@babylonlabs-io/ts-sdk 0.48.2 → 0.48.4

package/dist/noPayout-CA4-x5vZ.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"noPayout-CA4-x5vZ.js","sources":["../src/tbv/core/primitives/psbt/refund.ts","../src/tbv/core/primitives/psbt/noPayout.ts"],"sourcesContent":["/**\n * Refund PSBT Builder Primitive\n *\n * Builds an unsigned refund PSBT for a depositor to reclaim BTC from\n * a timed-out Pre-PegIn HTLC output via the refund script (leaf 1).\n *\n * The refund script enforces a CSV timelock (timelockRefund blocks) and\n * requires only the depositor's Schnorr signature — no vault provider or\n * keeper involvement.\n *\n * @module primitives/psbt/refund\n */\n\nimport {\n  getPrePeginHtlcConnectorInfo,\n  initWasm,\n  tapInternalPubkey,\n  WasmPrePeginTx,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport {\n  TAPSCRIPT_LEAF_VERSION,\n  deriveBip86ScriptPubKeyHex,\n  hexToUint8Array,\n  stripHexPrefix,\n  uint8ArrayToHex,\n} from \"../utils/bitcoin\";\nimport { normalizeAuthAnchorHash, type PrePeginParams } from \"./pegin\";\n\n/**\n * Parameters for building a refund PSBT\n */\nexport interface BuildRefundPsbtParams {\n  /** Same PrePeginParams used when the original Pre-PegIn tx was created */\n  prePeginParams: PrePeginParams;\n  /** Funded Pre-PegIn transaction hex (the tx whose HTLC output is being refunded) */\n  fundedPrePeginTxHex: string;\n  /** Index of the HTLC output in the Pre-PegIn transaction */\n  htlcVout: number;\n  /** Transaction fee in satoshis for the refund transaction */\n  refundFee: bigint;\n  /** SHA256 hash commitment for the HTLC (64 hex chars, no 0x prefix) */\n  hashlock: string;\n}\n\n/**\n * Result of building a refund PSBT\n */\nexport interface BuildRefundPsbtResult {\n  /** PSBT hex ready for depositor signing */\n  psbtHex: string;\n}\n\n/**\n * Build a PSBT for signing the refund transaction.\n *\n * The refund transaction spends the Pre-PegIn HTLC output via leaf 1\n * (the refund script: `<timelockRefund> CSV DROP <depositorPubkey> CHECKSIG`).\n * The PSBT includes the tapLeafScript entry so the depositor's wallet can\n * sign using Taproot script-path spending.\n *\n * The input's sequence is set to `timelockRefund` by the WASM, enforcing\n * the Bitcoin CSV timelock. The refund broadcast will be rejected by the\n * network if the timelock has not yet expired.\n *\n * @param params - Refund PSBT parameters\n * @returns PSBT hex for depositor signing\n * @throws If the HTLC output at htlcVout is not found\n * @throws If the refund transaction does not have exactly 1 input\n */\nexport async function buildRefundPsbt(\n  params: BuildRefundPsbtParams,\n): Promise<BuildRefundPsbtResult> {\n  await initWasm();\n\n  const { prePeginParams, fundedPrePeginTxHex, htlcVout, refundFee, hashlock } =\n    params;\n\n  // The 14th positional arg `auth_anchor_hash` is `Option<String>` in\n  // the Rust WASM constructor (the 9th arg `min_pegin_fee_rate` requires\n  // the two-rate constructor from btc-vault #1930). Production peg-ins\n  // (PeginManager) always commit an OP_RETURN <PUSH32 SHA256(authAnchor)>\n  // output at `vout = hashlocks.length`; the unfunded template must\n  // include it so `fromFundedTransaction` aligns with the funded tx.\n  // Normalize identically to the peg-in primitives (`0x` strip,\n  // lowercase, length/charset validation) so a direct primitive caller\n  // reusing successful peg-in params doesn't hand unnormalized bytes to\n  // WASM. Pass `undefined` for legacy non-auth-anchored Pre-PegIns.\n  const normalizedAuthAnchorHash = normalizeAuthAnchorHash(\n    prePeginParams.authAnchorHash,\n  );\n  const unfundedTx = new (WasmPrePeginTx as unknown as new (\n    depositor: string,\n    vault_provider: string,\n    vault_keepers: string[],\n    universal_challengers: string[],\n    hashlocks: string[],\n    pegin_amounts: BigUint64Array,\n    timelock_refund: number,\n    fee_rate: bigint,\n    min_pegin_fee_rate: bigint,\n    num_local_challengers: number,\n    council_quorum: number,\n    council_size: number,\n    network: string,\n    auth_anchor_hash?: string,\n  ) => typeof WasmPrePeginTx.prototype)(\n    prePeginParams.depositorPubkey,\n    prePeginParams.vaultProviderPubkey,\n    prePeginParams.vaultKeeperPubkeys,\n    prePeginParams.universalChallengerPubkeys,\n    [...prePeginParams.hashlocks],\n    new BigUint64Array(prePeginParams.pegInAmounts),\n    prePeginParams.timelockRefund,\n    prePeginParams.feeRate,\n    prePeginParams.minPeginFeeRate,\n    prePeginParams.numLocalChallengers,\n    prePeginParams.councilQuorum,\n    prePeginParams.councilSize,\n    prePeginParams.network,\n    normalizedAuthAnchorHash,\n  );\n\n  let fundedTx: WasmPrePeginTx | null = null;\n  try {\n    // Cross-check the reconstructed unfunded template against the funded\n    // transaction: the WASM template's HTLC scriptPubKey at `htlcVout`\n    // must equal the bytes the funded tx carries at the same output.\n    // If they disagree, the template was reconstructed from the wrong\n    // (hashlocks, amounts) vector — signing it would produce a refund\n    // that does not spend the on-chain HTLC the depositor expects.\n    // This is the explicit invariant the audit recommends: never sign a\n    // refund whose template doesn't match the on-chain output bytes.\n    const expectedHtlcScriptPubKey = unfundedTx\n      .getHtlcScriptPubKey(htlcVout)\n      .toLowerCase();\n    // The reconstructed template's HTLC output value at `htlcVout`,\n    // sized by WASM from the supplied `pegInAmounts` via the protocol\n    // formula `htlcValue = peginAmount + depositorClaimValue + minPeginFee`.\n    // Captured before `fromFundedTransaction` to bind it to the value the\n    // funded tx actually carries (see the cross-check below).\n    const expectedHtlcValue = unfundedTx.getHtlcValue(htlcVout);\n\n    fundedTx = unfundedTx.fromFundedTransaction(fundedPrePeginTxHex);\n\n    const refundTxHex = fundedTx.buildRefundTx(refundFee, htlcVout);\n\n    const htlcConnector = await getPrePeginHtlcConnectorInfo({\n      depositorPubkey: prePeginParams.depositorPubkey,\n      vaultProviderPubkey: prePeginParams.vaultProviderPubkey,\n      vaultKeeperPubkeys: prePeginParams.vaultKeeperPubkeys,\n      universalChallengerPubkeys: prePeginParams.universalChallengerPubkeys,\n      hashlock,\n      timelockRefund: prePeginParams.timelockRefund,\n      network: prePeginParams.network,\n    });\n\n    const cleanPrePeginHex = fundedPrePeginTxHex.startsWith(\"0x\")\n      ? fundedPrePeginTxHex.slice(2)\n      : fundedPrePeginTxHex;\n    const prePeginTx = Transaction.fromHex(cleanPrePeginHex);\n\n    const htlcOutput = prePeginTx.outs[htlcVout];\n    if (!htlcOutput) {\n      throw new Error(\n        `HTLC output at vout ${htlcVout} not found in funded Pre-PegIn tx ` +\n          `(tx has ${prePeginTx.outs.length} outputs)`,\n      );\n    }\n\n    const actualHtlcScriptPubKey = uint8ArrayToHex(\n      new Uint8Array(htlcOutput.script),\n    ).toLowerCase();\n    if (actualHtlcScriptPubKey !== expectedHtlcScriptPubKey) {\n      throw new Error(\n        `HTLC scriptPubKey mismatch at vout ${htlcVout}: reconstructed ` +\n          `template expects ${expectedHtlcScriptPubKey}, funded tx carries ` +\n          `${actualHtlcScriptPubKey}. Refund refused — the (hashlocks, ` +\n          `pegInAmounts) vector does not match the on-chain commitment.`,\n      );\n    }\n\n    // Value cross-check (mirrors the script check above): the template's\n    // HTLC value — derived by WASM from `pegInAmounts` via the protocol\n    // formula — must equal the value the funded tx pays at this output.\n    // A caller that hands the full HTLC output value (or any wrong amount)\n    // as `pegInAmounts` would inflate the template value and trip this\n    // guard, rather than silently signing a refund built from a template\n    // that disagrees with the on-chain commitment.\n    const actualHtlcValue = BigInt(htlcOutput.value);\n    if (actualHtlcValue !== expectedHtlcValue) {\n      throw new Error(\n        `HTLC value mismatch at vout ${htlcVout}: reconstructed template ` +\n          `expects ${expectedHtlcValue} sat, funded tx carries ` +\n          `${actualHtlcValue} sat. Refund refused — the pegInAmounts vector ` +\n          `does not match the on-chain commitment.`,\n      );\n    }\n\n    const refundTx = Transaction.fromHex(refundTxHex);\n\n    if (refundTx.ins.length !== 1) {\n      throw new Error(\n        `Refund transaction must have exactly 1 input, got ${refundTx.ins.length}`,\n      );\n    }\n\n    const refundInput = refundTx.ins[0];\n\n    // Verify the refund input spends the correct Pre-PegIn HTLC output\n    const prePeginTxid = prePeginTx.getId();\n    const refundInputTxid = uint8ArrayToHex(\n      new Uint8Array(refundInput.hash).slice().reverse(),\n    );\n    if (refundInputTxid !== prePeginTxid) {\n      throw new Error(\n        `Refund input does not reference the Pre-PegIn transaction. ` +\n          `Expected ${prePeginTxid}, got ${refundInputTxid}`,\n      );\n    }\n    if (refundInput.index !== htlcVout) {\n      throw new Error(\n        `Refund input index ${refundInput.index} does not match expected htlcVout ${htlcVout}`,\n      );\n    }\n\n    const psbt = new Psbt();\n    psbt.setVersion(refundTx.version);\n    psbt.setLocktime(refundTx.locktime);\n\n    psbt.addInput({\n      hash: refundInput.hash,\n      index: refundInput.index,\n      sequence: refundInput.sequence,\n      witnessUtxo: {\n        script: htlcOutput.script,\n        value: htlcOutput.value,\n      },\n      tapLeafScript: [\n        {\n          leafVersion: TAPSCRIPT_LEAF_VERSION,\n          script: Buffer.from(hexToUint8Array(htlcConnector.refundScript)),\n          controlBlock: Buffer.from(\n            hexToUint8Array(htlcConnector.refundControlBlock),\n          ),\n        },\n      ],\n      tapInternalKey: Buffer.from(tapInternalPubkey),\n    });\n\n    // Output side: pin the single refund output to the depositor's own\n    // BIP-86 P2TR address, mirroring the input-side pinning above. WASM\n    // builds the refund output from the refund leaf's depositor key, so a\n    // correct template always pays exactly one output back to the depositor.\n    // Asserting it here means a malformed template (or a tampered WASM)\n    // cannot redirect the reclaimed funds to a script the depositor does\n    // not control.\n    if (refundTx.outs.length !== 1) {\n      throw new Error(\n        `Refund transaction must have exactly 1 output, got ${refundTx.outs.length}`,\n      );\n    }\n    const refundOutput = refundTx.outs[0];\n    const expectedDepositorScriptPubKey = stripHexPrefix(\n      deriveBip86ScriptPubKeyHex(prePeginParams.depositorPubkey),\n    ).toLowerCase();\n    const actualRefundOutputScriptPubKey = uint8ArrayToHex(\n      new Uint8Array(refundOutput.script),\n    ).toLowerCase();\n    if (actualRefundOutputScriptPubKey !== expectedDepositorScriptPubKey) {\n      throw new Error(\n        `Refund output scriptPubKey ${actualRefundOutputScriptPubKey} does not ` +\n          `match the depositor's BIP-86 address ${expectedDepositorScriptPubKey}. ` +\n          `Refund refused — the reclaimed funds would not return to the depositor.`,\n      );\n    }\n\n    // Value: the single refund output must return the full HTLC value minus\n    // exactly the requested fee. The refund is 1-in/1-out (asserted above), so\n    // a value below `htlcValue - refundFee` means WASM applied a larger fee\n    // than requested — the difference would be burned as miner fee. Pin it so\n    // the depositor reclaims the expected amount, not a silently reduced one.\n    const expectedRefundOutputValue = actualHtlcValue - refundFee;\n    if (BigInt(refundOutput.value) !== expectedRefundOutputValue) {\n      throw new Error(\n        `Refund output value ${BigInt(refundOutput.value)} sat does not equal ` +\n          `the HTLC value ${actualHtlcValue} sat minus the requested fee ` +\n          `${refundFee} sat (expected ${expectedRefundOutputValue} sat). ` +\n          `Refund refused — the reclaimed amount would be burned as excess fee.`,\n      );\n    }\n\n    psbt.addOutput({\n      script: refundOutput.script,\n      value: refundOutput.value,\n    });\n\n    return { psbtHex: psbt.toHex() };\n  } finally {\n    fundedTx?.free();\n    unfundedTx.free();\n  }\n}\n","/**\n * NoPayout PSBT Builder\n *\n * Builds unsigned PSBTs for the depositor's NoPayout transaction\n * (depositor-as-claimer path, per challenger). The depositor signs input 0\n * using the NoPayout taproot script from WasmAssertPayoutNoPayoutConnector.\n *\n * @module primitives/psbt/noPayout\n * @see btc-vault crates/vault/docs/btc-transactions-spec.md — Assert output 0 NoPayout connector\n */\n\nimport {\n  type AssertPayoutNoPayoutConnectorParams,\n  type Network,\n  getAssertNoPayoutScriptInfo,\n  tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction, payments } from \"bitcoinjs-lib\";\n\nimport {\n  TAPSCRIPT_LEAF_VERSION,\n  getNetwork,\n  hexToUint8Array,\n  processPublicKeyToXOnly,\n  stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a NoPayout PSBT\n */\nexport interface NoPayoutParams {\n  /** NoPayout transaction hex (unsigned) from VP */\n  noPayoutTxHex: string;\n  /** Challenger's x-only public key (hex encoded) */\n  challengerPubkey: string;\n  /** Prevouts for all inputs [{script_pubkey, value}] from VP */\n  prevouts: Array<{ script_pubkey: string; value: number }>;\n  /** Parameters for the Assert Payout/NoPayout connector */\n  connectorParams: AssertPayoutNoPayoutConnectorParams;\n}\n\n/**\n * Build unsigned NoPayout PSBT.\n *\n * The NoPayout transaction is specific to each challenger.\n * Input 0 is the one the depositor signs using the NoPayout taproot script path.\n *\n * @param params - NoPayout parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildNoPayoutPsbt(\n  params: NoPayoutParams,\n): Promise<string> {\n  const noPayoutTxHex = stripHexPrefix(params.noPayoutTxHex);\n  const noPayoutTx = Transaction.fromHex(noPayoutTxHex);\n\n  // Get NoPayout script and control block for this challenger\n  const { noPayoutScript, noPayoutControlBlock } =\n    await getAssertNoPayoutScriptInfo(\n      params.connectorParams,\n      params.challengerPubkey,\n    );\n\n  const scriptBytes = hexToUint8Array(noPayoutScript);\n  const controlBlockBytes = hexToUint8Array(noPayoutControlBlock);\n\n  const psbt = new Psbt();\n  psbt.setVersion(noPayoutTx.version);\n  psbt.setLocktime(noPayoutTx.locktime);\n\n  // Add all inputs - depositor signs input 0 only\n  for (let i = 0; i < noPayoutTx.ins.length; i++) {\n    const input = noPayoutTx.ins[i];\n    const prevout = params.prevouts[i];\n\n    if (!prevout) {\n      throw new Error(`Missing prevout data for input ${i}`);\n    }\n\n    const inputData: Parameters<typeof psbt.addInput>[0] = {\n      hash: input.hash,\n      index: input.index,\n      sequence: input.sequence,\n      witnessUtxo: {\n        script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n        value: prevout.value,\n      },\n    };\n\n    // Input 0: depositor signs using taproot script path\n    if (i === 0) {\n      inputData.tapLeafScript = [\n        {\n          leafVersion: TAPSCRIPT_LEAF_VERSION,\n          script: Buffer.from(scriptBytes),\n          controlBlock: Buffer.from(controlBlockBytes),\n        },\n      ];\n      inputData.tapInternalKey = Buffer.from(tapInternalPubkey);\n    }\n\n    psbt.addInput(inputData);\n  }\n\n  // Add outputs\n  for (const output of noPayoutTx.outs) {\n    psbt.addOutput({\n      script: output.script,\n      value: output.value,\n    });\n  }\n\n  return psbt.toHex();\n}\n\n/**\n * Validate that a NoPayout transaction pays to the challenger via the\n * protocol-defined output structure: a single BIP-86 P2TR output derived from\n * the challenger's x-only pubkey.\n *\n * Mirrors the per-role payout output validation now inlined in\n * `buildPayoutPsbt` for the NoPayout path, where the sink is fixed by the\n * protocol rather than read from on-chain registration\n * (see `crates/vault/src/transactions/nopayout.rs::NoPayoutTx::new`).\n *\n * @param noPayoutTxHex - Raw NoPayout transaction hex\n * @param challengerPubkey - Challenger's x-only public key (hex)\n * @param network - Bitcoin network used to derive the P2TR scriptPubKey\n * @throws If the transaction does not have exactly one output\n * @throws If the single output's scriptPubKey does not equal the BIP-86 P2TR\n *         scriptPubKey for the challenger\n */\nexport function assertNoPayoutOutputMatchesChallenger(\n  noPayoutTxHex: string,\n  challengerPubkey: string,\n  network: Network,\n): void {\n  const tx = Transaction.fromHex(stripHexPrefix(noPayoutTxHex));\n\n  if (tx.outs.length !== 1) {\n    throw new Error(\n      `NoPayout transaction must have exactly 1 output, got ${tx.outs.length}`,\n    );\n  }\n\n  const xOnly = hexToUint8Array(processPublicKeyToXOnly(challengerPubkey));\n  const { output: expectedScript } = payments.p2tr({\n    internalPubkey: Buffer.from(xOnly),\n    network: getNetwork(network),\n  });\n  if (!expectedScript) {\n    throw new Error(\n      \"Failed to derive challenger BIP-86 P2TR scriptPubKey for NoPayout output validation\",\n    );\n  }\n\n  if (!tx.outs[0].script.equals(expectedScript)) {\n    throw new Error(\n      \"NoPayout transaction does not pay to the expected challenger BIP-86 P2TR address\",\n    );\n  }\n}\n"],"names":["buildRefundPsbt","params","initWasm","prePeginParams","fundedPrePeginTxHex","htlcVout","refundFee","hashlock","normalizedAuthAnchorHash","normalizeAuthAnchorHash","unfundedTx","WasmPrePeginTx","fundedTx","expectedHtlcScriptPubKey","expectedHtlcValue","refundTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","cleanPrePeginHex","prePeginTx","Transaction","htlcOutput","actualHtlcScriptPubKey","uint8ArrayToHex","actualHtlcValue","refundTx","refundInput","prePeginTxid","refundInputTxid","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","hexToUint8Array","tapInternalPubkey","refundOutput","expectedDepositorScriptPubKey","stripHexPrefix","deriveBip86ScriptPubKeyHex","actualRefundOutputScriptPubKey","expectedRefundOutputValue","buildNoPayoutPsbt","noPayoutTxHex","noPayoutTx","noPayoutScript","noPayoutControlBlock","getAssertNoPayoutScriptInfo","scriptBytes","controlBlockBytes","i","input","prevout","inputData","output","assertNoPayoutOutputMatchesChallenger","challengerPubkey","network","tx","xOnly","processPublicKeyToXOnly","expectedScript","payments","getNetwork"],"mappings":";;;;;AAwEA,eAAsBA,EACpBC,GACgC;AAChC,QAAMC,EAAA;AAEN,QAAM,EAAE,gBAAAC,GAAgB,qBAAAC,GAAqB,UAAAC,GAAU,WAAAC,GAAW,UAAAC,MAChEN,GAYIO,IAA2BC;AAAA,IAC/BN,EAAe;AAAA,EAAA,GAEXO,IAAa,IAAKC;AAAA,IAgBtBR,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACf,CAAC,GAAGA,EAAe,SAAS;AAAA,IAC5B,IAAI,eAAeA,EAAe,YAAY;AAAA,IAC9CA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfA,EAAe;AAAA,IACfK;AAAA,EAAA;AAGF,MAAII,IAAkC;AACtC,MAAI;AASF,UAAMC,IAA2BH,EAC9B,oBAAoBL,CAAQ,EAC5B,YAAA,GAMGS,IAAoBJ,EAAW,aAAaL,CAAQ;AAE1D,IAAAO,IAAWF,EAAW,sBAAsBN,CAAmB;AAE/D,UAAMW,IAAcH,EAAS,cAAcN,GAAWD,CAAQ,GAExDW,IAAgB,MAAMC,EAA6B;AAAA,MACvD,iBAAiBd,EAAe;AAAA,MAChC,qBAAqBA,EAAe;AAAA,MACpC,oBAAoBA,EAAe;AAAA,MACnC,4BAA4BA,EAAe;AAAA,MAC3C,UAAAI;AAAA,MACA,gBAAgBJ,EAAe;AAAA,MAC/B,SAASA,EAAe;AAAA,IAAA,CACzB,GAEKe,IAAmBd,EAAoB,WAAW,IAAI,IACxDA,EAAoB,MAAM,CAAC,IAC3BA,GACEe,IAAaC,EAAY,QAAQF,CAAgB,GAEjDG,IAAaF,EAAW,KAAKd,CAAQ;AAC3C,QAAI,CAACgB;AACH,YAAM,IAAI;AAAA,QACR,uBAAuBhB,CAAQ,6CAClBc,EAAW,KAAK,MAAM;AAAA,MAAA;AAIvC,UAAMG,IAAyBC;AAAA,MAC7B,IAAI,WAAWF,EAAW,MAAM;AAAA,IAAA,EAChC,YAAA;AACF,QAAIC,MAA2BT;AAC7B,YAAM,IAAI;AAAA,QACR,sCAAsCR,CAAQ,oCACxBQ,CAAwB,uBACzCS,CAAsB;AAAA,MAAA;AAY/B,UAAME,IAAkB,OAAOH,EAAW,KAAK;AAC/C,QAAIG,MAAoBV;AACtB,YAAM,IAAI;AAAA,QACR,+BAA+BT,CAAQ,oCAC1BS,CAAiB,2BACzBU,CAAe;AAAA,MAAA;AAKxB,UAAMC,IAAWL,EAAY,QAAQL,CAAW;AAEhD,QAAIU,EAAS,IAAI,WAAW;AAC1B,YAAM,IAAI;AAAA,QACR,qDAAqDA,EAAS,IAAI,MAAM;AAAA,MAAA;AAI5E,UAAMC,IAAcD,EAAS,IAAI,CAAC,GAG5BE,IAAeR,EAAW,MAAA,GAC1BS,IAAkBL;AAAA,MACtB,IAAI,WAAWG,EAAY,IAAI,EAAE,MAAA,EAAQ,QAAA;AAAA,IAAQ;AAEnD,QAAIE,MAAoBD;AACtB,YAAM,IAAI;AAAA,QACR,uEACcA,CAAY,SAASC,CAAe;AAAA,MAAA;AAGtD,QAAIF,EAAY,UAAUrB;AACxB,YAAM,IAAI;AAAA,QACR,sBAAsBqB,EAAY,KAAK,qCAAqCrB,CAAQ;AAAA,MAAA;AAIxF,UAAMwB,IAAO,IAAIC,EAAA;AA+BjB,QA9BAD,EAAK,WAAWJ,EAAS,OAAO,GAChCI,EAAK,YAAYJ,EAAS,QAAQ,GAElCI,EAAK,SAAS;AAAA,MACZ,MAAMH,EAAY;AAAA,MAClB,OAAOA,EAAY;AAAA,MACnB,UAAUA,EAAY;AAAA,MACtB,aAAa;AAAA,QACX,QAAQL,EAAW;AAAA,QACnB,OAAOA,EAAW;AAAA,MAAA;AAAA,MAEpB,eAAe;AAAA,QACb;AAAA,UACE,aAAaU;AAAA,UACb,QAAQC,EAAO,KAAKC,EAAgBjB,EAAc,YAAY,CAAC;AAAA,UAC/D,cAAcgB,EAAO;AAAA,YACnBC,EAAgBjB,EAAc,kBAAkB;AAAA,UAAA;AAAA,QAClD;AAAA,MACF;AAAA,MAEF,gBAAgBgB,EAAO,KAAKE,CAAiB;AAAA,IAAA,CAC9C,GASGT,EAAS,KAAK,WAAW;AAC3B,YAAM,IAAI;AAAA,QACR,sDAAsDA,EAAS,KAAK,MAAM;AAAA,MAAA;AAG9E,UAAMU,IAAeV,EAAS,KAAK,CAAC,GAC9BW,IAAgCC;AAAA,MACpCC,EAA2BnC,EAAe,eAAe;AAAA,IAAA,EACzD,YAAA,GACIoC,IAAiChB;AAAA,MACrC,IAAI,WAAWY,EAAa,MAAM;AAAA,IAAA,EAClC,YAAA;AACF,QAAII,MAAmCH;AACrC,YAAM,IAAI;AAAA,QACR,8BAA8BG,CAA8B,kDAClBH,CAA6B;AAAA,MAAA;AAU3E,UAAMI,IAA4BhB,IAAkBlB;AACpD,QAAI,OAAO6B,EAAa,KAAK,MAAMK;AACjC,YAAM,IAAI;AAAA,QACR,uBAAuB,OAAOL,EAAa,KAAK,CAAC,sCAC7BX,CAAe,gCAC9BlB,CAAS,kBAAkBkC,CAAyB;AAAA,MAAA;AAK7D,WAAAX,EAAK,UAAU;AAAA,MACb,QAAQM,EAAa;AAAA,MACrB,OAAOA,EAAa;AAAA,IAAA,CACrB,GAEM,EAAE,SAASN,EAAK,QAAM;AAAA,EAC/B,UAAA;AACE,IAAAjB,KAAA,QAAAA,EAAU,QACVF,EAAW,KAAA;AAAA,EACb;AACF;AC7PA,eAAsB+B,EACpBxC,GACiB;AACjB,QAAMyC,IAAgBL,EAAepC,EAAO,aAAa,GACnD0C,IAAavB,EAAY,QAAQsB,CAAa,GAG9C,EAAE,gBAAAE,GAAgB,sBAAAC,EAAA,IACtB,MAAMC;AAAA,IACJ7C,EAAO;AAAA,IACPA,EAAO;AAAA,EAAA,GAGL8C,IAAcd,EAAgBW,CAAc,GAC5CI,IAAoBf,EAAgBY,CAAoB,GAExDhB,IAAO,IAAIC,EAAA;AACjB,EAAAD,EAAK,WAAWc,EAAW,OAAO,GAClCd,EAAK,YAAYc,EAAW,QAAQ;AAGpC,WAASM,IAAI,GAAGA,IAAIN,EAAW,IAAI,QAAQM,KAAK;AAC9C,UAAMC,IAAQP,EAAW,IAAIM,CAAC,GACxBE,IAAUlD,EAAO,SAASgD,CAAC;AAEjC,QAAI,CAACE;AACH,YAAM,IAAI,MAAM,kCAAkCF,CAAC,EAAE;AAGvD,UAAMG,IAAiD;AAAA,MACrD,MAAMF,EAAM;AAAA,MACZ,OAAOA,EAAM;AAAA,MACb,UAAUA,EAAM;AAAA,MAChB,aAAa;AAAA,QACX,QAAQlB,EAAO,KAAKC,EAAgBI,EAAec,EAAQ,aAAa,CAAC,CAAC;AAAA,QAC1E,OAAOA,EAAQ;AAAA,MAAA;AAAA,IACjB;AAIF,IAAIF,MAAM,MACRG,EAAU,gBAAgB;AAAA,MACxB;AAAA,QACE,aAAarB;AAAA,QACb,QAAQC,EAAO,KAAKe,CAAW;AAAA,QAC/B,cAAcf,EAAO,KAAKgB,CAAiB;AAAA,MAAA;AAAA,IAC7C,GAEFI,EAAU,iBAAiBpB,EAAO,KAAKE,CAAiB,IAG1DL,EAAK,SAASuB,CAAS;AAAA,EACzB;AAGA,aAAWC,KAAUV,EAAW;AAC9B,IAAAd,EAAK,UAAU;AAAA,MACb,QAAQwB,EAAO;AAAA,MACf,OAAOA,EAAO;AAAA,IAAA,CACf;AAGH,SAAOxB,EAAK,MAAA;AACd;AAmBO,SAASyB,EACdZ,GACAa,GACAC,GACM;AACN,QAAMC,IAAKrC,EAAY,QAAQiB,EAAeK,CAAa,CAAC;AAE5D,MAAIe,EAAG,KAAK,WAAW;AACrB,UAAM,IAAI;AAAA,MACR,wDAAwDA,EAAG,KAAK,MAAM;AAAA,IAAA;AAI1E,QAAMC,IAAQzB,EAAgB0B,EAAwBJ,CAAgB,CAAC,GACjE,EAAE,QAAQK,MAAmBC,EAAS,KAAK;AAAA,IAC/C,gBAAgB7B,EAAO,KAAK0B,CAAK;AAAA,IACjC,SAASI,EAAWN,CAAO;AAAA,EAAA,CAC5B;AACD,MAAI,CAACI;AACH,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAIJ,MAAI,CAACH,EAAG,KAAK,CAAC,EAAE,OAAO,OAAOG,CAAc;AAC1C,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAGN;"}

package/dist/noPayout-CJ_Acpl_.cjs

@@ -1,2 +0,0 @@
-"use strict";const P=require("@babylonlabs-io/babylon-tbv-rust-wasm"),a=require("buffer"),l=require("bitcoinjs-lib"),t=require("./bitcoin-CHfKAhcI.cjs"),C=require("./verifyScriptPathSchnorrSignature-D43cncKJ.cjs");async function S(s){await P.initWasm();const{prePeginParams:e,fundedPrePeginTxHex:o,htlcVout:r,refundFee:c,hashlock:d}=s,g=C.normalizeAuthAnchorHash(e.authAnchorHash),u=new P.WasmPrePeginTx(e.depositorPubkey,e.vaultProviderPubkey,e.vaultKeeperPubkeys,e.universalChallengerPubkeys,[...e.hashlocks],new BigUint64Array(e.pegInAmounts),e.timelockRefund,e.feeRate,e.minPeginFeeRate,e.numLocalChallengers,e.councilQuorum,e.councilSize,e.network,g);let n=null;try{const f=u.getHtlcScriptPubKey(r).toLowerCase(),p=u.getHtlcValue(r);n=u.fromFundedTransaction(o);const x=n.buildRefundTx(c,r),k=await P.getPrePeginHtlcConnectorInfo({depositorPubkey:e.depositorPubkey,vaultProviderPubkey:e.vaultProviderPubkey,vaultKeeperPubkeys:e.vaultKeeperPubkeys,universalChallengerPubkeys:e.universalChallengerPubkeys,hashlock:d,timelockRefund:e.timelockRefund,network:e.network}),$=o.startsWith("0x")?o.slice(2):o,v=l.Transaction.fromHex($),y=v.outs[r];if(!y)throw new Error(`HTLC output at vout ${r} not found in funded Pre-PegIn tx (tx has ${v.outs.length} outputs)`);const T=t.uint8ArrayToHex(new Uint8Array(y.script)).toLowerCase();if(T!==f)throw new Error(`HTLC scriptPubKey mismatch at vout ${r}: reconstructed template expects ${f}, funded tx carries ${T}. Refund refused — the (hashlocks, pegInAmounts) vector does not match the on-chain commitment.`);const w=BigInt(y.value);if(w!==p)throw new Error(`HTLC value mismatch at vout ${r}: reconstructed template expects ${p} sat, funded tx carries ${w} sat. Refund refused — the pegInAmounts vector does not match the on-chain commitment.`);const i=l.Transaction.fromHex(x);if(i.ins.length!==1)throw new Error(`Refund transaction must have exactly 1 input, got ${i.ins.length}`);const h=i.ins[0],H=v.getId(),R=t.uint8ArrayToHex(new Uint8Array(h.hash).slice().reverse());if(R!==H)throw new Error(`Refund input does not reference the Pre-PegIn transaction. Expected ${H}, got ${R}`);if(h.index!==r)throw new Error(`Refund input index ${h.index} does not match expected htlcVout ${r}`);const m=new l.Psbt;if(m.setVersion(i.version),m.setLocktime(i.locktime),m.addInput({hash:h.hash,index:h.index,sequence:h.sequence,witnessUtxo:{script:y.script,value:y.value},tapLeafScript:[{leafVersion:t.TAPSCRIPT_LEAF_VERSION,script:a.Buffer.from(t.hexToUint8Array(k.refundScript)),controlBlock:a.Buffer.from(t.hexToUint8Array(k.refundControlBlock))}],tapInternalKey:a.Buffer.from(P.tapInternalPubkey)}),i.outs.length!==1)throw new Error(`Refund transaction must have exactly 1 output, got ${i.outs.length}`);const b=i.outs[0],A=t.stripHexPrefix(t.deriveBip86ScriptPubKeyHex(e.depositorPubkey)).toLowerCase(),I=t.uint8ArrayToHex(new Uint8Array(b.script)).toLowerCase();if(I!==A)throw new Error(`Refund output scriptPubKey ${I} does not match the depositor's BIP-86 address ${A}. Refund refused — the reclaimed funds would not return to the depositor.`);const B=w-c;if(BigInt(b.value)!==B)throw new Error(`Refund output value ${BigInt(b.value)} sat does not equal the HTLC value ${w} sat minus the requested fee ${c} sat (expected ${B} sat). Refund refused — the reclaimed amount would be burned as excess fee.`);return m.addOutput({script:b.script,value:b.value}),{psbtHex:m.toHex()}}finally{n==null||n.free(),u.free()}}async function E(s){const e=t.stripHexPrefix(s.noPayoutTxHex),o=l.Transaction.fromHex(e),{noPayoutScript:r,noPayoutControlBlock:c}=await P.getAssertNoPayoutScriptInfo(s.connectorParams,s.challengerPubkey),d=t.hexToUint8Array(r),g=t.hexToUint8Array(c),u=new l.Psbt;u.setVersion(o.version),u.setLocktime(o.locktime);for(let n=0;n<o.ins.length;n++){const f=o.ins[n],p=s.prevouts[n];if(!p)throw new Error(`Missing prevout data for input ${n}`);const x={hash:f.hash,index:f.index,sequence:f.sequence,witnessUtxo:{script:a.Buffer.from(t.hexToUint8Array(t.stripHexPrefix(p.script_pubkey))),value:p.value}};n===0&&(x.tapLeafScript=[{leafVersion:t.TAPSCRIPT_LEAF_VERSION,script:a.Buffer.from(d),controlBlock:a.Buffer.from(g)}],x.tapInternalKey=a.Buffer.from(P.tapInternalPubkey)),u.addInput(x)}for(const n of o.outs)u.addOutput({script:n.script,value:n.value});return u.toHex()}function K(s,e,o){const r=l.Transaction.fromHex(t.stripHexPrefix(s));if(r.outs.length!==1)throw new Error(`NoPayout transaction must have exactly 1 output, got ${r.outs.length}`);const c=t.hexToUint8Array(t.processPublicKeyToXOnly(e)),{output:d}=l.payments.p2tr({internalPubkey:a.Buffer.from(c),network:t.getNetwork(o)});if(!d)throw new Error("Failed to derive challenger BIP-86 P2TR scriptPubKey for NoPayout output validation");if(!r.outs[0].script.equals(d))throw new Error("NoPayout transaction does not pay to the expected challenger BIP-86 P2TR address")}exports.assertNoPayoutOutputMatchesChallenger=K;exports.buildNoPayoutPsbt=E;exports.buildRefundPsbt=S;
