>>8&255,n[t+3]=e&255}function Yt(n){if(n.txid.length!==j)throw new Error(`outpoint.txid must be exactly ${j} bytes, got ${n.txid.length}`);if(!Number.isInteger(n.vout)||n.vout<0||n.vout>4294967295)throw new Error(`outpoint.vout must be a u32, got ${n.vout}`);const t=new Uint8Array(J);return t.set(n.txid,0),tt(t,j,n.vout),t}function lt(n,t){const e=Math.min(n.length,t.length);for(let s=0;s<e;s++)if(n[s]!==t[s])return n[s]-t[s];return n.length-t.length}function wt(n){if(n.length===0)throw new Error("buildFundingOutpointsCommitment: outpoints must be non-empty");const t=n.map(Yt);t.sort(lt);for(let s=1;s<t.length;s++)if(lt(t[s-1],t[s])===0)throw new Error("buildFundingOutpointsCommitment: duplicate outpoint detected");const e=new Uint8Array(t.length*J);for(let s=0;s<t.length;s++)e.set(t[s],s*J);return m.sha256(e)}function bt(n){if(n.depositorBtcPubkey.length!==N)throw new Error(`vaultContext: depositorBtcPubkey must be exactly ${N} bytes, got ${n.depositorBtcPubkey.length}`);const t=wt(n.fundingOutpoints),e=new Uint8Array(Qt);let s=0;return tt(e,s,N),s+=D,e.set(n.depositorBtcPubkey,s),s+=N,tt(e,s,xt),s+=D,e.set(t,s),e}const yt="babylon-btc-vault",kt=32,ut=kt*2,Jt=/^[0-9a-f]+$/;async function Tt(n,t){const e=bt(t),s=h.uint8ArrayToHex(e),r=await n.deriveContextHash(yt,s);if(typeof r!="string")throw new Error(`deriveVaultRoot: wallet must return a string, got ${typeof r}`);if(r.length!==ut)throw new Error(`deriveVaultRoot: wallet must return a ${ut}-character hex string (${kt} bytes), got length ${r.length}`);if(!Jt.test(r))throw new Error("deriveVaultRoot: wallet must return lowercase hex per derive-context-hash.md §2.1; got value with non-lowercase or non-hex characters");return h.hexToUint8Array(r)}const te=Uint8Array.from([7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8]),Et=Uint8Array.from(new Array(16).fill(0).map((n,t)=>t)),ee=Et.map(n=>(9*n+5)%16),_t=(()=>{const e=[[Et],[ee]];for(let s=0;s<4;s++)for(let r of e)r.push(r[s].map(o=>te[o]));return e})(),Bt=_t[0],vt=_t[1],At=[[11,14,15,12,5,8,7,9,11,13,14,15,6,7,9,8],[12,13,11,15,6,9,9,7,12,15,11,13,7,8,7,7],[13,15,14,11,7,7,6,8,13,14,13,12,5,5,6,9],[14,11,12,14,8,6,5,5,15,12,15,14,9,9,8,6],[15,12,13,13,9,5,8,6,14,11,12,11,8,6,5,5]].map(n=>Uint8Array.from(n)),ne=Bt.map((n,t)=>n.map(e=>At[t][e])),se=vt.map((n,t)=>n.map(e=>At[t][e])),re=Uint32Array.from([0,1518500249,1859775393,2400959708,2840853838]),oe=Uint32Array.from([1352829926,1548603684,1836072691,2053994217,0]);function ht(n,t,e,s){return n===0?t^e^s:n===1?t&e|~t&s:n===2?(t|~e)^s:n===3?t&s|e&~s:t^(e|~s)}const F=new Uint32Array(16);class ie extends m.HashMD{constructor(){super(64,20,8,!0);T(this,"h0",1732584193);T(this,"h1",-271733879);T(this,"h2",-1732584194);T(this,"h3",271733878);T(this,"h4",-1009589776)}get(){const{h0:e,h1:s,h2:r,h3:o,h4:i}=this;return[e,s,r,o,i]}set(e,s,r,o,i){this.h0=e|0,this.h1=s|0,this.h2=r|0,this.h3=o|0,this.h4=i|0}process(e,s){for(let g=0;g<16;g++,s+=4)F[g]=e.getUint32(s,!0);let r=this.h0|0,o=r,i=this.h1|0,a=i,c=this.h2|0,d=c,l=this.h3|0,x=l,y=this.h4|0,k=y;for(let