npm - @babylonlabs-io/ts-sdk - Versions diffs - 0.37.3 → 0.38.1 - Mend

@babylonlabs-io/ts-sdk 0.37.3 → 0.38.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

package/dist/noPayout-BhgknZBx.js DELETED Viewed

@@ -1,141 +0,0 @@
-import { initWasm as H, WasmPrePeginTx as R, getPrePeginHtlcConnectorInfo as B, tapInternalPubkey as b, getAssertNoPayoutScriptInfo as C } from "@babylonlabs-io/babylon-tbv-rust-wasm";
-import { Buffer as u } from "buffer";
-import { Transaction as y, Psbt as T, payments as E } from "bitcoinjs-lib";
-import { u as S, T as I, h as f, s as k, p as $, j as A } from "./bitcoin-B5aNKtsk.js";
-async function V(s) {
-  await H();
-  const { prePeginParams: e, fundedPrePeginTxHex: t, htlcVout: o, refundFee: d, hashlock: a } = s, x = new R(
-    e.depositorPubkey,
-    e.vaultProviderPubkey,
-    e.vaultKeeperPubkeys,
-    e.universalChallengerPubkeys,
-    [...e.hashlocks],
-    new BigUint64Array(e.pegInAmounts),
-    e.timelockRefund,
-    e.feeRate,
-    e.numLocalChallengers,
-    e.councilQuorum,
-    e.councilSize,
-    e.network
-  );
-  let n = null;
-  try {
-    n = x.fromFundedTransaction(t);
-    const r = n.buildRefundTx(d, o), c = await B({
-      depositorPubkey: e.depositorPubkey,
-      vaultProviderPubkey: e.vaultProviderPubkey,
-      vaultKeeperPubkeys: e.vaultKeeperPubkeys,
-      universalChallengerPubkeys: e.universalChallengerPubkeys,
-      hashlock: a,
-      timelockRefund: e.timelockRefund,
-      network: e.network
-    }), P = t.startsWith("0x") ? t.slice(2) : t, i = y.fromHex(P), m = i.outs[o];
-    if (!m)
-      throw new Error(
-        `HTLC output at vout ${o} not found in funded Pre-PegIn tx (tx has ${i.outs.length} outputs)`
-      );
-    const l = y.fromHex(r);
-    if (l.ins.length !== 1)
-      throw new Error(
-        `Refund transaction must have exactly 1 input, got ${l.ins.length}`
-      );
-    const p = l.ins[0], g = i.getId(), v = S(
-      new Uint8Array(p.hash).slice().reverse()
-    );
-    if (v !== g)
-      throw new Error(
-        `Refund input does not reference the Pre-PegIn transaction. Expected ${g}, got ${v}`
-      );
-    if (p.index !== o)
-      throw new Error(
-        `Refund input index ${p.index} does not match expected htlcVout ${o}`
-      );
-    const h = new T();
-    h.setVersion(l.version), h.setLocktime(l.locktime), h.addInput({
-      hash: p.hash,
-      index: p.index,
-      sequence: p.sequence,
-      witnessUtxo: {
-        script: m.script,
-        value: m.value
-      },
-      tapLeafScript: [
-        {
-          leafVersion: I,
-          script: u.from(f(c.refundScript)),
-          controlBlock: u.from(
-            f(c.refundControlBlock)
-          )
-        }
-      ],
-      tapInternalKey: u.from(b)
-    });
-    for (const w of l.outs)
-      h.addOutput({
-        script: w.script,
-        value: w.value
-      });
-    return { psbtHex: h.toHex() };
-  } finally {
-    n == null || n.free(), x.free();
-  }
-}
-async function q(s) {
-  const e = k(s.noPayoutTxHex), t = y.fromHex(e), { noPayoutScript: o, noPayoutControlBlock: d } = await C(
-    s.connectorParams,
-    s.challengerPubkey
-  ), a = f(o), x = f(d), n = new T();
-  n.setVersion(t.version), n.setLocktime(t.locktime);
-  for (let r = 0; r < t.ins.length; r++) {
-    const c = t.ins[r], P = s.prevouts[r];
-    if (!P)
-      throw new Error(`Missing prevout data for input ${r}`);
-    const i = {
-      hash: c.hash,
-      index: c.index,
-      sequence: c.sequence,
-      witnessUtxo: {
-        script: u.from(f(k(P.script_pubkey))),
-        value: P.value
-      }
-    };
-    r === 0 && (i.tapLeafScript = [
-      {
-        leafVersion: I,
-        script: u.from(a),
-        controlBlock: u.from(x)
-      }
-    ], i.tapInternalKey = u.from(b)), n.addInput(i);
-  }
-  for (const r of t.outs)
-    n.addOutput({
-      script: r.script,
-      value: r.value
-    });
-  return n.toHex();
-}
-function U(s, e, t) {
-  const o = y.fromHex(k(s));
-  if (o.outs.length !== 1)
-    throw new Error(
-      `NoPayout transaction must have exactly 1 output, got ${o.outs.length}`
-    );
-  const d = f($(e)), { output: a } = E.p2tr({
-    internalPubkey: u.from(d),
-    network: A(t)
-  });
-  if (!a)
-    throw new Error(
-      "Failed to derive challenger BIP-86 P2TR scriptPubKey for NoPayout output validation"
-    );
-  if (!o.outs[0].script.equals(a))
-    throw new Error(
-      "NoPayout transaction does not pay to the expected challenger BIP-86 P2TR address"
-    );
-}
-export {
-  q as a,
-  V as b,
-  U as c
-};
-//# sourceMappingURL=noPayout-BhgknZBx.js.map

package/dist/noPayout-BhgknZBx.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"noPayout-BhgknZBx.js","sources":["../src/tbv/core/primitives/psbt/refund.ts","../src/tbv/core/primitives/psbt/noPayout.ts"],"sourcesContent":["/**\n * Refund PSBT Builder Primitive\n *\n * Builds an unsigned refund PSBT for a depositor to reclaim BTC from\n * a timed-out Pre-PegIn HTLC output via the refund script (leaf 1).\n *\n * The refund script enforces a CSV timelock (timelockRefund blocks) and\n * requires only the depositor's Schnorr signature — no vault provider or\n * keeper involvement.\n *\n * @module primitives/psbt/refund\n */\n\nimport {\n getPrePeginHtlcConnectorInfo,\n initWasm,\n tapInternalPubkey,\n WasmPrePeginTx,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport { TAPSCRIPT_LEAF_VERSION, hexToUint8Array, uint8ArrayToHex } from \"../utils/bitcoin\";\nimport type { PrePeginParams } from \"./pegin\";\n\n/**\n * Parameters for building a refund PSBT\n */\nexport interface BuildRefundPsbtParams {\n /** Same PrePeginParams used when the original Pre-PegIn tx was created */\n prePeginParams: PrePeginParams;\n /** Funded Pre-PegIn transaction hex (the tx whose HTLC output is being refunded) */\n fundedPrePeginTxHex: string;\n /** Index of the HTLC output in the Pre-PegIn transaction */\n htlcVout: number;\n /** Transaction fee in satoshis for the refund transaction */\n refundFee: bigint;\n /** SHA256 hash commitment for the HTLC (64 hex chars, no 0x prefix) */\n hashlock: string;\n}\n\n/**\n * Result of building a refund PSBT\n */\nexport interface BuildRefundPsbtResult {\n /** PSBT hex ready for depositor signing */\n psbtHex: string;\n}\n\n/**\n * Build a PSBT for signing the refund transaction.\n *\n * The refund transaction spends the Pre-PegIn HTLC output via leaf 1\n * (the refund script: `<timelockRefund> CSV DROP <depositorPubkey> CHECKSIG`).\n * The PSBT includes the tapLeafScript entry so the depositor's wallet can\n * sign using Taproot script-path spending.\n *\n * The input's sequence is set to `timelockRefund` by the WASM, enforcing\n * the Bitcoin CSV timelock. The refund broadcast will be rejected by the\n * network if the timelock has not yet expired.\n *\n * @param params - Refund PSBT parameters\n * @returns PSBT hex for depositor signing\n * @throws If the HTLC output at htlcVout is not found\n * @throws If the refund transaction does not have exactly 1 input\n */\nexport async function buildRefundPsbt(\n params: BuildRefundPsbtParams,\n): Promise<BuildRefundPsbtResult> {\n await initWasm();\n\n const { prePeginParams, fundedPrePeginTxHex, htlcVout, refundFee, hashlock } =\n params;\n\n const unfundedTx = new WasmPrePeginTx(\n prePeginParams.depositorPubkey,\n prePeginParams.vaultProviderPubkey,\n prePeginParams.vaultKeeperPubkeys,\n prePeginParams.universalChallengerPubkeys,\n [...prePeginParams.hashlocks],\n new BigUint64Array(prePeginParams.pegInAmounts),\n prePeginParams.timelockRefund,\n prePeginParams.feeRate,\n prePeginParams.numLocalChallengers,\n prePeginParams.councilQuorum,\n prePeginParams.councilSize,\n prePeginParams.network,\n );\n\n let fundedTx: WasmPrePeginTx | null = null;\n try {\n fundedTx = unfundedTx.fromFundedTransaction(fundedPrePeginTxHex);\n\n const refundTxHex = fundedTx.buildRefundTx(refundFee, htlcVout);\n\n const htlcConnector = await getPrePeginHtlcConnectorInfo({\n depositorPubkey: prePeginParams.depositorPubkey,\n vaultProviderPubkey: prePeginParams.vaultProviderPubkey,\n vaultKeeperPubkeys: prePeginParams.vaultKeeperPubkeys,\n universalChallengerPubkeys: prePeginParams.universalChallengerPubkeys,\n hashlock,\n timelockRefund: prePeginParams.timelockRefund,\n network: prePeginParams.network,\n });\n\n const cleanPrePeginHex = fundedPrePeginTxHex.startsWith(\"0x\")\n ? fundedPrePeginTxHex.slice(2)\n : fundedPrePeginTxHex;\n const prePeginTx = Transaction.fromHex(cleanPrePeginHex);\n\n const htlcOutput = prePeginTx.outs[htlcVout];\n if (!htlcOutput) {\n throw new Error(\n `HTLC output at vout ${htlcVout} not found in funded Pre-PegIn tx ` +\n `(tx has ${prePeginTx.outs.length} outputs)`,\n );\n }\n\n const refundTx = Transaction.fromHex(refundTxHex);\n\n if (refundTx.ins.length !== 1) {\n throw new Error(\n `Refund transaction must have exactly 1 input, got ${refundTx.ins.length}`,\n );\n }\n\n const refundInput = refundTx.ins[0];\n\n // Verify the refund input spends the correct Pre-PegIn HTLC output\n const prePeginTxid = prePeginTx.getId();\n const refundInputTxid = uint8ArrayToHex(\n new Uint8Array(refundInput.hash).slice().reverse(),\n );\n if (refundInputTxid !== prePeginTxid) {\n throw new Error(\n `Refund input does not reference the Pre-PegIn transaction. ` +\n `Expected ${prePeginTxid}, got ${refundInputTxid}`,\n );\n }\n if (refundInput.index !== htlcVout) {\n throw new Error(\n `Refund input index ${refundInput.index} does not match expected htlcVout ${htlcVout}`,\n );\n }\n\n const psbt = new Psbt();\n psbt.setVersion(refundTx.version);\n psbt.setLocktime(refundTx.locktime);\n\n psbt.addInput({\n hash: refundInput.hash,\n index: refundInput.index,\n sequence: refundInput.sequence,\n witnessUtxo: {\n script: htlcOutput.script,\n value: htlcOutput.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(hexToUint8Array(htlcConnector.refundScript)),\n controlBlock: Buffer.from(\n hexToUint8Array(htlcConnector.refundControlBlock),\n ),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n });\n\n for (const output of refundTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return { psbtHex: psbt.toHex() };\n } finally {\n fundedTx?.free();\n unfundedTx.free();\n }\n}\n","/**\n * NoPayout PSBT Builder\n *\n * Builds unsigned PSBTs for the depositor's NoPayout transaction\n * (depositor-as-claimer path, per challenger). The depositor signs input 0\n * using the NoPayout taproot script from WasmAssertPayoutNoPayoutConnector.\n *\n * @module primitives/psbt/noPayout\n * @see btc-vault crates/vault/docs/btc-transactions-spec.md — Assert output 0 NoPayout connector\n */\n\nimport {\n type AssertPayoutNoPayoutConnectorParams,\n type Network,\n getAssertNoPayoutScriptInfo,\n tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction, payments } from \"bitcoinjs-lib\";\n\nimport {\n TAPSCRIPT_LEAF_VERSION,\n getNetwork,\n hexToUint8Array,\n processPublicKeyToXOnly,\n stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a NoPayout PSBT\n */\nexport interface NoPayoutParams {\n /** NoPayout transaction hex (unsigned) from VP */\n noPayoutTxHex: string;\n /** Challenger's x-only public key (hex encoded) */\n challengerPubkey: string;\n /** Prevouts for all inputs [{script_pubkey, value}] from VP */\n prevouts: Array<{ script_pubkey: string; value: number }>;\n /** Parameters for the Assert Payout/NoPayout connector */\n connectorParams: AssertPayoutNoPayoutConnectorParams;\n}\n\n/**\n * Build unsigned NoPayout PSBT.\n *\n * The NoPayout transaction is specific to each challenger.\n * Input 0 is the one the depositor signs using the NoPayout taproot script path.\n *\n * @param params - NoPayout parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildNoPayoutPsbt(\n params: NoPayoutParams,\n): Promise<string> {\n const noPayoutTxHex = stripHexPrefix(params.noPayoutTxHex);\n const noPayoutTx = Transaction.fromHex(noPayoutTxHex);\n\n // Get NoPayout script and control block for this challenger\n const { noPayoutScript, noPayoutControlBlock } =\n await getAssertNoPayoutScriptInfo(\n params.connectorParams,\n params.challengerPubkey,\n );\n\n const scriptBytes = hexToUint8Array(noPayoutScript);\n const controlBlockBytes = hexToUint8Array(noPayoutControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(noPayoutTx.version);\n psbt.setLocktime(noPayoutTx.locktime);\n\n // Add all inputs - depositor signs input 0 only\n for (let i = 0; i < noPayoutTx.ins.length; i++) {\n const input = noPayoutTx.ins[i];\n const prevout = params.prevouts[i];\n\n if (!prevout) {\n throw new Error(`Missing prevout data for input ${i}`);\n }\n\n const inputData: Parameters<typeof psbt.addInput>[0] = {\n hash: input.hash,\n index: input.index,\n sequence: input.sequence,\n witnessUtxo: {\n script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n value: prevout.value,\n },\n };\n\n // Input 0: depositor signs using taproot script path\n if (i === 0) {\n inputData.tapLeafScript = [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(scriptBytes),\n controlBlock: Buffer.from(controlBlockBytes),\n },\n ];\n inputData.tapInternalKey = Buffer.from(tapInternalPubkey);\n }\n\n psbt.addInput(inputData);\n }\n\n // Add outputs\n for (const output of noPayoutTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return psbt.toHex();\n}\n\n/**\n * Validate that a NoPayout transaction pays to the challenger via the\n * protocol-defined output structure: a single BIP-86 P2TR output derived from\n * the challenger's x-only pubkey.\n *\n * Mirrors `assertPayoutOutputMatchesRegistered` for the NoPayout path, where\n * the sink is fixed by the protocol rather than read from on-chain registration\n * (see `crates/vault/src/transactions/nopayout.rs::NoPayoutTx::new`).\n *\n * @param noPayoutTxHex - Raw NoPayout transaction hex\n * @param challengerPubkey - Challenger's x-only public key (hex)\n * @param network - Bitcoin network used to derive the P2TR scriptPubKey\n * @throws If the transaction does not have exactly one output\n * @throws If the single output's scriptPubKey does not equal the BIP-86 P2TR\n * scriptPubKey for the challenger\n */\nexport function assertNoPayoutOutputMatchesChallenger(\n noPayoutTxHex: string,\n challengerPubkey: string,\n network: Network,\n): void {\n const tx = Transaction.fromHex(stripHexPrefix(noPayoutTxHex));\n\n if (tx.outs.length !