@brightchain/brightchain-api-lib 0.14.0 → 0.16.0

package/src/lib/application.js.map

@@ -1 +1 @@
-{"version":3,"file":"application.js","sourceRoot":"","sources":["../../../../brightchain-api-lib/src/lib/application.ts"],"names":[],"mappings":";;;;AAAA,kEAUsC;AACtC,wDAA4D;AAE5D,4EAI6C;AAC7C,oEAGyC;AACzC,uDAAuD;AACvD,8DAAgF;AAChF,2BAAkC;AAElC,iCAAqC;AACrC,+BAA+B;AAC/B,yDAAqD;AACrD,2FAAoF;AAEpF,qEAAkE;AAClE,+CAA4C;AAC5C,uCAA0C;AAC1C,uCAA0C;AAC1C,yCAAyE;AACzE,gFAA6E;AAE7E,8EAA2E;AAE3E;;GAEG;AACH,MAAa,GAA4B,SAAQ,kCAAoB;IAUnE,YAAY,WAA6B;QACvC,KAAK,CACH,WAAW,EACX,IAAA,uDAAwB,EAAC;YACvB,SAAS,EAAE,WAAW,CAAC,cAAc;YACrC,SAAS,EAAE,WAAW,CAAC,mBAAmB;YAC1C,SAAS,EAAE,WAAW,CAAC,sBAAsB;SAC9C,CAAC,CACH,CAAC;QAhBI,WAAM,GAAkB,IAAI,CAAC;QAC7B,gBAAW,GAAyB,IAAI,GAAG,EAAE,CAAC;QAE9C,cAAS,GAA0B,IAAI,CAAC;QACxC,gBAAW,GAAmC,IAAI,CAAC;QACnD,aAAQ,GAAkC,IAAI,CAAC;QAC/C,0BAAqB,GAAiC,IAAI,CAAC;QAWjE,IAAI,CAAC,UAAU,GAAG,IAAA,iBAAO,GAAE,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,2BAAgB,CAAC,WAAW,EAAE,CAAC;IACnD,CAAC;IAEe,KAAK,CAAC,KAAK;QACzB,MAAM,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxB,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,CAAC,KAAK,CACX,kCAAkC,EAClC,gCAAgC,CACjC,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,MAAM,IAAI,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC;YAElD,sBAAsB;YACtB,MAAM,UAAU,GAAG,qCAAiB,CAAC,iBAAiB,CAAC;gBACrD,SAAS,EAAE,2BAAS,CAAC,KAAK;aAC3B,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,6BAAW,CAAC,UAAU,CAAC,CAAC;YAChD,MAAM,WAAW,GAAG,IAAI,oCAAkB,EAAE,CAAC;YAC7C,MAAM,YAAY,GAAG,IAAI,8BAAY,EAAE,CAAC;YACxC,MAAM,YAAY,GAAG,IAAI,uBAAY,CAAM,IAAI,CAAC,CAAC;YACjD,MAAM,WAAW,GAAG,IAAI,sBAAW,CACjC,IAAI,EACJ,WAAW,EACX,WAAW,EACX,YAAY,EACZ,IAAI,CAAC,WAAW,CAAC,SAAS,CAC3B,CAAC;YAEF,oBAAoB;YACpB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;YACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;YACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;YAElD,0DAA0D;YAC1D,8BAA8B;YAC9B,IAAI,CAAC,WAAW,GAAG,IAAI,iDAAuB,EAAE,CAAC;YACjD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAE9D,yBAAW,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAClC,MAAM,SAAS,GAAG,IAAI,eAAS,CAAM,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;YAC3B,MAAM,SAAS,GAAG,IAAI,eAAS,CAAM,SAAS,CAAC,CAAC;YAEhD,wEAAwE;YACxE,oBAAoB;YACpB,SAAS,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAE/C,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAChC,IAAI,CAAC,UAAU,CAAC,GAAG,CACjB,CACE,GAA4B,EAC5B,GAAY,EACZ,GAAa,EACb,IAAkB,EAClB,EAAE;gBACF,MAAM,eAAe,GACnB,GAAG,YAAY,0BAAe;oBAC5B,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,0BAAe,CACjB,IAAI,KAAK,CACP,GAAG,CAAC,OAAO;wBACT,IAAA,2BAAS,EAAC,oCAAkB,CAAC,sBAAsB,CAAC,CACvD,EACD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;gBACR,IAAA,gCAAW,EACT,eAAe,EACf,GAAU,EACV,2CAAsB,EACtB,IAAI,CACL,CAAC;YACJ,CAAC,CACF,CAAC;YAEF,MAAM,YAAY,GAAoB,EAAE,CAAC;YACzC,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAClC,IAAI,CAAC,WAAW,CAAC,IAAI,EACrB,IAAI,CAAC,WAAW,CAAC,IAAI,EACrB,GAAG,EAAE;oBACH,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,oBAAoB,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CACrE,CAAC;oBAEF,yDAAyD;oBACzD,oBAAoB;oBACpB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;wBAChB,IAAI,CAAC,QAAQ,GAAG,IAAI,+CAAsB,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;wBAC/D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBACxD,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,wCAAwC,CACzC,CAAC;oBACJ,CAAC;oBAED,OAAO,EAAE,CAAC;gBACZ,CAAC,CACF,CAAC;YACJ,CAAC,CAAC,CACH,CAAC;YAEF,IAAI,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC;gBACtC,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,IAAA,cAAO,EAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,GAAG,MAAM,CAAC,CAAC;oBACrE,MAAM,OAAO,GAAG,IAAA,cAAO,EACrB,IAAI,CAAC,WAAW,CAAC,gBAAgB,GAAG,UAAU,CAC/C,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