g=0;g<5;g++){const p=4-g,E=re[g],v=oe[g],_=Bt[g],P=vt[g],w=ne[g],f=se[g];for(let b=0;b<16;b++){const u=m.rotl(r+ht(g,i,c,l)+F[_[b]]+E,w[b])+y|0;r=y,y=l,l=m.rotl(c,10)|0,c=i,i=u}for(let b=0;b<16;b++){const u=m.rotl(o+ht(p,a,d,x)+F[P[b]]+v,f[b])+k|0;o=k,k=x,x=m.rotl(d,10)|0,d=a,a=u}}this.set(this.h1+c+x|0,this.h2+l+k|0,this.h3+y+o|0,this.h4+r+a|0,this.h0+i+d|0)}roundClean(){m.clean(F)}destroy(){this.destroyed=!0,m.clean(this.buffer),this.set(0,0,0,0,0)}}const ae=m.createHasher(()=>new ie),ce=BigInt(0),U=BigInt(1),le=BigInt(2),ue=BigInt(7),he=BigInt(256),de=BigInt(113),Ht=[],It=[],St=[];for(let n=0,t=U,e=1,s=0;n<24;n++){[e,s]=[s,(2*e+3*s)%5],Ht.push(2*(5*s+e)),It.push((n+1)*(n+2)/2%64);let r=ce;for(let o=0;o<7;o++)t=(t<<U^(t>>ue)*de)%he,t&le&&(r^=U<<(U<<BigInt(o))-U);St.push(r)}const Rt=Xt(St,!0),ge=Rt[0],fe=Rt[1],dt=(n,t,e)=>e>32?qt(n,t,e):Kt(n,t,e),gt=(n,t,e)=>e>32?zt(n,t,e):Dt(n,t,e);function pe(n,t=24){const e=new Uint32Array(10);for(let s=24-t;s<24;s++){for(let i=0;i<10;i++)e[i]=n[i]^n[i+10]^n[i+20]^n[i+30]^n[i+40];for(let i=0;i<10;i+=2){const a=(i+8)%10,c=(i+2)%10,d=e[c],l=e[c+1],x=dt(d,l,1)^e[a],y=gt(d,l,1)^e[a+1];for(let k=0;k<50;k+=10)n[i+k]^=x,n[i+k+1]^=y}let r=n[2],o=n[3];for(let i=0;i<24;i++){const a=It[i],c=dt(r,o,a),d=gt(r,o,a),l=Ht[i];r=n[l],o=n[l+1],n[l]=c,n[l+1]=d}for(let i=0;i<50;i+=10){for(let a=0;a<10;a++)e[a]=n[i+a];for(let a=0;a<10;a++)n[i+a]^=~e[(a+2)%10]&e[(a+4)%10]}n[0]^=ge[s],n[1]^=fe[s]}m.clean(e)}class nt{constructor(t,e,s,r=!1,o=24){T(this,"state");T(this,"pos",0);T(this,"posOut",0);T(this,"finished",!1);T(this,"state32");T(this,"destroyed",!1);T(this,"blockLen");T(this,"suffix");T(this,"outputLen");T(this,"enableXOF",!1);T(this,"rounds");if(this.blockLen=t,this.suffix=e,this.outputLen=s,this.enableXOF=r,this.rounds=o,m.anumber(s,"outputLen"),!(0<t&&t<200))throw new Error("only keccak-f1600 function is supported");this.state=new Uint8Array(200),this.state32=m.u32(this.state)}clone(){return this._cloneInto()}keccak(){m.swap32IfBE(this.state32),pe(this.state32,this.rounds),m.swap32IfBE(this.state32),this.posOut=0,this.pos=0}update(t){m.aexists(this),m.abytes(t);const{blockLen:e,state:s}=this,r=t.length;for(let o=0;o<r;){const i=Math.min(e-this.pos,r-o);for(let a=0;a<i;a++)s[this.pos++]^=t[o++];this.pos===e&&this.keccak()}return this}finish(){if(this.finished)return;this.finished=!0;const{state:t,suffix:e,pos:s,blockLen:r}=this;t[s]^=e,(e&128)!==0&&s===r-1&&this.keccak(),t[r-1]^=128,this.keccak()}writeInto(t){m.aexists(this,!1),m.abytes(t),this.finish();const e=this.state,{blockLen:s}=this;for(let r=0,o=t.length;r<o;){this.posOut>=s&&this.keccak();const i=Math.min(s-this.posOut,o-r);t.set(e.subarray(this.posOut,this.posOut+i),r),this.posOut+=i,r+=i}return t}xofInto(t){if(!this.enableXOF)throw new Error("XOF is not possible for this instance");return this.writeInto(t)}xof(t){return m.anumber(t),this.xofInto(new Uint8Array(t))}digestInto(t){if(m.aoutput(t,this),this.finished)throw new Error("digest() was already