-//# sourceMappingURL=noPayout-CJ_Acpl_.cjs.map

package/dist/noPayout-CJ_Acpl_.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"noPayout-CJ_Acpl_.cjs","sources":["../src/tbv/core/primitives/psbt/refund.ts","../src/tbv/core/primitives/psbt/noPayout.ts"],"sourcesContent":["/**\n * Refund PSBT Builder Primitive\n *\n * Builds an unsigned refund PSBT for a depositor to reclaim BTC from\n * a timed-out Pre-PegIn HTLC output via the refund script (leaf 1).\n *\n * The refund script enforces a CSV timelock (timelockRefund blocks) and\n * requires only the depositor's Schnorr signature — no vault provider or\n * keeper involvement.\n *\n * @module primitives/psbt/refund\n */\n\nimport {\n  getPrePeginHtlcConnectorInfo,\n  initWasm,\n  tapInternalPubkey,\n  WasmPrePeginTx,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction } from \"bitcoinjs-lib\";\n\nimport {\n  TAPSCRIPT_LEAF_VERSION,\n  deriveBip86ScriptPubKeyHex,\n  hexToUint8Array,\n  stripHexPrefix,\n  uint8ArrayToHex,\n} from \"../utils/bitcoin\";\nimport { normalizeAuthAnchorHash, type PrePeginParams } from \"./pegin\";\n\n/**\n * Parameters for building a refund PSBT\n */\nexport interface BuildRefundPsbtParams {\n  /** Same PrePeginParams used when the original Pre-PegIn tx was created */\n  prePeginParams: PrePeginParams;\n  /** Funded Pre-PegIn transaction hex (the tx whose HTLC output is being refunded) */\n  fundedPrePeginTxHex: string;\n  /** Index of the HTLC output in the Pre-PegIn transaction */\n  htlcVout: number;\n  /** Transaction fee in satoshis for the refund transaction */\n  refundFee: bigint;\n  /** SHA256 hash commitment for the HTLC (64 hex chars, no 0x prefix) */\n  hashlock: string;\n}\n\n/**\n * Result of building a refund PSBT\n */\nexport interface BuildRefundPsbtResult {\n  /** PSBT hex ready for depositor signing */\n  psbtHex: string;\n}\n\n/**\n * Build a PSBT for signing the refund transaction.\n *\n * The refund transaction spends the Pre-PegIn HTLC output via leaf 1\n * (the refund script: `<timelockRefund> CSV DROP <depositorPubkey> CHECKSIG`).\n * The PSBT includes the tapLeafScript entry so the depositor's wallet can\n * sign using Taproot script-path spending.\n *\n * The input's sequence is set to `timelockRefund` by the WASM, enforcing\n * the Bitcoin CSV timelock. The refund broadcast will be rejected by the\n * network if the timelock has not yet expired.\n *\n * @param params - Refund PSBT parameters\n * @returns PSBT hex for depositor signing\n * @throws If the HTLC output at htlcVout is not found\n * @throws If the refund transaction does not have exactly 1 input\n */\nexport async function buildRefundPsbt(\n  params: BuildRefundPsbtParams,\n): Promise<BuildRefundPsbtResult> {\n  await initWasm();\n\n  const { prePeginParams, fundedPrePeginTxHex, htlcVout, refundFee, hashlock } =\n    params;\n\n  // The 14th positional arg `auth_anchor_hash` is `Option<String>` in\n  // the Rust WASM constructor (the 9th arg `min_pegin_fee_rate` requires\n  // the two-rate constructor from btc-vault #1930). Production peg-ins\n  // (PeginManager) always commit an OP_RETURN <PUSH32 SHA256(authAnchor)>\n  // output at `vout = hashlocks.length`; the unfunded template must\n  // include it so `fromFundedTransaction` aligns with the funded tx.\n  // Normalize identically to the peg-in primitives (`0x` strip,\n  // lowercase, length/charset validation) so a direct primitive caller\n  // reusing successful peg-in params doesn't hand unnormalized bytes to\n  // WASM. Pass `undefined` for legacy non-auth-anchored Pre-PegIns.\n  const normalizedAuthAnchorHash = normalizeAuthAnchorHash(\n    prePeginParams.authAnchorHash,\n  );\n  const unfundedTx = new (WasmPrePeginTx as unknown as new (\n    depositor: string,\n    vault_provider: string,\n    vault_keepers: string[],\n    universal_challengers: string[],\n    hashlocks: string[],\n    pegin_amounts: BigUint64Array,\n    timelock_refund: number,\n    fee_rate: bigint,\n    min_pegin_fee_rate: bigint,\n    num_local_challengers: number,\n    council_quorum: number,\n    council_size: number,\n    network: string,\n    auth_anchor_hash?: string,\n  ) => typeof WasmPrePeginTx.prototype)(\n    prePeginParams.depositorPubkey,\n    prePeginParams.vaultProviderPubkey,\n    prePeginParams.vaultKeeperPubkeys,\n    prePeginParams.universalChallengerPubkeys,\n    [...prePeginParams.hashlocks],\n    new BigUint64Array(prePeginParams.pegInAmounts),\n    prePeginParams.timelockRefund,\n    prePeginParams.feeRate,\n    prePeginParams.minPeginFeeRate,\n    prePeginParams.numLocalChallengers,\n    prePeginParams.councilQuorum,\n    prePeginParams.councilSize,\n    prePeginParams.network,\n    normalizedAuthAnchorHash,\n  );\n\n  let fundedTx: WasmPrePeginTx | null = null;\n  try {\n    // Cross-check the reconstructed unfunded template against the funded\n    // transaction: the WASM template's HTLC scriptPubKey at `htlcVout`\n    // must equal the bytes the funded tx carries at the same output.\n    // If they disagree, the template was reconstructed from the wrong\n    // (hashlocks, amounts) vector — signing it would produce a refund\n    // that does not spend the on-chain HTLC the depositor expects.\n    // This is the explicit invariant the audit recommends: never sign a\n    // refund whose template doesn't match the on-chain output bytes.\n    const expectedHtlcScriptPubKey = unfundedTx\n      .getHtlcScriptPubKey(htlcVout)\n      .toLowerCase();\n    // The reconstructed template's HTLC output value at `htlcVout`,\n    // sized by WASM from the supplied `pegInAmounts` via the protocol\n    // formula `htlcValue = peginAmount + depositorClaimValue + minPeginFee`.\n    // Captured before `fromFundedTransaction` to bind it to the value the\n    // funded tx actually carries (see the cross-check below).\n    const expectedHtlcValue = unfundedTx.getHtlcValue(htlcVout);\n\n    fundedTx = unfundedTx.fromFundedTransaction(fundedPrePeginTxHex);\n\n    const refundTxHex = fundedTx.buildRefundTx(refundFee, htlcVout);\n\n    const htlcConnector = await getPrePeginHtlcConnectorInfo({\n      depositorPubkey: prePeginParams.depositorPubkey,\n      vaultProviderPubkey: prePeginParams.vaultProviderPubkey,\n      vaultKeeperPubkeys: prePeginParams.vaultKeeperPubkeys,\n      universalChallengerPubkeys: prePeginParams.universalChallengerPubkeys,\n      hashlock,\n      timelockRefund: prePeginParams.timelockRefund,\n      network: prePeginParams.network,\n    });\n\n    const cleanPrePeginHex = fundedPrePeginTxHex.startsWith(\"0x\")\n      ? fundedPrePeginTxHex.slice(2)\n      : fundedPrePeginTxHex;\n    const prePeginTx = Transaction.fromHex(cleanPrePeginHex);\n\n    const htlcOutput = prePeginTx.outs[htlcVout];\n    if (!htlcOutput) {\n      throw new Error(\n        `HTLC output at vout ${htlcVout} not found in funded Pre-PegIn tx ` +\n          `(tx has ${prePeginTx.outs.length} outputs)`,\n      );\n    }\n\n    const actualHtlcScriptPubKey = uint8ArrayToHex(\n      new Uint8Array(htlcOutput.script),\n    ).toLowerCase();\n    if (actualHtlcScriptPubKey !== expectedHtlcScriptPubKey) {\n      throw new Error(\n        `HTLC scriptPubKey mismatch at vout ${htlcVout}: reconstructed ` +\n          `template expects ${expectedHtlcScriptPubKey}, funded tx carries ` +\n          `${actualHtlcScriptPubKey}. Refund refused — the (hashlocks, ` +\n          `pegInAmounts) vector does not match the on-chain commitment.`,\n      );\n    }\n\n    // Value cross-check (mirrors the script check above): the template's\n    // HTLC value — derived by WASM from `pegInAmounts` via the protocol\n    // formula — must equal the value the funded tx pays at this output.\n    // A caller that hands the full HTLC output value (or any wrong amount)\n    // as `pegInAmounts` would inflate the template value and trip this\n    // guard, rather than silently signing a refund built from a template\n    // that disagrees with the on-chain commitment.\n    const actualHtlcValue = BigInt(htlcOutput.value);\n    if (actualHtlcValue !== expectedHtlcValue) {\n      throw new Error(\n        `HTLC value mismatch at vout ${htlcVout}: reconstructed template ` +\n          `expects ${expectedHtlcValue} sat, funded tx carries ` +\n          `${actualHtlcValue} sat. Refund refused — the pegInAmounts vector ` +\n          `does not match the on-chain commitment.`,\n      );\n    }\n\n    const refundTx = Transaction.fromHex(refundTxHex);\n\n    if (refundTx.ins.length !== 1) {\n      throw new Error(\n        `Refund transaction must have exactly 1 input, got ${refundTx.ins.length}`,\n      );\n    }\n\n    const refundInput = refundTx.ins[0];\n\n    // Verify the refund input spends the correct Pre-PegIn HTLC output\n    const prePeginTxid = prePeginTx.getId();\n    const refundInputTxid = uint8ArrayToHex(\n      new Uint8Array(refundInput.hash).slice().reverse(),\n    );\n    if (refundInputTxid !== prePeginTxid) {\n      throw new Error(\n        `Refund input does not reference the Pre-PegIn transaction. ` +\n          `Expected ${prePeginTxid}, got ${refundInputTxid}`,\n      );\n    }\n    if (refundInput.index !== htlcVout) {\n      throw new Error(\n        `Refund input index ${refundInput.index} does not match expected htlcVout ${htlcVout}`,\n      );\n    }\n\n    const psbt = new Psbt();\n    psbt.setVersion(refundTx.version);\n    psbt.setLocktime(refundTx.locktime);\n\n    psbt.addInput({\n      hash: refundInput.hash,\n      index: refundInput.index,\n      sequence: refundInput.sequence,\n      witnessUtxo: {\n        script: htlcOutput.script,\n        value: htlcOutput.value,\n      },\n      tapLeafScript: [\n        {\n          leafVersion: TAPSCRIPT_LEAF_VERSION,\n          script: Buffer.from(hexToUint8Array(htlcConnector.refundScript)),\n          controlBlock: Buffer.from(\n            hexToUint8Array(htlcConnector.refundControlBlock),\n          ),\n        },\n      ],\n      tapInternalKey: Buffer.from(tapInternalPubkey),\n    });\n\n    // Output side: pin the single refund output to the depositor's own\n    // BIP-86 P2TR address, mirroring the input-side pinning above. WASM\n    // builds the refund output from the refund leaf's depositor key, so a\n    // correct template always pays exactly one output back to the depositor.\n    // Asserting it here means a malformed template (or a tampered WASM)\n    // cannot redirect the reclaimed funds to a script the depositor does\n    // not control.\n    if (refundTx.outs.length !== 1) {\n      throw new Error(\n        `Refund transaction must have exactly 1 output, got ${refundTx.outs.length}`,\n      );\n    }\n    const refundOutput = refundTx.outs[0];\n    const expectedDepositorScriptPubKey = stripHexPrefix(\n      deriveBip86ScriptPubKeyHex(prePeginParams.depositorPubkey),\n    ).toLowerCase();\n    const actualRefundOutputScriptPubKey = uint8ArrayToHex(\n      new Uint8Array(refundOutput.script),\n    ).toLowerCase();\n    if (actualRefundOutputScriptPubKey !== expectedDepositorScriptPubKey) {\n      throw new Error(\n        `Refund output scriptPubKey ${actualRefundOutputScriptPubKey} does not ` +\n          `match the depositor's BIP-86 address ${expectedDepositorScriptPubKey}. ` +\n          `Refund refused — the reclaimed funds would not return to the depositor.`,\n      );\n    }\n\n    // Value: the single refund output must return the full HTLC value minus\n    // exactly the requested fee. The refund is 1-in/1-out (asserted above), so\n    // a value below `htlcValue - refundFee` means WASM applied a larger fee\n    // than requested — the difference would be burned as miner fee. Pin it so\n    // the depositor reclaims the expected amount, not a silently reduced one.\n    const expectedRefundOutputValue = actualHtlcValue - refundFee;\n    if (BigInt(refundOutput.value) !== expectedRefundOutputValue) {\n      throw new Error(\n        `Refund output value ${BigInt(refundOutput.value)} sat does not equal ` +\n          `the HTLC value ${actualHtlcValue} sat minus the requested fee ` +\n          `${refundFee} sat (expected ${expectedRefundOutputValue} sat). ` +\n          `Refund refused — the reclaimed amount would be burned as excess fee.`,\n      );\n    }\n\n    psbt.addOutput({\n      script: refundOutput.script,\n      value: refundOutput.value,\n    });\n\n    return { psbtHex: psbt.toHex() };\n  } finally {\n    fundedTx?.free();\n    unfundedTx.free();\n  }\n}\n","/**\n * NoPayout PSBT Builder\n *\n * Builds unsigned PSBTs for the depositor's NoPayout transaction\n * (depositor-as-claimer path, per challenger). The depositor signs input 0\n * using the NoPayout taproot script from WasmAssertPayoutNoPayoutConnector.\n *\n * @module primitives/psbt/noPayout\n * @see btc-vault crates/vault/docs/btc-transactions-spec.md — Assert output 0 NoPayout connector\n */\n\nimport {\n  type AssertPayoutNoPayoutConnectorParams,\n  type Network,\n  getAssertNoPayoutScriptInfo,\n  tapInternalPubkey,\n} from \"@babylonlabs-io/babylon-tbv-rust-wasm\";\nimport { Buffer } from \"buffer\";\nimport { Psbt, Transaction, payments } from \"bitcoinjs-lib\";\n\nimport {\n  TAPSCRIPT_LEAF_VERSION,\n  getNetwork,\n  hexToUint8Array,\n  processPublicKeyToXOnly,\n  stripHexPrefix,\n} from \"../utils/bitcoin\";\n\n/**\n * Parameters for building a NoPayout PSBT\n */\nexport interface NoPayoutParams {\n  /** NoPayout transaction hex (unsigned) from VP */\n  noPayoutTxHex: string;\n  /** Challenger's x-only public key (hex encoded) */\n  challengerPubkey: string;\n  /** Prevouts for all inputs [{script_pubkey, value}] from VP */\n  prevouts: Array<{ script_pubkey: string; value: number }>;\n  /** Parameters for the Assert Payout/NoPayout connector */\n  connectorParams: AssertPayoutNoPayoutConnectorParams;\n}\n\n/**\n * Build unsigned NoPayout PSBT.\n *\n * The NoPayout transaction is specific to each challenger.\n * Input 0 is the one the depositor signs using the NoPayout taproot script path.\n *\n * @param params - NoPayout parameters\n * @returns Unsigned PSBT hex ready for signing\n */\nexport async function buildNoPayoutPsbt(\n  params: NoPayoutParams,\n): Promise<string> {\n  const noPayoutTxHex = stripHexPrefix(params.noPayoutTxHex);\n  const noPayoutTx = Transaction.fromHex(noPayoutTxHex);\n\n  // Get NoPayout script and control block for this challenger\n  const { noPayoutScript, noPayoutControlBlock } =\n    await getAssertNoPayoutScriptInfo(\n      params.connectorParams,\n      params.challengerPubkey,\n    );\n\n  const scriptBytes = hexToUint8Array(noPayoutScript);\n  const controlBlockBytes = hexToUint8Array(noPayoutControlBlock);\n\n  const psbt = new Psbt();\n  psbt.setVersion(noPayoutTx.version);\n  psbt.setLocktime(noPayoutTx.locktime);\n\n  // Add all inputs - depositor signs input 0 only\n  for (let i = 0; i < noPayoutTx.ins.length; i++) {\n    const input = noPayoutTx.ins[i];\n    const prevout = params.prevouts[i];\n\n    if (!prevout) {\n      throw new Error(`Missing prevout data for input ${i}`);\n    }\n\n    const inputData: Parameters<typeof psbt.addInput>[0] = {\n      hash: input.hash,\n      index: input.index,\n      sequence: input.sequence,\n      witnessUtxo: {\n        script: Buffer.from(hexToUint8Array(stripHexPrefix(prevout.script_pubkey))),\n        value: prevout.value,\n      },\n    };\n\n    // Input 0: depositor signs using taproot script path\n    if (i === 0) {\n      inputData.tapLeafScript = [\n        {\n          leafVersion: TAPSCRIPT_LEAF_VERSION,\n          script: Buffer.from(scriptBytes),\n          controlBlock: Buffer.from(controlBlockBytes),\n        },\n      ];\n      inputData.tapInternalKey = Buffer.from(tapInternalPubkey);\n    }\n\n    psbt.addInput(inputData);\n  }\n\n  // Add outputs\n  for (const output of noPayoutTx.outs) {\n    psbt.addOutput({\n      script: output.script,\n      value: output.value,\n    });\n  }\n\n  return psbt.toHex();\n}\n\n/**\n * Validate that a NoPayout transaction pays to the challenger via the\n * protocol-defined output structure: a single BIP-86 P2TR output derived from\n * the challenger's x-only pubkey.\n *\n * Mirrors the per-role payout output validation now inlined in\n * `buildPayoutPsbt` for the NoPayout path, where the sink is fixed by the\n * protocol rather than read from on-chain registration\n * (see `crates/vault/src/transactions/nopayout.rs::NoPayoutTx::new`).\n *\n * @param noPayoutTxHex - Raw NoPayout transaction hex\n * @param challengerPubkey - Challenger's x-only public key (hex)\n * @param network - Bitcoin network used to derive the P2TR scriptPubKey\n * @throws If the transaction does not have exactly one output\n * @throws If the single output's scriptPubKey does not equal the BIP-86 P2TR\n *         scriptPubKey for the challenger\n */\nexport function assertNoPayoutOutputMatchesChallenger(\n  noPayoutTxHex: string,\n  challengerPubkey: string,\n  network: Network,\n): void {\n  const tx = Transaction.fromHex(stripHexPrefix(noPayoutTxHex));\n\n  if (tx.outs.length !== 1) {\n    throw new Error(\n      `NoPayout transaction must have exactly 1 output, got ${tx.outs.length}`,\n    );\n  }\n\n  const xOnly = hexToUint8Array(processPublicKeyToXOnly(challengerPubkey));\n  const { output: expectedScript } = payments.p2tr({\n    internalPubkey: Buffer.from(xOnly),\n    network: getNetwork(network),\n  });\n  if (!expectedScript) {\n    throw new Error(\n      \"Failed to derive challenger BIP-86 P2TR scriptPubKey for NoPayout output validation\",\n    );\n  }\n\n  if (!tx.outs[0].script.equals(expectedScript)) {\n    throw new Error(\n      \"NoPayout transaction does not pay to the expected challenger BIP-86 P2TR address\",\n    );\n  }\n}\n"],"names":["buildRefundPsbt","params","initWasm","prePeginParams","fundedPrePeginTxHex","htlcVout","refundFee","hashlock","normalizedAuthAnchorHash","normalizeAuthAnchorHash","unfundedTx","WasmPrePeginTx","fundedTx","expectedHtlcScriptPubKey","expectedHtlcValue","refundTxHex","htlcConnector","getPrePeginHtlcConnectorInfo","cleanPrePeginHex","prePeginTx","Transaction","htlcOutput","actualHtlcScriptPubKey","uint8ArrayToHex","actualHtlcValue","refundTx","refundInput","prePeginTxid","refundInputTxid","psbt","Psbt","TAPSCRIPT_LEAF_VERSION","Buffer","hexToUint8Array","tapInternalPubkey","refundOutput","expectedDepositorScriptPubKey","stripHexPrefix","deriveBip86ScriptPubKeyHex","actualRefundOutputScriptPubKey","expectedRefundOutputValue","buildNoPayoutPsbt","noPayoutTxHex","noPayoutTx","noPayoutScript","noPayoutControlBlock","getAssertNoPayoutScriptInfo","scriptBytes","controlBlockBytes","i","input","prevout","inputData","output","assertNoPayoutOutputMatchesChallenger","challengerPubkey","network","tx","xOnly","processPublicKeyToXOnly","expectedScript","payments","getNetwork"],"mappings":"sNAwEA,eAAsBA,EACpBC,EACgC,CAChC,MAAMC,WAAA,EAEN,KAAM,CAAE,eAAAC,EAAgB,oBAAAC,EAAqB,SAAAC,EAAU,UAAAC,EAAW,SAAAC,GAChEN,EAYIO,EAA2BC,EAAAA,wBAC/BN,EAAe,cAAA,EAEXO,EAAa,IAAKC,EAAAA,eAgBtBR,EAAe,gBACfA,EAAe,oBACfA,EAAe,mBACfA,EAAe,2BACf,CAAC,GAAGA,EAAe,SAAS,EAC5B,IAAI,eAAeA,EAAe,YAAY,EAC9CA,EAAe,eACfA,EAAe,QACfA,EAAe,gBACfA,EAAe,oBACfA,EAAe,cACfA,EAAe,YACfA,EAAe,QACfK,CAAA,EAGF,IAAII,EAAkC,KACtC,GAAI,CASF,MAAMC,EAA2BH,EAC9B,oBAAoBL,CAAQ,EAC5B,YAAA,EAMGS,EAAoBJ,EAAW,aAAaL,CAAQ,EAE1DO,EAAWF,EAAW,sBAAsBN,CAAmB,EAE/D,MAAMW,EAAcH,EAAS,cAAcN,EAAWD,CAAQ,EAExDW,EAAgB,MAAMC,+BAA6B,CACvD,gBAAiBd,EAAe,gBAChC,oBAAqBA,EAAe,oBACpC,mBAAoBA,EAAe,mBACnC,2BAA4BA,EAAe,2BAC3C,SAAAI,EACA,eAAgBJ,EAAe,eAC/B,QAASA,EAAe,OAAA,CACzB,EAEKe,EAAmBd,EAAoB,WAAW,IAAI,EACxDA,EAAoB,MAAM,CAAC,EAC3BA,EACEe,EAAaC,EAAAA,YAAY,QAAQF,CAAgB,EAEjDG,EAAaF,EAAW,KAAKd,CAAQ,EAC3C,GAAI,CAACgB,EACH,MAAM,IAAI,MACR,uBAAuBhB,CAAQ,6CAClBc,EAAW,KAAK,MAAM,WAAA,EAIvC,MAAMG,EAAyBC,EAAAA,gBAC7B,IAAI,WAAWF,EAAW,MAAM,CAAA,EAChC,YAAA,EACF,GAAIC,IAA2BT,EAC7B,MAAM,IAAI,MACR,sCAAsCR,CAAQ,oCACxBQ,CAAwB,uBACzCS,CAAsB,iGAAA,EAY/B,MAAME,EAAkB,OAAOH,EAAW,KAAK,EAC/C,GAAIG,IAAoBV,EACtB,MAAM,IAAI,MACR,+BAA+BT,CAAQ,oCAC1BS,CAAiB,2BACzBU,CAAe,wFAAA,EAKxB,MAAMC,EAAWL,EAAAA,YAAY,QAAQL,CAAW,EAEhD,GAAIU,EAAS,IAAI,SAAW,EAC1B,MAAM,IAAI,MACR,qDAAqDA,EAAS,IAAI,MAAM,EAAA,EAI5E,MAAMC,EAAcD,EAAS,IAAI,CAAC,EAG5BE,EAAeR,EAAW,MAAA,EAC1BS,EAAkBL,EAAAA,gBACtB,IAAI,WAAWG,EAAY,IAAI,EAAE,MAAA,EAAQ,QAAA,CAAQ,EAEnD,GAAIE,IAAoBD,EACtB,MAAM,IAAI,MACR,uEACcA,CAAY,SAASC,CAAe,EAAA,EAGtD,GAAIF,EAAY,QAAUrB,EACxB,MAAM,IAAI,MACR,sBAAsBqB,EAAY,KAAK,qCAAqCrB,CAAQ,EAAA,EAIxF,MAAMwB,EAAO,IAAIC,OA+BjB,GA9BAD,EAAK,WAAWJ,EAAS,OAAO,EAChCI,EAAK,YAAYJ,EAAS,QAAQ,EAElCI,EAAK,SAAS,CACZ,KAAMH,EAAY,KAClB,MAAOA,EAAY,MACnB,SAAUA,EAAY,SACtB,YAAa,CACX,OAAQL,EAAW,OACnB,MAAOA,EAAW,KAAA,EAEpB,cAAe,CACb,CACE,YAAaU,EAAAA,uBACb,OAAQC,EAAAA,OAAO,KAAKC,EAAAA,gBAAgBjB,EAAc,YAAY,CAAC,EAC/D,aAAcgB,EAAAA,OAAO,KACnBC,EAAAA,gBAAgBjB,EAAc,kBAAkB,CAAA,CAClD,CACF,EAEF,eAAgBgB,EAAAA,OAAO,KAAKE,EAAAA,iBAAiB,CAAA,CAC9C,EASGT,EAAS,KAAK,SAAW,EAC3B,MAAM,IAAI,MACR,sDAAsDA,EAAS,KAAK,MAAM,EAAA,EAG9E,MAAMU,EAAeV,EAAS,KAAK,CAAC,EAC9BW,EAAgCC,EAAAA,eACpCC,EAAAA,2BAA2BnC,EAAe,eAAe,CAAA,EACzD,YAAA,EACIoC,EAAiChB,EAAAA,gBACrC,IAAI,WAAWY,EAAa,MAAM,CAAA,EAClC,YAAA,EACF,GAAII,IAAmCH,EACrC,MAAM,IAAI,MACR,8BAA8BG,CAA8B,kDAClBH,CAA6B,2EAAA,EAU3E,MAAMI,EAA4BhB,EAAkBlB,EACpD,GAAI,OAAO6B,EAAa,KAAK,IAAMK,EACjC,MAAM,IAAI,MACR,uBAAuB,OAAOL,EAAa,KAAK,CAAC,sCAC7BX,CAAe,gCAC9BlB,CAAS,kBAAkBkC,CAAyB,6EAAA,EAK7D,OAAAX,EAAK,UAAU,CACb,OAAQM,EAAa,OACrB,MAAOA,EAAa,KAAA,CACrB,EAEM,CAAE,QAASN,EAAK,OAAM,CAC/B,QAAA,CACEjB,GAAA,MAAAA,EAAU,OACVF,EAAW,KAAA,CACb,CACF,CC7PA,eAAsB+B,EACpBxC,EACiB,CACjB,MAAMyC,EAAgBL,EAAAA,eAAepC,EAAO,aAAa,EACnD0C,EAAavB,EAAAA,YAAY,QAAQsB,CAAa,EAG9C,CAAE,eAAAE,EAAgB,qBAAAC,CAAA,EACtB,MAAMC,EAAAA,4BACJ7C,EAAO,gBACPA,EAAO,gBAAA,EAGL8C,EAAcd,EAAAA,gBAAgBW,CAAc,EAC5CI,EAAoBf,EAAAA,gBAAgBY,CAAoB,EAExDhB,EAAO,IAAIC,OACjBD,EAAK,WAAWc,EAAW,OAAO,EAClCd,EAAK,YAAYc,EAAW,QAAQ,EAGpC,QAASM,EAAI,EAAGA,EAAIN,EAAW,IAAI,OAAQM,IAAK,CAC9C,MAAMC,EAAQP,EAAW,IAAIM,CAAC,EACxBE,EAAUlD,EAAO,SAASgD,CAAC,EAEjC,GAAI,CAACE,EACH,MAAM,IAAI,MAAM,kCAAkCF,CAAC,EAAE,EAGvD,MAAMG,EAAiD,CACrD,KAAMF,EAAM,KACZ,MAAOA,EAAM,MACb,SAAUA,EAAM,SAChB,YAAa,CACX,OAAQlB,EAAAA,OAAO,KAAKC,EAAAA,gBAAgBI,EAAAA,eAAec,EAAQ,aAAa,CAAC,CAAC,EAC1E,MAAOA,EAAQ,KAAA,CACjB,EAIEF,IAAM,IACRG,EAAU,cAAgB,CACxB,CACE,YAAarB,EAAAA,uBACb,OAAQC,EAAAA,OAAO,KAAKe,CAAW,EAC/B,aAAcf,EAAAA,OAAO,KAAKgB,CAAiB,CAAA,CAC7C,EAEFI,EAAU,eAAiBpB,SAAO,KAAKE,EAAAA,iBAAiB,GAG1DL,EAAK,SAASuB,CAAS,CACzB,CAGA,UAAWC,KAAUV,EAAW,KAC9Bd,EAAK,UAAU,CACb,OAAQwB,EAAO,OACf,MAAOA,EAAO,KAAA,CACf,EAGH,OAAOxB,EAAK,MAAA,CACd,CAmBO,SAASyB,EACdZ,EACAa,EACAC,EACM,CACN,MAAMC,EAAKrC,EAAAA,YAAY,QAAQiB,EAAAA,eAAeK,CAAa,CAAC,EAE5D,GAAIe,EAAG,KAAK,SAAW,EACrB,MAAM,IAAI,MACR,wDAAwDA,EAAG,KAAK,MAAM,EAAA,EAI1E,MAAMC,EAAQzB,EAAAA,gBAAgB0B,EAAAA,wBAAwBJ,CAAgB,CAAC,EACjE,CAAE,OAAQK,GAAmBC,EAAAA,SAAS,KAAK,CAC/C,eAAgB7B,EAAAA,OAAO,KAAK0B,CAAK,EACjC,QAASI,EAAAA,WAAWN,CAAO,CAAA,CAC5B,EACD,GAAI,CAACI,EACH,MAAM,IAAI,MACR,qFAAA,EAIJ,GAAI,CAACH,EAAG,KAAK,CAAC,EAAE,OAAO,OAAOG,CAAc,EAC1C,MAAM,IAAI,MACR,kFAAA,CAGN"}

package/dist/primeVpAuth-Br6RwE3r.cjs

@@ -1,2 +0,0 @@