,IAAA,iBAAY,EAAC,OAAO,CAAC;wBAC1B,IAAI,EAAE,IAAA,iBAAY,EAAC,QAAQ,CAAC;qBAC7B,CAAC;oBAEF,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;wBAC5B,IAAA,oBAAY,EAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAC3C,IAAI,CAAC,WAAW,CAAC,YAAY,EAC7B,GAAG,EAAE;4BACH,OAAO,CAAC,GAAG,CACT,KAAK,IAAA,wCAAuB,EAC1B,mCAAkB,CAAC,YAAY,CAChC,cAAc,IAAI,CAAC,WAAW,CAAC,IAAI,IAClC,IAAI,CAAC,WAAW,CAAC,YACnB,EAAE,CACH,CAAC;4BACF,OAAO,EAAE,CAAC;wBACZ,CAAC,CACF,CAAC;oBACJ,CAAC,CAAC,CACH,CAAC;gBACJ,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YAED,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAChC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;YACvD,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,MAAM,EAAE,CAAC;gBACvC,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAEe,KAAK,CAAC,IAAI;QACxB,+BAA+B;QAC/B,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAA,6BAAQ,EAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,+BAA+B,CAAC,CAAC;YACzE,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,IAAI,CAAC,QAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACvB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,iCAAiC,CAClC,CAAC;YACF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC1C,IAAI,CAAC,MAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBACrC,IAAI,CAAC,MAAO,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACzB,IAAI,GAAG,EAAE,CAAC;wBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACd,CAAC;yBAAM,CAAC;wBACN,OAAO,EAAE,CAAC;oBACZ,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QAEtB,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACpB,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAEM,aAAa,CAAc,IAAY;QAC5C,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAM,CAAC;IACzC,CAAC;IAEM,aAAa,CAAC,IAAY,EAAE,UAAmB;QACpD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACI,cAAc;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACI,kBAAkB;QACvB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACI,wBAAwB,CAAC,OAA8B;QAC5D,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,oBAAoB,CAAC,QAA4B;QACtD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC5D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,sBAAsB,CAAC,OAA6B;QACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAC/C,IAAI,CAAC,SAAS,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,wBAAwB,CAAC,OAA+B;QAC7D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;CACF;AA/SD,kBA+SC"}
+{"version":3,"file":"application.js","sourceRoot":"","sources":["../../../../brightchain-api-lib/src/lib/application.ts"],"names":[],"mappings":";;;AAAA,kEAQsC;AAEtC,4EAM6C;AAE7C,iDAA8C;AAC9C,2FAAoF;AAOpF,qEAAkE;AAElE,+CAA4C;AAC5C,uCAA0C;AAC1C,uCAA0C;AAC1C,yCAAyE;AACzE,gFAA6E;AAE7E,8EAA2E;AAC3E,qDAI0B;AAE1B;;;;;;;;;;;;GAYG;AACH,MAAa,GAA4B,SAAQ,gCAOhD;IAiBC,YAAY,WAA6B;QACvC,KAAK,CACH,WAAW;QACX,qDAAqD;QACrD,4FAA4F;QAC5F,CAAC,GAAsB,EAAE,EAAE,CAAC,IAAI,eAAS,CAAM,GAAe,CAAC;QAC/D,sEAAsE;QACtE,qCAAoB;QACpB,0DAA0D;QAC1D,yCAAwB;QACxB,wDAAwD;QACxD,2CAA0B;QAC1B,oEAAoE;QACpE,SAAS;QACT,YAAY;QACZ,2BAAY;QACZ,4EAA4E;QAC5E,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,eAAS,CAAM,SAA2B,CAAC;QAC9D,2EAA2E;QAC3E,CAAC,GAA2C,EAAE,EAAE,CAAC,yBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CACvE,CAAC;QApCI,gBAAW,GAAyB,IAAI,GAAG,EAAE,CAAC;QAG9C,cAAS,GAA0B,IAAI,CAAC;QACxC,gBAAW,GAAmC,IAAI,CAAC;QACnD,aAAQ,GAAkC,IAAI,CAAC;QAC/C,0BAAqB,GAAiC,IAAI,CAAC;QAC3D,gBAAW,GAAuB,IAAI,CAAC;QAE/C;;;;WAIG;QACK,gBAAW,GAAkB,IAAI,CAAC;QAuBxC,IAAI,CAAC,UAAU,GAAG,2BAAgB,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,CAAC,yBAAyB,GAAG,IAAA,uDAAwB,EAAC;YACxD,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,wFAAwF;IACxF,IAAoB,EAAE;QACpB,OAAO,IAAI,CAAC,yBAAyB,CAAC;IACxC,CAAC;IAED;;;;OAIG;IACH,0FAA0F;IAC1E,QAAQ,CACtB,SAAiB;QAEjB,OAAO,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAI,SAAS,CAAC,CAAC;IACjE,CAAC;IAEe,KAAK,CAAC,KAAK,CAAC,QAAiB;QAC3C,oEAAoE;QACpE,kFAAkF;QAClF,qEAAqE;QACrE,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACpE,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAuC,EAAE,EAAE;YACvE,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC;YACvC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC;YAC1B,OAAO,MAAM,CAAC;QAChB,CAAC,CAAkC,CAAC;QAEpC,gFAAgF;QAChF,0EAA0E;QAC1E,8CAA8C;QAC9C,MAAM,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAE5B,oEAAoE;QACpE,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,cAAc,CAAC;QAExC,oEAAoE;QAEpE,MAAM,IAAI,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC;QAElD,2BAA2B;QAC3B,MAAM,UAAU,GAAG,qCAAiB,CAAC,iBAAiB,CAAC;YACrD,SAAS,EAAE,2BAAS,CAAC,KAAK;SAC3B,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,IAAI,6BAAW,CAAC,UAAU,CAAC,CAAC;QAChD,MAAM,WAAW,GAAG,IAAI,oCAAkB,EAAE,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,8BAAY,EAAE,CAAC;QACxC,4FAA4F;QAC5F,MAAM,YAAY,GAAG,IAAI,uBAAY,CAAM,IAAI,CAAC,CAAC;QACjD,MAAM,WAAW,GAAG,IAAI,sBAAW;QACjC,4FAA4F;QAC5F,IAAI,EACJ,WAAW,EACX,WAAW,EACX,YAAY,EACZ,IAAI,CAAC,WAAW,CAAC,SAAS,CAC3B,CAAC;QAEF,qDAAqD;QACrD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,CAAC;QAC3D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,CAAC;QAC3D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;QAElD,+CAA+C;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,iDAAuB,EAAE,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAE9D,iDAAiD;QACjD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,QAAQ,GAAG,IAAI,+CAAsB,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YACpE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACxD,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,wCAAwC,CACzC,CAAC;QACJ,CAAC;QAED,mEAAmE;QACnE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtD,CAAC;QAED,2CAA2C;QAC3C,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;gBACnC,IAAI,CAAC,WAAW,GAAG,IAAI,gCAAW,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;gBAC1D,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;gBACpC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAC9D,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,yCAAyC,CAC1C,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAA,6BAAQ,EACN,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,KAAK,EACL,qCAAqC,CACtC,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,OAAO,EAAE,CAAC;YACjB,OAAO,CAAC,IAAI,CACV,0EAA0E,EAC1E,OAAO,CACR,CAAC;QACJ,CAAC;IACH,CAAC;IAEe,KAAK,CAAC,IAAI;QACxB,gEAAgE;QAEhE,8BAA8B;QAC9B,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAA,6BAAQ,EAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,gCAAgC,CAAC,CAAC;YAC1E,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAC1B,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAA,6BAAQ,EAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,+BAA+B,CAAC,CAAC;YACzE,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,IAAI,CAAC,QAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACvB,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,2FAA2F;QAC3F,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;IACrB,CAAC;IAEM,aAAa,CAAc,IAAY;QAC5C,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAM,CAAC;IACzC,CAAC;IAEM,aAAa,CAAC,IAAY,EAAE,UAAmB;QACpD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACI,cAAc;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACI,kBAAkB;QACvB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACI,wBAAwB,CAAC,OAA8B;QAC5D,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,oBAAoB,CAAC,QAA4B;QACtD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC5D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,sBAAsB,CAAC,OAA6B;QACzD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAC/C,IAAI,CAAC,SAAS,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,wBAAwB,CAAC,OAA+B;QAC7D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;CACF;AAzRD,kBAyRC"}