called");return this.writeInto(t),this.destroy(),t}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,m.clean(this.state)}_cloneInto(t){const{blockLen:e,suffix:s,outputLen:r,rounds:o,enableXOF:i}=this;return t||(t=new nt(e,s,r,i,o)),t.state32.set(this.state32),t.pos=this.pos,t.posOut=this.posOut,t.finished=this.finished,t.rounds=o,t.suffix=s,t.outputLen=r,t.enableXOF=i,t.destroyed=this.destroyed,t}}const Pe=(n,t,e,s={})=>m.createHasher(()=>new nt(t,n,e),s),me=Pe(1,136,32),ft=64,B=20,et=4,Ot=2,xe=0,we=1,M=[64,64],be=n=>Array.from(n).map(t=>t.toString(16).padStart(2,"0")).join("");function st(n){return ae(m.sha256(n))}function Ct(n){return(1<<n)-1}function ye(n){let t=1;for(;t*t<n+1;)t++;return Math.max(t,2)}function ke(n){const t=et,e=n*Ct(t);return{d:t,n,checksum_radix:ye(e)}}function G(n,t){const e=[];let s=t;for(;s>0;)e.push(s&255),s>>>=8;const r=new Uint8Array(n.length+e.length);r.set(n);for(let o=0;o<e.length;o++)r[n.length+o]=e[o];return st(r)}function Z(n,t){let e=n;for(let s=0;s<t;s++)e=st(e);return e}function Te(n,t){const e=Ct(t.d),s=t.checksum_radix-1,r=Math.floor(t.n*e/t.checksum_radix),o=[];for(let l=0;l<t.n;l++){const x=G(n,l+Ot),y=Z(x,e);o.push(Array.from(y))}const i=G(n,xe),a=Z(i,s),c=G(n,we),d=Z(c,r);return{config:t,message_terminals:o,checksum_major_terminal:Array.from(d),checksum_minor_terminal:Array.from(a)}}async function $t(n){try{if(n.length!==ft)throw new Error(`WOTS seed must be exactly ${ft} bytes, got ${n.length}`);const t=[];for(let e=0;e<M.length;e++){const s=M[e],r=ke(s),o=new Uint8Array(n.length+1);o.set(n),o[n.length]=e;const i=st(o);try{const a=Te(i,r);if(a.config.d!==et)throw new Error(`Block ${e}: expected d=${et}, got d=${a.config.d}`);if(a.config.n!==s)throw new Error(`Block ${e}: expected n=${s}, got n=${a.config.n}`);if(a.message_terminals.length!==s)throw new Error(`Block ${e}: expected ${s} message terminals, got ${a.message_terminals.length}`);for(let c=0;c<a.message_terminals.length;c++)if(a.message_terminals[c].length!==B)throw new Error(`Block ${e} terminal ${c}: expected ${B} bytes, got ${a.message_terminals[c].length}`);if(a.checksum_minor_terminal.length!==B)throw new Error(`Block ${e} checksum_minor: expected ${B} bytes`);if(a.checksum_major_terminal.length!==B)throw new Error(`Block ${e} checksum_major: expected ${B} bytes`);t.push(a)}finally{o.fill(0),i.fill(0)}}if(t.length!==M.length)throw new Error(`Expected ${M.length} blocks, got ${t.length}`);return t}finally{n.fill(0)}}function Q(n,t,e){if(n.length!==B)throw new Error(`Block ${t} ${e}: expected ${B} bytes, got ${n.length}`);for(let s=0;s<n.length;s++){const r=n[s];if(!Number.isInteger(r)||r<0||r>255)throw new Error(`Block ${t} ${e}[${s}]: invalid byte value ${r}`)}}function Ut(n){if(n.length===0)throw new Error("Public keys array must not be empty");for(let o=0;o<n.length;o++){const i=n[o];Q(i.checksum_minor_terminal,o,"checksum_minor_terminal"),Q(i.checksum_major_terminal,o,"checksum_major_terminal");for(let a=0;a<i.message_terminals.length;a++)Q(i.message_terminals[a],o,`message_terminal[${a}]`)}let