@blockend/widget 1.0.32 → 1.0.34

package/dist/secp256k1-DgmH1qVg.js

@@ -1,1251 +0,0 @@
-import { aG as ce, x as ae, aH as le, J as ue, aI as de } from "./index-CLzkn733.js";
-const Tt = /* @__PURE__ */ BigInt(0), Ot = /* @__PURE__ */ BigInt(1);
-function ut(e) {
-  return e instanceof Uint8Array || ArrayBuffer.isView(e) && e.constructor.name === "Uint8Array";
-}
-function Ut(e) {
-  if (!ut(e))
-    throw new Error("Uint8Array expected");
-}
-function at(e, n) {
-  if (typeof n != "boolean")
-    throw new Error(e + " boolean expected, got " + n);
-}
-function ht(e) {
-  const n = e.toString(16);
-  return n.length & 1 ? "0" + n : n;
-}
-function $t(e) {
-  if (typeof e != "string")
-    throw new Error("hex string expected, got " + typeof e);
-  return e === "" ? Tt : BigInt("0x" + e);
-}
-const Gt = (
-  // @ts-ignore
-  typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function"
-), he = /* @__PURE__ */ Array.from({ length: 256 }, (e, n) => n.toString(16).padStart(2, "0"));
-function lt(e) {
-  if (Ut(e), Gt)
-    return e.toHex();
-  let n = "";
-  for (let t = 0; t < e.length; t++)
-    n += he[e[t]];
-  return n;
-}
-const W = { _0: 48, _9: 57, A: 65, F: 70, a: 97, f: 102 };
-function kt(e) {
-  if (e >= W._0 && e <= W._9)
-    return e - W._0;
-  if (e >= W.A && e <= W.F)
-    return e - (W.A - 10);
-  if (e >= W.a && e <= W.f)
-    return e - (W.a - 10);
-}
-function wt(e) {
-  if (typeof e != "string")
-    throw new Error("hex string expected, got " + typeof e);
-  if (Gt)
-    return Uint8Array.fromHex(e);
-  const n = e.length, t = n / 2;
-  if (n % 2)
-    throw new Error("hex string expected, got unpadded hex of length " + n);
-  const r = new Uint8Array(t);
-  for (let i = 0, s = 0; i < t; i++, s += 2) {
-    const a = kt(e.charCodeAt(s)), u = kt(e.charCodeAt(s + 1));
-    if (a === void 0 || u === void 0) {
-      const o = e[s] + e[s + 1];
-      throw new Error('hex string expected, got non-hex character "' + o + '" at index ' + s);
-    }
-    r[i] = a * 16 + u;
-  }
-  return r;
-}
-function et(e) {
-  return $t(lt(e));
-}
-function Wt(e) {
-  return Ut(e), $t(lt(Uint8Array.from(e).reverse()));
-}
-function dt(e, n) {
-  return wt(e.toString(16).padStart(n * 2, "0"));
-}
-function Dt(e, n) {
-  return dt(e, n).reverse();
-}
-function K(e, n, t) {
-  let r;
-  if (typeof n == "string")
-    try {
-      r = wt(n);
-    } catch (s) {
-      throw new Error(e + " must be hex string or Uint8Array, cause: " + s);
-    }
-  else if (ut(n))
-    r = Uint8Array.from(n);
-  else
-    throw new Error(e + " must be hex string or Uint8Array");
-  const i = r.length;
-  if (typeof t == "number" && i !== t)
-    throw new Error(e + " of length " + t + " expected, got " + i);
-  return r;
-}
-function gt(...e) {
-  let n = 0;
-  for (let r = 0; r < e.length; r++) {
-    const i = e[r];
-    Ut(i), n += i.length;
-  }
-  const t = new Uint8Array(n);
-  for (let r = 0, i = 0; r < e.length; r++) {
-    const s = e[r];
-    t.set(s, i), i += s.length;
-  }
-  return t;
-}
-const bt = (e) => typeof e == "bigint" && Tt <= e;
-function Lt(e, n, t) {
-  return bt(e) && bt(n) && bt(t) && n <= e && e < t;
-}
-function it(e, n, t, r) {
-  if (!Lt(n, t, r))
-    throw new Error("expected valid " + e + ": " + t + " <= n < " + r + ", got " + n);
-}
-function we(e) {
-  let n;
-  for (n = 0; e > Tt; e >>= Ot, n += 1)
-    ;
-  return n;
-}
-const mt = (e) => (Ot << BigInt(e)) - Ot, Bt = (e) => new Uint8Array(e), Ct = (e) => Uint8Array.from(e);
-function ge(e, n, t) {
-  if (typeof e != "number" || e < 2)
-    throw new Error("hashLen must be a number");
-  if (typeof n != "number" || n < 2)
-    throw new Error("qByteLen must be a number");
-  if (typeof t != "function")
-    throw new Error("hmacFn must be a function");
-  let r = Bt(e), i = Bt(e), s = 0;
-  const a = () => {
-    r.fill(1), i.fill(0), s = 0;
-  }, u = (...A) => t(i, r, ...A), o = (A = Bt(0)) => {
-    i = u(Ct([0]), A), r = u(), A.length !== 0 && (i = u(Ct([1]), A), r = u());
-  }, d = () => {
-    if (s++ >= 1e3)
-      throw new Error("drbg: tried 1000 values");
-    let A = 0;
-    const I = [];
-    for (; A < n; ) {
-      r = u();
-      const z = r.slice();
-      I.push(z), A += r.length;
-    }
-    return gt(...I);
-  };
-  return (A, I) => {
-    a(), o(A);
-    let z;
-    for (; !(z = I(d())); )
-      o();
-    return a(), z;
-  };
-}
-const me = {
-  bigint: (e) => typeof e == "bigint",
-  function: (e) => typeof e == "function",
-  boolean: (e) => typeof e == "boolean",
-  string: (e) => typeof e == "string",
-  stringOrUint8Array: (e) => typeof e == "string" || ut(e),
-  isSafeInteger: (e) => Number.isSafeInteger(e),
-  array: (e) => Array.isArray(e),
-  field: (e, n) => n.Fp.isValid(e),
-  hash: (e) => typeof e == "function" && Number.isSafeInteger(e.outputLen)
-};
-function pt(e, n, t = {}) {
-  const r = (i, s, a) => {
-    const u = me[s];
-    if (typeof u != "function")
-      throw new Error("invalid validator function");
-    const o = e[i];
-    if (!(a && o === void 0) && !u(o, e))
-      throw new Error("param " + String(i) + " is invalid. Expected " + s + ", got " + o);
-  };
-  for (const [i, s] of Object.entries(n))
-    r(i, s, !1);
-  for (const [i, s] of Object.entries(t))
-    r(i, s, !0);
-  return e;
-}
-function Ht(e) {
-  const n = /* @__PURE__ */ new WeakMap();
-  return (t, ...r) => {
-    const i = n.get(t);