-"use strict";var ge=Object.defineProperty;var fe=(r,e,t)=>e in r?ge(r,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):r[e]=t;var p=(r,e,t)=>fe(r,typeof e!="symbol"?e+"":e,t);const K=require("./BTCVaultRegistry.abi-JdeqLz4x.cjs"),f=require("./ApplicationRegistry.abi-BAPhJch3.cjs"),E=require("./mempoolApi-C_9JhjCI.cjs"),H=require("./types-WA0LrDk1.cjs"),m=require("./bitcoin-CHfKAhcI.cjs"),k=require("./validation-u8W7Lp2x.cjs"),_e=require("@bitcoin-js/tiny-secp256k1-asmjs"),C=require("bitcoinjs-lib"),S=require("buffer"),X=require("./sha2-DsrLC4NM.cjs");function me(r){const e=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(r){for(const t in r)if(t!=="default"){const n=Object.getOwnPropertyDescriptor(r,t);Object.defineProperty(e,t,n.get?n:{enumerable:!0,get:()=>r[t]})}}return e.default=r,Object.freeze(e)}const U=me(_e);async function be(r,e){const[t,n]=await r.multicall({contracts:[{address:e,abi:K.BTCVaultRegistryABI,functionName:"protocolParams"},{address:e,abi:K.BTCVaultRegistryABI,functionName:"applicationRegistry"}],allowFailure:!1});return{protocolParams:t,applicationRegistry:n}}const q=65535;function I(r){return{timelockAssert:r.timelockAssert,timelockChallengeAssert:r.timelockChallengeAssert,securityCouncilKeys:[...r.securityCouncilKeys],councilQuorum:r.councilQuorum,feeRate:r.feeRate,babeTotalInstances:r.babeTotalInstances,babeInstancesToFinalize:r.babeInstancesToFinalize,minVpCommissionBps:r.minVpCommissionBps,tRefund:r.tRefund,tStale:r.tStale,minPeginFeeRate:r.minPeginFeeRate,proverCircuitVersion:r.proverCircuitVersion,minPrepeginDepth:r.minPrepeginDepth}}function J(r){return{minimumPegInAmount:r.minimumPegInAmount,maxPegInAmount:r.maxPegInAmount,pegInAckTimeout:r.pegInAckTimeout,pegInActivationTimeout:r.pegInActivationTimeout,maxHtlcOutputCount:r.maxHtlcOutputCount,expiredPegInGraceBlocks:r.expiredPegInGraceBlocks}}function Y(r){if(r>BigInt(q))throw new Error(`timelockAssert value ${r} exceeds uint16 max (${q})`);return Number(r)}class ye{constructor(e,t){this.publicClient=e,this.contractAddress=t}async getTBVProtocolParams(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getTBVProtocolParams"}),t=J(e);return E.validateTBVProtocolParams(t),t}async getLatestOffchainParams(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getLatestOffchainParams"}),t=I(e);return E.validateOffchainParams(t),t}async getOffchainParamsByVersion(e){const t=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getOffchainParamsByVersion",args:[e]}),n=I(t);return E.validateOffchainParams(n),n}async getLatestOffchainParamsVersion(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"latestOffchainParamsVersion"}),t=Number(e);return E.assertValidOffchainParamsVersion(t),t}async getTimelockPeginByVersion(e){const t=await this.getOffchainParamsByVersion(e);return Y(t.timelockAssert)}async getPegInConfiguration(){const e=await this.publicClient.multicall({contracts:[{address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getTBVProtocolParams"},{address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getLatestOffchainParams"},{address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"latestOffchainParamsVersion"}],allowFailure:!1}),t=J(e[0]),n=I(e[1]),s=Number(e[2]),i={minimumPegInAmount:t.minimumPegInAmount,maxPegInAmount:t.maxPegInAmount,pegInAckTimeout:t.pegInAckTimeout,pegInActivationTimeout:t.pegInActivationTimeout,maxHtlcOutputCount:t.maxHtlcOutputCount,expiredPegInGraceBlocks:t.expiredPegInGraceBlocks,timelockPegin:Y(n.timelockAssert),timelockRefund:n.tRefund,minVpCommissionBps:n.minVpCommissionBps,offchainParams:n,offchainParamsVersion:s};return E.validatePegInConfiguration(i),i}async fetchAllOffchainParams(e){const t=await this.getLatestOffchainParamsVersion();if(t===0)return{byVersion:new Map,latestVersion:0};const n=Array.from({length:t},(c,u)=>u+1),s=n.map(c=>({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getOffchainParamsByVersion",args:[c]})),i=await this.publicClient.multicall({contracts:s,allowFailure:!1}),o=new Map;for(let c=0;c<n.length;c++){const u=I(i[c]);try{E.validateOffchainParams(u),o.set(n[c],u)}catch(d){e==null||e(n[c],d instanceof Error?d:new Error(String(d)))}}return{byVersion:o,latestVersion:t}}}function N(r){return r.map(e=>({ethAddress:e.ethAddress,btcPubKey:e.btcPubKey}))}class Pe{constructor(e,t){this.publicClient=e,this.contractAddress=t}async getVaultKeepersByVersion(e,t){const n=await this.publicClient.readContract({address:this.contractAddress,abi:f.ApplicationRegistryABI,functionName:"getVaultKeepersByVersion",args:[e,t]});return N(n)}async getCurrentVaultKeepers(e){const t=await this.publicClient.readContract({address:this.contractAddress,abi:f.ApplicationRegistryABI,functionName:"getCurrentVaultKeepers",args:[e]});return N(t)}async getCurrentVaultKeepersVersion(e){return await this.publicClient.readContract({address:this.contractAddress,abi:f.ApplicationRegistryABI,functionName:"getCurrentVaultKeepersVersion",args:[e]})}}class we{constructor(e,t){this.publicClient=e,this.contractAddress=t}async getUniversalChallengersByVersion(e){const t=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getUniversalChallengersByVersion",args:[e]});return N(t)}async getCurrentUniversalChallengers(){const e=await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"getCurrentUniversalChallengers"});return N(e)}async getLatestUniversalChallengersVersion(){return await this.publicClient.readContract({address:this.contractAddress,abi:f.ProtocolParamsABI,functionName:"latestUniversalChallengersVersion"})}}var te=(r=>(r[r.PENDING=0]="PENDING",r[r.VERIFIED=1]="VERIFIED",r[r.ACTIVE=2]="ACTIVE",r[r.REDEEMED=3]="REDEEMED",r[r.EXPIRED=4]="EXPIRED",r))(te||{});const z=new Set(Object.values(H.DaemonStatus)),ve=200;function l(r){var e;return((e=JSON.stringify(r))==null?void 0:e.slice(0,ve))??"undefined"}const xe="The vault provider returned an unexpected response. Please try again or contact support.";class a extends Error{constructor(t){super(xe);p(this,"detail");this.name="VpResponseValidationError",this.detail=t}}const T=64;function v(r){return typeof r=="string"&&r.length>0&&k.HEX_RE.test(r)}function re(r){return typeof r=="string"&&r.length>0}function ne(r,e){if(!v(r))throw new a(`VP response validation failed: "${e}" must be a non-empty hex string, got ${l(r)}`)}function b(r,e){if(!re(r))throw new a(`VP response validation failed: "${e}" must be a non-empty string, got ${l(r)}`)}function M(r,e){if(!v(r)||r.length!==m.X_ONLY_PUBKEY_HEX_LEN&&r.length!==m.COMPRESSED_PUBKEY_HEX_LEN)throw new a(`VP response validation failed: "${e}" must be a ${m.X_ONLY_PUBKEY_HEX_LEN} or ${m.COMPRESSED_PUBKEY_HEX_LEN}-char hex string (BTC pubkey), got ${l(r)}`)}function Ae(r){const e=r.presigning;if(e==null)return;if(typeof e!="object"||Array.isArray(e))throw new a('VP response validation failed: "progress.presigning" must be an object if present');const t=e;if(t.depositor_graph_created!==void 0&&typeof t.depositor_graph_created!="boolean")throw new a(`VP response validation failed: "progress.presigning.depositor_graph_created" must be a boolean if present, got ${l(t.depositor_graph_created)}`);if(t.vk_challenger_presigning_completed!==void 0&&typeof t.vk_challenger_presigning_completed!="number")throw new a(`VP response validation failed: "progress.presigning.vk_challenger_presigning_completed" must be a number if present, got ${l(t.vk_challenger_presigning_completed)}`);if(t.vk_challenger_presigning_total!==void 0&&typeof t.vk_challenger_presigning_total!="number")throw new a(`VP response validation failed: "progress.presigning.vk_challenger_presigning_total" must be a number if present, got ${l(t.vk_challenger_presigning_total)}`)}function se(r){if(r===null||typeof r!="object")throw new a("VP response validation failed: getPeginStatus response is not an object");const e=r;if(!v(e.pegin_txid)||e.pegin_txid.length!==T)throw new a(`VP response validation failed: "pegin_txid" must be a ${T}-char hex string (txid), got ${l(e.pegin_txid)}`);if(typeof e.status!="string")throw new a('VP response validation failed: "status" must be a string');if(!z.has(e.status))throw new a(`VP response validation failed: unrecognized status "${e.status}". Expected one of: ${[...z].join(", ")}`);if(e.progress===null||typeof e.progress!="object"||Array.isArray(e.progress))throw new a('VP response validation failed: "progress" must be an object');if(Ae(e.progress),typeof e.health_info!="string")throw new a('VP response validation failed: "health_info" must be a string');if(e.last_error!==void 0&&typeof e.last_error!="string")throw new a(`VP response validation failed: "last_error" must be a string if present, got ${l(e.last_error)}`)}function Ee(r){if(r===null||typeof r!="object")throw new a("VP response validation failed: requestDepositorPresignTransactions response is not an object");const e=r;if(!Array.isArray(e.txs))throw new a('VP response validation failed: "txs" must be an array');for(let t=0;t<e.txs.length;t++)Se(e.txs[t],`txs[${t}]`);if(e.depositor_graph===null||typeof e.depositor_graph!="object")throw new a('VP response validation failed: "depositor_graph" must be an object');Be(e.depositor_graph)}function P(r,e){if(r===null||typeof r!="object")throw new a(`VP response validation failed: "${e}" must be an object`);ne(r.tx_hex,`${e}.tx_hex`)}function Se(r,e){if(r===null||typeof r!="object")throw new a(`VP response validation failed: "${e}" must be an object`);const t=r;M(t.claimer_pubkey,`${e}.claimer_pubkey`),P(t.claim_tx,`${e}.claim_tx`),P(t.assert_tx,`${e}.assert_tx`),P(t.payout_tx,`${e}.payout_tx`),b(t.payout_psbt,`${e}.payout_psbt`)}function Te(r,e){if(r===null||typeof r!="object")throw new a(`VP response validation failed: "${e}" must be an object`);const t=r;b(t.wots_pks_json,`${e}.wots_pks_json`),b(t.gc_wots_keys_json,`${e}.gc_wots_keys_json`)}function ke(r,e){if(r===null||typeof r!="object")throw new a(`VP response validation failed: "${e}" must be an object`);const t=r;if(M(t.challenger_pubkey,`${e}.challenger_pubkey`),P(t.challenge_assert_x_tx,`${e}.challenge_assert_x_tx`),P(t.challenge_assert_y_tx,`${e}.challenge_assert_y_tx`),P(t.nopayout_tx,`${e}.nopayout_tx`),b(t.nopayout_psbt,`${e}.nopayout_psbt`),!Array.isArray(t.challenge_assert_connectors))throw new a(`VP response validation failed: "${e}.challenge_assert_connectors" must be an array`);for(let n=0;n<t.challenge_assert_connectors.length;n++)Te(t.challenge_assert_connectors[n],`${e}.challenge_assert_connectors[${n}]`);if(!Array.isArray(t.output_label_hashes))throw new a(`VP response validation failed: "${e}.output_label_hashes" must be an array`);for(let n=0;n<t.output_label_hashes.length;n++)ne(t.output_label_hashes[n],`${e}.output_label_hashes[${n}]`)}function ie(r){if(r===null||typeof r!="object")throw new a("VP response validation failed: requestDepositorClaimerArtifacts response is not an object");const e=r;if(!re(e.tx_graph_json))throw new a(`VP response validation failed: "tx_graph_json" must be a non-empty string, got ${l(e.tx_graph_json)}`);if(!v(e.verifying_key_hex))throw new a(`VP response validation failed: "verifying_key_hex" must be a non-empty hex string, got ${l(e.verifying_key_hex)}`);if(e.babe_sessions===null||typeof e.babe_sessions!="object"||Array.isArray(e.babe_sessions))throw new a('VP response validation failed: "babe_sessions" must be an object');const t=Object.entries(e.babe_sessions);if(t.length===0)throw new a('VP response validation failed: "babe_sessions" must contain at least one challenger entry');for(const[n,s]of t){if(M(n,`babe_sessions["${n}"]`),s===null||typeof s!="object")throw new a(`VP response validation failed: "babe_sessions.${n}" must be an object`);const i=s;if(!v(i.decryptor_artifacts_hex))throw new a(`VP response validation failed: "babe_sessions.${n}.decryptor_artifacts_hex" must be a non-empty hex string, got ${l(i.decryptor_artifacts_hex)}`)}}function Ve(r){if(r===null||typeof r!="object")throw new a("VP response validation failed: pegout status payload is not an object");const e=r;if(!v(e.pegin_txid)||e.pegin_txid.length!==T)throw new a(`VP response validation failed: "pegin_txid" must be a ${T}-char hex string (txid), got ${l(e.pegin_txid)}`);if(typeof e.found!="boolean")throw new a(`VP response validation failed: "found" must be a boolean, got ${l(e.found)}`);if(e.claimer!==null){if(typeof e.claimer!="object")throw new a(`VP response validation failed: "claimer" must be an object or null, got ${l(e.claimer)}`);$e(e.claimer)}if(!Array.isArray(e.challengers))throw new a(`VP response validation failed: "challengers" must be an array, got ${l(e.challengers)}`);for(let t=0;t<e.challengers.length;t++)Ce(e.challengers[t],t)}function $e(r){if(b(r.status,"claimer.status"),typeof r.failed!="boolean")throw new a(`VP response validation failed: "claimer.failed" must be a boolean, got ${l(r.failed)}`);if(b(r.claim_txid,"claimer.claim_txid"),b(r.claimer_pubkey,"claimer.claimer_pubkey"),b(r.assert_txid,"claimer.assert_txid"),typeof r.created_at!="number")throw new a(`VP response validation failed: "claimer.created_at" must be a number, got ${l(r.created_at)}`);if(typeof r.updated_at!="number")throw new a(`VP response validation failed: "claimer.updated_at" must be a number, got ${l(r.updated_at)}`)}function Ce(r,e){if(r===null||typeof r!="object")throw new a(`VP response validation failed: "challengers[${e}]" must be an object, got ${l(r)}`);const t=r;if(b(t.status,`challengers[${e}].status`),b(t.claim_txid,`challengers[${e}].claim_txid`),b(t.claimer_pubkey,`challengers[${e}].claimer_pubkey`),R(t.assert_txid,`challengers[${e}].assert_txid`),R(t.challenge_assert_x_txid,`challengers[${e}].challenge_assert_x_txid`),R(t.challenge_assert_y_txid,`challengers[${e}].challenge_assert_y_txid`),R(t.nopayout_txid,`challengers[${e}].nopayout_txid`),typeof t.created_at!="number")throw new a(`VP response validation failed: "challengers[${e}].created_at" must be a number, got ${l(t.created_at)}`);if(typeof t.updated_at!="number")throw new a(`VP response validation failed: "challengers[${e}].updated_at" must be a number, got ${l(t.updated_at)}`)}function R(r,e){if(r!==null&&typeof r!="string")throw new a(`VP response validation failed: "${e}" must be a string or null, got ${l(r)}`)}function Ie(r){ae(r,"batchGetPeginStatus",e=>{e.result!==null&&se(e.result)})}function Re(r){ae(r,"batchGetPegoutStatus",e=>{e.result!==null&&Ve(e.result)})}function ae(r,e,t){if(r===null||typeof r!="object")throw new a(`VP response validation failed: ${e} response is not an object`);const n=r;if(!Array.isArray(n.results))throw new a(`VP response validation failed: "${e}.results" must be an array, got ${l(n.results)}`);for(let s=0;s<n.results.length;s++){const i=n.results[s];if(i===null||typeof i!="object")throw new a(`VP response validation failed: "${e}.results[${s}]" must be an object, got ${l(i)}`);const o=i;if(!v(o.pegin_txid)||o.pegin_txid.length!==T)throw new a(`VP response validation failed: "${e}.results[${s}].pegin_txid" must be a ${T}-char hex string, got ${l(o.pegin_txid)}`);if(o.error!==null&&typeof o.error!="string")throw new a(`VP response validation failed: "${e}.results[${s}].error" must be a string or null, got ${l(o.error)}`);if(o.result===null&&o.error===null)throw new a(`VP response validation failed: "${e}.results[${s}]" has neither "result" nor "error" populated`);if(o.result!==null&&o.error!==null)throw new a(`VP response validation failed: "${e}.results[${s}]" has both "result" and "error" populated`);t(o,s)}}function Be(r){if(P(r.claim_tx,"depositor_graph.claim_tx"),P(r.assert_tx,"depositor_graph.assert_tx"),P(r.payout_tx,"depositor_graph.payout_tx"),b(r.payout_psbt,"depositor_graph.payout_psbt"),!Array.isArray(r.challenger_presign_data))throw new a('VP response validation failed: "depositor_graph.challenger_presign_data" must be an array');for(let e=0;e<r.challenger_presign_data.length;e++)ke(r.challenger_presign_data[e],`depositor_graph.challenger_presign_data[${e}]`);if(typeof r.offchain_params_version!="number")throw new a('VP response validation failed: "depositor_graph.offchain_params_version" must be a number')}const Ne=6e4;class oe{constructor(e,t){p(this,"client");const n={baseUrl:e,timeout:(t==null?void 0:t.timeout)??Ne,retries:t==null?void 0:t.retries,retryDelay:t==null?void 0:t.retryDelay,retryableFor:t==null?void 0:t.retryableFor,headers:t==null?void 0:t.headers,tokenProvider:t==null?void 0:t.tokenProvider,maxResponseBytes:t==null?void 0:t.maxResponseBytes};this.client=new H.JsonRpcClient(n)}async requestDepositorPresignTransactions(e,t){const n=await this.client.call("vaultProvider_requestDepositorPresignTransactions",e,t);return Ee(n),n}async submitDepositorPresignatures(e,t){return this.client.call("vaultProvider_submitDepositorPresignatures",e,t)}async submitDepositorWotsKey(e,t){return this.client.call("vaultProvider_submitDepositorWotsKey",e,t)}async requestDepositorClaimerArtifacts(e,t){const n=await this.client.call("vaultProvider_requestDepositorClaimerArtifacts",e,t);return ie(n),n}async getPeginStatus(e,t){const n=await this.client.call("vaultProvider_getPeginStatus",e,t);return se(n),n}async batchGetPeginStatus(e,t){const n=await this.client.call("vaultProvider_batchGetPeginStatus",e,t);return Ie(n),n}async batchGetPegoutStatus(e,t){const n=await this.client.call("vaultProvider_batchGetPegoutStatus",e,t);return Re(n),n}}function De(r,e){const t=new Set;for(const u of r)t.add(u.toLowerCase());const n=new Map,s=new Set,i=[],o=[];for(const u of e){const d=u.pegin_txid.toLowerCase();if(!t.has(d)){o.push(d);continue}if(s.has(d)){i.push(d);continue}s.add(d),n.set(d,{result:u.result,error:u.error})}const c=[];for(const u of t)s.has(u)||c.push(u);return{byTxid:n,missing:c,unexpected:o,duplicate:i}}async function He(r){const{items:e,getTxid:t,batchCall:n,onItem:s,onMissing:i,onDuplicate:o,onDuplicateBatch:c,onWholeBatchError:u,onUnexpected:d,batchSize:_=H.VP_BATCH_MAX_SIZE}=r;if(!Number.isInteger(_)||_<=0)throw new Error(`batchPollByProvider: batchSize must be a positive integer, got ${_}`);for(let w=0;w<e.length;w+=_){const x=e.slice(w,w+_),V=new Map,O=[];for(const h of x){const y=t(h).toLowerCase();V.set(y,h),O.push(y)}let A;try{const h=await n(O);A=De(O,h.results)}catch(h){u(x,h);continue}d&&A.unexpected.length>0&&d(A.unexpected);const $=new Set(A.duplicate);for(const h of $){const y=V.get(h);y&&o(y)}c&&$.size>0&&c($.size);for(const h of A.missing){const y=V.get(h);y&&i(y)}for(const[h,y]of A.byTxid){if($.has(h))continue;const F=V.get(h);F&&s(F,{pegin_txid:h,result:y.result,error:y.error})}}}const Oe="BIP0322-signed-message",Ge="TapTweak",ce=32,je=64;function le(r,e){const t=new TextEncoder().encode(r),n=X.sha256(t),s=new Uint8Array(n.length*2+e.length);return s.set(n,0),s.set(n,n.length),s.set(e,n.length*2),X.sha256(s)}function Ue(r){if(r.length!==ce)return null;const e=le(Ge,r),t=U.xOnlyPointAddTweak(r,e);return t?t.xOnlyPubkey:null}function Me(r,e,t){if(e.length!==ce||t.length!==je)return!1;try{const n=le(Oe,r),s=C.payments.p2tr({internalPubkey:S.Buffer.from(e)});if(!s.output)return!1;const i=s.output,o=0,c=new C.Transaction;c.version=0,c.locktime=0;const u=S.Buffer.concat([S.Buffer.from([0,32]),S.Buffer.from(n)]);c.addInput(S.Buffer.alloc(32,0),4294967295,0,u),c.addOutput(i,o);const d=new C.Transaction;d.version=0,d.locktime=0;const _=c.getHash();d.addInput(_,0,0),d.addOutput(S.Buffer.from([106]),o);const w=d.hashForWitnessV1(0,[i],[o],C.Transaction.SIGHASH_DEFAULT),x=Ue(e);return x?U.verifySchnorr(w,x,t):!1}catch{return!1}}function D(r,e){const t=(r&7)<<5,n=typeof e=="bigint"?e:BigInt(e);if(n<0n)throw new Error("cborHead: negative argument");if(n<24n)return new Uint8Array([t|Number(n)]);if(n<0x100n)return new Uint8Array([t|24,Number(n)]);if(n<0x10000n){const i=Number(n);return new Uint8Array([t|25,i>>>8&255,i&255])}if(n<0x100000000n){const i=Number(n);return new Uint8Array([t|26,i>>>24&255,i>>>16&255,i>>>8&255,i&255])}const s=new Uint8Array(9);s[0]=t|27;for(let i=7;i>=0;i--)s[1+i]=Number(n>>BigInt((7-i)*8))&255;return s}function ue(...r){const e=r.reduce((s,i)=>s+i.length,0),t=new Uint8Array(e);let n=0;for(const s of r)t.set(s,n),n+=s.length;return t}function W(r){const t=[D(4,r.length)];for(const n of r)t.push(D(0,n));return ue(...t)}function Le(r,e,t){if(!Number.isSafeInteger(t)||t<0)throw new Error(`encodeServerIdentityPayload: expires_at must be a non-negative safe integer, got ${t}`);const n=D(4,3),s=W(r),i=W(e),o=D(0,t);return ue(n,s,i,o)}const Fe=new TextEncoder().encode("btc-auth.server-identity.v1"),Ke=2*3600;class g extends Error{constructor(e,t){super(e),this.reason=t,this.name="ServerIdentityError"}}function B(r){const e=new Uint8Array(r.length/2);for(let t=0;t<e.length;t++)e[t]=parseInt(r.slice(t*2,t*2+2),16);return e}function de(r){const{proof:e,pinnedServerPubkey:t,now:n}=r,s=r.maxLifetimeSecs??Ke,i=m.stripHexPrefix(t).toLowerCase();if(i.length!==m.X_ONLY_PUBKEY_HEX_LEN||!k.HEX_RE.test(i))throw new g(`pinnedServerPubkey must be 32-byte hex; got ${i.length} chars`,"invalid_pubkey_encoding");const o=m.stripHexPrefix(e.server_pubkey).toLowerCase();if(o.length!==m.X_ONLY_PUBKEY_HEX_LEN||!k.HEX_RE.test(o))throw new g(`server_pubkey must be 32-byte hex; got ${o.length} chars`,"invalid_pubkey_encoding");if(o!==i)throw new g(`server_pubkey does not match pinned value: expected ${i}, got ${o}`,"pinned_pubkey_mismatch");if(!Number.isSafeInteger(e.expires_at))throw new g(`expires_at must be a finite integer; got ${JSON.stringify(e.expires_at)}`,"invalid_expires_at");if(!Number.isSafeInteger(n))throw new g(`now must be a finite integer; got ${JSON.stringify(n)}`,"invalid_expires_at");if(e.expires_at<=n)throw new g(`server identity proof expired at ${e.expires_at}, now ${n}`,"expired");if(!Number.isSafeInteger(s)||s<=0)throw new g(`maxLifetimeSecs must be a positive safe integer; got ${JSON.stringify(s)}`,"invalid_max_lifetime");if(e.expires_at-n>s)throw new g(`server identity proof expires too far in the future: expires_at=${e.expires_at}, now=${n}, max lifetime=${s}s`,"expires_too_far");const c=m.stripHexPrefix(e.ephemeral_pubkey).toLowerCase();if(c.length!==m.COMPRESSED_PUBKEY_HEX_LEN||!k.HEX_RE.test(c))throw new g(`ephemeral_pubkey must be 33-byte compressed hex; got ${c.length} chars`,"invalid_ephemeral_pubkey");const u=c.slice(0,2);if(u!=="02"&&u!=="03")throw new g(`ephemeral_pubkey must be compressed (prefix 02/03); got ${u}`,"invalid_ephemeral_pubkey");const d=B(c);if(!U.isPoint(d))throw new g("ephemeral_pubkey is not a valid secp256k1 point","invalid_ephemeral_pubkey");const _=m.stripHexPrefix(e.signature).toLowerCase();if(_.length!==m.SCHNORR_SIG_HEX_LEN||!k.HEX_RE.test(_))throw new g(`signature must be 64-byte Schnorr hex; got ${_.length} chars`,"invalid_signature_encoding");const w=Le(Fe,B(c),e.expires_at);if(!Me(w,B(o),B(_)))throw new g("BIP-322 signature verification failed — ephemeral key is not attested by pinned server pubkey","signature_verification_failed")}const Z=new Set(["vaultProvider_submitDepositorWotsKey","vaultProvider_submitDepositorPresignatures","vaultProvider_requestDepositorPresignTransactions"]),Q=new Set(["vaultProvider_requestDepositorClaimerArtifacts"]),Xe=6e4,G="auth_createDepositorToken",j="auth_createDepositorTokenGrpc";function pe(r,e){return new H.JsonRpcClient({baseUrl:r,timeout:Xe,headers:e,retryableFor:t=>t===G||t===j})}const ee=4102444800,qe=30;class Je{constructor(e){p(this,"client");p(this,"peginTxid");p(this,"authAnchorHex");p(this,"pinnedServerPubkey");p(this,"authGatedMethods");p(this,"grpcGatedMethods");p(this,"refreshSkewSecs");p(this,"now");p(this,"cachedJsonRpc",null);p(this,"inFlightJsonRpc",null);p(this,"cachedGrpc",null);p(this,"inFlightGrpc",null);this.client=e.client,this.peginTxid=e.peginTxid,this.authAnchorHex=e.authAnchorHex,this.pinnedServerPubkey=e.pinnedServerPubkey,this.authGatedMethods=e.authGatedMethods,this.grpcGatedMethods=e.grpcGatedMethods,this.refreshSkewSecs=e.refreshSkewSecs??qe,this.now=e.now??(()=>Math.floor(Date.now()/1e3))}async getToken(e){return e===G||e===j?null:this.grpcGatedMethods.has(e)?this.getTokenForSubject("grpc"):this.authGatedMethods.has(e)?this.getTokenForSubject("jsonrpc"):null}invalidate(){this.cachedJsonRpc=null,this.cachedGrpc=null}async getTokenForSubject(e){const t=e==="grpc"?this.cachedGrpc:this.cachedJsonRpc;return t&&this.now()+this.refreshSkewSecs<t.expiresAt?t.token:(await this.acquireSingleFlight(e)).token}setClient(e){this.client=e}acquireSingleFlight(e){const t=e==="grpc"?this.inFlightGrpc:this.inFlightJsonRpc;if(t)return t;const n=e==="grpc"?j:G,s=(async()=>{try{const i=await this.client.call(n,{pegin_txid:this.peginTxid,auth_anchor:this.authAnchorHex});if(de({proof:i.server_identity,pinnedServerPubkey:this.pinnedServerPubkey,now:this.now()}),typeof i.token!="string"||i.token.length===0)throw new Error(`VpTokenProvider: invalid token in acquire response (expected non-empty string, got ${typeof i.token})`);const o=this.now();if(!Number.isSafeInteger(i.expires_at)||i.expires_at<=o||i.expires_at>ee)throw new Error(`VpTokenProvider: invalid expires_at in acquire response (got ${JSON.stringify(i.expires_at)}; must be a safe integer in (${o}, ${ee}])`);const c={token:i.token,expiresAt:i.expires_at};return e==="grpc"?this.cachedGrpc=c:this.cachedJsonRpc=c,c}finally{e==="grpc"?this.inFlightGrpc=null:this.inFlightJsonRpc=null}})();return e==="grpc"?this.inFlightGrpc=s:this.inFlightJsonRpc=s,s}}class he{constructor(){p(this,"entries",new Map)}getOrCreate(e){const t=e.enableGrpcArtifactAuth??!1,n=this.entries.get(e.peginTxid);if(n){if(n.authAnchorHex!==e.authAnchorHex)throw new Error(`VpTokenRegistry: peginTxid ${e.peginTxid} already bound to authAnchorHex ${n.authAnchorHex.slice(0,8)}…; got ${e.authAnchorHex.slice(0,8)}…`);if(n.pinnedServerPubkey!==e.pinnedServerPubkey)throw new Error(`VpTokenRegistry: peginTxid ${e.peginTxid} already bound to pinnedServerPubkey ${n.pinnedServerPubkey.slice(0,8)}…; got ${e.pinnedServerPubkey.slice(0,8)}…`);if(n.enableGrpcArtifactAuth!==t)throw new Error(`VpTokenRegistry: peginTxid ${e.peginTxid} already bound to enableGrpcArtifactAuth=${n.enableGrpcArtifactAuth}; got ${t}`);return n.provider.setClient(e.client),n.provider}const s=new Je({client:e.client,peginTxid:e.peginTxid,authAnchorHex:e.authAnchorHex,pinnedServerPubkey:e.pinnedServerPubkey,authGatedMethods:t?Z:new Set([...Z,...Q]),grpcGatedMethods:t?Q:new Set});return this.entries.set(e.peginTxid,{provider:s,authAnchorHex:e.authAnchorHex,pinnedServerPubkey:e.pinnedServerPubkey,enableGrpcArtifactAuth:t}),s}peek(e){var t;return(t=this.entries.get(e))==null?void 0:t.provider}release(e){this.entries.delete(e)}clear(){this.entries.clear()}get size(){return this.entries.size}}const L=new he;function Ye(r){var n;const e=pe(r.baseUrl,(n=r.options)==null?void 0:n.headers),t=L.getOrCreate({client:e,peginTxid:r.peginTxid,authAnchorHex:r.authAnchorHex,pinnedServerPubkey:r.pinnedServerPubkey,enableGrpcArtifactAuth:r.enableGrpcArtifactAuth});return new oe(r.baseUrl,{...r.options,tokenProvider:t})}function ze(r){L.getOrCreate({client:pe(r.baseUrl,r.headers),peginTxid:r.peginTxid,authAnchorHex:r.authAnchorHex,pinnedServerPubkey:r.pinnedServerPubkey,enableGrpcArtifactAuth:r.enableGrpcArtifactAuth})}exports.OnChainBtcVaultStatus=te;exports.ServerIdentityError=g;exports.VaultProviderRpcClient=oe;exports.ViemProtocolParamsReader=ye;exports.ViemUniversalChallengerReader=we;exports.ViemVaultKeeperReader=Pe;exports.VpResponseValidationError=a;exports.VpTokenRegistry=he;exports.batchPollByProvider=He;exports.createAuthenticatedVpClient=Ye;exports.primeVpTokenRegistry=ze;exports.resolveProtocolAddresses=be;exports.validateRequestDepositorClaimerArtifactsResponse=ie;exports.verifyServerIdentity=de;exports.vpTokenRegistry=L;