package/src/lib/auth/aclEnforcedAvailability.d.ts

@@ -0,0 +1,57 @@
+/**
+ * ACL-enforced wrappers for availability services (gossip, reconciliation, discovery).
+ *
+ * These lightweight wrappers use the same ACLProvider interface and PermissionDeniedError
+ * from the ACLEnforcedBlockStore, applying permission checks to gossip announcements,
+ * reconciliation exchanges, and discovery queries.
+ *
+ * @see Requirements 11.5, 11.6, 11.7
+ */
+import { ACLProvider } from './aclEnforcedBlockStore';
+/**
+ * Filters incoming gossip announcements by checking the announcing node's
+ * Write or Replicate permission in the target pool's ACL.
+ *
+ * @see Requirement 11.5
+ */
+export declare class ACLEnforcedGossipFilter {
+    private readonly aclProvider;
+    constructor(aclProvider: ACLProvider);
+    /**
+     * Check whether a gossip announcement from the given node should be accepted
+     * for the given pool. The announcing node must have Write or Replicate permission.
+     */
+    shouldAcceptAnnouncement(poolId: string, announcingNodeId: string): Promise<boolean>;
+}
+/**
+ * Wraps reconciliation to verify both the current node and the peer node
+ * have Replicate permission in the target pool's ACL.
+ *
+ * @see Requirement 11.6
+ */
+export declare class ACLEnforcedReconciliation {
+    private readonly aclProvider;
+    private readonly currentNodeId;
+    constructor(aclProvider: ACLProvider, currentNodeId: string);
+    /**
+     * Verify that both the current node and the peer have Replicate permission
+     * for the given pool. Throws PermissionDeniedError if either lacks permission.
+     */
+    verifyReconciliationPermission(poolId: string, peerNodeId: string): Promise<void>;
+}
+/**
+ * Wraps discovery to verify the querying node has Read permission
+ * in the target pool's ACL.
+ *
+ * @see Requirement 11.7
+ */
+export declare class ACLEnforcedDiscovery {
+    private readonly aclProvider;
+    constructor(aclProvider: ACLProvider);
+    /**
+     * Verify that the querying node has Read permission for the given pool.
+     * Throws PermissionDeniedError if the node lacks permission.
+     */
+    verifyDiscoveryPermission(poolId: string, queryingNodeId: string): Promise<void>;
+}
+//# sourceMappingURL=aclEnforcedAvailability.d.ts.map

package/src/lib/auth/aclEnforcedAvailability.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aclEnforcedAvailability.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/aclEnforcedAvailability.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,EAAE,WAAW,EAAyB,MAAM,yBAAyB,CAAC;AAE7E;;;;;GAKG;AACH,qBAAa,uBAAuB;IACtB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAAX,WAAW,EAAE,WAAW;IAErD;;;OAGG;IACG,wBAAwB,CAC5B,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,MAAM,GACvB,OAAO,CAAC,OAAO,CAAC;CAOpB;AAED;;;;;GAKG;AACH,qBAAa,yBAAyB;IAElC,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,aAAa;gBADb,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,MAAM;IAGxC;;;OAGG;IACG,8BAA8B,CAClC,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC;CAuBjB;AAED;;;;;GAKG;AACH,qBAAa,oBAAoB;IACnB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAAX,WAAW,EAAE,WAAW;IAErD;;;OAGG;IACG,yBAAyB,CAC7B,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,IAAI,CAAC;CAYjB"}

