@bcts/xid 1.0.0-alpha.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. package/LICENSE +48 -0
  2. package/README.md +15 -0
  3. package/dist/index.cjs +1943 -0
  4. package/dist/index.cjs.map +1 -0
  5. package/dist/index.d.cts +1038 -0
  6. package/dist/index.d.cts.map +1 -0
  7. package/dist/index.d.mts +1038 -0
  8. package/dist/index.d.mts.map +1 -0
  9. package/dist/index.iife.js +1942 -0
  10. package/dist/index.iife.js.map +1 -0
  11. package/dist/index.mjs +1923 -0
  12. package/dist/index.mjs.map +1 -0
  13. package/package.json +81 -0
  14. package/src/delegate.ts +132 -0
  15. package/src/error.ts +305 -0
  16. package/src/index.ts +65 -0
  17. package/src/key.ts +431 -0
  18. package/src/name.ts +42 -0
  19. package/src/permissions.ts +229 -0
  20. package/src/privilege.ts +160 -0
  21. package/src/provenance.ts +374 -0
  22. package/src/service.ts +343 -0
  23. package/src/shared.ts +76 -0
  24. package/src/xid-document.ts +862 -0
package/dist/index.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.mjs","names":["kv","privateKeys: { data: PrivateKeyData; salt: Salt } | undefined","salt: Salt","kv","KEY_RAW","DELEGATE_RAW","hexToBytes","XIDDocumentClass: {\n tryFromEnvelope(envelope: Envelope): XIDDocumentType;\n} | null","kv","generator: { data: GeneratorData; salt: Salt } | undefined","salt: Salt"],"sources":["../src/error.ts","../src/privilege.ts","../src/permissions.ts","../src/name.ts","../src/shared.ts","../src/key.ts","../src/service.ts","../src/delegate.ts","../src/provenance.ts","../src/xid-document.ts","../src/index.ts"],"sourcesContent":["/**\n * XID Error Types\n *\n * Error types returned when operating on XID Documents.\n * Ported from bc-xid-rust/src/error.rs\n */\n\nexport enum XIDErrorCode {\n DUPLICATE = \"DUPLICATE\",\n NOT_FOUND = \"NOT_FOUND\",\n STILL_REFERENCED = \"STILL_REFERENCED\",\n EMPTY_VALUE = \"EMPTY_VALUE\",\n UNKNOWN_PRIVILEGE = \"UNKNOWN_PRIVILEGE\",\n INVALID_XID = \"INVALID_XID\",\n MISSING_INCEPTION_KEY = \"MISSING_INCEPTION_KEY\",\n INVALID_RESOLUTION_METHOD = \"INVALID_RESOLUTION_METHOD\",\n MULTIPLE_PROVENANCE_MARKS = \"MULTIPLE_PROVENANCE_MARKS\",\n UNEXPECTED_PREDICATE = \"UNEXPECTED_PREDICATE\",\n UNEXPECTED_NESTED_ASSERTIONS = \"UNEXPECTED_NESTED_ASSERTIONS\",\n NO_PERMISSIONS = \"NO_PERMISSIONS\",\n NO_REFERENCES = \"NO_REFERENCES\",\n UNKNOWN_KEY_REFERENCE = \"UNKNOWN_KEY_REFERENCE\",\n UNKNOWN_DELEGATE_REFERENCE = \"UNKNOWN_DELEGATE_REFERENCE\",\n KEY_NOT_FOUND_IN_DOCUMENT = \"KEY_NOT_FOUND_IN_DOCUMENT\",\n DELEGATE_NOT_FOUND_IN_DOCUMENT = \"DELEGATE_NOT_FOUND_IN_DOCUMENT\",\n INVALID_PASSWORD = \"INVALID_PASSWORD\",\n ENVELOPE_NOT_SIGNED = \"ENVELOPE_NOT_SIGNED\",\n SIGNATURE_VERIFICATION_FAILED = \"SIGNATURE_VERIFICATION_FAILED\",\n NO_PROVENANCE_MARK = \"NO_PROVENANCE_MARK\",\n GENERATOR_CONFLICT = \"GENERATOR_CONFLICT\",\n NO_GENERATOR = \"NO_GENERATOR\",\n CHAIN_ID_MISMATCH = \"CHAIN_ID_MISMATCH\",\n SEQUENCE_MISMATCH = \"SEQUENCE_MISMATCH\",\n ENVELOPE_PARSING = \"ENVELOPE_PARSING\",\n COMPONENT = \"COMPONENT\",\n CBOR = \"CBOR\",\n PROVENANCE_MARK = \"PROVENANCE_MARK\",\n}\n\nexport class XIDError extends Error {\n readonly code: XIDErrorCode;\n declare readonly cause?: Error;\n\n constructor(code: XIDErrorCode, message: string, cause?: Error) {\n super(message);\n this.name = \"XIDError\";\n this.code = code;\n if (cause !== undefined) {\n this.cause = cause;\n }\n\n // Maintains proper stack trace for where our error was thrown (only available on V8)\n if (\"captureStackTrace\" in Error) {\n (\n Error as {\n captureStackTrace(target: object, constructor: typeof XIDError): void;\n }\n ).captureStackTrace(this, XIDError);\n }\n }\n\n /**\n * Returned when attempting to add a duplicate item.\n */\n static duplicate(item: string): XIDError {\n return new XIDError(XIDErrorCode.DUPLICATE, `duplicate item: ${item}`);\n }\n\n /**\n * Returned when an item is not found.\n */\n static notFound(item: string): XIDError {\n return new XIDError(XIDErrorCode.NOT_FOUND, `item not found: ${item}`);\n }\n\n /**\n * Returned when an item is still referenced by other items.\n */\n static stillReferenced(item: string): XIDError {\n return new XIDError(XIDErrorCode.STILL_REFERENCED, `item is still referenced: ${item}`);\n }\n\n /**\n * Returned when a value is invalid or empty.\n */\n static emptyValue(field: string): XIDError {\n return new XIDError(XIDErrorCode.EMPTY_VALUE, `invalid or empty value: ${field}`);\n }\n\n /**\n * Returned when an unknown privilege is encountered.\n */\n static unknownPrivilege(): XIDError {\n return new XIDError(XIDErrorCode.UNKNOWN_PRIVILEGE, \"unknown privilege\");\n }\n\n /**\n * Returned when the XID is invalid.\n */\n static invalidXid(): XIDError {\n return new XIDError(XIDErrorCode.INVALID_XID, \"invalid XID\");\n }\n\n /**\n * Returned when the inception key is missing.\n */\n static missingInceptionKey(): XIDError {\n return new XIDError(XIDErrorCode.MISSING_INCEPTION_KEY, \"missing inception key\");\n }\n\n /**\n * Returned when the resolution method is invalid.\n */\n static invalidResolutionMethod(): XIDError {\n return new XIDError(XIDErrorCode.INVALID_RESOLUTION_METHOD, \"invalid resolution method\");\n }\n\n /**\n * Returned when multiple provenance marks are found.\n */\n static multipleProvenanceMarks(): XIDError {\n return new XIDError(XIDErrorCode.MULTIPLE_PROVENANCE_MARKS, \"multiple provenance marks\");\n }\n\n /**\n * Returned when an unexpected predicate is encountered.\n */\n static unexpectedPredicate(predicate: string): XIDError {\n return new XIDError(XIDErrorCode.UNEXPECTED_PREDICATE, `unexpected predicate: ${predicate}`);\n }\n\n /**\n * Returned when unexpected nested assertions are found.\n */\n static unexpectedNestedAssertions(): XIDError {\n return new XIDError(XIDErrorCode.UNEXPECTED_NESTED_ASSERTIONS, \"unexpected nested assertions\");\n }\n\n /**\n * Returned when a service has no permissions.\n */\n static noPermissions(uri: string): XIDError {\n return new XIDError(XIDErrorCode.NO_PERMISSIONS, `no permissions in service '${uri}'`);\n }\n\n /**\n * Returned when a service has no key or delegate references.\n */\n static noReferences(uri: string): XIDError {\n return new XIDError(\n XIDErrorCode.NO_REFERENCES,\n `no key or delegate references in service '${uri}'`,\n );\n }\n\n /**\n * Returned when an unknown key reference is found in a service.\n */\n static unknownKeyReference(reference: string, uri: string): XIDError {\n return new XIDError(\n XIDErrorCode.UNKNOWN_KEY_REFERENCE,\n `unknown key reference ${reference} in service '${uri}'`,\n );\n }\n\n /**\n * Returned when an unknown delegate reference is found in a service.\n */\n static unknownDelegateReference(reference: string, uri: string): XIDError {\n return new XIDError(\n XIDErrorCode.UNKNOWN_DELEGATE_REFERENCE,\n `unknown delegate reference ${reference} in service '${uri}'`,\n );\n }\n\n /**\n * Returned when a key is not found in the XID document.\n */\n static keyNotFoundInDocument(key: string): XIDError {\n return new XIDError(\n XIDErrorCode.KEY_NOT_FOUND_IN_DOCUMENT,\n `key not found in XID document: ${key}`,\n );\n }\n\n /**\n * Returned when a delegate is not found in the XID document.\n */\n static delegateNotFoundInDocument(delegate: string): XIDError {\n return new XIDError(\n XIDErrorCode.DELEGATE_NOT_FOUND_IN_DOCUMENT,\n `delegate not found in XID document: ${delegate}`,\n );\n }\n\n /**\n * Returned when the password is invalid.\n */\n static invalidPassword(): XIDError {\n return new XIDError(XIDErrorCode.INVALID_PASSWORD, \"invalid password\");\n }\n\n /**\n * Returned when the envelope is not signed.\n */\n static envelopeNotSigned(): XIDError {\n return new XIDError(XIDErrorCode.ENVELOPE_NOT_SIGNED, \"envelope is not signed\");\n }\n\n /**\n * Returned when signature verification fails.\n */\n static signatureVerificationFailed(): XIDError {\n return new XIDError(\n XIDErrorCode.SIGNATURE_VERIFICATION_FAILED,\n \"signature verification failed\",\n );\n }\n\n /**\n * Returned when there is no provenance mark to advance.\n */\n static noProvenanceMark(): XIDError {\n return new XIDError(XIDErrorCode.NO_PROVENANCE_MARK, \"no provenance mark to advance\");\n }\n\n /**\n * Returned when document already has generator but external generator was provided.\n */\n static generatorConflict(): XIDError {\n return new XIDError(\n XIDErrorCode.GENERATOR_CONFLICT,\n \"document already has generator, cannot provide external generator\",\n );\n }\n\n /**\n * Returned when document does not have generator but needs one.\n */\n static noGenerator(): XIDError {\n return new XIDError(\n XIDErrorCode.NO_GENERATOR,\n \"document does not have generator, must provide external generator\",\n );\n }\n\n /**\n * Returned when generator chain ID doesn't match.\n */\n static chainIdMismatch(expected: Uint8Array, actual: Uint8Array): XIDError {\n const expectedHex = Array.from(expected)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n const actualHex = Array.from(actual)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n return new XIDError(\n XIDErrorCode.CHAIN_ID_MISMATCH,\n `generator chain ID mismatch: expected ${expectedHex}, got ${actualHex}`,\n );\n }\n\n /**\n * Returned when generator sequence doesn't match.\n */\n static sequenceMismatch(expected: number, actual: number): XIDError {\n return new XIDError(\n XIDErrorCode.SEQUENCE_MISMATCH,\n `generator sequence mismatch: expected ${expected}, got ${actual}`,\n );\n }\n\n /**\n * Envelope parsing error wrapper.\n */\n static envelopeParsing(cause?: Error): XIDError {\n return new XIDError(XIDErrorCode.ENVELOPE_PARSING, \"envelope parsing error\", cause);\n }\n\n /**\n * Component error wrapper.\n */\n static component(cause?: Error): XIDError {\n return new XIDError(XIDErrorCode.COMPONENT, \"component error\", cause);\n }\n\n /**\n * CBOR error wrapper.\n */\n static cbor(cause?: Error): XIDError {\n return new XIDError(XIDErrorCode.CBOR, \"CBOR error\", cause);\n }\n\n /**\n * Provenance mark error wrapper.\n */\n static provenanceMark(cause?: Error): XIDError {\n return new XIDError(XIDErrorCode.PROVENANCE_MARK, \"provenance mark error\", cause);\n }\n}\n\n/**\n * Result type for XID operations.\n */\nexport type XIDResult<T> = T;\n","/**\n * XID Privileges\n *\n * Defines the various privileges that can be granted to keys and delegates\n * in an XID document.\n *\n * Ported from bc-xid-rust/src/privilege.rs\n */\n\nimport {\n type KnownValue,\n PRIVILEGE_ALL,\n PRIVILEGE_AUTH,\n PRIVILEGE_SIGN,\n PRIVILEGE_ENCRYPT,\n PRIVILEGE_ELIDE,\n PRIVILEGE_ISSUE,\n PRIVILEGE_ACCESS,\n PRIVILEGE_DELEGATE,\n PRIVILEGE_VERIFY,\n PRIVILEGE_UPDATE,\n PRIVILEGE_TRANSFER,\n PRIVILEGE_ELECT,\n PRIVILEGE_BURN,\n PRIVILEGE_REVOKE,\n} from \"@bcts/known-values\";\nimport { Envelope } from \"@bcts/envelope\";\nimport { XIDError } from \"./error\";\n\n/**\n * Enum representing XID privileges.\n */\nexport enum Privilege {\n // Operational Functions\n /** Allow all applicable XID operations */\n All = \"All\",\n /** Authenticate as the subject (e.g., log into services) */\n Auth = \"Auth\",\n /** Sign digital communications as the subject */\n Sign = \"Sign\",\n /** Encrypt messages from the subject */\n Encrypt = \"Encrypt\",\n /** Elide data under the subject's control */\n Elide = \"Elide\",\n /** Issue or revoke verifiable credentials on the subject's authority */\n Issue = \"Issue\",\n /** Access resources under the subject's control */\n Access = \"Access\",\n\n // Management Functions\n /** Delegate privileges to third parties */\n Delegate = \"Delegate\",\n /** Verify (update) the XID document */\n Verify = \"Verify\",\n /** Update service endpoints */\n Update = \"Update\",\n /** Remove the inception key from the XID document */\n Transfer = \"Transfer\",\n /** Add or remove other verifiers (rotate keys) */\n Elect = \"Elect\",\n /** Transition to a new provenance mark chain */\n Burn = \"Burn\",\n /** Revoke the XID entirely */\n Revoke = \"Revoke\",\n}\n\n/**\n * Convert a Privilege to its corresponding KnownValue.\n */\nexport function privilegeToKnownValue(privilege: Privilege): KnownValue {\n switch (privilege) {\n case Privilege.All:\n return PRIVILEGE_ALL;\n case Privilege.Auth:\n return PRIVILEGE_AUTH;\n case Privilege.Sign:\n return PRIVILEGE_SIGN;\n case Privilege.Encrypt:\n return PRIVILEGE_ENCRYPT;\n case Privilege.Elide:\n return PRIVILEGE_ELIDE;\n case Privilege.Issue:\n return PRIVILEGE_ISSUE;\n case Privilege.Access:\n return PRIVILEGE_ACCESS;\n case Privilege.Delegate:\n return PRIVILEGE_DELEGATE;\n case Privilege.Verify:\n return PRIVILEGE_VERIFY;\n case Privilege.Update:\n return PRIVILEGE_UPDATE;\n case Privilege.Transfer:\n return PRIVILEGE_TRANSFER;\n case Privilege.Elect:\n return PRIVILEGE_ELECT;\n case Privilege.Burn:\n return PRIVILEGE_BURN;\n case Privilege.Revoke:\n return PRIVILEGE_REVOKE;\n default:\n throw XIDError.unknownPrivilege();\n }\n}\n\n/**\n * Convert a KnownValue to its corresponding Privilege.\n */\nexport function privilegeFromKnownValue(knownValue: KnownValue): Privilege {\n const value = knownValue.value();\n switch (value) {\n case PRIVILEGE_ALL.value():\n return Privilege.All;\n case PRIVILEGE_AUTH.value():\n return Privilege.Auth;\n case PRIVILEGE_SIGN.value():\n return Privilege.Sign;\n case PRIVILEGE_ENCRYPT.value():\n return Privilege.Encrypt;\n case PRIVILEGE_ELIDE.value():\n return Privilege.Elide;\n case PRIVILEGE_ISSUE.value():\n return Privilege.Issue;\n case PRIVILEGE_ACCESS.value():\n return Privilege.Access;\n case PRIVILEGE_DELEGATE.value():\n return Privilege.Delegate;\n case PRIVILEGE_VERIFY.value():\n return Privilege.Verify;\n case PRIVILEGE_UPDATE.value():\n return Privilege.Update;\n case PRIVILEGE_TRANSFER.value():\n return Privilege.Transfer;\n case PRIVILEGE_ELECT.value():\n return Privilege.Elect;\n case PRIVILEGE_BURN.value():\n return Privilege.Burn;\n case PRIVILEGE_REVOKE.value():\n return Privilege.Revoke;\n default:\n throw XIDError.unknownPrivilege();\n }\n}\n\n/**\n * Convert a Privilege to an Envelope.\n */\nexport function privilegeToEnvelope(privilege: Privilege): Envelope {\n return Envelope.newWithKnownValue(privilegeToKnownValue(privilege));\n}\n\n/**\n * Convert an Envelope to a Privilege.\n */\nexport function privilegeFromEnvelope(envelope: Envelope): Privilege {\n const envelopeCase = envelope.case();\n if (envelopeCase.type !== \"knownValue\") {\n throw XIDError.unknownPrivilege();\n }\n return privilegeFromKnownValue(envelopeCase.value);\n}\n","/**\n * XID Permissions\n *\n * Permissions management for XID documents, including allow and deny sets\n * of privileges.