== 1) {\n throw new Error(\n `NoPayout transaction must have exactly 1 output, got ${tx.outs.length}`,\n );\n }\n\n const xOnly = hexToUint8Array(processPublicKeyToXOnly(challengerPubkey));\n const { output: expectedScript } = payments.p2tr({\n internalPubkey: Buffer.from(xOnly),\n network: getNetwork(network),\n });\n if (!expectedScript) {\n throw new Error(\n \"Failed to derive challenger BIP-86 P2TR scriptPubKey for NoPayout output validation\",\n );\n }\n\n if (!tx.outs[0].script.equals(expectedScript)) {\n throw new Error(\n \"NoPayout transaction does not pay to the expected challenger BIP-86 P2TR address\",\n );\n }\n}\n"],"names":["buildRefundPsbt","params","initWasm","prePeginParams","fundedPrePeginTxHex","htlcVout","refundFee","hashlock","unfundedTx","WasmPrePeginTx","fundedTx","refundTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","cleanPrePeginHex","prePeginTx","Transaction","htlcOutput","refundTx","refundInput","prePeginTxid","refundInputTxid","uint8ArrayToHex","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","hexToUint8Array","tapInternalPubkey","output","buildNoPayoutPsbt","noPayoutTxHex","stripHexPrefix","noPayoutTx","noPayoutScript","noPayoutControlBlock","getAssertNoPayoutScriptInfo","scriptBytes","controlBlockBytes","i","input","prevout","inputData","assertNoPayoutOutputMatchesChallenger","challengerPubkey","network","tx","xOnly","processPublicKeyToXOnly","expectedScript","payments","getNetwork"],"mappings":";;;;AAkEA,eAAsBA,EACpBC,GACgC;AAChC,QAAMC,EAAA;AAEN,QAAM,EAAE,gBAAAC,GAAgB,qBAAAC,GAAqB,UAAAC,GAAU,WAAAC,GAAW,UAAAC,MAChEN,GAEIO,IAAa,IAAIC;AAAA,IACrBN,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACf,CAAC,GAAGA,EAAe,SAAS;AAAA,IAC5B,IAAI,eAAeA,EAAe,YAAY;AAAA,IAC9CA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,EAAA;AAGjB,MAAIO,IAAkC;AACtC,MAAI;AACF,IAAAA,IAAWF,EAAW,sBAAsBJ,CAAmB;AAE/D,UAAMO,IAAcD,EAAS,cAAcJ,GAAWD,CAAQ,GAExDO,IAAgB,MAAMC,EAA6B;AAAA,MACvD,iBAAiBV,EAAe;AAAA,MAChC,qBAAqBA,EAAe;AAAA,MACpC,oBAAoBA,EAAe;AAAA,MACnC,4BAA4BA,EAAe;AAAA,MAC3C,UAAAI;AAAA,MACA,gBAAgBJ,EAAe;AAAA,MAC/B,SAASA,EAAe;AAAA,IAAA,CACzB,GAEKW,IAAmBV,EAAoB,WAAW,IAAI,IACxDA,EAAoB,MAAM,CAAC,IAC3BA,GACEW,IAAaC,EAAY,QAAQF,CAAgB,GAEjDG,IAAaF,EAAW,KAAKV,CAAQ;AAC3C,QAAI,CAACY;AACH,YAAM,IAAI;AAAA,QACR,uBAAuBZ,CAAQ,6CAClBU,EAAW,KAAK,MAAM;AAAA,MAAA;AAIvC,UAAMG,IAAWF,EAAY,QAAQL,CAAW;AAEhD,QAAIO,EAAS,IAAI,WAAW;AAC1B,YAAM,IAAI;AAAA,QACR,qDAAqDA,EAAS,IAAI,MAAM;AAAA,MAAA;AAI5E,UAAMC,IAAcD,EAAS,IAAI,CAAC,GAG5BE,IAAeL,EAAW,MAAA,GAC1BM,IAAkBC;AAAA,MACtB,IAAI,WAAWH,EAAY,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,IAAQ;AAEnD,QAAIE,MAAoBD;AACtB,YAAM,IAAI;AAAA,QACR,uEACcA,CAAY,SAASC,CAAe;AAAA,MAAA;AAGtD,QAAIF,EAAY,UAAUd;AACxB,YAAM,IAAI;AAAA,QACR,sBAAsBc,EAAY,KAAK,qCAAqCd,CAAQ;AAAA,MAAA;AAIxF,UAAMkB,IAAO,IAAIC,EAAA;AACjB,IAAAD,EAAK,WAAWL,EAAS,OAAO,GAChCK,EAAK,YAAYL,EAAS,QAAQ,GAElCK,EAAK,SAAS;AAAA,MACZ,MAAMJ,EAAY;AAAA,MAClB,OAAOA,EAAY;AAAA,MACnB,UAAUA,EAAY;AAAA,MACtB,aAAa;AAAA,QACX,QAAQF,EAAW;AAAA,QACnB,OAAOA,EAAW;AAAA,MAAA;AAAA,MAEpB,eAAe;AAAA,QACb;AAAA,UACE,aAAaQ;AAAA,UACb,QAAQC,EAAO,KAAKC,EAAgBf,EAAc,YAAY,CAAC;AAAA,UAC/D,cAAcc,EAAO;AAAA,YACnBC,EAAgBf,EAAc,kBAAkB;AAAA,UAAA;AAAA,QAClD;AAAA,MACF;AAAA,MAEF,gBAAgBc,EAAO,KAAKE,CAAiB;AAAA,IAAA,CAC9C;AAED,eAAWC,KAAUX,EAAS;AAC5B,MAAAK,EAAK,UAAU;AAAA,QACb,QAAQM,EAAO;AAAA,QACf,OAAOA,EAAO;AAAA,MAAA,CACf;AAGH,WAAO,EAAE,SAASN,EAAK,QAAM;AAAA,EAC/B,UAAA;AACE,IAAAb,KAAA,QAAAA,EAAU,QACVF,EAAW,KAAA;AAAA,EACb;AACF;AClIA,eAAsBsB,EACpB7B,GACiB;AACjB,QAAM8B,IAAgBC,EAAe/B,EAAO,aAAa,GACnDgC,IAAajB,EAAY,QAAQe,CAAa,GAG9C,EAAE,gBAAAG,GAAgB,sBAAAC,EAAA,IACtB,MAAMC;AAAA,IACJnC,EAAO;AAAA,IACPA,EAAO;AAAA,EAAA,GAGLoC,IAAcV,EAAgBO,CAAc,GAC5CI,IAAoBX,EAAgBQ,CAAoB,GAExDZ,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWU,EAAW,OAAO,GAClCV,EAAK,YAAYU,EAAW,QAAQ;AAGpC,WAASM,IAAI,GAAGA,IAAIN,EAAW,IAAI,QAAQM,KAAK;AAC9C,UAAMC,IAAQP,EAAW,IAAIM,CAAC,GACxBE,IAAUxC,EAAO,SAASsC,CAAC;AAEjC,QAAI,CAACE;AACH,YAAM,IAAI,MAAM,kCAAkCF,CAAC,EAAE;AAGvD,UAAMG,IAAiD;AAAA,MACrD,MAAMF,EAAM;AAAA,MACZ,OAAOA,EAAM;AAAA,MACb,UAAUA,EAAM;AAAA,MAChB,aAAa;AAAA,QACX,QAAQd,EAAO,KAAKC,EAAgBK,EAAeS,EAAQ,aAAa,CAAC,CAAC;AAAA,QAC1E,OAAOA,EAAQ;AAAA,MAAA;AAAA,IACjB;AAIF,IAAIF,MAAM,MACRG,EAAU,gBAAgB;AAAA,MACxB;AAAA,QACE,aAAajB;AAAA,QACb,QAAQC,EAAO,KAAKW,CAAW;AAAA,QAC/B,cAAcX,EAAO,KAAKY,CAAiB;AAAA,MAAA;AAAA,IAC7C,GAEFI,EAAU,iBAAiBhB,EAAO,KAAKE,CAAiB,IAG1DL,EAAK,SAASmB,CAAS;AAAA,EACzB;AAGA,aAAWb,KAAUI,EAAW;AAC9B,IAAAV,EAAK,UAAU;AAAA,MACb,QAAQM,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAON,EAAK,MAAA;AACd;AAkBO,SAASoB,EACdZ,GACAa,GACAC,GACM;AACN,QAAMC,IAAK9B,EAAY,QAAQgB,EAAeD,CAAa,CAAC;AAE5D,MAAIe,EAAG,KAAK,WAAW;AACrB,UAAM,IAAI;AAAA,MACR,wDAAwDA,EAAG,KAAK,MAAM;AAAA,IAAA;AAI1E,QAAMC,IAAQpB,EAAgBqB,EAAwBJ,CAAgB,CAAC,GACjE,EAAE,QAAQK,MAAmBC,EAAS,KAAK;AAAA,IAC/C,gBAAgBxB,EAAO,KAAKqB,CAAK;AAAA,IACjC,SAASI,EAAWN,CAAO;AAAA,EAAA,CAC5B;AACD,MAAI,CAACI;AACH,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAIJ,MAAI,CAACH,EAAG,KAAK,CAAC,EAAE,OAAO,OAAOG,CAAc;AAC1C,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;"}

package/dist/peginInput-57FK2O99.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";const h=require("@babylonlabs-io/babylon-tbv-rust-wasm"),y=require("./fundPeginTransaction-BBE3wTjR.cjs"),P=require("buffer"),c=require("bitcoinjs-lib"),s=require("./bitcoin-CHfKAhcI.cjs"),p=64,S=/^[0-9a-fA-F]+$/;async function w(e){const t=b(e.authAnchorHash),n=await h.createPrePeginTransaction({depositorPubkey:e.depositorPubkey,vaultProviderPubkey:e.vaultProviderPubkey,vaultKeeperPubkeys:e.vaultKeeperPubkeys,universalChallengerPubkeys:e.universalChallengerPubkeys,hashlocks:[...e.hashlocks],timelockRefund:e.timelockRefund,pegInAmounts:[...e.pegInAmounts],feeRate:e.feeRate,numLocalChallengers:e.numLocalChallengers,councilQuorum:e.councilQuorum,councilSize:e.councilSize,network:e.network,authAnchorHash:t}),r=y.parseUnfundedWasmTransaction(n.txHex).outputs.reduce((u,a)=>u+BigInt(a.value),0n),o=t!==void 0?n.htlcValues.length:null;return{psbtHex:n.txHex,totalOutputValue:r,htlcValues:n.htlcValues,htlcScriptPubKeys:n.htlcScriptPubKeys,htlcAddresses:n.htlcAddresses,peginAmounts:n.peginAmounts,depositorClaimValue:n.depositorClaimValue,authAnchorVout:o}}function b(e){if(e===void 0)return;const t=e.startsWith("0x")\|\|e.startsWith("0X")?e.slice(2):e;if(t.length!==p\|\|!S.test(t))throw new Error(`authAnchorHash must be 32-byte hex (${p} chars, no 0x prefix); got length ${t.length}`);return t.toLowerCase()}async function v(e){const t=await h.buildPeginTxFromPrePegin({depositorPubkey:e.prePeginParams.depositorPubkey,vaultProviderPubkey:e.prePeginParams.vaultProviderPubkey,vaultKeeperPubkeys:e.prePeginParams.vaultKeeperPubkeys,universalChallengerPubkeys:e.prePeginParams.universalChallengerPubkeys,hashlocks:[...e.prePeginParams.hashlocks],timelockRefund:e.prePeginParams.timelockRefund,pegInAmounts:[...e.prePeginParams.pegInAmounts],feeRate:e.prePeginParams.feeRate,numLocalChallengers:e.prePeginParams.numLocalChallengers,councilQuorum:e.prePeginParams.councilQuorum,councilSize:e.prePeginParams.councilSize,network:e.prePeginParams.network,authAnchorHash:b(e.prePeginParams.authAnchorHash)},e.timelockPegin,e.fundedPrePeginTxHex,e.htlcVout);return{txHex:t.txHex,txid:t.txid,vaultScriptPubKey:t.vaultScriptPubKey,vaultValue:t.vaultValue}}async function H(e){const t=s.stripHexPrefix(e.peginTxHex),n=s.stripHexPrefix(e.fundedPrePeginTxHex),i=await h.getPrePeginHtlcConnectorInfo({depositorPubkey:e.depositorPubkey,vaultProviderPubkey:e.vaultProviderPubkey,vaultKeeperPubkeys:e.vaultKeeperPubkeys,universalChallengerPubkeys:e.universalChallengerPubkeys,hashlock:e.hashlock,timelockRefund:e.timelockRefund,network:e.network}),r=c.Transaction.fromHex(t),o=c.Transaction.fromHex(n);if(r.ins.length!==1)throw new Error(`PegIn transaction must have exactly 1 input, got ${r.ins.length}`);const u=r.ins[0],a=o.getId(),d=s.uint8ArrayToHex(new Uint8Array(u.hash).slice().reverse());if(d!==a)throw new Error(`PegIn input does not reference the Pre-PegIn transaction. Expected ${a}, got ${d}`);const g=o.outs[u.index];if(!g)throw new Error(`Pre-PegIn output ${u.index} not found (Pre-PegIn has ${o.outs.length} outputs)`);const x=s.hexToUint8Array(i.hashlockScript),k=s.hexToUint8Array(i.hashlockControlBlock),l=new c.Psbt;l.setVersion(r.version),l.setLocktime(r.locktime),l.addInput({hash:u.hash,index:u.index,sequence:u.sequence,witnessUtxo:{script:g.script,value:g.value},tapLeafScript:[{leafVersion:s.TAPSCRIPT_LEAF_VERSION,script:P.Buffer.from(x),controlBlock:P.Buffer.from(k)}],tapInternalKey:P.Buffer.from(h.tapInternalPubkey)});for(const f of r.outs)l.addOutput({script:f.script,value:f.value});return{psbtHex:l.toHex()}}function T(e,t){const i=c.Psbt.fromHex(e).data.inputs[0];if(!i)throw new Error("PegIn PSBT has no inputs");if(i.tapScriptSig&&i.tapScriptSig.length>0){const r=P.Buffer.from(s.hexToUint8Array(t));for(const o of i.tapScriptSig)if(o.pubkey.equals(r))return I(o.signature);throw new Error(`No PegIn input signature found for depositor pubkey: ${t}`)}throw i.finalScriptWitness&&i.finalScriptWitness.length>0?new Error("PegIn input PSBT is already finalized. Cannot reliably extract the depositor signature from the witness stack. Ensure the wallet returns a non-finalized PSBT with tapScriptSig entries."):new Error("No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT")}function A(e){const t=c.Psbt.fromHex(e);try{t.finalizeAllInputs()}catch(n){if(!t.data.inputs.every(r=>r.finalScriptWitness\|\|r.finalScriptSig))throw new Error(`PSBT finalization failed and wallet did not auto-finalize: ${n}`)}return t.extractTransaction().toHex()}function I(e){if(e.length===64)return s.uint8ArrayToHex(new Uint8Array(e));throw e.length===65?new Error(`Unexpected sighash byte 0x${e[64].toString(16).padStart(2,"0")} in PegIn input signature. Expected implicit SIGHASH_DEFAULT as a 64-byte signature.`):new Error(`Unexpected PegIn input signature length: ${e.length}`)}exports.buildPeginInputPsbt=H;exports.buildPeginTxFromFundedPrePegin=v;exports.buildPrePeginPsbt=w;exports.extractPeginInputSignature=T;exports.finalizePeginInputPsbt=A;
2	- //# sourceMappingURL=peginInput-57FK2O99.cjs.map

package/dist/peginInput-57FK2O99.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"peginInput-57FK2O99.cjs","sources":["../src/tbv/core/primitives/psbt/pegin.ts","../src/tbv/core/primitives/psbt/peginInput.ts"],"sourcesContent":["/**\n * Pre-PegIn PSBT Builder Primitive\n *\n * This module provides pure functions for building unfunded Pre-PegIn transactions\n * and deriving PegIn transactions from them, using the WASM implementation from\n * @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * Pre-PegIn Flow:\n * 1. buildPrePeginPsbt() — creates unfunded Pre-PegIn tx (HTLC output)\n * 2. [caller funds Pre-PegIn tx and computes txid]\n * 3. buildPeginTxFromFundedPrePegin() — derives PegIn tx spending the HTLC\n * 4. buildPeginInputPsbt() — PSBT for depositor to sign PegIn HTLC leaf 0 input\n *\n * @module primitives/psbt/pegin\n */\n\nimport {\n buildPeginTxFromPrePegin,\n createPrePeginTransaction,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\nimport { parseUnfundedWasmTransaction } from \"../../utils/transaction/fundPeginTransaction\";\n\n/**\n * Parameters for building an unfunded Pre-PegIn PSBT\n */\nexport interface PrePeginParams {\n /** Depositor's BTC public key (x-only, 64-char hex without 0x prefix) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Array of vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Array of universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment(s) (64 hex chars = 32 bytes each) */\n hashlocks: readonly string[];\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Amounts to peg in (satoshis), one per deposit */\n pegInAmounts: readonly bigint[];\n /** Fee rate in sat/vB from contract offchain params */\n feeRate: bigint;\n /** Number of local challengers (from contract params) */\n numLocalChallengers: number;\n /** M in M-of-N council multisig (from contract params) */\n councilQuorum: number;\n /** N in M-of-N council multisig (from contract params) */\n councilSize: number;\n /** Bitcoin network */\n network: Network;\n /**\n * Optional 32-byte `SHA256(auth_anchor)` commitment (64-char hex, no\n * `0x` prefix). If provided, the Pre-PegIn tx will include an\n * `OP_RETURN <PUSH32 authAnchorHash>` output at vout =\n * `hashlocks.length`, binding the depositor's bearer-token\n * `auth_anchor` preimage to this Pre-PegIn.\n */\n authAnchorHash?: string;\n}\n\n/**\n * Byte length of an `auth_anchor_hash` commitment when encoded as a\n * lowercase hex string (32 bytes → 64 hex chars).\n */\nconst AUTH_ANCHOR_HASH_HEX_LEN = 64;\n\nconst HEX_PATTERN = /^[0-9a-fA-F]+$/;\n\n/**\n * Result of building an unfunded Pre-PegIn transaction\n */\nexport interface PrePeginPsbtResult {\n /**\n * Unfunded transaction hex (no inputs, HTLC outputs + optional\n * auth-anchor OP_RETURN + CPFP anchor).\n *\n * The caller is responsible for:\n * - Selecting UTXOs covering totalOutputValue + network fees\n * - Funding the transaction (add inputs and change output)\n * - Calling buildPeginTxFromFundedPrePegin() with the funded tx hex\n */\n psbtHex: string;\n /** Sum of all unfunded outputs — use this for UTXO selection */\n totalOutputValue: bigint;\n /** HTLC output values in satoshis, one per deposit (each includes peginAmount + depositorClaimValue + minPeginFee) */\n htlcValues: readonly bigint[];\n /** HTLC output scriptPubKeys (hex encoded), one per deposit */\n htlcScriptPubKeys: readonly string[];\n /** HTLC Taproot addresses, one per deposit */\n htlcAddresses: readonly string[];\n /** Pegin amounts in satoshis, one per deposit */\n peginAmounts: readonly bigint[];\n /** Depositor claim value computed by WASM from contract parameters */\n depositorClaimValue: bigint;\n /**\n * Vout index of the auth-anchor `OP_RETURN` output if one was\n * included (i.e. `authAnchorHash` was provided), or `null` if not.\n * Always equals `htlcValues.length` when present.\n */\n authAnchorVout: number | null;\n}\n\n/**\n * Parameters for building the PegIn transaction from a funded Pre-PegIn tx\n */\nexport interface BuildPeginTxParams {\n /** Same PrePeginParams used to create the Pre-PegIn transaction */\n prePeginParams: PrePeginParams;\n /** CSV timelock in blocks for the PegIn vault output */\n timelockPegin: number;\n /** Hex-encoded funded Pre-PegIn transaction */\n fundedPrePeginTxHex: string;\n /** Index of the HTLC output to spend */\n htlcVout: number;\n}\n\n/**\n * Result of building the PegIn transaction\n */\nexport interface PeginTxResult {\n /** PegIn transaction hex (1 input spending HTLC, 1 vault output) */\n txHex: string;\n /** PegIn transaction ID */\n txid: string;\n /** Vault output scriptPubKey (hex encoded) */\n vaultScriptPubKey: string;\n /** Vault output value in satoshis */\n vaultValue: bigint;\n}\n\n/**\n * Build unfunded Pre-PegIn transaction using WASM.\n *\n * Creates a Bitcoin transaction template with no inputs, an HTLC output, and a\n * CPFP anchor output. The HTLC value is computed internally from the contract\n * parameters — the caller does not need to compute depositorClaimValue separately.\n *\n * @param params - Pre-PegIn parameters\n * @returns Unfunded Pre-PegIn transaction details with HTLC output information\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPrePeginPsbt(\n params: PrePeginParams,\n): Promise<PrePeginPsbtResult> {\n const authAnchorHash = normalizeAuthAnchorHash(params.authAnchorHash);\n\n const result = await createPrePeginTransaction({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlocks: [...params.hashlocks],\n timelockRefund: params.timelockRefund,\n pegInAmounts: [...params.pegInAmounts],\n feeRate: params.feeRate,\n numLocalChallengers: params.numLocalChallengers,\n councilQuorum: params.councilQuorum,\n councilSize: params.councilSize,\n network: params.network,\n authAnchorHash,\n });\n\n // Parse the unfunded tx to sum all output values\n // (HTLCs + optional OP_RETURN + CPFP anchor). This is the amount\n // UTXOs must cover before adding network fees.