-    if (i !== void 0)
-      return i;
-    const s = e(t, ...r);
-    return n.set(t, s), s;
-  };
-}
-const Y = BigInt(0), H = BigInt(1), tt = /* @__PURE__ */ BigInt(2), pe = /* @__PURE__ */ BigInt(3), Xt = /* @__PURE__ */ BigInt(4), Ft = /* @__PURE__ */ BigInt(5), Qt = /* @__PURE__ */ BigInt(8);
-function M(e, n) {
-  const t = e % n;
-  return t >= Y ? t : n + t;
-}
-function j(e, n, t) {
-  let r = e;
-  for (; n-- > Y; )
-    r *= r, r %= t;
-  return r;
-}
-function qt(e, n) {
-  if (e === Y)
-    throw new Error("invert: expected non-zero number");
-  if (n <= Y)
-    throw new Error("invert: expected positive modulus, got " + n);
-  let t = M(e, n), r = n, i = Y, s = H;
-  for (; t !== Y; ) {
-    const u = r / t, o = r % t, d = i - s * u;
-    r = t, t = o, i = s, s = d;
-  }
-  if (r !== H)
-    throw new Error("invert: does not exist");
-  return M(i, n);
-}
-function Jt(e, n) {
-  const t = (e.ORDER + H) / Xt, r = e.pow(n, t);
-  if (!e.eql(e.sqr(r), n))
-    throw new Error("Cannot find square root");
-  return r;
-}
-function ye(e, n) {
-  const t = (e.ORDER - Ft) / Qt, r = e.mul(n, tt), i = e.pow(r, t), s = e.mul(n, i), a = e.mul(e.mul(s, tt), i), u = e.mul(s, e.sub(a, e.ONE));
-  if (!e.eql(e.sqr(u), n))
-    throw new Error("Cannot find square root");
-  return u;
-}
-function Ee(e) {
-  if (e < BigInt(3))
-    throw new Error("sqrt is not defined for small field");
-  let n = e - H, t = 0;
-  for (; n % tt === Y; )
-    n /= tt, t++;
-  let r = tt;
-  const i = _t(e);
-  for (; Vt(i, r) === 1; )
-    if (r++ > 1e3)
-      throw new Error("Cannot find square root: probably non-prime P");
-  if (t === 1)
-    return Jt;
-  let s = i.pow(r, n);
-  const a = (n + H) / tt;
-  return function(o, d) {
-    if (o.is0(d))
-      return d;
-    if (Vt(o, d) !== 1)
-      throw new Error("Cannot find square root");
-    let m = t, A = o.mul(o.ONE, s), I = o.pow(d, n), z = o.pow(d, a);
-    for (; !o.eql(I, o.ONE); ) {
-      if (o.is0(I))
-        return o.ZERO;
-      let T = 1, g = o.sqr(I);
-      for (; !o.eql(g, o.ONE); )
-        if (T++, g = o.sqr(g), T === m)
-          throw new Error("Cannot find square root");
-      const k = H << BigInt(m - T - 1), U = o.pow(A, k);
-      m = T, A = o.sqr(U), I = o.mul(I, A), z = o.mul(z, U);
-    }
-    return z;
-  };
-}
-function be(e) {
-  return e % Xt === pe ? Jt : e % Qt === Ft ? ye : Ee(e);
-}
-const Be = [
-  "create",
-  "isValid",
-  "is0",
-  "neg",
-  "inv",
-  "sqrt",
-  "sqr",
-  "eql",
-  "add",
-  "sub",
-  "mul",
-  "pow",
-  "div",
-  "addN",
-  "subN",
-  "mulN",
-  "sqrN"
-];
-function ve(e) {
-  const n = {
-    ORDER: "bigint",
-    MASK: "bigint",
-    BYTES: "isSafeInteger",
-    BITS: "isSafeInteger"
-  }, t = Be.reduce((r, i) => (r[i] = "function", r), n);
-  return pt(e, t);
-}
-function xe(e, n, t) {
-  if (t < Y)
-    throw new Error("invalid exponent, negatives unsupported");
-  if (t === Y)
-    return e.ONE;
-  if (t === H)
-    return n;
-  let r = e.ONE, i = n;
-  for (; t > Y; )
-    t & H && (r = e.mul(r, i)), i = e.sqr(i), t >>= H;
-  return r;
-}
-function te(e, n, t = !1) {
-  const r = new Array(n.length).fill(t ? e.ZERO : void 0), i = n.reduce((a, u, o) => e.is0(u) ? a : (r[o] = a, e.mul(a, u)), e.ONE), s = e.inv(i);
-  return n.reduceRight((a, u, o) => e.is0(u) ? a : (r[o] = e.mul(a, r[o]), e.mul(a, u)), s), r;
-}
-function Vt(e, n) {
-  const t = (e.ORDER - H) / tt, r = e.pow(n, t), i = e.eql(r, e.ONE), s = e.eql(r, e.ZERO), a = e.eql(r, e.neg(e.ONE));
-  if (!i && !s && !a)
-    throw new Error("invalid Legendre symbol result");
-  return i ? 1 : s ? 0 : -1;
-}
-function ee(e, n) {
-  n !== void 0 && ce(n);
-  const t = n !== void 0 ? n : e.toString(2).length, r = Math.ceil(t / 8);
-  return { nBitLength: t, nByteLength: r };
-}
-function _t(e, n, t = !1, r = {}) {
-  if (e <= Y)
-    throw new Error("invalid field: expected ORDER > 0, got " + e);
-  const { nBitLength: i, nByteLength: s } = ee(e, n);
-  if (s > 2048)
-    throw new Error("invalid field: expected ORDER of <= 2048 bytes");
-  let a;
-  const u = Object.freeze({
-    ORDER: e,
-    isLE: t,
-    BITS: i,
-    BYTES: s,
-    MASK: mt(i),
-    ZERO: Y,
-    ONE: H,
-    create: (o) => M(o, e),
-    isValid: (o) => {
-      if (typeof o != "bigint")
-        throw new Error("invalid field element: expected bigint, got " + typeof o);
-      return Y <= o && o < e;
-    },
-    is0: (o) => o === Y,
-    isOdd: (o) => (o & H) === H,
-    neg: (o) => M(-o, e),
-    eql: (o, d) => o === d,
-    sqr: (o) => M(o * o, e),
-    add: (o, d) => M(o + d, e),
-    sub: (o, d) => M(o - d, e),
-    mul: (o, d) => M(o * d, e),
-    pow: (o, d) => xe(u, o, d),
-    div: (o, d) => M(o * qt(d, e), e),
-    // Same as above, but doesn't normalize
-    sqrN: (o) => o * o,
-    addN: (o, d) => o + d,
-    subN: (o, d) => o - d,
-    mulN: (o, d) => o * d,
-    inv: (o) => qt(o, e),
-    sqrt: r.sqrt || ((o) => (a || (a = be(e)), a(u, o))),
-    toBytes: (o) => t ? Dt(o, s) : dt(o, s),
-    fromBytes: (o) => {
-      if (o.length !== s)
-        throw new Error("Field.fromBytes: expected " + s + " bytes, got " + o.length);
-      return t ? Wt(o) : et(o);
-    },
-    // TODO: we don't need it here, move out to separate fn
-    invertBatch: (o) => te(u, o),
-    // We can't move this out because Fp6, Fp12 implement it
-    // and it's unclear what to return in there.