package/src/lib/auth/aclEnforcedAvailability.js

@@ -0,0 +1,87 @@
+"use strict";
+/**
+ * ACL-enforced wrappers for availability services (gossip, reconciliation, discovery).
+ *
+ * These lightweight wrappers use the same ACLProvider interface and PermissionDeniedError
+ * from the ACLEnforcedBlockStore, applying permission checks to gossip announcements,
+ * reconciliation exchanges, and discovery queries.
+ *
+ * @see Requirements 11.5, 11.6, 11.7
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ACLEnforcedDiscovery = exports.ACLEnforcedReconciliation = exports.ACLEnforcedGossipFilter = void 0;
+const brightchain_lib_1 = require("@brightchain/brightchain-lib");
+const aclEnforcedBlockStore_1 = require("./aclEnforcedBlockStore");
+/**
+ * Filters incoming gossip announcements by checking the announcing node's
+ * Write or Replicate permission in the target pool's ACL.
+ *
+ * @see Requirement 11.5
+ */
+class ACLEnforcedGossipFilter {
+    constructor(aclProvider) {
+        this.aclProvider = aclProvider;
+    }
+    /**
+     * Check whether a gossip announcement from the given node should be accepted
+     * for the given pool. The announcing node must have Write or Replicate permission.
+     */
+    async shouldAcceptAnnouncement(poolId, announcingNodeId) {
+        const acl = await this.aclProvider.getACL(poolId);
+        return ((0, brightchain_lib_1.hasPermission)(acl, announcingNodeId, brightchain_lib_1.PoolPermission.Write) ||
+            (0, brightchain_lib_1.hasPermission)(acl, announcingNodeId, brightchain_lib_1.PoolPermission.Replicate));
+    }
+}
+exports.ACLEnforcedGossipFilter = ACLEnforcedGossipFilter;
+/**
+ * Wraps reconciliation to verify both the current node and the peer node
+ * have Replicate permission in the target pool's ACL.
+ *
+ * @see Requirement 11.6
+ */
+class ACLEnforcedReconciliation {
+    constructor(aclProvider, currentNodeId) {
+        this.aclProvider = aclProvider;
+        this.currentNodeId = currentNodeId;
+    }
+    /**
+     * Verify that both the current node and the peer have Replicate permission
+     * for the given pool. Throws PermissionDeniedError if either lacks permission.
+     */
+    async verifyReconciliationPermission(poolId, peerNodeId) {
+        const acl = await this.aclProvider.getACL(poolId);
+        if (!(0, brightchain_lib_1.hasPermission)(acl, this.currentNodeId, brightchain_lib_1.PoolPermission.Replicate)) {
+            const member = acl.members.find((m) => m.nodeId === this.currentNodeId);
+            throw new aclEnforcedBlockStore_1.PermissionDeniedError(poolId, this.currentNodeId, brightchain_lib_1.PoolPermission.Replicate, member ? member.permissions : []);
+        }
+        if (!(0, brightchain_lib_1.hasPermission)(acl, peerNodeId, brightchain_lib_1.PoolPermission.Replicate)) {
+            const member = acl.members.find((m) => m.nodeId === peerNodeId);
+            throw new aclEnforcedBlockStore_1.PermissionDeniedError(poolId, peerNodeId, brightchain_lib_1.PoolPermission.Replicate, member ? member.permissions : []);
+        }
+    }
+}
+exports.ACLEnforcedReconciliation = ACLEnforcedReconciliation;
+/**
+ * Wraps discovery to verify the querying node has Read permission
+ * in the target pool's ACL.
+ *
+ * @see Requirement 11.7
+ */
+class ACLEnforcedDiscovery {
+    constructor(aclProvider) {
+        this.aclProvider = aclProvider;
+    }
+    /**
+     * Verify that the querying node has Read permission for the given pool.
+     * Throws PermissionDeniedError if the node lacks permission.
+     */
+    async verifyDiscoveryPermission(poolId, queryingNodeId) {
+        const acl = await this.aclProvider.getACL(poolId);
+        if (!(0, brightchain_lib_1.hasPermission)(acl, queryingNodeId, brightchain_lib_1.PoolPermission.Read)) {
+            const member = acl.members.find((m) => m.nodeId === queryingNodeId);
+            throw new aclEnforcedBlockStore_1.PermissionDeniedError(poolId, queryingNodeId, brightchain_lib_1.PoolPermission.Read, member ? member.permissions : []);
+        }
+    }
+}
+exports.ACLEnforcedDiscovery = ACLEnforcedDiscovery;
+//# sourceMappingURL=aclEnforcedAvailability.js.map