\n const parsed = parseUnfundedWasmTransaction(result.txHex);\n const totalOutputValue = parsed.outputs.reduce(\n (sum, o) => sum + BigInt(o.value),\n 0n,\n );\n\n // The WASM places the OP_RETURN commitment immediately after the\n // HTLC outputs when authAnchorHash is provided.\n const authAnchorVout =\n authAnchorHash !== undefined ? result.htlcValues.length : null;\n\n return {\n psbtHex: result.txHex,\n totalOutputValue,\n htlcValues: result.htlcValues,\n htlcScriptPubKeys: result.htlcScriptPubKeys,\n htlcAddresses: result.htlcAddresses,\n peginAmounts: result.peginAmounts,\n depositorClaimValue: result.depositorClaimValue,\n authAnchorVout,\n };\n}\n\n/**\n * Validate and normalize an `authAnchorHash` hex string before passing\n * it to the WASM boundary. WASM expects exactly 64 lowercase hex chars.\n */\nfunction normalizeAuthAnchorHash(\n value: string | undefined,\n): string | undefined {\n if (value === undefined) return undefined;\n const cleaned =\n value.startsWith(\"0x\") || value.startsWith(\"0X\") ? value.slice(2) : value;\n if (\n cleaned.length !== AUTH_ANCHOR_HASH_HEX_LEN ||\n !HEX_PATTERN.test(cleaned)\n ) {\n throw new Error(\n `authAnchorHash must be 32-byte hex (${AUTH_ANCHOR_HASH_HEX_LEN} chars, no 0x prefix); got length ${cleaned.length}`,\n );\n }\n return cleaned.toLowerCase();\n}\n\n/**\n * Build the PegIn transaction from a funded Pre-PegIn transaction.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output at htlcVout via the\n * hashlock + all-party script (leaf 0).\n *\n * @param params - Build parameters including Pre-PegIn params and funded tx hex\n * @returns PegIn transaction details\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPeginTxFromFundedPrePegin(\n params: BuildPeginTxParams,\n): Promise<PeginTxResult> {\n // WASM reconstructs the Pre-PegIn template from these params to\n // decode the funded tx. Must pass `authAnchorHash` (normalized\n // identically to buildPrePeginPsbt) so the reconstruction matches\n // the original outputs, including the OP_RETURN at vout =\n // hashlocks.length.\n const result = await buildPeginTxFromPrePegin(\n {\n depositorPubkey: params.prePeginParams.depositorPubkey,\n vaultProviderPubkey: params.prePeginParams.vaultProviderPubkey,\n vaultKeeperPubkeys: params.prePeginParams.vaultKeeperPubkeys,\n universalChallengerPubkeys:\n params.prePeginParams.universalChallengerPubkeys,\n hashlocks: [...params.prePeginParams.hashlocks],\n timelockRefund: params.prePeginParams.timelockRefund,\n pegInAmounts: [...params.prePeginParams.pegInAmounts],\n feeRate: params.prePeginParams.feeRate,\n numLocalChallengers: params.prePeginParams.numLocalChallengers,\n councilQuorum: params.prePeginParams.councilQuorum,\n councilSize: params.prePeginParams.councilSize,\n network: params.prePeginParams.network,\n authAnchorHash: normalizeAuthAnchorHash(\n params.prePeginParams.authAnchorHash,\n ),\n },\n params.timelockPegin,\n params.fundedPrePeginTxHex,\n params.htlcVout,\n );\n\n return {\n txHex: result.txHex,\n txid: result.txid,\n vaultScriptPubKey: result.vaultScriptPubKey,\n vaultValue: result.vaultValue,\n };\n}\n","/**\n * PegIn Input PSBT Builder\n *\n * Builds the PSBT for the depositor to sign the PegIn transaction's HTLC input\n * (Pre-PegIn HTLC leaf 0 — the hashlock + all-party script).\n *\n * This is the \"Sign Pegin transaction HTLC leaf 0 input\" step in the pre-pegin\n * flow. The depositor signs input 0 of the PegIn transaction,\n * which spends output 0 of the funded Pre-PegIn transaction via script-path.\n *\n * @module primitives/psbt/peginInput\n */\n\nimport {\n getPrePeginHtlcConnectorInfo,\n tapInternalPubkey,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { TAPSCRIPT_LEAF_VERSION, hexToUint8Array, stripHexPrefix, uint8ArrayToHex } from \"../utils/bitcoin\";\n\n/**\n * Parameters for building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtParams {\n /**\n * PegIn transaction hex (1 input spending Pre-PegIn HTLC output 0).\n * Returned by buildPeginTxFromFundedPrePegin().\n */\n peginTxHex: string;\n /**\n * Funded Pre-PegIn transaction hex.\n * Used to look up the HTLC output that the PegIn input spends.\n */\n fundedPrePeginTxHex: string;\n /** Depositor's BTC public key (x-only, 64-char hex) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment (64 hex chars = 32 bytes) */\n hashlock: string;\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Bitcoin network */\n network: Network;\n}\n\n/**\n * Result of building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtResult {\n /** PSBT hex for the depositor to sign */\n psbtHex: string;\n}\n\n/**\n * Build PSBT for depositor to sign the PegIn transaction's HTLC leaf 0 input.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output (output 0) via the\n * hashlock + all-party script (leaf 0). The depositor provides one of the required\n * signatures; the vault provider and keepers provide theirs separately via the\n * signPeginInput RPC.\n *\n * The PSBT uses Taproot script-path spending:\n * - witnessUtxo: the Pre-PegIn HTLC output\n * - tapLeafScript: hashlock leaf script + control block\n * - tapInternalKey: NUMS unspendable key (BIP-341 nothing-up-my-sleeve)\n *\n * @param params - PegIn input PSBT parameters\n * @returns PSBT hex ready for depositor signing\n * @throws If PegIn tx does not have exactly 1 input\n * @throws If PegIn input does not reference the Pre-PegIn HTLC output\n * @throws If Pre-PegIn tx output 0 is not found\n */\nexport async function buildPeginInputPsbt(\n params: BuildPeginInputPsbtParams,\n): Promise<BuildPeginInputPsbtResult> {\n const peginTxHex = stripHexPrefix(params.peginTxHex);\n const fundedPrePeginTxHex = stripHexPrefix(params.fundedPrePeginTxHex);\n\n const htlcConnector = await getPrePeginHtlcConnectorInfo({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlock: params.hashlock,\n timelockRefund: params.timelockRefund,\n network: params.network,\n });\n\n const peginTx = Transaction.fromHex(peginTxHex);\n const prePeginTx = Transaction.fromHex(fundedPrePeginTxHex);\n\n if (peginTx.ins.length !== 1) {\n throw new Error(\n `PegIn transaction must have exactly 1 input, got ${peginTx.ins.length}`,\n );\n }\n\n const peginInput = peginTx.ins[0];\n\n // Verify PegIn input 0 spends Pre-PegIn output 0\n const prePeginTxid = prePeginTx.getId();\n const peginInputTxid = uint8ArrayToHex(\n new Uint8Array(peginInput.hash).slice().reverse(),\n );\n\n if (peginInputTxid !== prePeginTxid) {\n throw new Error(\n `PegIn input does not reference the Pre-PegIn transaction. ` +\n `Expected ${prePeginTxid}, got ${peginInputTxid}`,\n );\n }\n\n const htlcOutput = prePeginTx.outs[peginInput.index];\n if (!htlcOutput) {\n throw new Error(\n `Pre-PegIn output ${peginInput.index} not found ` +\n `(Pre-PegIn has ${prePeginTx.outs.length} outputs)`,\n );\n }\n\n const hashlockScript = hexToUint8Array(htlcConnector.hashlockScript);\n const hashlockControlBlock = hexToUint8Array(htlcConnector.hashlockControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(peginTx.version);\n psbt.setLocktime(peginTx.locktime);\n\n // Input 0: PegIn input spending Pre-PegIn HTLC output 0 via hashlock leaf (leaf 0).\n // The depositor signs using Taproot script-path spending.\n psbt.addInput({\n hash: peginInput.hash,\n index: peginInput.index,\n sequence: peginInput.sequence,\n witnessUtxo: {\n script: htlcOutput.script,\n value: htlcOutput.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(hashlockScript),\n controlBlock: Buffer.from(hashlockControlBlock),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n // sighashType omitted — defaults to SIGHASH_DEFAULT (0x00) for Taproot\n });\n\n for (const output of peginTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return { psbtHex: psbt.toHex() };\n}\n\n/**\n * Extract the depositor's Schnorr signature from a signed PegIn input PSBT.\n *\n * Supports non-finalized PSBTs with tapScriptSig entries. Finalized PSBTs are\n * rejected because the witness stack does not reliably identify the depositor\n * signature by public key.\n *\n * PegIn input signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte. Signatures with an appended sighash byte\n * are rejected rather than stripped.\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's x-only public key (64-char hex)\n * @returns 64-byte Schnorr signature (128 hex chars, no sighash flag)\n * @throws If no signature is found for the depositor's key\n */\nexport function extractPeginInputSignature(\n signedPsbtHex: string,\n depositorPubkey: string,\n): string {\n const signedPsbt = Psbt.fromHex(signedPsbtHex);\n const input = signedPsbt.data.inputs[0];\n\n if (!input) {\n throw new Error(\"PegIn PSBT has no inputs\");\n }\n\n // Non-finalized PSBT — extract from tapScriptSig\n if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n const depositorPubkeyBytes = Buffer.from(\n hexToUint8Array(depositorPubkey),\n );\n\n for (const sigEntry of input.tapScriptSig) {\n if (sigEntry.pubkey.equals(depositorPubkeyBytes)) {\n return extractSchnorrSig(sigEntry.signature);\n }\n }\n\n throw new Error(\n `No PegIn input signature found for depositor pubkey: ${depositorPubkey}`,\n );\n }\n\n // Finalized PSBT — the witness stack order depends on the wallet's finalizer,\n // so we cannot reliably pick the depositor's signature by position. Require\n // the non-finalized tapScriptSig path which identifies signatures by pubkey.\n if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n throw new Error(\n \"PegIn input PSBT is already finalized. Cannot reliably extract the \" +\n \"depositor signature from the witness stack. Ensure the wallet returns \" +\n \"a non-finalized PSBT with tapScriptSig entries.\",\n );\n }\n\n throw new Error(\n \"No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT\",\n );\n}\n\n/**\n * Finalize a signed PegIn input PSBT and return the depositor-signed transaction hex.\n *\n * The default tapscript finalizer builds the full witness stack [sig, script, controlBlock]\n * that vaultd requires when verifying the depositor signature on-chain.\n *\n * @param signedPsbtHex - Non-finalized signed PSBT hex (returned by wallet with autoFinalized: false)\n * @returns Depositor-signed PegIn transaction hex with full taproot witness stack\n */\nexport function finalizePeginInputPsbt(signedPsbtHex: string): string {\n const psbt = Psbt.fromHex(signedPsbtHex);\n\n // Some wallets (UniSat, OKX) ignore autoFinalized: false and return\n // already-finalized PSBTs. finalizeAllInputs() throws in that case,\n // so fall back to verifying the wallet already finalized all inputs.\n try {\n psbt.finalizeAllInputs();\n } catch (e) {\n const allFinalized = psbt.data.inputs.every(\n (inp) => inp.finalScriptWitness || inp.finalScriptSig,\n );\n if (!allFinalized) {\n throw new Error(\n `PSBT finalization failed and wallet did not auto-finalize: ${e}`,\n );\n }\n }\n\n return psbt.extractTransaction().toHex();\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature.\n * PegIn input signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte. Reject 65-byte signatures instead of\n * stripping the sighash byte because it changes the signed Taproot message.\n * @internal\n */\nexport function extractSchnorrSig(sig: Uint8Array): string {\n if (sig.length === 64) {\n return uint8ArrayToHex(new Uint8Array(sig));\n }\n if (sig.length === 65) {\n throw new Error(\n `Unexpected sighash byte 0x${sig[64].toString(16).padStart(2, \"0\")} in PegIn input signature. ` +\n \"Expected implicit SIGHASH_DEFAULT as a 64-byte signature.\",\n );\n }\n throw new Error(`Unexpected PegIn input signature length: ${sig.length}`);\n}\n"],"names":["AUTH_ANCHOR_HASH_HEX_LEN","HEX_PATTERN","buildPrePeginPsbt","params","authAnchorHash","normalizeAuthAnchorHash","result","createPrePeginTransaction","totalOutputValue","parseUnfundedWasmTransaction","sum","o","authAnchorVout","value","cleaned","buildPeginTxFromFundedPrePegin","buildPeginTxFromPrePegin","buildPeginInputPsbt","peginTxHex","stripHexPrefix","fundedPrePeginTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","peginTx","Transaction","prePeginTx","peginInput","prePeginTxid","peginInputTxid","uint8ArrayToHex","htlcOutput","hashlockScript","hexToUint8Array","hashlockControlBlock","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","extractPeginInputSignature","signedPsbtHex","depositorPubkey","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","finalizePeginInputPsbt","e","inp","sig"],"mappings":"0MAkEMA,EAA2B,GAE3BC,EAAc,iBA2EpB,eAAsBC,EACpBC,EAC6B,CAC7B,MAAMC,EAAiBC,EAAwBF,EAAO,cAAc,EAE9DG,EAAS,MAAMC,4BAA0B,CAC7C,gBAAiBJ,EAAO,gBACxB,oBAAqBA,EAAO,oBAC5B,mBAAoBA,EAAO,mBAC3B,2BAA4BA,EAAO,2BACnC,UAAW,CAAC,GAAGA,EAAO,SAAS,EAC/B,eAAgBA,EAAO,eACvB,aAAc,CAAC,GAAGA,EAAO,YAAY,EACrC,QAASA,EAAO,QAChB,oBAAqBA,EAAO,oBAC5B,cAAeA,EAAO,cACtB,YAAaA,EAAO,YACpB,QAASA,EAAO,QAChB,eAAAC,CAAA,CACD,EAMKI,EADSC,EAAAA,6BAA6BH,EAAO,KAAK,EACxB,QAAQ,OACtC,CAACI,EAAKC,IAAMD,EAAM,OAAOC,EAAE,KAAK,EAChC,EAAA,EAKIC,EACJR,IAAmB,OAAYE,EAAO,WAAW,OAAS,KAE5D,MAAO,CACL,QAASA,EAAO,MAChB,iBAAAE,EACA,WAAYF,EAAO,WACnB,kBAAmBA,EAAO,kBAC1B,cAAeA,EAAO,cACtB,aAAcA,EAAO,aACrB,oBAAqBA,EAAO,oBAC5B,eAAAM,CAAA,CAEJ,CAMA,SAASP,EACPQ,EACoB,CACpB,GAAIA,IAAU,OAAW,OACzB,MAAMC,EACJD,EAAM,WAAW,IAAI,GAAKA,EAAM,WAAW,IAAI,EAAIA,EAAM,MAAM,CAAC,EAAIA,EACtE,GACEC,EAAQ,SAAWd,GACnB,CAACC,EAAY,KAAKa,CAAO,EAEzB,MAAM,IAAI,MACR,uCAAuCd,CAAwB,qCAAqCc,EAAQ,MAAM,EAAA,EAGtH,OAAOA,EAAQ,YAAA,CACjB,CAYA,eAAsBC,EACpBZ,EACwB,CAMxB,MAAMG,EAAS,MAAMU,EAAAA,yBACnB,CACE,gBAAiBb,EAAO,eAAe,gBACvC,oBAAqBA,EAAO,eAAe,oBAC3C,mBAAoBA,EAAO,eAAe,mBAC1C,2BACEA,EAAO,eAAe,2BACxB,UAAW,CAAC,GAAGA,EAAO,eAAe,SAAS,EAC9C,eAAgBA,EAAO,eAAe,eACtC,aAAc,CAAC,GAAGA,EAAO,eAAe,YAAY,EACpD,QAASA,EAAO,eAAe,QAC/B,oBAAqBA,EAAO,eAAe,oBAC3C,cAAeA,EAAO,eAAe,cACrC,YAAaA,EAAO,eAAe,YACnC,QAASA,EAAO,eAAe,QAC/B,eAAgBE,EACdF,EAAO,eAAe,cAAA,CACxB,EAEFA,EAAO,cACPA,EAAO,oBACPA,EAAO,QAAA,EAGT,MAAO,CACL,MAAOG,EAAO,MACd,KAAMA,EAAO,KACb,kBAAmBA,EAAO,kBAC1B,WAAYA,EAAO,UAAA,CAEvB,CCpLA,eAAsBW,EACpBd,EACoC,CACpC,MAAMe,EAAaC,EAAAA,eAAehB,EAAO,UAAU,EAC7CiB,EAAsBD,EAAAA,eAAehB,EAAO,mBAAmB,EAE/DkB,EAAgB,MAAMC,+BAA6B,CACvD,gBAAiBnB,EAAO,gBACxB,oBAAqBA,EAAO,oBAC5B,mBAAoBA,EAAO,mBAC3B,2BAA4BA,EAAO,2BACnC,SAAUA,EAAO,SACjB,eAAgBA,EAAO,eACvB,QAASA,EAAO,OAAA,CACjB,EAEKoB,EAAUC,EAAAA,YAAY,QAAQN,CAAU,EACxCO,EAAaD,EAAAA,YAAY,QAAQJ,CAAmB,EAE1D,GAAIG,EAAQ,IAAI,SAAW,EACzB,MAAM,IAAI,MACR,oDAAoDA,EAAQ,IAAI,MAAM,EAAA,EAI1E,MAAMG,EAAaH,EAAQ,IAAI,CAAC,EAG1BI,EAAeF,EAAW,MAAA,EAC1BG,EAAiBC,EAAAA,gBACrB,IAAI,WAAWH,EAAW,IAAI,EAAE,MAAA,EAAQ,QAAA,CAAQ,EAGlD,GAAIE,IAAmBD,EACrB,MAAM,IAAI,MACR,sEACcA,CAAY,SAASC,CAAc,EAAA,EAIrD,MAAME,EAAaL,EAAW,KAAKC,EAAW,KAAK,EACnD,GAAI,CAACI,EACH,MAAM,IAAI,MACR,oBAAoBJ,EAAW,KAAK,6BAChBD,EAAW,KAAK,MAAM,WAAA,EAI9C,MAAMM,EAAiBC,EAAAA,gBAAgBX,EAAc,cAAc,EAC7DY,EAAuBD,EAAAA,gBAAgBX,EAAc,oBAAoB,EAEzEa,EAAO,IAAIC,OACjBD,EAAK,WAAWX,EAAQ,OAAO,EAC/BW,EAAK,YAAYX,EAAQ,QAAQ,EAIjCW,EAAK,SAAS,CACZ,KAAMR,EAAW,KACjB,MAAOA,EAAW,MAClB,SAAUA,EAAW,SACrB,YAAa,CACX,OAAQI,EAAW,OACnB,MAAOA,EAAW,KAAA,EAEpB,cAAe,CACb,CACE,YAAaM,EAAAA,uBACb,OAAQC,EAAAA,OAAO,KAAKN,CAAc,EAClC,aAAcM,EAAAA,OAAO,KAAKJ,CAAoB,CAAA,CAChD,EAEF,eAAgBI,EAAAA,OAAO,KAAKC,EAAAA,iBAAiB,CAAA,CAE9C,EAED,UAAWC,KAAUhB,EAAQ,KAC3BW,EAAK,UAAU,CACb,OAAQK,EAAO,OACf,MAAOA,EAAO,KAAA,CACf,EAGH,MAAO,CAAE,QAASL,EAAK,OAAM,CAC/B,CAkBO,SAASM,EACdC,EACAC,EACQ,CAER,MAAMC,EADaR,EAAAA,KAAK,QAAQM,CAAa,EACpB,KAAK,OAAO,CAAC,EAEtC,GAAI,CAACE,EACH,MAAM,IAAI,MAAM,0BAA0B,EAI5C,GAAIA,EAAM,cAAgBA,EAAM,aAAa,OAAS,EAAG,CACvD,MAAMC,EAAuBP,EAAAA,OAAO,KAClCL,EAAAA,gBAAgBU,CAAe,CAAA,EAGjC,UAAWG,KAAYF,EAAM,aAC3B,GAAIE,EAAS,OAAO,OAAOD,CAAoB,EAC7C,OAAOE,EAAkBD,EAAS,SAAS,EAI/C,MAAM,IAAI,MACR,wDAAwDH,CAAe,EAAA,CAE3E,CAKA,MAAIC,EAAM,oBAAsBA,EAAM,mBAAmB,OAAS,EAC1D,IAAI,MACR,0LAAA,EAME,IAAI,MACR,wEAAA,CAEJ,CAWO,SAASI,EAAuBN,EAA+B,CACpE,MAAMP,EAAOC,EAAAA,KAAK,QAAQM,CAAa,EAKvC,GAAI,CACFP,EAAK,kBAAA,CACP,OAASc,EAAG,CAIV,GAAI,CAHiBd,EAAK,KAAK,OAAO,MACnCe,GAAQA,EAAI,oBAAsBA,EAAI,cAAA,EAGvC,MAAM,IAAI,MACR,8DAA8DD,CAAC,EAAA,CAGrE,CAEA,OAAOd,EAAK,mBAAA,EAAqB,MAAA,CACnC,CASO,SAASY,EAAkBI,EAAyB,CACzD,GAAIA,EAAI,SAAW,GACjB,OAAOrB,kBAAgB,IAAI,WAAWqB,CAAG,CAAC,EAE5C,MAAIA,EAAI,SAAW,GACX,IAAI,MACR,6BAA6BA,EAAI,EAAE,EAAE,SAAS,EAAE,EAAE,SAAS,EAAG,GAAG,CAAC,sFAAA,EAIhE,IAAI,MAAM,4CAA4CA,EAAI,MAAM,EAAE,CAC1E"}