-    cmov: (o, d, m) => m ? d : o
-  });
-  return Object.freeze(u);
-}
-function ne(e) {
-  if (typeof e != "bigint")
-    throw new Error("field order must be bigint");
-  const n = e.toString(2).length;
-  return Math.ceil(n / 8);
-}
-function re(e) {
-  const n = ne(e);
-  return n + Math.ceil(n / 2);
-}
-function Se(e, n, t = !1) {
-  const r = e.length, i = ne(n), s = re(n);
-  if (r < 16 || r < s || r > 1024)
-    throw new Error("expected " + s + "-1024 bytes of input, got " + r);
-  const a = t ? Wt(e) : et(e), u = M(a, n - H) + H;
-  return t ? Dt(u, i) : dt(u, i);
-}
-const Mt = BigInt(0), Rt = BigInt(1);
-function vt(e, n) {
-  const t = n.negate();
-  return e ? t : n;
-}
-function oe(e, n) {
-  if (!Number.isSafeInteger(e) || e <= 0 || e > n)
-    throw new Error("invalid window size, expected [1.." + n + "], got W=" + e);
-}
-function xt(e, n) {
-  oe(e, n);
-  const t = Math.ceil(n / e) + 1, r = 2 ** (e - 1), i = 2 ** e, s = mt(e), a = BigInt(e);
-  return { windows: t, windowSize: r, mask: s, maxNumber: i, shiftBy: a };
-}
-function Yt(e, n, t) {
-  const { windowSize: r, mask: i, maxNumber: s, shiftBy: a } = t;
-  let u = Number(e & i), o = e >> a;
-  u > r && (u -= s, o += Rt);
-  const d = n * r, m = d + Math.abs(u) - 1, A = u === 0, I = u < 0, z = n % 2 !== 0;
-  return { nextN: o, offset: m, isZero: A, isNeg: I, isNegF: z, offsetF: d };
-}
-function Ae(e, n) {
-  if (!Array.isArray(e))
-    throw new Error("array expected");
-  e.forEach((t, r) => {
-    if (!(t instanceof n))
-      throw new Error("invalid point at index " + r);
-  });
-}
-function Ne(e, n) {
-  if (!Array.isArray(e))
-    throw new Error("array of scalars expected");
-  e.forEach((t, r) => {
-    if (!n.isValid(t))
-      throw new Error("invalid scalar at index " + r);
-  });
-}
-const St = /* @__PURE__ */ new WeakMap(), ie = /* @__PURE__ */ new WeakMap();
-function At(e) {
-  return ie.get(e) || 1;
-}
-function Ie(e, n) {
-  return {
-    constTimeNegate: vt,
-    hasPrecomputes(t) {
-      return At(t) !== 1;
-    },
-    // non-const time multiplication ladder
-    unsafeLadder(t, r, i = e.ZERO) {
-      let s = t;
-      for (; r > Mt; )
-        r & Rt && (i = i.add(s)), s = s.double(), r >>= Rt;
-      return i;
-    },
-    /**
-     * Creates a wNAF precomputation window. Used for caching.
-     * Default window size is set by `utils.precompute()` and is equal to 8.
-     * Number of precomputed points depends on the curve size:
-     * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where:
-     * - 𝑊 is the window size
-     * - 𝑛 is the bitlength of the curve order.
-     * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224.
-     * @param elm Point instance
-     * @param W window size
-     * @returns precomputed point tables flattened to a single array
-     */
-    precomputeWindow(t, r) {
-      const { windows: i, windowSize: s } = xt(r, n), a = [];
-      let u = t, o = u;
-      for (let d = 0; d < i; d++) {
-        o = u, a.push(o);
-        for (let m = 1; m < s; m++)
-          o = o.add(u), a.push(o);
-        u = o.double();
-      }
-      return a;
-    },
-    /**
-     * Implements ec multiplication using precomputed tables and w-ary non-adjacent form.
-     * @param W window size
-     * @param precomputes precomputed tables
-     * @param n scalar (we don't check here, but should be less than curve order)
-     * @returns real and fake (for const-time) points
-     */
-    wNAF(t, r, i) {
-      let s = e.ZERO, a = e.BASE;
-      const u = xt(t, n);
-      for (let o = 0; o < u.windows; o++) {
-        const { nextN: d, offset: m, isZero: A, isNeg: I, isNegF: z, offsetF: T } = Yt(i, o, u);
-        i = d, A ? a = a.add(vt(z, r[T])) : s = s.add(vt(I, r[m]));
-      }
-      return { p: s, f: a };
-    },
-    /**
-     * Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form.
-     * @param W window size
-     * @param precomputes precomputed tables
-     * @param n scalar (we don't check here, but should be less than curve order)
-     * @param acc accumulator point to add result of multiplication
-     * @returns point
-     */
-    wNAFUnsafe(t, r, i, s = e.ZERO) {
-      const a = xt(t, n);
-      for (let u = 0; u < a.windows && i !== Mt; u++) {
-        const { nextN: o, offset: d, isZero: m, isNeg: A } = Yt(i, u, a);
-        if (i = o, !m) {
-          const I = r[d];
-          s = s.add(A ? I.negate() : I);
-        }
-      }
-      return s;
-    },
-    getPrecomputes(t, r, i) {
-      let s = St.get(r);
-      return s || (s = this.precomputeWindow(r, t), t !== 1 && St.set(r, i(s))), s;
-    },
-    wNAFCached(t, r, i) {
-      const s = At(t);
-      return this.wNAF(s, this.getPrecomputes(s, t, i), r);
-    },
-    wNAFCachedUnsafe(t, r, i, s) {
-      const a = At(t);
-      return a === 1 ? this.unsafeLadder(t, r, s) : this.wNAFUnsafe(a, this.getPrecomputes(a, t, i), r, s);
-    },
-    // We calculate precomputes for elliptic curve point multiplication
-    // using windowed method. This specifies window size and
-    // stores precomputed values. Usually only base point would be precomputed.