-//# sourceMappingURL=primeVpAuth-Br6RwE3r.cjs.map

package/dist/primeVpAuth-Br6RwE3r.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"primeVpAuth-Br6RwE3r.cjs","sources":["../src/tbv/core/clients/eth/contract-address-resolver.ts","../src/tbv/core/clients/eth/protocol-params-reader.ts","../src/tbv/core/clients/eth/signer-set-reader.ts","../src/tbv/core/clients/eth/types.ts","../src/tbv/core/clients/vault-provider/validators.ts","../src/tbv/core/clients/vault-provider/api.ts","../src/tbv/core/clients/vault-provider/batchAttribution.ts","../src/tbv/core/clients/vault-provider/batchPoll.ts","../src/tbv/core/clients/vault-provider/auth/bip322Verify.ts","../src/tbv/core/clients/vault-provider/auth/cbor.ts","../src/tbv/core/clients/vault-provider/auth/serverIdentity.ts","../src/tbv/core/clients/vault-provider/auth/gatedMethods.ts","../src/tbv/core/clients/vault-provider/auth/innerTokenClient.ts","../src/tbv/core/clients/vault-provider/auth/tokenProvider.ts","../src/tbv/core/clients/vault-provider/auth/tokenRegistry.ts","../src/tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient.ts","../src/tbv/core/clients/vault-provider/auth/primeVpAuth.ts"],"sourcesContent":["/**\n * Contract Address Resolver\n *\n * Resolves ProtocolParams and ApplicationRegistry contract addresses\n * from the BTCVaultRegistry contract. These addresses are needed to\n * construct the SDK's contract readers.\n *\n * @module clients/eth/contract-address-resolver\n */\n\nimport type { Address, PublicClient } from \"viem\";\n\nimport { BTCVaultRegistryABI } from \"../../contracts/abis/BTCVaultRegistry.abi\";\n\nexport interface ProtocolAddresses {\n  /** Address of the ProtocolParams contract */\n  protocolParams: Address;\n  /** Address of the ApplicationRegistry contract */\n  applicationRegistry: Address;\n}\n\n/**\n * Resolve ProtocolParams and ApplicationRegistry addresses from BTCVaultRegistry.\n *\n * Uses a single multicall for atomicity and efficiency.\n *\n * @param publicClient - viem PublicClient instance\n * @param btcVaultRegistryAddress - Address of the BTCVaultRegistry contract\n * @returns Resolved contract addresses\n */\nexport async function resolveProtocolAddresses(\n  publicClient: PublicClient,\n  btcVaultRegistryAddress: Address,\n): Promise<ProtocolAddresses> {\n  const [protocolParams, applicationRegistry] = await publicClient.multicall({\n    contracts: [\n      {\n        address: btcVaultRegistryAddress,\n        abi: BTCVaultRegistryABI,\n        functionName: \"protocolParams\",\n      },\n      {\n        address: btcVaultRegistryAddress,\n        abi: BTCVaultRegistryABI,\n        functionName: \"applicationRegistry\",\n      },\n    ],\n    allowFailure: false,\n  });\n\n  return {\n    protocolParams: protocolParams as Address,\n    applicationRegistry: applicationRegistry as Address,\n  };\n}\n","/**\n * Concrete ProtocolParams reader using viem's readContract and multicall.\n *\n * This is an optional utility — callers can use their own implementation\n * of the ProtocolParamsReader interface.\n */\n\nimport type { Abi, Address, Hex, PublicClient } from \"viem\";\n\nimport { ProtocolParamsABI } from \"../../contracts/abis/ProtocolParams.abi\";\nimport {\n  assertValidOffchainParamsVersion,\n  validateOffchainParams,\n  validatePegInConfiguration,\n  validateTBVProtocolParams,\n} from \"./protocol-params-validation\";\nimport type {\n  AllOffchainParamsData,\n  OnSkippedOffchainParamsVersion,\n  PegInConfiguration,\n  ProtocolParamsReader,\n  TBVProtocolParams,\n  VersionedOffchainParams,\n} from \"./types\";\n\n/**\n * Maximum value for a Solidity uint16.\n * PeginLogic.sol casts timelockAssert to uint16, so values above this are invalid.\n */\nconst UINT16_MAX = 65535;\n\n\n/**\n * Raw shape viem returns for VersionedOffchainParams struct.\n * viem resolves ABI struct outputs to named objects (not tuples).\n */\ninterface RawOffchainParams {\n  timelockAssert: bigint;\n  timelockChallengeAssert: bigint;\n  securityCouncilKeys: readonly Hex[];\n  councilQuorum: number;\n  feeRate: bigint;\n  babeTotalInstances: number;\n  babeInstancesToFinalize: number;\n  minVpCommissionBps: number;\n  tRefund: number;\n  tStale: number;\n  minPeginFeeRate: bigint;\n  proverCircuitVersion: number;\n  minPrepeginDepth: number;\n}\n\n/** Raw shape viem returns for TBVProtocolParams struct. */\ninterface RawTBVParams {\n  minimumPegInAmount: bigint;\n  maxPegInAmount: bigint;\n  pegInAckTimeout: bigint;\n  pegInActivationTimeout: bigint;\n  maxHtlcOutputCount: number;\n  expiredPegInGraceBlocks: bigint;\n}\n\n/** Map viem struct result to VersionedOffchainParams. */\nfunction mapOffchainParams(result: RawOffchainParams): VersionedOffchainParams {\n  return {\n    timelockAssert: result.timelockAssert,\n    timelockChallengeAssert: result.timelockChallengeAssert,\n    securityCouncilKeys: [...result.securityCouncilKeys],\n    councilQuorum: result.councilQuorum,\n    feeRate: result.feeRate,\n    babeTotalInstances: result.babeTotalInstances,\n    babeInstancesToFinalize: result.babeInstancesToFinalize,\n    minVpCommissionBps: result.minVpCommissionBps,\n    tRefund: result.tRefund,\n    tStale: result.tStale,\n    minPeginFeeRate: result.minPeginFeeRate,\n    proverCircuitVersion: result.proverCircuitVersion,\n    minPrepeginDepth: result.minPrepeginDepth,\n  };\n}\n\n/** Map viem struct result to TBVProtocolParams. */\nfunction mapTBVParams(result: RawTBVParams): TBVProtocolParams {\n  return {\n    minimumPegInAmount: result.minimumPegInAmount,\n    maxPegInAmount: result.maxPegInAmount,\n    pegInAckTimeout: result.pegInAckTimeout,\n    pegInActivationTimeout: result.pegInActivationTimeout,\n    maxHtlcOutputCount: result.maxHtlcOutputCount,\n    expiredPegInGraceBlocks: result.expiredPegInGraceBlocks,\n  };\n}\n\n/**\n * Derive timelockPegin from timelockAssert.\n *\n * Matches PeginLogic.sol: `uint16(timelockAssert)`.\n * The contract validates `timelockAssert <= type(uint16).max` on write,\n * but we enforce the same bound here to reject invalid values early\n * rather than silently truncating.\n *\n * @throws if timelockAssert exceeds uint16 max (65535)\n */\nfunction deriveTimelockPegin(timelockAssert: bigint): number {\n  if (timelockAssert > BigInt(UINT16_MAX)) {\n    throw new Error(\n      `timelockAssert value ${timelockAssert} exceeds uint16 max (${UINT16_MAX})`,\n    );\n  }\n  return Number(timelockAssert);\n}\n\n/**\n * Concrete protocol params reader using viem.\n *\n * Every read method runs the matching validator from\n * `protocol-params-validation` before returning, so callers don't have to\n * remember to validate.\n *\n * Usage:\n * ```ts\n * const reader = new ViemProtocolParamsReader(publicClient, protocolParamsAddress);\n * const config = await reader.getPegInConfiguration();\n * ```\n */\nexport class ViemProtocolParamsReader implements ProtocolParamsReader {\n  constructor(\n    private publicClient: PublicClient,\n    private contractAddress: Address,\n  ) {}\n\n  async getTBVProtocolParams(): Promise<TBVProtocolParams> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"getTBVProtocolParams\",\n    })) as RawTBVParams;\n\n    const params = mapTBVParams(result);\n    validateTBVProtocolParams(params);\n    return params;\n  }\n\n  async getLatestOffchainParams(): Promise<VersionedOffchainParams> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"getLatestOffchainParams\",\n    })) as RawOffchainParams;\n\n    const params = mapOffchainParams(result);\n    validateOffchainParams(params);\n    return params;\n  }\n\n  async getOffchainParamsByVersion(\n    version: number,\n  ): Promise<VersionedOffchainParams> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"getOffchainParamsByVersion\",\n      args: [version],\n    })) as RawOffchainParams;\n\n    const params = mapOffchainParams(result);\n    validateOffchainParams(params);\n    return params;\n  }\n\n  async getLatestOffchainParamsVersion(): Promise<number> {\n    const raw = await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"latestOffchainParamsVersion\",\n    });\n    const version = Number(raw);\n    assertValidOffchainParamsVersion(version);\n    return version;\n  }\n\n  async getTimelockPeginByVersion(version: number): Promise<number> {\n    const params = await this.getOffchainParamsByVersion(version);\n    return deriveTimelockPegin(params.timelockAssert);\n  }\n\n  /**\n   * Read TBV protocol params, latest offchain params, and the latest version\n   * label atomically via multicall. The version is paired with the params so\n   * that a governance update between separate reads cannot let JS build BTC\n   * scripts with version N params while the contract registers the vault\n   * under version N+1.\n   */\n  async getPegInConfiguration(): Promise<PegInConfiguration> {\n    const results = await this.publicClient.multicall({\n      contracts: [\n        {\n          address: this.contractAddress,\n          abi: ProtocolParamsABI,\n          functionName: \"getTBVProtocolParams\",\n        },\n        {\n          address: this.contractAddress,\n          abi: ProtocolParamsABI,\n          functionName: \"getLatestOffchainParams\",\n        },\n        {\n          address: this.contractAddress,\n          abi: ProtocolParamsABI,\n          functionName: \"latestOffchainParamsVersion\",\n        },\n      ],\n      allowFailure: false,\n    });\n\n    const tbvParams = mapTBVParams(results[0] as RawTBVParams);\n    const offchainParams = mapOffchainParams(results[1] as RawOffchainParams);\n    const offchainParamsVersion = Number(results[2]);\n\n    const config: PegInConfiguration = {\n      minimumPegInAmount: tbvParams.minimumPegInAmount,\n      maxPegInAmount: tbvParams.maxPegInAmount,\n      pegInAckTimeout: tbvParams.pegInAckTimeout,\n      pegInActivationTimeout: tbvParams.pegInActivationTimeout,\n      maxHtlcOutputCount: tbvParams.maxHtlcOutputCount,\n      expiredPegInGraceBlocks: tbvParams.expiredPegInGraceBlocks,\n      timelockPegin: deriveTimelockPegin(offchainParams.timelockAssert),\n      timelockRefund: offchainParams.tRefund,\n      minVpCommissionBps: offchainParams.minVpCommissionBps,\n      offchainParams,\n      offchainParamsVersion,\n    };\n\n    validatePegInConfiguration(config);\n    return config;\n  }\n\n  /**\n   * Fetch every historical offchain params version in a single multicall.\n   * Iterates 1..latestVersion and calls `getOffchainParamsByVersion` for each.\n   * Versions whose payload fails validation are skipped (not included in the\n   * returned map) so a single bad historical version doesn't block the\n   * lookup of the rest.\n   *\n   * @param onSkippedVersion - optional observer invoked once per skipped\n   *   version. Use to log/telemeter without coupling the SDK to a logger.\n   */\n  async fetchAllOffchainParams(\n    onSkippedVersion?: OnSkippedOffchainParamsVersion,\n  ): Promise<AllOffchainParamsData> {\n    const latestVersion = await this.getLatestOffchainParamsVersion();\n    if (latestVersion === 0) {\n      return { byVersion: new Map(), latestVersion: 0 };\n    }\n\n    const versions = Array.from({ length: latestVersion }, (_, i) => i + 1);\n    const contracts = versions.map((v) => ({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI as Abi,\n      functionName: \"getOffchainParamsByVersion\" as const,\n      args: [v] as const,\n    }));\n\n    const results = await this.publicClient.multicall({\n      contracts,\n      allowFailure: false,\n    });\n\n    const byVersion = new Map<number, VersionedOffchainParams>();\n    for (let i = 0; i < versions.length; i++) {\n      const params = mapOffchainParams(results[i] as RawOffchainParams);\n      try {\n        validateOffchainParams(params);\n        byVersion.set(versions[i], params);\n      } catch (error) {\n        // A malformed historical version mustn't block lookup of the rest.\n        // Surface the skip to the caller's observer if one was supplied.\n        onSkippedVersion?.(\n          versions[i],\n          error instanceof Error ? error : new Error(String(error)),\n        );\n      }\n    }\n\n    return { byVersion, latestVersion };\n  }\n}\n","/**\n * Concrete signer-set readers for vault keepers and universal challengers.\n *\n * These are optional utilities — callers can use their own implementations\n * of the VaultKeeperReader and UniversalChallengerReader interfaces.\n */\n\nimport type { Address, Hex, PublicClient } from \"viem\";\n\nimport { ApplicationRegistryABI } from \"../../contracts/abis/ApplicationRegistry.abi\";\nimport { ProtocolParamsABI } from \"../../contracts/abis/ProtocolParams.abi\";\nimport type {\n  AddressBTCKeyPair,\n  UniversalChallengerReader,\n  VaultKeeperReader,\n} from \"./types\";\n\n/** Map viem tuple array to AddressBTCKeyPair[]. */\nfunction mapKeyPairs(\n  result: readonly { ethAddress: Address; btcPubKey: Hex }[],\n): AddressBTCKeyPair[] {\n  return result.map((pair) => ({\n    ethAddress: pair.ethAddress,\n    btcPubKey: pair.btcPubKey,\n  }));\n}\n\n/**\n * Reads vault keepers from the ApplicationRegistry contract.\n *\n * Usage:\n * ```ts\n * const reader = new ViemVaultKeeperReader(publicClient, applicationRegistryAddress);\n * const keepers = await reader.getCurrentVaultKeepers(appEntryPoint);\n * ```\n */\nexport class ViemVaultKeeperReader implements VaultKeeperReader {\n  constructor(\n    private publicClient: PublicClient,\n    private contractAddress: Address,\n  ) {}\n\n  async getVaultKeepersByVersion(\n    appEntryPoint: Address,\n    version: number,\n  ): Promise<AddressBTCKeyPair[]> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ApplicationRegistryABI,\n      functionName: \"getVaultKeepersByVersion\",\n      args: [appEntryPoint, version],\n    })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n    return mapKeyPairs(result);\n  }\n\n  async getCurrentVaultKeepers(\n    appEntryPoint: Address,\n  ): Promise<AddressBTCKeyPair[]> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ApplicationRegistryABI,\n      functionName: \"getCurrentVaultKeepers\",\n      args: [appEntryPoint],\n    })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n    return mapKeyPairs(result);\n  }\n\n  async getCurrentVaultKeepersVersion(\n    appEntryPoint: Address,\n  ): Promise<number> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ApplicationRegistryABI,\n      functionName: \"getCurrentVaultKeepersVersion\",\n      args: [appEntryPoint],\n    })) as number;\n\n    return result;\n  }\n}\n\n/**\n * Reads universal challengers from the ProtocolParams contract.\n *\n * Usage:\n * ```ts\n * const reader = new ViemUniversalChallengerReader(publicClient, protocolParamsAddress);\n * const challengers = await reader.getCurrentUniversalChallengers();\n * ```\n */\nexport class ViemUniversalChallengerReader implements UniversalChallengerReader {\n  constructor(\n    private publicClient: PublicClient,\n    private contractAddress: Address,\n  ) {}\n\n  async getUniversalChallengersByVersion(\n    version: number,\n  ): Promise<AddressBTCKeyPair[]> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"getUniversalChallengersByVersion\",\n      args: [version],\n    })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n    return mapKeyPairs(result);\n  }\n\n  async getCurrentUniversalChallengers(): Promise<AddressBTCKeyPair[]> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"getCurrentUniversalChallengers\",\n    })) as readonly { ethAddress: Address; btcPubKey: Hex }[];\n\n    return mapKeyPairs(result);\n  }\n\n  async getLatestUniversalChallengersVersion(): Promise<number> {\n    const result = (await this.publicClient.readContract({\n      address: this.contractAddress,\n      abi: ProtocolParamsABI,\n      functionName: \"latestUniversalChallengersVersion\",\n    })) as number;\n\n    return result;\n  }\n}\n","/**\n * Types and interfaces for ETH contract readers.\n *\n * These are optional utilities — callers can use them or build their own.\n * Core service functions never import from this module.\n */\n\nimport type { Address, Hex } from \"viem\";\n\n// ============================================================================\n// Vault Registry Types\n// ============================================================================\n\ndeclare const onChainBtcPubkeyBrand: unique symbol;\n\n/**\n * 64-char lowercase hex (no `0x`) x-only BTC pubkey sourced from the\n * on-chain BTCVaultRegistry. The only legitimate producer is\n * {@link VaultRegistryReader.getVaultProviderBtcPubKey}.\n *\n * @stability frozen\n */\nexport type OnChainBtcPubkey = string & {\n  readonly [onChainBtcPubkeyBrand]: true;\n};\n\n/**\n * Mirrors `IBTCVaultRegistry.BTCVaultStatus` in BTCVaultRegistry.sol exactly.\n * Use this when consuming `status` from `getVaultBasicInfo` /\n * `getBtcVaultBasicInfo`.\n *\n * Do NOT confuse with the app-side `ContractStatus` enum\n * (`services/deposit/peginState.ts`) — that one is for the indexer and\n * extends this with values 5-7, reassigning 4 to LIQUIDATED. Reading an\n * on-chain status through `ContractStatus[n]` for labels will mislabel\n * Expired(4) as LIQUIDATED.\n */\nexport enum OnChainBtcVaultStatus {\n  PENDING = 0,\n  VERIFIED = 1,\n  ACTIVE = 2,\n  REDEEMED = 3,\n  EXPIRED = 4,\n}\n\n/** Basic vault info from BTCVaultRegistry.getBtcVaultBasicInfo */\nexport interface VaultBasicInfo {\n  depositor: Address;\n  depositorBtcPubKey: Hex;\n  amount: bigint;\n  vaultProvider: Address;\n  status: number;\n  applicationEntryPoint: Address;\n  createdAt: bigint;\n}\n\n/** Protocol info from BTCVaultRegistry.getBtcVaultProtocolInfo */\nexport interface VaultProtocolInfo {\n  depositorSignedPeginTx: Hex;\n  universalChallengersVersion: number;\n  appVaultKeepersVersion: number;\n  offchainParamsVersion: number;\n  verifiedAt: bigint;\n  depositorWotsPkHash: Hex;\n  hashlock: Hex;\n  htlcVout: number;\n  depositorPopSignature: Hex;\n  prePeginTxHash: Hex;\n  vaultProviderCommissionBps: number;\n  /** Block deadline (uint256) for depositor reclaim. TODO(#1690): wire to refund flow. */\n  claimExpiredUntil: bigint;\n  /** Vault core version (uint16) stamped at registration. VP-side gating only — see #1690. */\n  vaultCoreVersion: number;\n}\n\n/** Combined vault data (basic + protocol) */\nexport interface VaultData {\n  basic: VaultBasicInfo;\n  protocol: VaultProtocolInfo;\n}\n\n/** Interface for reading vault data from the BTCVaultRegistry contract. */\nexport interface VaultRegistryReader {\n  getVaultBasicInfo(vaultId: Hex): Promise<VaultBasicInfo>;\n  getVaultProtocolInfo(vaultId: Hex): Promise<VaultProtocolInfo>;\n  getProtocolInfoBatch(vaultIds: readonly Hex[]): Promise<VaultProtocolInfo[]>;\n  getVaultData(vaultId: Hex): Promise<VaultData>;\n  getVaultProviderBtcPubKey(vpAddress: Address): Promise<OnChainBtcPubkey>;\n  /** Read the protocol pegin fee (in wei) for a given vault provider. */\n  getPegInFee(vaultProvider: Address): Promise<bigint>;\n  /**\n   * Read a vault provider's current commission in basis points.\n   *\n   * Validates the contract-enforced `[0, 9999]` range — an out-of-range\n   * value signals a wrong contract address or ABI drift, not a real rate.\n   */\n  getVaultProviderCommission(vaultProvider: Address): Promise<number>;\n  /**\n   * Read `offchainParamsVersion` for many vaults in a single multicall.\n   * Returns versions in the same order as the input. Throws if any vault\n   * is missing on-chain.\n   */\n  getOffchainParamsVersionsByVaultIds(\n    vaultIds: readonly Hex[],\n  ): Promise<number[]>;\n}\n\n// ============================================================================\n// Protocol Params Types (from IProtocolParams.sol)\n// ============================================================================\n\n/**\n * TBV protocol parameters from the ProtocolParams contract.\n * Matches Solidity struct `IProtocolParams.TBVProtocolParams` exactly.\n *\n * All uint64 amounts use bigint (satoshi values can exceed 2^53).\n * uint8 uses number (bounded, max 255).\n */\nexport interface TBVProtocolParams {\n  minimumPegInAmount: bigint;\n  maxPegInAmount: bigint;\n  pegInAckTimeout: bigint;\n  pegInActivationTimeout: bigint;\n  maxHtlcOutputCount: number;\n  /**\n   * Number of blocks added to the activation deadline as a grace window\n   * during which a depositor may still reclaim an expired pegin via the\n   * HTLC preimage. Source: `IProtocolParams.TBVProtocolParams.expiredPegInGraceBlocks`.\n   */\n  expiredPegInGraceBlocks: bigint;\n}\n\n/**\n * Versioned offchain parameters from the ProtocolParams contract.\n * Matches Solidity struct `IProtocolParams.VersionedOffchainParams` exactly.\n *\n * bigint for: uint256 timelocks, uint64 fee rates/amounts.\n * number for: uint8/uint16/uint32 fields (bounded, safe for JS arithmetic).\n */\nexport interface VersionedOffchainParams {\n  timelockAssert: bigint;\n  timelockChallengeAssert: bigint;\n  securityCouncilKeys: Hex[];\n  councilQuorum: number;\n  feeRate: bigint;\n  babeTotalInstances: number;\n  babeInstancesToFinalize: number;\n  minVpCommissionBps: number;\n  tRefund: number;\n  tStale: number;\n  minPeginFeeRate: bigint;\n  proverCircuitVersion: number;\n  minPrepeginDepth: number;\n}\n\n/**\n * Combined peg-in configuration read atomically via multicall.\n * Prevents TOCTOU inconsistency if governance updates params between reads.\n */\nexport interface PegInConfiguration {\n  minimumPegInAmount: bigint;\n  maxPegInAmount: bigint;\n  pegInAckTimeout: bigint;\n  pegInActivationTimeout: bigint;\n  maxHtlcOutputCount: number;\n  expiredPegInGraceBlocks: bigint;\n  timelockPegin: number;\n  timelockRefund: number;\n  minVpCommissionBps: number;\n  offchainParams: VersionedOffchainParams;\n  /**\n   * Version label paired atomically with `offchainParams`.\n   * Read in the same multicall as the params struct so that, if a parameter\n   * update lands between separate reads, the script-construction code and\n   * the version label stay consistent.\n   */\n  offchainParamsVersion: number;\n}\n\n/**\n * All offchain params snapshots indexed by version, plus the latest version\n * number known when the snapshot was taken. Used by consumers that need to\n * resolve any historical version (e.g. signing for an existing vault locked\n * to an older version).\n */\nexport interface AllOffchainParamsData {\n  byVersion: Map<number, VersionedOffchainParams>;\n  latestVersion: number;\n}\n\n/**\n * Optional observer invoked by `fetchAllOffchainParams` when a historical\n * version fails validation. Called once per skipped version so callers can\n * log/telemeter without coupling the SDK to a specific logger.\n */\nexport type OnSkippedOffchainParamsVersion = (\n  version: number,\n  error: Error,\n) => void;\n\n/** Interface for reading protocol parameters from the ProtocolParams contract. */\nexport interface ProtocolParamsReader {\n  getTBVProtocolParams(): Promise<TBVProtocolParams>;\n  getOffchainParamsByVersion(version: number): Promise<VersionedOffchainParams>;\n  getLatestOffchainParams(): Promise<VersionedOffchainParams>;\n  getLatestOffchainParamsVersion(): Promise<number>;\n  getTimelockPeginByVersion(version: number): Promise<number>;\n  getPegInConfiguration(): Promise<PegInConfiguration>;\n  fetchAllOffchainParams(\n    onSkippedVersion?: OnSkippedOffchainParamsVersion,\n  ): Promise<AllOffchainParamsData>;\n}\n\n// ============================================================================\n// Signer-Set Types (from BTCVaultTypes.sol)\n// ============================================================================\n\n/**\n * Matches Solidity struct `BTCVaultTypes.AddressBTCKeyPair` exactly.\n * Used for vault keepers and universal challengers.\n */\nexport interface AddressBTCKeyPair {\n  ethAddress: Address;\n  btcPubKey: Hex;\n}\n\n/** Interface for reading vault keepers from the ApplicationRegistry contract. */\nexport interface VaultKeeperReader {\n  getVaultKeepersByVersion(\n    appEntryPoint: Address,\n    version: number,\n  ): Promise<AddressBTCKeyPair[]>;\n  getCurrentVaultKeepers(\n    appEntryPoint: Address,\n  ): Promise<AddressBTCKeyPair[]>;\n  getCurrentVaultKeepersVersion(appEntryPoint: Address): Promise<number>;\n}\n\n/** Interface for reading universal challengers from the ProtocolParams contract. */\nexport interface UniversalChallengerReader {\n  getUniversalChallengersByVersion(\n    version: number,\n  ): Promise<AddressBTCKeyPair[]>;\n  getCurrentUniversalChallengers(): Promise<AddressBTCKeyPair[]>;\n  getLatestUniversalChallengersVersion(): Promise<number>;\n}\n","/**\n * Runtime validation for vault provider RPC responses.\n *\n * All VP RPC methods return untyped JSON that TypeScript generics cast without\n * inspection. These validators check the critical top-level fields and\n * security-relevant values (status, txids, pubkeys). Optional progress\n * sub-fields (gc_data, ack_collection, claimer_graphs) are NOT validated\n * since they are informational and not used for signing or transaction\n * construction. Only `progress.presigning` sub-fields are checked.\n */\n\nimport {\n  COMPRESSED_PUBKEY_HEX_LEN,\n  X_ONLY_PUBKEY_HEX_LEN,\n} from \"../../primitives/utils/bitcoin\";\nimport { HEX_RE } from \"../../utils/validation\";\n\nimport { DaemonStatus } from \"./types\";\nimport type {\n  BatchGetPeginStatusResponse,\n  BatchGetPegoutStatusResponse,\n  GetPeginStatusResponse,\n  GetPegoutStatusResponse,\n  RequestDepositorClaimerArtifactsResponse,\n  RequestDepositorPresignTransactionsResponse,\n} from \"./types\";\n\nconst DAEMON_STATUS_VALUES = new Set<string>(Object.values(DaemonStatus));\n\nconst VP_ERROR_PREVIEW_MAX_LEN = 200;\n\nfunction preview(value: unknown): string {\n  return (\n    JSON.stringify(value)?.slice(0, VP_ERROR_PREVIEW_MAX_LEN) ?? \"undefined\"\n  );\n}\n\nconst VP_VALIDATION_USER_MESSAGE =\n  \"The vault provider returned an unexpected response. Please try again or contact support.\";\n\n/**\n * Thrown when a VP RPC response fails runtime validation.\n *\n * `.message` is a user-facing string safe to display in the UI.