\n *\n * Ported from bc-xid-rust/src/permissions.rs\n */\n\nimport { ALLOW, DENY } from \"@bcts/known-values\";\nimport { Envelope } from \"@bcts/envelope\";\nimport { Privilege, privilegeFromEnvelope, privilegeToKnownValue } from \"./privilege\";\n\n/**\n * Interface for types that have permissions.\n */\nexport interface HasPermissions {\n /**\n * Get the permissions for this object.\n */\n permissions(): Permissions;\n\n /**\n * Get a mutable reference to the permissions.\n */\n permissionsMut(): Permissions;\n}\n\n/**\n * Helper methods for HasPermissions implementers.\n */\nexport const HasPermissionsMixin = {\n /**\n * Get the set of allowed privileges.\n */\n allow(obj: HasPermissions): Set<Privilege> {\n return obj.permissions().allow;\n },\n\n /**\n * Get the set of denied privileges.\n */\n deny(obj: HasPermissions): Set<Privilege> {\n return obj.permissions().deny;\n },\n\n /**\n * Add an allowed privilege.\n */\n addAllow(obj: HasPermissions, privilege: Privilege): void {\n obj.permissionsMut().allow.add(privilege);\n },\n\n /**\n * Add a denied privilege.\n */\n addDeny(obj: HasPermissions, privilege: Privilege): void {\n obj.permissionsMut().deny.add(privilege);\n },\n\n /**\n * Remove an allowed privilege.\n */\n removeAllow(obj: HasPermissions, privilege: Privilege): void {\n obj.permissionsMut().allow.delete(privilege);\n },\n\n /**\n * Remove a denied privilege.\n */\n removeDeny(obj: HasPermissions, privilege: Privilege): void {\n obj.permissionsMut().deny.delete(privilege);\n },\n\n /**\n * Clear all permissions.\n */\n clearAllPermissions(obj: HasPermissions): void {\n obj.permissionsMut().allow.clear();\n obj.permissionsMut().deny.clear();\n },\n};\n\n/**\n * Represents the permissions granted to a key or delegate.\n */\nexport class Permissions implements HasPermissions {\n public allow: Set<Privilege>;\n public deny: Set<Privilege>;\n\n constructor(allow?: Set<Privilege>, deny?: Set<Privilege>) {\n this.allow = allow ?? new Set();\n this.deny = deny ?? new Set();\n }\n\n /**\n * Create a new empty Permissions object.\n */\n static new(): Permissions {\n return new Permissions();\n }\n\n /**\n * Create a new Permissions object that allows all privileges.\n */\n static newAllowAll(): Permissions {\n const allow = new Set<Privilege>();\n allow.add(Privilege.All);\n return new Permissions(allow);\n }\n\n /**\n * Add permissions assertions to an envelope.\n */\n addToEnvelope(envelope: Envelope): Envelope {\n let result = envelope;\n\n // Add allow assertions\n for (const privilege of this.allow) {\n result = result.addAssertion(\n Envelope.newWithKnownValue(ALLOW.value()),\n Envelope.newWithKnownValue(privilegeToKnownValue(privilege).value()),\n );\n }\n\n // Add deny assertions\n for (const privilege of this.deny) {\n result = result.addAssertion(\n Envelope.newWithKnownValue(DENY.value()),\n Envelope.newWithKnownValue(privilegeToKnownValue(privilege).value()),\n );\n }\n\n return result;\n }\n\n /**\n * Try to extract Permissions from an envelope.\n */\n static tryFromEnvelope(envelope: Envelope): Permissions {\n const allow = new Set<Privilege>();\n const deny = new Set<Privilege>();\n\n // Extract allow assertions\n const allowObjects = (\n envelope as unknown as { objectsForPredicate(p: unknown): Envelope[] }\n ).objectsForPredicate(ALLOW);\n for (const obj of allowObjects) {\n const privilege = privilegeFromEnvelope(obj);\n allow.add(privilege);\n }\n\n // Extract deny assertions\n const denyObjects = (\n envelope as unknown as { objectsForPredicate(p: unknown): Envelope[] }\n ).objectsForPredicate(DENY);\n for (const obj of denyObjects) {\n const privilege = privilegeFromEnvelope(obj);\n deny.add(privilege);\n }\n\n return new Permissions(allow, deny);\n }\n\n /**\n * Add an allowed privilege.\n */\n addAllow(privilege: Privilege): void {\n this.allow.add(privilege);\n }\n\n /**\n * Add a denied privilege.\n */\n addDeny(privilege: Privilege): void {\n this.deny.add(privilege);\n }\n\n /**\n * Check if a specific privilege is allowed.\n */\n isAllowed(privilege: Privilege): boolean {\n // Deny takes precedence\n if (this.deny.has(privilege) || this.deny.has(Privilege.All)) {\n return false;\n }\n // Check if specifically allowed or all is allowed\n return this.allow.has(privilege) || this.allow.has(Privilege.All);\n }\n\n /**\n * Check if a specific privilege is denied.\n */\n isDenied(privilege: Privilege): boolean {\n return this.deny.has(privilege) || this.deny.has(Privilege.All);\n }\n\n // HasPermissions implementation\n permissions(): Permissions {\n return this;\n }\n\n permissionsMut(): Permissions {\n return this;\n }\n\n /**\n * Check equality with another Permissions object.\n */\n equals(other: Permissions): boolean {\n if (this.allow.size !== other.allow.size || this.deny.size !== other.deny.size) {\n return false;\n }\n for (const p of this.allow) {\n if (!other.allow.has(p)) return false;\n }\n for (const p of this.deny) {\n if (!other.deny.has(p)) return false;\n }\n return true;\n }\n\n /**\n * Clone this Permissions object.\n */\n clone(): Permissions {\n return new Permissions(new Set(this.allow), new Set(this.deny));\n }\n}\n","/**\n * XID Name (Nickname) Interface\n *\n * Provides the HasNickname interface for objects that can have a nickname.\n *\n * Ported from bc-xid-rust/src/name.rs\n */\n\nimport { XIDError } from \"./error\";\n\n/**\n * Interface for types that have a nickname.\n */\nexport interface HasNickname {\n /**\n * Get the nickname for this object.\n */\n nickname(): string;\n\n /**\n * Set the nickname for this object.\n */\n setNickname(name: string): void;\n}\n\n/**\n * Helper methods for HasNickname implementers.\n */\nexport const HasNicknameMixin = {\n /**\n * Add a nickname, throwing if one already exists or is empty.\n */\n addNickname(obj: HasNickname, name: string): void {\n if (obj.nickname() !== \"\") {\n throw XIDError.duplicate(\"nickname\");\n }\n if (name === \"\") {\n throw XIDError.emptyValue(\"nickname\");\n }\n obj.setNickname(name);\n },\n};\n","/**\n * Shared Reference Wrapper\n *\n * Provides a wrapper for shared references to objects.\n * In TypeScript, we don't have Arc/RwLock like Rust, but we can provide\n * a simple wrapper that allows shared access to a value.\n *\n * Ported from bc-xid-rust/src/shared.rs\n */\n\n/**\n * A wrapper for shared references to objects.\n *\n * Unlike Rust's Arc<RwLock<T>>, JavaScript uses reference semantics for objects,\n * so this is primarily a type-safe wrapper that makes the sharing explicit.\n */\nexport class Shared<T> {\n private readonly value: T;\n\n constructor(value: T) {\n this.value = value;\n }\n\n /**\n * Create a new Shared instance.\n */\n static new<T>(value: T): Shared<T> {\n return new Shared(value);\n }\n\n /**\n * Get a read-only reference to the value.\n */\n read(): T {\n return this.value;\n }\n\n /**\n * Get a mutable reference to the value.\n */\n write(): T {\n return this.value;\n }\n\n /**\n * Check equality with another Shared instance.\n */\n equals(other: Shared<T>): boolean {\n // Use JSON.stringify for deep equality check\n // This is a simple approach; for complex objects, a proper deep equals would be better\n if (this.value === other.value) return true;\n try {\n return JSON.stringify(this.value) === JSON.stringify(other.value);\n } catch {\n return false;\n }\n }\n\n /**\n * Clone this Shared instance.\n * Note: This creates a shallow copy in JS; for deep copy, implement on T.\n */\n clone(): Shared<T> {\n // If the value has a clone method, use it\n if (\n typeof this.value === \"object\" &&\n this.value !== null &&\n \"clone\" in this.value &&\n typeof (this.value as { clone(): T }).clone === \"function\"\n ) {\n return new Shared((this.value as { clone(): T }).clone());\n }\n // Otherwise, return the same reference (shallow copy)\n return new Shared(this.value);\n }\n}\n","/**\n * XID Key\n *\n * Represents a key in an XID document, containing public keys, optional private keys,\n * nickname, endpoints, and permissions.\n *\n * Ported from bc-xid-rust/src/key.rs\n */\n\nimport { Envelope, PrivateKeyBase, PublicKeyBase, type EnvelopeEncodable } from \"@bcts/envelope\";\nimport { ENDPOINT, NICKNAME, PRIVATE_KEY, SALT, type KnownValue } from \"@bcts/known-values\";\nimport type { EnvelopeEncodableValue } from \"@bcts/envelope\";\n\n// Helper to convert KnownValue to EnvelopeEncodableValue\nconst kv = (v: KnownValue): EnvelopeEncodableValue => v as unknown as EnvelopeEncodableValue;\nimport { Salt, Reference } from \"@bcts/components\";\nimport { Permissions, type HasPermissions } from \"./permissions\";\nimport { type Privilege } from \"./privilege\";\nimport { type HasNickname } from \"./name\";\nimport { XIDError } from \"./error\";\n\n/**\n * Options for handling private keys in envelopes.\n */\nexport enum XIDPrivateKeyOptions {\n /** Omit the private key from the envelope (default). */\n Omit = \"Omit\",\n /** Include the private key in plaintext (with salt for decorrelation). */\n Include = \"Include\",\n /** Include the private key assertion but elide it (maintains digest tree). */\n Elide = \"Elide\",\n /** Include the private key encrypted with a password. */\n Encrypt = \"Encrypt\",\n}\n\n/**\n * Configuration for encrypting private keys.\n */\nexport interface XIDPrivateKeyEncryptConfig {\n type: XIDPrivateKeyOptions.Encrypt;\n password: Uint8Array;\n}\n\n/**\n * Union type for all private key options.\n */\nexport type XIDPrivateKeyOptionsValue =\n | XIDPrivateKeyOptions.Omit\n | XIDPrivateKeyOptions.Include\n | XIDPrivateKeyOptions.Elide\n | XIDPrivateKeyEncryptConfig;\n\n/**\n * Private key data that can be either decrypted or encrypted.\n */\nexport type PrivateKeyData =\n | { type: \"decrypted\"; privateKeyBase: PrivateKeyBase }\n | { type: \"encrypted\"; envelope: Envelope };\n\n/**\n * Represents a key in an XID document.\n */\nexport class Key implements HasNickname, HasPermissions, EnvelopeEncodable {\n private readonly _publicKeyBase: PublicKeyBase;\n private readonly _privateKeys: { data: PrivateKeyData; salt: Salt } | undefined;\n private _nickname: string;\n private readonly _endpoints: Set<string>;\n private readonly _permissions: Permissions;\n\n private constructor(\n publicKeyBase: PublicKeyBase,\n privateKeys?: { data: PrivateKeyData; salt: Salt },\n nickname = \"\",\n endpoints = new Set<string>(),\n permissions = Permissions.new(),\n ) {\n this._publicKeyBase = publicKeyBase;\n this._privateKeys = privateKeys;\n this._nickname = nickname;\n this._endpoints = endpoints;\n this._permissions = permissions;\n }\n\n /**\n * Create a new Key with only public keys.\n */\n static new(publicKeyBase: PublicKeyBase): Key {\n return new Key(publicKeyBase);\n }\n\n /**\n * Create a new Key with public keys and allow-all permissions.\n */\n static newAllowAll(publicKeyBase: PublicKeyBase): Key {\n return new Key(publicKeyBase, undefined, \"\", new Set(), Permissions.newAllowAll());\n }\n\n /**\n * Create a new Key with private key base.\n */\n static newWithPrivateKeyBase(privateKeyBase: PrivateKeyBase): Key {\n const salt = Salt.random(32);\n return new Key(\n privateKeyBase.publicKeys(),\n { data: { type: \"decrypted\", privateKeyBase }, salt },\n \"\",\n new Set(),\n Permissions.newAllowAll(),\n );\n }\n\n /**\n * Get the public key base.\n */\n publicKeyBase(): PublicKeyBase {\n return this._publicKeyBase;\n }\n\n /**\n * Get the private key base, if available and decrypted.\n */\n privateKeyBase(): PrivateKeyBase | undefined {\n if (this._privateKeys === undefined) return undefined;\n if (this._privateKeys.data.type === \"decrypted\") {\n return this._privateKeys.data.privateKeyBase;\n }\n return undefined;\n }\n\n /**\n * Check if this key has decrypted private keys.\n */\n hasPrivateKeys(): boolean {\n return this._privateKeys?.data.type === \"decrypted\";\n }\n\n /**\n * Check if this key has encrypted private keys.\n */\n hasEncryptedPrivateKeys(): boolean {\n return this._privateKeys?.data.type === \"encrypted\";\n }\n\n /**\n * Get the salt used for private key decorrelation.\n */\n privateKeySalt(): Salt | undefined {\n return this._privateKeys?.salt;\n }\n\n /**\n * Get the reference for this key (based on public key).\n */\n reference(): Reference {\n return Reference.hash(this._publicKeyBase.data());\n }\n\n /**\n * Get the endpoints set.\n */\n endpoints(): Set<string> {\n return this._endpoints;\n }\n\n /**\n * Get the endpoints set for mutation.\n */\n endpointsMut(): Set<string> {\n return this._endpoints;\n }\n\n /**\n * Add an endpoint.\n */\n addEndpoint(endpoint: string): void {\n this._endpoints.add(endpoint);\n }\n\n /**\n * Add a permission.\n */\n addPermission(privilege: Privilege): void {\n this._permissions.addAllow(privilege);\n }\n\n // HasNickname implementation\n nickname(): string {\n return this._nickname;\n }\n\n setNickname(name: string): void {\n this._nickname = name;\n }\n\n // HasPermissions implementation\n permissions(): Permissions {\n return this._permissions;\n }\n\n permissionsMut(): Permissions {\n return this._permissions;\n }\n\n /**\n * Convert to envelope with specified options.\n */\n intoEnvelopeOpt(\n privateKeyOptions: XIDPrivateKeyOptionsValue = XIDPrivateKeyOptions.Omit,\n ): Envelope {\n let envelope = Envelope.new(this._publicKeyBase.data());\n\n // Handle private keys\n if (this._privateKeys !== undefined) {\n const { data, salt } = this._privateKeys;\n\n if (data.type === \"encrypted\") {\n // Always preserve encrypted keys\n envelope = envelope.addAssertion(kv(PRIVATE_KEY), data.envelope);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n } else if (data.type === \"decrypted\") {\n // Handle decrypted keys based on options\n const option =\n typeof privateKeyOptions === \"object\" ? privateKeyOptions.type : privateKeyOptions;\n\n switch (option) {\n case XIDPrivateKeyOptions.Include: {\n envelope = envelope.addAssertion(kv(PRIVATE_KEY), data.privateKeyBase.data());\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n break;\n }\n case XIDPrivateKeyOptions.Elide: {\n const baseAssertion = Envelope.newAssertion(\n kv(PRIVATE_KEY),\n data.privateKeyBase.data(),\n );\n const elidedAssertion = (baseAssertion as unknown as { elide(): Envelope }).elide();\n envelope = envelope.addAssertionEnvelope(elidedAssertion);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n break;\n }\n case XIDPrivateKeyOptions.Encrypt: {\n if (typeof privateKeyOptions === \"object\") {\n const privateKeysEnvelope = Envelope.new(data.privateKeyBase.data());\n const encrypted = (\n privateKeysEnvelope as unknown as { encryptSubject(p: Uint8Array): Envelope }\n ).encryptSubject(privateKeyOptions.password);\n envelope = envelope.addAssertion(kv(PRIVATE_KEY), encrypted);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n }\n break;\n }\n case XIDPrivateKeyOptions.Omit:\n default:\n // Do nothing - omit private keys\n break;\n }\n }\n }\n\n // Add nickname if not empty\n if (this._nickname !