-    setWindowSize(t, r) {
-      oe(r, n), ie.set(t, r), St.delete(t);
-    }
-  };
-}
-function Oe(e, n, t, r) {
-  Ae(t, e), Ne(r, n);
-  const i = t.length, s = r.length;
-  if (i !== s)
-    throw new Error("arrays of points and scalars must have equal length");
-  const a = e.ZERO, u = we(BigInt(i));
-  let o = 1;
-  u > 12 ? o = u - 3 : u > 4 ? o = u - 2 : u > 0 && (o = 2);
-  const d = mt(o), m = new Array(Number(d) + 1).fill(a), A = Math.floor((n.BITS - 1) / o) * o;
-  let I = a;
-  for (let z = A; z >= 0; z -= o) {
-    m.fill(a);
-    for (let g = 0; g < s; g++) {
-      const k = r[g], U = Number(k >> BigInt(z) & d);
-      m[U] = m[U].add(t[g]);
-    }
-    let T = a;
-    for (let g = m.length - 1, k = a; g > 0; g--)
-      k = k.add(m[g]), T = T.add(k);
-    if (I = I.add(T), z !== 0)
-      for (let g = 0; g < o; g++)
-        I = I.double();
-  }
-  return I;
-}
-function se(e) {
-  return ve(e.Fp), pt(e, {
-    n: "bigint",
-    h: "bigint",
-    Gx: "field",
-    Gy: "field"
-  }, {
-    nBitLength: "isSafeInteger",
-    nByteLength: "isSafeInteger"
-  }), Object.freeze({
-    ...ee(e.n, e.nBitLength),
-    ...e,
-    p: e.Fp.ORDER
-  });
-}
-function jt(e) {
-  e.lowS !== void 0 && at("lowS", e.lowS), e.prehash !== void 0 && at("prehash", e.prehash);
-}
-function qe(e) {
-  const n = se(e);
-  pt(n, {
-    a: "field",
-    b: "field"
-  }, {
-    allowInfinityPoint: "boolean",
-    allowedPrivateKeyLengths: "array",
-    clearCofactor: "function",
-    fromBytes: "function",
-    isTorsionFree: "function",
-    toBytes: "function",
-    wrapPrivateKey: "boolean"
-  });
-  const { endo: t, Fp: r, a: i } = n;
-  if (t) {
-    if (!r.eql(i, r.ZERO))
-      throw new Error("invalid endo: CURVE.a must be 0");
-    if (typeof t != "object" || typeof t.beta != "bigint" || typeof t.splitScalar != "function")
-      throw new Error('invalid endo: expected "beta": bigint and "splitScalar": function');
-  }
-  return Object.freeze({ ...n });
-}
-class Re extends Error {
-  constructor(n = "") {
-    super(n);
-  }
-}
-const D = {
-  // asn.1 DER encoding utils
-  Err: Re,
-  // Basic building block is TLV (Tag-Length-Value)
-  _tlv: {
-    encode: (e, n) => {
-      const { Err: t } = D;
-      if (e < 0 || e > 256)
-        throw new t("tlv.encode: wrong tag");
-      if (n.length & 1)
-        throw new t("tlv.encode: unpadded data");
-      const r = n.length / 2, i = ht(r);
-      if (i.length / 2 & 128)
-        throw new t("tlv.encode: long form length too big");
-      const s = r > 127 ? ht(i.length / 2 | 128) : "";
-      return ht(e) + s + i + n;
-    },
-    // v - value, l - left bytes (unparsed)
-    decode(e, n) {
-      const { Err: t } = D;
-      let r = 0;
-      if (e < 0 || e > 256)
-        throw new t("tlv.encode: wrong tag");
-      if (n.length < 2 || n[r++] !== e)
-        throw new t("tlv.decode: wrong tlv");
-      const i = n[r++], s = !!(i & 128);
-      let a = 0;
-      if (!s)
-        a = i;
-      else {
-        const o = i & 127;
-        if (!o)
-          throw new t("tlv.decode(long): indefinite length not supported");
-        if (o > 4)
-          throw new t("tlv.decode(long): byte length is too big");
-        const d = n.subarray(r, r + o);
-        if (d.length !== o)
-          throw new t("tlv.decode: length bytes not complete");
-        if (d[0] === 0)
-          throw new t("tlv.decode(long): zero leftmost byte");
-        for (const m of d)
-          a = a << 8 | m;
-        if (r += o, a < 128)
-          throw new t("tlv.decode(long): not minimal encoding");
-      }
-      const u = n.subarray(r, r + a);
-      if (u.length !== a)
-        throw new t("tlv.decode: wrong value length");
-      return { v: u, l: n.subarray(r + a) };
-    }
-  },
-  // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag,
-  // since we always use positive integers here. It must always be empty:
-  // - add zero byte if exists
-  // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding)
-  _int: {
-    encode(e) {
-      const { Err: n } = D;
-      if (e < X)
-        throw new n("integer: negative integers are not allowed");
-      let t = ht(e);
-      if (Number.parseInt(t[0], 16) & 8 && (t = "00" + t), t.length & 1)
-        throw new n("unexpected DER parsing assertion: unpadded hex");
-      return t;
-    },
-    decode(e) {
-      const { Err: n } = D;
-      if (e[0] & 128)
-        throw new n("invalid signature integer: negative");
-      if (e[0] === 0 && !(e[1] & 128))
-        throw new n("invalid signature integer: unnecessary leading zero");
-      return et(e);
-    }
-  },
-  toSig(e) {
-    const { Err: n, _int: t, _tlv: r } = D, i = K("signature", e), { v: s, l: a } = r.decode(48, i);
-    if (a.length)
-      throw new n("invalid signature: left bytes after parsing");
-    const { v: u, l: o } = r.decode(2, s), { v: d, l: m } = r.decode(2, o);
-    if (m.length)
-      throw new n("invalid signature: left bytes after parsing");
-    return { r: t.decode(u), s: t.decode(d) };
-  },
-  hexFromSig(e) {
-    const { _tlv: n, _int: t } = D, r = n.encode(2, t.encode(e.r)), i = n.encode(2, t.encode(e.s)), s = r + i;
-    return n.encode(48, s);
-  }
-};
-function Nt(e, n) {
-  return lt(dt(e, n));
-}
-const X = BigInt(0), L = BigInt(1);
-BigInt(2);
-const It = BigInt(3), Ze = BigInt(4);
-function ze(e) {