\n * `.detail` contains the technical reason, suitable for logging.\n */\nexport class VpResponseValidationError extends Error {\n  readonly detail: string;\n\n  constructor(detail: string) {\n    super(VP_VALIDATION_USER_MESSAGE);\n    this.name = \"VpResponseValidationError\";\n    this.detail = detail;\n  }\n}\n\n/** Expected length (in hex chars) of a Bitcoin transaction ID (32 bytes). */\nconst TXID_HEX_LEN = 64;\n\nfunction isNonEmptyHex(value: unknown): value is string {\n  return typeof value === \"string\" && value.length > 0 && HEX_RE.test(value);\n}\n\nfunction isNonEmptyString(value: unknown): value is string {\n  return typeof value === \"string\" && value.length > 0;\n}\n\nfunction assertNonEmptyHex(value: unknown, field: string): void {\n  if (!isNonEmptyHex(value)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be a non-empty hex string, got ${preview(value)}`,\n    );\n  }\n}\n\nfunction assertNonEmptyString(value: unknown, field: string): void {\n  if (!isNonEmptyString(value)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be a non-empty string, got ${preview(value)}`,\n    );\n  }\n}\n\n/**\n * Accept both x-only (64-char) and compressed (66-char) pubkeys from VP responses.\n * The signing code normalizes to x-only via processPublicKeyToXOnly().\n */\nfunction assertBtcPubkey(value: unknown, field: string): void {\n  if (\n    !isNonEmptyHex(value) ||\n    (value.length !== X_ONLY_PUBKEY_HEX_LEN &&\n      value.length !== COMPRESSED_PUBKEY_HEX_LEN)\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be a ${X_ONLY_PUBKEY_HEX_LEN} or ${COMPRESSED_PUBKEY_HEX_LEN}-char hex string (BTC pubkey), got ${preview(value)}`,\n    );\n  }\n}\n\n/**\n * Validate the optional presigning progress fields returned inside PeginProgressDetails.\n */\nfunction validatePresigningProgressFields(\n  progress: Record<string, unknown>,\n): void {\n  const presigning = progress.presigning;\n  if (presigning === undefined || presigning === null) return;\n  if (typeof presigning !== \"object\" || Array.isArray(presigning)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"progress.presigning\" must be an object if present`,\n    );\n  }\n\n  const p = presigning as Record<string, unknown>;\n\n  if (\n    p.depositor_graph_created !== undefined &&\n    typeof p.depositor_graph_created !== \"boolean\"\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"progress.presigning.depositor_graph_created\" must be a boolean if present, got ${preview(p.depositor_graph_created)}`,\n    );\n  }\n\n  if (\n    p.vk_challenger_presigning_completed !== undefined &&\n    typeof p.vk_challenger_presigning_completed !== \"number\"\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"progress.presigning.vk_challenger_presigning_completed\" must be a number if present, got ${preview(p.vk_challenger_presigning_completed)}`,\n    );\n  }\n\n  if (\n    p.vk_challenger_presigning_total !== undefined &&\n    typeof p.vk_challenger_presigning_total !== \"number\"\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"progress.presigning.vk_challenger_presigning_total\" must be a number if present, got ${preview(p.vk_challenger_presigning_total)}`,\n    );\n  }\n}\n\n/**\n * Validate a getPeginStatus response.\n *\n * Throws if the status field is not a recognized DaemonStatus value.\n */\nexport function validateGetPeginStatusResponse(\n  response: unknown,\n): asserts response is GetPeginStatusResponse {\n  if (response === null || typeof response !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: getPeginStatus response is not an object`,\n    );\n  }\n\n  const r = response as Record<string, unknown>;\n\n  if (!isNonEmptyHex(r.pegin_txid) || r.pegin_txid.length !== TXID_HEX_LEN) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string (txid), got ${preview(r.pegin_txid)}`,\n    );\n  }\n\n  if (typeof r.status !== \"string\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"status\" must be a string`,\n    );\n  }\n\n  if (!DAEMON_STATUS_VALUES.has(r.status)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: unrecognized status \"${r.status}\". Expected one of: ${[...DAEMON_STATUS_VALUES].join(\", \")}`,\n    );\n  }\n\n  if (\n    r.progress === null ||\n    typeof r.progress !== \"object\" ||\n    Array.isArray(r.progress)\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"progress\" must be an object`,\n    );\n  }\n\n  validatePresigningProgressFields(r.progress as Record<string, unknown>);\n\n  if (typeof r.health_info !== \"string\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"health_info\" must be a string`,\n    );\n  }\n\n  if (r.last_error !== undefined && typeof r.last_error !== \"string\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"last_error\" must be a string if present, got ${preview(r.last_error)}`,\n    );\n  }\n}\n\n/**\n * Validate a requestDepositorPresignTransactions response.\n */\nexport function validateRequestDepositorPresignTransactionsResponse(\n  response: unknown,\n): asserts response is RequestDepositorPresignTransactionsResponse {\n  if (response === null || typeof response !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: requestDepositorPresignTransactions response is not an object`,\n    );\n  }\n\n  const r = response as Record<string, unknown>;\n\n  if (!Array.isArray(r.txs)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"txs\" must be an array`,\n    );\n  }\n\n  for (let i = 0; i < r.txs.length; i++) {\n    validateClaimerTransactions(r.txs[i], `txs[${i}]`);\n  }\n\n  if (r.depositor_graph === null || typeof r.depositor_graph !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"depositor_graph\" must be an object`,\n    );\n  }\n\n  validateDepositorGraphTransactions(\n    r.depositor_graph as Record<string, unknown>,\n  );\n}\n\nfunction validateTransactionData(value: unknown, field: string): void {\n  if (value === null || typeof value !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be an object`,\n    );\n  }\n  const tx = value as Record<string, unknown>;\n  assertNonEmptyHex(tx.tx_hex, `${field}.tx_hex`);\n}\n\nfunction validateClaimerTransactions(value: unknown, field: string): void {\n  if (value === null || typeof value !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be an object`,\n    );\n  }\n\n  const tx = value as Record<string, unknown>;\n\n  assertBtcPubkey(tx.claimer_pubkey, `${field}.claimer_pubkey`);\n  validateTransactionData(tx.claim_tx, `${field}.claim_tx`);\n  validateTransactionData(tx.assert_tx, `${field}.assert_tx`);\n  validateTransactionData(tx.payout_tx, `${field}.payout_tx`);\n  assertNonEmptyString(tx.payout_psbt, `${field}.payout_psbt`);\n}\n\nfunction validateChallengeAssertConnectorData(\n  value: unknown,\n  field: string,\n): void {\n  if (value === null || typeof value !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be an object`,\n    );\n  }\n\n  const c = value as Record<string, unknown>;\n  assertNonEmptyString(c.wots_pks_json, `${field}.wots_pks_json`);\n  assertNonEmptyString(c.gc_wots_keys_json, `${field}.gc_wots_keys_json`);\n}\n\nfunction validatePresignDataPerChallenger(value: unknown, field: string): void {\n  if (value === null || typeof value !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be an object`,\n    );\n  }\n\n  const d = value as Record<string, unknown>;\n\n  assertBtcPubkey(d.challenger_pubkey, `${field}.challenger_pubkey`);\n  validateTransactionData(\n    d.challenge_assert_x_tx,\n    `${field}.challenge_assert_x_tx`,\n  );\n  validateTransactionData(\n    d.challenge_assert_y_tx,\n    `${field}.challenge_assert_y_tx`,\n  );\n  validateTransactionData(d.nopayout_tx, `${field}.nopayout_tx`);\n  assertNonEmptyString(d.nopayout_psbt, `${field}.nopayout_psbt`);\n\n  if (!Array.isArray(d.challenge_assert_connectors)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}.challenge_assert_connectors\" must be an array`,\n    );\n  }\n\n  for (let i = 0; i < d.challenge_assert_connectors.length; i++) {\n    validateChallengeAssertConnectorData(\n      d.challenge_assert_connectors[i],\n      `${field}.challenge_assert_connectors[${i}]`,\n    );\n  }\n\n  if (!Array.isArray(d.output_label_hashes)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}.output_label_hashes\" must be an array`,\n    );\n  }\n\n  for (let i = 0; i < d.output_label_hashes.length; i++) {\n    assertNonEmptyHex(\n      d.output_label_hashes[i],\n      `${field}.output_label_hashes[${i}]`,\n    );\n  }\n}\n\n/**\n * Validate a requestDepositorClaimerArtifacts response.\n */\nexport function validateRequestDepositorClaimerArtifactsResponse(\n  response: unknown,\n): asserts response is RequestDepositorClaimerArtifactsResponse {\n  if (response === null || typeof response !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: requestDepositorClaimerArtifacts response is not an object`,\n    );\n  }\n\n  const r = response as Record<string, unknown>;\n\n  if (!isNonEmptyString(r.tx_graph_json)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"tx_graph_json\" must be a non-empty string, got ${preview(r.tx_graph_json)}`,\n    );\n  }\n\n  if (!isNonEmptyHex(r.verifying_key_hex)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"verifying_key_hex\" must be a non-empty hex string, got ${preview(r.verifying_key_hex)}`,\n    );\n  }\n\n  if (\n    r.babe_sessions === null ||\n    typeof r.babe_sessions !== \"object\" ||\n    Array.isArray(r.babe_sessions)\n  ) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"babe_sessions\" must be an object`,\n    );\n  }\n\n  const sessionEntries = Object.entries(\n    r.babe_sessions as Record<string, unknown>,\n  );\n  if (sessionEntries.length === 0) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"babe_sessions\" must contain at least one challenger entry`,\n    );\n  }\n\n  for (const [key, session] of sessionEntries) {\n    assertBtcPubkey(key, `babe_sessions[\"${key}\"]`);\n    if (session === null || typeof session !== \"object\") {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"babe_sessions.${key}\" must be an object`,\n      );\n    }\n    const s = session as Record<string, unknown>;\n    if (!isNonEmptyHex(s.decryptor_artifacts_hex)) {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"babe_sessions.${key}.decryptor_artifacts_hex\" must be a non-empty hex string, got ${preview(s.decryptor_artifacts_hex)}`,\n      );\n    }\n  }\n}\n\n/**\n * Validate a single pegout status payload. Embedded by\n * `validateBatchGetPegoutStatusResponse`. Mirrors btc-vault\n * `crates/vaultd/src/rpc/server/pegout_status.rs::GetPegoutStatusResponse`.\n */\nexport function validateGetPegoutStatusResponse(\n  response: unknown,\n): asserts response is GetPegoutStatusResponse {\n  if (response === null || typeof response !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: pegout status payload is not an object`,\n    );\n  }\n\n  const r = response as Record<string, unknown>;\n\n  if (!isNonEmptyHex(r.pegin_txid) || r.pegin_txid.length !== TXID_HEX_LEN) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string (txid), got ${preview(r.pegin_txid)}`,\n    );\n  }\n\n  if (typeof r.found !== \"boolean\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"found\" must be a boolean, got ${preview(r.found)}`,\n    );\n  }\n\n  // `claimer` is `Option<ClaimerPegoutStatus>` server-side; null when absent.\n  if (r.claimer !== null) {\n    if (typeof r.claimer !== \"object\") {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"claimer\" must be an object or null, got ${preview(r.claimer)}`,\n      );\n    }\n    validateClaimerPegoutStatus(r.claimer as Record<string, unknown>);\n  }\n\n  // `challengers: Vec<ChallengerStatus>` server-side; always present (possibly empty).\n  if (!Array.isArray(r.challengers)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"challengers\" must be an array, got ${preview(r.challengers)}`,\n    );\n  }\n  for (let i = 0; i < r.challengers.length; i++) {\n    validateChallengerStatus(r.challengers[i], i);\n  }\n}\n\nfunction validateClaimerPegoutStatus(value: Record<string, unknown>): void {\n  assertNonEmptyString(value.status, \"claimer.status\");\n  if (typeof value.failed !== \"boolean\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"claimer.failed\" must be a boolean, got ${preview(value.failed)}`,\n    );\n  }\n  assertNonEmptyString(value.claim_txid, \"claimer.claim_txid\");\n  assertNonEmptyString(value.claimer_pubkey, \"claimer.claimer_pubkey\");\n  assertNonEmptyString(value.assert_txid, \"claimer.assert_txid\");\n  if (typeof value.created_at !== \"number\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"claimer.created_at\" must be a number, got ${preview(value.created_at)}`,\n    );\n  }\n  if (typeof value.updated_at !== \"number\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"claimer.updated_at\" must be a number, got ${preview(value.updated_at)}`,\n    );\n  }\n}\n\nfunction validateChallengerStatus(value: unknown, index: number): void {\n  if (value === null || typeof value !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"challengers[${index}]\" must be an object, got ${preview(value)}`,\n    );\n  }\n  const c = value as Record<string, unknown>;\n  assertNonEmptyString(c.status, `challengers[${index}].status`);\n  assertNonEmptyString(c.claim_txid, `challengers[${index}].claim_txid`);\n  assertNonEmptyString(c.claimer_pubkey, `challengers[${index}].claimer_pubkey`);\n  assertNullableString(c.assert_txid, `challengers[${index}].assert_txid`);\n  assertNullableString(\n    c.challenge_assert_x_txid,\n    `challengers[${index}].challenge_assert_x_txid`,\n  );\n  assertNullableString(\n    c.challenge_assert_y_txid,\n    `challengers[${index}].challenge_assert_y_txid`,\n  );\n  assertNullableString(c.nopayout_txid, `challengers[${index}].nopayout_txid`);\n  if (typeof c.created_at !== \"number\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"challengers[${index}].created_at\" must be a number, got ${preview(c.created_at)}`,\n    );\n  }\n  if (typeof c.updated_at !== \"number\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"challengers[${index}].updated_at\" must be a number, got ${preview(c.updated_at)}`,\n    );\n  }\n}\n\nfunction assertNullableString(value: unknown, field: string): void {\n  if (value !== null && typeof value !== \"string\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${field}\" must be a string or null, got ${preview(value)}`,\n    );\n  }\n}\n\n/**\n * Validate a `batchGetPeginStatus` response. Per-result envelope shape:\n * `{ pegin_txid, result: GetPeginStatusResponse | null, error: string | null }`.\n * The inner result (when non-null) is validated via the single-item validator.\n */\nexport function validateBatchGetPeginStatusResponse(\n  response: unknown,\n): asserts response is BatchGetPeginStatusResponse {\n  validateBatchEnvelope(response, \"batchGetPeginStatus\", (entry) => {\n    if (entry.result !== null) {\n      validateGetPeginStatusResponse(entry.result);\n    }\n  });\n}\n\n/** Validate a `batchGetPegoutStatus` response. Same envelope as peginStatus. */\nexport function validateBatchGetPegoutStatusResponse(\n  response: unknown,\n): asserts response is BatchGetPegoutStatusResponse {\n  validateBatchEnvelope(response, \"batchGetPegoutStatus\", (entry) => {\n    if (entry.result !== null) {\n      validateGetPegoutStatusResponse(entry.result);\n    }\n  });\n}\n\ninterface BatchResultEnvelope {\n  pegin_txid: string;\n  result: unknown;\n  error: string | null;\n}\n\nfunction validateBatchEnvelope(\n  response: unknown,\n  rpcName: string,\n  validateInnerResult: (entry: BatchResultEnvelope, index: number) => void,\n): void {\n  if (response === null || typeof response !== \"object\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: ${rpcName} response is not an object`,\n    );\n  }\n  const r = response as Record<string, unknown>;\n  if (!Array.isArray(r.results)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"${rpcName}.results\" must be an array, got ${preview(r.results)}`,\n    );\n  }\n  for (let i = 0; i < r.results.length; i++) {\n    const entry = r.results[i];\n    if (entry === null || typeof entry !== \"object\") {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"${rpcName}.results[${i}]\" must be an object, got ${preview(entry)}`,\n      );\n    }\n    const e = entry as Record<string, unknown>;\n    if (\n      !isNonEmptyHex(e.pegin_txid) ||\n      e.pegin_txid.length !== TXID_HEX_LEN\n    ) {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"${rpcName}.results[${i}].pegin_txid\" must be a ${TXID_HEX_LEN}-char hex string, got ${preview(e.pegin_txid)}`,\n      );\n    }\n    if (e.error !== null && typeof e.error !== \"string\") {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"${rpcName}.results[${i}].error\" must be a string or null, got ${preview(e.error)}`,\n      );\n    }\n    // Exactly one of `result` / `error` must be populated. The server only\n    // ever sets one per item; treating both-null as a protocol violation\n    // surfaces server bugs early instead of letting them silently degrade.\n    if (e.result === null && e.error === null) {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"${rpcName}.results[${i}]\" has neither \"result\" nor \"error\" populated`,\n      );\n    }\n    if (e.result !== null && e.error !== null) {\n      throw new VpResponseValidationError(\n        `VP response validation failed: \"${rpcName}.results[${i}]\" has both \"result\" and \"error\" populated`,\n      );\n    }\n    validateInnerResult(e as unknown as BatchResultEnvelope, i);\n  }\n}\n\nfunction validateDepositorGraphTransactions(\n  graph: Record<string, unknown>,\n): void {\n  validateTransactionData(graph.claim_tx, \"depositor_graph.claim_tx\");\n  validateTransactionData(graph.assert_tx, \"depositor_graph.assert_tx\");\n  validateTransactionData(graph.payout_tx, \"depositor_graph.payout_tx\");\n  assertNonEmptyString(graph.payout_psbt, \"depositor_graph.payout_psbt\");\n\n  if (!Array.isArray(graph.challenger_presign_data)) {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"depositor_graph.challenger_presign_data\" must be an array`,\n    );\n  }\n\n  for (let i = 0; i < graph.challenger_presign_data.length; i++) {\n    validatePresignDataPerChallenger(\n      graph.challenger_presign_data[i],\n      `depositor_graph.challenger_presign_data[${i}]`,\n    );\n  }\n\n  if (typeof graph.offchain_params_version !== \"number\") {\n    throw new VpResponseValidationError(\n      `VP response validation failed: \"depositor_graph.offchain_params_version\" must be a number`,\n    );\n  }\n}\n","/**\n * JSON-RPC client for the Vault Provider API.\n *\n * Wraps {@link JsonRpcClient} with typed methods matching the\n * `vaultProvider_*` RPC namespace defined in the btc-vault pegin spec.\n *\n * Implements the narrow service interfaces (PeginStatusReader, WotsKeySubmitter,\n * PresignClient, ClaimerArtifactsReader) so it can be passed directly to\n * any deposit protocol service function.\n *\n * @see https://github.com/babylonlabs-io/btc-vault/blob/main/docs/pegin.md\n */\n\nimport type { PeginStatusReader, WotsKeySubmitter, PresignClient, ClaimerArtifactsReader } from \"../../services/deposit/interfaces\";\n\nimport {\n  type BearerTokenProvider,\n  JsonRpcClient,\n  type JsonRpcClientConfig,\n} from \"./json-rpc-client\";\nimport type {\n  BatchGetPeginStatusParams,\n  BatchGetPeginStatusResponse,\n  BatchGetPegoutStatusParams,\n  BatchGetPegoutStatusResponse,\n  GetPeginStatusParams,\n  GetPeginStatusResponse,\n  RequestDepositorClaimerArtifactsParams,\n  RequestDepositorClaimerArtifactsResponse,\n  RequestDepositorPresignTransactionsParams,\n  RequestDepositorPresignTransactionsResponse,\n  SubmitDepositorPresignaturesParams,\n  SubmitDepositorWotsKeyParams,\n} from \"./types\";\nimport {\n  validateBatchGetPeginStatusResponse,\n  validateBatchGetPegoutStatusResponse,\n  validateGetPeginStatusResponse,\n  validateRequestDepositorClaimerArtifactsResponse,\n  validateRequestDepositorPresignTransactionsResponse,\n} from \"./validators\";\n\nexport interface VaultProviderRpcClientOptions {\n  /** Timeout in milliseconds per request (default: 60000) */\n  timeout?: number;\n  /** Number of retry attempts for safe methods (default: 3) */\n  retries?: number;\n  /** Initial retry delay in milliseconds (default: 1000) */\n  retryDelay?: number;\n  /**\n   * Custom retry predicate. Default retries only the idempotent read\n   * methods: `getPeginStatus`, `batchGetPeginStatus`, `batchGetPegoutStatus`,\n   * `requestDepositorPresignTransactions`.\n   */\n  retryableFor?: (method: string) => boolean;\n  /** Custom headers. */\n  headers?: Record<string, string>;\n  /**\n   * Per-request bearer-token source. A non-null return attaches\n   * `Authorization: Bearer <token>`; `null` skips auth. Wire a\n   * {@link VpTokenProvider} for depositor-gated methods.\n   */\n  tokenProvider?: BearerTokenProvider;\n  /** Maximum response body size, in bytes, for typed JSON-RPC calls */\n  maxResponseBytes?: number;\n}\n\nconst DEFAULT_TIMEOUT_MS = 60_000;\n\n/**\n * Concrete VP RPC client implementing all service interfaces.\n *\n * Usage:\n * ```ts\n * const client = new VaultProviderRpcClient(\"https://vp.example.com/rpc\");\n * const status = await client.getPeginStatus({ pegin_txid: \"abc...\" });\n * ```\n */\nexport class VaultProviderRpcClient\n  implements PeginStatusReader, WotsKeySubmitter, PresignClient, ClaimerArtifactsReader\n{\n  private client: JsonRpcClient;\n\n  constructor(baseUrl: string, options?: VaultProviderRpcClientOptions) {\n    const config: JsonRpcClientConfig = {\n      baseUrl,\n      timeout: options?.timeout ?? DEFAULT_TIMEOUT_MS,\n      retries: options?.retries,\n      retryDelay: options?.retryDelay,\n      retryableFor: options?.retryableFor,\n      headers: options?.headers,\n      tokenProvider: options?.tokenProvider,\n      maxResponseBytes: options?.maxResponseBytes,\n    };\n    this.client = new JsonRpcClient(config);\n  }\n\n  /**\n   * Request the payout/claim/assert transactions that the depositor\n   * needs to pre-sign before the vault can be activated on Bitcoin.\n   */\n  async requestDepositorPresignTransactions(\n    params: RequestDepositorPresignTransactionsParams,\n    signal?: AbortSignal,\n  ): Promise<RequestDepositorPresignTransactionsResponse> {\n    const response = await this.client.call<\n      RequestDepositorPresignTransactionsParams,\n      unknown\n    >(\"vaultProvider_requestDepositorPresignTransactions\", params, signal);\n    validateRequestDepositorPresignTransactionsResponse(response);\n    return response;\n  }\n\n  /**\n   * Submit the depositor's pre-signatures for the payout transactions\n   * and the depositor-as-claimer graph.\n   */\n  async submitDepositorPresignatures(\n    params: SubmitDepositorPresignaturesParams,\n    signal?: AbortSignal,\n  ): Promise<void> {\n    return this.client.call<SubmitDepositorPresignaturesParams, void>(\n      \"vaultProvider_submitDepositorPresignatures\",\n      params,\n      signal,\n    );\n  }\n\n  /**\n   * Submit the depositor's WOTS public key to the vault provider.\n   * Called after the pegin is finalized on Ethereum, when the VP is in\n   * `PendingDepositorWotsPK` status.\n   */\n  async submitDepositorWotsKey(\n    params: SubmitDepositorWotsKeyParams,\n    signal?: AbortSignal,\n  ): Promise<void> {\n    return this.client.call<SubmitDepositorWotsKeyParams, void>(\n      \"vaultProvider_submitDepositorWotsKey\",\n      params,\n      signal,\n    );\n  }\n\n  /**\n   * Request the BaBe DecryptorArtifacts needed for the depositor to\n   * independently evaluate garbled circuits during a challenge.\n   */\n  async requestDepositorClaimerArtifacts(\n    params: RequestDepositorClaimerArtifactsParams,\n    signal?: AbortSignal,\n  ): Promise<RequestDepositorClaimerArtifactsResponse> {\n    const response = await this.client.call<\n      RequestDepositorClaimerArtifactsParams,\n      unknown\n    >(\"vaultProvider_requestDepositorClaimerArtifacts\", params, signal);\n    validateRequestDepositorClaimerArtifactsResponse(response);\n    return response;\n  }\n\n  /** Get the current pegin status from the vault provider daemon. */\n  async getPeginStatus(\n    params: GetPeginStatusParams,\n    signal?: AbortSignal,\n  ): Promise<GetPeginStatusResponse> {\n    const response = await this.client.call<GetPeginStatusParams, unknown>(\n      \"vaultProvider_getPeginStatus\",\n      params,\n      signal,\n    );\n    validateGetPeginStatusResponse(response);\n    return response;\n  }\n\n  /**\n   * Get pegin status for many txids in one round trip. Per-result envelope\n   * isolates per-pegin failures from the overall RPC. Caller must chunk\n   * inputs at `VP_BATCH_MAX_SIZE`.\n   */\n  async batchGetPeginStatus(\n    params: BatchGetPeginStatusParams,\n    signal?: AbortSignal,\n  ): Promise<BatchGetPeginStatusResponse> {\n    const response = await this.client.call<\n      BatchGetPeginStatusParams,\n      unknown\n    >(\"vaultProvider_batchGetPeginStatus\", params, signal);\n    validateBatchGetPeginStatusResponse(response);\n    return response;\n  }\n\n  /**\n   * Get pegout status for many txids in one round trip. Same per-result\n   * envelope semantics as `batchGetPeginStatus`.\n   */\n  async batchGetPegoutStatus(\n    params: BatchGetPegoutStatusParams,\n    signal?: AbortSignal,\n  ): Promise<BatchGetPegoutStatusResponse> {\n    const response = await this.client.call<\n      BatchGetPegoutStatusParams,\n      unknown\n    >(\"vaultProvider_batchGetPegoutStatus\", params, signal);\n    validateBatchGetPegoutStatusResponse(response);\n    return response;\n  }\n}\n","/**\n * Defensive helper for attributing per-item results in a VP batch RPC\n * response back to the requested txids. The server promises 1:1 ordered\n * results, but we don't trust that promise — a server bug could duplicate,\n * skip, or scramble items, and silent attribution-by-array-index would\n * mask the bug.\n *\n * Lowercases all txids on both sides to absorb case mismatch (the FE\n * strips `0x` but doesn't otherwise normalize).