package/dist/peginInput-CYJzbuwA.js DELETED Viewed

@@ -1,177 +0,0 @@
-import { createPrePeginTransaction as w, buildPeginTxFromPrePegin as v, getPrePeginHtlcConnectorInfo as H, tapInternalPubkey as A } from "@babylonlabs-io/babylon-tbv-rust-wasm";
-import { c as I } from "./fundPeginTransaction-t-6TsHAY.js";
-import { Buffer as c } from "buffer";
-import { Transaction as d, Psbt as h } from "bitcoinjs-lib";
-import { s as f, u as k, h as P, T as m } from "./bitcoin-B5aNKtsk.js";
-const x = 64, T = /^[0-9a-fA-F]+$/;
-async function B(e) {
-  const t = b(e.authAnchorHash), n = await w({
-    depositorPubkey: e.depositorPubkey,
-    vaultProviderPubkey: e.vaultProviderPubkey,
-    vaultKeeperPubkeys: e.vaultKeeperPubkeys,
-    universalChallengerPubkeys: e.universalChallengerPubkeys,
-    hashlocks: [...e.hashlocks],
-    timelockRefund: e.timelockRefund,
-    pegInAmounts: [...e.pegInAmounts],
-    feeRate: e.feeRate,
-    numLocalChallengers: e.numLocalChallengers,
-    councilQuorum: e.councilQuorum,
-    councilSize: e.councilSize,
-    network: e.network,
-    authAnchorHash: t
-  }), r = I(n.txHex).outputs.reduce(
-    (u, l) => u + BigInt(l.value),
-    0n
-  ), o = t !== void 0 ? n.htlcValues.length : null;
-  return {
-    psbtHex: n.txHex,
-    totalOutputValue: r,
-    htlcValues: n.htlcValues,
-    htlcScriptPubKeys: n.htlcScriptPubKeys,
-    htlcAddresses: n.htlcAddresses,
-    peginAmounts: n.peginAmounts,
-    depositorClaimValue: n.depositorClaimValue,
-    authAnchorVout: o
-  };
-}
-function b(e) {
-  if (e === void 0) return;
-  const t = e.startsWith("0x") || e.startsWith("0X") ? e.slice(2) : e;
-  if (t.length !== x || !T.test(t))
-    throw new Error(
-      `authAnchorHash must be 32-byte hex (${x} chars, no 0x prefix); got length ${t.length}`
-    );
-  return t.toLowerCase();
-}
-async function K(e) {
-  const t = await v(
-    {
-      depositorPubkey: e.prePeginParams.depositorPubkey,
-      vaultProviderPubkey: e.prePeginParams.vaultProviderPubkey,
-      vaultKeeperPubkeys: e.prePeginParams.vaultKeeperPubkeys,
-      universalChallengerPubkeys: e.prePeginParams.universalChallengerPubkeys,
-      hashlocks: [...e.prePeginParams.hashlocks],
-      timelockRefund: e.prePeginParams.timelockRefund,
-      pegInAmounts: [...e.prePeginParams.pegInAmounts],
-      feeRate: e.prePeginParams.feeRate,
-      numLocalChallengers: e.prePeginParams.numLocalChallengers,
-      councilQuorum: e.prePeginParams.councilQuorum,
-      councilSize: e.prePeginParams.councilSize,
-      network: e.prePeginParams.network,
-      authAnchorHash: b(
-        e.prePeginParams.authAnchorHash
-      )
-    },
-    e.timelockPegin,
-    e.fundedPrePeginTxHex,
-    e.htlcVout
-  );
-  return {
-    txHex: t.txHex,
-    txid: t.txid,
-    vaultScriptPubKey: t.vaultScriptPubKey,
-    vaultValue: t.vaultValue
-  };
-}
-async function L(e) {
-  const t = f(e.peginTxHex), n = f(e.fundedPrePeginTxHex), i = await H({
-    depositorPubkey: e.depositorPubkey,
-    vaultProviderPubkey: e.vaultProviderPubkey,
-    vaultKeeperPubkeys: e.vaultKeeperPubkeys,
-    universalChallengerPubkeys: e.universalChallengerPubkeys,
-    hashlock: e.hashlock,
-    timelockRefund: e.timelockRefund,
-    network: e.network
-  }), r = d.fromHex(t), o = d.fromHex(n);
-  if (r.ins.length !== 1)
-    throw new Error(
-      `PegIn transaction must have exactly 1 input, got ${r.ins.length}`
-    );
-  const u = r.ins[0], l = o.getId(), g = k(
-    new Uint8Array(u.hash).slice().reverse()
-  );
-  if (g !== l)
-    throw new Error(
-      `PegIn input does not reference the Pre-PegIn transaction. Expected ${l}, got ${g}`
-    );
-  const a = o.outs[u.index];
-  if (!a)
-    throw new Error(
-      `Pre-PegIn output ${u.index} not found (Pre-PegIn has ${o.outs.length} outputs)`
-    );
-  const y = P(i.hashlockScript), S = P(i.hashlockControlBlock), s = new h();
-  s.setVersion(r.version), s.setLocktime(r.locktime), s.addInput({
-    hash: u.hash,
-    index: u.index,
-    sequence: u.sequence,
-    witnessUtxo: {
-      script: a.script,
-      value: a.value
-    },
-    tapLeafScript: [
-      {
-        leafVersion: m,
-        script: c.from(y),
-        controlBlock: c.from(S)
-      }
-    ],
-    tapInternalKey: c.from(A)
-    // sighashType omitted — defaults to SIGHASH_DEFAULT (0x00) for Taproot
-  });
-  for (const p of r.outs)
-    s.addOutput({
-      script: p.script,
-      value: p.value
-    });
-  return { psbtHex: s.toHex() };
-}
-function U(e, t) {
-  const i = h.fromHex(e).data.inputs[0];
-  if (!i)
-    throw new Error("PegIn PSBT has no inputs");
-  if (i.tapScriptSig && i.tapScriptSig.length > 0) {
-    const r = c.from(
-      P(t)
-    );
-    for (const o of i.tapScriptSig)
-      if (o.pubkey.equals(r))
-        return E(o.signature);
-    throw new Error(
-      `No PegIn input signature found for depositor pubkey: ${t}`
-    );
-  }
-  throw i.finalScriptWitness && i.finalScriptWitness.length > 0 ? new Error(
-    "PegIn input PSBT is already finalized. Cannot reliably extract the depositor signature from the witness stack. Ensure the wallet returns a non-finalized PSBT with tapScriptSig entries."
-  ) : new Error(
-    "No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT"
-  );
-}
-function F(e) {
-  const t = h.fromHex(e);
-  try {
-    t.finalizeAllInputs();
-  } catch (n) {
-    if (!t.data.inputs.every(
-      (r) => r.finalScriptWitness || r.finalScriptSig
-    ))
-      throw new Error(
-        `PSBT finalization failed and wallet did not auto-finalize: ${n}`
-      );
-  }
-  return t.extractTransaction().toHex();
-}
-function E(e) {
-  if (e.length === 64)
-    return k(new Uint8Array(e));
-  throw e.length === 65 ? new Error(
-    `Unexpected sighash byte 0x${e[64].toString(16).padStart(2, "0")} in PegIn input signature. Expected implicit SIGHASH_DEFAULT as a 64-byte signature.`
-  ) : new Error(`Unexpected PegIn input signature length: ${e.length}`);
-}
-export {
-  K as a,
-  B as b,
-  L as c,
-  U as e,
-  F as f
-};
-//# sourceMappingURL=peginInput-CYJzbuwA.js.map

package/dist/peginInput-CYJzbuwA.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"peginInput-CYJzbuwA.js","sources":["../src/tbv/core/primitives/psbt/pegin.ts","../src/tbv/core/primitives/psbt/peginInput.ts"],"sourcesContent":["/**\n * Pre-PegIn PSBT Builder Primitive\n *\n * This module provides pure functions for building unfunded Pre-PegIn transactions\n * and deriving PegIn transactions from them, using the WASM implementation from\n * @babylonlabs-io/babylon-tbv-rust-wasm.\n *\n * Pre-PegIn Flow:\n * 1. buildPrePeginPsbt() — creates unfunded Pre-PegIn tx (HTLC output)\n * 2. [caller funds Pre-PegIn tx and computes txid]\n * 3. buildPeginTxFromFundedPrePegin() — derives PegIn tx spending the HTLC\n * 4. buildPeginInputPsbt() — PSBT for depositor to sign PegIn HTLC leaf 0 input\n *\n * @module primitives/psbt/pegin\n */\n\nimport {\n buildPeginTxFromPrePegin,\n createPrePeginTransaction,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\n\nimport { parseUnfundedWasmTransaction } from \"../../utils/transaction/fundPeginTransaction\";\n\n/**\n * Parameters for building an unfunded Pre-PegIn PSBT\n */\nexport interface PrePeginParams {\n /** Depositor's BTC public key (x-only, 64-char hex without 0x prefix) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Array of vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Array of universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment(s) (64 hex chars = 32 bytes each) */\n hashlocks: readonly string[];\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Amounts to peg in (satoshis), one per deposit */\n pegInAmounts: readonly bigint[];\n /** Fee rate in sat/vB from contract offchain params */\n feeRate: bigint;\n /** Number of local challengers (from contract params) */\n numLocalChallengers: number;\n /** M in M-of-N council multisig (from contract params) */\n councilQuorum: number;\n /** N in M-of-N council multisig (from contract params) */\n councilSize: number;\n /** Bitcoin network */\n network: Network;\n /**\n * Optional 32-byte `SHA256(auth_anchor)` commitment (64-char hex, no\n * `0x` prefix). If provided, the Pre-PegIn tx will include an\n * `OP_RETURN <PUSH32 authAnchorHash>` output at vout =\n * `hashlocks.length`, binding the depositor's bearer-token\n * `auth_anchor` preimage to this Pre-PegIn.\n */\n authAnchorHash?: string;\n}\n\n/**\n * Byte length of an `auth_anchor_hash` commitment when encoded as a\n * lowercase hex string (32 bytes → 64 hex chars).\n */\nconst AUTH_ANCHOR_HASH_HEX_LEN = 64;\n\nconst HEX_PATTERN = /^[0-9a-fA-F]+$/;\n\n/**\n * Result of building an unfunded Pre-PegIn transaction\n */\nexport interface PrePeginPsbtResult {\n /**\n * Unfunded transaction hex (no inputs, HTLC outputs + optional\n * auth-anchor OP_RETURN + CPFP anchor).\n *\n * The caller is responsible for:\n * - Selecting UTXOs covering totalOutputValue + network fees\n * - Funding the transaction (add inputs and change output)\n * - Calling buildPeginTxFromFundedPrePegin() with the funded tx hex\n */\n psbtHex: string;\n /** Sum of all unfunded outputs — use this for UTXO selection */\n totalOutputValue: bigint;\n /** HTLC output values in satoshis, one per deposit (each includes peginAmount + depositorClaimValue + minPeginFee) */\n htlcValues: readonly bigint[];\n /** HTLC output scriptPubKeys (hex encoded), one per deposit */\n htlcScriptPubKeys: readonly string[];\n /** HTLC Taproot addresses, one per deposit */\n htlcAddresses: readonly string[];\n /** Pegin amounts in satoshis, one per deposit */\n peginAmounts: readonly bigint[];\n /** Depositor claim value computed by WASM from contract parameters */\n depositorClaimValue: bigint;\n /**\n * Vout index of the auth-anchor `OP_RETURN` output if one was\n * included (i.e. `authAnchorHash` was provided), or `null` if not.\n * Always equals `htlcValues.length` when present.\n */\n authAnchorVout: number | null;\n}\n\n/**\n * Parameters for building the PegIn transaction from a funded Pre-PegIn tx\n */\nexport interface BuildPeginTxParams {\n /** Same PrePeginParams used to create the Pre-PegIn transaction */\n prePeginParams: PrePeginParams;\n /** CSV timelock in blocks for the PegIn vault output */\n timelockPegin: number;\n /** Hex-encoded funded Pre-PegIn transaction */\n fundedPrePeginTxHex: string;\n /** Index of the HTLC output to spend */\n htlcVout: number;\n}\n\n/**\n * Result of building the PegIn transaction\n */\nexport interface PeginTxResult {\n /** PegIn transaction hex (1 input spending HTLC, 1 vault output) */\n txHex: string;\n /** PegIn transaction ID */\n txid: string;\n /** Vault output scriptPubKey (hex encoded) */\n vaultScriptPubKey: string;\n /** Vault output value in satoshis */\n vaultValue: bigint;\n}\n\n/**\n * Build unfunded Pre-PegIn transaction using WASM.\n *\n * Creates a Bitcoin transaction template with no inputs, an HTLC output, and a\n * CPFP anchor output. The HTLC value is computed internally from the contract\n * parameters — the caller does not need to compute depositorClaimValue separately.\n *\n * @param params - Pre-PegIn parameters\n * @returns Unfunded Pre-PegIn transaction details with HTLC output information\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPrePeginPsbt(\n params: PrePeginParams,\n): Promise<PrePeginPsbtResult> {\n const authAnchorHash = normalizeAuthAnchorHash(params.authAnchorHash);\n\n const result = await createPrePeginTransaction({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlocks: [...params.hashlocks],\n timelockRefund: params.timelockRefund,\n pegInAmounts: [...params.pegInAmounts],\n feeRate: params.feeRate,\n numLocalChallengers: params.numLocalChallengers,\n councilQuorum: params.councilQuorum,\n councilSize: params.councilSize,\n network: params.network,\n authAnchorHash,\n });\n\n // Parse the unfunded tx to sum all output values\n // (HTLCs + optional OP_RETURN + CPFP anchor). This is the amount\n // UTXOs must cover before adding network fees.\n const parsed = parseUnfundedWasmTransaction(result.txHex);\n const totalOutputValue = parsed.outputs.reduce(\n (sum, o) => sum + BigInt(o.value),\n 0n,\n );\n\n // The WASM places the OP_RETURN commitment immediately after the\n // HTLC outputs when authAnchorHash is provided.\n const authAnchorVout =\n authAnchorHash !== undefined ? result.htlcValues.length : null;\n\n return {\n psbtHex: result.txHex,\n totalOutputValue,\n htlcValues: result.htlcValues,\n htlcScriptPubKeys: result.htlcScriptPubKeys,\n htlcAddresses: result.htlcAddresses,\n peginAmounts: result.peginAmounts,\n depositorClaimValue: result.depositorClaimValue,\n authAnchorVout,\n };\n}\n\n/**\n * Validate and normalize an `authAnchorHash` hex string before passing\n * it to the WASM boundary. WASM expects exactly 64 lowercase hex chars.\n */\nfunction normalizeAuthAnchorHash(\n value: string | undefined,\n): string | undefined {\n if (value === undefined) return undefined;\n const cleaned =\n value.startsWith(\"0x\") || value.startsWith(\"0X\") ? value.slice(2) : value;\n if (\n cleaned.length !== AUTH_ANCHOR_HASH_HEX_LEN ||\n !HEX_PATTERN.test(cleaned)\n ) {\n throw new Error(\n `authAnchorHash must be 32-byte hex (${AUTH_ANCHOR_HASH_HEX_LEN} chars, no 0x prefix); got length ${cleaned.length}`,\n );\n }\n return cleaned.toLowerCase();\n}\n\n/**\n * Build the PegIn transaction from a funded Pre-PegIn transaction.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output at htlcVout via the\n * hashlock + all-party script (leaf 0).\n *\n * @param params - Build parameters including Pre-PegIn params and funded tx hex\n * @returns PegIn transaction details\n * @throws If WASM initialization fails or parameters are invalid\n */\nexport async function buildPeginTxFromFundedPrePegin(\n params: BuildPeginTxParams,\n): Promise<PeginTxResult> {\n // WASM reconstructs the Pre-PegIn template from these params to\n // decode the funded tx. Must pass `authAnchorHash` (normalized\n // identically to buildPrePeginPsbt) so the reconstruction matches\n // the original outputs, including the OP_RETURN at vout =\n // hashlocks.length.