t=0;for(const o of n)t+=Ot+o.message_terminals.length;const e=new Uint8Array(t*B);let s=0;for(const o of n){e.set(o.checksum_minor_terminal,s),s+=B,e.set(o.checksum_major_terminal,s),s+=B;for(const i of o.message_terminals)e.set(i,s),s+=B}const r=me(e);return`0x${be(r)}`}async function Ee(n,t){const e=[],s=[],r=[],o=[];try{for(let i=0;i<t;i++){const a=await L.expandWotsSeed(n,i);try{const d=await $t(a);e.push(d),s.push(Ut(d))}finally{a.fill(0)}const c=await L.expandHashlockSecret(n,i);try{const d=h.uint8ArrayToHex(c);r.push(d),o.push(Wt.computeHashlock(h.ensureHexPrefix(d)).slice(2))}finally{c.fill(0)}}}finally{n.fill(0)}return{perVaultWotsKeys:e,wotsPkHashes:s,htlcSecretHexes:r,hashlocks:o}}const _e=/^0x[0-9a-f]+$/i,Be=/^[0-9a-f]+$/i,ve=/^[A-Za-z0-9+/]+={0,2}$/;function V(n){if(typeof n!="string"||n.length===0)throw new Error("BTC wallet returned empty public key");return h.processPublicKeyToXOnly(n).toLowerCase()}function Ae(n){if(typeof n!="string"||n.length===0)throw new Error("BTC wallet returned empty BIP-322 signature");if(n.startsWith("0x")||n.startsWith("0X")){if(!_e.test(n)||n.length<4||n.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return n.toLowerCase()}if(Be.test(n)){if(n.length%2!==0)throw new Error("BTC wallet returned malformed hex BIP-322 signature");return`0x${n.toLowerCase()}`}if(!ve.test(n)||n.length%4!==0)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");const t=Y.Buffer.from(n,"base64");if(t.length===0||t.toString("base64")!==n)throw new Error("BTC wallet returned malformed base64 BIP-322 signature");return`0x${t.toString("hex")}`}async function He(n,t,e){if(typeof n.signPsbts=="function"){const r=await n.signPsbts(t,e);if(r.length!==t.length)throw new Error(`Expected ${t.length} signed PSBTs but received ${r.length}`);return r}const s=[];for(let r=0;r<t.length;r++){const o=await n.signPsbt(t[r],e[r]);s.push(o)}return s}const Ie=0,X="00".repeat(32);function Se(n,t,e,s){const r=e==null?void 0:e[`${n}:${t}`];return r?Promise.resolve({txid:n,vout:t,value:r.value,scriptPubKey:r.scriptPubKey}):Pt.getUtxoInfo(n,t,s)}const pt=12e4;class Re{constructor(t){T(this,"config");this.config=t}async preparePegin(t){if(t.amounts.length===0)throw new Error("amounts must contain at least one entry");const e=await this.config.btcWallet.getPublicKeyHex(),s=V(e);if(!h.isAddressFromPublicKey(t.changeAddress,e,this.config.btcNetwork))throw new Error(`Pre-PegIn changeAddress "${t.changeAddress}" is not derived from the connected wallet's public key. Refusing to build a tx that would send change to an address the signing key doesn't control.`);const r=await this.prepareSizing(s,t),o=r.selectedUTXOs.map(p=>({txid:h.hexToUint8Array(p.txid),vout:p.vout})),i=await Tt(this.config.btcWallet,{depositorBtcPubkey:h.hexToUint8Array(s),fundingOutpoints:o});let a,c;try{const p=await L.expandAuthAnchor(i);try{a=h.uint8ArrayToHex(p),c=h.uint8ArrayToHex(m.sha256(p))}finally{p.fill(0)}}catch(p){throw i.fill(0),p}const d=await Ee(i,t.amounts.length),{perVaultWotsKeys:l,wotsPkHashes:x,htlcSecretHexes:y,hashlocks:k}=d,g=await this.preparePeginCommit({depositorBtcPubkeyRaw:e,depositorBtcPubkey:s,hashlocks:k,authAnchorHash:c,sizing:r,params:t});for(let p=0;p<g.perVault.length;p++)if(g.perVault[p].htlcVout!