\n *\n * @module tbv/core/clients/vault-provider/batchAttribution\n */\n\n/** Per-item entry in a VP batch response. */\nexport interface BatchResultEntry<T> {\n  pegin_txid: string;\n  result: T | null;\n  error: string | null;\n}\n\n/** Output of {@link attributeBatchResults}. */\nexport interface BatchAttributionResult<T> {\n  /** Lowercase requested txid -> per-item envelope. */\n  byTxid: Map<string, { result: T | null; error: string | null }>;\n  /** Requested txids that did not appear in the response. */\n  missing: string[];\n  /** Echoed txids that were not in the request — logged + dropped. */\n  unexpected: string[];\n  /** Echoed txids that appeared more than once — first kept, rest dropped. */\n  duplicate: string[];\n}\n\n/**\n * Attribute batch results to requested txids defensively.\n *\n * Both `requestedTxids` and the echoed `pegin_txid` field on each result\n * are lowercased before lookup. Duplicates and unexpected echoes are\n * surfaced so callers can flag the affected items as errored rather than\n * silently overwriting state.\n *\n * `requestedTxids` may contain duplicates; they are de-duplicated for the\n * purposes of map keys (each unique txid becomes a single map entry).\n */\nexport function attributeBatchResults<T>(\n  requestedTxids: string[],\n  results: ReadonlyArray<BatchResultEntry<T>>,\n): BatchAttributionResult<T> {\n  const requestedSet = new Set<string>();\n  for (const txid of requestedTxids) {\n    requestedSet.add(txid.toLowerCase());\n  }\n\n  const byTxid = new Map<\n    string,\n    { result: T | null; error: string | null }\n  >();\n  const seen = new Set<string>();\n  const duplicate: string[] = [];\n  const unexpected: string[] = [];\n\n  for (const entry of results) {\n    const lower = entry.pegin_txid.toLowerCase();\n    if (!requestedSet.has(lower)) {\n      unexpected.push(lower);\n      continue;\n    }\n    if (seen.has(lower)) {\n      duplicate.push(lower);\n      continue;\n    }\n    seen.add(lower);\n    byTxid.set(lower, { result: entry.result, error: entry.error });\n  }\n\n  const missing: string[] = [];\n  for (const txid of requestedSet) {\n    if (!seen.has(txid)) missing.push(txid);\n  }\n\n  return { byTxid, missing, unexpected, duplicate };\n}\n","/**\n * Generic chunk + attribute + dispatch loop for VP batch RPCs.\n *\n * Wraps {@link attributeBatchResults} with chunking and per-callback\n * dispatch so the FE polling hooks (and any future SDK consumer) only\n * have to declare per-item handlers — chunking by `VP_BATCH_MAX_SIZE`,\n * lowercase txid normalization, missing/duplicate/unexpected\n * surfacing, and the duplicate-skip invariant in the byTxid loop are\n * all owned here.\n *\n * @module tbv/core/clients/vault-provider/batchPoll\n */\n\nimport {\n  attributeBatchResults,\n  type BatchResultEntry,\n} from \"./batchAttribution\";\nimport { VP_BATCH_MAX_SIZE } from \"./types\";\n\nexport interface BatchPollByProviderOptions<TItem, TResult> {\n  /** Items to poll for this provider, e.g. `DepositToPoll[]`. */\n  items: TItem[];\n  /** Extract the canonical txid for each item. Helper lowercases it. */\n  getTxid: (item: TItem) => string;\n  /**\n   * Per-chunk RPC call. Receives lowercased txids; returns the batch\n   * envelope. Caller wraps `rpcClient.batchGet*Status({ pegin_txids })`.\n   */\n  batchCall: (\n    txids: string[],\n  ) => Promise<{ results: ReadonlyArray<BatchResultEntry<TResult>> }>;\n  /**\n   * Handle a per-item envelope. Exactly one of `result` / `error` is\n   * populated (validator invariant). Caller decides UI state, logging,\n   * etc. Not invoked for txids surfaced via {@link onDuplicate}.\n   *\n   * Note: `envelope.pegin_txid` is the lowercased txid the helper\n   * sent in the request, not whatever case/encoding the server echoed.\n   */\n  onItem: (item: TItem, envelope: BatchResultEntry<TResult>) => void;\n  /** Server omitted this item from the response. */\n  onMissing: (item: TItem) => void;\n  /** Server returned this item more than once. Caller picks UI state. */\n  onDuplicate: (item: TItem) => void;\n  /**\n   * Optional aggregate signal for an entire chunk where the server\n   * returned duplicates. Fires once per chunk (only if `count > 0`)\n   * AFTER all per-item `onDuplicate` dispatches. Caller typically logs\n   * the count alongside the provider name.\n   */\n  onDuplicateBatch?: (count: number) => void;\n  /**\n   * The whole chunk's RPC call failed (transport or response\n   * validation). Receives the chunk and the error. Caller decides how\n   * to project that onto per-item state.\n   */\n  onWholeBatchError: (chunk: TItem[], error: unknown) => void;\n  /**\n   * Server returned txids that were not in the request. Caller\n   * typically logs the count for observability — there's no recovery\n   * action since the original request items are unaffected. Optional;\n   * defaults to no-op.\n   */\n  onUnexpected?: (echoedTxids: string[]) => void;\n  /**\n   * Maximum items per RPC call. Defaults to {@link VP_BATCH_MAX_SIZE}.\n   * Exposed for tests so chunking can be exercised without 50+\n   * fixtures.\n   */\n  batchSize?: number;\n}\n\nexport async function batchPollByProvider<TItem, TResult>(\n  options: BatchPollByProviderOptions<TItem, TResult>,\n): Promise<void> {\n  const {\n    items,\n    getTxid,\n    batchCall,\n    onItem,\n    onMissing,\n    onDuplicate,\n    onDuplicateBatch,\n    onWholeBatchError,\n    onUnexpected,\n    batchSize = VP_BATCH_MAX_SIZE,\n  } = options;\n\n  if (!Number.isInteger(batchSize) || batchSize <= 0) {\n    throw new Error(\n      `batchPollByProvider: batchSize must be a positive integer, got ${batchSize}`,\n    );\n  }\n\n  for (let i = 0; i < items.length; i += batchSize) {\n    const chunk = items.slice(i, i + batchSize);\n    const txidToItem = new Map<string, TItem>();\n    const txids: string[] = [];\n    for (const item of chunk) {\n      const lowerTxid = getTxid(item).toLowerCase();\n      txidToItem.set(lowerTxid, item);\n      txids.push(lowerTxid);\n    }\n\n    // Both the RPC call and attribution sit inside the same try/catch\n    // so a malformed-batch validator throw is routed through\n    // `onWholeBatchError` rather than aborting the polling pass.\n    let attribution;\n    try {\n      const response = await batchCall(txids);\n      attribution = attributeBatchResults<TResult>(txids, response.results);\n    } catch (error) {\n      onWholeBatchError(chunk, error);\n      continue;\n    }\n\n    if (onUnexpected && attribution.unexpected.length > 0) {\n      onUnexpected(attribution.unexpected);\n    }\n\n    const duplicateTxids = new Set(attribution.duplicate);\n    for (const txid of duplicateTxids) {\n      const item = txidToItem.get(txid);\n      if (item) onDuplicate(item);\n    }\n    if (onDuplicateBatch && duplicateTxids.size > 0) {\n      onDuplicateBatch(duplicateTxids.size);\n    }\n    for (const txid of attribution.missing) {\n      const item = txidToItem.get(txid);\n      if (item) onMissing(item);\n    }\n    for (const [txid, envelope] of attribution.byTxid) {\n      // Skip duplicates — already dispatched via onDuplicate above.\n      if (duplicateTxids.has(txid)) continue;\n      const item = txidToItem.get(txid);\n      if (!item) continue;\n      onItem(item, {\n        pegin_txid: txid,\n        result: envelope.result,\n        error: envelope.error,\n      });\n    }\n  }\n}\n","/**\n * BIP-322 \"simple\" signature verification for P2TR key-path.\n *\n * Mirrors the Rust reference in\n * `btc-vault/crates/btc-signer/src/message.rs::verify_bip322_message`\n * (which delegates to `rust-bitcoin::bip322::verify_simple` for a\n * P2TR key-path-only address with no merkle root).\n *\n * The algorithm:\n *\n *   1. Compute the BIP-322 tagged-hash of the message:\n *        m_hash = SHA256( SHA256(tag) || SHA256(tag) || message )\n *      where tag = \"BIP0322-signed-message\".\n *\n *   2. Build a virtual \"to_spend\" transaction with one input (prevout\n *      all-zero txid + 0xFFFFFFFF vout, scriptSig = `OP_0 PUSH32 m_hash`,\n *      sequence = 0) and one output (value 0, scriptPubKey = P2TR for\n *      the signer's x-only pubkey).\n *\n *   3. Build a \"to_sign\" transaction that spends to_spend[0] and has a\n *      single `OP_RETURN` output (value 0).\n *\n *   4. Compute the BIP-341 taproot sighash of to_sign input 0 with\n *      SIGHASH_DEFAULT (0x00).\n *\n *   5. Verify the 64-byte Schnorr signature against the **tweaked**\n *      output key `Q = P + tap_tweak(P) * G`, where `tap_tweak(P) =\n *      hash_TapTweak(serialize_x_only(P))` (no merkle root — key-path\n *      only).\n *\n * `bitcoinjs-lib` handles (2)–(4); `tiny-secp256k1-asmjs` provides\n * the tweak and Schnorr verify. Pulling in a full BIP-322 library\n * would add a peer dep for what amounts to ~40 lines of glue.\n *\n * @module tbv/core/clients/vault-provider/auth/bip322Verify\n */\n\nimport * as ecc from \"@bitcoin-js/tiny-secp256k1-asmjs\";\nimport { payments, Transaction } from \"bitcoinjs-lib\";\n\nimport { Buffer } from \"buffer\";\nimport { sha256 } from \"@noble/hashes/sha2.js\";\n\n/** BIP-322 message tag (BIP-340 tagged-hash style). */\nconst BIP322_TAG = \"BIP0322-signed-message\";\n\n/** BIP-341 taproot-tweak tag. */\nconst TAPTWEAK_TAG = \"TapTweak\";\n\nconst X_ONLY_PUBKEY_SIZE = 32;\nconst SCHNORR_SIG_SIZE = 64;\n\n/**\n * BIP-340 tagged hash: `SHA256( SHA256(tag) || SHA256(tag) || data )`.\n * Used for both BIP-322 message hashing and BIP-341 tap-tweak.\n */\nfunction taggedHash(tag: string, data: Uint8Array): Uint8Array {\n  const tagBytes = new TextEncoder().encode(tag);\n  const tagHash = sha256(tagBytes);\n  const preimage = new Uint8Array(tagHash.length * 2 + data.length);\n  preimage.set(tagHash, 0);\n  preimage.set(tagHash, tagHash.length);\n  preimage.set(data, tagHash.length * 2);\n  return sha256(preimage);\n}\n\n/**\n * Apply BIP-341 taproot tweak to an x-only pubkey with no merkle\n * root (key-path-only address).\n *\n * `tap_tweak = hash_TapTweak(P)`\n * `Q = P + tap_tweak * G` (x-only, even-Y parity)\n *\n * Returns the tweaked 32-byte x-only pubkey, or null if the tweak\n * produces a point-at-infinity or invalid result.\n */\nfunction tweakXOnlyKey(xOnly: Uint8Array): Uint8Array | null {\n  if (xOnly.length !== X_ONLY_PUBKEY_SIZE) return null;\n  const tweak = taggedHash(TAPTWEAK_TAG, xOnly);\n  const tweaked = ecc.xOnlyPointAddTweak(xOnly, tweak);\n  return tweaked ? tweaked.xOnlyPubkey : null;\n}\n\n/**\n * Verify a BIP-322 \"simple\" P2TR key-path signature over an arbitrary\n * byte message.\n *\n * @internal Exposed only so the golden-vector test suite can pin the\n * verifier independently of `verifyServerIdentity`. Production callers\n * should use `verifyServerIdentity` from `./serverIdentity` instead.\n *\n * @param messageBytes - The bytes that were signed (e.g. a CBOR-encoded\n *                       payload). Not pre-hashed; this function applies\n *                       the BIP-322 tagged hash internally.\n * @param xOnlyPubkey  - 32-byte x-only pubkey of the signer (pre-tweak).\n * @param signature    - 64-byte raw Schnorr signature (BIP-340), as\n *                       emitted by a key-path witness with\n *                       SIGHASH_DEFAULT.\n * @returns `true` if the signature verifies against the address\n *          derived from `xOnlyPubkey`; `false` otherwise.\n */\nexport function verifyBip322Simple(\n  messageBytes: Uint8Array,\n  xOnlyPubkey: Uint8Array,\n  signature: Uint8Array,\n): boolean {\n  if (xOnlyPubkey.length !== X_ONLY_PUBKEY_SIZE) return false;\n  if (signature.length !== SCHNORR_SIG_SIZE) return false;\n\n  // Any exception from the underlying crypto libraries (e.g. the\n  // `Expected Point` error `tiny-secp256k1` throws when the supplied\n  // 32 bytes don't represent a valid x-coordinate on secp256k1) is\n  // treated as a verification failure rather than propagated — a\n  // verifier MUST return a boolean, not raise.\n  try {\n    // Step 1: BIP-322 tagged hash of the message.\n    const messageHash = taggedHash(BIP322_TAG, messageBytes);\n\n    // Step 2: scriptPubKey for the signer's P2TR key-path-only address.\n    // bitcoinjs-lib's `payments.p2tr({ internalPubkey })` computes the\n    // tweak and produces the `OP_1 <tweaked_xonly>` output script.\n    const p2tr = payments.p2tr({\n      internalPubkey: Buffer.from(xOnlyPubkey),\n    });\n    if (!p2tr.output) return false;\n    const scriptPubKey = p2tr.output;\n\n    // Step 3: build to_spend virtual tx.\n    //\n    // NOTE: bitcoinjs-lib v6.x's `Transaction.addOutput` and\n    // `hashForWitnessV1` are typed for `Satoshi` (a UInt53 number),\n    // not `bigint`. Passing `BigInt(0)` triggers a typeforce\n    // assertion in `addOutput` (\"Expected property '1' of type\n    // Satoshi, got BigInt 0\") which our outer try/catch silently\n    // turns into `verify -> false`. Use plain `0` everywhere.\n    const ZERO_SATS = 0;\n    const toSpend = new Transaction();\n    toSpend.version = 0;\n    toSpend.locktime = 0;\n    // scriptSig: OP_0 (0x00) + OP_PUSHBYTES_32 (0x20) + message_hash (32B)\n    const scriptSig = Buffer.concat([\n      Buffer.from([0x00, 0x20]),\n      Buffer.from(messageHash),\n    ]);\n    toSpend.addInput(\n      Buffer.alloc(32, 0), // prev_txid = 0x0000...0000\n      0xffffffff,          // prev_vout = 0xFFFFFFFF\n      0,                   // sequence = 0\n      scriptSig,\n    );\n    toSpend.addOutput(scriptPubKey, ZERO_SATS);\n\n    // Step 4: build to_sign virtual tx spending to_spend[0].\n    const toSign = new Transaction();\n    toSign.version = 0;\n    toSign.locktime = 0;\n    // Bitcoin txid in natural-byte (little-endian) form.\n    const toSpendTxid = toSpend.getHash();\n    toSign.addInput(toSpendTxid, 0, 0);\n    toSign.addOutput(Buffer.from([0x6a]), ZERO_SATS); // OP_RETURN\n\n    // Step 5: taproot sighash for to_sign input 0 (SIGHASH_DEFAULT).\n    const sighash = toSign.hashForWitnessV1(\n      0,\n      [scriptPubKey],\n      [ZERO_SATS],\n      Transaction.SIGHASH_DEFAULT,\n    );\n\n    // Step 6: tweak the x-only pubkey (no merkle root) and verify Schnorr.\n    const tweakedXOnly = tweakXOnlyKey(xOnlyPubkey);\n    if (!tweakedXOnly) return false;\n\n    return ecc.verifySchnorr(sighash, tweakedXOnly, signature);\n  } catch {\n    return false;\n  }\n}\n","/**\n * Minimal CBOR encoder for the server-identity payload shape.\n *\n * We only need to encode one specific CBOR structure — the 3-tuple\n * `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey_bytes, expires_at_u64)` —\n * byte-for-byte identical to what the Rust `ciborium` crate produces\n * for the corresponding tuple, because that's the exact message the\n * VP signs with BIP-322.\n *\n * IMPORTANT encoding quirk: the Rust side passes the domain and\n * pubkey as `&[u8]` / `Vec<u8>` without a `#[serde(with = \"serde_bytes\")]`\n * attribute, so serde/ciborium encodes them as **CBOR arrays of u8**\n * (major type 4, one item per byte) — NOT as CBOR byte strings (major\n * type 2). A naive byte-string encoding would produce the wrong bytes\n * and signature verification would fail.\n *\n * Rather than pull in a full CBOR dependency for this one shape, we\n * implement the exact subset inline (~40 LOC) and pin it with golden\n * vectors against the Rust reference output.\n *\n * @module tbv/core/clients/vault-provider/auth/cbor\n */\n\n/**\n * Encode a small CBOR unsigned-integer \"head\" byte for major type\n * `major` (0..7) with argument `arg` (0..2^64-1).\n *\n * Returns the header bytes; the caller concatenates any trailing data\n * (e.g. array elements). Encoding rules:\n *   arg < 24         → single byte `(major << 5) | arg`\n *   arg < 256        → `(major << 5) | 24` + 1-byte arg\n *   arg < 65536      → `(major << 5) | 25` + 2-byte BE arg\n *   arg < 2^32       → `(major << 5) | 26` + 4-byte BE arg\n *   arg < 2^64       → `(major << 5) | 27` + 8-byte BE arg\n */\nfunction cborHead(major: number, arg: number | bigint): Uint8Array {\n  const tag = (major & 0x07) << 5;\n  const n = typeof arg === \"bigint\" ? arg : BigInt(arg);\n  if (n < 0n) throw new Error(\"cborHead: negative argument\");\n\n  if (n < 24n) return new Uint8Array([tag | Number(n)]);\n  if (n < 0x100n) return new Uint8Array([tag | 24, Number(n)]);\n  if (n < 0x10000n) {\n    const v = Number(n);\n    return new Uint8Array([tag | 25, (v >>> 8) & 0xff, v & 0xff]);\n  }\n  if (n < 0x1_0000_0000n) {\n    const v = Number(n);\n    return new Uint8Array([\n      tag | 26,\n      (v >>> 24) & 0xff,\n      (v >>> 16) & 0xff,\n      (v >>> 8) & 0xff,\n      v & 0xff,\n    ]);\n  }\n  // 8-byte BE for u64 range\n  const out = new Uint8Array(9);\n  out[0] = tag | 27;\n  for (let i = 7; i >= 0; i--) {\n    out[1 + i] = Number(n >> BigInt((7 - i) * 8)) & 0xff;\n  }\n  return out;\n}\n\nfunction concat(...parts: Uint8Array[]): Uint8Array {\n  const total = parts.reduce((s, p) => s + p.length, 0);\n  const out = new Uint8Array(total);\n  let offset = 0;\n  for (const p of parts) {\n    out.set(p, offset);\n    offset += p.length;\n  }\n  return out;\n}\n\n/**\n * Encode a `Vec<u8>` / `&[u8]` the way ciborium does by default — as a\n * CBOR array of u8 (major type 4), one element per byte.\n *\n * Each byte becomes a CBOR unsigned integer (major type 0): bytes\n * < 24 are encoded as single bytes, bytes 24..255 as `0x18 XX`.\n */\nfunction encodeBytesAsArrayOfU8(bytes: Uint8Array): Uint8Array {\n  const header = cborHead(4, bytes.length);\n  const items: Uint8Array[] = [header];\n  for (const b of bytes) {\n    items.push(cborHead(0, b));\n  }\n  return concat(...items);\n}\n\n/**\n * Encode the server-identity payload the Rust side signs:\n *\n *     ciborium::into_writer(\n *       &(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey.serialize().to_vec(), expires_at),\n *       buf\n *     )\n *\n * Output bytes are byte-for-byte identical to the Rust reference,\n * pinned by the golden vector in the corresponding test file.\n *\n * @internal Exposed only for the golden-vector test that pins this\n * encoding against ciborium's output. Production callers reach this\n * via `verifyServerIdentity` from `./serverIdentity`.\n *\n * @param domain - Must be `\"btc-auth.server-identity.v1\"` (27 bytes)\n *                 — the constant from btc-vault's `server_identity.rs`.\n * @param ephemeralPubkeyCompressed - 33-byte SEC1-compressed pubkey.\n * @param expiresAt - Unix timestamp (seconds). Must be a safe integer.\n */\nexport function encodeServerIdentityPayload(\n  domain: Uint8Array,\n  ephemeralPubkeyCompressed: Uint8Array,\n  expiresAt: number,\n): Uint8Array {\n  if (!Number.isSafeInteger(expiresAt) || expiresAt < 0) {\n    throw new Error(\n      `encodeServerIdentityPayload: expires_at must be a non-negative safe integer, got ${expiresAt}`,\n    );\n  }\n  const arrayHeader = cborHead(4, 3); // 3-tuple encoded as array of 3\n  const domainBytes = encodeBytesAsArrayOfU8(domain);\n  const pubkeyBytes = encodeBytesAsArrayOfU8(ephemeralPubkeyCompressed);\n  const expiresAtBytes = cborHead(0, expiresAt);\n  return concat(arrayHeader, domainBytes, pubkeyBytes, expiresAtBytes);\n}\n","/**\n * Server-identity verification for the vault provider's\n * `auth_createDepositorToken` response.\n *\n * The VP returns a `ServerIdentityResponse` bundled with every issued\n * token:\n *\n *   - `server_pubkey`:    VP's persistent x-only pubkey (HEX, 32B)\n *   - `ephemeral_pubkey`: VP's ephemeral token-signing key (HEX, 33B compressed)\n *   - `expires_at`:       Unix timestamp when the ephemeral key expires\n *   - `signature`:        BIP-322 signature by the persistent key over\n *                         `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey, expires_at)`\n *\n * The FE pins `server_pubkey` against the on-chain `VaultProvider.btcPubKey`\n * it reads from the registry contract. A mismatch rejects the token.\n *\n * @module tbv/core/clients/vault-provider/auth/serverIdentity\n */\n\nimport * as ecc from \"@bitcoin-js/tiny-secp256k1-asmjs\";\n\nimport {\n  COMPRESSED_PUBKEY_HEX_LEN,\n  SCHNORR_SIG_HEX_LEN,\n  stripHexPrefix,\n  X_ONLY_PUBKEY_HEX_LEN,\n} from \"../../../primitives/utils/bitcoin\";\nimport { HEX_RE } from \"../../../utils/validation\";\n\nimport { verifyBip322Simple } from \"./bip322Verify\";\nimport { encodeServerIdentityPayload } from \"./cbor\";\n\n/**\n * Byte-string domain the btc-vault Rust reference passes as the first\n * element of the CBOR tuple signed over for server-identity proofs.\n * Must match `SERVER_IDENTITY_DOMAIN` in\n * `btc-vault/crates/btc-auth/src/server_identity.rs`.\n */\nconst SERVER_IDENTITY_DOMAIN = new TextEncoder().encode(\n  \"btc-auth.server-identity.v1\",\n);\n\n/**\n * Cap on `proof.expires_at - now`. Bounds how long a leaked VP\n * ephemeral key stays usable; the bearer token's own TTL does not\n * (different trust boundary). 2h = Rust ref VP's 1h rotation × 2 for\n * clock skew. Override per call via `maxLifetimeSecs`.\n */\nconst DEFAULT_MAX_PROOF_LIFETIME_SECS = 2 * 3600;\n\n/**\n * Wire representation from btc-vault's `ServerIdentityResponse`.\n */\nexport interface ServerIdentityResponse {\n  /** Hex-encoded x-only (32-byte) persistent server pubkey. */\n  server_pubkey: string;\n  /** Hex-encoded compressed (33-byte) ephemeral token-signing pubkey. */\n  ephemeral_pubkey: string;\n  /** Unix timestamp at which the ephemeral key expires. */\n  expires_at: number;\n  /** Hex-encoded 64-byte BIP-322 Schnorr signature. */\n  signature: string;\n}\n\nexport interface VerifyServerIdentityInput {\n  /** The proof returned by `auth_createDepositorToken`. */\n  proof: ServerIdentityResponse;\n  /**\n   * The x-only persistent server pubkey the FE expects (sourced from\n   * the on-chain `VaultProvider.btcPubKey` via the vault registry\n   * reader). 64-char lowercase hex, no `0x` prefix.\n   */\n  pinnedServerPubkey: string;\n  /** Current Unix timestamp in seconds. Injected for testability. */\n  now: number;\n  /** Cap on `proof.expires_at - now` (seconds). Defaults to {@link DEFAULT_MAX_PROOF_LIFETIME_SECS}. */\n  maxLifetimeSecs?: number;\n}\n\nexport class ServerIdentityError extends Error {\n  constructor(\n    message: string,\n    public readonly reason:\n      | \"pinned_pubkey_mismatch\"\n      | \"expired\"\n      | \"expires_too_far\"\n      | \"invalid_expires_at\"\n      | \"invalid_max_lifetime\"\n      | \"invalid_pubkey_encoding\"\n      | \"invalid_ephemeral_pubkey\"\n      | \"invalid_signature_encoding\"\n      | \"signature_verification_failed\",\n  ) {\n    super(message);\n    this.name = \"ServerIdentityError\";\n  }\n}\n\n/** Parse a lowercase-hex string to bytes. Expects even length, already validated. */\nfunction hexToBytes(hex: string): Uint8Array {\n  const out = new Uint8Array(hex.length / 2);\n  for (let i = 0; i < out.length; i++) {\n    out[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);\n  }\n  return out;\n}\n\n\n/**\n * Verify a server identity proof against a pinned server pubkey.\n *\n * Checks:\n *   1. `server_pubkey` matches the pin.\n *   2. `now < expires_at <= now + maxLifetimeSecs` (with integer guards).\n *   3. `ephemeral_pubkey` is a well-formed 33-byte compressed pubkey.\n *   4. `signature` is a well-formed 64-byte Schnorr hex string.\n *   5. The BIP-322 Schnorr signature cryptographically verifies\n *      against `server_pubkey` over the CBOR-encoded tuple\n *      `(SERVER_IDENTITY_DOMAIN, ephemeral_pubkey, expires_at)`.\n *\n * Step 5 is what actually binds the ephemeral key to the persistent\n * pubkey — without it, a TLS-MITM attacker who reads the pinned\n * pubkey from the on-chain registry could substitute an arbitrary\n * ephemeral pubkey paired with any lexically-valid signature.\n *\n * @throws ServerIdentityError on any validation failure.\n */\nexport function verifyServerIdentity(input: VerifyServerIdentityInput): void {\n  const { proof, pinnedServerPubkey, now } = input;\n  const maxLifetimeSecs =\n    input.maxLifetimeSecs ?? DEFAULT_MAX_PROOF_LIFETIME_SECS;\n\n  const pinned = stripHexPrefix(pinnedServerPubkey).toLowerCase();\n  if (pinned.length !== X_ONLY_PUBKEY_HEX_LEN || !HEX_RE.test(pinned)) {\n    throw new ServerIdentityError(\n      `pinnedServerPubkey must be 32-byte hex; got ${pinned.length} chars`,\n      \"invalid_pubkey_encoding\",\n    );\n  }\n\n  const actual = stripHexPrefix(proof.server_pubkey).toLowerCase();\n  if (actual.length !== X_ONLY_PUBKEY_HEX_LEN || !HEX_RE.test(actual)) {\n    throw new ServerIdentityError(\n      `server_pubkey must be 32-byte hex; got ${actual.length} chars`,\n      \"invalid_pubkey_encoding\",\n    );\n  }\n\n  if (actual !== pinned) {\n    throw new ServerIdentityError(\n      `server_pubkey does not match pinned value: expected ${pinned}, got ${actual}`,\n      \"pinned_pubkey_mismatch\",\n    );\n  }\n\n  // Validate both sides of the comparison are well-formed integers\n  // BEFORE comparing — untrusted JSON-RPC input can supply\n  // undefined/NaN/string values for `expires_at`, and relational\n  // comparisons with those silently evaluate to `false` (accepting the\n  // proof). Caller's `now` is injected but we still sanity-check it.\n  // Garbage data and \"valid but past\" both render the proof unusable\n  // but mean different things to a caller — keep the reasons distinct.\n  if (!Number.isSafeInteger(proof.expires_at)) {\n    throw new ServerIdentityError(\n      `expires_at must be a finite integer; got ${JSON.stringify(proof.expires_at)}`,\n      \"invalid_expires_at\",\n    );\n  }\n  if (!Number.isSafeInteger(now)) {\n    throw new ServerIdentityError(\n      `now must be a finite integer; got ${JSON.stringify(now)}`,\n      \"invalid_expires_at\",\n    );\n  }\n  if (proof.expires_at <= now) {\n    throw new ServerIdentityError(\n      `server identity proof expired at ${proof.expires_at}, now ${now}`,\n      \"expired\",\n    );\n  }\n  if (!Number.isSafeInteger(maxLifetimeSecs) || maxLifetimeSecs <= 0) {\n    throw new ServerIdentityError(\n      `maxLifetimeSecs must be a positive safe integer; got ${JSON.stringify(maxLifetimeSecs)}`,\n      \"invalid_max_lifetime\",\n    );\n  }\n  if (proof.expires_at - now > maxLifetimeSecs) {\n    throw new ServerIdentityError(\n      `server identity proof expires too far in the future: ` +\n        `expires_at=${proof.expires_at}, now=${now}, max lifetime=${maxLifetimeSecs}s`,\n      \"expires_too_far\",\n    );\n  }\n\n  const eph = stripHexPrefix(proof.ephemeral_pubkey).toLowerCase();\n  if (eph.length !