== \"\") {\n envelope = envelope.addAssertion(kv(NICKNAME), this._nickname);\n }\n\n // Add endpoints\n for (const endpoint of this._endpoints) {\n envelope = envelope.addAssertion(kv(ENDPOINT), endpoint);\n }\n\n // Add permissions\n envelope = this._permissions.addToEnvelope(envelope);\n\n return envelope;\n }\n\n // EnvelopeEncodable implementation\n intoEnvelope(): Envelope {\n return this.intoEnvelopeOpt(XIDPrivateKeyOptions.Omit);\n }\n\n /**\n * Try to extract a Key from an envelope, optionally with password for decryption.\n */\n static tryFromEnvelope(envelope: Envelope, password?: Uint8Array): Key {\n type EnvelopeExt = Envelope & {\n asByteString(): Uint8Array | undefined;\n subject(): Envelope;\n assertionsWithPredicate(p: unknown): Envelope[];\n decryptSubject(p: Uint8Array): Envelope;\n };\n const env = envelope as EnvelopeExt;\n\n // Extract public key base from subject\n // The envelope may be a node (with assertions) or a leaf\n const envCase = env.case();\n const subject = envCase.type === \"node\" ? env.subject() : env;\n const publicKeyData = (subject as EnvelopeExt).asByteString();\n if (publicKeyData === undefined) {\n throw XIDError.component(new Error(\"Could not extract public key from envelope\"));\n }\n const publicKeyBase = new PublicKeyBase(publicKeyData);\n\n // Extract optional private key\n let privateKeys: { data: PrivateKeyData; salt: Salt } | undefined;\n\n // Extract salt from top level (if present)\n let salt: Salt = Salt.random(32);\n const saltAssertions = env.assertionsWithPredicate(SALT);\n if (saltAssertions.length > 0) {\n const saltAssertion = saltAssertions[0];\n const saltCase = saltAssertion.case();\n if (saltCase.type === \"assertion\") {\n const saltObj = saltCase.assertion.object() as EnvelopeExt;\n const saltData = saltObj.asByteString();\n if (saltData !== undefined) {\n salt = Salt.from(saltData);\n }\n }\n }\n\n const privateKeyAssertions = env.assertionsWithPredicate(PRIVATE_KEY);\n if (privateKeyAssertions.length > 0) {\n const privateKeyAssertion = privateKeyAssertions[0] as EnvelopeExt;\n const assertionCase = privateKeyAssertion.case();\n\n if (assertionCase.type === \"assertion\") {\n const privateKeyObject = assertionCase.assertion.object() as EnvelopeExt;\n\n // Check if encrypted\n const objCase = privateKeyObject.case();\n if (objCase.type === \"encrypted\") {\n if (password !== undefined) {\n try {\n const decrypted = privateKeyObject.decryptSubject(password) as EnvelopeExt;\n const decryptedData = decrypted.asByteString();\n if (decryptedData !== undefined) {\n const privateKeyBase = PrivateKeyBase.fromBytes(decryptedData, publicKeyData);\n privateKeys = {\n data: { type: \"decrypted\", privateKeyBase },\n salt,\n };\n }\n } catch {\n // Wrong password - store as encrypted\n privateKeys = {\n data: { type: \"encrypted\", envelope: privateKeyObject },\n salt,\n };\n }\n } else {\n // No password - store as encrypted\n privateKeys = {\n data: { type: \"encrypted\", envelope: privateKeyObject },\n salt,\n };\n }\n } else {\n // Plain text private key\n const privateKeyData = privateKeyObject.asByteString();\n if (privateKeyData !== undefined) {\n const privateKeyBase = PrivateKeyBase.fromBytes(privateKeyData, publicKeyData);\n privateKeys = {\n data: { type: \"decrypted\", privateKeyBase },\n salt,\n };\n }\n }\n }\n }\n\n // Extract nickname\n let nickname = \"\";\n try {\n const nicknameObj = (\n env as unknown as { objectForPredicate(p: unknown): EnvelopeExt }\n ).objectForPredicate(NICKNAME);\n nickname =\n nicknameObj.asByteString() !== undefined\n ? \"\"\n : ((nicknameObj as unknown as { asText(): string | undefined }).asText() ?? \"\");\n } catch {\n // No nickname\n }\n\n // Extract endpoints\n const endpoints = new Set<string>();\n const endpointObjects = (\n env as unknown as { objectsForPredicate(p: unknown): EnvelopeExt[] }\n ).objectsForPredicate(ENDPOINT);\n for (const obj of endpointObjects) {\n const text = (obj as unknown as { asText(): string | undefined }).asText();\n if (text !== undefined) {\n endpoints.add(text);\n }\n }\n\n // Extract permissions\n const permissions = Permissions.tryFromEnvelope(envelope);\n\n return new Key(publicKeyBase, privateKeys, nickname, endpoints, permissions);\n }\n\n /**\n * Check equality with another Key.\n */\n equals(other: Key): boolean {\n return this._publicKeyBase.hex() === other._publicKeyBase.hex();\n }\n\n /**\n * Get a hash key for use in Sets/Maps.\n */\n hashKey(): string {\n return this._publicKeyBase.hex();\n }\n\n /**\n * Clone this Key.\n */\n clone(): Key {\n return new Key(\n this._publicKeyBase,\n this._privateKeys !== undefined\n ? { data: this._privateKeys.data, salt: this._privateKeys.salt }\n : undefined,\n this._nickname,\n new Set(this._endpoints),\n this._permissions.clone(),\n );\n }\n}\n","/**\n * XID Service\n *\n * Represents a service endpoint in an XID document, containing URI, key references,\n * delegate references, permissions, capability, and name.\n *\n * Ported from bc-xid-rust/src/service.rs\n */\n\nimport { Envelope, type EnvelopeEncodable, type EnvelopeEncodableValue } from \"@bcts/envelope\";\nimport { KEY, DELEGATE, NAME, CAPABILITY, ALLOW, type KnownValue } from \"@bcts/known-values\";\n\n// Helper to convert KnownValue to EnvelopeEncodableValue\nconst kv = (v: KnownValue): EnvelopeEncodableValue => v as unknown as EnvelopeEncodableValue;\nimport type { Reference } from \"@bcts/components\";\nimport { Permissions, type HasPermissions } from \"./permissions\";\nimport { privilegeFromEnvelope } from \"./privilege\";\nimport { XIDError } from \"./error\";\n\n// Raw values for predicate matching\nconst KEY_RAW = KEY.value();\nconst DELEGATE_RAW = DELEGATE.value();\nconst NAME_RAW = NAME.value();\nconst CAPABILITY_RAW = CAPABILITY.value();\nconst ALLOW_RAW = ALLOW.value();\n\n/**\n * Represents a service endpoint in an XID document.\n */\nexport class Service implements HasPermissions, EnvelopeEncodable {\n private readonly _uri: string;\n private _keyReferences: Set<string>; // Store as hex strings for easier comparison\n private _delegateReferences: Set<string>;\n private _permissions: Permissions;\n private _capability: string;\n private _name: string;\n\n constructor(uri: string) {\n this._uri = uri;\n this._keyReferences = new Set();\n this._delegateReferences = new Set();\n this._permissions = Permissions.new();\n this._capability = \"\";\n this._name = \"\";\n }\n\n /**\n * Create a new Service with the given URI.\n */\n static new(uri: string): Service {\n return new Service(uri);\n }\n\n /**\n * Get the service URI.\n */\n uri(): string {\n return this._uri;\n }\n\n /**\n * Get the capability string.\n */\n capability(): string {\n return this._capability;\n }\n\n /**\n * Set the capability string.\n */\n setCapability(capability: string): void {\n this._capability = capability;\n }\n\n /**\n * Add a capability, throwing if one already exists or is empty.\n */\n addCapability(capability: string): void {\n if (this._capability !== \"\") {\n throw XIDError.duplicate(\"capability\");\n }\n if (capability === \"\") {\n throw XIDError.emptyValue(\"capability\");\n }\n this.setCapability(capability);\n }\n\n /**\n * Get the key references set.\n */\n keyReferences(): Set<string> {\n return this._keyReferences;\n }\n\n /**\n * Get the key references set for mutation.\n */\n keyReferencesMut(): Set<string> {\n return this._keyReferences;\n }\n\n /**\n * Add a key reference by hex string.\n */\n addKeyReferenceHex(keyReferenceHex: string): void {\n if (this._keyReferences.has(keyReferenceHex)) {\n throw XIDError.duplicate(\"key reference\");\n }\n this._keyReferences.add(keyReferenceHex);\n }\n\n /**\n * Add a key reference.\n */\n addKeyReference(keyReference: Reference): void {\n this.addKeyReferenceHex(keyReference.toHex());\n }\n\n /**\n * Get the delegate references set.\n */\n delegateReferences(): Set<string> {\n return this._delegateReferences;\n }\n\n /**\n * Get the delegate references set for mutation.\n */\n delegateReferencesMut(): Set<string> {\n return this._delegateReferences;\n }\n\n /**\n * Add a delegate reference by hex string.\n */\n addDelegateReferenceHex(delegateReferenceHex: string): void {\n if (this._delegateReferences.has(delegateReferenceHex)) {\n throw XIDError.duplicate(\"delegate reference\");\n }\n this._delegateReferences.add(delegateReferenceHex);\n }\n\n /**\n * Add a delegate reference.\n */\n addDelegateReference(delegateReference: Reference): void {\n this.addDelegateReferenceHex(delegateReference.toHex());\n }\n\n /**\n * Get the name.\n */\n name(): string {\n return this._name;\n }\n\n /**\n * Set the name, throwing if one already exists or is empty.\n */\n setName(name: string): void {\n if (this._name !== \"\") {\n throw XIDError.duplicate(\"name\");\n }\n if (name === \"\") {\n throw XIDError.emptyValue(\"name\");\n }\n this._name = name;\n }\n\n // HasPermissions implementation\n permissions(): Permissions {\n return this._permissions;\n }\n\n permissionsMut(): Permissions {\n return this._permissions;\n }\n\n /**\n * Convert to envelope.\n */\n intoEnvelope(): Envelope {\n let envelope = Envelope.new(this._uri);\n\n // Add key references\n for (const keyRef of this._keyReferences) {\n const refBytes = hexToBytes(keyRef);\n envelope = envelope.addAssertion(kv(KEY), refBytes);\n }\n\n // Add delegate references\n for (const delegateRef of this._delegateReferences) {\n const refBytes = hexToBytes(delegateRef);\n envelope = envelope.addAssertion(kv(DELEGATE), refBytes);\n }\n\n // Add capability if not empty\n if (this._capability !== \"\") {\n envelope = envelope.addAssertion(kv(CAPABILITY), this._capability);\n }\n\n // Add name if not empty\n if (this._name !== \"\") {\n envelope = envelope.addAssertion(kv(NAME), this._name);\n }\n\n // Add permissions\n envelope = this._permissions.addToEnvelope(envelope);\n\n return envelope;\n }\n\n /**\n * Try to extract a Service from an envelope.\n */\n static tryFromEnvelope(envelope: Envelope): Service {\n // Extract URI from subject\n // The envelope may be a node (with assertions) or a leaf\n const envExt = envelope as unknown as {\n subject(): Envelope;\n asText(): string | undefined;\n case(): { type: string };\n };\n const envCase = envExt.case();\n const subject = envCase.type === \"node\" ? envExt.subject() : envelope;\n const uri = (subject as unknown as { asText(): string | undefined }).asText();\n if (uri === undefined) {\n throw XIDError.component(new Error(\"Could not extract URI from envelope\"));\n }\n\n const service = new Service(uri);\n\n // Process assertions\n const assertions = (envelope as unknown as { assertions(): Envelope[] }).assertions();\n for (const assertion of assertions) {\n const assertionCase = assertion.case();\n if (assertionCase.type !== \"assertion\") {\n continue;\n }\n\n const predicateEnv = assertionCase.assertion.predicate();\n const predicateCase = predicateEnv.case();\n if (predicateCase.type !== \"knownValue\") {\n continue;\n }\n\n const predicate = predicateCase.value.value();\n const object = assertionCase.assertion.object();\n\n // Check for nested assertions\n const objectAssertions = (object as unknown as { assertions(): Envelope[] }).assertions();\n if (objectAssertions.length > 0) {\n throw XIDError.unexpectedNestedAssertions();\n }\n\n switch (predicate) {\n case KEY_RAW: {\n const keyData = (\n object as unknown as { asByteString(): Uint8Array | undefined }\n ).asByteString();\n if (keyData !== undefined) {\n service.addKeyReferenceHex(bytesToHex(keyData));\n }\n break;\n }\n case DELEGATE_RAW: {\n const delegateData = (\n object as unknown as { asByteString(): Uint8Array | undefined }\n ).asByteString();\n if (delegateData !== undefined) {\n service.addDelegateReferenceHex(bytesToHex(delegateData));\n }\n break;\n }\n case CAPABILITY_RAW: {\n const capability = (object as unknown as { asText(): string | undefined }).asText();\n if (capability !== undefined) {\n service.addCapability(capability);\n }\n break;\n }\n case NAME_RAW: {\n const name = (object as unknown as { asText(): string | undefined }).asText();\n if (name !== undefined) {\n service.setName(name);\n }\n break;\n }\n case ALLOW_RAW: {\n const privilege = privilegeFromEnvelope(object);\n service._permissions.addAllow(privilege);\n break;\n }\n default:\n throw XIDError.unexpectedPredicate(String(predicate));\n }\n }\n\n return service;\n }\n\n /**\n * Check equality with another Service (based on URI).\n */\n equals(other: Service): boolean {\n return this._uri === other._uri;\n }\n\n /**\n * Get a hash key for use in Sets/Maps.\n */\n hashKey(): string {\n return this._uri;\n }\n\n /**\n * Clone this Service.\n */\n clone(): Service {\n const clone = new Service(this._uri);\n clone._keyReferences = new Set(this._keyReferences);\n clone._delegateReferences = new Set(this._delegateReferences);\n clone._permissions = this._permissions.clone();\n clone._capability = this._capability;\n clone._name = this._name;\n return clone;\n }\n}\n\n// Helper functions\nfunction hexToBytes(hex: string): Uint8Array {\n const bytes = new Uint8Array(hex.length / 2);\n for (let i = 0; i < hex.length; i += 2) {\n bytes[i / 2] = parseInt(hex.substring(i, i + 2), 16);\n }\n return bytes;\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return Array.from(bytes)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n}\n","/**\n * XID Delegate\n *\n * Represents a delegate in an XID document, containing a controller XIDDocument\n * and permissions.\n *\n * Ported from bc-xid-rust/src/delegate.rs\n */\n\nimport { type Envelope, type EnvelopeEncodable } from \"@bcts/envelope\";\nimport { Reference, type XID } from \"@bcts/components\";\nimport { Permissions, type HasPermissions } from \"./permissions\";\nimport { Shared } from \"./shared\";\n\n/**\n * Forward declaration interface for XIDDocument to avoid circular dependency.\n * The actual XIDDocument class implements this interface.