==p)throw new Error(`Internal invariant violation: htlcVout/index mismatch at vault ${p} (expected ${p}, got ${g.perVault[p].htlcVout})`);return Zt(g.fundedPrePeginTxHex,t.amounts.length,c),{transaction:{...g,selectedUTXOs:r.selectedUTXOs,fee:r.fee,changeAmount:r.changeAmount},depositorBtcPubkey:s,derivedSecrets:{perVaultWotsKeys:l,wotsPkHashes:x,htlcSecretHexes:y,authAnchorHex:a}}}async prepareSizing(t,e){const s=e.amounts.map(()=>X),r=e.vaultKeeperBtcPubkeys.length,o=await R.buildPrePeginPsbt({depositorPubkey:t,vaultProviderPubkey:h.stripHexPrefix(e.vaultProviderBtcPubkey),vaultKeeperPubkeys:e.vaultKeeperBtcPubkeys.map(h.stripHexPrefix),universalChallengerPubkeys:e.universalChallengerBtcPubkeys.map(h.stripHexPrefix),hashlocks:s,timelockRefund:e.timelockRefund,pegInAmounts:e.amounts,feeRate:e.protocolFeeRate,numLocalChallengers:r,councilQuorum:e.councilQuorum,councilSize:e.councilSize,network:this.config.btcNetwork,authAnchorHash:X}),i=I.selectUtxosForPegin([...e.availableUTXOs],o.totalOutputValue,e.mempoolFeeRate,it.peginOutputCount(o.htlcValues.length,X));return{selectedUTXOs:i.selectedUTXOs,fee:i.fee,changeAmount:i.changeAmount}}async preparePeginCommit(t){const{depositorBtcPubkeyRaw:e,depositorBtcPubkey:s,hashlocks:r,authAnchorHash:o,sizing:i,params:a}=t,c=X.toLowerCase();for(let u=0;u<r.length;u++)if(r[u].toLowerCase()===c)throw new Error(`preparePeginCommit refusing to build with sizing-pass placeholder hashlock at vault ${u} — internal substitution bug`);if(o.toLowerCase()===c)throw new Error("preparePeginCommit refusing to build with sizing-pass placeholder auth-anchor hash — internal substitution bug");const d=h.stripHexPrefix(a.vaultProviderBtcPubkey),l=a.vaultKeeperBtcPubkeys.map(h.stripHexPrefix),x=a.universalChallengerBtcPubkeys.map(h.stripHexPrefix),y=l.length,k={depositorPubkey:s,vaultProviderPubkey:d,vaultKeeperPubkeys:l,universalChallengerPubkeys:x,hashlocks:r,timelockRefund:a.timelockRefund,pegInAmounts:a.amounts,feeRate:a.protocolFeeRate,numLocalChallengers:y,councilQuorum:a.councilQuorum,councilSize:a.councilSize,network:this.config.btcNetwork,authAnchorHash:o},g=await R.buildPrePeginPsbt(k),p=h.getNetwork(this.config.btcNetwork),E=it.fundPeginTransaction({unfundedTxHex:g.psbtHex,selectedUTXOs:i.selectedUTXOs,changeAddress:a.changeAddress,changeAmount:i.changeAmount,network:p}),v=h.stripHexPrefix(I.calculateBtcTxHash(E)),_=[],P=[],w=[];for(let u=0;u<r.length;u++){const H=await R.buildPeginTxFromFundedPrePegin({prePeginParams:k,timelockPegin:a.timelockPegin,fundedPrePeginTxHex:E,htlcVout:u}),A=await R.buildPeginInputPsbt({peginTxHex:H.txHex,fundedPrePeginTxHex:E,depositorPubkey:s,vaultProviderPubkey:d,vaultKeeperPubkeys:l,universalChallengerPubkeys:x,hashlock:r[u],timelockRefund:a.timelockRefund,network:this.config.btcNetwork});_.push(H),P.push(A.psbtHex),w.push(Lt.createTaprootScriptPathSignOptions(e,1))}const