-  const n = qe(e), { Fp: t } = n, r = _t(n.n, n.nBitLength), i = n.toBytes || ((x, f, h) => {
-    const p = f.toAffine();
-    return gt(Uint8Array.from([4]), t.toBytes(p.x), t.toBytes(p.y));
-  }), s = n.fromBytes || ((x) => {
-    const f = x.subarray(1), h = t.fromBytes(f.subarray(0, t.BYTES)), p = t.fromBytes(f.subarray(t.BYTES, 2 * t.BYTES));
-    return { x: h, y: p };
-  });
-  function a(x) {
-    const { a: f, b: h } = n, p = t.sqr(x), B = t.mul(p, x);
-    return t.add(t.add(B, t.mul(x, f)), h);
-  }
-  function u(x, f) {
-    const h = t.sqr(f), p = a(x);
-    return t.eql(h, p);
-  }
-  if (!u(n.Gx, n.Gy))
-    throw new Error("bad curve params: generator point");
-  const o = t.mul(t.pow(n.a, It), Ze), d = t.mul(t.sqr(n.b), BigInt(27));
-  if (t.is0(t.add(o, d)))
-    throw new Error("bad curve params: a or b");
-  function m(x) {
-    return Lt(x, L, n.n);
-  }
-  function A(x) {
-    const { allowedPrivateKeyLengths: f, nByteLength: h, wrapPrivateKey: p, n: B } = n;
-    if (f && typeof x != "bigint") {
-      if (ut(x) && (x = lt(x)), typeof x != "string" || !f.includes(x.length))
-        throw new Error("invalid private key");
-      x = x.padStart(h * 2, "0");
-    }
-    let O;
-    try {
-      O = typeof x == "bigint" ? x : et(K("private key", x, h));
-    } catch {
-      throw new Error("invalid private key, expected hex or " + h + " bytes, got " + typeof x);
-    }
-    return p && (O = M(O, B)), it("private key", O, L, B), O;
-  }
-  function I(x) {
-    if (!(x instanceof g))
-      throw new Error("ProjectivePoint expected");
-  }
-  const z = Ht((x, f) => {
-    const { px: h, py: p, pz: B } = x;
-    if (t.eql(B, t.ONE))
-      return { x: h, y: p };
-    const O = x.is0();
-    f == null && (f = O ? t.ONE : t.inv(B));
-    const R = t.mul(h, f), q = t.mul(p, f), y = t.mul(B, f);
-    if (O)
-      return { x: t.ZERO, y: t.ZERO };
-    if (!t.eql(y, t.ONE))
-      throw new Error("invZ was invalid");
-    return { x: R, y: q };
-  }), T = Ht((x) => {
-    if (x.is0()) {
-      if (n.allowInfinityPoint && !t.is0(x.py))
-        return;
-      throw new Error("bad point: ZERO");
-    }
-    const { x: f, y: h } = x.toAffine();
-    if (!t.isValid(f) || !t.isValid(h))
-      throw new Error("bad point: x or y not FE");
-    if (!u(f, h))
-      throw new Error("bad point: equation left != right");
-    if (!x.isTorsionFree())
-      throw new Error("bad point: not in prime-order subgroup");
-    return !0;
-  });
-  class g {
-    constructor(f, h, p) {
-      if (f == null || !t.isValid(f))
-        throw new Error("x required");
-      if (h == null || !t.isValid(h) || t.is0(h))
-        throw new Error("y required");
-      if (p == null || !t.isValid(p))
-        throw new Error("z required");
-      this.px = f, this.py = h, this.pz = p, Object.freeze(this);
-    }
-    // Does not validate if the point is on-curve.
-    // Use fromHex instead, or call assertValidity() later.
-    static fromAffine(f) {
-      const { x: h, y: p } = f || {};
-      if (!f || !t.isValid(h) || !t.isValid(p))
-        throw new Error("invalid affine point");
-      if (f instanceof g)
-        throw new Error("projective point not allowed");
-      const B = (O) => t.eql(O, t.ZERO);
-      return B(h) && B(p) ? g.ZERO : new g(h, p, t.ONE);
-    }
-    get x() {
-      return this.toAffine().x;
-    }
-    get y() {
-      return this.toAffine().y;
-    }
-    /**
-     * Takes a bunch of Projective Points but executes only one
-     * inversion on all of them. Inversion is very slow operation,
-     * so this improves performance massively.
-     * Optimization: converts a list of projective points to a list of identical points with Z=1.
-     */
-    static normalizeZ(f) {
-      const h = te(t, f.map((p) => p.pz));
-      return f.map((p, B) => p.toAffine(h[B])).map(g.fromAffine);
-    }
-    /**
-     * Converts hash string or Uint8Array to Point.
-     * @param hex short/long ECDSA hex
-     */
-    static fromHex(f) {
-      const h = g.fromAffine(s(K("pointHex", f)));
-      return h.assertValidity(), h;
-    }
-    // Multiplies generator point by privateKey.
-    static fromPrivateKey(f) {
-      return g.BASE.multiply(A(f));
-    }
-    // Multiscalar Multiplication
-    static msm(f, h) {
-      return Oe(g, r, f, h);
-    }
-    // "Private method", don't use it directly
-    _setWindowSize(f) {
-      $.setWindowSize(this, f);
-    }
-    // A point on curve is valid if it conforms to equation.
-    assertValidity() {
-      T(this);
-    }
-    hasEvenY() {
-      const { y: f } = this.toAffine();
-      if (t.isOdd)
-        return !t.isOdd(f);
-      throw new Error("Field doesn't support isOdd");
-    }
-    /**
-     * Compare one point to another.
-     */
-    equals(f) {
-      I(f);
-      const { px: h, py: p, pz: B } = this, { px: O, py: R, pz: q } = f, y = t.eql(t.mul(h, q), t.mul(O, B)), N = t.eql(t.mul(p, q), t.mul(R, B));
-      return y && N;
-    }
-    /**
-     * Flips point to one corresponding to (x, -y) in Affine coordinates.
-     */
-    negate() {
-      return new g(this.px, t.neg(this.py), this.pz);
-    }
-    // Renes-Costello-Batina exception-free doubling formula.
-    // There is 30% faster Jacobian formula, but it is not complete.
-    // https://eprint.iacr.org/2015/1060, algorithm 3
-    // Cost: 8M + 3S + 3*a + 2*b3 + 15add.