\n */\nexport interface XIDDocumentType {\n xid(): XID;\n intoEnvelope(): Envelope;\n clone(): XIDDocumentType;\n}\n\n// This will be set by xid-document.ts when it loads\nlet XIDDocumentClass: {\n tryFromEnvelope(envelope: Envelope): XIDDocumentType;\n} | null = null;\n\n/**\n * Register the XIDDocument class to avoid circular dependency issues.\n * Called by xid-document.ts when it loads.\n */\nexport function registerXIDDocumentClass(cls: {\n tryFromEnvelope(envelope: Envelope): XIDDocumentType;\n}): void {\n XIDDocumentClass = cls;\n}\n\n/**\n * Represents a delegate in an XID document.\n */\nexport class Delegate implements HasPermissions, EnvelopeEncodable {\n private readonly _controller: Shared<XIDDocumentType>;\n private readonly _permissions: Permissions;\n\n private constructor(controller: Shared<XIDDocumentType>, permissions: Permissions) {\n this._controller = controller;\n this._permissions = permissions;\n }\n\n /**\n * Create a new Delegate with the given controller document.\n */\n static new(controller: XIDDocumentType): Delegate {\n return new Delegate(Shared.new(controller), Permissions.new());\n }\n\n /**\n * Get the controller document.\n */\n controller(): Shared<XIDDocumentType> {\n return this._controller;\n }\n\n /**\n * Get the XID of the controller.\n */\n xid(): XID {\n return this._controller.read().xid();\n }\n\n /**\n * Get the reference for this delegate.\n */\n reference(): Reference {\n return Reference.hash(this.xid().toData());\n }\n\n // HasPermissions implementation\n permissions(): Permissions {\n return this._permissions;\n }\n\n permissionsMut(): Permissions {\n return this._permissions;\n }\n\n /**\n * Convert to envelope.\n */\n intoEnvelope(): Envelope {\n const doc = this._controller.read();\n const envelope = (doc.intoEnvelope() as unknown as { wrap(): Envelope }).wrap();\n return this._permissions.addToEnvelope(envelope);\n }\n\n /**\n * Try to extract a Delegate from an envelope.\n */\n static tryFromEnvelope(envelope: Envelope): Delegate {\n if (XIDDocumentClass === null) {\n throw new Error(\"XIDDocument class not registered. Import xid-document.js first.\");\n }\n\n const permissions = Permissions.tryFromEnvelope(envelope);\n const inner = (envelope as unknown as { tryUnwrap(): Envelope }).tryUnwrap();\n const controller = Shared.new(XIDDocumentClass.tryFromEnvelope(inner));\n return new Delegate(controller, permissions);\n }\n\n /**\n * Check equality with another Delegate (based on controller XID).\n */\n equals(other: Delegate): boolean {\n return this.xid().equals(other.xid());\n }\n\n /**\n * Get a hash key for use in Sets/Maps.\n */\n hashKey(): string {\n return this.xid().toHex();\n }\n\n /**\n * Clone this Delegate.\n */\n clone(): Delegate {\n return new Delegate(Shared.new(this._controller.read().clone()), this._permissions.clone());\n }\n}\n","/**\n * XID Provenance\n *\n * Represents provenance information in an XID document, containing a provenance mark\n * and optional generator.\n *\n * Ported from bc-xid-rust/src/provenance.rs\n */\n\nimport { Envelope, type EnvelopeEncodable, type EnvelopeEncodableValue } from \"@bcts/envelope\";\nimport { PROVENANCE_GENERATOR, SALT, type KnownValue } from \"@bcts/known-values\";\nimport { Salt } from \"@bcts/components\";\n\n// Helper to convert KnownValue to EnvelopeEncodableValue\nconst kv = (v: KnownValue): EnvelopeEncodableValue => v as unknown as EnvelopeEncodableValue;\nimport { ProvenanceMark, ProvenanceMarkGenerator } from \"@bcts/provenance-mark\";\nimport { cborData, decodeCbor } from \"@bcts/dcbor\";\nimport { XIDError } from \"./error\";\n\n/**\n * Options for handling generators in envelopes.\n */\nexport enum XIDGeneratorOptions {\n /** Omit the generator from the envelope (default). */\n Omit = \"Omit\",\n /** Include the generator in plaintext (with salt for decorrelation). */\n Include = \"Include\",\n /** Include the generator assertion but elide it (maintains digest tree). */\n Elide = \"Elide\",\n /** Include the generator encrypted with a password. */\n Encrypt = \"Encrypt\",\n}\n\n/**\n * Configuration for encrypting generators.\n */\nexport interface XIDGeneratorEncryptConfig {\n type: XIDGeneratorOptions.Encrypt;\n password: Uint8Array;\n}\n\n/**\n * Union type for all generator options.\n */\nexport type XIDGeneratorOptionsValue =\n | XIDGeneratorOptions.Omit\n | XIDGeneratorOptions.Include\n | XIDGeneratorOptions.Elide\n | XIDGeneratorEncryptConfig;\n\n/**\n * Generator data that can be either decrypted or encrypted.\n */\nexport type GeneratorData =\n | { type: \"decrypted\"; generator: ProvenanceMarkGenerator }\n | { type: \"encrypted\"; envelope: Envelope };\n\n/**\n * Represents provenance information in an XID document.\n */\nexport class Provenance implements EnvelopeEncodable {\n private _mark: ProvenanceMark;\n private _generator: { data: GeneratorData; salt: Salt } | undefined;\n\n private constructor(mark: ProvenanceMark, generator?: { data: GeneratorData; salt: Salt }) {\n this._mark = mark;\n this._generator = generator;\n }\n\n /**\n * Create a new Provenance with just a mark.\n */\n static new(mark: ProvenanceMark): Provenance {\n return new Provenance(mark);\n }\n\n /**\n * Create a new Provenance with a generator and mark.\n */\n static newWithGenerator(generator: ProvenanceMarkGenerator, mark: ProvenanceMark): Provenance {\n const salt = Salt.random(32);\n return new Provenance(mark, { data: { type: \"decrypted\", generator }, salt });\n }\n\n /**\n * Get the provenance mark.\n */\n mark(): ProvenanceMark {\n return this._mark;\n }\n\n /**\n * Get the generator, if available and decrypted.\n */\n generator(): ProvenanceMarkGenerator | undefined {\n if (this._generator === undefined) return undefined;\n if (this._generator.data.type === \"decrypted\") {\n return this._generator.data.generator;\n }\n return undefined;\n }\n\n /**\n * Check if this provenance has a decrypted generator.\n */\n hasGenerator(): boolean {\n return this._generator?.data.type === \"decrypted\";\n }\n\n /**\n * Check if this provenance has an encrypted generator.\n */\n hasEncryptedGenerator(): boolean {\n return this._generator?.data.type === \"encrypted\";\n }\n\n /**\n * Get the salt used for generator decorrelation.\n */\n generatorSalt(): Salt | undefined {\n return this._generator?.salt;\n }\n\n /**\n * Update the provenance mark.\n */\n setMark(mark: ProvenanceMark): void {\n this._mark = mark;\n }\n\n /**\n * Set or replace the generator.\n */\n setGenerator(generator: ProvenanceMarkGenerator): void {\n const salt = Salt.random(32);\n this._generator = { data: { type: \"decrypted\", generator }, salt };\n }\n\n /**\n * Take and remove the generator.\n */\n takeGenerator(): { data: GeneratorData; salt: Salt } | undefined {\n const gen = this._generator;\n this._generator = undefined;\n return gen;\n }\n\n /**\n * Get a mutable reference to the generator, decrypting if necessary.\n */\n generatorMut(password?: Uint8Array): ProvenanceMarkGenerator | undefined {\n type EnvelopeExt = Envelope & {\n decryptSubject(p: Uint8Array): Envelope;\n tryUnwrap(): Envelope;\n asByteString(): Uint8Array | undefined;\n };\n\n if (this._generator === undefined) return undefined;\n\n if (this._generator.data.type === \"decrypted\") {\n return this._generator.data.generator;\n }\n\n // Try to decrypt\n if (password !== undefined) {\n const encryptedEnvelope = this._generator.data.envelope as EnvelopeExt;\n try {\n const decrypted = encryptedEnvelope.decryptSubject(password) as EnvelopeExt;\n const unwrapped = decrypted.tryUnwrap() as EnvelopeExt;\n // Extract generator from unwrapped envelope\n const generatorData = unwrapped.asByteString();\n if (generatorData !== undefined) {\n const json = decodeCbor(generatorData) as unknown as Record<string, unknown>;\n const generator = ProvenanceMarkGenerator.fromJSON(json);\n // Replace encrypted with decrypted\n this._generator = {\n data: { type: \"decrypted\", generator },\n salt: this._generator.salt,\n };\n return generator;\n }\n } catch {\n throw XIDError.invalidPassword();\n }\n }\n\n throw XIDError.invalidPassword();\n }\n\n /**\n * Convert to envelope with specified options.\n */\n intoEnvelopeOpt(generatorOptions: XIDGeneratorOptionsValue = XIDGeneratorOptions.Omit): Envelope {\n type EnvelopeExt = Envelope & {\n elide(): Envelope;\n wrap(): Envelope;\n encryptSubject(p: Uint8Array): Envelope;\n };\n\n // Create envelope with the mark as subject\n let envelope = Envelope.new(this._mark.toCborData());\n\n // Handle generator\n if (this._generator !== undefined) {\n const { data, salt } = this._generator;\n\n if (data.type === \"encrypted\") {\n // Always preserve encrypted generators\n envelope = envelope.addAssertion(kv(PROVENANCE_GENERATOR), data.envelope);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n } else if (data.type === \"decrypted\") {\n // Handle decrypted generators based on options\n const option =\n typeof generatorOptions === \"object\" ? generatorOptions.type : generatorOptions;\n\n switch (option) {\n case XIDGeneratorOptions.Include: {\n const generatorBytes = cborData(data.generator.toJSON());\n envelope = envelope.addAssertion(kv(PROVENANCE_GENERATOR), generatorBytes);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n break;\n }\n case XIDGeneratorOptions.Elide: {\n const generatorBytes2 = cborData(data.generator.toJSON());\n const baseAssertion = Envelope.newAssertion(kv(PROVENANCE_GENERATOR), generatorBytes2);\n const elidedAssertion = (baseAssertion as EnvelopeExt).elide();\n envelope = envelope.addAssertionEnvelope(elidedAssertion);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n break;\n }\n case XIDGeneratorOptions.Encrypt: {\n if (typeof generatorOptions === \"object\") {\n const generatorBytes3 = cborData(data.generator.toJSON());\n const generatorEnvelope = Envelope.new(generatorBytes3) as EnvelopeExt;\n const wrapped = generatorEnvelope.wrap() as EnvelopeExt;\n const encrypted = wrapped.encryptSubject(generatorOptions.password);\n envelope = envelope.addAssertion(kv(PROVENANCE_GENERATOR), encrypted);\n envelope = envelope.addAssertion(kv(SALT), salt.toData());\n }\n break;\n }\n case XIDGeneratorOptions.Omit:\n default:\n // Do nothing - omit generator\n break;\n }\n }\n }\n\n return envelope;\n }\n\n // EnvelopeEncodable implementation\n intoEnvelope(): Envelope {\n return this.intoEnvelopeOpt(XIDGeneratorOptions.Omit);\n }\n\n /**\n * Try to extract a Provenance from an envelope, optionally with password for decryption.\n */\n static tryFromEnvelope(envelope: Envelope, password?: Uint8Array): Provenance {\n type EnvelopeExt = Envelope & {\n asByteString(): Uint8Array | undefined;\n assertionsWithPredicate(p: unknown): Envelope[];\n decryptSubject(p: Uint8Array): Envelope;\n tryUnwrap(): Envelope;\n };\n const env = envelope as EnvelopeExt;\n\n // Extract mark from subject\n // The envelope may be a node (with assertions) or a leaf\n const envCase = env.case();\n const subject =\n envCase.type === \"node\" ? (env as unknown as { subject(): Envelope }).subject() : envelope;\n const markData = (subject as EnvelopeExt).asByteString();\n if (markData === undefined) {\n throw XIDError.provenanceMark(new Error(\"Could not extract mark from envelope\"));\n }\n const mark = ProvenanceMark.fromCborData(markData);\n\n // Extract optional generator\n let generator: { data: GeneratorData; salt: Salt } | undefined;\n\n // Extract salt from top level (if present)\n let salt: Salt = Salt.random(32);\n const saltAssertions = env.assertionsWithPredicate(SALT);\n if (saltAssertions.length > 0) {\n const saltAssertion = saltAssertions[0];\n const saltCase = saltAssertion.case();\n if (saltCase.type === \"assertion\") {\n const saltObj = saltCase.assertion.object() as EnvelopeExt;\n const saltData = saltObj.asByteString();\n if (saltData !== undefined) {\n salt = Salt.from(saltData);\n }\n }\n }\n\n const generatorAssertions = env.assertionsWithPredicate(PROVENANCE_GENERATOR);\n if (generatorAssertions.length > 0) {\n const generatorAssertion = generatorAssertions[0] as EnvelopeExt;\n const assertionCase = generatorAssertion.case();\n\n if (assertionCase.type === \"assertion\") {\n const generatorObject = assertionCase.assertion.object() as EnvelopeExt;\n\n // Check if encrypted\n const objCase = generatorObject.case();\n if (objCase.type === \"encrypted\") {\n if (password !== undefined) {\n try {\n const decrypted = generatorObject.decryptSubject(password) as EnvelopeExt;\n const unwrapped = decrypted.tryUnwrap() as EnvelopeExt;\n const generatorData = unwrapped.asByteString();\n if (generatorData !== undefined) {\n const json = decodeCbor(generatorData) as unknown as Record<string, unknown>;\n const gen = ProvenanceMarkGenerator.fromJSON(json);\n generator = {\n data: { type: \"decrypted\", generator: gen },\n salt,\n };\n }\n } catch {\n // Wrong password - store as encrypted\n generator = {\n data: { type: \"encrypted\", envelope: generatorObject },\n salt,\n };\n }\n } else {\n // No password - store as encrypted\n generator = {\n data: { type: \"encrypted\", envelope: generatorObject },\n salt,\n };\n }\n } else {\n // Plain text generator\n const generatorData = generatorObject.asByteString();\n if (generatorData !== undefined) {\n const json2 = decodeCbor(generatorData) as unknown as Record<string, unknown>;\n const gen = ProvenanceMarkGenerator.fromJSON(json2);\n generator = {\n data: { type: \"decrypted\", generator: gen },\n salt,\n };\n }\n }\n }\n }\n\n return new Provenance(mark, generator);\n }\n\n /**\n * Check equality with another Provenance.\n */\n equals(other: Provenance): boolean {\n return this._mark.equals(other._mark);\n }\n\n /**\n * Clone this Provenance.\n * Note: ProvenanceMark is immutable so we can use the same instance.\n */\n clone(): Provenance {\n return new Provenance(\n this._mark,\n this._generator !== undefined\n ? { data: this._generator.data, salt: this._generator.salt }\n : undefined,\n );\n }\n}\n","/**\n * XID Document\n *\n * Represents an XID document containing keys, delegates, services, and provenance.