\n const result = await buildPeginTxFromPrePegin(\n {\n depositorPubkey: params.prePeginParams.depositorPubkey,\n vaultProviderPubkey: params.prePeginParams.vaultProviderPubkey,\n vaultKeeperPubkeys: params.prePeginParams.vaultKeeperPubkeys,\n universalChallengerPubkeys:\n params.prePeginParams.universalChallengerPubkeys,\n hashlocks: [...params.prePeginParams.hashlocks],\n timelockRefund: params.prePeginParams.timelockRefund,\n pegInAmounts: [...params.prePeginParams.pegInAmounts],\n feeRate: params.prePeginParams.feeRate,\n numLocalChallengers: params.prePeginParams.numLocalChallengers,\n councilQuorum: params.prePeginParams.councilQuorum,\n councilSize: params.prePeginParams.councilSize,\n network: params.prePeginParams.network,\n authAnchorHash: normalizeAuthAnchorHash(\n params.prePeginParams.authAnchorHash,\n ),\n },\n params.timelockPegin,\n params.fundedPrePeginTxHex,\n params.htlcVout,\n );\n\n return {\n txHex: result.txHex,\n txid: result.txid,\n vaultScriptPubKey: result.vaultScriptPubKey,\n vaultValue: result.vaultValue,\n };\n}\n","/**\n * PegIn Input PSBT Builder\n *\n * Builds the PSBT for the depositor to sign the PegIn transaction's HTLC input\n * (Pre-PegIn HTLC leaf 0 — the hashlock + all-party script).\n *\n * This is the \"Sign Pegin transaction HTLC leaf 0 input\" step in the pre-pegin\n * flow. The depositor signs input 0 of the PegIn transaction,\n * which spends output 0 of the funded Pre-PegIn transaction via script-path.\n *\n * @module primitives/psbt/peginInput\n */\n\nimport {\n getPrePeginHtlcConnectorInfo,\n tapInternalPubkey,\n type Network,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\nimport { TAPSCRIPT_LEAF_VERSION, hexToUint8Array, stripHexPrefix, uint8ArrayToHex } from \"../utils/bitcoin\";\n\n/**\n * Parameters for building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtParams {\n /**\n * PegIn transaction hex (1 input spending Pre-PegIn HTLC output 0).\n * Returned by buildPeginTxFromFundedPrePegin().\n */\n peginTxHex: string;\n /**\n * Funded Pre-PegIn transaction hex.\n * Used to look up the HTLC output that the PegIn input spends.\n */\n fundedPrePeginTxHex: string;\n /** Depositor's BTC public key (x-only, 64-char hex) */\n depositorPubkey: string;\n /** Vault provider's BTC public key (x-only, 64-char hex) */\n vaultProviderPubkey: string;\n /** Vault keeper BTC public keys (x-only, 64-char hex) */\n vaultKeeperPubkeys: string[];\n /** Universal challenger BTC public keys (x-only, 64-char hex) */\n universalChallengerPubkeys: string[];\n /** SHA256 hash commitment (64 hex chars = 32 bytes) */\n hashlock: string;\n /** CSV timelock in blocks for the HTLC refund path */\n timelockRefund: number;\n /** Bitcoin network */\n network: Network;\n}\n\n/**\n * Result of building the PegIn input PSBT\n */\nexport interface BuildPeginInputPsbtResult {\n /** PSBT hex for the depositor to sign */\n psbtHex: string;\n}\n\n/**\n * Build PSBT for depositor to sign the PegIn transaction's HTLC leaf 0 input.\n *\n * The PegIn transaction spends the Pre-PegIn HTLC output (output 0) via the\n * hashlock + all-party script (leaf 0). The depositor provides one of the required\n * signatures; the vault provider and keepers provide theirs separately via the\n * signPeginInput RPC.\n *\n * The PSBT uses Taproot script-path spending:\n * - witnessUtxo: the Pre-PegIn HTLC output\n * - tapLeafScript: hashlock leaf script + control block\n * - tapInternalKey: NUMS unspendable key (BIP-341 nothing-up-my-sleeve)\n *\n * @param params - PegIn input PSBT parameters\n * @returns PSBT hex ready for depositor signing\n * @throws If PegIn tx does not have exactly 1 input\n * @throws If PegIn input does not reference the Pre-PegIn HTLC output\n * @throws If Pre-PegIn tx output 0 is not found\n */\nexport async function buildPeginInputPsbt(\n params: BuildPeginInputPsbtParams,\n): Promise<BuildPeginInputPsbtResult> {\n const peginTxHex = stripHexPrefix(params.peginTxHex);\n const fundedPrePeginTxHex = stripHexPrefix(params.fundedPrePeginTxHex);\n\n const htlcConnector = await getPrePeginHtlcConnectorInfo({\n depositorPubkey: params.depositorPubkey,\n vaultProviderPubkey: params.vaultProviderPubkey,\n vaultKeeperPubkeys: params.vaultKeeperPubkeys,\n universalChallengerPubkeys: params.universalChallengerPubkeys,\n hashlock: params.hashlock,\n timelockRefund: params.timelockRefund,\n network: params.network,\n });\n\n const peginTx = Transaction.fromHex(peginTxHex);\n const prePeginTx = Transaction.fromHex(fundedPrePeginTxHex);\n\n if (peginTx.ins.length !== 1) {\n throw new Error(\n `PegIn transaction must have exactly 1 input, got ${peginTx.ins.length}`,\n );\n }\n\n const peginInput = peginTx.ins[0];\n\n // Verify PegIn input 0 spends Pre-PegIn output 0\n const prePeginTxid = prePeginTx.getId();\n const peginInputTxid = uint8ArrayToHex(\n new Uint8Array(peginInput.hash).slice().reverse(),\n );\n\n if (peginInputTxid !== prePeginTxid) {\n throw new Error(\n `PegIn input does not reference the Pre-PegIn transaction. ` +\n `Expected ${prePeginTxid}, got ${peginInputTxid}`,\n );\n }\n\n const htlcOutput = prePeginTx.outs[peginInput.index];\n if (!htlcOutput) {\n throw new Error(\n `Pre-PegIn output ${peginInput.index} not found ` +\n `(Pre-PegIn has ${prePeginTx.outs.length} outputs)`,\n );\n }\n\n const hashlockScript = hexToUint8Array(htlcConnector.hashlockScript);\n const hashlockControlBlock = hexToUint8Array(htlcConnector.hashlockControlBlock);\n\n const psbt = new Psbt();\n psbt.setVersion(peginTx.version);\n psbt.setLocktime(peginTx.locktime);\n\n // Input 0: PegIn input spending Pre-PegIn HTLC output 0 via hashlock leaf (leaf 0).\n // The depositor signs using Taproot script-path spending.\n psbt.addInput({\n hash: peginInput.hash,\n index: peginInput.index,\n sequence: peginInput.sequence,\n witnessUtxo: {\n script: htlcOutput.script,\n value: htlcOutput.value,\n },\n tapLeafScript: [\n {\n leafVersion: TAPSCRIPT_LEAF_VERSION,\n script: Buffer.from(hashlockScript),\n controlBlock: Buffer.from(hashlockControlBlock),\n },\n ],\n tapInternalKey: Buffer.from(tapInternalPubkey),\n // sighashType omitted — defaults to SIGHASH_DEFAULT (0x00) for Taproot\n });\n\n for (const output of peginTx.outs) {\n psbt.addOutput({\n script: output.script,\n value: output.value,\n });\n }\n\n return { psbtHex: psbt.toHex() };\n}\n\n/**\n * Extract the depositor's Schnorr signature from a signed PegIn input PSBT.\n *\n * Supports non-finalized PSBTs with tapScriptSig entries. Finalized PSBTs are\n * rejected because the witness stack does not reliably identify the depositor\n * signature by public key.\n *\n * PegIn input signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte. Signatures with an appended sighash byte\n * are rejected rather than stripped.\n *\n * @param signedPsbtHex - Signed PSBT hex\n * @param depositorPubkey - Depositor's x-only public key (64-char hex)\n * @returns 64-byte Schnorr signature (128 hex chars, no sighash flag)\n * @throws If no signature is found for the depositor's key\n */\nexport function extractPeginInputSignature(\n signedPsbtHex: string,\n depositorPubkey: string,\n): string {\n const signedPsbt = Psbt.fromHex(signedPsbtHex);\n const input = signedPsbt.data.inputs[0];\n\n if (!input) {\n throw new Error(\"PegIn PSBT has no inputs\");\n }\n\n // Non-finalized PSBT — extract from tapScriptSig\n if (input.tapScriptSig && input.tapScriptSig.length > 0) {\n const depositorPubkeyBytes = Buffer.from(\n hexToUint8Array(depositorPubkey),\n );\n\n for (const sigEntry of input.tapScriptSig) {\n if (sigEntry.pubkey.equals(depositorPubkeyBytes)) {\n return extractSchnorrSig(sigEntry.signature);\n }\n }\n\n throw new Error(\n `No PegIn input signature found for depositor pubkey: ${depositorPubkey}`,\n );\n }\n\n // Finalized PSBT — the witness stack order depends on the wallet's finalizer,\n // so we cannot reliably pick the depositor's signature by position. Require\n // the non-finalized tapScriptSig path which identifies signatures by pubkey.\n if (input.finalScriptWitness && input.finalScriptWitness.length > 0) {\n throw new Error(\n \"PegIn input PSBT is already finalized. Cannot reliably extract the \" +\n \"depositor signature from the witness stack. Ensure the wallet returns \" +\n \"a non-finalized PSBT with tapScriptSig entries.\",\n );\n }\n\n throw new Error(\n \"No tapScriptSig or finalScriptWitness found in signed PegIn input PSBT\",\n );\n}\n\n/**\n * Finalize a signed PegIn input PSBT and return the depositor-signed transaction hex.\n *\n * The default tapscript finalizer builds the full witness stack [sig, script, controlBlock]\n * that vaultd requires when verifying the depositor signature on-chain.\n *\n * @param signedPsbtHex - Non-finalized signed PSBT hex (returned by wallet with autoFinalized: false)\n * @returns Depositor-signed PegIn transaction hex with full taproot witness stack\n */\nexport function finalizePeginInputPsbt(signedPsbtHex: string): string {\n const psbt = Psbt.fromHex(signedPsbtHex);\n\n // Some wallets (UniSat, OKX) ignore autoFinalized: false and return\n // already-finalized PSBTs. finalizeAllInputs() throws in that case,\n // so fall back to verifying the wallet already finalized all inputs.\n try {\n psbt.finalizeAllInputs();\n } catch (e) {\n const allFinalized = psbt.data.inputs.every(\n (inp) => inp.finalScriptWitness || inp.finalScriptSig,\n );\n if (!allFinalized) {\n throw new Error(\n `PSBT finalization failed and wallet did not auto-finalize: ${e}`,\n );\n }\n }\n\n return psbt.extractTransaction().toHex();\n}\n\n/**\n * Extract and validate a 64-byte Schnorr signature.\n * PegIn input signatures must use implicit Taproot SIGHASH_DEFAULT, which is\n * encoded by omitting the sighash byte. Reject 65-byte signatures instead of\n * stripping the sighash byte because it changes the signed Taproot message.\n * @internal\n */\nexport function extractSchnorrSig(sig: Uint8Array): string {\n if (sig.length === 64) {\n return uint8ArrayToHex(new Uint8Array(sig));\n }\n if (sig.length === 65) {\n throw new Error(\n `Unexpected sighash byte 0x${sig[64].toString(16).padStart(2, \"0\")} in PegIn input signature. ` +\n \"Expected implicit SIGHASH_DEFAULT as a 64-byte signature.\",\n );\n }\n throw new Error(`Unexpected PegIn input signature length: ${sig.length}`);\n}\n"],"names":["AUTH_ANCHOR_HASH_HEX_LEN","HEX_PATTERN","buildPrePeginPsbt","params","authAnchorHash","normalizeAuthAnchorHash","result","createPrePeginTransaction","totalOutputValue","parseUnfundedWasmTransaction","sum","o","authAnchorVout","value","cleaned","buildPeginTxFromFundedPrePegin","buildPeginTxFromPrePegin","buildPeginInputPsbt","peginTxHex","stripHexPrefix","fundedPrePeginTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","peginTx","Transaction","prePeginTx","peginInput","prePeginTxid","peginInputTxid","uint8ArrayToHex","htlcOutput","hashlockScript","hexToUint8Array","hashlockControlBlock","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","tapInternalPubkey","output","extractPeginInputSignature","signedPsbtHex","depositorPubkey","input","depositorPubkeyBytes","sigEntry","extractSchnorrSig","finalizePeginInputPsbt","e","inp","sig"],"mappings":";;;;;AAkEA,MAAMA,IAA2B,IAE3BC,IAAc;AA2EpB,eAAsBC,EACpBC,GAC6B;AAC7B,QAAMC,IAAiBC,EAAwBF,EAAO,cAAc,GAE9DG,IAAS,MAAMC,EAA0B;AAAA,IAC7C,iBAAiBJ,EAAO;AAAA,IACxB,qBAAqBA,EAAO;AAAA,IAC5B,oBAAoBA,EAAO;AAAA,IAC3B,4BAA4BA,EAAO;AAAA,IACnC,WAAW,CAAC,GAAGA,EAAO,SAAS;AAAA,IAC/B,gBAAgBA,EAAO;AAAA,IACvB,cAAc,CAAC,GAAGA,EAAO,YAAY;AAAA,IACrC,SAASA,EAAO;AAAA,IAChB,qBAAqBA,EAAO;AAAA,IAC5B,eAAeA,EAAO;AAAA,IACtB,aAAaA,EAAO;AAAA,IACpB,SAASA,EAAO;AAAA,IAChB,gBAAAC;AAAA,EAAA,CACD,GAMKI,IADSC,EAA6BH,EAAO,KAAK,EACxB,QAAQ;AAAA,IACtC,CAACI,GAAKC,MAAMD,IAAM,OAAOC,EAAE,KAAK;AAAA,IAChC;AAAA,EAAA,GAKIC,IACJR,MAAmB,SAAYE,EAAO,WAAW,SAAS;AAE5D,SAAO;AAAA,IACL,SAASA,EAAO;AAAA,IAChB,kBAAAE;AAAA,IACA,YAAYF,EAAO;AAAA,IACnB,mBAAmBA,EAAO;AAAA,IAC1B,eAAeA,EAAO;AAAA,IACtB,cAAcA,EAAO;AAAA,IACrB,qBAAqBA,EAAO;AAAA,IAC5B,gBAAAM;AAAA,EAAA;AAEJ;AAMA,SAASP,EACPQ,GACoB;AACpB,MAAIA,MAAU,OAAW;AACzB,QAAMC,IACJD,EAAM,WAAW,IAAI,KAAKA,EAAM,WAAW,IAAI,IAAIA,EAAM,MAAM,CAAC,IAAIA;AACtE,MACEC,EAAQ,WAAWd,KACnB,CAACC,EAAY,KAAKa,CAAO;AAEzB,UAAM,IAAI;AAAA,MACR,uCAAuCd,CAAwB,qCAAqCc,EAAQ,MAAM;AAAA,IAAA;AAGtH,SAAOA,EAAQ,YAAA;AACjB;AAYA,eAAsBC,EACpBZ,GACwB;AAMxB,QAAMG,IAAS,MAAMU;AAAA,IACnB;AAAA,MACE,iBAAiBb,EAAO,eAAe;AAAA,MACvC,qBAAqBA,EAAO,eAAe;AAAA,MAC3C,oBAAoBA,EAAO,eAAe;AAAA,MAC1C,4BACEA,EAAO,eAAe;AAAA,MACxB,WAAW,CAAC,GAAGA,EAAO,eAAe,SAAS;AAAA,MAC9C,gBAAgBA,EAAO,eAAe;AAAA,MACtC,cAAc,CAAC,GAAGA,EAAO,eAAe,YAAY;AAAA,MACpD,SAASA,EAAO,eAAe;AAAA,MAC/B,qBAAqBA,EAAO,eAAe;AAAA,MAC3C,eAAeA,EAAO,eAAe;AAAA,MACrC,aAAaA,EAAO,eAAe;AAAA,MACnC,SAASA,EAAO,eAAe;AAAA,MAC/B,gBAAgBE;AAAA,QACdF,EAAO,eAAe;AAAA,MAAA;AAAA,IACxB;AAAA,IAEFA,EAAO;AAAA,IACPA,EAAO;AAAA,IACPA,EAAO;AAAA,EAAA;AAGT,SAAO;AAAA,IACL,OAAOG,EAAO;AAAA,IACd,MAAMA,EAAO;AAAA,IACb,mBAAmBA,EAAO;AAAA,IAC1B,YAAYA,EAAO;AAAA,EAAA;AAEvB;ACpLA,eAAsBW,EACpBd,GACoC;AACpC,QAAMe,IAAaC,EAAehB,EAAO,UAAU,GAC7CiB,IAAsBD,EAAehB,EAAO,mBAAmB,GAE/DkB,IAAgB,MAAMC,EAA6B;AAAA,IACvD,iBAAiBnB,EAAO;AAAA,IACxB,qBAAqBA,EAAO;AAAA,IAC5B,oBAAoBA,EAAO;AAAA,IAC3B,4BAA4BA,EAAO;AAAA,IACnC,UAAUA,EAAO;AAAA,IACjB,gBAAgBA,EAAO;AAAA,IACvB,SAASA,EAAO;AAAA,EAAA,CACjB,GAEKoB,IAAUC,EAAY,QAAQN,CAAU,GACxCO,IAAaD,EAAY,QAAQJ,CAAmB;AAE1D,MAAIG,EAAQ,IAAI,WAAW;AACzB,UAAM,IAAI;AAAA,MACR,oDAAoDA,EAAQ,IAAI,MAAM;AAAA,IAAA;AAI1E,QAAMG,IAAaH,EAAQ,IAAI,CAAC,GAG1BI,IAAeF,EAAW,MAAA,GAC1BG,IAAiBC;AAAA,IACrB,IAAI,WAAWH,EAAW,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,EAAQ;AAGlD,MAAIE,MAAmBD;AACrB,UAAM,IAAI;AAAA,MACR,sEACcA,CAAY,SAASC,CAAc;AAAA,IAAA;AAIrD,QAAME,IAAaL,EAAW,KAAKC,EAAW,KAAK;AACnD,MAAI,CAACI;AACH,UAAM,IAAI;AAAA,MACR,oBAAoBJ,EAAW,KAAK,6BAChBD,EAAW,KAAK,MAAM;AAAA,IAAA;AAI9C,QAAMM,IAAiBC,EAAgBX,EAAc,cAAc,GAC7DY,IAAuBD,EAAgBX,EAAc,oBAAoB,GAEzEa,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWX,EAAQ,OAAO,GAC/BW,EAAK,YAAYX,EAAQ,QAAQ,GAIjCW,EAAK,SAAS;AAAA,IACZ,MAAMR,EAAW;AAAA,IACjB,OAAOA,EAAW;AAAA,IAClB,UAAUA,EAAW;AAAA,IACrB,aAAa;AAAA,MACX,QAAQI,EAAW;AAAA,MACnB,OAAOA,EAAW;AAAA,IAAA;AAAA,IAEpB,eAAe;AAAA,MACb;AAAA,QACE,aAAaM;AAAA,QACb,QAAQC,EAAO,KAAKN,CAAc;AAAA,QAClC,cAAcM,EAAO,KAAKJ,CAAoB;AAAA,MAAA;AAAA,IAChD;AAAA,IAEF,gBAAgBI,EAAO,KAAKC,CAAiB;AAAA;AAAA,EAAA,CAE9C;AAED,aAAWC,KAAUhB,EAAQ;AAC3B,IAAAW,EAAK,UAAU;AAAA,MACb,QAAQK,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAO,EAAE,SAASL,EAAK,QAAM;AAC/B;AAkBO,SAASM,EACdC,GACAC,GACQ;AAER,QAAMC,IADaR,EAAK,QAAQM,CAAa,EACpB,KAAK,OAAO,CAAC;AAEtC,MAAI,CAACE;AACH,UAAM,IAAI,MAAM,0BAA0B;AAI5C,MAAIA,EAAM,gBAAgBA,EAAM,aAAa,SAAS,GAAG;AACvD,UAAMC,IAAuBP,EAAO;AAAA,MAClCL,EAAgBU,CAAe;AAAA,IAAA;AAGjC,eAAWG,KAAYF,EAAM;AAC3B,UAAIE,EAAS,OAAO,OAAOD,CAAoB;AAC7C,eAAOE,EAAkBD,EAAS,SAAS;AAI/C,UAAM,IAAI;AAAA,MACR,wDAAwDH,CAAe;AAAA,IAAA;AAAA,EAE3E;AAKA,QAAIC,EAAM,sBAAsBA,EAAM,mBAAmB,SAAS,IAC1D,IAAI;AAAA,IACR;AAAA,EAAA,IAME,IAAI;AAAA,IACR;AAAA,EAAA;AAEJ;AAWO,SAASI,EAAuBN,GAA+B;AACpE,QAAMP,IAAOC,EAAK,QAAQM,CAAa;AAKvC,MAAI;AACF,IAAAP,EAAK,kBAAA;AAAA,EACP,SAASc,GAAG;AAIV,QAAI,CAHiBd,EAAK,KAAK,OAAO;AAAA,MACpC,CAACe,MAAQA,EAAI,sBAAsBA,EAAI;AAAA,IAAA;AAGvC,YAAM,IAAI;AAAA,QACR,8DAA8DD,CAAC;AAAA,MAAA;AAAA,EAGrE;AAEA,SAAOd,EAAK,mBAAA,EAAqB,MAAA;AACnC;AASO,SAASY,EAAkBI,GAAyB;AACzD,MAAIA,EAAI,WAAW;AACjB,WAAOrB,EAAgB,IAAI,WAAWqB,CAAG,CAAC;AAE5C,QAAIA,EAAI,WAAW,KACX,IAAI;AAAA,IACR,6BAA6BA,EAAI,EAAE,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC;AAAA,EAAA,IAIhE,IAAI,MAAM,4CAA4CA,EAAI,MAAM,EAAE;AAC1E;"}