package/src/lib/auth/aclEnforcedAvailability.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aclEnforcedAvailability.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/aclEnforcedAvailability.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEH,kEAA6E;AAE7E,mEAA6E;AAE7E;;;;;GAKG;AACH,MAAa,uBAAuB;IAClC,YAA6B,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;IAAG,CAAC;IAEzD;;;OAGG;IACH,KAAK,CAAC,wBAAwB,CAC5B,MAAc,EACd,gBAAwB;QAExB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAClD,OAAO,CACL,IAAA,+BAAa,EAAC,GAAG,EAAE,gBAAgB,EAAE,gCAAc,CAAC,KAAK,CAAC;YAC1D,IAAA,+BAAa,EAAC,GAAG,EAAE,gBAAgB,EAAE,gCAAc,CAAC,SAAS,CAAC,CAC/D,CAAC;IACJ,CAAC;CACF;AAjBD,0DAiBC;AAED;;;;;GAKG;AACH,MAAa,yBAAyB;IACpC,YACmB,WAAwB,EACxB,aAAqB;QADrB,gBAAW,GAAX,WAAW,CAAa;QACxB,kBAAa,GAAb,aAAa,CAAQ;IACrC,CAAC;IAEJ;;;OAGG;IACH,KAAK,CAAC,8BAA8B,CAClC,MAAc,EACd,UAAkB;QAElB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAElD,IAAI,CAAC,IAAA,+BAAa,EAAC,GAAG,EAAE,IAAI,CAAC,aAAa,EAAE,gCAAc,CAAC,SAAS,CAAC,EAAE,CAAC;YACtE,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,aAAa,CAAC,CAAC;YACxE,MAAM,IAAI,6CAAqB,CAC7B,MAAM,EACN,IAAI,CAAC,aAAa,EAClB,gCAAc,CAAC,SAAS,EACxB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CACjC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAA,+BAAa,EAAC,GAAG,EAAE,UAAU,EAAE,gCAAc,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9D,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;YAChE,MAAM,IAAI,6CAAqB,CAC7B,MAAM,EACN,UAAU,EACV,gCAAc,CAAC,SAAS,EACxB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CACjC,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AApCD,8DAoCC;AAED;;;;;GAKG;AACH,MAAa,oBAAoB;IAC/B,YAA6B,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;IAAG,CAAC;IAEzD;;;OAGG;IACH,KAAK,CAAC,yBAAyB,CAC7B,MAAc,EACd,cAAsB;QAEtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,IAAA,+BAAa,EAAC,GAAG,EAAE,cAAc,EAAE,gCAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7D,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC;YACpE,MAAM,IAAI,6CAAqB,CAC7B,MAAM,EACN,cAAc,EACd,gCAAc,CAAC,IAAI,EACnB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CACjC,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAtBD,oDAsBC"}

package/src/lib/auth/aclEnforcedBlockStore.d.ts

@@ -0,0 +1,66 @@
+/**
+ * ACL-enforced block store wrapper.
+ *
+ * Wraps an IPooledBlockStore and checks ACL permissions before delegating
+ * pool-scoped operations (get, put, delete). This is a lightweight middleware
+ * pattern — it only wraps the key operations that need ACL checks.
+ *
+ * @see Requirements 11.4, 10.3, 10.4
+ */
+import type { BlockStoreOptions, IPoolACL, IPooledBlockStore, PoolId } from '@brightchain/brightchain-lib';
+import { PoolPermission } from '@brightchain/brightchain-lib';
+/**
+ * Error thrown when a node lacks the required permission for a pool operation.
+ * Includes the required permission, actual permissions, pool ID, and node ID
+ * for diagnostic purposes.
+ *
+ * @see Requirement 10.6
+ */
+export declare class PermissionDeniedError extends Error {
+    readonly poolId: string;
+    readonly nodeId: string;
+    readonly requiredPermission: PoolPermission;
+    readonly actualPermissions: PoolPermission[];
+    constructor(poolId: string, nodeId: string, requiredPermission: PoolPermission, actualPermissions: PoolPermission[]);
+}
+/**
+ * Provider interface for retrieving the ACL for a given pool.
+ * Implementations may load ACLs from the block store, cache, or any other source.
+ */
+export interface ACLProvider {
+    getACL(poolId: string): Promise<IPoolACL<string>>;
+}
+/**
+ * Lightweight wrapper around an IPooledBlockStore that enforces ACL permissions
+ * before delegating pool-scoped operations.
+ *
+ * - getFromPool: requires Read permission
+ * - putInPool: requires Write permission
+ * - deleteFromPool: requires Write permission
+ *
+ * @see Requirements 11.4, 10.3, 10.4
+ */
+export declare class ACLEnforcedBlockStore {
+    private readonly inner;
+    private readonly aclProvider;
+    private readonly currentNodeId;
+    constructor(inner: IPooledBlockStore, aclProvider: ACLProvider, currentNodeId: string);
+    /**
+     * Retrieve a block from a pool after verifying Read permission.
+     */
+    getFromPool(pool: PoolId, hash: string): Promise<Uint8Array>;
+    /**
+     * Store a block in a pool after verifying Write permission.
+     */
+    putInPool(pool: PoolId, data: Uint8Array, options?: BlockStoreOptions): Promise<string>;
+    /**
+     * Delete a block from a pool after verifying Write permission.
+     */
+    deleteFromPool(pool: PoolId, hash: string): Promise<void>;
+    /**
+     * Check that the current node has the required permission for the given pool.
+     * Throws PermissionDeniedError if the permission check fails.
+     */
+    private checkPermission;
+}
+//# sourceMappingURL=aclEnforcedBlockStore.d.ts.map