== COMPRESSED_PUBKEY_HEX_LEN || !HEX_RE.test(eph)) {\n    throw new ServerIdentityError(\n      `ephemeral_pubkey must be 33-byte compressed hex; got ${eph.length} chars`,\n      \"invalid_ephemeral_pubkey\",\n    );\n  }\n  const prefix = eph.slice(0, 2);\n  if (prefix !== \"02\" && prefix !== \"03\") {\n    throw new ServerIdentityError(\n      `ephemeral_pubkey must be compressed (prefix 02/03); got ${prefix}`,\n      \"invalid_ephemeral_pubkey\",\n    );\n  }\n  // Curve validation. The BIP-322 signature attests to the byte string\n  // of `ephemeral_pubkey` only, not to its curve validity. Without\n  // this check, a server could sign a structurally-valid byte string\n  // that doesn't decode to a secp256k1 point — passing verification\n  // here and surfacing as an obscure crypto error later when the\n  // depositor tries to use the key. Reject up front.\n  const ephBytes = hexToBytes(eph);\n  if (!ecc.isPoint(ephBytes)) {\n    throw new ServerIdentityError(\n      \"ephemeral_pubkey is not a valid secp256k1 point\",\n      \"invalid_ephemeral_pubkey\",\n    );\n  }\n\n  const sig = stripHexPrefix(proof.signature).toLowerCase();\n  if (sig.length !== SCHNORR_SIG_HEX_LEN || !HEX_RE.test(sig)) {\n    throw new ServerIdentityError(\n      `signature must be 64-byte Schnorr hex; got ${sig.length} chars`,\n      \"invalid_signature_encoding\",\n    );\n  }\n\n  // Cryptographic verification of the BIP-322 signature over the\n  // CBOR-encoded payload. Without this, the ephemeral-key binding is\n  // unenforced and a TLS-MITM could substitute a fake ephemeral key\n  // alongside the real (publicly-readable) pinned pubkey.\n  const payload = encodeServerIdentityPayload(\n    SERVER_IDENTITY_DOMAIN,\n    hexToBytes(eph),\n    proof.expires_at,\n  );\n  const verified = verifyBip322Simple(payload, hexToBytes(actual), hexToBytes(sig));\n  if (!verified) {\n    throw new ServerIdentityError(\n      \"BIP-322 signature verification failed — ephemeral key is not attested by pinned server pubkey\",\n      \"signature_verification_failed\",\n    );\n  }\n}\n","/**\n * VP RPC methods that require `Authorization: Bearer <token>`.\n * Protocol invariant — must be kept in sync with the VP server.\n *\n * Split into two sets by the CWT subject the VP demands:\n *\n * - {@link AUTH_GATED_METHODS} — bearer minted by\n *   `auth_createDepositorToken` (Subject::VaultdJsonRpc). These run\n *   through the proxy's plain JSON-RPC forward path.\n * - {@link GRPC_AUTH_GATED_METHODS} — bearer minted by\n *   `auth_createDepositorTokenGrpc` (Subject::VaultdGrpc). The proxy\n *   translates these into gRPC calls to vaultd's daemon gRPC server,\n *   so a JSON-RPC-subject token would be rejected by\n *   `GrpcAuthInterceptor`.\n *\n * @stability frozen\n *\n * @module tbv/core/clients/vault-provider/auth/gatedMethods\n */\n\nexport const AUTH_GATED_METHODS: ReadonlySet<string> = new Set([\n  \"vaultProvider_submitDepositorWotsKey\",\n  \"vaultProvider_submitDepositorPresignatures\",\n  \"vaultProvider_requestDepositorPresignTransactions\",\n]);\n\nexport const GRPC_AUTH_GATED_METHODS: ReadonlySet<string> = new Set([\n  \"vaultProvider_requestDepositorClaimerArtifacts\",\n]);\n","/**\n * Shared internals for the unauthenticated token-issuing JSON-RPC\n * client. The \"inner\" client is dedicated to `auth_createDepositorToken`\n * — it MUST NOT carry a `tokenProvider`, else the JSON-RPC header\n * builder would recurse into token acquisition.\n *\n * @module tbv/core/clients/vault-provider/auth/innerTokenClient\n */\n\nimport { JsonRpcClient } from \"../json-rpc-client\";\n\nconst TOKEN_RPC_TIMEOUT_MS = 60_000;\n\nexport const TOKEN_ISSUE_METHOD = \"auth_createDepositorToken\";\n/**\n * gRPC-subject sibling of {@link TOKEN_ISSUE_METHOD}. The proxy bridges\n * this call to vaultd's `VaultProviderDepositorAuthService.CreateDepositorToken`\n * so the resulting CWT is bound to `Subject::VaultdGrpc` — required to\n * pass vaultd's `GrpcAuthInterceptor` on methods the proxy translates to\n * gRPC (currently just the artifact stream).\n */\nexport const GRPC_TOKEN_ISSUE_METHOD = \"auth_createDepositorTokenGrpc\";\n\nexport function buildInnerTokenClient(\n  baseUrl: string,\n  headers?: Record<string, string>,\n): JsonRpcClient {\n  return new JsonRpcClient({\n    baseUrl,\n    timeout: TOKEN_RPC_TIMEOUT_MS,\n    headers,\n    retryableFor: (method) =>\n      method === TOKEN_ISSUE_METHOD || method === GRPC_TOKEN_ISSUE_METHOD,\n  });\n}\n","/**\n * `VpTokenProvider` — caches CWT bearer tokens issued by the vault\n * provider's `auth_createDepositorToken` RPC, with lazy expiry check\n * and single-flight concurrent acquire.\n *\n * Usage:\n *\n * ```ts\n * const provider = new VpTokenProvider({\n *   client,\n *   peginTxid,\n *   authAnchorHex,\n *   pinnedServerPubkey,\n *   authGatedMethods,\n * });\n * const bearer = await provider.getToken(method); // null if not gated\n * ```\n *\n * The provider implements the `BearerTokenProvider` interface expected\n * by `JsonRpcClient`. Plug directly:\n *\n * ```ts\n * const client = new JsonRpcClient({ ..., tokenProvider: provider });\n * ```\n *\n * @module tbv/core/clients/vault-provider/auth/tokenProvider\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport type { BearerTokenProvider, JsonRpcClient } from \"../json-rpc-client\";\nimport {\n  GRPC_TOKEN_ISSUE_METHOD,\n  TOKEN_ISSUE_METHOD,\n} from \"./innerTokenClient\";\nimport {\n  type ServerIdentityResponse,\n  verifyServerIdentity,\n} from \"./serverIdentity\";\n\n/**\n * Maximum reasonable `expires_at` value (seconds since epoch). Guards\n * against a bogus far-future timestamp that would lock the cache on a\n * bad token forever. Jan 1, 2100 in Unix seconds.\n */\nconst MAX_EXPIRES_AT_SECS = 4_102_444_800;\n\n/**\n * Default safety margin before `expires_at` — we treat a token as\n * expired this many seconds before its stated expiry so that in-flight\n * requests don't race the expiry boundary.\n */\nconst DEFAULT_REFRESH_SKEW_SECS = 30;\n\n/**\n * Wire response shape of `auth_createDepositorToken`.\n */\nexport interface CreateDepositorTokenResponse {\n  /** Base64url-encoded COSE Sign1 CWT bearer token. */\n  token: string;\n  /** Unix timestamp at which the token expires. */\n  expires_at: number;\n  /** Server identity proof bundled with every token response. */\n  server_identity: ServerIdentityResponse;\n}\n\nexport interface VpTokenProviderConfig {\n  client: JsonRpcClient;\n  /** Per-vault depositor-signed PegIn tx id. NOT shared across sibling vaults in a batch. */\n  peginTxid: string;\n  /** 64-char hex of the 32-byte OP_RETURN auth-anchor preimage. */\n  authAnchorHex: string;\n  /** Pinned VP pubkey from the on-chain registry; branded so indexer mirrors can't substitute. */\n  pinnedServerPubkey: OnChainBtcPubkey;\n  /**\n   * Methods that need a JSON-RPC-subject bearer (minted via\n   * `auth_createDepositorToken`). Forwarded over plain HTTP JSON-RPC by\n   * the proxy. `getToken` returns `null` for any method outside this and\n   * {@link grpcGatedMethods}.\n   */\n  authGatedMethods: ReadonlySet<string>;\n  /**\n   * Methods that need a gRPC-subject bearer (minted via\n   * `auth_createDepositorTokenGrpc`). The proxy translates these into\n   * gRPC calls to vaultd; the JSON-RPC bearer is rejected with a\n   * `Subject` mismatch.\n   */\n  grpcGatedMethods: ReadonlySet<string>;\n  /** Default {@link DEFAULT_REFRESH_SKEW_SECS}. */\n  refreshSkewSecs?: number;\n  /** Clock source for testability. */\n  now?: () => number;\n}\n\ninterface CachedToken {\n  token: string;\n  expiresAt: number;\n}\n\n/**\n * Acquire, cache, and refresh VP bearer tokens.\n *\n * Implements {@link BearerTokenProvider}. Safe to pass directly into\n * `JsonRpcClient` as `tokenProvider`.\n */\nexport class VpTokenProvider implements BearerTokenProvider {\n  // `client` is the only mutable field — see `setClient`. The\n  // identity-bearing fields (peginTxid/authAnchorHex/pinnedServerPubkey)\n  // remain readonly and are checked against re-registration in the\n  // registry's `getOrCreate`.\n  private client: JsonRpcClient;\n  private readonly peginTxid: string;\n  private readonly authAnchorHex: string;\n  private readonly pinnedServerPubkey: OnChainBtcPubkey;\n  private readonly authGatedMethods: ReadonlySet<string>;\n  private readonly grpcGatedMethods: ReadonlySet<string>;\n  private readonly refreshSkewSecs: number;\n  private readonly now: () => number;\n\n  /** Cached JSON-RPC-subject bearer (auth_createDepositorToken). */\n  private cachedJsonRpc: CachedToken | null = null;\n  private inFlightJsonRpc: Promise<CachedToken> | null = null;\n  /** Cached gRPC-subject bearer (auth_createDepositorTokenGrpc). */\n  private cachedGrpc: CachedToken | null = null;\n  private inFlightGrpc: Promise<CachedToken> | null = null;\n\n  constructor(config: VpTokenProviderConfig) {\n    this.client = config.client;\n    this.peginTxid = config.peginTxid;\n    this.authAnchorHex = config.authAnchorHex;\n    this.pinnedServerPubkey = config.pinnedServerPubkey;\n    this.authGatedMethods = config.authGatedMethods;\n    this.grpcGatedMethods = config.grpcGatedMethods;\n    this.refreshSkewSecs = config.refreshSkewSecs ?? DEFAULT_REFRESH_SKEW_SECS;\n    this.now = config.now ?? (() => Math.floor(Date.now() / 1000));\n  }\n\n  /**\n   * Return a bearer token for `method`, or `null` if `method` is not\n   * auth-gated.\n   *\n   * Routes by subject: `authGatedMethods` → JSON-RPC bearer (issued via\n   * `auth_createDepositorToken`); `grpcGatedMethods` → gRPC bearer\n   * (`auth_createDepositorTokenGrpc`). Either path acquires lazily and\n   * single-flights concurrent callers; the two cache slots are\n   * independent.\n   *\n   * Both token-issuing methods are hard-exempted from the gate — if\n   * either were ever included in the gated sets (caller misconfiguration)\n   * the provider would recurse into `acquireSingleFlight` from inside the\n   * JSON-RPC header builder before `inFlight` is assigned, defeating the\n   * single-flight guard. Returning `null` here breaks that recursion\n   * deterministically.\n   */\n  async getToken(method: string): Promise<string | null> {\n    if (method === TOKEN_ISSUE_METHOD || method === GRPC_TOKEN_ISSUE_METHOD) {\n      return null;\n    }\n\n    if (this.grpcGatedMethods.has(method)) {\n      return this.getTokenForSubject(\"grpc\");\n    }\n    if (this.authGatedMethods.has(method)) {\n      return this.getTokenForSubject(\"jsonrpc\");\n    }\n    return null;\n  }\n\n  /**\n   * Drop both cached tokens. Next `getToken` call re-acquires the slot\n   * that's actually needed. Called by `JsonRpcClient` on wire\n   * `auth_expired` responses; the client doesn't tell us which subject\n   * expired, so we evict both to stay correct under either.\n   *\n   * Worst case is one extra round-trip on the slot that was still fresh,\n   * which is cheaper than carrying a `Subject` argument through\n   * `BearerTokenProvider`.\n   */\n  invalidate(): void {\n    this.cachedJsonRpc = null;\n    this.cachedGrpc = null;\n    // Do NOT clear `inFlight*` — a concurrent acquire is still valid;\n    // the invalidator is saying \"the cached token is bad\", not \"any\n    // in-flight acquire is bad\". The in-flight acquire will populate\n    // a fresh `cached*` on completion.\n  }\n\n  private async getTokenForSubject(\n    subject: \"jsonrpc\" | \"grpc\",\n  ): Promise<string> {\n    const cached =\n      subject === \"grpc\" ? this.cachedGrpc : this.cachedJsonRpc;\n    if (cached && this.now() + this.refreshSkewSecs < cached.expiresAt) {\n      return cached.token;\n    }\n    const fresh = await this.acquireSingleFlight(subject);\n    return fresh.token;\n  }\n\n  /**\n   * Swap in a different transport for subsequent token-issuing calls.\n   * Used by the registry when a later caller registers the same\n   * `peginTxid` against a different `baseUrl` — the cached token\n   * (bound to identity, not transport) stays valid, but future\n   * refreshes hit the new URL. An in-flight acquire keeps using the\n   * old client (it captured the reference); next call uses the new.\n   */\n  setClient(client: JsonRpcClient): void {\n    this.client = client;\n  }\n\n  private acquireSingleFlight(\n    subject: \"jsonrpc\" | \"grpc\",\n  ): Promise<CachedToken> {\n    const existing =\n      subject === \"grpc\" ? this.inFlightGrpc : this.inFlightJsonRpc;\n    if (existing) return existing;\n\n    const issueMethod =\n      subject === \"grpc\" ? GRPC_TOKEN_ISSUE_METHOD : TOKEN_ISSUE_METHOD;\n\n    const p = (async () => {\n      try {\n        const response = await this.client.call<\n          { pegin_txid: string; auth_anchor: string },\n          CreateDepositorTokenResponse\n        >(issueMethod, {\n          pegin_txid: this.peginTxid,\n          auth_anchor: this.authAnchorHex,\n        });\n\n        verifyServerIdentity({\n          proof: response.server_identity,\n          pinnedServerPubkey: this.pinnedServerPubkey,\n          now: this.now(),\n        });\n\n        // Validate wire payload before caching so a malformed response\n        // from a compromised VP or proxy can't poison the cache with\n        // unusable values (non-string token, non-integer expiry, etc.).\n        if (typeof response.token !== \"string\" || response.token.length === 0) {\n          throw new Error(\n            `VpTokenProvider: invalid token in acquire response (expected non-empty string, got ${typeof response.token})`,\n          );\n        }\n        const now = this.now();\n        if (\n          !Number.isSafeInteger(response.expires_at) ||\n          response.expires_at <= now ||\n          response.expires_at > MAX_EXPIRES_AT_SECS\n        ) {\n          throw new Error(\n            `VpTokenProvider: invalid expires_at in acquire response (got ${JSON.stringify(response.expires_at)}; must be a safe integer in (${now}, ${MAX_EXPIRES_AT_SECS}])`,\n          );\n        }\n\n        const fresh: CachedToken = {\n          token: response.token,\n          expiresAt: response.expires_at,\n        };\n        if (subject === \"grpc\") {\n          this.cachedGrpc = fresh;\n        } else {\n          this.cachedJsonRpc = fresh;\n        }\n        return fresh;\n      } finally {\n        if (subject === \"grpc\") {\n          this.inFlightGrpc = null;\n        } else {\n          this.inFlightJsonRpc = null;\n        }\n      }\n    })();\n\n    if (subject === \"grpc\") {\n      this.inFlightGrpc = p;\n    } else {\n      this.inFlightJsonRpc = p;\n    }\n    return p;\n  }\n}\n","/**\n * In-memory registry of {@link VpTokenProvider} instances keyed by\n * the per-vault depositor-signed PegIn tx hash. Module-level\n * singleton, per-tab, never persisted.\n *\n * @module tbv/core/clients/vault-provider/auth/tokenRegistry\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport type { JsonRpcClient } from \"../json-rpc-client\";\n\nimport { AUTH_GATED_METHODS, GRPC_AUTH_GATED_METHODS } from \"./gatedMethods\";\nimport { VpTokenProvider } from \"./tokenProvider\";\n\nexport interface VpTokenRegistryInput {\n  client: JsonRpcClient;\n  peginTxid: string;\n  authAnchorHex: string;\n  pinnedServerPubkey: OnChainBtcPubkey;\n  /**\n   * Opt into gRPC-subject auth for {@link GRPC_AUTH_GATED_METHODS}\n   * (currently the artifact stream). Defaults to `false`: those methods\n   * fall back into the JSON-RPC-subject set and authenticate via\n   * `auth_createDepositorToken`, matching a proxy that runs with\n   * `ENABLE_GRPC_ARTIFACTS` off. Set `true` only against a proxy that\n   * serves `auth_createDepositorTokenGrpc`.\n   */\n  enableGrpcArtifactAuth?: boolean;\n}\n\ninterface RegistryEntry {\n  provider: VpTokenProvider;\n  authAnchorHex: string;\n  pinnedServerPubkey: OnChainBtcPubkey;\n  /** Resolved (defaulted) gRPC-auth gating the provider was built with. */\n  enableGrpcArtifactAuth: boolean;\n}\n\nexport class VpTokenRegistry {\n  private readonly entries = new Map<string, RegistryEntry>();\n\n  /**\n   * Return the cached `VpTokenProvider` for `peginTxid` if one exists\n   * with matching `authAnchorHex`, `pinnedServerPubkey`, and\n   * `enableGrpcArtifactAuth`, otherwise construct and cache a fresh\n   * provider. A mismatch on any of those throws — silent overwrite would\n   * mask derivation drift, VP pubkey rotation, or a caller that disagrees\n   * on the auth subject (which the cached provider can't switch).\n   */\n  getOrCreate(input: VpTokenRegistryInput): VpTokenProvider {\n    // gRPC-subject auth is opt-in. When off (default), the gRPC-gated\n    // methods are folded into the JSON-RPC-subject set so they keep\n    // minting their bearer via `auth_createDepositorToken` — the\n    // pre-PR-#1789 behaviour, and the only path a proxy without\n    // `ENABLE_GRPC_ARTIFACTS` accepts. Resolved once here so the cache-hit\n    // mismatch check and the miss-path construction agree on the default.\n    const useGrpcAuth = input.enableGrpcArtifactAuth ?? false;\n\n    const existing = this.entries.get(input.peginTxid);\n    if (existing) {\n      if (existing.authAnchorHex !== input.authAnchorHex) {\n        throw new Error(\n          `VpTokenRegistry: peginTxid ${input.peginTxid} already bound to authAnchorHex ${existing.authAnchorHex.slice(0, 8)}…; got ${input.authAnchorHex.slice(0, 8)}…`,\n        );\n      }\n      if (existing.pinnedServerPubkey !== input.pinnedServerPubkey) {\n        throw new Error(\n          `VpTokenRegistry: peginTxid ${input.peginTxid} already bound to pinnedServerPubkey ${existing.pinnedServerPubkey.slice(0, 8)}…; got ${input.pinnedServerPubkey.slice(0, 8)}…`,\n        );\n      }\n      // The provider's gated-method sets are fixed at construction, so a\n      // later caller asking for a different subject can't be honoured by\n      // the cached instance. Fail loudly rather than silently serve the\n      // wrong-subject token (a Subject-mismatch rejection at the VP).\n      if (existing.enableGrpcArtifactAuth !== useGrpcAuth) {\n        throw new Error(\n          `VpTokenRegistry: peginTxid ${input.peginTxid} already bound to enableGrpcArtifactAuth=${existing.enableGrpcArtifactAuth}; got ${useGrpcAuth}`,\n        );\n      }\n      // Refresh the inner transport on every reuse so a VP URL\n      // change between calls doesn't leave the cached provider\n      // pinned to a dead URL for token refresh.\n      existing.provider.setClient(input.client);\n      return existing.provider;\n    }\n\n    const provider = new VpTokenProvider({\n      client: input.client,\n      peginTxid: input.peginTxid,\n      authAnchorHex: input.authAnchorHex,\n      pinnedServerPubkey: input.pinnedServerPubkey,\n      authGatedMethods: useGrpcAuth\n        ? AUTH_GATED_METHODS\n        : new Set([...AUTH_GATED_METHODS, ...GRPC_AUTH_GATED_METHODS]),\n      grpcGatedMethods: useGrpcAuth ? GRPC_AUTH_GATED_METHODS : new Set(),\n    });\n    this.entries.set(input.peginTxid, {\n      provider,\n      authAnchorHex: input.authAnchorHex,\n      pinnedServerPubkey: input.pinnedServerPubkey,\n      enableGrpcArtifactAuth: useGrpcAuth,\n    });\n    return provider;\n  }\n\n  /** Return the cached provider, or `undefined` if none. */\n  peek(peginTxid: string): VpTokenProvider | undefined {\n    return this.entries.get(peginTxid)?.provider;\n  }\n\n  /**\n   * Evict the entry for `peginTxid`. Idempotent. Called on terminal\n   * paths — activation success, user-cancel, or component unmount —\n   * so `authAnchorHex` doesn't outlive the deposit session.\n   */\n  release(peginTxid: string): void {\n    this.entries.delete(peginTxid);\n  }\n\n  /**\n   * Wipe every cached entry. Test-only escape hatch — not exposed on\n   * the public {@link VpTokenRegistryPublic} singleton type.\n   *\n   * @internal\n   */\n  clear(): void {\n    this.entries.clear();\n  }\n\n  get size(): number {\n    return this.entries.size;\n  }\n}\n\n/**\n * Public surface of the singleton — excludes the test-only `clear`\n * method.\n */\nexport interface VpTokenRegistryPublic {\n  getOrCreate(input: VpTokenRegistryInput): VpTokenProvider;\n  peek(peginTxid: string): VpTokenProvider | undefined;\n  release(peginTxid: string): void;\n  readonly size: number;\n}\n\nexport const vpTokenRegistry: VpTokenRegistryPublic = new VpTokenRegistry();\n","/**\n * Build a {@link VaultProviderRpcClient} that auto-attaches CWT\n * bearer tokens on auth-gated methods. Caller pre-derives both the\n * `authAnchorHex` (from the wallet) and the `pinnedServerPubkey`\n * (from the on-chain registry) and hands them in — the SDK has no\n * notion of wallets here.\n *\n * @module tbv/core/clients/vault-provider/auth/createAuthenticatedVpClient\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\nimport {\n  VaultProviderRpcClient,\n  type VaultProviderRpcClientOptions,\n} from \"../api\";\n\nimport { buildInnerTokenClient } from \"./innerTokenClient\";\nimport { vpTokenRegistry } from \"./tokenRegistry\";\n\nexport interface AuthenticatedVpClientConfig {\n  /** Base URL of the VP RPC endpoint (already proxied if applicable). */\n  baseUrl: string;\n  /** Per-vault depositor-signed PegIn tx id (registry cache key). */\n  peginTxid: string;\n  /** Already-derived 32-byte auth-anchor preimage (64-char hex, no `0x`). */\n  authAnchorHex: string;\n  /** On-chain VP pubkey, branded so it can only come from the registry reader. */\n  pinnedServerPubkey: OnChainBtcPubkey;\n  /**\n   * Opt into gRPC-subject auth for the artifact stream. Defaults to\n   * `false` (JSON-RPC bearer). Only enable against a proxy running with\n   * `ENABLE_GRPC_ARTIFACTS`. Forwarded to {@link vpTokenRegistry}.\n   */\n  enableGrpcArtifactAuth?: boolean;\n  /** Optional outer-client tunables (timeout, retries, headers, etc.). */\n  options?: VaultProviderRpcClientOptions;\n}\n\nexport function createAuthenticatedVpClient(\n  config: AuthenticatedVpClientConfig,\n): VaultProviderRpcClient {\n  const innerTokenClient = buildInnerTokenClient(\n    config.baseUrl,\n    config.options?.headers,\n  );\n\n  const tokenProvider = vpTokenRegistry.getOrCreate({\n    client: innerTokenClient,\n    peginTxid: config.peginTxid,\n    authAnchorHex: config.authAnchorHex,\n    pinnedServerPubkey: config.pinnedServerPubkey,\n    enableGrpcArtifactAuth: config.enableGrpcArtifactAuth,\n  });\n\n  return new VaultProviderRpcClient(config.baseUrl, {\n    ...config.options,\n    tokenProvider,\n  });\n}\n","/**\n * Pre-populate {@link vpTokenRegistry} when the caller already has\n * both the auth-anchor preimage and the on-chain VP pubkey. Seeds\n * the cache for a `peginTxid` so a later `createAuthenticatedVpClient`\n * call reuses the cached `VpTokenProvider` instead of rebuilding it.\n *\n * @module tbv/core/clients/vault-provider/auth/primeVpAuth\n */\n\nimport type { OnChainBtcPubkey } from \"../../eth/types\";\n\nimport { buildInnerTokenClient } from \"./innerTokenClient\";\nimport { vpTokenRegistry } from \"./tokenRegistry\";\n\nexport interface PrimeVpAuthInput {\n  baseUrl: string;\n  peginTxid: string;\n  authAnchorHex: string;\n  pinnedServerPubkey: OnChainBtcPubkey;\n  /** Optional headers forwarded to the inner token client (e.g. gateway auth). */\n  headers?: Record<string, string>;\n  /**\n   * Opt into gRPC-subject auth for the artifact stream. Defaults to\n   * `false`. Must match the value passed to a later\n   * `createAuthenticatedVpClient` for the same `peginTxid` —\n   * `VpTokenRegistry.getOrCreate` throws on a mismatch rather than\n   * serve the wrong-subject token from the primed provider.