package/dist/types-DnyyBNcC.cjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";var y=Object.defineProperty;var b=(e,t,r)=>t in e?y(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r;var P=(e,t,r)=>b(e,typeof t!="symbol"?t+"":t,r);class R extends Error{constructor(t,r,n="local",o){super(r),this.code=t,this.source=n,this.data=o,this.name="JsonRpcError"}}const u={TIMEOUT:-32e3,NETWORK:-32001,PROXY_TIMEOUT:-32002,PROXY_UNAVAILABLE:-32003,INVALID_RESPONSE:-32700,RESPONSE_TOO_LARGE:-32701},f="2.0",p=3,v=1e3,D=210241024,L=new Set(["vaultProvider_requestDepositorClaimerArtifacts"]),g=new Set([408,429,500,502,503,504]),U=new Set(["vaultProvider_getPeginStatus","vaultProvider_batchGetPeginStatus","vaultProvider_batchGetPegoutStatus","vaultProvider_requestDepositorPresignTransactions"]);function m(e){return U.has(e)}const G="auth_expired";function C(e){if(!(e instanceof R)\|\|e.source!=="wire")return!1;const t=e.data;return t===null\|\|typeof t!="object"?!1:t.kind===G}class B{constructor(t){P(this,"baseUrl");P(this,"timeout");P(this,"headers");P(this,"requestId",0);P(this,"retries");P(this,"retryDelay");P(this,"maxResponseBytes");P(this,"retryableFor");P(this,"tokenProvider");if(this.baseUrl=t.baseUrl.replace(/\/$/,""),this.timeout=t.timeout,this.headers={"Content-Type":"application/json",...t.headers},this.retries=t.retries??p,this.retryDelay=t.retryDelay??v,this.maxResponseBytes=t.maxResponseBytes??D,!Number.isFinite(this.maxResponseBytes)\|\|this.maxResponseBytes<=0)throw new Error("maxResponseBytes must be a positive finite number");this.retryableFor=t.retryableFor??m,this.tokenProvider=t.tokenProvider}async buildHeaders(t){const r={...this.headers};if(this.tokenProvider){const n=await this.tokenProvider.getToken(t);n&&(r.Authorization=`Bearer ${n}`)}return r}async call(t,r,n){try{return await this.callOnce(t,r,n)}catch(o){if(this.tokenProvider&&C(o))return this.tokenProvider.invalidate(),await this.callOnce(t,r,n);throw o}}async callOnce(t,r,n){const o=await this.fetchWithRetry(t,r,n);let s;try{const i=L.has(t)?await o.text():await x(o,this.maxResponseBytes);s=JSON.parse(i)}catch(i){throw i instanceof R?i:new R(u.INVALID_RESPONSE,"Invalid JSON-RPC response: body is not valid JSON","local")}if(s===null\|\|typeof s!="object"\|\|Array.isArray(s))throw new R(u.INVALID_RESPONSE,`Invalid JSON-RPC response: expected an object, got ${typeof s}`,"local");const a=s;if("error"in a&&a.error!=null){const i=a.error;throw new R(i.code??u.INVALID_RESPONSE,i.message??"Unknown RPC error","wire",i.data)}if(!("result"in a))throw new R(u.INVALID_RESPONSE,'Invalid JSON-RPC response: missing "result" field',"local");return a.result}async callRaw(t,r,n){return this.fetchWithRetry(t,r,n)}async fetchWithRetry(t,r,n){const o=++this.requestId,s=this.retryableFor(t)?this.retries:0,i=JSON.stringify({jsonrpc:f,method:t,params:[r],id:o});let A=null;for(let T=0;T<=s;T++){const S=new AbortController,l=setTimeout(()=>S.abort(),this.timeout),_=n?V(n,S.signal):null,O=_?_.signal:S.signal;try{const E=await this.buildHeaders(t),c=await fetch(this.baseUrl,{method:"POST",headers:E,body:i,signal:O});if(clearTimeout(l),_==null\|\|_.cleanup(),!c.ok){if(T<s&&g.has(c.status)){const w=this.retryDelayMath.pow(2,T);await this.sleep(w,n);continue}throw new Error(`HTTP error: ${c.status} ${c.statusText}`)}return c}catch(E){if(clearTimeout(l),_==null\|\|_.cleanup(),A=E instanceof Error?E:new Error(String(E)),n!=null&&n.aborted)throw new Error("Request aborted");if(E instanceof Error&&E.name==="AbortError"){if(T<s){const c=this.retryDelayMath.pow(2,T);await this.sleep(c,n);continue}throw new R(u.TIMEOUT,`Request timeout after ${this.timeout}ms (${s+1} attempts)`,"local")}if(E instanceof TypeError){if(T<s){const c=this.retryDelay*Math.pow(2,T);await this.sleep(c,n);continue}throw new R(u.NETWORK,`Network error: ${E.message} (${s+1} attempts)`,"local")}throw E}}throw A\|\|new Error("Unknown error after retries")}sleep(t,r){return new Promise((n,o)=>{if(r!=null&&r.aborted){o(new Error("Request aborted"));return}const s=setTimeout(()=>{r==null\|\|r.removeEventListener("abort",a),n()},t),a=()=>{clearTimeout(s),o(new Error("Request aborted"))};r==null\|\|r.addEventListener("abort",a,{once:!0})})}getBaseUrl(){return this.baseUrl}}function V(e,t){if(e.aborted)return{signal:e,cleanup:()=>{}};if(t.aborted)return{signal:t,cleanup:()=>{}};const r=new AbortController,n=()=>{t.removeEventListener("abort",o),r.abort()},o=()=>{e.removeEventListener("abort",n),r.abort()};e.addEventListener("abort",n,{once:!0}),t.addEventListener("abort",o,{once:!0});const s=()=>{e.removeEventListener("abort",n),t.removeEventListener("abort",o)};return{signal:r.signal,cleanup:s}}async function x(e,t){const r=e.headers.get("content-length");if(r!==null){const i=Number(r);if(Number.isFinite(i)&&i>t)throw d(t)}if(!e.body)return"";const n=e.body.getReader(),o=new TextDecoder;let s=0,a="";try{for(;;){const{done:i,value:A}=await n.read();if(i)break;if(A){if(s+=A.byteLength,s>t)throw await n.cancel(),d(t);a+=o.decode(A,{stream:!0})}}}finally{n.releaseLock()}return a+o.decode()}function d(e){return new R(u.RESPONSE_TOO_LARGE,`JSON-RPC response exceeds maximum size of ${e} bytes`,"local")}var N=(e=>(e.PENDING_INGESTION="PendingIngestion",e.PENDING_DEPOSITOR_WOTS_PK="PendingDepositorWotsPK",e.PENDING_BABE_SETUP="PendingBabeSetup",e.PENDING_CHALLENGER_PRESIGNING="PendingChallengerPresigning",e.PENDING_PEGIN_SIGS_AVAILABILITY="PendingPeginSigsAvailability",e.PENDING_PRE_PEGIN_CONFIRMATIONS="PendingPrePegInConfirmations",e.PENDING_DEPOSITOR_SIGNATURES="PendingDepositorSignatures",e.PENDING_ACKS="PendingACKs",e.PENDING_ACTIVATION="PendingActivation",e.ACTIVATED="Activated",e.EXPIRED="Expired",e.CLAIM_POSTED="ClaimPosted",e.PEGGED_OUT="PeggedOut",e))(N\|\|{});const k=["PendingIngestion","PendingBabeSetup","PendingChallengerPresigning","PendingPeginSigsAvailability","PendingPrePegInConfirmations"],J=["PendingACKs","PendingActivation","Activated"],h=new Set(["PendingBabeSetup","PendingChallengerPresigning","PendingPeginSigsAvailability","PendingPrePegInConfirmations",...J]),M=new Set(["Expired","ClaimPosted","PeggedOut"]),F=new Set([...h,"PendingDepositorSignatures"]),H=50;var I=(e=>(e[e.DATABASE_ERROR=-32005]="DATABASE_ERROR",e[e.PRESIGN_ERROR=-32006]="PRESIGN_ERROR",e[e.JSON_SERIALIZATION_ERROR=-32007]="JSON_SERIALIZATION_ERROR",e[e.TX_GRAPH_ERROR=-32008]="TX_GRAPH_ERROR",e[e.INVALID_GRAPH=-32009]="INVALID_GRAPH",e[e.VALIDATION_ERROR=-32010]="VALIDATION_ERROR",e[e.NOT_FOUND=-32011]="NOT_FOUND",e[e.INTERNAL_ERROR=-32603]="INTERNAL_ERROR",e))(I\|\|{});exports.DaemonStatus=N;exports.JSON_RPC_ERROR_CODES=u;exports.JsonRpcClient=B;exports.JsonRpcError=R;exports.POST_WOTS_STATUSES=F;exports.PRE_DEPOSITOR_SIGNATURES_STATES=k;exports.RpcErrorCode=I;exports.VP_BATCH_MAX_SIZE=H;exports.VP_TERMINAL_STATUSES=M;exports.VP_TRANSIENT_STATUSES=h;
2	- //# sourceMappingURL=types-DnyyBNcC.cjs.map

package/dist/types-DnyyBNcC.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types-DnyyBNcC.cjs","sources":["../src/tbv/core/clients/vault-provider/json-rpc-client.ts","../src/tbv/core/clients/vault-provider/types.ts"],"sourcesContent":["/**\n * Generic JSON-RPC 2.0 HTTP Client\n *\n * Framework-agnostic client using `fetch()` — works in browsers and Node.js 18+.\n * Includes configurable retry policy and AbortSignal passthrough.\n */\n\nexport interface JsonRpcRequest<T = unknown> {\n jsonrpc: \"2.0\";\n method: string;\n params: T;\n id: number | string;\n}\n\nexport interface JsonRpcSuccessResponse<T = unknown> {\n jsonrpc: \"2.0\";\n result: T;\n id: number | string;\n}\n\nexport interface JsonRpcErrorResponse {\n jsonrpc: \"2.0\";\n error: {\n code: number;\n message: string;\n data?: unknown;\n };\n id: number | string;\n}\n\nexport type JsonRpcResponse<T = unknown> =\n | JsonRpcSuccessResponse<T>\n | JsonRpcErrorResponse;\n\n/**\n * Injects bearer tokens into requests for auth-gated methods, and is\n * notified on auth-expired responses so it can invalidate its cache.\n *\n * The `JsonRpcClient` is agnostic to which methods are auth-gated —\n * the provider's `getToken(method)` decides. Returning `null` means\n * \"no auth required for this method\"; the client then sends the\n * request with no `Authorization` header.\n */\nexport interface BearerTokenProvider {\n /**\n * Return the bearer token to inject for `method`, or `null` if the\n * method does not require auth.\n */\n getToken(method: string): Promise<string | null>;\n /**\n * Drop the cached token. Next call to `getToken` must re-acquire.\n * Called by the client on reactive-refresh-trigger responses.\n */\n invalidate(): void;\n}\n\nexport interface JsonRpcClientConfig {\n /** Base URL of the RPC service */\n baseUrl: string;\n /** Timeout in milliseconds per request attempt */\n timeout: number;\n /** Optional custom headers */\n headers?: Record<string, string>;\n /** Number of retry attempts for transient errors (default: 3) */\n retries?: number;\n /** Initial retry delay in milliseconds (default: 1000) */\n retryDelay?: number;\n /**\n * Maximum response body size, in bytes, for typed JSON-RPC calls.\n * `callRaw` intentionally returns the unparsed Response and is not capped here.\n * Default: 2 MiB.\n */\n maxResponseBytes?: number;\n /**\n * Predicate that decides which methods retry on transient errors.\n * Default retries only `getPeginStatus`, `batchGetPeginStatus`,\n * `batchGetPegoutStatus`, and `requestDepositorPresignTransactions`.\n * Write methods are not retried by default.\n */\n retryableFor?: (method: string) => boolean;\n /**\n * Per-request bearer-token source. A non-null return attaches\n * `Authorization: Bearer <token>`; `null` skips auth. `call`\n * additionally retries once on wire `auth_expired` (invalidate +\n * refetch + retry). `callRaw` skips reactive refresh.\n */\n tokenProvider?: BearerTokenProvider;\n}\n\n/**\n * Identifies whether an error was produced locally (timeout, network\n * failure, malformed response) or parsed from a wire-format JSON-RPC\n * error envelope returned by the server.\n *\n * This matters for anyone inspecting the shared `-32001` code: the SDK\n * uses it internally for network failures AND the server uses it for\n * auth-middleware rejections. The `source` field disambiguates.\n */\nexport type JsonRpcErrorSource = \"wire\" | \"local\";\n\nexport class JsonRpcError extends Error {\n constructor(\n public code: number,\n message: string,\n /** \"wire\" for server-returned envelopes; \"local\" for SDK-side failures. */\n public source: JsonRpcErrorSource = \"local\",\n /** Structured data from the server `error.data` field, if any. */\n public data?: unknown,\n ) {\n super(message);\n this.name = \"JsonRpcError\";\n }\n}\n\nexport const JSON_RPC_ERROR_CODES = {\n TIMEOUT: -32000,\n NETWORK: -32001,\n /** VP proxy: request timed out at proxy level */\n PROXY_TIMEOUT: -32002,\n /** VP proxy: VP unreachable / DNS failure / response too large */\n PROXY_UNAVAILABLE: -32003,\n /** SDK client: response missing \"result\" field (malformed JSON-RPC) */\n INVALID_RESPONSE: -32700,\n /** SDK client: response body exceeded the configured byte limit */\n RESPONSE_TOO_LARGE: -32701,\n} as const;\n\n/** JSON-RPC protocol version */\nconst JSON_RPC_VERSION = \"2.0\" as const;\n\n/** Default number of retry attempts for transient errors */\nconst DEFAULT_RETRY_ATTEMPTS = 3;\n\n/** Default initial retry delay in milliseconds */\nconst DEFAULT_RETRY_DELAY_MS = 1000;\n\n/** Default maximum JSON-RPC response size for typed calls (2 MiB) */\nconst DEFAULT_MAX_RESPONSE_BYTES = 2 * 1024 * 1024;\n\n/**\n * TODO: Temporary typed-call exceptions for methods that currently return large\n * artifact payloads as JSON-RPC results.\n */\nconst UNCAPPED_TYPED_RESPONSE_METHODS: ReadonlySet<string> = new Set([\n \"vaultProvider_requestDepositorClaimerArtifacts\",\n]);\n\n/** HTTP status codes that indicate transient server errors and are safe to retry */\nconst RETRYABLE_HTTP_STATUS_CODES: ReadonlySet<number> = new Set([\n 408, // Request Timeout\n 429, // Too Many Requests\n 500, // Internal Server Error\n 502, // Bad Gateway\n 503, // Service Unavailable\n 504, // Gateway Timeout\n]);\n\n/** Default retry predicate: only retry read-only / idempotent methods */\nconst DEFAULT_RETRYABLE_METHODS: ReadonlySet<string> = new Set([\n \"vaultProvider_getPeginStatus\",\n \"vaultProvider_batchGetPeginStatus\",\n \"vaultProvider_batchGetPegoutStatus\",\n \"vaultProvider_requestDepositorPresignTransactions\",\n]);\n\nfunction defaultRetryableFor(method: string): boolean {\n return DEFAULT_RETRYABLE_METHODS.has(method);\n}\n\n/**\n * Token-expired marker the server emits in `error.data.kind`. When\n * present on a wire-origin error, the client invalidates its cached\n * token and retries the request once with a freshly-acquired bearer.\n *\n * Kept in sync with btc-vault's auth middleware. Absence of the marker\n * means the server does not support reactive refresh yet; we fall back\n * to proactive-only refresh via `BearerTokenProvider.getToken()` TTL\n * checks.\n */\nconst AUTH_EXPIRED_DATA_KIND = \"auth_expired\";\n\nfunction isAuthExpiredError(error: unknown): boolean {\n if (!(error instanceof JsonRpcError)) return false;\n if (error.source !== \"wire\") return false;\n const data = error.data;\n if (data === null || typeof data !== \"object\") return false;\n const kind = (data as { kind?: unknown }).kind;\n return kind === AUTH_EXPIRED_DATA_KIND;\n}\n\n/**\n * Generic JSON-RPC 2.0 HTTP client with safe retry policy.\n */\nexport class JsonRpcClient {\n private baseUrl: string;\n private timeout: number;\n private headers: Record<string, string>;\n private requestId = 0;\n private retries: number;\n private retryDelay: number;\n private maxResponseBytes: number;\n private retryableFor: (method: string) => boolean;\n private tokenProvider?: BearerTokenProvider;\n\n constructor(config: JsonRpcClientConfig) {\n this.baseUrl = config.baseUrl.replace(/\\/$/, \"\");\n this.timeout = config.timeout;\n this.headers = {\n \"Content-Type\": \"application/json\",\n ...config.headers,\n };\n this.retries = config.retries ?? DEFAULT_RETRY_ATTEMPTS;\n this.retryDelay = config.retryDelay ?? DEFAULT_RETRY_DELAY_MS;\n this.maxResponseBytes =\n config.maxResponseBytes ?? DEFAULT_MAX_RESPONSE_BYTES;\n if (!Number.isFinite(this.maxResponseBytes) || this.maxResponseBytes <= 0) {\n throw new Error(\"maxResponseBytes must be a positive finite number\");\n }\n this.retryableFor = config.retryableFor ?? defaultRetryableFor;\n this.tokenProvider = config.tokenProvider;\n }\n\n private async buildHeaders(method: string): Promise<Record<string, string>> {\n const headers: Record<string, string> = { ...this.headers };\n if (this.tokenProvider) {\n const token = await this.tokenProvider.getToken(method);\n if (token) {\n headers.Authorization = `Bearer ${token}`;\n }\n }\n return headers;\n }\n\n /**\n * Make a JSON-RPC request with optional retry for safe methods.