package/src/lib/auth/aclEnforcedBlockStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aclEnforcedBlockStore.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/aclEnforcedBlockStore.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EACV,iBAAiB,EACjB,QAAQ,EACR,iBAAiB,EACjB,MAAM,EACP,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAiB,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAE7E;;;;;;GAMG;AACH,qBAAa,qBAAsB,SAAQ,KAAK;aAE5B,MAAM,EAAE,MAAM;aACd,MAAM,EAAE,MAAM;aACd,kBAAkB,EAAE,cAAc;aAClC,iBAAiB,EAAE,cAAc,EAAE;gBAHnC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,kBAAkB,EAAE,cAAc,EAClC,iBAAiB,EAAE,cAAc,EAAE;CAOtD;AAED;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;CACnD;AAED;;;;;;;;;GASG;AACH,qBAAa,qBAAqB;IAE9B,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,aAAa;gBAFb,KAAK,EAAE,iBAAiB,EACxB,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,MAAM;IAGxC;;OAEG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAKlE;;OAEG;IACG,SAAS,CACb,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,UAAU,EAChB,OAAO,CAAC,EAAE,iBAAiB,GAC1B,OAAO,CAAC,MAAM,CAAC;IAKlB;;OAEG;IACG,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAK/D;;;OAGG;YACW,eAAe;CAgB9B"}

package/src/lib/auth/aclEnforcedBlockStore.js

@@ -0,0 +1,83 @@
+"use strict";
+/**
+ * ACL-enforced block store wrapper.
+ *
+ * Wraps an IPooledBlockStore and checks ACL permissions before delegating
+ * pool-scoped operations (get, put, delete). This is a lightweight middleware
+ * pattern — it only wraps the key operations that need ACL checks.
+ *
+ * @see Requirements 11.4, 10.3, 10.4
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ACLEnforcedBlockStore = exports.PermissionDeniedError = void 0;
+const brightchain_lib_1 = require("@brightchain/brightchain-lib");
+/**
+ * Error thrown when a node lacks the required permission for a pool operation.
+ * Includes the required permission, actual permissions, pool ID, and node ID
+ * for diagnostic purposes.
+ *
+ * @see Requirement 10.6
+ */
+class PermissionDeniedError extends Error {
+    constructor(poolId, nodeId, requiredPermission, actualPermissions) {
+        super(`Permission denied: ${requiredPermission} required for pool ${poolId}, node ${nodeId} has [${actualPermissions.join(', ')}]`);
+        this.poolId = poolId;
+        this.nodeId = nodeId;
+        this.requiredPermission = requiredPermission;
+        this.actualPermissions = actualPermissions;
+        this.name = 'PermissionDeniedError';
+    }
+}
+exports.PermissionDeniedError = PermissionDeniedError;
+/**
+ * Lightweight wrapper around an IPooledBlockStore that enforces ACL permissions
+ * before delegating pool-scoped operations.
+ *
+ * - getFromPool: requires Read permission
+ * - putInPool: requires Write permission
+ * - deleteFromPool: requires Write permission
+ *
+ * @see Requirements 11.4, 10.3, 10.4
+ */
+class ACLEnforcedBlockStore {
+    constructor(inner, aclProvider, currentNodeId) {
+        this.inner = inner;
+        this.aclProvider = aclProvider;
+        this.currentNodeId = currentNodeId;
+    }
+    /**
+     * Retrieve a block from a pool after verifying Read permission.
+     */
+    async getFromPool(pool, hash) {
+        await this.checkPermission(pool, brightchain_lib_1.PoolPermission.Read);
+        return this.inner.getFromPool(pool, hash);
+    }
+    /**
+     * Store a block in a pool after verifying Write permission.
+     */
+    async putInPool(pool, data, options) {
+        await this.checkPermission(pool, brightchain_lib_1.PoolPermission.Write);
+        return this.inner.putInPool(pool, data, options);
+    }
+    /**
+     * Delete a block from a pool after verifying Write permission.
+     */
+    async deleteFromPool(pool, hash) {
+        await this.checkPermission(pool, brightchain_lib_1.PoolPermission.Write);
+        return this.inner.deleteFromPool(pool, hash);
+    }
+    /**
+     * Check that the current node has the required permission for the given pool.
+     * Throws PermissionDeniedError if the permission check fails.
+     */
+    async checkPermission(poolId, required) {
+        const acl = await this.aclProvider.getACL(poolId);
+        if (!(0, brightchain_lib_1.hasPermission)(acl, this.currentNodeId, required)) {
+            const member = acl.members.find((m) => m.nodeId === this.currentNodeId);
+            const actual = member ? member.permissions : [];
+            throw new PermissionDeniedError(poolId, this.currentNodeId, required, actual);
+        }
+    }
+}
+exports.ACLEnforcedBlockStore = ACLEnforcedBlockStore;
+//# sourceMappingURL=aclEnforcedBlockStore.js.map