\n   */\n  enableGrpcArtifactAuth?: boolean;\n}\n\nexport function primeVpTokenRegistry(input: PrimeVpAuthInput): void {\n  vpTokenRegistry.getOrCreate({\n    client: buildInnerTokenClient(input.baseUrl, input.headers),\n    peginTxid: input.peginTxid,\n    authAnchorHex: input.authAnchorHex,\n    pinnedServerPubkey: input.pinnedServerPubkey,\n    enableGrpcArtifactAuth: input.enableGrpcArtifactAuth,\n  });\n}\n"],"names":["resolveProtocolAddresses","publicClient","btcVaultRegistryAddress","protocolParams","applicationRegistry","BTCVaultRegistryABI","UINT16_MAX","mapOffchainParams","result","mapTBVParams","deriveTimelockPegin","timelockAssert","ViemProtocolParamsReader","contractAddress","ProtocolParamsABI","params","validateTBVProtocolParams","validateOffchainParams","version","raw","assertValidOffchainParamsVersion","results","tbvParams","offchainParams","offchainParamsVersion","config","validatePegInConfiguration","onSkippedVersion","latestVersion","versions","_","i","contracts","v","byVersion","error","mapKeyPairs","pair","ViemVaultKeeperReader","appEntryPoint","ApplicationRegistryABI","ViemUniversalChallengerReader","OnChainBtcVaultStatus","DAEMON_STATUS_VALUES","DaemonStatus","VP_ERROR_PREVIEW_MAX_LEN","preview","value","_a","VP_VALIDATION_USER_MESSAGE","VpResponseValidationError","detail","__publicField","TXID_HEX_LEN","isNonEmptyHex","HEX_RE","isNonEmptyString","assertNonEmptyHex","field","assertNonEmptyString","assertBtcPubkey","X_ONLY_PUBKEY_HEX_LEN","COMPRESSED_PUBKEY_HEX_LEN","validatePresigningProgressFields","progress","presigning","p","validateGetPeginStatusResponse","response","r","validateRequestDepositorPresignTransactionsResponse","validateClaimerTransactions","validateDepositorGraphTransactions","validateTransactionData","tx","validateChallengeAssertConnectorData","c","validatePresignDataPerChallenger","d","validateRequestDepositorClaimerArtifactsResponse","sessionEntries","key","session","s","validateGetPegoutStatusResponse","validateClaimerPegoutStatus","validateChallengerStatus","index","assertNullableString","validateBatchGetPeginStatusResponse","validateBatchEnvelope","entry","validateBatchGetPegoutStatusResponse","rpcName","validateInnerResult","e","graph","DEFAULT_TIMEOUT_MS","VaultProviderRpcClient","baseUrl","options","JsonRpcClient","signal","attributeBatchResults","requestedTxids","requestedSet","txid","byTxid","seen","duplicate","unexpected","lower","missing","batchPollByProvider","items","getTxid","batchCall","onItem","onMissing","onDuplicate","onDuplicateBatch","onWholeBatchError","onUnexpected","batchSize","VP_BATCH_MAX_SIZE","chunk","txidToItem","txids","item","lowerTxid","attribution","duplicateTxids","envelope","BIP322_TAG","TAPTWEAK_TAG","X_ONLY_PUBKEY_SIZE","SCHNORR_SIG_SIZE","taggedHash","tag","data","tagBytes","tagHash","sha256","preimage","tweakXOnlyKey","xOnly","tweak","tweaked","ecc","verifyBip322Simple","messageBytes","xOnlyPubkey","signature","messageHash","p2tr","payments","Buffer","scriptPubKey","ZERO_SATS","toSpend","Transaction","scriptSig","toSign","toSpendTxid","sighash","tweakedXOnly","cborHead","major","arg","out","concat","parts","total","offset","encodeBytesAsArrayOfU8","bytes","b","encodeServerIdentityPayload","domain","ephemeralPubkeyCompressed","expiresAt","arrayHeader","domainBytes","pubkeyBytes","expiresAtBytes","SERVER_IDENTITY_DOMAIN","DEFAULT_MAX_PROOF_LIFETIME_SECS","ServerIdentityError","message","reason","hexToBytes","hex","verifyServerIdentity","input","proof","pinnedServerPubkey","now","maxLifetimeSecs","pinned","stripHexPrefix","actual","eph","prefix","ephBytes","sig","SCHNORR_SIG_HEX_LEN","payload","AUTH_GATED_METHODS","GRPC_AUTH_GATED_METHODS","TOKEN_RPC_TIMEOUT_MS","TOKEN_ISSUE_METHOD","GRPC_TOKEN_ISSUE_METHOD","buildInnerTokenClient","headers","method","MAX_EXPIRES_AT_SECS","DEFAULT_REFRESH_SKEW_SECS","VpTokenProvider","subject","cached","client","existing","issueMethod","fresh","VpTokenRegistry","useGrpcAuth","provider","peginTxid","vpTokenRegistry","createAuthenticatedVpClient","innerTokenClient","tokenProvider","primeVpTokenRegistry"],"mappings":"g1BA8BA,eAAsBA,GACpBC,EACAC,EAC4B,CAC5B,KAAM,CAACC,EAAgBC,CAAmB,EAAI,MAAMH,EAAa,UAAU,CACzE,UAAW,CACT,CACE,QAASC,EACT,IAAKG,EAAAA,oBACL,aAAc,gBAAA,EAEhB,CACE,QAASH,EACT,IAAKG,EAAAA,oBACL,aAAc,qBAAA,CAChB,EAEF,aAAc,EAAA,CACf,EAED,MAAO,CACL,eAAAF,EACA,oBAAAC,CAAA,CAEJ,CCzBA,MAAME,EAAa,MAkCnB,SAASC,EAAkBC,EAAoD,CAC7E,MAAO,CACL,eAAgBA,EAAO,eACvB,wBAAyBA,EAAO,wBAChC,oBAAqB,CAAC,GAAGA,EAAO,mBAAmB,EACnD,cAAeA,EAAO,cACtB,QAASA,EAAO,QAChB,mBAAoBA,EAAO,mBAC3B,wBAAyBA,EAAO,wBAChC,mBAAoBA,EAAO,mBAC3B,QAASA,EAAO,QAChB,OAAQA,EAAO,OACf,gBAAiBA,EAAO,gBACxB,qBAAsBA,EAAO,qBAC7B,iBAAkBA,EAAO,gBAAA,CAE7B,CAGA,SAASC,EAAaD,EAAyC,CAC7D,MAAO,CACL,mBAAoBA,EAAO,mBAC3B,eAAgBA,EAAO,eACvB,gBAAiBA,EAAO,gBACxB,uBAAwBA,EAAO,uBAC/B,mBAAoBA,EAAO,mBAC3B,wBAAyBA,EAAO,uBAAA,CAEpC,CAYA,SAASE,EAAoBC,EAAgC,CAC3D,GAAIA,EAAiB,OAAOL,CAAU,EACpC,MAAM,IAAI,MACR,wBAAwBK,CAAc,wBAAwBL,CAAU,GAAA,EAG5E,OAAO,OAAOK,CAAc,CAC9B,CAeO,MAAMC,EAAyD,CACpE,YACUX,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,sBAAmD,CACvD,MAAML,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,sBAAA,CACf,EAEKC,EAASN,EAAaD,CAAM,EAClCQ,OAAAA,EAAAA,0BAA0BD,CAAM,EACzBA,CACT,CAEA,MAAM,yBAA4D,CAChE,MAAMP,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,yBAAA,CACf,EAEKC,EAASR,EAAkBC,CAAM,EACvCS,OAAAA,EAAAA,uBAAuBF,CAAM,EACtBA,CACT,CAEA,MAAM,2BACJG,EACkC,CAClC,MAAMV,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,6BACd,KAAM,CAACI,CAAO,CAAA,CACf,EAEKH,EAASR,EAAkBC,CAAM,EACvCS,OAAAA,EAAAA,uBAAuBF,CAAM,EACtBA,CACT,CAEA,MAAM,gCAAkD,CACtD,MAAMI,EAAM,MAAM,KAAK,aAAa,aAAa,CAC/C,QAAS,KAAK,gBACd,IAAKL,EAAAA,kBACL,aAAc,6BAAA,CACf,EACKI,EAAU,OAAOC,CAAG,EAC1BC,OAAAA,EAAAA,iCAAiCF,CAAO,EACjCA,CACT,CAEA,MAAM,0BAA0BA,EAAkC,CAChE,MAAMH,EAAS,MAAM,KAAK,2BAA2BG,CAAO,EAC5D,OAAOR,EAAoBK,EAAO,cAAc,CAClD,CASA,MAAM,uBAAqD,CACzD,MAAMM,EAAU,MAAM,KAAK,aAAa,UAAU,CAChD,UAAW,CACT,CACE,QAAS,KAAK,gBACd,IAAKP,EAAAA,kBACL,aAAc,sBAAA,EAEhB,CACE,QAAS,KAAK,gBACd,IAAKA,EAAAA,kBACL,aAAc,yBAAA,EAEhB,CACE,QAAS,KAAK,gBACd,IAAKA,EAAAA,kBACL,aAAc,6BAAA,CAChB,EAEF,aAAc,EAAA,CACf,EAEKQ,EAAYb,EAAaY,EAAQ,CAAC,CAAiB,EACnDE,EAAiBhB,EAAkBc,EAAQ,CAAC,CAAsB,EAClEG,EAAwB,OAAOH,EAAQ,CAAC,CAAC,EAEzCI,EAA6B,CACjC,mBAAoBH,EAAU,mBAC9B,eAAgBA,EAAU,eAC1B,gBAAiBA,EAAU,gBAC3B,uBAAwBA,EAAU,uBAClC,mBAAoBA,EAAU,mBAC9B,wBAAyBA,EAAU,wBACnC,cAAeZ,EAAoBa,EAAe,cAAc,EAChE,eAAgBA,EAAe,QAC/B,mBAAoBA,EAAe,mBACnC,eAAAA,EACA,sBAAAC,CAAA,EAGFE,OAAAA,EAAAA,2BAA2BD,CAAM,EAC1BA,CACT,CAYA,MAAM,uBACJE,EACgC,CAChC,MAAMC,EAAgB,MAAM,KAAK,+BAAA,EACjC,GAAIA,IAAkB,EACpB,MAAO,CAAE,UAAW,IAAI,IAAO,cAAe,CAAA,EAGhD,MAAMC,EAAW,MAAM,KAAK,CAAE,OAAQD,CAAA,EAAiB,CAACE,EAAGC,IAAMA,EAAI,CAAC,EAChEC,EAAYH,EAAS,IAAKI,IAAO,CACrC,QAAS,KAAK,gBACd,IAAKnB,EAAAA,kBACL,aAAc,6BACd,KAAM,CAACmB,CAAC,CAAA,EACR,EAEIZ,EAAU,MAAM,KAAK,aAAa,UAAU,CAChD,UAAAW,EACA,aAAc,EAAA,CACf,EAEKE,MAAgB,IACtB,QAASH,EAAI,EAAGA,EAAIF,EAAS,OAAQE,IAAK,CACxC,MAAMhB,EAASR,EAAkBc,EAAQU,CAAC,CAAsB,EAChE,GAAI,CACFd,EAAAA,uBAAuBF,CAAM,EAC7BmB,EAAU,IAAIL,EAASE,CAAC,EAAGhB,CAAM,CACnC,OAASoB,EAAO,CAGdR,GAAA,MAAAA,EACEE,EAASE,CAAC,EACVI,aAAiB,MAAQA,EAAQ,IAAI,MAAM,OAAOA,CAAK,CAAC,EAE5D,CACF,CAEA,MAAO,CAAE,UAAAD,EAAW,cAAAN,CAAA,CACtB,CACF,CC5QA,SAASQ,EACP5B,EACqB,CACrB,OAAOA,EAAO,IAAK6B,IAAU,CAC3B,WAAYA,EAAK,WACjB,UAAWA,EAAK,SAAA,EAChB,CACJ,CAWO,MAAMC,EAAmD,CAC9D,YACUrC,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,yBACJ0B,EACArB,EAC8B,CAC9B,MAAMV,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKgC,EAAAA,uBACL,aAAc,2BACd,KAAM,CAACD,EAAerB,CAAO,CAAA,CAC9B,EAED,OAAOkB,EAAY5B,CAAM,CAC3B,CAEA,MAAM,uBACJ+B,EAC8B,CAC9B,MAAM/B,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKgC,EAAAA,uBACL,aAAc,yBACd,KAAM,CAACD,CAAa,CAAA,CACrB,EAED,OAAOH,EAAY5B,CAAM,CAC3B,CAEA,MAAM,8BACJ+B,EACiB,CAQjB,OAPgB,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKC,EAAAA,uBACL,aAAc,gCACd,KAAM,CAACD,CAAa,CAAA,CACrB,CAGH,CACF,CAWO,MAAME,EAAmE,CAC9E,YACUxC,EACAY,EACR,CAFQ,KAAA,aAAAZ,EACA,KAAA,gBAAAY,CACP,CAEH,MAAM,iCACJK,EAC8B,CAC9B,MAAMV,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,mCACd,KAAM,CAACI,CAAO,CAAA,CACf,EAED,OAAOkB,EAAY5B,CAAM,CAC3B,CAEA,MAAM,gCAA+D,CACnE,MAAMA,EAAU,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,gCAAA,CACf,EAED,OAAOsB,EAAY5B,CAAM,CAC3B,CAEA,MAAM,sCAAwD,CAO5D,OANgB,MAAM,KAAK,aAAa,aAAa,CACnD,QAAS,KAAK,gBACd,IAAKM,EAAAA,kBACL,aAAc,mCAAA,CACf,CAGH,CACF,CC7FO,IAAK4B,IAAAA,IACVA,EAAAA,EAAA,QAAU,CAAA,EAAV,UACAA,EAAAA,EAAA,SAAW,CAAA,EAAX,WACAA,EAAAA,EAAA,OAAS,CAAA,EAAT,SACAA,EAAAA,EAAA,SAAW,CAAA,EAAX,WACAA,EAAAA,EAAA,QAAU,CAAA,EAAV,UALUA,IAAAA,IAAA,CAAA,CAAA,ECVZ,MAAMC,EAAuB,IAAI,IAAY,OAAO,OAAOC,EAAAA,YAAY,CAAC,EAElEC,GAA2B,IAEjC,SAASC,EAAQC,EAAwB,OACvC,QACEC,EAAA,KAAK,UAAUD,CAAK,IAApB,YAAAC,EAAuB,MAAM,EAAGH,MAA6B,WAEjE,CAEA,MAAMI,GACJ,2FAQK,MAAMC,UAAkC,KAAM,CAGnD,YAAYC,EAAgB,CAC1B,MAAMF,EAA0B,EAHzBG,EAAA,eAIP,KAAK,KAAO,4BACZ,KAAK,OAASD,CAChB,CACF,CAGA,MAAME,EAAe,GAErB,SAASC,EAAcP,EAAiC,CACtD,OAAO,OAAOA,GAAU,UAAYA,EAAM,OAAS,GAAKQ,EAAAA,OAAO,KAAKR,CAAK,CAC3E,CAEA,SAASS,GAAiBT,EAAiC,CACzD,OAAO,OAAOA,GAAU,UAAYA,EAAM,OAAS,CACrD,CAEA,SAASU,GAAkBV,EAAgBW,EAAqB,CAC9D,GAAI,CAACJ,EAAcP,CAAK,EACtB,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,yCAAyCZ,EAAQC,CAAK,CAAC,EAAA,CAGrG,CAEA,SAASY,EAAqBZ,EAAgBW,EAAqB,CACjE,GAAI,CAACF,GAAiBT,CAAK,EACzB,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qCAAqCZ,EAAQC,CAAK,CAAC,EAAA,CAGjG,CAMA,SAASa,EAAgBb,EAAgBW,EAAqB,CAC5D,GACE,CAACJ,EAAcP,CAAK,GACnBA,EAAM,SAAWc,yBAChBd,EAAM,SAAWe,4BAEnB,MAAM,IAAIZ,EACR,mCAAmCQ,CAAK,eAAeG,EAAAA,qBAAqB,OAAOC,EAAAA,yBAAyB,sCAAsChB,EAAQC,CAAK,CAAC,EAAA,CAGtK,CAKA,SAASgB,GACPC,EACM,CACN,MAAMC,EAAaD,EAAS,WAC5B,GAAgCC,GAAe,KAAM,OACrD,GAAI,OAAOA,GAAe,UAAY,MAAM,QAAQA,CAAU,EAC5D,MAAM,IAAIf,EACR,mFAAA,EAIJ,MAAMgB,EAAID,EAEV,GACEC,EAAE,0BAA4B,QAC9B,OAAOA,EAAE,yBAA4B,UAErC,MAAM,IAAIhB,EACR,kHAAkHJ,EAAQoB,EAAE,uBAAuB,CAAC,EAAA,EAIxJ,GACEA,EAAE,qCAAuC,QACzC,OAAOA,EAAE,oCAAuC,SAEhD,MAAM,IAAIhB,EACR,4HAA4HJ,EAAQoB,EAAE,kCAAkC,CAAC,EAAA,EAI7K,GACEA,EAAE,iCAAmC,QACrC,OAAOA,EAAE,gCAAmC,SAE5C,MAAM,IAAIhB,EACR,wHAAwHJ,EAAQoB,EAAE,8BAA8B,CAAC,EAAA,CAGvK,CAOO,SAASC,GACdC,EAC4C,CAC5C,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,yEAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACd,EAAce,EAAE,UAAU,GAAKA,EAAE,WAAW,SAAWhB,EAC1D,MAAM,IAAIH,EACR,yDAAyDG,CAAY,gCAAgCP,EAAQuB,EAAE,UAAU,CAAC,EAAA,EAI9H,GAAI,OAAOA,EAAE,QAAW,SACtB,MAAM,IAAInB,EACR,0DAAA,EAIJ,GAAI,CAACP,EAAqB,IAAI0B,EAAE,MAAM,EACpC,MAAM,IAAInB,EACR,uDAAuDmB,EAAE,MAAM,uBAAuB,CAAC,GAAG1B,CAAoB,EAAE,KAAK,IAAI,CAAC,EAAA,EAI9H,GACE0B,EAAE,WAAa,MACf,OAAOA,EAAE,UAAa,UACtB,MAAM,QAAQA,EAAE,QAAQ,EAExB,MAAM,IAAInB,EACR,6DAAA,EAMJ,GAFAa,GAAiCM,EAAE,QAAmC,EAElE,OAAOA,EAAE,aAAgB,SAC3B,MAAM,IAAInB,EACR,+DAAA,EAIJ,GAAImB,EAAE,aAAe,QAAa,OAAOA,EAAE,YAAe,SACxD,MAAM,IAAInB,EACR,gFAAgFJ,EAAQuB,EAAE,UAAU,CAAC,EAAA,CAG3G,CAKO,SAASC,GACdF,EACiE,CACjE,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,8FAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAAC,MAAM,QAAQC,EAAE,GAAG,EACtB,MAAM,IAAInB,EACR,uDAAA,EAIJ,QAASnB,EAAI,EAAGA,EAAIsC,EAAE,IAAI,OAAQtC,IAChCwC,GAA4BF,EAAE,IAAItC,CAAC,EAAG,OAAOA,CAAC,GAAG,EAGnD,GAAIsC,EAAE,kBAAoB,MAAQ,OAAOA,EAAE,iBAAoB,SAC7D,MAAM,IAAInB,EACR,oEAAA,EAIJsB,GACEH,EAAE,eAAA,CAEN,CAEA,SAASI,EAAwB1B,EAAgBW,EAAqB,CACpE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5CD,GADWV,EACU,OAAQ,GAAGW,CAAK,SAAS,CAChD,CAEA,SAASa,GAA4BxB,EAAgBW,EAAqB,CACxE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMgB,EAAK3B,EAEXa,EAAgBc,EAAG,eAAgB,GAAGhB,CAAK,iBAAiB,EAC5De,EAAwBC,EAAG,SAAU,GAAGhB,CAAK,WAAW,EACxDe,EAAwBC,EAAG,UAAW,GAAGhB,CAAK,YAAY,EAC1De,EAAwBC,EAAG,UAAW,GAAGhB,CAAK,YAAY,EAC1DC,EAAqBe,EAAG,YAAa,GAAGhB,CAAK,cAAc,CAC7D,CAEA,SAASiB,GACP5B,EACAW,EACM,CACN,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMkB,EAAI7B,EACVY,EAAqBiB,EAAE,cAAe,GAAGlB,CAAK,gBAAgB,EAC9DC,EAAqBiB,EAAE,kBAAmB,GAAGlB,CAAK,oBAAoB,CACxE,CAEA,SAASmB,GAAiC9B,EAAgBW,EAAqB,CAC7E,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,qBAAA,EAI5C,MAAMoB,EAAI/B,EAcV,GAZAa,EAAgBkB,EAAE,kBAAmB,GAAGpB,CAAK,oBAAoB,EACjEe,EACEK,EAAE,sBACF,GAAGpB,CAAK,wBAAA,EAEVe,EACEK,EAAE,sBACF,GAAGpB,CAAK,wBAAA,EAEVe,EAAwBK,EAAE,YAAa,GAAGpB,CAAK,cAAc,EAC7DC,EAAqBmB,EAAE,cAAe,GAAGpB,CAAK,gBAAgB,EAE1D,CAAC,MAAM,QAAQoB,EAAE,2BAA2B,EAC9C,MAAM,IAAI5B,EACR,mCAAmCQ,CAAK,gDAAA,EAI5C,QAAS3B,EAAI,EAAGA,EAAI+C,EAAE,4BAA4B,OAAQ/C,IACxD4C,GACEG,EAAE,4BAA4B/C,CAAC,EAC/B,GAAG2B,CAAK,gCAAgC3B,CAAC,GAAA,EAI7C,GAAI,CAAC,MAAM,QAAQ+C,EAAE,mBAAmB,EACtC,MAAM,IAAI5B,EACR,mCAAmCQ,CAAK,wCAAA,EAI5C,QAAS3B,EAAI,EAAGA,EAAI+C,EAAE,oBAAoB,OAAQ/C,IAChD0B,GACEqB,EAAE,oBAAoB/C,CAAC,EACvB,GAAG2B,CAAK,wBAAwB3B,CAAC,GAAA,CAGvC,CAKO,SAASgD,GACdX,EAC8D,CAC9D,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,2FAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACZ,GAAiBa,EAAE,aAAa,EACnC,MAAM,IAAInB,EACR,kFAAkFJ,EAAQuB,EAAE,aAAa,CAAC,EAAA,EAI9G,GAAI,CAACf,EAAce,EAAE,iBAAiB,EACpC,MAAM,IAAInB,EACR,0FAA0FJ,EAAQuB,EAAE,iBAAiB,CAAC,EAAA,EAI1H,GACEA,EAAE,gBAAkB,MACpB,OAAOA,EAAE,eAAkB,UAC3B,MAAM,QAAQA,EAAE,aAAa,EAE7B,MAAM,IAAInB,EACR,kEAAA,EAIJ,MAAM8B,EAAiB,OAAO,QAC5BX,EAAE,aAAA,EAEJ,GAAIW,EAAe,SAAW,EAC5B,MAAM,IAAI9B,EACR,2FAAA,EAIJ,SAAW,CAAC+B,EAAKC,CAAO,IAAKF,EAAgB,CAE3C,GADApB,EAAgBqB,EAAK,kBAAkBA,CAAG,IAAI,EAC1CC,IAAY,MAAQ,OAAOA,GAAY,SACzC,MAAM,IAAIhC,EACR,iDAAiD+B,CAAG,qBAAA,EAGxD,MAAME,EAAID,EACV,GAAI,CAAC5B,EAAc6B,EAAE,uBAAuB,EAC1C,MAAM,IAAIjC,EACR,iDAAiD+B,CAAG,iEAAiEnC,EAAQqC,EAAE,uBAAuB,CAAC,EAAA,CAG7J,CACF,CAOO,SAASC,GACdhB,EAC6C,CAC7C,GAAIA,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,uEAAA,EAIJ,MAAMmB,EAAID,EAEV,GAAI,CAACd,EAAce,EAAE,UAAU,GAAKA,EAAE,WAAW,SAAWhB,EAC1D,MAAM,IAAIH,EACR,yDAAyDG,CAAY,gCAAgCP,EAAQuB,EAAE,UAAU,CAAC,EAAA,EAI9H,GAAI,OAAOA,EAAE,OAAU,UACrB,MAAM,IAAInB,EACR,iEAAiEJ,EAAQuB,EAAE,KAAK,CAAC,EAAA,EAKrF,GAAIA,EAAE,UAAY,KAAM,CACtB,GAAI,OAAOA,EAAE,SAAY,SACvB,MAAM,IAAInB,EACR,2EAA2EJ,EAAQuB,EAAE,OAAO,CAAC,EAAA,EAGjGgB,GAA4BhB,EAAE,OAAkC,CAClE,CAGA,GAAI,CAAC,MAAM,QAAQA,EAAE,WAAW,EAC9B,MAAM,IAAInB,EACR,sEAAsEJ,EAAQuB,EAAE,WAAW,CAAC,EAAA,EAGhG,QAAStC,EAAI,EAAGA,EAAIsC,EAAE,YAAY,OAAQtC,IACxCuD,GAAyBjB,EAAE,YAAYtC,CAAC,EAAGA,CAAC,CAEhD,CAEA,SAASsD,GAA4BtC,EAAsC,CAEzE,GADAY,EAAqBZ,EAAM,OAAQ,gBAAgB,EAC/C,OAAOA,EAAM,QAAW,UAC1B,MAAM,IAAIG,EACR,0EAA0EJ,EAAQC,EAAM,MAAM,CAAC,EAAA,EAMnG,GAHAY,EAAqBZ,EAAM,WAAY,oBAAoB,EAC3DY,EAAqBZ,EAAM,eAAgB,wBAAwB,EACnEY,EAAqBZ,EAAM,YAAa,qBAAqB,EACzD,OAAOA,EAAM,YAAe,SAC9B,MAAM,IAAIG,EACR,6EAA6EJ,EAAQC,EAAM,UAAU,CAAC,EAAA,EAG1G,GAAI,OAAOA,EAAM,YAAe,SAC9B,MAAM,IAAIG,EACR,6EAA6EJ,EAAQC,EAAM,UAAU,CAAC,EAAA,CAG5G,CAEA,SAASuC,GAAyBvC,EAAgBwC,EAAqB,CACrE,GAAIxC,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,+CAA+CqC,CAAK,6BAA6BzC,EAAQC,CAAK,CAAC,EAAA,EAGnG,MAAM6B,EAAI7B,EAcV,GAbAY,EAAqBiB,EAAE,OAAQ,eAAeW,CAAK,UAAU,EAC7D5B,EAAqBiB,EAAE,WAAY,eAAeW,CAAK,cAAc,EACrE5B,EAAqBiB,EAAE,eAAgB,eAAeW,CAAK,kBAAkB,EAC7EC,EAAqBZ,EAAE,YAAa,eAAeW,CAAK,eAAe,EACvEC,EACEZ,EAAE,wBACF,eAAeW,CAAK,2BAAA,EAEtBC,EACEZ,EAAE,wBACF,eAAeW,CAAK,2BAAA,EAEtBC,EAAqBZ,EAAE,cAAe,eAAeW,CAAK,iBAAiB,EACvE,OAAOX,EAAE,YAAe,SAC1B,MAAM,IAAI1B,EACR,+CAA+CqC,CAAK,uCAAuCzC,EAAQ8B,EAAE,UAAU,CAAC,EAAA,EAGpH,GAAI,OAAOA,EAAE,YAAe,SAC1B,MAAM,IAAI1B,EACR,+CAA+CqC,CAAK,uCAAuCzC,EAAQ8B,EAAE,UAAU,CAAC,EAAA,CAGtH,CAEA,SAASY,EAAqBzC,EAAgBW,EAAqB,CACjE,GAAIX,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIG,EACR,mCAAmCQ,CAAK,mCAAmCZ,EAAQC,CAAK,CAAC,EAAA,CAG/F,CAOO,SAAS0C,GACdrB,EACiD,CACjDsB,GAAsBtB,EAAU,sBAAwBuB,GAAU,CAC5DA,EAAM,SAAW,MACnBxB,GAA+BwB,EAAM,MAAM,CAE/C,CAAC,CACH,CAGO,SAASC,GACdxB,EACkD,CAClDsB,GAAsBtB,EAAU,uBAAyBuB,GAAU,CAC7DA,EAAM,SAAW,MACnBP,GAAgCO,EAAM,MAAM,CAEhD,CAAC,CACH,CAQA,SAASD,GACPtB,EACAyB,EACAC,EACM,CACN,GAAI1B,IAAa,MAAQ,OAAOA,GAAa,SAC3C,MAAM,IAAIlB,EACR,kCAAkC2C,CAAO,4BAAA,EAG7C,MAAMxB,EAAID,EACV,GAAI,CAAC,MAAM,QAAQC,EAAE,OAAO,EAC1B,MAAM,IAAInB,EACR,mCAAmC2C,CAAO,mCAAmC/C,EAAQuB,EAAE,OAAO,CAAC,EAAA,EAGnG,QAAStC,EAAI,EAAGA,EAAIsC,EAAE,QAAQ,OAAQtC,IAAK,CACzC,MAAM4D,EAAQtB,EAAE,QAAQtC,CAAC,EACzB,GAAI4D,IAAU,MAAQ,OAAOA,GAAU,SACrC,MAAM,IAAIzC,EACR,mCAAmC2C,CAAO,YAAY9D,CAAC,6BAA6Be,EAAQ6C,CAAK,CAAC,EAAA,EAGtG,MAAMI,EAAIJ,EACV,GACE,CAACrC,EAAcyC,EAAE,UAAU,GAC3BA,EAAE,WAAW,SAAW1C,EAExB,MAAM,IAAIH,EACR,mCAAmC2C,CAAO,YAAY9D,CAAC,2BAA2BsB,CAAY,yBAAyBP,EAAQiD,EAAE,UAAU,CAAC,EAAA,EAGhJ,GAAIA,EAAE,QAAU,MAAQ,OAAOA,EAAE,OAAU,SACzC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY9D,CAAC,0CAA0Ce,EAAQiD,EAAE,KAAK,CAAC,EAAA,EAMrH,GAAIA,EAAE,SAAW,MAAQA,EAAE,QAAU,KACnC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY9D,CAAC,+CAAA,EAG3D,GAAIgE,EAAE,SAAW,MAAQA,EAAE,QAAU,KACnC,MAAM,IAAI7C,EACR,mCAAmC2C,CAAO,YAAY9D,CAAC,4CAAA,EAG3D+D,EAAoBC,EAAqChE,CAAC,CAC5D,CACF,CAEA,SAASyC,GACPwB,EACM,CAMN,GALAvB,EAAwBuB,EAAM,SAAU,0BAA0B,EAClEvB,EAAwBuB,EAAM,UAAW,2BAA2B,EACpEvB,EAAwBuB,EAAM,UAAW,2BAA2B,EACpErC,EAAqBqC,EAAM,YAAa,6BAA6B,EAEjE,CAAC,MAAM,QAAQA,EAAM,uBAAuB,EAC9C,MAAM,IAAI9C,EACR,2FAAA,EAIJ,QAASnB,EAAI,EAAGA,EAAIiE,EAAM,wBAAwB,OAAQjE,IACxD8C,GACEmB,EAAM,wBAAwBjE,CAAC,EAC/B,2CAA2CA,CAAC,GAAA,EAIhD,GAAI,OAAOiE,EAAM,yBAA4B,SAC3C,MAAM,IAAI9C,EACR,2FAAA,CAGN,CC/hBA,MAAM+C,GAAqB,IAWpB,MAAMC,EAEb,CAGE,YAAYC,EAAiBC,EAAyC,CAF9DhD,EAAA,eAGN,MAAM3B,EAA8B,CAClC,QAAA0E,EACA,SAASC,GAAA,YAAAA,EAAS,UAAWH,GAC7B,QAASG,GAAA,YAAAA,EAAS,QAClB,WAAYA,GAAA,YAAAA,EAAS,WACrB,aAAcA,GAAA,YAAAA,EAAS,aACvB,QAASA,GAAA,YAAAA,EAAS,QAClB,cAAeA,GAAA,YAAAA,EAAS,cACxB,iBAAkBA,GAAA,YAAAA,EAAS,gBAAA,EAE7B,KAAK,OAAS,IAAIC,EAAAA,cAAc5E,CAAM,CACxC,CAMA,MAAM,oCACJV,EACAuF,EACsD,CACtD,MAAMlC,EAAW,MAAM,KAAK,OAAO,KAGjC,oDAAqDrD,EAAQuF,CAAM,EACrE,OAAAhC,GAAoDF,CAAQ,EACrDA,CACT,CAMA,MAAM,6BACJrD,EACAuF,EACe,CACf,OAAO,KAAK,OAAO,KACjB,6CACAvF,EACAuF,CAAA,CAEJ,CAOA,MAAM,uBACJvF,EACAuF,EACe,CACf,OAAO,KAAK,OAAO,KACjB,uCACAvF,EACAuF,CAAA,CAEJ,CAMA,MAAM,iCACJvF,EACAuF,EACmD,CACnD,MAAMlC,EAAW,MAAM,KAAK,OAAO,KAGjC,iDAAkDrD,EAAQuF,CAAM,EAClE,OAAAvB,GAAiDX,CAAQ,EAClDA,CACT,CAGA,MAAM,eACJrD,EACAuF,EACiC,CACjC,MAAMlC,EAAW,MAAM,KAAK,OAAO,KACjC,+BACArD,EACAuF,CAAA,EAEF,OAAAnC,GAA+BC,CAAQ,EAChCA,CACT,CAOA,MAAM,oBACJrD,EACAuF,EACsC,CACtC,MAAMlC,EAAW,MAAM,KAAK,OAAO,KAGjC,oCAAqCrD,EAAQuF,CAAM,EACrD,OAAAb,GAAoCrB,CAAQ,EACrCA,CACT,CAMA,MAAM,qBACJrD,EACAuF,EACuC,CACvC,MAAMlC,EAAW,MAAM,KAAK,OAAO,KAGjC,qCAAsCrD,EAAQuF,CAAM,EACtD,OAAAV,GAAqCxB,CAAQ,EACtCA,CACT,CACF,CCnKO,SAASmC,GACdC,EACAnF,EAC2B,CAC3B,MAAMoF,MAAmB,IACzB,UAAWC,KAAQF,EACjBC,EAAa,IAAIC,EAAK,aAAa,EAGrC,MAAMC,MAAa,IAIbC,MAAW,IACXC,EAAsB,CAAA,EACtBC,EAAuB,CAAA,EAE7B,UAAWnB,KAAStE,EAAS,CAC3B,MAAM0F,EAAQpB,EAAM,WAAW,YAAA,EAC/B,GAAI,CAACc,EAAa,IAAIM,CAAK,EAAG,CAC5BD,EAAW,KAAKC,CAAK,EACrB,QACF,CACA,GAAIH,EAAK,IAAIG,CAAK,EAAG,CACnBF,EAAU,KAAKE,CAAK,EACpB,QACF,CACAH,EAAK,IAAIG,CAAK,EACdJ,EAAO,IAAII,EAAO,CAAE,OAAQpB,EAAM,OAAQ,MAAOA,EAAM,MAAO,CAChE,CAEA,MAAMqB,EAAoB,CAAA,EAC1B,UAAWN,KAAQD,EACZG,EAAK,IAAIF,CAAI,GAAGM,EAAQ,KAAKN,CAAI,EAGxC,MAAO,CAAE,OAAAC,EAAQ,QAAAK,EAAS,WAAAF,EAAY,UAAAD,CAAA,CACxC,CCRA,eAAsBI,GACpBb,EACe,CACf,KAAM,CACJ,MAAAc,EACA,QAAAC,EACA,UAAAC,EACA,OAAAC,EACA,UAAAC,EACA,YAAAC,EACA,iBAAAC,EACA,kBAAAC,EACA,aAAAC,EACA,UAAAC,EAAYC,EAAAA,iBAAA,EACVxB,EAEJ,GAAI,CAAC,OAAO,UAAUuB,CAAS,GAAKA,GAAa,EAC/C,MAAM,IAAI,MACR,kEAAkEA,CAAS,EAAA,EAI/E,QAAS5F,EAAI,EAAGA,EAAImF,EAAM,OAAQnF,GAAK4F,EAAW,CAChD,MAAME,EAAQX,EAAM,MAAMnF,EAAGA,EAAI4F,CAAS,EACpCG,MAAiB,IACjBC,EAAkB,CAAA,EACxB,UAAWC,KAAQH,EAAO,CACxB,MAAMI,EAAYd,EAAQa,CAAI,EAAE,YAAA,EAChCF,EAAW,IAAIG,EAAWD,CAAI,EAC9BD,EAAM,KAAKE,CAAS,CACtB,CAKA,IAAIC,EACJ,GAAI,CACF,MAAM9D,EAAW,MAAMgD,EAAUW,CAAK,EACtCG,EAAc3B,GAA+BwB,EAAO3D,EAAS,OAAO,CACtE,OAASjC,EAAO,CACdsF,EAAkBI,EAAO1F,CAAK,EAC9B,QACF,CAEIuF,GAAgBQ,EAAY,WAAW,OAAS,GAClDR,EAAaQ,EAAY,UAAU,EAGrC,MAAMC,EAAiB,IAAI,IAAID,EAAY,SAAS,EACpD,UAAWxB,KAAQyB,EAAgB,CACjC,MAAMH,EAAOF,EAAW,IAAIpB,CAAI,EAC5BsB,KAAkBA,CAAI,CAC5B,CACIR,GAAoBW,EAAe,KAAO,GAC5CX,EAAiBW,EAAe,IAAI,EAEtC,UAAWzB,KAAQwB,EAAY,QAAS,CACtC,MAAMF,EAAOF,EAAW,IAAIpB,CAAI,EAC5BsB,KAAgBA,CAAI,CAC1B,CACA,SAAW,CAACtB,EAAM0B,CAAQ,IAAKF,EAAY,OAAQ,CAEjD,GAAIC,EAAe,IAAIzB,CAAI,EAAG,SAC9B,MAAMsB,EAAOF,EAAW,IAAIpB,CAAI,EAC3BsB,GACLX,EAAOW,EAAM,CACX,WAAYtB,EACZ,OAAQ0B,EAAS,OACjB,MAAOA,EAAS,KAAA,CACjB,CACH,CACF,CACF,CCpGA,MAAMC,GAAa,yBAGbC,GAAe,WAEfC,GAAqB,GACrBC,GAAmB,GAMzB,SAASC,GAAWC,EAAaC,EAA8B,CAC7D,MAAMC,EAAW,IAAI,cAAc,OAAOF,CAAG,EACvCG,EAAUC,EAAAA,OAAOF,CAAQ,EACzBG,EAAW,IAAI,WAAWF,EAAQ,OAAS,EAAIF,EAAK,MAAM,EAChE,OAAAI,EAAS,IAAIF,EAAS,CAAC,EACvBE,EAAS,IAAIF,EAASA,EAAQ,MAAM,EACpCE,EAAS,IAAIJ,EAAME,EAAQ,OAAS,CAAC,EAC9BC,EAAAA,OAAOC,CAAQ,CACxB,CAYA,SAASC,GAAcC,EAAsC,CAC3D,GAAIA,EAAM,SAAWV,GAAoB,OAAO,KAChD,MAAMW,EAAQT,GAAWH,GAAcW,CAAK,EACtCE,EAAUC,EAAI,mBAAmBH,EAAOC,CAAK,EACnD,OAAOC,EAAUA,EAAQ,YAAc,IACzC,CAoBO,SAASE,GACdC,EACAC,EACAC,EACS,CAET,GADID,EAAY,SAAWhB,IACvBiB,EAAU,SAAWhB,GAAkB,MAAO,GAOlD,GAAI,CAEF,MAAMiB,EAAchB,GAAWJ,GAAYiB,CAAY,EAKjDI,EAAOC,EAAAA,SAAS,KAAK,CACzB,eAAgBC,EAAAA,OAAO,KAAKL,CAAW,CAAA,CACxC,EACD,GAAI,CAACG,EAAK,OAAQ,MAAO,GACzB,MAAMG,EAAeH,EAAK,OAUpBI,EAAY,EACZC,EAAU,IAAIC,cACpBD,EAAQ,QAAU,EAClBA,EAAQ,SAAW,EAEnB,MAAME,EAAYL,EAAAA,OAAO,OAAO,CAC9BA,EAAAA,OAAO,KAAK,CAAC,EAAM,EAAI,CAAC,EACxBA,EAAAA,OAAO,KAAKH,CAAW,CAAA,CACxB,EACDM,EAAQ,SACNH,SAAO,MAAM,GAAI,CAAC,EAClB,WACA,EACAK,CAAA,EAEFF,EAAQ,UAAUF,EAAcC,CAAS,EAGzC,MAAMI,EAAS,IAAIF,cACnBE,EAAO,QAAU,EACjBA,EAAO,SAAW,EAElB,MAAMC,EAAcJ,EAAQ,QAAA,EAC5BG,EAAO,SAASC,EAAa,EAAG,CAAC,EACjCD,EAAO,UAAUN,SAAO,KAAK,CAAC,GAAI,CAAC,EAAGE,CAAS,EAG/C,MAAMM,EAAUF,EAAO,iBACrB,EACA,CAACL,CAAY,EACb,CAACC,CAAS,EACVE,cAAY,eAAA,EAIRK,EAAerB,GAAcO,CAAW,EAC9C,OAAKc,EAEEjB,EAAI,cAAcgB,EAASC,EAAcb,CAAS,EAF/B,EAG5B,MAAQ,CACN,MAAO,EACT,CACF,CC9IA,SAASc,EAASC,EAAeC,EAAkC,CACjE,MAAM9B,GAAO6B,EAAQ,IAAS,EACxB,EAAI,OAAOC,GAAQ,SAAWA,EAAM,OAAOA,CAAG,EACpD,GAAI,EAAI,GAAI,MAAM,IAAI,MAAM,6BAA6B,EAEzD,GAAI,EAAI,IAAK,OAAO,IAAI,WAAW,CAAC9B,EAAM,OAAO,CAAC,CAAC,CAAC,EACpD,GAAI,EAAI,OAAQ,OAAO,IAAI,WAAW,CAACA,EAAM,GAAI,OAAO,CAAC,CAAC,CAAC,EAC3D,GAAI,EAAI,SAAU,CAChB,MAAMzG,EAAI,OAAO,CAAC,EAClB,OAAO,IAAI,WAAW,CAACyG,EAAM,GAAKzG,IAAM,EAAK,IAAMA,EAAI,GAAI,CAAC,CAC9D,CACA,GAAI,EAAI,aAAgB,CACtB,MAAMA,EAAI,OAAO,CAAC,EAClB,OAAO,IAAI,WAAW,CACpByG,EAAM,GACLzG,IAAM,GAAM,IACZA,IAAM,GAAM,IACZA,IAAM,EAAK,IACZA,EAAI,GAAA,CACL,CACH,CAEA,MAAMwI,EAAM,IAAI,WAAW,CAAC,EAC5BA,EAAI,CAAC,EAAI/B,EAAM,GACf,QAAS,EAAI,EAAG,GAAK,EAAG,IACtB+B,EAAI,EAAI,CAAC,EAAI,OAAO,GAAK,QAAQ,EAAI,GAAK,CAAC,CAAC,EAAI,IAElD,OAAOA,CACT,CAEA,SAASC,MAAUC,EAAiC,CAClD,MAAMC,EAAQD,EAAM,OAAO,CAAC,EAAGzG,IAAM,EAAIA,EAAE,OAAQ,CAAC,EAC9CuG,EAAM,IAAI,WAAWG,CAAK,EAChC,IAAIC,EAAS,EACb,UAAW3G,KAAKyG,EACdF,EAAI,IAAIvG,EAAG2G,CAAM,EACjBA,GAAU3G,EAAE,OAEd,OAAOuG,CACT,CASA,SAASK,EAAuBC,EAA+B,CAE7D,MAAM7D,EAAsB,CADboD,EAAS,EAAGS,EAAM,MAAM,CACJ,EACnC,UAAWC,KAAKD,EACd7D,EAAM,KAAKoD,EAAS,EAAGU,CAAC,CAAC,EAE3B,OAAON,GAAO,GAAGxD,CAAK,CACxB,CAsBO,SAAS+D,GACdC,EACAC,EACAC,EACY,CACZ,GAAI,CAAC,OAAO,cAAcA,CAAS,GAAKA,EAAY,EAClD,MAAM,IAAI,MACR,oFAAoFA,CAAS,EAAA,EAGjG,MAAMC,EAAcf,EAAS,EAAG,CAAC,EAC3BgB,EAAcR,EAAuBI,CAAM,EAC3CK,EAAcT,EAAuBK,CAAyB,EAC9DK,EAAiBlB,EAAS,EAAGc,CAAS,EAC5C,OAAOV,GAAOW,EAAaC,EAAaC,EAAaC,CAAc,CACrE,CCzFA,MAAMC,GAAyB,IAAI,YAAA,EAAc,OAC/C,6BACF,EAQMC,GAAkC,EAAI,KA+BrC,MAAMC,UAA4B,KAAM,CAC7C,YACEC,EACgBC,EAUhB,CACA,MAAMD,CAAO,EAXG,KAAA,OAAAC,EAYhB,KAAK,KAAO,qBACd,CACF,CAGA,SAASC,EAAWC,EAAyB,CAC3C,MAAMtB,EAAM,IAAI,WAAWsB,EAAI,OAAS,CAAC,EACzC,QAAShK,EAAI,EAAGA,EAAI0I,EAAI,OAAQ1I,IAC9B0I,EAAI1I,CAAC,EAAI,SAASgK,EAAI,MAAMhK,EAAI,EAAGA,EAAI,EAAI,CAAC,EAAG,EAAE,EAEnD,OAAO0I,CACT,CAsBO,SAASuB,GAAqBC,EAAwC,CAC3E,KAAM,CAAE,MAAAC,EAAO,mBAAAC,EAAoB,IAAAC,CAAA,EAAQH,EACrCI,EACJJ,EAAM,iBAAmBP,GAErBY,EAASC,EAAAA,eAAeJ,CAAkB,EAAE,YAAA,EAClD,GAAIG,EAAO,SAAWzI,EAAAA,uBAAyB,CAACN,EAAAA,OAAO,KAAK+I,CAAM,EAChE,MAAM,IAAIX,EACR,+CAA+CW,EAAO,MAAM,SAC5D,yBAAA,EAIJ,MAAME,EAASD,EAAAA,eAAeL,EAAM,aAAa,EAAE,YAAA,EACnD,GAAIM,EAAO,SAAW3I,EAAAA,uBAAyB,CAACN,EAAAA,OAAO,KAAKiJ,CAAM,EAChE,MAAM,IAAIb,EACR,0CAA0Ca,EAAO,MAAM,SACvD,yBAAA,EAIJ,GAAIA,IAAWF,EACb,MAAM,IAAIX,EACR,uDAAuDW,CAAM,SAASE,CAAM,GAC5E,wBAAA,EAWJ,GAAI,CAAC,OAAO,cAAcN,EAAM,UAAU,EACxC,MAAM,IAAIP,EACR,4CAA4C,KAAK,UAAUO,EAAM,UAAU,CAAC,GAC5E,oBAAA,EAGJ,GAAI,CAAC,OAAO,cAAcE,CAAG,EAC3B,MAAM,IAAIT,EACR,qCAAqC,KAAK,UAAUS,CAAG,CAAC,GACxD,oBAAA,EAGJ,GAAIF,EAAM,YAAcE,EACtB,MAAM,IAAIT,EACR,oCAAoCO,EAAM,UAAU,SAASE,CAAG,GAChE,SAAA,EAGJ,GAAI,CAAC,OAAO,cAAcC,CAAe,GAAKA,GAAmB,EAC/D,MAAM,IAAIV,EACR,wDAAwD,KAAK,UAAUU,CAAe,CAAC,GACvF,sBAAA,EAGJ,GAAIH,EAAM,WAAaE,EAAMC,EAC3B,MAAM,IAAIV,EACR,mEACgBO,EAAM,UAAU,SAASE,CAAG,kBAAkBC,CAAe,IAC7E,iBAAA,EAIJ,MAAMI,EAAMF,EAAAA,eAAeL,EAAM,gBAAgB,EAAE,YAAA,EACnD,GAAIO,EAAI,SAAW3I,EAAAA,2BAA6B,CAACP,EAAAA,OAAO,KAAKkJ,CAAG,EAC9D,MAAM,IAAId,EACR,wDAAwDc,EAAI,MAAM,SAClE,0BAAA,EAGJ,MAAMC,EAASD,EAAI,MAAM,EAAG,CAAC,EAC7B,GAAIC,IAAW,MAAQA,IAAW,KAChC,MAAM,IAAIf,EACR,2DAA2De,CAAM,GACjE,0BAAA,EASJ,MAAMC,EAAWb,EAAWW,CAAG,EAC/B,GAAI,CAACrD,EAAI,QAAQuD,CAAQ,EACvB,MAAM,IAAIhB,EACR,kDACA,0BAAA,EAIJ,MAAMiB,EAAML,EAAAA,eAAeL,EAAM,SAAS,EAAE,YAAA,EAC5C,GAAIU,EAAI,SAAWC,EAAAA,qBAAuB,CAACtJ,EAAAA,OAAO,KAAKqJ,CAAG,EACxD,MAAM,IAAIjB,EACR,8CAA8CiB,EAAI,MAAM,SACxD,4BAAA,EAQJ,MAAME,EAAU7B,GACdQ,GACAK,EAAWW,CAAG,EACdP,EAAM,UAAA,EAGR,GAAI,CADa7C,GAAmByD,EAAShB,EAAWU,CAAM,EAAGV,EAAWc,CAAG,CAAC,EAE9E,MAAM,IAAIjB,EACR,gGACA,+BAAA,CAGN,CClOO,MAAMoB,MAA8C,IAAI,CAC7D,uCACA,6CACA,mDACF,CAAC,EAEYC,MAAmD,IAAI,CAClE,gDACF,CAAC,ECjBKC,GAAuB,IAEhBC,EAAqB,4BAQrBC,EAA0B,gCAEhC,SAASC,GACdjH,EACAkH,EACe,CACf,OAAO,IAAIhH,EAAAA,cAAc,CACvB,QAAAF,EACA,QAAS8G,GACT,QAAAI,EACA,aAAeC,GACbA,IAAWJ,GAAsBI,IAAWH,CAAA,CAC/C,CACH,CCUA,MAAMI,GAAsB,WAOtBC,GAA4B,GAqD3B,MAAMC,EAA+C,CAqB1D,YAAYhM,EAA+B,CAhBnC2B,EAAA,eACSA,EAAA,kBACAA,EAAA,sBACAA,EAAA,2BACAA,EAAA,yBACAA,EAAA,yBACAA,EAAA,wBACAA,EAAA,YAGTA,EAAA,qBAAoC,MACpCA,EAAA,uBAA+C,MAE/CA,EAAA,kBAAiC,MACjCA,EAAA,oBAA4C,MAGlD,KAAK,OAAS3B,EAAO,OACrB,KAAK,UAAYA,EAAO,UACxB,KAAK,cAAgBA,EAAO,cAC5B,KAAK,mBAAqBA,EAAO,mBACjC,KAAK,iBAAmBA,EAAO,iBAC/B,KAAK,iBAAmBA,EAAO,iBAC/B,KAAK,gBAAkBA,EAAO,iBAAmB+L,GACjD,KAAK,IAAM/L,EAAO,MAAQ,IAAM,KAAK,MAAM,KAAK,MAAQ,GAAI,EAC9D,CAmBA,MAAM,SAAS6L,EAAwC,CACrD,OAAIA,IAAWJ,GAAsBI,IAAWH,EACvC,KAGL,KAAK,iBAAiB,IAAIG,CAAM,EAC3B,KAAK,mBAAmB,MAAM,EAEnC,KAAK,iBAAiB,IAAIA,CAAM,EAC3B,KAAK,mBAAmB,SAAS,EAEnC,IACT,CAYA,YAAmB,CACjB,KAAK,cAAgB,KACrB,KAAK,WAAa,IAKpB,CAEA,MAAc,mBACZI,EACiB,CACjB,MAAMC,EACJD,IAAY,OAAS,KAAK,WAAa,KAAK,cAC9C,OAAIC,GAAU,KAAK,IAAA,EAAQ,KAAK,gBAAkBA,EAAO,UAChDA,EAAO,OAEF,MAAM,KAAK,oBAAoBD,CAAO,GACvC,KACf,CAUA,UAAUE,EAA6B,CACrC,KAAK,OAASA,CAChB,CAEQ,oBACNF,EACsB,CACtB,MAAMG,EACJH,IAAY,OAAS,KAAK,aAAe,KAAK,gBAChD,GAAIG,EAAU,OAAOA,EAErB,MAAMC,EACJJ,IAAY,OAASP,EAA0BD,EAE3ChJ,GAAK,SAAY,CACrB,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,OAAO,KAGjC0J,EAAa,CACb,WAAY,KAAK,UACjB,YAAa,KAAK,aAAA,CACnB,EAWD,GATA9B,GAAqB,CACnB,MAAO5H,EAAS,gBAChB,mBAAoB,KAAK,mBACzB,IAAK,KAAK,IAAA,CAAI,CACf,EAKG,OAAOA,EAAS,OAAU,UAAYA,EAAS,MAAM,SAAW,EAClE,MAAM,IAAI,MACR,sFAAsF,OAAOA,EAAS,KAAK,GAAA,EAG/G,MAAMgI,EAAM,KAAK,IAAA,EACjB,GACE,CAAC,OAAO,cAAchI,EAAS,UAAU,GACzCA,EAAS,YAAcgI,GACvBhI,EAAS,WAAamJ,GAEtB,MAAM,IAAI,MACR,gEAAgE,KAAK,UAAUnJ,EAAS,UAAU,CAAC,gCAAgCgI,CAAG,KAAKmB,EAAmB,IAAA,EAIlK,MAAMQ,EAAqB,CACzB,MAAO3J,EAAS,MAChB,UAAWA,EAAS,UAAA,EAEtB,OAAIsJ,IAAY,OACd,KAAK,WAAaK,EAElB,KAAK,cAAgBA,EAEhBA,CACT,QAAA,CACML,IAAY,OACd,KAAK,aAAe,KAEpB,KAAK,gBAAkB,IAE3B,CACF,GAAA,EAEA,OAAIA,IAAY,OACd,KAAK,aAAexJ,EAEpB,KAAK,gBAAkBA,EAElBA,CACT,CACF,CCnPO,MAAM8J,EAAgB,CAAtB,cACY5K,EAAA,mBAAc,KAU/B,YAAY6I,EAA8C,CAOxD,MAAMgC,EAAchC,EAAM,wBAA0B,GAE9C4B,EAAW,KAAK,QAAQ,IAAI5B,EAAM,SAAS,EACjD,GAAI4B,EAAU,CACZ,GAAIA,EAAS,gBAAkB5B,EAAM,cACnC,MAAM,IAAI,MACR,8BAA8BA,EAAM,SAAS,mCAAmC4B,EAAS,cAAc,MAAM,EAAG,CAAC,CAAC,UAAU5B,EAAM,cAAc,MAAM,EAAG,CAAC,CAAC,GAAA,EAG/J,GAAI4B,EAAS,qBAAuB5B,EAAM,mBACxC,MAAM,IAAI,MACR,8BAA8BA,EAAM,SAAS,wCAAwC4B,EAAS,mBAAmB,MAAM,EAAG,CAAC,CAAC,UAAU5B,EAAM,mBAAmB,MAAM,EAAG,CAAC,CAAC,GAAA,EAO9K,GAAI4B,EAAS,yBAA2BI,EACtC,MAAM,IAAI,MACR,8BAA8BhC,EAAM,SAAS,4CAA4C4B,EAAS,sBAAsB,SAASI,CAAW,EAAA,EAMhJ,OAAAJ,EAAS,SAAS,UAAU5B,EAAM,MAAM,EACjC4B,EAAS,QAClB,CAEA,MAAMK,EAAW,IAAIT,GAAgB,CACnC,OAAQxB,EAAM,OACd,UAAWA,EAAM,UACjB,cAAeA,EAAM,cACrB,mBAAoBA,EAAM,mBAC1B,iBAAkBgC,EACdlB,EACA,IAAI,IAAI,CAAC,GAAGA,EAAoB,GAAGC,CAAuB,CAAC,EAC/D,iBAAkBiB,EAAcjB,EAA0B,IAAI,GAAI,CACnE,EACD,YAAK,QAAQ,IAAIf,EAAM,UAAW,CAChC,SAAAiC,EACA,cAAejC,EAAM,cACrB,mBAAoBA,EAAM,mBAC1B,uBAAwBgC,CAAA,CACzB,EACMC,CACT,CAGA,KAAKC,EAAgD,OACnD,OAAOnL,EAAA,KAAK,QAAQ,IAAImL,CAAS,IAA1B,YAAAnL,EAA6B,QACtC,CAOA,QAAQmL,EAAyB,CAC/B,KAAK,QAAQ,OAAOA,CAAS,CAC/B,CAQA,OAAc,CACZ,KAAK,QAAQ,MAAA,CACf,CAEA,IAAI,MAAe,CACjB,OAAO,KAAK,QAAQ,IACtB,CACF,CAaO,MAAMC,EAAyC,IAAIJ,GC3GnD,SAASK,GACd5M,EACwB,OACxB,MAAM6M,EAAmBlB,GACvB3L,EAAO,SACPuB,EAAAvB,EAAO,UAAP,YAAAuB,EAAgB,OAAA,EAGZuL,EAAgBH,EAAgB,YAAY,CAChD,OAAQE,EACR,UAAW7M,EAAO,UAClB,cAAeA,EAAO,cACtB,mBAAoBA,EAAO,mBAC3B,uBAAwBA,EAAO,sBAAA,CAChC,EAED,OAAO,IAAIyE,GAAuBzE,EAAO,QAAS,CAChD,GAAGA,EAAO,QACV,cAAA8M,CAAA,CACD,CACH,CC3BO,SAASC,GAAqBvC,EAA+B,CAClEmC,EAAgB,YAAY,CAC1B,OAAQhB,GAAsBnB,EAAM,QAASA,EAAM,OAAO,EAC1D,UAAWA,EAAM,UACjB,cAAeA,EAAM,cACrB,mBAAoBA,EAAM,mBAC1B,uBAAwBA,EAAM,sBAAA,CAC/B,CACH"}