\n *\n * If the request fails with a wire-origin `auth_expired` error and a\n * `tokenProvider` is configured, the client invalidates its cached\n * token and retries the request once with a freshly-acquired bearer.\n *\n * @param method - The RPC method name\n * @param params - The method parameters\n * @param signal - Optional AbortSignal for caller-controlled cancellation\n * @returns The result from the RPC method\n * @throws JsonRpcError if the RPC call fails\n */\n async call<TParams, TResult>(\n method: string,\n params: TParams,\n signal?: AbortSignal,\n ): Promise<TResult> {\n try {\n return await this.callOnce<TParams, TResult>(method, params, signal);\n } catch (error) {\n // The auth-expired retry fires for ALL methods, including mutating\n // ones. This is intentional and safe: the server's auth middleware\n // validates the bearer token BEFORE dispatching to the method\n // handler, so an `auth_expired` error means the handler never ran\n // and no state was mutated. Confirmed against btc-vault at\n // `crates/btc-auth/src/middleware/jsonrpc.rs` — token validation\n // is pre-handler only. The `retryableFor` guard on\n // HTTP-transient-error retries doesn't apply here because that\n // guard is about retrying after a request the server may have\n // started processing; auth_expired is categorically different.\n if (this.tokenProvider && isAuthExpiredError(error)) {\n this.tokenProvider.invalidate();\n return await this.callOnce<TParams, TResult>(method, params, signal);\n }\n throw error;\n }\n }\n\n private async callOnce<TParams, TResult>(\n method: string,\n params: TParams,\n signal: AbortSignal | undefined,\n ): Promise<TResult> {\n const response = await this.fetchWithRetry(method, params, signal);\n\n let jsonResponse: unknown;\n try {\n const responseText = UNCAPPED_TYPED_RESPONSE_METHODS.has(method)\n ? await response.text()\n : await readResponseTextWithLimit(response, this.maxResponseBytes);\n jsonResponse = JSON.parse(responseText);\n } catch (error) {\n if (error instanceof JsonRpcError) {\n throw error;\n }\n throw new JsonRpcError(\n JSON_RPC_ERROR_CODES.INVALID_RESPONSE,\n \"Invalid JSON-RPC response: body is not valid JSON\",\n \"local\",\n );\n }\n\n if (\n jsonResponse === null ||\n typeof jsonResponse !== \"object\" ||\n Array.isArray(jsonResponse)\n ) {\n throw new JsonRpcError(\n JSON_RPC_ERROR_CODES.INVALID_RESPONSE,\n `Invalid JSON-RPC response: expected an object, got ${typeof jsonResponse}`,\n \"local\",\n );\n }\n\n const rpcResponse = jsonResponse as Record<string, unknown>;\n\n if (\"error\" in rpcResponse && rpcResponse.error != null) {\n const err = rpcResponse.error as {\n code?: number;\n message?: string;\n data?: unknown;\n };\n throw new JsonRpcError(\n err.code ?? JSON_RPC_ERROR_CODES.INVALID_RESPONSE,\n err.message ?? \"Unknown RPC error\",\n \"wire\",\n err.data,\n );\n }\n\n if (!(\"result\" in rpcResponse)) {\n throw new JsonRpcError(\n JSON_RPC_ERROR_CODES.INVALID_RESPONSE,\n `Invalid JSON-RPC response: missing \"result\" field`,\n \"local\",\n );\n }\n\n return rpcResponse.result as TResult;\n }\n\n /**\n * Make a JSON-RPC request returning the raw Response (unparsed body).\n *\n * Bearer tokens are injected identically to `call`. **Reactive refresh\n * is NOT performed here** — the response body may be unbounded (e.g.\n * claimer-artifact downloads), so the client refuses to parse it to\n * detect auth errors. Callers relying on token-expired retries for\n * large downloads must read the body themselves and re-invoke\n * `callRaw` after `tokenProvider.invalidate()`.\n */\n async callRaw<TParams>(\n method: string,\n params: TParams,\n signal?: AbortSignal,\n ): Promise<Response> {\n return this.fetchWithRetry(method, params, signal);\n }\n\n private async fetchWithRetry<TParams>(\n method: string,\n params: TParams,\n callerSignal?: AbortSignal,\n ): Promise<Response> {\n const requestId = ++this.requestId;\n const maxRetries = this.retryableFor(method) ? this.retries : 0;\n\n // jsonrpsee (Rust backend) expects params as an array (positional parameters)\n const request: JsonRpcRequest<TParams[]> = {\n jsonrpc: JSON_RPC_VERSION,\n method,\n params: [params],\n id: requestId,\n };\n\n const body = JSON.stringify(request);\n let lastError: Error | null = null;\n\n for (let attempt = 0; attempt <= maxRetries; attempt++) {\n // Merge caller signal with per-request timeout signal\n const timeoutController = new AbortController();\n const timeoutId = setTimeout(\n () => timeoutController.abort(),\n this.timeout,\n );\n\n const merged = callerSignal\n ? mergeAbortSignals(callerSignal, timeoutController.signal)\n : null;\n const signal = merged ? merged.signal : timeoutController.signal;\n\n try {\n // Build headers per-attempt so the token provider can return a\n // freshly-acquired bearer after a prior invalidate() on this\n // request (retry loop path) without plumbing state through.\n const headers = await this.buildHeaders(method);\n\n const response = await fetch(this.baseUrl, {\n method: \"POST\",\n headers,\n body,\n signal,\n });\n\n clearTimeout(timeoutId);\n merged?.cleanup();\n\n if (!response.ok) {\n const shouldRetry =\n attempt < maxRetries &&\n RETRYABLE_HTTP_STATUS_CODES.has(response.status);\n\n if (shouldRetry) {\n const delay = this.retryDelay * Math.pow(2, attempt);\n await this.sleep(delay, callerSignal);\n continue;\n }\n\n throw new Error(\n `HTTP error: ${response.status} ${response.statusText}`,\n );\n }\n\n return response;\n } catch (error) {\n clearTimeout(timeoutId);\n merged?.cleanup();\n lastError = error instanceof Error ? error : new Error(String(error));\n\n // Check if caller aborted (not our timeout)\n if (callerSignal?.aborted) {\n throw new Error(\"Request aborted\");\n }\n\n if (error instanceof Error && error.name === \"AbortError\") {\n if (attempt < maxRetries) {\n const delay = this.retryDelay * Math.pow(2, attempt);\n await this.sleep(delay, callerSignal);\n continue;\n }\n throw new JsonRpcError(\n JSON_RPC_ERROR_CODES.TIMEOUT,\n `Request timeout after ${this.timeout}ms (${maxRetries + 1} attempts)`,\n \"local\",\n );\n }\n\n // Handle network errors (CORS, connection refused, etc.)\n if (error instanceof TypeError) {\n if (attempt < maxRetries) {\n const delay = this.retryDelay * Math.pow(2, attempt);\n await this.sleep(delay, callerSignal);\n continue;\n }\n throw new JsonRpcError(\n JSON_RPC_ERROR_CODES.NETWORK,\n `Network error: ${error.message} (${maxRetries + 1} attempts)`,\n \"local\",\n );\n }\n\n // Don't retry JSON-RPC errors (business logic errors)\n throw error;\n }\n }\n\n throw lastError || new Error(\"Unknown error after retries\");\n }\n\n private sleep(ms: number, signal?: AbortSignal): Promise<void> {\n return new Promise((resolve, reject) => {\n if (signal?.aborted) {\n reject(new Error(\"Request aborted\"));\n return;\n }\n const timeoutId = setTimeout(() => {\n signal?.removeEventListener(\"abort\", onAbort);\n resolve();\n }, ms);\n const onAbort = () => {\n clearTimeout(timeoutId);\n reject(new Error(\"Request aborted\"));\n };\n signal?.addEventListener(\"abort\", onAbort, { once: true });\n });\n }\n\n getBaseUrl(): string {\n return this.baseUrl;\n }\n}\n\ninterface MergedSignal {\n signal: AbortSignal;\n /** Remove listeners from the source signals. Call after the request completes. */\n cleanup: () => void;\n}\n\n/**\n * Merge two AbortSignals — the returned signal aborts if either input aborts.\n * Returns a cleanup function to remove listeners when the request completes\n * normally, preventing listener accumulation in long-lived polling flows.\n */\nfunction mergeAbortSignals(a: AbortSignal, b: AbortSignal): MergedSignal {\n if (a.aborted) return { signal: a, cleanup: () => {} };\n if (b.aborted) return { signal: b, cleanup: () => {} };\n\n const controller = new AbortController();\n const onAbortA = () => {\n b.removeEventListener(\"abort\", onAbortB);\n controller.abort();\n };\n const onAbortB = () => {\n a.removeEventListener(\"abort\", onAbortA);\n controller.abort();\n };\n a.addEventListener(\"abort\", onAbortA, { once: true });\n b.addEventListener(\"abort\", onAbortB, { once: true });\n\n const cleanup = () => {\n a.removeEventListener(\"abort\", onAbortA);\n b.removeEventListener(\"abort\", onAbortB);\n };\n\n return { signal: controller.signal, cleanup };\n}\n\nasync function readResponseTextWithLimit(\n response: Response,\n maxBytes: number,\n): Promise<string> {\n const contentLength = response.headers.get(\"content-length\");\n if (contentLength !== null) {\n const parsedContentLength = Number(contentLength);\n if (\n Number.isFinite(parsedContentLength) &&\n parsedContentLength > maxBytes\n ) {\n throw responseTooLargeError(maxBytes);\n }\n }\n\n if (!response.body) {\n return \"\";\n }\n\n const reader = response.body.getReader();\n const decoder = new TextDecoder();\n let totalBytes = 0;\n let responseText = \"\";\n\n try {\n for (;;) {\n const { done, value } = await reader.read();\n if (done) break;\n if (!value) continue;\n\n totalBytes += value.byteLength;\n if (totalBytes > maxBytes) {\n await reader.cancel();\n throw responseTooLargeError(maxBytes);\n }\n responseText += decoder.decode(value, { stream: true });\n }\n } finally {\n reader.releaseLock();\n }\n\n return responseText + decoder.decode();\n}\n\nfunction responseTooLargeError(maxBytes: number): JsonRpcError {\n return new JsonRpcError(\n JSON_RPC_ERROR_CODES.RESPONSE_TOO_LARGE,\n `JSON-RPC response exceeds maximum size of ${maxBytes} bytes`,\n \"local\",\n );\n}\n","/**\n * Type definitions for Vault Provider JSON-RPC API.\n *\n * These types match the `vaultProvider_*` RPC namespace defined by the\n * btc-vault daemon. They are the SDK's canonical copy of the VP protocol\n * contract, independent of any frontend framework.\n *\n * @see https://github.com/babylonlabs-io/btc-vault/blob/main/docs/pegin.md\n */\n\n// ============================================================================\n// Daemon Status\n// ============================================================================\n\n/**\n * Backend daemon status (vault provider database).\n * Source: btc-vault crates/vaultd/src/workers/claimer/mod.rs PegInStatus enum\n *\n * State flow (happy path):\n * PendingIngestion -> PendingDepositorWotsPK -> PendingBabeSetup -> PendingChallengerPresigning\n * -> PendingPeginSigsAvailability -> PendingPrePegInConfirmations\n * -> PendingDepositorSignatures -> PendingACKs -> PendingActivation -> Activated\n *\n * Terminal / branching states:\n * - Expired: vault timed out before activation\n * - ClaimPosted: claim transaction posted on-chain\n * - PeggedOut: BTC has been returned to the depositor\n */\nexport enum DaemonStatus {\n PENDING_INGESTION = \"PendingIngestion\",\n PENDING_DEPOSITOR_WOTS_PK = \"PendingDepositorWotsPK\",\n PENDING_BABE_SETUP = \"PendingBabeSetup\",\n PENDING_CHALLENGER_PRESIGNING = \"PendingChallengerPresigning\",\n PENDING_PEGIN_SIGS_AVAILABILITY = \"PendingPeginSigsAvailability\",\n PENDING_PRE_PEGIN_CONFIRMATIONS = \"PendingPrePegInConfirmations\",\n PENDING_DEPOSITOR_SIGNATURES = \"PendingDepositorSignatures\",\n PENDING_ACKS = \"PendingACKs\",\n PENDING_ACTIVATION = \"PendingActivation\",\n ACTIVATED = \"Activated\",\n EXPIRED = \"Expired\",\n CLAIM_POSTED = \"ClaimPosted\",\n PEGGED_OUT = \"PeggedOut\",\n}\n\n// ============================================================================\n// Status Groups\n// ============================================================================\n\n/**\n * States where the VP is still processing (no depositor action needed).\n * Excludes PENDING_DEPOSITOR_WOTS_PK (requires depositor action).\n */\nexport const PRE_DEPOSITOR_SIGNATURES_STATES: readonly DaemonStatus[] = [\n DaemonStatus.PENDING_INGESTION,\n DaemonStatus.PENDING_BABE_SETUP,\n DaemonStatus.PENDING_CHALLENGER_PRESIGNING,\n DaemonStatus.PENDING_PEGIN_SIGS_AVAILABILITY,\n DaemonStatus.PENDING_PRE_PEGIN_CONFIRMATIONS,\n];\n\n/** States after PendingDepositorSignatures where the depositor has no action. */\nconst POST_PAYOUT_SIGNATURE_STATUSES: readonly DaemonStatus[] = [\n DaemonStatus.PENDING_ACKS,\n DaemonStatus.PENDING_ACTIVATION,\n DaemonStatus.ACTIVATED,\n];\n\n/**\n * Statuses where no depositor action is needed (VP processing or already past\n * depositor interaction). Excludes PENDING_INGESTION and PENDING_DEPOSITOR_WOTS_PK.\n */\nexport const VP_TRANSIENT_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n DaemonStatus.PENDING_BABE_SETUP,\n DaemonStatus.PENDING_CHALLENGER_PRESIGNING,\n DaemonStatus.PENDING_PEGIN_SIGS_AVAILABILITY,\n DaemonStatus.PENDING_PRE_PEGIN_CONFIRMATIONS,\n ...POST_PAYOUT_SIGNATURE_STATUSES,\n]);\n\n/**\n * Terminal VP statuses where no further progress is possible.\n * If the VP reaches one of these states while polling, polling should\n * stop immediately with an error rather than waiting for timeout.\n */\nexport const VP_TERMINAL_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n DaemonStatus.EXPIRED,\n DaemonStatus.CLAIM_POSTED,\n DaemonStatus.PEGGED_OUT,\n]);\n\n/**\n * Statuses that come after WOTS key submission.\n * If the VP is already in one of these states, the WOTS key was already\n * submitted and we can skip.\n */\nexport const POST_WOTS_STATUSES: ReadonlySet<DaemonStatus> = new Set([\n ...VP_TRANSIENT_STATUSES,\n DaemonStatus.PENDING_DEPOSITOR_SIGNATURES,\n]);\n\n// ============================================================================\n// WOTS Types (needed by SubmitDepositorWotsKeyParams)\n// ============================================================================\n\n/**\n * WOTS configuration for a single block.\n * Matches Rust `babe::wots::Config` serde format.\n */\nexport interface WotsConfig {\n /** Digit bit-width (e.g. 4 → base-16 digits). */\n d: number;\n /** Number of message digits in this block. */\n n: number;\n /** Radix used for the checksum computation. */\n checksum_radix: number;\n}\n\n/**\n * A single block of WOTS public keys.\n * Chain values are arrays of byte values (matching Rust `[u8; 20]`).