\n *\n * Ported from bc-xid-rust/src/xid_document.rs\n */\n\nimport {\n Envelope,\n PrivateKeyBase,\n type PublicKeyBase,\n type EnvelopeEncodable,\n type Signer,\n type EnvelopeEncodableValue,\n} from \"@bcts/envelope\";\nimport {\n KEY,\n DELEGATE,\n SERVICE,\n PROVENANCE,\n DEREFERENCE_VIA,\n type KnownValue,\n} from \"@bcts/known-values\";\n\n// Helper to convert KnownValue to EnvelopeEncodableValue\nconst kv = (v: KnownValue): EnvelopeEncodableValue => v as unknown as EnvelopeEncodableValue;\nimport { Reference, XID } from \"@bcts/components\";\nimport {\n type ProvenanceMark,\n ProvenanceMarkGenerator,\n ProvenanceMarkResolution,\n} from \"@bcts/provenance-mark\";\nimport { type Cbor } from \"@bcts/dcbor\";\n\nimport { Key, XIDPrivateKeyOptions, type XIDPrivateKeyOptionsValue } from \"./key\";\nimport { Delegate, registerXIDDocumentClass } from \"./delegate\";\nimport { Service } from \"./service\";\nimport { Provenance, XIDGeneratorOptions, type XIDGeneratorOptionsValue } from \"./provenance\";\nimport { XIDError } from \"./error\";\n\n// Raw values for predicate matching\nconst KEY_RAW = KEY.value();\nconst DELEGATE_RAW = DELEGATE.value();\nconst SERVICE_RAW = SERVICE.value();\nconst PROVENANCE_RAW = PROVENANCE.value();\nconst DEREFERENCE_VIA_RAW = DEREFERENCE_VIA.value();\n\n/**\n * Options for creating the inception key.\n */\nexport type XIDInceptionKeyOptions =\n | { type: \"default\" }\n | { type: \"publicKeyBase\"; publicKeyBase: PublicKeyBase }\n | { type: \"privateKeyBase\"; privateKeyBase: PrivateKeyBase };\n\n/**\n * Options for creating the genesis mark.\n */\nexport type XIDGenesisMarkOptions =\n | { type: \"none\" }\n | {\n type: \"passphrase\";\n passphrase: string;\n resolution?: ProvenanceMarkResolution;\n date?: Date;\n info?: Cbor;\n }\n | {\n type: \"seed\";\n seed: Uint8Array;\n resolution?: ProvenanceMarkResolution;\n date?: Date;\n info?: Cbor;\n };\n\n/**\n * Options for signing an envelope.\n */\nexport type XIDSigningOptions =\n | { type: \"none\" }\n | { type: \"inception\" }\n | { type: \"privateKeyBase\"; privateKeyBase: PrivateKeyBase };\n\n/**\n * Options for verifying the signature on an envelope when loading.\n */\nexport enum XIDVerifySignature {\n /** Do not verify the signature (default). */\n None = \"None\",\n /** Verify that the envelope is signed with the inception key. */\n Inception = \"Inception\",\n}\n\n// Map to store keys by their hash for efficient lookup\ntype KeyMap = Map<string, Key>;\ntype DelegateMap = Map<string, Delegate>;\ntype ServiceMap = Map<string, Service>;\n\n/**\n * Represents an XID document.\n */\nexport class XIDDocument implements EnvelopeEncodable {\n private readonly _xid: XID;\n private readonly _resolutionMethods: Set<string>;\n private readonly _keys: KeyMap;\n private readonly _delegates: DelegateMap;\n private readonly _services: ServiceMap;\n private _provenance: Provenance | undefined;\n\n private constructor(\n xid: XID,\n resolutionMethods = new Set<string>(),\n keys: KeyMap = new Map(),\n delegates: DelegateMap = new Map(),\n services: ServiceMap = new Map(),\n provenance?: Provenance,\n ) {\n this._xid = xid;\n this._resolutionMethods = resolutionMethods;\n this._keys = keys;\n this._delegates = delegates;\n this._services = services;\n this._provenance = provenance;\n }\n\n /**\n * Create a new XIDDocument with the given options.\n */\n static new(\n keyOptions: XIDInceptionKeyOptions = { type: \"default\" },\n markOptions: XIDGenesisMarkOptions = { type: \"none\" },\n ): XIDDocument {\n const inceptionKey = XIDDocument.inceptionKeyForOptions(keyOptions);\n const provenance = XIDDocument.genesisMarkWithOptions(markOptions);\n\n const xid = XID.from(hashPublicKey(inceptionKey.publicKeyBase()));\n const doc = new XIDDocument(xid, new Set(), new Map(), new Map(), new Map(), provenance);\n\n doc.addKey(inceptionKey);\n return doc;\n }\n\n private static inceptionKeyForOptions(options: XIDInceptionKeyOptions): Key {\n switch (options.type) {\n case \"default\": {\n const privateKeyBase = PrivateKeyBase.generate();\n return Key.newWithPrivateKeyBase(privateKeyBase);\n }\n case \"publicKeyBase\":\n return Key.newAllowAll(options.publicKeyBase);\n case \"privateKeyBase\":\n return Key.newWithPrivateKeyBase(options.privateKeyBase);\n }\n }\n\n private static genesisMarkWithOptions(options: XIDGenesisMarkOptions): Provenance | undefined {\n switch (options.type) {\n case \"none\":\n return undefined;\n case \"passphrase\": {\n const resolution = options.resolution ?? ProvenanceMarkResolution.High;\n const generator = ProvenanceMarkGenerator.newWithPassphrase(resolution, options.passphrase);\n const date = options.date ?? new Date();\n const mark = generator.next(date, options.info);\n return Provenance.newWithGenerator(generator, mark);\n }\n case \"seed\": {\n const resolution = options.resolution ?? ProvenanceMarkResolution.High;\n const generator = ProvenanceMarkGenerator.newUsing(resolution, options.seed);\n const date = options.date ?? new Date();\n const mark = generator.next(date, options.info);\n return Provenance.newWithGenerator(generator, mark);\n }\n }\n }\n\n /**\n * Create an XIDDocument from just an XID.\n */\n static fromXid(xid: XID): XIDDocument {\n return new XIDDocument(xid);\n }\n\n /**\n * Get the XID.\n */\n xid(): XID {\n return this._xid;\n }\n\n /**\n * Get the resolution methods.\n */\n resolutionMethods(): Set<string> {\n return this._resolutionMethods;\n }\n\n /**\n * Add a resolution method.\n */\n addResolutionMethod(method: string): void {\n this._resolutionMethods.add(method);\n }\n\n /**\n * Remove a resolution method.\n */\n removeResolutionMethod(method: string): boolean {\n return this._resolutionMethods.delete(method);\n }\n\n /**\n * Get all keys.\n */\n keys(): Key[] {\n return Array.from(this._keys.values());\n }\n\n /**\n * Add a key.\n */\n addKey(key: Key): void {\n const hashKey = key.hashKey();\n if (this._keys.has(hashKey)) {\n throw XIDError.duplicate(\"key\");\n }\n this._keys.set(hashKey, key);\n }\n\n /**\n * Find a key by its public key base.\n */\n findKeyByPublicKeyBase(publicKeyBase: PublicKeyBase): Key | undefined {\n const hashKey = publicKeyBase.hex();\n return this._keys.get(hashKey);\n }\n\n /**\n * Find a key by its reference.\n */\n findKeyByReference(reference: Reference): Key | undefined {\n for (const key of this._keys.values()) {\n if (key.reference().equals(reference)) {\n return key;\n }\n }\n return undefined;\n }\n\n /**\n * Take and remove a key.\n */\n takeKey(publicKeyBase: PublicKeyBase): Key | undefined {\n const hashKey = publicKeyBase.hex();\n const key = this._keys.get(hashKey);\n if (key !== undefined) {\n this._keys.delete(hashKey);\n }\n return key;\n }\n\n /**\n * Remove a key.\n */\n removeKey(publicKeyBase: PublicKeyBase): void {\n if (this.servicesReferenceKey(publicKeyBase)) {\n throw XIDError.stillReferenced(\"key\");\n }\n const hashKey = publicKeyBase.hex();\n if (!this._keys.delete(hashKey)) {\n throw XIDError.notFound(\"key\");\n }\n }\n\n /**\n * Check if the given public key is the inception signing key.\n */\n isInceptionKey(publicKeyBase: PublicKeyBase): boolean {\n const xidData = hashPublicKey(publicKeyBase);\n return bytesEqual(xidData, this._xid.toData());\n }\n\n /**\n * Get the inception key, if it exists in the document.\n */\n inceptionKey(): Key | undefined {\n for (const key of this._keys.values()) {\n if (this.isInceptionKey(key.publicKeyBase())) {\n return key;\n }\n }\n return undefined;\n }\n\n /**\n * Get the inception private key base, if available.\n */\n inceptionPrivateKeyBase(): PrivateKeyBase | undefined {\n return this.inceptionKey()?.privateKeyBase();\n }\n\n /**\n * Remove the inception key from the document.\n */\n removeInceptionKey(): Key | undefined {\n const inceptionKey = this.inceptionKey();\n if (inceptionKey !== undefined) {\n this._keys.delete(inceptionKey.hashKey());\n }\n return inceptionKey;\n }\n\n /**\n * Check if the document is empty (no keys, delegates, services, or provenance).\n */\n isEmpty(): boolean {\n return (\n this._resolutionMethods.size === 0 &&\n this._keys.size === 0 &&\n this._delegates.size === 0 &&\n this._provenance === undefined\n );\n }\n\n /**\n * Get all delegates.\n */\n delegates(): Delegate[] {\n return Array.from(this._delegates.values());\n }\n\n /**\n * Add a delegate.\n */\n addDelegate(delegate: Delegate): void {\n const hashKey = delegate.hashKey();\n if (this._delegates.has(hashKey)) {\n throw XIDError.duplicate(\"delegate\");\n }\n this._delegates.set(hashKey, delegate);\n }\n\n /**\n * Find a delegate by XID.\n */\n findDelegateByXid(xid: XID): Delegate | undefined {\n return this._delegates.get(xid.toHex());\n }\n\n /**\n * Find a delegate by reference.\n */\n findDelegateByReference(reference: Reference): Delegate | undefined {\n for (const delegate of this._delegates.values()) {\n if (delegate.reference().equals(reference)) {\n return delegate;\n }\n }\n return undefined;\n }\n\n /**\n * Take and remove a delegate.\n */\n takeDelegate(xid: XID): Delegate | undefined {\n const hashKey = xid.toHex();\n const delegate = this._delegates.get(hashKey);\n if (delegate !== undefined) {\n this._delegates.delete(hashKey);\n }\n return delegate;\n }\n\n /**\n * Remove a delegate.\n */\n removeDelegate(xid: XID): void {\n if (this.servicesReferenceDelegate(xid)) {\n throw XIDError.stillReferenced(\"delegate\");\n }\n const hashKey = xid.toHex();\n if (!this._delegates.delete(hashKey)) {\n throw XIDError.notFound(\"delegate\");\n }\n }\n\n /**\n * Get all services.\n */\n services(): Service[] {\n return Array.from(this._services.values());\n }\n\n /**\n * Find a service by URI.\n */\n findServiceByUri(uri: string): Service | undefined {\n return this._services.get(uri);\n }\n\n /**\n * Add a service.\n */\n addService(service: Service): void {\n const hashKey = service.hashKey();\n if (this._services.has(hashKey)) {\n throw XIDError.duplicate(\"service\");\n }\n this._services.set(hashKey, service);\n }\n\n /**\n * Take and remove a service.\n */\n takeService(uri: string): Service | undefined {\n const service = this._services.get(uri);\n if (service !== undefined) {\n this._services.delete(uri);\n }\n return service;\n }\n\n /**\n * Remove a service.\n */\n removeService(uri: string): void {\n if (!this._services.delete(uri)) {\n throw XIDError.notFound(\"service\");\n }\n }\n\n /**\n * Check service consistency.\n */\n checkServicesConsistency(): void {\n for (const service of this._services.values()) {\n this.checkServiceConsistency(service);\n }\n }\n\n /**\n * Check consistency of a single service.\n */\n checkServiceConsistency(service: Service): void {\n if (service.keyReferences().size === 0 && service.delegateReferences().size === 0) {\n throw XIDError.noReferences(service.uri());\n }\n\n for (const keyRef of service.keyReferences()) {\n const refBytes = hexToBytes(keyRef);\n const ref = Reference.hash(refBytes);\n if (this.findKeyByReference(ref) === undefined) {\n throw XIDError.unknownKeyReference(keyRef, service.uri());\n }\n }\n\n for (const delegateRef of service.delegateReferences()) {\n const refBytes = hexToBytes(delegateRef);\n const ref = Reference.hash(refBytes);\n if (this.findDelegateByReference(ref) === undefined) {\n throw XIDError.unknownDelegateReference(delegateRef, service.uri());\n }\n }\n\n if (service.permissions().allow.size === 0) {\n throw XIDError.noPermissions(service.uri());\n }\n }\n\n /**\n * Check if any service references the given key.\n */\n servicesReferenceKey(publicKeyBase: PublicKeyBase): boolean {\n const keyRef = Reference.hash(publicKeyBase.data()).toHex();\n for (const service of this._services.values()) {\n if (service.keyReferences().has(keyRef)) {\n return true;\n }\n }\n return false;\n }\n\n /**\n * Check if any service references the given delegate.\n */\n servicesReferenceDelegate(xid: XID): boolean {\n const delegateRef = Reference.hash(xid.toData()).toHex();\n for (const service of this._services.values()) {\n if (service.delegateReferences().has(delegateRef)) {\n return true;\n }\n }\n return false;\n }\n\n /**\n * Get the provenance mark.\n */\n provenance(): ProvenanceMark | undefined {\n return this._provenance?.mark();\n }\n\n /**\n * Get the provenance generator.\n */\n provenanceGenerator(): ProvenanceMarkGenerator | undefined {\n return this._provenance?.generator();\n }\n\n /**\n * Set the provenance.\n */\n setProvenance(provenance: ProvenanceMark | undefined): void {\n this._provenance = provenance !== undefined ? Provenance.new(provenance) : undefined;\n }\n\n /**\n * Set provenance with generator.\n */\n setProvenanceWithGenerator(generator: ProvenanceMarkGenerator, mark: ProvenanceMark): void {\n this._provenance = Provenance.newWithGenerator(generator, mark);\n }\n\n /**\n * Advance the provenance mark using the embedded generator.\n */\n nextProvenanceMarkWithEmbeddedGenerator(password?: Uint8Array, date?: Date, info?: Cbor): void {\n if (this._provenance === undefined) {\n throw XIDError.noProvenanceMark();\n }\n\n const currentMark = this._provenance.mark();\n const generator = this._provenance.generatorMut(password);\n if (generator === undefined) {\n throw XIDError.noGenerator();\n }\n\n // Validate chain ID matches\n if (!bytesEqual(generator.chainId(), currentMark.chainId())) {\n throw XIDError.chainIdMismatch(currentMark.chainId(), generator.chainId());\n }\n\n // Validate sequence number\n const expectedSeq = currentMark.seq() + 1;\n if (generator.nextSeq() !== expectedSeq) {\n throw XIDError.sequenceMismatch(expectedSeq, generator.nextSeq());\n }\n\n // Generate next mark\n const nextDate = date ?? new Date();\n const nextMark = generator.next(nextDate, info);\n this._provenance.setMark(nextMark);\n }\n\n /**\n * Advance the provenance mark using a provided generator.\n */\n nextProvenanceMarkWithProvidedGenerator(\n generator: ProvenanceMarkGenerator,\n date?: Date,\n info?: Cbor,\n ): void {\n if (this._provenance === undefined) {\n throw XIDError.noProvenanceMark();\n }\n\n // Check that document doesn't have embedded generator\n if (this._provenance.hasGenerator() || this._provenance.hasEncryptedGenerator()) {\n throw XIDError.generatorConflict();\n }\n\n const currentMark = this._provenance.mark();\n\n // Validate chain ID matches\n if (!bytesEqual(generator.chainId(), currentMark.chainId())) {\n throw XIDError.chainIdMismatch(currentMark.chainId(), generator.chainId());\n }\n\n // Validate sequence number\n const expectedSeq = currentMark.seq() + 1;\n if (generator.nextSeq() !== expectedSeq) {\n throw XIDError.sequenceMismatch(expectedSeq, generator.nextSeq());\n }\n\n // Generate next mark\n const nextDate = date ?? new Date();\n const nextMark = generator.next(nextDate, info);\n this._provenance.setMark(nextMark);\n }\n\n /**\n * Convert to envelope with options.