f=await He(this.config.btcWallet,P,w),b=[];for(let u=0;u<f.length;u++){rt.assertPsbtUnsignedTxMatches({requestedPsbtHex:P[u],returnedPsbtHex:f[u]});const H=R.extractPeginInputSignature(f[u],s),A=R.finalizePeginInputPsbt(f[u]);b.push({htlcVout:u,htlcValue:g.htlcValues[u],peginTxHex:A,peginTxid:_[u].txid,peginInputSignature:H,vaultScriptPubKey:_[u].vaultScriptPubKey})}return{fundedPrePeginTxHex:E,prePeginTxid:v,perVault:b}}async signAndBroadcast(t){const{fundedPrePeginTxHex:e,depositorBtcPubkey:s}=t,r=e.startsWith("0x")?e.slice(2):e,o=K.Transaction.fromHex(r);if(o.ins.length===0)throw new Error("Transaction has no inputs");const i=new K.Psbt;i.setVersion(o.version),i.setLocktime(o.locktime);const a=Y.Buffer.from(V(s),"hex"),c=this.config.mempoolApiUrl,d=o.ins.map(P=>{const w=Y.Buffer.from(P.hash).reverse().toString("hex"),f=P.index;return Se(w,f,t.localPrevouts,c).then(b=>({input:P,utxoData:b,txid:w,vout:f}))}),l=await Promise.all(d),x=l.reduce((P,w)=>P+BigInt(w.utxoData.value),0n),y=o.outs.reduce((P,w)=>P+BigInt(w.value),0n);if(x<y)throw new Error(`UTXO value mismatch: total input value (${x} sat) is less than total output value (${y} sat). This may indicate the mempool API returned manipulated UTXO data.`);const k=x-y;if(k>ot.MAX_REASONABLE_FEE_SATS)throw new Error(`Implied transaction fee (${k} sat) exceeds maximum reasonable fee (${ot.MAX_REASONABLE_FEE_SATS} sat). This may indicate manipulated UTXO data.`);for(const{input:P,utxoData:w,txid:f,vout:b}of l){const u=I.getPsbtInputFields({value:w.value,scriptPubKey:w.scriptPubKey},a);i.addInput({hash:P.hash,index:P.index,sequence:P.sequence,...u})}for(const P of o.outs)i.addOutput({script:P.script,value:P.value});const g=i.toHex(),p=await this.config.btcWallet.signPsbt(g);rt.assertPsbtUnsignedTxMatches({requestedPsbtHex:g,returnedPsbtHex:p});const E=K.Psbt.fromHex(p);try{E.finalizeAllInputs()}catch(P){if(!E.data.inputs.every(f=>f.finalScriptWitness||f.finalScriptSig))throw new Error(`PSBT finalization failed and wallet did not auto-finalize: ${P}`)}const v=E.extractTransaction().toHex();return await Pt.pushTx(v,c)}async registerPeginOnChain(t){const{unsignedPrePeginTx:e,depositorSignedPeginTx:s,vaultProvider:r,hashlock:o,htlcVout:i,depositorPayoutBtcAddress:a,depositorWotsPkHash:c,popSignature:d}=t;if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const l=this.config.ethWallet.account.address;if(!C.isAddressEqual(d.depositorEthAddress,l))throw new Error(`Proof of possession was signed for ${d.depositorEthAddress} but the Ethereum wallet is currently connected to ${l}. Reconnect the original account or call signProofOfPossession() again.