\n */\nexport interface WotsBlockPublicKey {\n config: WotsConfig;\n message_terminals: number[][];\n checksum_major_terminal: number[];\n checksum_minor_terminal: number[];\n}\n\n// ============================================================================\n// Request Parameter Types\n// ============================================================================\n\n/** Params for requesting the payout/claim/assert transactions to pre-sign. */\nexport interface RequestDepositorPresignTransactionsParams {\n pegin_txid: string;\n depositor_pk: string;\n}\n\n/** Params for submitting the depositor's WOTS public key to the VP. */\nexport interface SubmitDepositorWotsKeyParams {\n pegin_txid: string;\n depositor_pk: string;\n wots_public_keys: WotsBlockPublicKey[];\n}\n\n/** Per-challenger signatures for the depositor-as-claimer flow. */\nexport interface DepositorPreSigsPerChallenger {\n nopayout_signature: string;\n}\n\n/** Depositor-as-claimer pre-signatures (payout + per-challenger). */\nexport interface DepositorAsClaimerPresignatures {\n payout_signatures: ClaimerSignatures;\n per_challenger: Record<string, DepositorPreSigsPerChallenger>;\n}\n\n/** Params for submitting depositor pre-signatures including claimer presignatures. */\nexport interface SubmitDepositorPresignaturesParams {\n pegin_txid: string;\n depositor_pk: string;\n signatures: Record<string, ClaimerSignatures>;\n depositor_claimer_presignatures: DepositorAsClaimerPresignatures;\n}\n\n/** Payout signatures per claimer. */\nexport interface ClaimerSignatures {\n payout_signature: string;\n}\n\n/** Params for requesting BaBe DecryptorArtifacts from the VP. */\nexport interface RequestDepositorClaimerArtifactsParams {\n pegin_txid: string;\n depositor_pk: string;\n}\n\n/** Params for querying pegin status. Either pegin_txid or vault_id must be provided. */\nexport type GetPeginStatusParams =\n | { pegin_txid: string; vault_id?: never }\n | { vault_id: string; pegin_txid?: never };\n\n// ============================================================================\n// Response Types\n// ============================================================================\n\n/** A raw Bitcoin transaction with its hex encoding. */\nexport interface TransactionData {\n tx_hex: string;\n}\n\n/** Set of transactions the depositor must pre-sign for a single claimer. */\nexport interface ClaimerTransactions {\n claimer_pubkey: string;\n claim_tx: TransactionData;\n assert_tx: TransactionData;\n payout_tx: TransactionData;\n payout_psbt: string;\n}\n\n/** Per-segment connector data for ChallengeAssert inputs. */\nexport interface ChallengeAssertConnectorData {\n wots_pks_json: string;\n gc_wots_keys_json: string;\n}\n\n/** Challenger-specific transactions and signing data for the depositor graph. */\nexport interface PresignDataPerChallenger {\n challenger_pubkey: string;\n challenge_assert_x_tx: TransactionData;\n challenge_assert_y_tx: TransactionData;\n nopayout_tx: TransactionData;\n nopayout_psbt: string;\n challenge_assert_connectors: ChallengeAssertConnectorData[];\n output_label_hashes: string[];\n}\n\n/** Depositor-as-claimer TxGraph transactions. */\nexport interface DepositorGraphTransactions {\n claim_tx: TransactionData;\n assert_tx: TransactionData;\n payout_tx: TransactionData;\n payout_psbt: string;\n challenger_presign_data: PresignDataPerChallenger[];\n offchain_params_version: number;\n}\n\n/** Response from `requestDepositorPresignTransactions`. */\nexport interface RequestDepositorPresignTransactionsResponse {\n txs: ClaimerTransactions[];\n depositor_graph: DepositorGraphTransactions;\n}\n\n/** BaBe garbled-circuit session data for a single challenger. */\nexport interface BaBeSessionData {\n decryptor_artifacts_hex: string;\n}\n\n/** Response from `requestDepositorClaimerArtifacts`. */\nexport interface RequestDepositorClaimerArtifactsResponse {\n tx_graph_json: string;\n verifying_key_hex: string;\n babe_sessions: Record<string, BaBeSessionData>;\n}\n\n/** Progress tracker for a multi-challenger operation. */\nexport interface ChallengerProgress {\n total_challengers: number;\n completed_challengers: number;\n completed_challenger_pubkeys: string[];\n pending_challenger_pubkeys: string[];\n}\n\nexport type GcDataProgress = ChallengerProgress;\nexport type AckCollectionProgress = ChallengerProgress;\n\n/** Extended presigning progress with all 3 concurrent phases. */\nexport interface PresigningProgress extends ChallengerProgress {\n depositor_graph_created?: boolean;\n vk_challenger_presigning_completed?: number;\n vk_challenger_presigning_total?: number;\n}\n\n/** Detailed progress breakdown for an in-progress pegin. */\nexport interface PeginProgressDetails {\n gc_data?: GcDataProgress;\n presigning?: PresigningProgress;\n ack_collection?: AckCollectionProgress;\n claimer_graphs?: ClaimerGraphStatus[];\n}\n\n/** Per-claimer graph status (challenger perspective). */\nexport interface ClaimerGraphStatus {\n claimer_pubkey: string;\n presigned: boolean;\n}\n\n/** Response from `getPeginStatus`. */\nexport interface GetPeginStatusResponse {\n pegin_txid: string;\n status: string;\n progress: PeginProgressDetails;\n health_info: string;\n last_error?: string;\n}\n\n// ============================================================================\n// Pegout Types\n// ============================================================================\n\n/**\n * Claimer-side pegout progress.\n * Source: btc-vault crates/vaultd/src/rpc/server/pegout_status.rs ClaimerPegoutStatus.\n */\nexport interface ClaimerPegoutStatus {\n status: string;\n failed: boolean;\n claim_txid: string;\n claimer_pubkey: string;\n assert_txid: string;\n challenger_pubkey: string | null;\n /** Unix epoch seconds. */\n created_at: number;\n /** Unix epoch seconds. */\n updated_at: number;\n}\n\n/**\n * Challenger-side pegout progress.\n * Source: btc-vault crates/vaultd/src/rpc/server/pegout_status.rs ChallengerStatus.\n */\nexport interface ChallengerStatus {\n status: string;\n claim_txid: string;\n claimer_pubkey: string;\n assert_txid: string | null;\n challenge_assert_x_txid: string | null;\n challenge_assert_y_txid: string | null;\n nopayout_txid: string | null;\n created_at: number;\n updated_at: number;\n}\n\n/**\n * Pegout status response. Embedded by `batchGetPegoutStatus` per-result\n * envelopes. Mirrors btc-vault `GetPegoutStatusResponse`.\n */\nexport interface GetPegoutStatusResponse {\n pegin_txid: string;\n found: boolean;\n claimer: ClaimerPegoutStatus | null;\n challengers: ChallengerStatus[];\n}\n\n// ============================================================================\n// Batch Status Types (peginStatus + pegoutStatus)\n// ============================================================================\n\n/** Params for `batchGetPeginStatus`. */\nexport interface BatchGetPeginStatusParams {\n /** Up to MAX_BATCH_SIZE (50) txids per call. */\n pegin_txids: string[];\n}\n\n/** Per-pegin entry in a `batchGetPeginStatus` response. */\nexport interface BatchPeginStatusResult {\n pegin_txid: string;\n result: GetPeginStatusResponse | null;\n error: string | null;\n}\n\n/** Response from `batchGetPeginStatus`. Results are returned in request order. */\nexport interface BatchGetPeginStatusResponse {\n results: BatchPeginStatusResult[];\n}\n\n/** Params for `batchGetPegoutStatus`. */\nexport interface BatchGetPegoutStatusParams {\n pegin_txids: string[];\n}\n\n/** Per-vault entry in a `batchGetPegoutStatus` response. */\nexport interface BatchPegoutStatusResult {\n pegin_txid: string;\n result: GetPegoutStatusResponse | null;\n error: string | null;\n}\n\n/** Response from `batchGetPegoutStatus`. Results are returned in request order. */\nexport interface BatchGetPegoutStatusResponse {\n results: BatchPegoutStatusResult[];\n}\n\n/**\n * Maximum number of items per batch call. Mirrors the server-side\n * `MAX_BATCH_SIZE` in btc-vault (`crates/vaultd/src/rpc/server/vault_provider.rs:7`).\n * Callers must chunk requests larger than this.\n */\nexport const VP_BATCH_MAX_SIZE = 50;\n\n// ============================================================================\n// Error Codes\n// ============================================================================\n\n/** JSON-RPC error codes returned by the vault provider. */\nexport enum RpcErrorCode {\n DATABASE_ERROR = -32005,\n PRESIGN_ERROR = -32006,\n JSON_SERIALIZATION_ERROR = -32007,\n TX_GRAPH_ERROR = -32008,\n INVALID_GRAPH = -32009,\n VALIDATION_ERROR = -32010,\n NOT_FOUND = -32011,\n INTERNAL_ERROR = -32603,\n}\n"],"names":["JsonRpcError","code","message","source","data","JSON_RPC_ERROR_CODES","JSON_RPC_VERSION","DEFAULT_RETRY_ATTEMPTS","DEFAULT_RETRY_DELAY_MS","DEFAULT_MAX_RESPONSE_BYTES","UNCAPPED_TYPED_RESPONSE_METHODS","RETRYABLE_HTTP_STATUS_CODES","DEFAULT_RETRYABLE_METHODS","defaultRetryableFor","method","AUTH_EXPIRED_DATA_KIND","isAuthExpiredError","error","JsonRpcClient","config","__publicField","headers","token","params","signal","response","jsonResponse","responseText","readResponseTextWithLimit","rpcResponse","err","callerSignal","requestId","maxRetries","body","lastError","attempt","timeoutController","timeoutId","merged","mergeAbortSignals","delay","ms","resolve","reject","onAbort","a","b","controller","onAbortA","onAbortB","cleanup","maxBytes","contentLength","parsedContentLength","responseTooLargeError","reader","decoder","totalBytes","done","value","DaemonStatus","PRE_DEPOSITOR_SIGNATURES_STATES","POST_PAYOUT_SIGNATURE_STATUSES","VP_TRANSIENT_STATUSES","VP_TERMINAL_STATUSES","POST_WOTS_STATUSES","VP_BATCH_MAX_SIZE","RpcErrorCode"],"mappings":"iLAoGO,MAAMA,UAAqB,KAAM,CACtC,YACSC,EACPC,EAEOC,EAA6B,QAE7BC,EACP,CACA,MAAMF,CAAO,EAPN,KAAA,KAAAD,EAGA,KAAA,OAAAE,EAEA,KAAA,KAAAC,EAGP,KAAK,KAAO,cACd,CACF,CAEO,MAAMC,EAAuB,CAClC,QAAS,MACT,QAAS,OAET,cAAe,OAEf,kBAAmB,OAEnB,iBAAkB,OAElB,mBAAoB,MACtB,EAGMC,EAAmB,MAGnBC,EAAyB,EAGzBC,EAAyB,IAGzBC,EAA6B,EAAI,KAAO,KAMxCC,MAA2D,IAAI,CACnE,gDACF,CAAC,EAGKC,MAAuD,IAAI,CAC/D,IACA,IACA,IACA,IACA,IACA,GACF,CAAC,EAGKC,MAAqD,IAAI,CAC7D,+BACA,oCACA,qCACA,mDACF,CAAC,EAED,SAASC,EAAoBC,EAAyB,CACpD,OAAOF,EAA0B,IAAIE,CAAM,CAC7C,CAYA,MAAMC,EAAyB,eAE/B,SAASC,EAAmBC,EAAyB,CAEnD,GADI,EAAEA,aAAiBjB,IACnBiB,EAAM,SAAW,OAAQ,MAAO,GACpC,MAAMb,EAAOa,EAAM,KACnB,OAAIb,IAAS,MAAQ,OAAOA,GAAS,SAAiB,GACxCA,EAA4B,OAC1BW,CAClB,CAKO,MAAMG,CAAc,CAWzB,YAAYC,EAA6B,CAVjCC,EAAA,gBACAA,EAAA,gBACAA,EAAA,gBACAA,EAAA,iBAAY,GACZA,EAAA,gBACAA,EAAA,mBACAA,EAAA,yBACAA,EAAA,qBACAA,EAAA,sBAaN,GAVA,KAAK,QAAUD,EAAO,QAAQ,QAAQ,MAAO,EAAE,EAC/C,KAAK,QAAUA,EAAO,QACtB,KAAK,QAAU,CACb,eAAgB,mBAChB,GAAGA,EAAO,OAAA,EAEZ,KAAK,QAAUA,EAAO,SAAWZ,EACjC,KAAK,WAAaY,EAAO,YAAcX,EACvC,KAAK,iBACHW,EAAO,kBAAoBV,EACzB,CAAC,OAAO,SAAS,KAAK,gBAAgB,GAAK,KAAK,kBAAoB,EACtE,MAAM,IAAI,MAAM,mDAAmD,EAErE,KAAK,aAAeU,EAAO,cAAgBN,EAC3C,KAAK,cAAgBM,EAAO,aAC9B,CAEA,MAAc,aAAaL,EAAiD,CAC1E,MAAMO,EAAkC,CAAE,GAAG,KAAK,OAAA,EAClD,GAAI,KAAK,cAAe,CACtB,MAAMC,EAAQ,MAAM,KAAK,cAAc,SAASR,CAAM,EAClDQ,IACFD,EAAQ,cAAgB,UAAUC,CAAK,GAE3C,CACA,OAAOD,CACT,CAeA,MAAM,KACJP,EACAS,EACAC,EACkB,CAClB,GAAI,CACF,OAAO,MAAM,KAAK,SAA2BV,EAAQS,EAAQC,CAAM,CACrE,OAASP,EAAO,CAWd,GAAI,KAAK,eAAiBD,EAAmBC,CAAK,EAChD,YAAK,cAAc,WAAA,EACZ,MAAM,KAAK,SAA2BH,EAAQS,EAAQC,CAAM,EAErE,MAAMP,CACR,CACF,CAEA,MAAc,SACZH,EACAS,EACAC,EACkB,CAClB,MAAMC,EAAW,MAAM,KAAK,eAAeX,EAAQS,EAAQC,CAAM,EAEjE,IAAIE,EACJ,GAAI,CACF,MAAMC,EAAejB,EAAgC,IAAII,CAAM,EAC3D,MAAMW,EAAS,KAAA,EACf,MAAMG,EAA0BH,EAAU,KAAK,gBAAgB,EACnEC,EAAe,KAAK,MAAMC,CAAY,CACxC,OAASV,EAAO,CACd,MAAIA,aAAiBjB,EACbiB,EAEF,IAAIjB,EACRK,EAAqB,iBACrB,oDACA,OAAA,CAEJ,CAEA,GACEqB,IAAiB,MACjB,OAAOA,GAAiB,UACxB,MAAM,QAAQA,CAAY,EAE1B,MAAM,IAAI1B,EACRK,EAAqB,iBACrB,sDAAsD,OAAOqB,CAAY,GACzE,OAAA,EAIJ,MAAMG,EAAcH,EAEpB,GAAI,UAAWG,GAAeA,EAAY,OAAS,KAAM,CACvD,MAAMC,EAAMD,EAAY,MAKxB,MAAM,IAAI7B,EACR8B,EAAI,MAAQzB,EAAqB,iBACjCyB,EAAI,SAAW,oBACf,OACAA,EAAI,IAAA,CAER,CAEA,GAAI,EAAE,WAAYD,GAChB,MAAM,IAAI7B,EACRK,EAAqB,iBACrB,oDACA,OAAA,EAIJ,OAAOwB,EAAY,MACrB,CAYA,MAAM,QACJf,EACAS,EACAC,EACmB,CACnB,OAAO,KAAK,eAAeV,EAAQS,EAAQC,CAAM,CACnD,CAEA,MAAc,eACZV,EACAS,EACAQ,EACmB,CACnB,MAAMC,EAAY,EAAE,KAAK,UACnBC,EAAa,KAAK,aAAanB,CAAM,EAAI,KAAK,QAAU,EAUxDoB,EAAO,KAAK,UAPyB,CACzC,QAAS5B,EACT,OAAAQ,EACA,OAAQ,CAACS,CAAM,EACf,GAAIS,CAAA,CAG6B,EACnC,IAAIG,EAA0B,KAE9B,QAASC,EAAU,EAAGA,GAAWH,EAAYG,IAAW,CAEtD,MAAMC,EAAoB,IAAI,gBACxBC,EAAY,WAChB,IAAMD,EAAkB,MAAA,EACxB,KAAK,OAAA,EAGDE,EAASR,EACXS,EAAkBT,EAAcM,EAAkB,MAAM,EACxD,KACEb,EAASe,EAASA,EAAO,OAASF,EAAkB,OAE1D,GAAI,CAIF,MAAMhB,EAAU,MAAM,KAAK,aAAaP,CAAM,EAExCW,EAAW,MAAM,MAAM,KAAK,QAAS,CACzC,OAAQ,OACR,QAAAJ,EACA,KAAAa,EACA,OAAAV,CAAA,CACD,EAKD,GAHA,aAAac,CAAS,EACtBC,GAAA,MAAAA,EAAQ,UAEJ,CAACd,EAAS,GAAI,CAKhB,GAHEW,EAAUH,GACVtB,EAA4B,IAAIc,EAAS,MAAM,EAEhC,CACf,MAAMgB,EAAQ,KAAK,WAAa,KAAK,IAAI,EAAGL,CAAO,EACnD,MAAM,KAAK,MAAMK,EAAOV,CAAY,EACpC,QACF,CAEA,MAAM,IAAI,MACR,eAAeN,EAAS,MAAM,IAAIA,EAAS,UAAU,EAAA,CAEzD,CAEA,OAAOA,CACT,OAASR,EAAO,CAMd,GALA,aAAaqB,CAAS,EACtBC,GAAA,MAAAA,EAAQ,UACRJ,EAAYlB,aAAiB,MAAQA,EAAQ,IAAI,MAAM,OAAOA,CAAK,CAAC,EAGhEc,GAAA,MAAAA,EAAc,QAChB,MAAM,IAAI,MAAM,iBAAiB,EAGnC,GAAId,aAAiB,OAASA,EAAM,OAAS,aAAc,CACzD,GAAImB,EAAUH,EAAY,CACxB,MAAMQ,EAAQ,KAAK,WAAa,KAAK,IAAI,EAAGL,CAAO,EACnD,MAAM,KAAK,MAAMK,EAAOV,CAAY,EACpC,QACF,CACA,MAAM,IAAI/B,EACRK,EAAqB,QACrB,yBAAyB,KAAK,OAAO,OAAO4B,EAAa,CAAC,aAC1D,OAAA,CAEJ,CAGA,GAAIhB,aAAiB,UAAW,CAC9B,GAAImB,EAAUH,EAAY,CACxB,MAAMQ,EAAQ,KAAK,WAAa,KAAK,IAAI,EAAGL,CAAO,EACnD,MAAM,KAAK,MAAMK,EAAOV,CAAY,EACpC,QACF,CACA,MAAM,IAAI/B,EACRK,EAAqB,QACrB,kBAAkBY,EAAM,OAAO,KAAKgB,EAAa,CAAC,aAClD,OAAA,CAEJ,CAGA,MAAMhB,CACR,CACF,CAEA,MAAMkB,GAAa,IAAI,MAAM,6BAA6B,CAC5D,CAEQ,MAAMO,EAAYlB,EAAqC,CAC7D,OAAO,IAAI,QAAQ,CAACmB,EAASC,IAAW,CACtC,GAAIpB,GAAA,MAAAA,EAAQ,QAAS,CACnBoB,EAAO,IAAI,MAAM,iBAAiB,CAAC,EACnC,MACF,CACA,MAAMN,EAAY,WAAW,IAAM,CACjCd,GAAA,MAAAA,EAAQ,oBAAoB,QAASqB,GACrCF,EAAA,CACF,EAAGD,CAAE,EACCG,EAAU,IAAM,CACpB,aAAaP,CAAS,EACtBM,EAAO,IAAI,MAAM,iBAAiB,CAAC,CACrC,EACApB,GAAA,MAAAA,EAAQ,iBAAiB,QAASqB,EAAS,CAAE,KAAM,IACrD,CAAC,CACH,CAEA,YAAqB,CACnB,OAAO,KAAK,OACd,CACF,CAaA,SAASL,EAAkBM,EAAgBC,EAA8B,CACvE,GAAID,EAAE,QAAS,MAAO,CAAE,OAAQA,EAAG,QAAS,IAAM,CAAC,CAAA,EACnD,GAAIC,EAAE,QAAS,MAAO,CAAE,OAAQA,EAAG,QAAS,IAAM,CAAC,CAAA,EAEnD,MAAMC,EAAa,IAAI,gBACjBC,EAAW,IAAM,CACrBF,EAAE,oBAAoB,QAASG,CAAQ,EACvCF,EAAW,MAAA,CACb,EACME,EAAW,IAAM,CACrBJ,EAAE,oBAAoB,QAASG,CAAQ,EACvCD,EAAW,MAAA,CACb,EACAF,EAAE,iBAAiB,QAASG,EAAU,CAAE,KAAM,GAAM,EACpDF,EAAE,iBAAiB,QAASG,EAAU,CAAE,KAAM,GAAM,EAEpD,MAAMC,EAAU,IAAM,CACpBL,EAAE,oBAAoB,QAASG,CAAQ,EACvCF,EAAE,oBAAoB,QAASG,CAAQ,CACzC,EAEA,MAAO,CAAE,OAAQF,EAAW,OAAQ,QAAAG,CAAA,CACtC,CAEA,eAAevB,EACbH,EACA2B,EACiB,CACjB,MAAMC,EAAgB5B,EAAS,QAAQ,IAAI,gBAAgB,EAC3D,GAAI4B,IAAkB,KAAM,CAC1B,MAAMC,EAAsB,OAAOD,CAAa,EAChD,GACE,OAAO,SAASC,CAAmB,GACnCA,EAAsBF,EAEtB,MAAMG,EAAsBH,CAAQ,CAExC,CAEA,GAAI,CAAC3B,EAAS,KACZ,MAAO,GAGT,MAAM+B,EAAS/B,EAAS,KAAK,UAAA,EACvBgC,EAAU,IAAI,YACpB,IAAIC,EAAa,EACb/B,EAAe,GAEnB,GAAI,CACF,OAAS,CACP,KAAM,CAAE,KAAAgC,EAAM,MAAAC,CAAA,EAAU,MAAMJ,EAAO,KAAA,EACrC,GAAIG,EAAM,MACV,GAAKC,EAGL,IADAF,GAAcE,EAAM,WAChBF,EAAaN,EACf,YAAMI,EAAO,OAAA,EACPD,EAAsBH,CAAQ,EAEtCzB,GAAgB8B,EAAQ,OAAOG,EAAO,CAAE,OAAQ,GAAM,EACxD,CACF,QAAA,CACEJ,EAAO,YAAA,CACT,CAEA,OAAO7B,EAAe8B,EAAQ,OAAA,CAChC,CAEA,SAASF,EAAsBH,EAAgC,CAC7D,OAAO,IAAIpD,EACTK,EAAqB,mBACrB,6CAA6C+C,CAAQ,SACrD,OAAA,CAEJ,CC/hBO,IAAKS,GAAAA,IACVA,EAAA,kBAAoB,mBACpBA,EAAA,0BAA4B,yBAC5BA,EAAA,mBAAqB,mBACrBA,EAAA,8BAAgC,8BAChCA,EAAA,gCAAkC,+BAClCA,EAAA,gCAAkC,+BAClCA,EAAA,6BAA+B,6BAC/BA,EAAA,aAAe,cACfA,EAAA,mBAAqB,oBACrBA,EAAA,UAAY,YACZA,EAAA,QAAU,UACVA,EAAA,aAAe,cACfA,EAAA,WAAa,YAbHA,IAAAA,GAAA,CAAA,CAAA,EAwBL,MAAMC,EAA2D,CACtE,mBACA,mBACA,8BACA,+BACA,8BACF,EAGMC,EAA0D,CAC9D,cACA,oBACA,WACF,EAMaC,MAAuD,IAAI,CACtE,mBACA,8BACA,+BACA,+BACA,GAAGD,CACL,CAAC,EAOYE,MAAsD,IAAI,CACrE,UACA,cACA,WACF,CAAC,EAOYC,MAAoD,IAAI,CACnE,GAAGF,EACH,4BACF,CAAC,EAsRYG,EAAoB,GAO1B,IAAKC,GAAAA,IACVA,EAAAA,EAAA,eAAiB,MAAA,EAAjB,iBACAA,EAAAA,EAAA,cAAgB,MAAA,EAAhB,gBACAA,EAAAA,EAAA,yBAA2B,MAAA,EAA3B,2BACAA,EAAAA,EAAA,eAAiB,MAAA,EAAjB,iBACAA,EAAAA,EAAA,cAAgB,MAAA,EAAhB,gBACAA,EAAAA,EAAA,iBAAmB,MAAA,EAAnB,mBACAA,EAAAA,EAAA,UAAY,MAAA,EAAZ,YACAA,EAAAA,EAAA,eAAiB,MAAA,EAAjB,iBARUA,IAAAA,GAAA,CAAA,CAAA"}