\n */\n toEnvelope(\n privateKeyOptions: XIDPrivateKeyOptionsValue = XIDPrivateKeyOptions.Omit,\n generatorOptions: XIDGeneratorOptionsValue = XIDGeneratorOptions.Omit,\n signingOptions: XIDSigningOptions = { type: \"none\" },\n ): Envelope {\n let envelope = Envelope.new(this._xid.toData());\n\n // Add resolution methods\n for (const method of this._resolutionMethods) {\n envelope = envelope.addAssertion(kv(DEREFERENCE_VIA), method);\n }\n\n // Add keys\n for (const key of this._keys.values()) {\n envelope = envelope.addAssertion(kv(KEY), key.intoEnvelopeOpt(privateKeyOptions));\n }\n\n // Add delegates\n for (const delegate of this._delegates.values()) {\n envelope = envelope.addAssertion(kv(DELEGATE), delegate.intoEnvelope());\n }\n\n // Add services\n for (const service of this._services.values()) {\n envelope = envelope.addAssertion(kv(SERVICE), service.intoEnvelope());\n }\n\n // Add provenance\n if (this._provenance !== undefined) {\n envelope = envelope.addAssertion(\n kv(PROVENANCE),\n this._provenance.intoEnvelopeOpt(generatorOptions),\n );\n }\n\n // Apply signing\n switch (signingOptions.type) {\n case \"inception\": {\n const inceptionKey = this.inceptionKey();\n if (inceptionKey === undefined) {\n throw XIDError.missingInceptionKey();\n }\n const privateKeyBase = inceptionKey.privateKeyBase();\n if (privateKeyBase === undefined) {\n throw XIDError.missingInceptionKey();\n }\n envelope = (envelope as unknown as { addSignature(s: Signer): Envelope }).addSignature(\n privateKeyBase as unknown as Signer,\n );\n break;\n }\n case \"privateKeyBase\":\n envelope = (envelope as unknown as { addSignature(s: Signer): Envelope }).addSignature(\n signingOptions.privateKeyBase as unknown as Signer,\n );\n break;\n case \"none\":\n default:\n break;\n }\n\n return envelope;\n }\n\n // EnvelopeEncodable implementation\n intoEnvelope(): Envelope {\n return this.toEnvelope();\n }\n\n /**\n * Extract an XIDDocument from an envelope.\n */\n static fromEnvelope(\n envelope: Envelope,\n password?: Uint8Array,\n verifySignature: XIDVerifySignature = XIDVerifySignature.None,\n ): XIDDocument {\n const envelopeExt = envelope as unknown as {\n subject(): Envelope & { isWrapped(): boolean; tryUnwrap(): Envelope };\n tryUnwrap(): Envelope;\n hasSignatureFrom(verifier: unknown): boolean;\n };\n switch (verifySignature) {\n case XIDVerifySignature.None: {\n const subject = envelopeExt.subject();\n const envelopeToParse = subject.isWrapped() ? subject.tryUnwrap() : envelope;\n return XIDDocument.fromEnvelopeInner(envelopeToParse, password);\n }\n case XIDVerifySignature.Inception: {\n if (!envelopeExt.subject().isWrapped()) {\n throw XIDError.envelopeNotSigned();\n }\n\n const unwrapped = envelopeExt.tryUnwrap();\n const doc = XIDDocument.fromEnvelopeInner(unwrapped, password);\n\n const inceptionKey = doc.inceptionKey();\n if (inceptionKey === undefined) {\n throw XIDError.missingInceptionKey();\n }\n\n // Verify signature\n if (!envelopeExt.hasSignatureFrom(inceptionKey.publicKeyBase() as unknown as Verifier)) {\n throw XIDError.signatureVerificationFailed();\n }\n\n // Verify XID matches inception key\n if (!doc.isInceptionKey(inceptionKey.publicKeyBase())) {\n throw XIDError.invalidXid();\n }\n\n return doc;\n }\n }\n }\n\n private static fromEnvelopeInner(envelope: Envelope, password?: Uint8Array): XIDDocument {\n const envelopeExt = envelope as unknown as {\n asByteString(): Uint8Array | undefined;\n subject(): Envelope;\n assertions(): Envelope[];\n };\n\n // Extract XID from subject\n // The envelope may be a node (with assertions) or a leaf\n const envCase = envelope.case();\n const subject = envCase.type === \"node\" ? envelopeExt.subject() : envelope;\n const xidData = (\n subject as unknown as { asByteString(): Uint8Array | undefined }\n ).asByteString();\n if (xidData === undefined) {\n throw XIDError.invalidXid();\n }\n const xid = XID.from(xidData);\n const doc = XIDDocument.fromXid(xid);\n\n // Process assertions\n for (const assertion of envelopeExt.assertions()) {\n const assertionCase = assertion.case();\n if (assertionCase.type !== \"assertion\") {\n continue;\n }\n\n const predicateEnv = assertionCase.assertion.predicate();\n const predicateCase = predicateEnv.case();\n if (predicateCase.type !== \"knownValue\") {\n continue;\n }\n\n const predicate = predicateCase.value.value();\n const object = assertionCase.assertion.object();\n\n switch (predicate) {\n case DEREFERENCE_VIA_RAW: {\n const method = (object as unknown as { asText(): string | undefined }).asText();\n if (method === undefined) {\n throw XIDError.invalidResolutionMethod();\n }\n doc.addResolutionMethod(method);\n break;\n }\n case KEY_RAW: {\n const key = Key.tryFromEnvelope(object, password);\n doc.addKey(key);\n break;\n }\n case DELEGATE_RAW: {\n const delegate = Delegate.tryFromEnvelope(object);\n doc.addDelegate(delegate);\n break;\n }\n case SERVICE_RAW: {\n const service = Service.tryFromEnvelope(object);\n doc.addService(service);\n break;\n }\n case PROVENANCE_RAW: {\n if (doc._provenance !== undefined) {\n throw XIDError.multipleProvenanceMarks();\n }\n doc._provenance = Provenance.tryFromEnvelope(object, password);\n break;\n }\n default:\n throw XIDError.unexpectedPredicate(String(predicate));\n }\n }\n\n doc.checkServicesConsistency();\n return doc;\n }\n\n /**\n * Create a signed envelope.\n */\n toSignedEnvelope(signingKey: Signer): Envelope {\n const envelope = this.toEnvelope(XIDPrivateKeyOptions.Omit, XIDGeneratorOptions.Omit, {\n type: \"none\",\n });\n return (envelope as unknown as { addSignature(s: Signer): Envelope }).addSignature(signingKey);\n }\n\n /**\n * Get the reference for this document.\n */\n reference(): Reference {\n return Reference.hash(this._xid.toData());\n }\n\n /**\n * Check equality with another XIDDocument.\n */\n equals(other: XIDDocument): boolean {\n return this._xid.equals(other._xid);\n }\n\n /**\n * Clone this XIDDocument.\n */\n clone(): XIDDocument {\n const doc = new XIDDocument(\n this._xid,\n new Set(this._resolutionMethods),\n new Map(Array.from(this._keys.entries()).map(([k, v]) => [k, v.clone()])),\n new Map(Array.from(this._delegates.entries()).map(([k, v]) => [k, v.clone()])),\n new Map(Array.from(this._services.entries()).map(([k, v]) => [k, v.clone()])),\n this._provenance?.clone(),\n );\n return doc;\n }\n\n /**\n * Try to extract from envelope (alias for fromEnvelope with default options).\n */\n static tryFromEnvelope(envelope: Envelope): XIDDocument {\n return XIDDocument.fromEnvelope(envelope, undefined, XIDVerifySignature.None);\n }\n}\n\n// Register XIDDocument class with Delegate to resolve circular dependency\nregisterXIDDocumentClass(XIDDocument);\n\n// Helper interface for Verifier\ninterface Verifier {\n verify(data: Uint8Array, signature: { data(): Uint8Array }): boolean;\n}\n\n// Helper functions\nfunction hexToBytes(hex: string): Uint8Array {\n const bytes = new Uint8Array(hex.length / 2);\n for (let i = 0; i < hex.length; i += 2) {\n bytes[i / 2] = parseInt(hex.substring(i, i + 2), 16);\n }\n return bytes;\n}\n\nfunction bytesEqual(a: Uint8Array, b: Uint8Array): boolean {\n if (a.length !== b.length) return false;\n for (let i = 0; i < a.length; i++) {\n if (a[i] !== b[i]) return false;\n }\n return true;\n}\n\nfunction hashPublicKey(publicKeyBase: PublicKeyBase): Uint8Array {\n // SHA-256 hash of public key to get XID\n return Reference.hash(publicKeyBase.data()).getDigest().toData();\n}\n","/**\n * @bcts/xid - XID Document Library\n *\n * TypeScript implementation of Blockchain Commons' XID specification\n * for eXtensible IDentifiers and XID Documents.\n *\n * Ported from bc-xid-rust\n */\n\n// Error handling\nexport { XIDError, XIDErrorCode, type XIDResult } from \"./error\";\n\n// Privilege system\nexport {\n Privilege,\n privilegeToKnownValue,\n privilegeFromKnownValue,\n privilegeToEnvelope,\n privilegeFromEnvelope,\n} from \"./privilege\";\n\n// Permissions\nexport { Permissions, type HasPermissions, HasPermissionsMixin } from \"./permissions\";\n\n// Name/Nickname\nexport { type HasNickname, HasNicknameMixin } from \"./name\";\n\n// Shared reference wrapper\nexport { Shared } from \"./shared\";\n\n// Key types\nexport {\n Key,\n XIDPrivateKeyOptions,\n type XIDPrivateKeyEncryptConfig,\n type XIDPrivateKeyOptionsValue,\n type PrivateKeyData,\n} from \"./key\";\n\n// Service\nexport { Service } from \"./service\";\n\n// Delegate\nexport { Delegate, registerXIDDocumentClass, type XIDDocumentType } from \"./delegate\";\n\n// Provenance\nexport {\n Provenance,\n XIDGeneratorOptions,\n type XIDGeneratorEncryptConfig,\n type XIDGeneratorOptionsValue,\n type GeneratorData,\n} from \"./provenance\";\n\n// XID Document (main export)\nexport {\n XIDDocument,\n type XIDInceptionKeyOptions,\n type XIDGenesisMarkOptions,\n type XIDSigningOptions,\n XIDVerifySignature,\n} from \"./xid-document\";\n\n// Version information\nexport const VERSION = \"1.0.0-alpha.3\";\n"],"mappings":";;;;;;;;;;;;;AAOA,IAAY,wDAAL;AACL;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAGF,IAAa,WAAb,MAAa,iBAAiB,MAAM;CAClC,AAAS;CAGT,YAAY,MAAoB,SAAiB,OAAe;AAC9D,QAAM,QAAQ;AACd,OAAK,OAAO;AACZ,OAAK,OAAO;AACZ,MAAI,UAAU,OACZ,MAAK,QAAQ;AAIf,MAAI,uBAAuB,MACzB,CACE,MAGA,kBAAkB,MAAM,SAAS;;;;;CAOvC,OAAO,UAAU,MAAwB;AACvC,SAAO,IAAI,SAAS,aAAa,WAAW,mBAAmB,OAAO;;;;;CAMxE,OAAO,SAAS,MAAwB;AACtC,SAAO,IAAI,SAAS,aAAa,WAAW,mBAAmB,OAAO;;;;;CAMxE,OAAO,gBAAgB,MAAwB;AAC7C,SAAO,IAAI,SAAS,aAAa,kBAAkB,6BAA6B,OAAO;;;;;CAMzF,OAAO,WAAW,OAAyB;AACzC,SAAO,IAAI,SAAS,aAAa,aAAa,2BAA2B,QAAQ;;;;;CAMnF,OAAO,mBAA6B;AAClC,SAAO,IAAI,SAAS,aAAa,mBAAmB,oBAAoB;;;;;CAM1E,OAAO,aAAuB;AAC5B,SAAO,IAAI,SAAS,aAAa,aAAa,cAAc;;;;;CAM9D,OAAO,sBAAgC;AACrC,SAAO,IAAI,SAAS,aAAa,uBAAuB,wBAAwB;;;;;CAMlF,OAAO,0BAAoC;AACzC,SAAO,IAAI,SAAS,aAAa,2BAA2B,4BAA4B;;;;;CAM1F,OAAO,0BAAoC;AACzC,SAAO,IAAI,SAAS,aAAa,2BAA2B,4BAA4B;;;;;CAM1F,OAAO,oBAAoB,WAA6B;AACtD,SAAO,IAAI,SAAS,aAAa,sBAAsB,yBAAyB,YAAY;;;;;CAM9F,OAAO,6BAAuC;AAC5C,SAAO,IAAI,SAAS,aAAa,8BAA8B,+BAA+B;;;;;CAMhG,OAAO,cAAc,KAAuB;AAC1C,SAAO,IAAI,SAAS,aAAa,gBAAgB,8BAA8B,IAAI,GAAG;;;;;CAMxF,OAAO,aAAa,KAAuB;AACzC,SAAO,IAAI,SACT,aAAa,eACb,6CAA6C,IAAI,GAClD;;;;;CAMH,OAAO,oBAAoB,WAAmB,KAAuB;AACnE,SAAO,IAAI,SACT,aAAa,uBACb,yBAAyB,UAAU,eAAe,IAAI,GACvD;;;;;CAMH,OAAO,yBAAyB,WAAmB,KAAuB;AACxE,SAAO,IAAI,SACT,aAAa,4BACb,8BAA8B,UAAU,eAAe,IAAI,GAC5D;;;;;CAMH,OAAO,sBAAsB,KAAuB;AAClD,SAAO,IAAI,SACT,aAAa,2BACb,kCAAkC,MACnC;;;;;CAMH,OAAO,2BAA2B,UAA4B;AAC5D,SAAO,IAAI,SACT,aAAa,gCACb,uCAAuC,WACxC;;;;;CAMH,OAAO,kBAA4B;AACjC,SAAO,IAAI,SAAS,aAAa,kBAAkB,mBAAmB;;;;;CAMxE,OAAO,oBAA8B;AACnC,SAAO,IAAI,SAAS,aAAa,qBAAqB,yBAAyB;;;;;CAMjF,OAAO,8BAAwC;AAC7C,SAAO,IAAI,SACT,aAAa,+BACb,gCACD;;;;;CAMH,OAAO,mBAA6B;AAClC,SAAO,IAAI,SAAS,aAAa,oBAAoB,gCAAgC;;;;;CAMvF,OAAO,oBAA8B;AACnC,SAAO,IAAI,SACT,aAAa,oBACb,oEACD;;;;;CAMH,OAAO,cAAwB;AAC7B,SAAO,IAAI,SACT,aAAa,cACb,oEACD;;;;;CAMH,OAAO,gBAAgB,UAAsB,QAA8B;EACzE,MAAM,cAAc,MAAM,KAAK,SAAS,CACrC,KAAK,MAAM,EAAE,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAC3C,KAAK,GAAG;EACX,MAAM,YAAY,MAAM,KAAK,OAAO,CACjC,KAAK,MAAM,EAAE,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAC3C,KAAK,GAAG;AACX,SAAO,IAAI,SACT,aAAa,mBACb,yCAAyC,YAAY,QAAQ,YAC9D;;;;;CAMH,OAAO,iBAAiB,UAAkB,QAA0B;AAClE,SAAO,IAAI,SACT,aAAa,mBACb,yCAAyC,SAAS,QAAQ,SAC3D;;;;;CAMH,OAAO,gBAAgB,OAAyB;AAC9C,SAAO,IAAI,SAAS,aAAa,kBAAkB,0BAA0B,MAAM;;;;;CAMrF,OAAO,UAAU,OAAyB;AACxC,SAAO,IAAI,SAAS,aAAa,WAAW,mBAAmB,MAAM;;;;;CAMvE,OAAO,KAAK,OAAyB;AACnC,SAAO,IAAI,SAAS,aAAa,MAAM,cAAc,MAAM;;;;;CAM7D,OAAO,eAAe,OAAyB;AAC7C,SAAO,IAAI,SAAS,aAAa,iBAAiB,yBAAyB,MAAM;;;;;;;;;;;;;;;;;ACzQrF,IAAY,kDAAL;;AAGL;;AAEA;;AAEA;;AAEA;;AAEA;;AAEA;;AAEA;;AAIA;;AAEA;;AAEA;;AAEA;;AAEA;;AAEA;;AAEA;;;;;;AAMF,SAAgB,sBAAsB,WAAkC;AACtE,SAAQ,WAAR;EACE,KAAK,UAAU,IACb,QAAO;EACT,KAAK,UAAU,KACb,QAAO;EACT,KAAK,UAAU,KACb,QAAO;EACT,KAAK,UAAU,QACb,QAAO;EACT,KAAK,UAAU,MACb,QAAO;EACT,KAAK,UAAU,MACb,QAAO;EACT,KAAK,UAAU,OACb,QAAO;EACT,KAAK,UAAU,SACb,QAAO;EACT,KAAK,UAAU,OACb,QAAO;EACT,KAAK,UAAU,OACb,QAAO;EACT,KAAK,UAAU,SACb,QAAO;EACT,KAAK,UAAU,MACb,QAAO;EACT,KAAK,UAAU,KACb,QAAO;EACT,KAAK,UAAU,OACb,QAAO;EACT,QACE,OAAM,SAAS,kBAAkB;;;;;;AAOvC,SAAgB,wBAAwB,YAAmC;AAEzE,SADc,WAAW,OAAO,EAChC;EACE,KAAK,cAAc,OAAO,CACxB,QAAO,UAAU;EACnB,KAAK,eAAe,OAAO,CACzB,QAAO,UAAU;EACnB,KAAK,eAAe,OAAO,CACzB,QAAO,UAAU;EACnB,KAAK,kBAAkB,OAAO,CAC5B,QAAO,UAAU;EACnB,KAAK,gBAAgB,OAAO,CAC1B,QAAO,UAAU;EACnB,KAAK,gBAAgB,OAAO,CAC1B,QAAO,UAAU;EACnB,KAAK,iBAAiB,OAAO,CAC3B,QAAO,UAAU;EACnB,KAAK,mBAAmB,OAAO,CAC7B,QAAO,UAAU;EACnB,KAAK,iBAAiB,OAAO,CAC3B,QAAO,UAAU;EACnB,KAAK,iBAAiB,OAAO,CAC3B,QAAO,UAAU;EACnB,KAAK,mBAAmB,OAAO,CAC7B,QAAO,UAAU;EACnB,KAAK,gBAAgB,OAAO,CAC1B,QAAO,UAAU;EACnB,KAAK,eAAe,OAAO,CACzB,QAAO,UAAU;EACnB,KAAK,iBAAiB,OAAO,CAC3B,QAAO,UAAU;EACnB,QACE,OAAM,SAAS,kBAAkB;;;;;;AAOvC,SAAgB,oBAAoB,WAAgC;AAClE,QAAO,SAAS,kBAAkB,sBAAsB,UAAU,CAAC;;;;;AAMrE,SAAgB,sBAAsB,UAA+B;CACnE,MAAM,eAAe,SAAS,MAAM;AACpC,KAAI,aAAa,SAAS,aACxB,OAAM,SAAS,kBAAkB;AAEnC,QAAO,wBAAwB,aAAa,MAAM;;;;;;;;;;;;;;;;AC/HpD,MAAa,sBAAsB;CAIjC,MAAM,KAAqC;AACzC,SAAO,IAAI,aAAa,CAAC;;CAM3B,KAAK,KAAqC;AACxC,SAAO,IAAI,aAAa,CAAC;;CAM3B,SAAS,KAAqB,WAA4B;AACxD,MAAI,gBAAgB,CAAC,MAAM,IAAI,UAAU;;CAM3C,QAAQ,KAAqB,WAA4B;AACvD,MAAI,gBAAgB,CAAC,KAAK,IAAI,UAAU;;CAM1C,YAAY,KAAqB,WAA4B;AAC3D,MAAI,gBAAgB,CAAC,MAAM,OAAO,UAAU;;CAM9C,WAAW,KAAqB,WAA4B;AAC1D,MAAI,gBAAgB,CAAC,KAAK,OAAO,UAAU;;CAM7C,oBAAoB,KAA2B;AAC7C,MAAI,gBAAgB,CAAC,MAAM,OAAO;AAClC,MAAI,gBAAgB,CAAC,KAAK,OAAO;;CAEpC;;;;AAKD,IAAa,cAAb,MAAa,YAAsC;CACjD,AAAO;CACP,AAAO;CAEP,YAAY,OAAwB,MAAuB;AACzD,OAAK,QAAQ,yBAAS,IAAI,KAAK;AAC/B,OAAK,OAAO,wBAAQ,IAAI,KAAK;;;;;CAM/B,OAAO,MAAmB;AACxB,SAAO,IAAI,aAAa;;;;;CAM1B,OAAO,cAA2B;EAChC,MAAM,wBAAQ,IAAI,KAAgB;AAClC,QAAM,IAAI,UAAU,IAAI;AACxB,SAAO,IAAI,YAAY,MAAM;;;;;CAM/B,cAAc,UAA8B;EAC1C,IAAI,SAAS;AAGb,OAAK,MAAM,aAAa,KAAK,MAC3B,UAAS,OAAO,aACd,SAAS,kBAAkB,MAAM,OAAO,CAAC,EACzC,SAAS,kBAAkB,sBAAsB,UAAU,CAAC,OAAO,CAAC,CACrE;AAIH,OAAK,MAAM,aAAa,KAAK,KAC3B,UAAS,OAAO,aACd,SAAS,kBAAkB,KAAK,OAAO,CAAC,EACxC,SAAS,kBAAkB,sBAAsB,UAAU,CAAC,OAAO,CAAC,CACrE;AAGH,SAAO;;;;;CAMT,OAAO,gBAAgB,UAAiC;EACtD,MAAM,wBAAQ,IAAI,KAAgB;EAClC,MAAM,uBAAO,IAAI,KAAgB;EAGjC,MAAM,eACJ,SACA,oBAAoB,MAAM;AAC5B,OAAK,MAAM,OAAO,cAAc;GAC9B,MAAM,YAAY,sBAAsB,IAAI;AAC5C,SAAM,IAAI,UAAU;;EAItB,MAAM,cACJ,SACA,oBAAoB,KAAK;AAC3B,OAAK,MAAM,OAAO,aAAa;GAC7B,MAAM,YAAY,sBAAsB,IAAI;AAC5C,QAAK,IAAI,UAAU;;AAGrB,SAAO,IAAI,YAAY,OAAO,KAAK;;;;;CAMrC,SAAS,WAA4B;AACnC,OAAK,MAAM,IAAI,UAAU;;;;;CAM3B,QAAQ,WAA4B;AAClC,OAAK,KAAK,IAAI,UAAU;;;;;CAM1B,UAAU,WAA+B;AAEvC,MAAI,KAAK,KAAK,IAAI,UAAU,IAAI,KAAK,KAAK,IAAI,UAAU,IAAI,CAC1D,QAAO;AAGT,SAAO,KAAK,MAAM,IAAI,UAAU,IAAI,KAAK,MAAM,IAAI,UAAU,IAAI;;;;;CAMnE,SAAS,WAA+B;AACtC,SAAO,KAAK,KAAK,IAAI,UAAU,IAAI,KAAK,KAAK,IAAI,UAAU,IAAI;;CAIjE,cAA2B;AACzB,SAAO;;CAGT,iBAA8B;AAC5B,SAAO;;;;;CAMT,OAAO,OAA6B;AAClC,MAAI,KAAK,