`);const x=await this.assertPopMatchesBtcWallet(d),y=d.btcPopSignature,k=h.ensureHexPrefix(d.depositorBtcPubkey),g=h.ensureHexPrefix(e),p=h.ensureHexPrefix(s),E=a??await this.config.btcWallet.getAddress(),v=this.resolvePayoutScriptPubKey(x,E),_=I.calculateBtcTxHash(p),P=await L.deriveVaultId(h.stripHexPrefix(_),h.stripHexPrefix(l)),w=h.ensureHexPrefix(P);if(await this.checkVaultExists(w))throw new Error(`Vault already exists (ID: ${w}, peginTxHash: ${_}). Vault IDs are derived from the pegin transaction hash and depositor address. To create a new vault, use different UTXOs or a different amount to generate a unique transaction.`);const b=this.config.publicClient;let u;try{u=await b.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:$.BTCVaultRegistryABI,functionName:"getPegInFee",args:[r]})}catch(O){throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",{cause:O})}const H=C.encodeFunctionData({abi:$.BTCVaultRegistryABI,functionName:"submitPeginRequest",args:[l,k,y,g,p,r,o,i,v,c]});let A;try{A=await b.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:H,value:u,account:this.config.ethWallet.account.address})}catch(O){S.handleContractError(O)}let q;try{q=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:H,value:u,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:A})}catch(O){S.handleContractError(O)}const z=await I.waitForTransactionReceiptSmartAware({publicClient:b,walletAddress:this.config.ethWallet.account.address,hash:q,timeout:pt});return z.status==="reverted"&&S.handleContractError(new Error(`Transaction reverted. Hash: ${z.transactionHash}. Check the transaction on block explorer for details.`)),{ethTxHash:z.transactionHash,vaultId:w,peginTxHash:_}}async registerPeginBatchOnChain(t){const{vaultProvider:e,unsignedPrePeginTx:s,requests:r,popSignature:o}=t;if(r.length===0)throw new Error("Batch pegin requires at least one request");if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const i=this.config.ethWallet.account.address;if(!C.isAddressEqual(o.depositorEthAddress,i))throw new Error(`Proof of possession was signed for ${o.depositorEthAddress} but the Ethereum wallet is currently connected to ${i}. Reconnect the original account or call signProofOfPossession() again.`);const a=await this.assertPopMatchesBtcWallet(o),c=o.btcPopSignature,d=r.map(f=>this.resolvePayoutScriptPubKey(a,f.depositorPayoutBtcAddress)),l=[];for(const f of r){const b=h.ensureHexPrefix(f.depositorSignedPeginTx),u=I.calculateBtcTxHash(b),H=await L.deriveVaultId(h.stripHexPrefix(u),h.stripHexPrefix(i)),A=h.ensureHexPrefix(H);if(await this.checkVaultExists(A))throw new Error(`Vault already exists (ID: ${A}, peginTxHash: ${u}). To create a new vault, use different UTXOs or a different amount.`);l.push({vaultId:A,peginTxHash:u})}const x=this.config.publicClient;let y;try{y=await x.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:$.BTCVaultRegistryABI,functionName:"getPegInFee",args:[e]})}catch(f){throw new Error("Failed to query pegin fee from the contract. Please check your network connection and that the contract address is correct.",{cause:f})}const