-    double() {
-      const { a: f, b: h } = n, p = t.mul(h, It), { px: B, py: O, pz: R } = this;
-      let q = t.ZERO, y = t.ZERO, N = t.ZERO, E = t.mul(B, B), _ = t.mul(O, O), l = t.mul(R, R), c = t.mul(B, O);
-      return c = t.add(c, c), N = t.mul(B, R), N = t.add(N, N), q = t.mul(f, N), y = t.mul(p, l), y = t.add(q, y), q = t.sub(_, y), y = t.add(_, y), y = t.mul(q, y), q = t.mul(c, q), N = t.mul(p, N), l = t.mul(f, l), c = t.sub(E, l), c = t.mul(f, c), c = t.add(c, N), N = t.add(E, E), E = t.add(N, E), E = t.add(E, l), E = t.mul(E, c), y = t.add(y, E), l = t.mul(O, R), l = t.add(l, l), E = t.mul(l, c), q = t.sub(q, E), N = t.mul(l, _), N = t.add(N, N), N = t.add(N, N), new g(q, y, N);
-    }
-    // Renes-Costello-Batina exception-free addition formula.
-    // There is 30% faster Jacobian formula, but it is not complete.
-    // https://eprint.iacr.org/2015/1060, algorithm 1
-    // Cost: 12M + 0S + 3*a + 3*b3 + 23add.
-    add(f) {
-      I(f);
-      const { px: h, py: p, pz: B } = this, { px: O, py: R, pz: q } = f;
-      let y = t.ZERO, N = t.ZERO, E = t.ZERO;
-      const _ = n.a, l = t.mul(n.b, It);
-      let c = t.mul(h, O), w = t.mul(p, R), S = t.mul(B, q), b = t.add(h, p), v = t.add(O, R);
-      b = t.mul(b, v), v = t.add(c, w), b = t.sub(b, v), v = t.add(h, B);
-      let Z = t.add(O, q);
-      return v = t.mul(v, Z), Z = t.add(c, S), v = t.sub(v, Z), Z = t.add(p, B), y = t.add(R, q), Z = t.mul(Z, y), y = t.add(w, S), Z = t.sub(Z, y), E = t.mul(_, v), y = t.mul(l, S), E = t.add(y, E), y = t.sub(w, E), E = t.add(w, E), N = t.mul(y, E), w = t.add(c, c), w = t.add(w, c), S = t.mul(_, S), v = t.mul(l, v), w = t.add(w, S), S = t.sub(c, S), S = t.mul(_, S), v = t.add(v, S), c = t.mul(w, v), N = t.add(N, c), c = t.mul(Z, v), y = t.mul(b, y), y = t.sub(y, c), c = t.mul(b, w), E = t.mul(Z, E), E = t.add(E, c), new g(y, N, E);
-    }
-    subtract(f) {
-      return this.add(f.negate());
-    }
-    is0() {
-      return this.equals(g.ZERO);
-    }
-    wNAF(f) {
-      return $.wNAFCached(this, f, g.normalizeZ);
-    }
-    /**
-     * Non-constant-time multiplication. Uses double-and-add algorithm.
-     * It's faster, but should only be used when you don't care about
-     * an exposed private key e.g. sig verification, which works over *public* keys.
-     */
-    multiplyUnsafe(f) {
-      const { endo: h, n: p } = n;
-      it("scalar", f, X, p);
-      const B = g.ZERO;
-      if (f === X)
-        return B;
-      if (this.is0() || f === L)
-        return this;
-      if (!h || $.hasPrecomputes(this))
-        return $.wNAFCachedUnsafe(this, f, g.normalizeZ);
-      let { k1neg: O, k1: R, k2neg: q, k2: y } = h.splitScalar(f), N = B, E = B, _ = this;
-      for (; R > X || y > X; )
-        R & L && (N = N.add(_)), y & L && (E = E.add(_)), _ = _.double(), R >>= L, y >>= L;
-      return O && (N = N.negate()), q && (E = E.negate()), E = new g(t.mul(E.px, h.beta), E.py, E.pz), N.add(E);
-    }
-    /**
-     * Constant time multiplication.
-     * Uses wNAF method. Windowed method may be 10% faster,
-     * but takes 2x longer to generate and consumes 2x memory.
-     * Uses precomputes when available.
-     * Uses endomorphism for Koblitz curves.
-     * @param scalar by which the point would be multiplied
-     * @returns New point
-     */
-    multiply(f) {
-      const { endo: h, n: p } = n;
-      it("scalar", f, L, p);
-      let B, O;
-      if (h) {
-        const { k1neg: R, k1: q, k2neg: y, k2: N } = h.splitScalar(f);
-        let { p: E, f: _ } = this.wNAF(q), { p: l, f: c } = this.wNAF(N);
-        E = $.constTimeNegate(R, E), l = $.constTimeNegate(y, l), l = new g(t.mul(l.px, h.beta), l.py, l.pz), B = E.add(l), O = _.add(c);
-      } else {
-        const { p: R, f: q } = this.wNAF(f);
-        B = R, O = q;
-      }
-      return g.normalizeZ([B, O])[0];
-    }
-    /**
-     * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly.
-     * Not using Strauss-Shamir trick: precomputation tables are faster.
-     * The trick could be useful if both P and Q are not G (not in our case).
-     * @returns non-zero affine point
-     */
-    multiplyAndAddUnsafe(f, h, p) {
-      const B = g.BASE, O = (q, y) => y === X || y === L || !q.equals(B) ? q.multiplyUnsafe(y) : q.multiply(y), R = O(this, h).add(O(f, p));
-      return R.is0() ? void 0 : R;
-    }
-    // Converts Projective point to affine (x, y) coordinates.
-    // Can accept precomputed Z^-1 - for example, from invertBatch.