MAAM,SAAS,MAAM,MAAM,QAAQ,KAAK,KAAK,SAAS,MAAM,KAAK,KACxE,QAAO;AAET,OAAK,MAAM,KAAK,KAAK,MACnB,KAAI,CAAC,MAAM,MAAM,IAAI,EAAE,CAAE,QAAO;AAElC,OAAK,MAAM,KAAK,KAAK,KACnB,KAAI,CAAC,MAAM,KAAK,IAAI,EAAE,CAAE,QAAO;AAEjC,SAAO;;;;;CAMT,QAAqB;AACnB,SAAO,IAAI,YAAY,IAAI,IAAI,KAAK,MAAM,EAAE,IAAI,IAAI,KAAK,KAAK,CAAC;;;;;;;;;;;;;;;;ACtMnE,MAAa,mBAAmB,EAI9B,YAAY,KAAkB,MAAoB;AAChD,KAAI,IAAI,UAAU,KAAK,GACrB,OAAM,SAAS,UAAU,WAAW;AAEtC,KAAI,SAAS,GACX,OAAM,SAAS,WAAW,WAAW;AAEvC,KAAI,YAAY,KAAK;GAExB;;;;;;;;;;;;;;;;;;;ACzBD,IAAa,SAAb,MAAa,OAAU;CACrB,AAAiB;CAEjB,YAAY,OAAU;AACpB,OAAK,QAAQ;;;;;CAMf,OAAO,IAAO,OAAqB;AACjC,SAAO,IAAI,OAAO,MAAM;;;;;CAM1B,OAAU;AACR,SAAO,KAAK;;;;;CAMd,QAAW;AACT,SAAO,KAAK;;;;;CAMd,OAAO,OAA2B;AAGhC,MAAI,KAAK,UAAU,MAAM,MAAO,QAAO;AACvC,MAAI;AACF,UAAO,KAAK,UAAU,KAAK,MAAM,KAAK,KAAK,UAAU,MAAM,MAAM;UAC3D;AACN,UAAO;;;;;;;CAQX,QAAmB;AAEjB,MACE,OAAO,KAAK,UAAU,YACtB,KAAK,UAAU,QACf,WAAW,KAAK,SAChB,OAAQ,KAAK,MAAyB,UAAU,WAEhD,QAAO,IAAI,OAAQ,KAAK,MAAyB,OAAO,CAAC;AAG3D,SAAO,IAAI,OAAO,KAAK,MAAM;;;;;;;;;;;;;;AC3DjC,MAAMA,QAAM,MAA0C;;;;AAUtD,IAAY,wEAAL;;AAEL;;AAEA;;AAEA;;AAEA;;;;;;AA8BF,IAAa,MAAb,MAAa,IAA8D;CACzE,AAAiB;CACjB,AAAiB;CACjB,AAAQ;CACR,AAAiB;CACjB,AAAiB;CAEjB,AAAQ,YACN,eACA,aACA,WAAW,IACX,4BAAY,IAAI,KAAa,EAC7B,cAAc,YAAY,KAAK,EAC/B;AACA,OAAK,iBAAiB;AACtB,OAAK,eAAe;AACpB,OAAK,YAAY;AACjB,OAAK,aAAa;AAClB,OAAK,eAAe;;;;;CAMtB,OAAO,IAAI,eAAmC;AAC5C,SAAO,IAAI,IAAI,cAAc;;;;;CAM/B,OAAO,YAAY,eAAmC;AACpD,SAAO,IAAI,IAAI,eAAe,QAAW,oBAAI,IAAI,KAAK,EAAE,YAAY,aAAa,CAAC;;;;;CAMpF,OAAO,sBAAsB,gBAAqC;EAChE,MAAM,OAAO,KAAK,OAAO,GAAG;AAC5B,SAAO,IAAI,IACT,eAAe,YAAY,EAC3B;GAAE,MAAM;IAAE,MAAM;IAAa;IAAgB;GAAE;GAAM,EACrD,oBACA,IAAI,KAAK,EACT,YAAY,aAAa,CAC1B;;;;;CAMH,gBAA+B;AAC7B,SAAO,KAAK;;;;;CAMd,iBAA6C;AAC3C,MAAI,KAAK,iBAAiB,OAAW,QAAO;AAC5C,MAAI,KAAK,aAAa,KAAK,SAAS,YAClC,QAAO,KAAK,aAAa,KAAK;;;;;CAQlC,iBAA0B;AACxB,SAAO,KAAK,cAAc,KAAK,SAAS;;;;;CAM1C,0BAAmC;AACjC,SAAO,KAAK,cAAc,KAAK,SAAS;;;;;CAM1C,iBAAmC;AACjC,SAAO,KAAK,cAAc;;;;;CAM5B,YAAuB;AACrB,SAAO,UAAU,KAAK,KAAK,eAAe,MAAM,CAAC;;;;;CAMnD,YAAyB;AACvB,SAAO,KAAK;;;;;CAMd,eAA4B;AAC1B,SAAO,KAAK;;;;;CAMd,YAAY,UAAwB;AAClC,OAAK,WAAW,IAAI,SAAS;;;;;CAM/B,cAAc,WAA4B;AACxC,OAAK,aAAa,SAAS,UAAU;;CAIvC,WAAmB;AACjB,SAAO,KAAK;;CAGd,YAAY,MAAoB;AAC9B,OAAK,YAAY;;CAInB,cAA2B;AACzB,SAAO,KAAK;;CAGd,iBAA8B;AAC5B,SAAO,KAAK;;;;;CAMd,gBACE,oBAA+C,qBAAqB,MAC1D;EACV,IAAI,WAAW,SAAS,IAAI,KAAK,eAAe,MAAM,CAAC;AAGvD,MAAI,KAAK,iBAAiB,QAAW;GACnC,MAAM,EAAE,MAAM,SAAS,KAAK;AAE5B,OAAI,KAAK,SAAS,aAAa;AAE7B,eAAW,SAAS,aAAaA,KAAG,YAAY,EAAE,KAAK,SAAS;AAChE,eAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;cAChD,KAAK,SAAS,YAKvB,SAFE,OAAO,sBAAsB,WAAW,kBAAkB,OAAO,mBAEnE;IACE,KAAK,qBAAqB;AACxB,gBAAW,SAAS,aAAaA,KAAG,YAAY,EAAE,KAAK,eAAe,MAAM,CAAC;AAC7E,gBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;AACzD;IAEF,KAAK,qBAAqB,OAAO;KAK/B,MAAM,kBAJgB,SAAS,aAC7BA,KAAG,YAAY,EACf,KAAK,eAAe,MAAM,CAC3B,CAC2E,OAAO;AACnF,gBAAW,SAAS,qBAAqB,gBAAgB;AACzD,gBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;AACzD;;IAEF,KAAK,qBAAqB;AACxB,SAAI,OAAO,sBAAsB,UAAU;MAEzC,MAAM,YADsB,SAAS,IAAI,KAAK,eAAe,MAAM,CAAC,CAGlE,eAAe,kBAAkB,SAAS;AAC5C,iBAAW,SAAS,aAAaA,KAAG,YAAY,EAAE,UAAU;AAC5D,iBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;;AAE3D;IAEF,KAAK,qBAAqB;IAC1B,QAEE;;;AAMR,MAAI,KAAK,cAAc,GACrB,YAAW,SAAS,aAAaA,KAAG,SAAS,EAAE,KAAK,UAAU;AAIhE,OAAK,MAAM,YAAY,KAAK,WAC1B,YAAW,SAAS,aAAaA,KAAG,SAAS,EAAE,SAAS;AAI1D,aAAW,KAAK,aAAa,cAAc,SAAS;AAEpD,SAAO;;CAIT,eAAyB;AACvB,SAAO,KAAK,gBAAgB,qBAAqB,KAAK;;;;;CAMxD,OAAO,gBAAgB,UAAoB,UAA4B;EAOrE,MAAM,MAAM;EAMZ,MAAM,iBAFU,IAAI,MAAM,CACF,SAAS,SAAS,IAAI,SAAS,GAAG,KACX,cAAc;AAC7D,MAAI,kBAAkB,OACpB,OAAM,SAAS,0BAAU,IAAI,MAAM,6CAA6C,CAAC;EAEnF,MAAM,gBAAgB,IAAI,cAAc,cAAc;EAGtD,IAAIC;EAGJ,IAAIC,OAAa,KAAK,OAAO,GAAG;EAChC,MAAM,iBAAiB,IAAI,wBAAwB,KAAK;AACxD,MAAI,eAAe,SAAS,GAAG;GAE7B,MAAM,WADgB,eAAe,GACN,MAAM;AACrC,OAAI,SAAS,SAAS,aAAa;IAEjC,MAAM,WADU,SAAS,UAAU,QAAQ,CAClB,cAAc;AACvC,QAAI,aAAa,OACf,QAAO,KAAK,KAAK,SAAS;;;EAKhC,MAAM,uBAAuB,IAAI,wBAAwB,YAAY;AACrE,MAAI,qBAAqB,SAAS,GAAG;GAEnC,MAAM,gBADsB,qBAAqB,GACP,MAAM;AAEhD,OAAI,cAAc,SAAS,aAAa;IACtC,MAAM,mBAAmB,cAAc,UAAU,QAAQ;AAIzD,QADgB,iBAAiB,MAAM,CAC3B,SAAS,YACnB,KAAI,aAAa,OACf,KAAI;KAEF,MAAM,gBADY,iBAAiB,eAAe,SAAS,CAC3B,cAAc;AAC9C,SAAI,kBAAkB,OAEpB,eAAc;MACZ,MAAM;OAAE,MAAM;OAAa,gBAFN,eAAe,UAAU,eAAe,cAAc;OAEhC;MAC3C;MACD;YAEG;AAEN,mBAAc;MACZ,MAAM;OAAE,MAAM;OAAa,UAAU;OAAkB;MACvD;MACD;;QAIH,eAAc;KACZ,MAAM;MAAE,MAAM;MAAa,UAAU;MAAkB;KACvD;KACD;SAEE;KAEL,MAAM,iBAAiB,iBAAiB,cAAc;AACtD,SAAI,mBAAmB,OAErB,eAAc;MACZ,MAAM;OAAE,MAAM;OAAa,gBAFN,eAAe,UAAU,gBAAgB,cAAc;OAEjC;MAC3C;MACD;;;;EAOT,IAAI,WAAW;AACf,MAAI;GACF,MAAM,cACJ,IACA,mBAAmB,SAAS;AAC9B,cACE,YAAY,cAAc,KAAK,SAC3B,KACE,YAA4D,QAAQ,IAAI;UAC1E;EAKR,MAAM,4BAAY,IAAI,KAAa;EACnC,MAAM,kBACJ,IACA,oBAAoB,SAAS;AAC/B,OAAK,MAAM,OAAO,iBAAiB;GACjC,MAAM,OAAQ,IAAoD,QAAQ;AAC1E,OAAI,SAAS,OACX,WAAU,IAAI,KAAK;;EAKvB,MAAM,cAAc,YAAY,gBAAgB,SAAS;AAEzD,SAAO,IAAI,IAAI,eAAe,aAAa,UAAU,WAAW,YAAY;;;;;CAM9E,OAAO,OAAqB;AAC1B,SAAO,KAAK,eAAe,KAAK,KAAK,MAAM,eAAe,KAAK;;;;;CAMjE,UAAkB;AAChB,SAAO,KAAK,eAAe,KAAK;;;;;CAMlC,QAAa;AACX,SAAO,IAAI,IACT,KAAK,gBACL,KAAK,iBAAiB,SAClB;GAAE,MAAM,KAAK,aAAa;GAAM,MAAM,KAAK,aAAa;GAAM,GAC9D,QACJ,KAAK,WACL,IAAI,IAAI,KAAK,WAAW,EACxB,KAAK,aAAa,OAAO,CAC1B;;;;;;;;;;;;;;AC/ZL,MAAMC,QAAM,MAA0C;AAOtD,MAAMC,YAAU,IAAI,OAAO;AAC3B,MAAMC,iBAAe,SAAS,OAAO;AACrC,MAAM,WAAW,KAAK,OAAO;AAC7B,MAAM,iBAAiB,WAAW,OAAO;AACzC,MAAM,YAAY,MAAM,OAAO;;;;AAK/B,IAAa,UAAb,MAAa,QAAqD;CAChE,AAAiB;CACjB,AAAQ;CACR,AAAQ;CACR,AAAQ;CACR,AAAQ;CACR,AAAQ;CAER,YAAY,KAAa;AACvB,OAAK,OAAO;AACZ,OAAK,iCAAiB,IAAI,KAAK;AAC/B,OAAK,sCAAsB,IAAI,KAAK;AACpC,OAAK,eAAe,YAAY,KAAK;AACrC,OAAK,cAAc;AACnB,OAAK,QAAQ;;;;;CAMf,OAAO,IAAI,KAAsB;AAC/B,SAAO,IAAI,QAAQ,IAAI;;;;;CAMzB,MAAc;AACZ,SAAO,KAAK;;;;;CAMd,aAAqB;AACnB,SAAO,KAAK;;;;;CAMd,cAAc,YAA0B;AACtC,OAAK,cAAc;;;;;CAMrB,cAAc,YAA0B;AACtC,MAAI,KAAK,gBAAgB,GACvB,OAAM,SAAS,UAAU,aAAa;AAExC,MAAI,eAAe,GACjB,OAAM,SAAS,WAAW,aAAa;AAEzC,OAAK,cAAc,WAAW;;;;;CAMhC,gBAA6B;AAC3B,SAAO,KAAK;;;;;CAMd,mBAAgC;AAC9B,SAAO,KAAK;;;;;CAMd,mBAAmB,iBAA+B;AAChD,MAAI,KAAK,eAAe,IAAI,gBAAgB,CAC1C,OAAM,SAAS,UAAU,gBAAgB;AAE3C,OAAK,eAAe,IAAI,gBAAgB;;;;;CAM1C,gBAAgB,cAA+B;AAC7C,OAAK,mBAAmB,aAAa,OAAO,CAAC;;;;;CAM/C,qBAAkC;AAChC,SAAO,KAAK;;;;;CAMd,wBAAqC;AACnC,SAAO,KAAK;;;;;CAMd,wBAAwB,sBAAoC;AAC1D,MAAI,KAAK,oBAAoB,IAAI,qBAAqB,CACpD,OAAM,SAAS,UAAU,qBAAqB;AAEhD,OAAK,oBAAoB,IAAI,qBAAqB;;;;;CAMpD,qBAAqB,mBAAoC;AACvD,OAAK,wBAAwB,kBAAkB,OAAO,CAAC;;;;;CAMzD,OAAe;AACb,SAAO,KAAK;;;;;CAMd,QAAQ,MAAoB;AAC1B,MAAI,KAAK,UAAU,GACjB,OAAM,SAAS,UAAU,OAAO;AAElC,MAAI,SAAS,GACX,OAAM,SAAS,WAAW,OAAO;AAEnC,OAAK,QAAQ;;CAIf,cAA2B;AACzB,SAAO,KAAK;;CAGd,iBAA8B;AAC5B,SAAO,KAAK;;;;;CAMd,eAAyB;EACvB,IAAI,WAAW,SAAS,IAAI,KAAK,KAAK;AAGtC,OAAK,MAAM,UAAU,KAAK,gBAAgB;GACxC,MAAM,WAAWC,aAAW,OAAO;AACnC,cAAW,SAAS,aAAaH,KAAG,IAAI,EAAE,SAAS;;AAIrD,OAAK,MAAM,eAAe,KAAK,qBAAqB;GAClD,MAAM,WAAWG,aAAW,YAAY;AACxC,cAAW,SAAS,aAAaH,KAAG,SAAS,EAAE,SAAS;;AAI1D,MAAI,KAAK,gBAAgB,GACvB,YAAW,SAAS,aAAaA,KAAG,WAAW,EAAE,KAAK,YAAY;AAIpE,MAAI,KAAK,UAAU,GACjB,YAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,MAAM;AAIxD,aAAW,KAAK,aAAa,cAAc,SAAS;AAEpD,SAAO;;;;;CAMT,OAAO,gBAAgB,UAA6B;EAGlD,MAAM,SAAS;EAOf,MAAM,OAFU,OAAO,MAAM,CACL,SAAS,SAAS,OAAO,SAAS,GAAG,UACQ,QAAQ;AAC7E,MAAI,QAAQ,OACV,OAAM,SAAS,0BAAU,IAAI,MAAM,sCAAsC,CAAC;EAG5E,MAAM,UAAU,IAAI,QAAQ,IAAI;EAGhC,MAAM,aAAc,SAAqD,YAAY;AACrF,OAAK,MAAM,aAAa,YAAY;GAClC,MAAM,gBAAgB,UAAU,MAAM;AACtC,OAAI,cAAc,SAAS,YACzB;GAIF,MAAM,gBADe,cAAc,UAAU,WAAW,CACrB,MAAM;AACzC,OAAI,cAAc,SAAS,aACzB;GAGF,MAAM,YAAY,cAAc,MAAM,OAAO;GAC7C,MAAM,SAAS,cAAc,UAAU,QAAQ;AAI/C,OAD0B,OAAmD,YAAY,CACpE,SAAS,EAC5B,OAAM,SAAS,4BAA4B;AAG7C,WAAQ,WAAR;IACE,KAAKC,WAAS;KACZ,MAAM,UACJ,OACA,cAAc;AAChB,SAAI,YAAY,OACd,SAAQ,mBAAmB,WAAW,QAAQ,CAAC;AAEjD;;IAEF,KAAKC,gBAAc;KACjB,MAAM,eACJ,OACA,cAAc;AAChB,SAAI,iBAAiB,OACnB,SAAQ,wBAAwB,WAAW,aAAa,CAAC;AAE3D;;IAEF,KAAK,gBAAgB;KACnB,MAAM,aAAc,OAAuD,QAAQ;AACnF,SAAI,eAAe,OACjB,SAAQ,cAAc,WAAW;AAEnC;;IAEF,KAAK,UAAU;KACb,MAAM,OAAQ,OAAuD,QAAQ;AAC7E,SAAI,SAAS,OACX,SAAQ,QAAQ,KAAK;AAEvB;;IAEF,KAAK,WAAW;KACd,MAAM,YAAY,sBAAsB,OAAO;AAC/C,aAAQ,aAAa,SAAS,UAAU;AACxC;;IAEF,QACE,OAAM,SAAS,oBAAoB,OAAO,UAAU,CAAC;;;AAI3D,SAAO;;;;;CAMT,OAAO,OAAyB;AAC9B,SAAO,KAAK,SAAS,MAAM;;;;;CAM7B,UAAkB;AAChB,SAAO,KAAK;;;;;CAMd,QAAiB;EACf,MAAM,QAAQ,IAAI,QAAQ,KAAK,KAAK;AACpC,QAAM,iBAAiB,IAAI,IAAI,KAAK,eAAe;AACnD,QAAM,sBAAsB,IAAI,IAAI,KAAK,oBAAoB;AAC7D,QAAM,eAAe,KAAK,aAAa,OAAO;AAC9C,QAAM,cAAc,KAAK;AACzB,QAAM,QAAQ,KAAK;AACnB,SAAO;;;AAKX,SAASC,aAAW,KAAyB;CAC3C,MAAM,QAAQ,IAAI,WAAW,IAAI,SAAS,EAAE;AAC5C,MAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK,EACnC,OAAM,IAAI,KAAK,SAAS,IAAI,UAAU,GAAG,IAAI,EAAE,EAAE,GAAG;AAEtD,QAAO;;AAGT,SAAS,WAAW,OAA2B;AAC7C,QAAO,MAAM,KAAK,MAAM,CACrB,KAAK,MAAM,EAAE,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAC3C,KAAK,GAAG;;;;;AC5Tb,IAAIC,mBAEO;;;;;AAMX,SAAgB,yBAAyB,KAEhC;AACP,oBAAmB;;;;;AAMrB,IAAa,WAAb,MAAa,SAAsD;CACjE,AAAiB;CACjB,AAAiB;CAEjB,AAAQ,YAAY,YAAqC,aAA0B;AACjF,OAAK,cAAc;AACnB,OAAK,eAAe;;;;;CAMtB,OAAO,IAAI,YAAuC;AAChD,SAAO,IAAI,SAAS,OAAO,IAAI,WAAW,EAAE,YAAY,KAAK,CAAC;;;;;CAMhE,aAAsC;AACpC,SAAO,KAAK;;;;;CAMd,MAAW;AACT,SAAO,KAAK,YAAY,MAAM,CAAC,KAAK;;;;;CAMtC,YAAuB;AACrB,SAAO,UAAU,KAAK,KAAK,KAAK,CAAC,QAAQ,CAAC;;CAI5C,cAA2B;AACzB,SAAO,KAAK;;CAGd,iBAA8B;AAC5B,SAAO,KAAK;;;;;CAMd,eAAyB;EAEvB,MAAM,WADM,KAAK,YAAY,MAAM,CACb,cAAc,CAAqC,MAAM;AAC/E,SAAO,KAAK,aAAa,cAAc,SAAS;;;;;CAMlD,OAAO,gBAAgB,UAA8B;AACnD,MAAI,qBAAqB,KACvB,OAAM,IAAI,MAAM,kEAAkE;EAGpF,MAAM,cAAc,YAAY,gBAAgB,SAAS;EACzD,MAAM,QAAS,SAAkD,WAAW;AAE5E,SAAO,IAAI,SADQ,OAAO,IAAI,iBAAiB,gBAAgB,MAAM,CAAC,EACtC,YAAY;;;;;CAM9C,OAAO,OAA0B;AAC/B,SAAO,KAAK,KAAK,CAAC,OAAO,MAAM,KAAK,CAAC;;;;;CAMvC,UAAkB;AAChB,SAAO,KAAK,KAAK,CAAC,OAAO;;;;;CAM3B,QAAkB;AAChB,SAAO,IAAI,SAAS,OAAO,IAAI,KAAK,YAAY,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,aAAa,OAAO,CAAC;;;;;;;;;;;;;;ACnH/F,MAAMC,QAAM,MAA0C;;;;AAQtD,IAAY,sEAAL;;AAEL;;AAEA;;AAEA;;AAEA;;;;;;AA8BF,IAAa,aAAb,MAAa,WAAwC;CACnD,AAAQ;CACR,AAAQ;CAER,AAAQ,YAAY,MAAsB,WAAiD;AACzF,OAAK,QAAQ;AACb,OAAK,aAAa;;;;;CAMpB,OAAO,IAAI,MAAkC;AAC3C,SAAO,IAAI,WAAW,KAAK;;;;;CAM7B,OAAO,iBAAiB,WAAoC,MAAkC;EAC5F,MAAM,OAAO,KAAK,OAAO,GAAG;AAC5B,SAAO,IAAI,WAAW,MAAM;GAAE,MAAM;IAAE,MAAM;IAAa;IAAW;GAAE;GAAM,CAAC;;;;;CAM/E,OAAuB;AACrB,SAAO,KAAK;;;;;CAMd,YAAiD;AAC/C,MAAI,KAAK,eAAe,OAAW,QAAO;AAC1C,MAAI,KAAK,WAAW,KAAK,SAAS,YAChC,QAAO,KAAK,WAAW,KAAK;;;;;CAQhC,eAAwB;AACtB,SAAO,KAAK,YAAY,KAAK,SAAS;;;;;CAMxC,wBAAiC;AAC/B,SAAO,KAAK,YAAY,KAAK,SAAS;;;;;CAMxC,gBAAkC;AAChC,SAAO,KAAK,YAAY;;;;;CAM1B,QAAQ,MAA4B;AAClC,OAAK,QAAQ;;;;;CAMf,aAAa,WAA0C;EACrD,MAAM,OAAO,KAAK,OAAO,GAAG;AAC5B,OAAK,aAAa;GAAE,MAAM;IAAE,MAAM;IAAa;IAAW;GAAE;GAAM;;;;;CAMpE,gBAAiE;EAC/D,MAAM,MAAM,KAAK;AACjB,OAAK,aAAa;AAClB,SAAO;;;;;CAMT,aAAa,UAA4D;AAOvE,MAAI,KAAK,eAAe,OAAW,QAAO;AAE1C,MAAI,KAAK,WAAW,KAAK,SAAS,YAChC,QAAO,KAAK,WAAW,KAAK;AAI9B,MAAI,aAAa,QAAW;GAC1B,MAAM,oBAAoB,KAAK,WAAW,KAAK;AAC/C,OAAI;IAIF,MAAM,gBAHY,kBAAkB,eAAe,SAAS,CAChC,WAAW,CAEP,cAAc;AAC9C,QAAI,kBAAkB,QAAW;KAC/B,MAAM,OAAO,WAAW,cAAc;KACtC,MAAM,YAAY,wBAAwB,SAAS,KAAK;AAExD,UAAK,aAAa;MAChB,MAAM;OAAE,MAAM;OAAa;OAAW;MACtC,MAAM,KAAK,WAAW;MACvB;AACD,YAAO;;WAEH;AACN,UAAM,SAAS,iBAAiB;;;AAIpC,QAAM,SAAS,iBAAiB;;;;;CAMlC,gBAAgB,mBAA6C,oBAAoB,MAAgB;EAQ/F,IAAI,WAAW,SAAS,IAAI,KAAK,MAAM,YAAY,CAAC;AAGpD,MAAI,KAAK,eAAe,QAAW;GACjC,MAAM,EAAE,MAAM,SAAS,KAAK;AAE5B,OAAI,KAAK,SAAS,aAAa;AAE7B,eAAW,SAAS,aAAaA,KAAG,qBAAqB,EAAE,KAAK,SAAS;AACzE,eAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;cAChD,KAAK,SAAS,YAKvB,SAFE,OAAO,qBAAqB,WAAW,iBAAiB,OAAO,kBAEjE;IACE,KAAK,oBAAoB,SAAS;KAChC,MAAM,iBAAiB,SAAS,KAAK,UAAU,QAAQ,CAAC;AACxD,gBAAW,SAAS,aAAaA,KAAG,qBAAqB,EAAE,eAAe;AAC1E,gBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;AACzD;;IAEF,KAAK,oBAAoB,OAAO;KAC9B,MAAM,kBAAkB,SAAS,KAAK,UAAU,QAAQ,CAAC;KAEzD,MAAM,kBADgB,SAAS,aAAaA,KAAG,qBAAqB,EAAE,gBAAgB,CAC/B,OAAO;AAC9D,gBAAW,SAAS,qBAAqB,gBAAgB;AACzD,gBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;AACzD;;IAEF,KAAK,oBAAoB;AACvB,SAAI,OAAO,qBAAqB,UAAU;MACxC,MAAM,kBAAkB,SAAS,KAAK,UAAU,QAAQ,CAAC;MAGzD,MAAM,YAFoB,SAAS,IAAI,gBAAgB,CACrB,MAAM,CACd,eAAe,iBAAiB,SAAS;AACnE,iBAAW,SAAS,aAAaA,KAAG,qBAAqB,EAAE,UAAU;AACrE,iBAAW,SAAS,aAAaA,KAAG,KAAK,EAAE,KAAK,QAAQ,CAAC;;AAE3D;IAEF,KAAK,oBAAoB;IACzB,QAEE;;;AAKR,SAAO;;CAIT,eAAyB;AACvB,SAAO,KAAK,gBAAgB,oBAAoB,KAAK;;;;;CAMvD,OAAO,gBAAgB,UAAoB,UAAmC;EAO5E,MAAM,MAAM;EAOZ,MAAM,YAHU,IAAI,MAAM,CAEhB,SAAS,SAAU,IAA2C,SAAS,GAAG,UAC1C,cAAc;AACxD,MAAI,aAAa,OACf,OAAM,SAAS,+BAAe,IAAI,MAAM,uCAAuC,CAAC;EAElF,MAAM,OAAO,eAAe,aAAa,SAAS;EAGlD,IAAIC;EAGJ,IAAIC,OAAa,KAAK,OAAO,GAAG;EAChC,MAAM,iBAAiB,IAAI,wBAAwB,KAAK;AACxD,MAAI,eAAe,SAAS,GAAG;GAE7B,MAAM,WADgB,eAAe,GACN,MAAM;AACrC,OAAI,SAAS,SAAS,aAAa;IAEjC,MAAM,WADU,SAAS,UAAU,QAAQ,CAClB,cAAc;AACvC,QAAI,aAAa,OACf,QAAO,KAAK,KAAK,SAAS;;;EAKhC,MAAM,sBAAsB,IAAI,wBAAwB,qBAAqB;AAC7E,MAAI,oBAAoB,SAAS,GAAG;GAElC,MAAM,gBADqB,oBAAoB,GACN,MAAM;AAE/C,OAAI,cAAc,SAAS,aAAa;IACtC,MAAM,kBAAkB,cAAc,UAAU,QAAQ;AAIxD,QADgB,gBAAgB,MAAM,CAC1B,SAAS,YACnB,KAAI,aAAa,OACf,KAAI;KAGF,MAAM,gBAFY,gBAAgB,eAAe,SAAS,CAC9B,WAAW,CACP,cAAc;AAC9C,SAAI,kBAAkB,QAAW;MAC/B,MAAM,OAAO,WAAW,cAAc;AAEtC,kBAAY;OACV,MAAM;QAAE,MAAM;QAAa,WAFjB,wBAAwB,SAAS,KAAK;QAEL;OAC3C;OACD;;YAEG;AAEN,iBAAY;MACV,MAAM;OAAE,MAAM;OAAa,UAAU;OAAiB;MACtD;MACD;;QAIH,aAAY;KACV,MAAM;MAAE,MAAM;MAAa,UAAU;MAAiB;KACtD;KACD;SAEE;KAEL,MAAM,gBAAgB,gBAAgB,cAAc;AACpD,SAAI,kBAAkB,QAAW;MAC/B,MAAM,QAAQ,WAAW,cAAc;AAEvC,kBAAY;OACV,MAAM;QAAE,MAAM;QAAa,WAFjB,wBAAwB,SAAS,MAAM;QAEN;OAC3C;OACD;;;;;AAMT,SAAO,IAAI,WAAW,MAAM,UAAU;;;;;CAMxC,OAAO,OAA4B;AACjC,SAAO,KAAK,MAAM,OAAO,MAAM,MAAM;;;;;;CAOvC,QAAoB;AAClB,SAAO,IAAI,WACT,KAAK,OACL,KAAK,eAAe,SAChB;GAAE,MAAM,KAAK,WAAW;GAAM,MAAM,KAAK,WAAW;GAAM,GAC1D,OACL;;;;;;;;;;;;;ACzVL,MAAM,MAAM,MAA0C;AAgBtD,MAAM,UAAU,IAAI,OAAO;AAC3B,MAAM,eAAe,SAAS,OAAO;AACrC,MAAM,cAAc,QAAQ,OAAO;AACnC,MAAM,iBAAiB,WAAW,OAAO;AACzC,MAAM,sBAAsB,gBAAgB,OAAO;;;;AAyCnD,IAAY,oEAAL;;AAEL;;AAEA;;;;;;AAWF,IAAa,cAAb,MAAa,YAAyC;CACpD,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAQ;CAER,AAAQ,YACN,KACA,oCAAoB,IAAI,KAAa,EACrC,uBAAe,IAAI,KAAK,EACxB,4BAAyB,IAAI,KAAK,EAClC,2BAAuB,IAAI,KAAK,EAChC,YACA;AACA,OAAK,OAAO;AACZ,OAAK,qBAAqB;AAC1B,OAAK,QAAQ;AACb,OAAK,aAAa;AAClB,OAAK,YAAY;AACjB,OAAK,cAAc;;;;;CAMrB,OAAO,IACL,aAAqC,EAAE,MAAM,WAAW,EACxD,cAAqC,EAAE,MAAM,QAAQ,EACxC;EACb,MAAM,eAAe,YAAY,uBAAuB,WAAW;EACnE,MAAM,aAAa,YAAY,uBAAuB,YAAY;EAGlE,MAAM,MAAM,IAAI,YADJ,IAAI,KAAK,cAAc,aAAa,eAAe,CAAC,CAAC,kBAChC,IAAI,KAAK,kBAAE,IAAI,KAAK,kBAAE,IAAI,KAAK,kBAAE,IAAI,KAAK,EAAE,WAAW;AAExF,MAAI,OAAO,aAAa;AACxB,SAAO;;CAGT,OAAe,uBAAuB,SAAsC;AAC1E,UAAQ,QAAQ,MAAhB;GACE,KAAK,WAAW;IACd,MAAM,iBAAiB,eAAe,UAAU;AAChD,WAAO,IAAI,sBAAsB,eAAe;;GAElD,KAAK,gBACH,QAAO,IAAI,YAAY,QAAQ,cAAc;GAC/C,KAAK,iBACH,QAAO,IAAI,sBAAsB,QAAQ,eAAe;;;CAI9D,OAAe,uBAAuB,SAAwD;AAC5F,UAAQ,QAAQ,MAAhB;GACE,KAAK,OACH;GACF,KAAK,cAAc;IACjB,MAAM,aAAa,QAAQ,cAAc,yBAAyB;IAClE,MAAM,YAAY,wBAAwB,kBAAkB,YAAY,QAAQ,WAAW;IAC3F,MAAM,OAAO,QAAQ,wBAAQ,IAAI,MAAM;IACvC,MAAM,OAAO,UAAU,KAAK,MAAM,QAAQ,KAAK;AAC/C,WAAO,WAAW,iBAAiB,WAAW,KAAK;;GAErD,KAAK,QAAQ;IACX,MAAM,aAAa,QAAQ,cAAc,yBAAyB;IAClE,MAAM,YAAY,wBAAwB,SAAS,YAAY,QAAQ,KAAK;IAC5E,MAAM,OAAO,QAAQ,wBAAQ,IAAI,MAAM;IACvC,MAAM,OAAO,UAAU,KAAK,MAAM,QAAQ,KAAK;AAC/C,WAAO,WAAW,iBAAiB,WAAW,KAAK;;;;;;;CAQzD,OAAO,QAAQ,KAAuB;AACpC,SAAO,IAAI,YAAY,IAAI;;;;;CAM7B,MAAW;AACT,SAAO,KAAK;;;;;CAMd,oBAAiC;AAC/B,SAAO,KAAK;;;;;CAMd,oBAAoB,QAAsB;AACxC,OAAK,mBAAmB,IAAI,OAAO;;;;;CAMrC,uBAAuB,QAAyB;AAC9C,SAAO,KAAK,mBAAmB,OAAO,OAAO;;;;;CAM/C,OAAc;AACZ,SAAO,MAAM,KAAK,KAAK,MAAM,QAAQ,CAAC;;;;;CAMxC,OAAO,KAAgB;EACrB,MAAM,UAAU,IAAI,SAAS;AAC7B,MAAI,KAAK,MAAM,IAAI,QAAQ,CACzB,OAAM,SAAS,UAAU,MAAM;AAEjC,OAAK,MAAM,IAAI,SAAS,IAAI;;;;;CAM9B,uBAAuB,eAA+C;EACpE,MAAM,UAAU,cAAc,KAAK;AACnC,SAAO,KAAK,MAAM,IAAI,QAAQ;;;;;CAMhC,mBAAmB,WAAuC;AACxD,OAAK,MAAM,OAAO,KAAK,MAAM,QAAQ,CACnC,KAAI,IAAI,WAAW,CAAC,OAAO,UAAU,CACnC,QAAO;;;;;CASb,QAAQ,eAA+C;EACrD,MAAM,UAAU,cAAc,KAAK;EACnC,MAAM,MAAM,KAAK,MAAM,IAAI,QAAQ;AACnC,MAAI,QAAQ,OACV,MAAK,MAAM,OAAO,QAAQ;AAE5B,SAAO;;;;;CAMT,UAAU,eAAoC;AAC5C,MAAI,KAAK,qBAAqB,cAAc,CAC1C,OAAM,SAAS,gBAAgB,MAAM;EAEvC,MAAM,UAAU,cAAc,KAAK;AACnC,MAAI,CAAC,KAAK,MAAM,OAAO,QAAQ,CAC7B,OAAM,SAAS,SAAS,MAAM;;;;;CAOlC,eAAe,eAAuC;AAEpD,SAAO,WADS,cAAc,cAAc,EACjB,KAAK,KAAK,QAAQ,CAAC;;;;;CAMhD,eAAgC;AAC9B,OAAK,MAAM,OAAO,KAAK,MAAM,QAAQ,CACnC,KAAI,KAAK,eAAe,IAAI,eAAe,CAAC,CAC1C,QAAO;;;;;CASb,0BAAsD;AACpD,SAAO,KAAK,cAAc,EAAE,gBAAgB;;;;;CAM9C,qBAAsC;EACpC,MAAM,eAAe,KAAK,cAAc;AACxC,MAAI,iBAAiB,OACnB,MAAK,MAAM,OAAO,aAAa,SAAS,CAAC;AAE3C,SAAO;;;;;CAMT,UAAmB;AACjB,SACE,KAAK,mBAAmB,SAAS,KACjC,KAAK,MAAM,SAAS,KACpB,KAAK,WAAW,SAAS,KACzB,KAAK,gBAAgB;;;;;CAOzB,YAAwB;AACtB,SAAO,MAAM,KAAK,KAAK,WAAW,QAAQ,CAAC;;;;;CAM7C,YAAY,UAA0B;EACpC,MAAM,UAAU,SAAS,SAAS;AAClC,MAAI,KAAK,WAAW,IAAI,QAAQ,CAC9B,OAAM,SAAS,UAAU,WAAW;AAEtC,OAAK,WAAW,IAAI,SAAS,SAAS;;;;;CAMxC,kBAAkB,KAAgC;AAChD,SAAO,KAAK,WAAW,IAAI,IAAI,OAAO,CAAC;;;;;CAMzC,wBAAwB,WAA4C;AAClE,OAAK,MAAM,YAAY,KAAK,WAAW,QAAQ,CAC7C,KAAI,SAAS,WAAW,CAAC,OAAO,UAAU,CACxC,QAAO;;;;;CASb,aAAa,KAAgC;EAC3C,MAAM,UAAU,IAAI,OAAO;EAC3B,MAAM,WAAW,KAAK,WAAW,IAAI,QAAQ;AAC7C,MAAI,aAAa,OACf,MAAK,WAAW,OAAO,QAAQ;AAEjC,SAAO;;;;;CAMT,eAAe,KAAgB;AAC7B,MAAI,KAAK,0BAA0B,IAAI,CACrC,OAAM,SAAS,gBAAgB,WAAW;EAE5C,MAAM,UAAU,IAAI,OAAO;AAC3B,MAAI,CAAC,KAAK,WAAW,OAAO,QAAQ,CAClC,OAAM,SAAS,SAAS,WAAW;;;;;CAOvC,WAAsB;AACpB,SAAO,MAAM,KAAK,KAAK,UAAU,QAAQ,CAAC;;;;;CAM5C,iBAAiB,KAAkC;AACjD,SAAO,KAAK,UAAU,IAAI,IAAI;;;;;CAMhC,WAAW,SAAwB;EACjC,MAAM,UAAU,QAAQ,SAAS;AACjC,MAAI,KAAK,UAAU,IAAI,QAAQ,CAC7B,OAAM,SAAS,UAAU,UAAU;AAErC,OAAK,UAAU,IAAI,SAAS,QAAQ;;;;;CAMtC,YAAY,KAAkC;EAC5C,MAAM,UAAU,KAAK,UAAU,IAAI,IAAI;AACvC,MAAI,YAAY,OACd,MAAK,UAAU,OAAO,IAAI;AAE5B,SAAO;;;;;CAMT,cAAc,KAAmB;AAC/B,MAAI,CAAC,KAAK,UAAU,OAAO,IAAI,CAC7B,OAAM,SAAS,SAAS,UAAU;;;;;CAOtC,2BAAiC;AAC/B,OAAK,MAAM,WAAW,KAAK,UAAU,QAAQ,CAC3C,MAAK,wBAAwB,QAAQ;;;;;CAOzC,wBAAwB,SAAwB;AAC9C,MAAI,QAAQ,eAAe,CAAC,SAAS,KAAK,QAAQ,oBAAoB,CAAC,SAAS,EAC9E,OAAM,SAAS,aAAa,QAAQ,KAAK,CAAC;AAG5C,OAAK,MAAM,UAAU,QAAQ,eAAe,EAAE;GAC5C,MAAM,WAAW,WAAW,OAAO;GACnC,MAAM,MAAM,UAAU,KAAK,SAAS;AACpC,OAAI,KAAK,mBAAmB,IAAI,KAAK,OACnC,OAAM,SAAS,oBAAoB,QAAQ,QAAQ,KAAK,CAAC;;AAI7D,OAAK,MAAM,eAAe,QAAQ,oBAAoB,EAAE;GACtD,MAAM,WAAW,WAAW,YAAY;GACxC,MAAM,MAAM,UAAU,KAAK,SAAS;AACpC,OAAI,KAAK,wBAAwB,IAAI,KAAK,OACxC,OAAM,SAAS,yBAAyB,aAAa,QAAQ,KAAK,CAAC;;AAIvE,MAAI,QAAQ,aAAa,CAAC,MAAM,SAAS,EACvC,OAAM,SAAS,cAAc,QAAQ,KAAK,CAAC;;;;;CAO/C,qBAAqB,eAAuC;EAC1D,MAAM,SAAS,UAAU,KAAK,cAAc,MAAM,CAAC,CAAC,OAAO;AAC3D,OAAK,MAAM,WAAW,KAAK,UAAU,QAAQ,CAC3C,KAAI,QAAQ,eAAe,CAAC,IAAI,OAAO,CACrC,QAAO;AAGX,SAAO;;;;;CAMT,0BAA0B,KAAmB;EAC3C,MAAM,cAAc,UAAU,KAAK,IAAI,QAAQ,CAAC,CAAC,OAAO;AACxD,OAAK,MAAM,WAAW,KAAK,UAAU,QAAQ,CAC3C,KAAI,QAAQ,oBAAoB,CAAC,IAAI,YAAY,CAC/C,QAAO;AAGX,SAAO;;;;;CAMT,aAAyC;AACvC,SAAO,KAAK,aAAa,MAAM;;;;;CAMjC,sBAA2D;AACzD,SAAO,KAAK,aAAa,WAAW;;;;;CAMtC,cAAc,YAA8C;AAC1D,OAAK,cAAc,eAAe,SAAY,WAAW,IAAI,WAAW,GAAG;;;;;CAM7E,2BAA2B,WAAoC,MAA4B;AACzF,OAAK,cAAc,WAAW,iBAAiB,WAAW,KAAK;;;;;CAMjE,wCAAwC,UAAuB,MAAa,MAAmB;AAC7F,MAAI,KAAK,gBAAgB,OACvB,OAAM,SAAS,kBAAkB;EAGnC,MAAM,cAAc,KAAK,YAAY,MAAM;EAC3C,MAAM,YAAY,KAAK,YAAY,aAAa,SAAS;AACzD,MAAI,cAAc,OAChB,OAAM,SAAS,aAAa;AAI9B,MAAI,CAAC,WAAW,UAAU,SAAS,EAAE,YAAY,SAAS,CAAC,CACzD,OAAM,SAAS,gBAAgB,YAAY,SAAS,EAAE,UAAU,SAAS,CAAC;EAI5E,MAAM,cAAc,YAAY,KAAK,GAAG;AACxC,MAAI,UAAU,SAAS,KAAK,YAC1B,OAAM,SAAS,iBAAiB,aAAa,UAAU,SAAS,CAAC;EAInE,MAAM,WAAW,wBAAQ,IAAI,MAAM;EACnC,MAAM,WAAW,UAAU,KAAK,UAAU,KAAK;AAC/C,OAAK,YAAY,QAAQ,SAAS;;;;;CAMpC,wCACE,WACA,MACA,MACM;AACN,MAAI,KAAK,gBAAgB,OACvB,OAAM,SAAS,kBAAkB;AAInC,MAAI,KAAK,YAAY,cAAc,IAAI,KAAK,YAAY,uBAAuB,CAC7E,OAAM,SAAS,mBAAmB;EAGpC,MAAM,cAAc,KAAK,YAAY,MAAM;AAG3C,MAAI,CAAC,WAAW,UAAU,SAAS,EAAE,YAAY,SAAS,CAAC,CACzD,OAAM,SAAS,gBAAgB,YAAY,SAAS,EAAE,UAAU,SAAS,CAAC;EAI5E,MAAM,cAAc,YAAY,KAAK,GAAG;AACxC,MAAI,UAAU,SAAS,KAAK,YAC1B,OAAM,SAAS,iBAAiB,aAAa,UAAU,SAAS,CAAC;EAInE,MAAM,WAAW,wBAAQ,IAAI,MAAM;EACnC,MAAM,WAAW,UAAU,KAAK,UAAU,KAAK;AAC/C,OAAK,YAAY,QAAQ,SAAS;;;;;CAMpC,WACE,oBAA+C,qBAAqB,MACpE,mBAA6C,oBAAoB,MACjE,iBAAoC,EAAE,MAAM,QAAQ,EAC1C;EACV,IAAI,WAAW,SAAS,IAAI,KAAK,KAAK,QAAQ,CAAC;AAG/C,OAAK,MAAM,UAAU,KAAK,mBACxB,YAAW,SAAS,aAAa,GAAG,gBAAgB,EAAE,OAAO;AAI/D,OAAK,MAAM,OAAO,KAAK,MAAM,QAAQ,CACnC,YAAW,SAAS,aAAa,GAAG,IAAI,EAAE,IAAI,gBAAgB,kBAAkB,CAAC;AAInF,OAAK,MAAM,YAAY,KAAK,WAAW,QAAQ,CAC7C,YAAW,SAAS,aAAa,GAAG,SAAS,EAAE,SAAS,cAAc,CAAC;AAIzE,OAAK,MAAM,WAAW,KAAK,UAAU,QAAQ,CAC3C,YAAW,SAAS,aAAa,GAAG,QAAQ,EAAE,QAAQ,cAAc,CAAC;AAIvE,MAAI,KAAK,gBAAgB,OACvB,YAAW,SAAS,aAClB,GAAG,WAAW,EACd,KAAK,YAAY,gBAAgB,iBAAiB,CACnD;AAIH,UAAQ,eAAe,MAAvB;GACE,KAAK,aAAa;IAChB,MAAM,eAAe,KAAK,cAAc;AACxC,QAAI,iBAAiB,OACnB,OAAM,SAAS,qBAAqB;IAEtC,MAAM,iBAAiB,aAAa,gBAAgB;AACpD,QAAI,mBAAmB,OACrB,OAAM,SAAS,qBAAqB;AAEtC,eAAY,SAA8D,aACxE,eACD;AACD;;GAEF,KAAK;AACH,eAAY,SAA8D,aACxE,eAAe,eAChB;AACD;GACF,KAAK;GACL,QACE;;AAGJ,SAAO;;CAIT,eAAyB;AACvB,SAAO,KAAK,YAAY;;;;;CAM1B,OAAO,aACL,UACA,UACA,kBAAsC,mBAAmB,MAC5C;EACb,MAAM,cAAc;AAKpB,UAAQ,iBAAR;GACE,KAAK,mBAAmB,MAAM;IAC5B,MAAM,UAAU,YAAY,SAAS;IACrC,MAAM,kBAAkB,QAAQ,WAAW,GAAG,QAAQ,WAAW,GAAG;AACpE,WAAO,YAAY,kBAAkB,iBAAiB,SAAS;;GAEjE,KAAK,mBAAmB,WAAW;AACjC,QAAI,CAAC,YAAY,SAAS,CAAC,WAAW,CACpC,OAAM,SAAS,mBAAmB;IAGpC,MAAM,YAAY,YAAY,WAAW;IACzC,MAAM,MAAM,YAAY,kBAAkB,WAAW,SAAS;IAE9D,MAAM,eAAe,IAAI,cAAc;AACvC,QAAI,iBAAiB,OACnB,OAAM,SAAS,qBAAqB;AAItC,QAAI,CAAC,YAAY,iBAAiB,aAAa,eAAe,CAAwB,CACpF,OAAM,SAAS,6BAA6B;AAI9C,QAAI,CAAC,IAAI,eAAe,aAAa,eAAe,CAAC,CACnD,OAAM,SAAS,YAAY;AAG7B,WAAO;;;;CAKb,OAAe,kBAAkB,UAAoB,UAAoC;EACvF,MAAM,cAAc;EAUpB,MAAM,WAFU,SAAS,MAAM,CACP,SAAS,SAAS,YAAY,SAAS,GAAG,UAGhE,cAAc;AAChB,MAAI,YAAY,OACd,OAAM,SAAS,YAAY;EAE7B,MAAM,MAAM,IAAI,KAAK,QAAQ;EAC7B,MAAM,MAAM,YAAY,QAAQ,IAAI;AAGpC,OAAK,MAAM,aAAa,YAAY,YAAY,EAAE;GAChD,MAAM,gBAAgB,UAAU,MAAM;AACtC,OAAI,cAAc,SAAS,YACzB;GAIF,MAAM,gBADe,cAAc,UAAU,WAAW,CACrB,MAAM;AACzC,OAAI,cAAc,SAAS,aACzB;GAGF,MAAM,YAAY,cAAc,MAAM,OAAO;GAC7C,MAAM,SAAS,cAAc,UAAU,QAAQ;AAE/C,WAAQ,WAAR;IACE,KAAK,qBAAqB;KACxB,MAAM,SAAU,OAAuD,QAAQ;AAC/E,SAAI,WAAW,OACb,OAAM,SAAS,yBAAyB;AAE1C,SAAI,oBAAoB,OAAO;AAC/B;;IAEF,KAAK,SAAS;KACZ,MAAM,MAAM,IAAI,gBAAgB,QAAQ,SAAS;AACjD,SAAI,OAAO,IAAI;AACf;;IAEF,KAAK,cAAc;KACjB,MAAM,WAAW,SAAS,gBAAgB,OAAO;AACjD,SAAI,YAAY,SAAS;AACzB;;IAEF,KAAK,aAAa;KAChB,MAAM,UAAU,QAAQ,gBAAgB,OAAO;AAC/C,SAAI,WAAW,QAAQ;AACvB;;IAEF,KAAK;AACH,SAAI,IAAI,gBAAgB,OACtB,OAAM,SAAS,yBAAyB;AAE1C,SAAI,cAAc,WAAW,gBAAgB,QAAQ,SAAS;AAC9D;IAEF,QACE,OAAM,SAAS,oBAAoB,OAAO,UAAU,CAAC;;;AAI3D,MAAI,0BAA0B;AAC9B,SAAO;;;;;CAMT,iBAAiB,YAA8B;AAI7C,SAHiB,KAAK,WAAW,qBAAqB,MAAM,oBAAoB,MAAM,EACpF,MAAM,QACP,CAAC,CACoE,aAAa,WAAW;;;;;CAMhG,YAAuB;AACrB,SAAO,UAAU,KAAK,KAAK,KAAK,QAAQ,CAAC;;;;;CAM3C,OAAO,OAA6B;AAClC,SAAO,KAAK,KAAK,OAAO,MAAM,KAAK;;;;;CAMrC,QAAqB;AASnB,SARY,IAAI,YACd,KAAK,MACL,IAAI,IAAI,KAAK,mBAAmB,EAChC,IAAI,IAAI,MAAM,KAAK,KAAK,MAAM,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,EACzE,IAAI,IAAI,MAAM,KAAK,KAAK,WAAW,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,EAC9E,IAAI,IAAI,MAAM,KAAK,KAAK,UAAU,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,EAC7E,KAAK,aAAa,OAAO,CAC1B;;;;;CAOH,OAAO,gBAAgB,UAAiC;AACtD,SAAO,YAAY,aAAa,UAAU,QAAW,mBAAmB,KAAK;;;AAKjF,yBAAyB,YAAY;AAQrC,SAAS,WAAW,KAAyB;CAC3C,MAAM,QAAQ,IAAI,WAAW,IAAI,SAAS,EAAE;AAC5C,MAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK,EACnC,OAAM,IAAI,KAAK,SAAS,IAAI,UAAU,GAAG,IAAI,EAAE,EAAE,GAAG;AAEtD,QAAO;;AAGT,SAAS,WAAW,GAAe,GAAwB;AACzD,KAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAK,IAAI,IAAI,GAAG,IAAI,EAAE,QAAQ,IAC5B,KAAI,EAAE,OAAO,EAAE,GAAI,QAAO;AAE5B,QAAO;;AAGT,SAAS,cAAc,eAA0C;AAE/D,QAAO,UAAU,KAAK,cAAc,MAAM,CAAC,CAAC,WAAW,CAAC,QAAQ;;;;;AC5xBlE,MAAa,UAAU"}
package/package.json ADDED
@@ -0,0 +1,81 @@
1
+ {
2
+ "name": "@bcts/xid",
3
+ "version": "1.0.0-alpha.10",
4
+ "type": "module",
5
+ "description": "Blockchain Commons XID for TypeScript",
6
+ "license": "BSD-2-Clause-Patent",
7
+ "author": "Leonardo Custodio <leonardo@custodio.me>",
8
+ "homepage": "https://bcts.dev",
9
+ "repository": {
10
+ "type": "git",
11
+ "url": "https://github.com/leonardocustodio/bcts",
12
+ "directory": "packages/xid"
13
+ },
14
+ "bugs": {
15
+ "url": "https://github.com/leonardocustodio/bcts/issues"
16
+ },
17
+ "main": "dist/index.cjs",
18
+ "module": "dist/index.mjs",
19
+ "types": "dist/index.d.mts",
20
+ "browser": "dist/index.iife.js",
21
+ "exports": {
22
+ ".": {
23
+ "types": "./dist/index.d.mts",
24
+ "import": "./dist/index.mjs",
25
+ "require": "./dist/index.cjs",
26
+ "default": "./dist/index.mjs"
27
+ }
28
+ },
29
+ "files": [
30
+ "dist",
31
+ "src",
32
+ "README.md"
33
+ ],
34
+ "scripts": {
35
+ "build": "tsdown",
36
+ "dev": "tsdown --watch",
37
+ "test": "vitest run",
38
+ "test:watch": "vitest",
39
+ "lint": "eslint 'src/**/*.ts'",
40
+ "lint:fix": "eslint 'src/**/*.ts' --fix",
41
+ "typecheck": "tsc --noEmit",
42
+ "clean": "rm -rf dist",
43
+ "docs": "typedoc",
44
+ "prepublishOnly": "npm run clean && npm run build && npm test"
45
+ },
46
+ "keywords": [
47
+ "xid",
48
+ "extensible-identifier",
49
+ "decentralized-identity",
50
+ "blockchain-commons",
51
+ "envelope",
52
+ "gordian",
53
+ "cryptography",
54
+ "provenance"
55
+ ],
56
+ "engines": {
57
+ "node": ">=18.0.0"
58
+ },
59
+ "devDependencies": {
60
+ "@bcts/eslint": "^0.1.0",
61
+ "@bcts/tsconfig": "^0.1.0",
62
+ "@eslint/js": "^9.39.2",
63
+ "@typescript-eslint/eslint-plugin": "^8.50.1",
64
+ "@typescript-eslint/parser": "^8.50.1",
65
+ "eslint": "^9.39.2",
66
+ "ts-node": "^10.9.2",
67
+ "tsdown": "^0.18.3",
68
+ "typedoc": "^0.28.15",
69
+ "typescript": "^5.9.3",
70
+ "vitest": "^4.0.16"
71
+ },
72
+ "dependencies": {
73
+ "@bcts/components": "^1.0.0-alpha.10",
74
+ "@bcts/dcbor": "^1.0.0-alpha.10",
75
+ "@bcts/envelope": "^1.0.0-alpha.10",
76
+ "@bcts/known-values": "^1.0.0-alpha.10",
77
+ "@bcts/provenance-mark": "^1.0.0-alpha.10",
78
+ "@bcts/rand": "^1.0.0-alpha.10",
79
+ "@bcts/uniform-resources": "^1.0.0-alpha.10"
80
+ }
81
+ }
package/src/delegate.ts ADDED
@@ -0,0 +1,132 @@
1
+ /**
2
+ * XID Delegate
3
+ *
4
+ * Represents a delegate in an XID document, containing a controller XIDDocument
5
+ * and permissions.
6
+ *
7
+ * Ported from bc-xid-rust/src/delegate.rs
8
+ */
9
+
10
+ import { type Envelope, type EnvelopeEncodable } from "@bcts/envelope";
11
+ import { Reference, type XID } from "@bcts/components";
12
+ import { Permissions, type HasPermissions } from "./permissions";
13
+ import { Shared } from "./shared";
14
+
15
+ /**
16
+ * Forward declaration interface for XIDDocument to avoid circular dependency.
17
+ * The actual XIDDocument class implements this interface.
18
+ */
19
+ export interface XIDDocumentType {
20
+ xid(): XID;
21
+ intoEnvelope(): Envelope;
22
+ clone(): XIDDocumentType;
23
+ }
24
+
25
+ // This will be set by xid-document.ts when it loads
26
+ let XIDDocumentClass: {
27
+ tryFromEnvelope(envelope: Envelope): XIDDocumentType;
28
+ } | null = null;
29
+
30
+ /**
31
+ * Register the XIDDocument class to avoid circular dependency issues.
32
+ * Called by xid-document.ts when it loads.
33
+ */
34
+ export function registerXIDDocumentClass(cls: {
35
+ tryFromEnvelope(envelope: Envelope): XIDDocumentType;
36
+ }): void {
37
+ XIDDocumentClass = cls;
38
+ }
39
+
40
+ /**
41
+ * Represents a delegate in an XID document.
42
+ */
43
+ export class Delegate implements HasPermissions, EnvelopeEncodable {
44
+ private readonly _controller: Shared<XIDDocumentType>;
45
+ private readonly _permissions: Permissions;
46
+
47
+ private constructor(controller: Shared<XIDDocumentType>, permissions: Permissions) {
48
+ this._controller = controller;
49
+ this._permissions = permissions;
50
+ }
51
+
52
+ /**
53
+ * Create a new Delegate with the given controller document.
54
+ */
55
+ static new(controller: XIDDocumentType): Delegate {
56
+ return new Delegate(Shared.new(controller), Permissions.new());
57
+ }
58
+
59
+ /**
60
+ * Get the controller document.
61
+ */
62
+ controller(): Shared<XIDDocumentType> {
63
+ return this._controller;
64
+ }
65
+
66
+ /**
67
+ * Get the XID of the controller.
68
+ */
69
+ xid(): XID {
70
+ return this._controller.read().xid();
71
+ }
72
+
73
+ /**
74
+ * Get the reference for this delegate.
75
+ */
76
+ reference(): Reference {
77
+ return Reference.hash(this.xid().toData());
78
+ }
79
+
80
+ // HasPermissions implementation
81
+ permissions(): Permissions {
82
+ return this._permissions;
83
+ }
84
+
85
+ permissionsMut(): Permissions {
86
+ return this._permissions;
87
+ }
88
+
89
+ /**
90
+ * Convert to envelope.
91
+ */
92
+ intoEnvelope(): Envelope {
93
+ const doc = this._controller.read();
94
+ const envelope = (doc.intoEnvelope() as unknown as { wrap(): Envelope }).wrap();
95
+ return this._permissions.addToEnvelope(envelope);
96
+ }
97
+
98
+ /**
99
+ * Try to extract a Delegate from an envelope.
100
+ */
101
+ static tryFromEnvelope(envelope: Envelope): Delegate {
102
+ if (XIDDocumentClass === null) {
103
+ throw new Error("XIDDocument class not registered. Import xid-document.js first.");
104
+ }
105
+
106
+ const permissions = Permissions.tryFromEnvelope(envelope);
107
+ const inner = (envelope as unknown as { tryUnwrap(): Envelope }).tryUnwrap();
108
+ const controller = Shared.new(XIDDocumentClass.tryFromEnvelope(inner));
109
+ return new Delegate(controller, permissions);
110
+ }
111
+
112
+ /**
113
+ * Check equality with another Delegate (based on controller XID).
114
+ */
115
+ equals(other: Delegate): boolean {
116
+ return this.xid().equals(other.xid());
117
+ }
118
+
119
+ /**
120
+ * Get a hash key for use in Sets/Maps.
121
+ */
122
+ hashKey(): string {
123
+ return this.xid().toHex();
124
+ }
125
+
126
+ /**
127
+ * Clone this Delegate.
128
+ */
129
+ clone(): Delegate {
130
+ return new Delegate(Shared.new(this._controller.read().clone()), this._permissions.clone());
131
+ }
132
+ }