k=y*BigInt(r.length),g=h.ensureHexPrefix(o.depositorBtcPubkey),p=h.ensureHexPrefix(s),E=r.map((f,b)=>({depositorBtcPubKey:g,btcPopSignature:c,unsignedPrePeginTx:p,depositorSignedPeginTx:h.ensureHexPrefix(f.depositorSignedPeginTx),hashlock:f.hashlock,htlcVout:f.htlcVout,referralCode:Ie,depositorPayoutBtcAddress:d[b],depositorWotsPkHash:f.depositorWotsPkHash})),v=C.encodeFunctionData({abi:$.BTCVaultRegistryABI,functionName:"submitPeginRequestBatch",args:[i,e,E]});let _;try{_=await x.estimateGas({to:this.config.vaultContracts.btcVaultRegistry,data:v,value:k,account:this.config.ethWallet.account.address})}catch(f){S.handleContractError(f)}let P;try{P=await this.config.ethWallet.sendTransaction({to:this.config.vaultContracts.btcVaultRegistry,data:v,value:k,account:this.config.ethWallet.account,chain:this.config.ethChain,gas:_})}catch(f){S.handleContractError(f)}const w=await I.waitForTransactionReceiptSmartAware({publicClient:x,walletAddress:this.config.ethWallet.account.address,hash:P,timeout:pt});return w.status==="reverted"&&S.handleContractError(new Error(`Batch transaction reverted. Hash: ${w.transactionHash}. Check the transaction on block explorer for details.`)),{ethTxHash:w.transactionHash,vaults:l}}async checkVaultExists(t){return(await this.config.publicClient.readContract({address:this.config.vaultContracts.btcVaultRegistry,abi:$.BTCVaultRegistryABI,functionName:"getBtcVaultBasicInfo",args:[t]})).depositor!==C.zeroAddress}resolvePayoutScriptPubKey(t,e){if(!h.isAddressFromPublicKey(e,t,this.config.btcNetwork))throw new Error(`BTC payout address "${e}" is not derived from the connected wallet's public key. The payout sink must be controlled by the same key that signs the pegin; refusing to register a mismatched address.`);const s=h.getNetwork(this.config.btcNetwork);try{return`0x${mt.address.toOutputScript(e,s).toString("hex")}`}catch{throw new Error(`Invalid BTC payout address: "${e}". Please provide a valid Bitcoin address for the ${this.config.btcNetwork} network.`)}}async signProofOfPossession(){if(!this.config.ethWallet.account)throw new Error("Ethereum wallet account not found");const t=this.config.ethWallet.account.address,e=V(await this.config.btcWallet.getPublicKeyHex()),s=this.config.vaultContracts.btcVaultRegistry,r=`${t.toLowerCase()}:${this.config.ethChain.id}:pegin:${s.toLowerCase()}`,o=await this.config.btcWallet.signMessage(r,"bip322-simple");return{btcPopSignature:Ae(o),depositorEthAddress:t,depositorBtcPubkey:e}}async assertPopMatchesBtcWallet(t){const e=await this.config.btcWallet.getPublicKeyHex(),s=V(e),r=V(t.depositorBtcPubkey);if(s!==r)throw new Error(`Proof of possession was signed with BTC pubkey ${r} but the BTC wallet is currently connected to ${s}. Reconnect the original wallet or call signProofOfPossession() again.`);return e}getNetwork(){return this.config.btcNetwork}getVaultContractAddress(){return this.config.vaultContracts.btcVaultRegistry}}exports.PeginManager=Re;exports.VAULT_APP_NAME=yt;exports.buildFundingOutpointsCommitment=wt;exports.buildVaultContext=bt;exports.computeWotsBlockPublicKeysHash=Ut;exports.deriveVaultRoot=Tt;exports.deriveWotsBlocksFromSeed=$t;
-//# sourceMappingURL=PeginManager-CTznAVPT.cjs.map