-    // (x, y, z) ∋ (x=x/z, y=y/z)
-    toAffine(f) {
-      return z(this, f);
-    }
-    isTorsionFree() {
-      const { h: f, isTorsionFree: h } = n;
-      if (f === L)
-        return !0;
-      if (h)
-        return h(g, this);
-      throw new Error("isTorsionFree() has not been declared for the elliptic curve");
-    }
-    clearCofactor() {
-      const { h: f, clearCofactor: h } = n;
-      return f === L ? this : h ? h(g, this) : this.multiplyUnsafe(n.h);
-    }
-    toRawBytes(f = !0) {
-      return at("isCompressed", f), this.assertValidity(), i(g, this, f);
-    }
-    toHex(f = !0) {
-      return at("isCompressed", f), lt(this.toRawBytes(f));
-    }
-  }
-  g.BASE = new g(n.Gx, n.Gy, t.ONE), g.ZERO = new g(t.ZERO, t.ONE, t.ZERO);
-  const { endo: k, nBitLength: U } = n, $ = Ie(g, k ? Math.ceil(U / 2) : U);
-  return {
-    CURVE: n,
-    ProjectivePoint: g,
-    normPrivateKeyToScalar: A,
-    weierstrassEquation: a,
-    isWithinCurveOrder: m
-  };
-}
-function Te(e) {
-  const n = se(e);
-  return pt(n, {
-    hash: "hash",
-    hmac: "function",
-    randomBytes: "function"
-  }, {
-    bits2int: "function",
-    bits2int_modN: "function",
-    lowS: "boolean"
-  }), Object.freeze({ lowS: !0, ...n });
-}
-function Ue(e) {
-  const n = Te(e), { Fp: t, n: r, nByteLength: i, nBitLength: s } = n, a = t.BYTES + 1, u = 2 * t.BYTES + 1;
-  function o(l) {
-    return M(l, r);
-  }
-  function d(l) {
-    return qt(l, r);
-  }
-  const { ProjectivePoint: m, normPrivateKeyToScalar: A, weierstrassEquation: I, isWithinCurveOrder: z } = ze({
-    ...n,
-    toBytes(l, c, w) {
-      const S = c.toAffine(), b = t.toBytes(S.x), v = gt;
-      return at("isCompressed", w), w ? v(Uint8Array.from([c.hasEvenY() ? 2 : 3]), b) : v(Uint8Array.from([4]), b, t.toBytes(S.y));
-    },
-    fromBytes(l) {
-      const c = l.length, w = l[0], S = l.subarray(1);
-      if (c === a && (w === 2 || w === 3)) {
-        const b = et(S);
-        if (!Lt(b, L, t.ORDER))
-          throw new Error("Point is not on curve");
-        const v = I(b);
-        let Z;
-        try {
-          Z = t.sqrt(v);
-        } catch (P) {
-          const V = P instanceof Error ? ": " + P.message : "";
-          throw new Error("Point is not on curve" + V);
-        }
-        const C = (Z & L) === L;
-        return (w & 1) === 1 !== C && (Z = t.neg(Z)), { x: b, y: Z };
-      } else if (c === u && w === 4) {
-        const b = t.fromBytes(S.subarray(0, t.BYTES)), v = t.fromBytes(S.subarray(t.BYTES, 2 * t.BYTES));
-        return { x: b, y: v };
-      } else {
-        const b = a, v = u;
-        throw new Error("invalid Point, expected length of " + b + ", or uncompressed " + v + ", got " + c);
-      }
-    }
-  });
-  function T(l) {
-    const c = r >> L;
-    return l > c;
-  }
-  function g(l) {
-    return T(l) ? o(-l) : l;
-  }
-  const k = (l, c, w) => et(l.slice(c, w));
-  class U {
-    constructor(c, w, S) {
-      it("r", c, L, r), it("s", w, L, r), this.r = c, this.s = w, S != null && (this.recovery = S), Object.freeze(this);
-    }
-    // pair (bytes of r, bytes of s)
-    static fromCompact(c) {
-      const w = i;
-      return c = K("compactSignature", c, w * 2), new U(k(c, 0, w), k(c, w, 2 * w));
-    }
-    // DER encoded ECDSA signature
-    // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script
-    static fromDER(c) {
-      const { r: w, s: S } = D.toSig(K("DER", c));
-      return new U(w, S);
-    }
-    /**
-     * @todo remove
-     * @deprecated
-     */
-    assertValidity() {
-    }
-    addRecoveryBit(c) {
-      return new U(this.r, this.s, c);
-    }
-    recoverPublicKey(c) {
-      const { r: w, s: S, recovery: b } = this, v = B(K("msgHash", c));
-      if (b == null || ![0, 1, 2, 3].includes(b))
-        throw new Error("recovery id invalid");
-      const Z = b === 2 || b === 3 ? w + n.n : w;
-      if (Z >= t.ORDER)
-        throw new Error("recovery id 2 or 3 invalid");
-      const C = (b & 1) === 0 ? "02" : "03", G = m.fromHex(C + Nt(Z, t.BYTES)), P = d(Z), V = o(-v * P), nt = o(S * P), F = m.BASE.multiplyAndAddUnsafe(G, V, nt);
-      if (!F)
-        throw new Error("point at infinify");
-      return F.assertValidity(), F;
-    }
-    // Signatures should be low-s, to prevent malleability.
-    hasHighS() {
-      return T(this.s);
-    }
-    normalizeS() {
-      return this.hasHighS() ? new U(this.r, o(-this.s), this.recovery) : this;
-    }
-    // DER-encoded
-    toDERRawBytes() {
-      return wt(this.toDERHex());
-    }
-    toDERHex() {
-      return D.hexFromSig(this);
-    }
-    // padded bytes of r, then padded bytes of s
-    toCompactRawBytes() {
-      return wt(this.toCompactHex());
-    }
-    toCompactHex() {
-      const c = i;
-      return Nt(this.r, c) + Nt(this.s, c);
-    }
-  }
-  const $ = {
-    isValidPrivateKey(l) {
-      try {
-        return A(l), !0;
-      } catch {
-        return !1;
-      }
-    },
-    normPrivateKeyToScalar: A,
-    /**
-     * Produces cryptographically secure private key from random of size
-     * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible.
-     */
-    randomPrivateKey: () => {
-      const l = re(n.n);
-      return Se(n.randomBytes(l), n.n);
-    },
-    /**
-     * Creates precompute table for an arbitrary EC point. Makes point "cached".
-     * Allows to massively speed-up `point.multiply(scalar)`.
-     * @returns cached point
-     * @example
-     * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey));
-     * fast.multiply(privKey); // much faster ECDH now
-     */
-    precompute(l = 8, c = m.BASE) {
-      return c._setWindowSize(l), c.multiply(BigInt(3)), c;
-    }
-  };
-  function x(l, c = !0) {
-    return m.fromPrivateKey(l).toRawBytes(c);
-  }
-  function f(l) {
-    if (typeof l == "bigint")
-      return !1;
-    if (l instanceof m)
-      return !0;
-    const w = K("key", l).length, S = t.BYTES, b = S + 1, v = 2 * S + 1;
-    if (!(n.allowedPrivateKeyLengths || i === b))
-      return w === b || w === v;
-  }
-  function h(l, c, w = !0) {
-    if (f(l) === !0)
-      throw new Error("first arg must be private key");
-    if (f(c) === !1)
-      throw new Error("second arg must be public key");
-    return m.fromHex(c).multiply(A(l)).toRawBytes(w);
-  }
-  const p = n.bits2int || function(l) {
-    if (l.length > 8192)
-      throw new Error("input is too large");
-    const c = et(l), w = l.length * 8 - s;
-    return w > 0 ? c >> BigInt(w) : c;
-  }, B = n.bits2int_modN || function(l) {
-    return o(p(l));
-  }, O = mt(s);
-  function R(l) {
-    return it("num < 2^" + s, l, X, O), dt(l, i);
-  }
-  function q(l, c, w = y) {
-    if (["recovered", "canonical"].some((Q) => Q in w))
-      throw new Error("sign() legacy options not supported");
-    const { hash: S, randomBytes: b } = n;
-    let { lowS: v, prehash: Z, extraEntropy: C } = w;
-    v == null && (v = !0), l = K("msgHash", l), jt(w), Z && (l = K("prehashed msgHash", S(l)));
-    const G = B(l), P = A(c), V = [R(P), R(G)];
-    if (C != null && C !== !1) {
-      const Q = C === !0 ? b(t.BYTES) : C;
-      V.push(K("extraEntropy", Q));
-    }
-    const nt = gt(...V), F = G;
-    function yt(Q) {
-      const rt = p(Q);
-      if (!z(rt))
-        return;
-      const Et = d(rt), st = m.BASE.multiply(rt).toAffine(), J = o(st.x);
-      if (J === X)
-        return;
-      const ft = o(Et * o(F + J * P));
-      if (ft === X)
-        return;
-      let ct = (st.x === J ? 0 : 2) | Number(st.y & L), ot = ft;
-      return v && T(ft) && (ot = g(ft), ct ^= 1), new U(J, ot, ct);
-    }
-    return { seed: nt, k2sig: yt };
-  }
-  const y = { lowS: n.lowS, prehash: !1 }, N = { lowS: n.lowS, prehash: !1 };
-  function E(l, c, w = y) {
-    const { seed: S, k2sig: b } = q(l, c, w), v = n;
-    return ge(v.hash.outputLen, v.nByteLength, v.hmac)(S, b);
-  }
-  m.BASE._setWindowSize(8);
-  function _(l, c, w, S = N) {
-    var ct;
-    const b = l;
-    c = K("msgHash", c), w = K("publicKey", w);
-    const { lowS: v, prehash: Z, format: C } = S;
-    if (jt(S), "strict" in S)
-      throw new Error("options.strict was renamed to lowS");
-    if (C !== void 0 && C !== "compact" && C !== "der")
-      throw new Error("format must be compact or der");
-    const G = typeof b == "string" || ut(b), P = !G && !C && typeof b == "object" && b !== null && typeof b.r == "bigint" && typeof b.s == "bigint";
-    if (!G && !P)
-      throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");
-    let V, nt;
-    try {
-      if (P && (V = new U(b.r, b.s)), G) {
-        try {
-          C !== "compact" && (V = U.fromDER(b));
-        } catch (ot) {
-          if (!(ot instanceof D.Err))
-            throw ot;
-        }
-        !V && C !== "der" && (V = U.fromCompact(b));
-      }
-      nt = m.fromHex(w);
-    } catch {
-      return !1;
-    }
-    if (!V || v && V.hasHighS())
-      return !1;
-    Z && (c = n.hash(c));
-    const { r: F, s: yt } = V, Q = B(c), rt = d(yt), Et = o(Q * rt), st = o(F * rt), J = (ct = m.BASE.multiplyAndAddUnsafe(nt, Et, st)) == null ? void 0 : ct.toAffine();
-    return J ? o(J.x) === F : !1;
-  }
-  return {
-    CURVE: n,
-    getPublicKey: x,
-    getSharedSecret: h,
-    sign: E,
-    verify: _,
-    ProjectivePoint: m,
-    Signature: U,
-    utils: $
-  };
-}
-function Le(e) {
-  return {
-    hash: e,
-    hmac: (n, ...t) => le(e, n, ue(...t)),
-    randomBytes: ae
-  };
-}
-function _e(e, n) {
-  const t = (r) => Ue({ ...e, ...Le(r) });
-  return { ...t(n), create: t };
-}
-const fe = BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"), Kt = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"), ke = BigInt(0), Ce = BigInt(1), Zt = BigInt(2), Pt = (e, n) => (e + n / Zt) / n;
-function He(e) {
-  const n = fe, t = BigInt(3), r = BigInt(6), i = BigInt(11), s = BigInt(22), a = BigInt(23), u = BigInt(44), o = BigInt(88), d = e * e * e % n, m = d * d * e % n, A = j(m, t, n) * m % n, I = j(A, t, n) * m % n, z = j(I, Zt, n) * d % n, T = j(z, i, n) * z % n, g = j(T, s, n) * T % n, k = j(g, u, n) * g % n, U = j(k, o, n) * k % n, $ = j(U, u, n) * g % n, x = j($, t, n) * m % n, f = j(x, a, n) * T % n, h = j(f, r, n) * d % n, p = j(h, Zt, n);
-  if (!zt.eql(zt.sqr(p), e))
-    throw new Error("Cannot find square root");
-  return p;
-}
-const zt = _t(fe, void 0, void 0, { sqrt: He }), Me = _e({
-  a: ke,
-  b: BigInt(7),
-  Fp: zt,
-  n: Kt,
-  Gx: BigInt("55066263022277343669578718895168534326250603453777594175500187360389116729240"),
-  Gy: BigInt("32670510020758816978083085130507043184471273380659243275938904335757337482424"),
-  h: BigInt(1),
-  lowS: !0,
-  // Allow only low-S signatures by default in sign() and verify()
-  endo: {
-    // Endomorphism, see above
-    beta: BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),
-    splitScalar: (e) => {
-      const n = Kt, t = BigInt("0x3086d221a7d46bcde86c90e49284eb15"), r = -Ce * BigInt("0xe4437ed6010e88286f547fa90abfe4c3"), i = BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"), s = t, a = BigInt("0x100000000000000000000000000000000"), u = Pt(s * e, n), o = Pt(-r * e, n);
-      let d = M(e - u * t - o * i, n), m = M(-u * r - o * s, n);
-      const A = d > a, I = m > a;
-      if (A && (d = n - d), I && (m = n - m), d > a || m > a)
-        throw new Error("splitScalar: Endomorphism failed, k=" + e);
-      return { k1neg: A, k1: d, k2neg: I, k2: m };
-    }
-  }
-}, de);
-export {
-  Me as secp256k1
-};