package/src/lib/auth/aclEnforcedBlockStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aclEnforcedBlockStore.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/aclEnforcedBlockStore.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAQH,kEAA6E;AAE7E;;;;;;GAMG;AACH,MAAa,qBAAsB,SAAQ,KAAK;IAC9C,YACkB,MAAc,EACd,MAAc,EACd,kBAAkC,EAClC,iBAAmC;QAEnD,KAAK,CACH,sBAAsB,kBAAkB,sBAAsB,MAAM,UAAU,MAAM,SAAS,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC7H,CAAC;QAPc,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;QACd,uBAAkB,GAAlB,kBAAkB,CAAgB;QAClC,sBAAiB,GAAjB,iBAAiB,CAAkB;QAKnD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAZD,sDAYC;AAUD;;;;;;;;;GASG;AACH,MAAa,qBAAqB;IAChC,YACmB,KAAwB,EACxB,WAAwB,EACxB,aAAqB;QAFrB,UAAK,GAAL,KAAK,CAAmB;QACxB,gBAAW,GAAX,WAAW,CAAa;QACxB,kBAAa,GAAb,aAAa,CAAQ;IACrC,CAAC;IAEJ;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,IAAY,EAAE,IAAY;QAC1C,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,gCAAc,CAAC,IAAI,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,IAAY,EACZ,IAAgB,EAChB,OAA2B;QAE3B,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,gCAAc,CAAC,KAAK,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,IAAY,EAAE,IAAY;QAC7C,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,gCAAc,CAAC,KAAK,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC/C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,eAAe,CAC3B,MAAc,EACd,QAAwB;QAExB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,IAAA,+BAAa,EAAC,GAAG,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,EAAE,CAAC;YACtD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,aAAa,CAAC,CAAC;YACxE,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;YAChD,MAAM,IAAI,qBAAqB,CAC7B,MAAM,EACN,IAAI,CAAC,aAAa,EAClB,QAAQ,EACR,MAAM,CACP,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAvDD,sDAuDC"}

package/src/lib/auth/ecdsaNodeAuthenticator.d.ts

@@ -0,0 +1,46 @@
+/**
+ * ECDSA Node Authenticator - Node.js implementation of INodeAuthenticator.
+ *
+ * Uses Node.js `crypto` module for all cryptographic operations:
+ * - Challenge: 32 random bytes via crypto.randomBytes
+ * - Sign/verify: ECDSA with secp256k1 curve (via JWK key import)
+ * - Node ID derivation: SHA-256 hash of public key (hex string)
+ *
+ * @see Requirements 9.1, 9.2, 9.3, 9.5
+ */
+import type { INodeAuthenticator } from '@brightchain/brightchain-lib';
+/**
+ * Optional logger for authentication failures.
+ * Requirement 9.3: Failed authentication attempts SHALL be logged
+ * with the requesting node ID and operation type.
+ */
+export interface AuthFailureLogger {
+    logAuthFailure(nodeId: string, operationType: string): void;
+}
+export declare class ECDSANodeAuthenticator implements INodeAuthenticator {
+    private readonly logger?;
+    constructor(logger?: AuthFailureLogger);
+    /** Generate a 32-byte random challenge nonce. */
+    createChallenge(): Uint8Array;
+    /**
+     * Sign a challenge with the node's ECDSA private key (secp256k1).
+     * The private key must be a raw 32-byte secp256k1 private key.
+     * Returns a DER-encoded ECDSA signature.
+     */
+    signChallenge(challenge: Uint8Array, privateKey: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Verify an ECDSA signature against a public key (secp256k1).
+     * Accepts uncompressed (65 bytes) or compressed (33 bytes) keys.
+     * Logs authentication failures when a logger is provided (Requirement 9.3).
+     */
+    verifySignature(challenge: Uint8Array, signature: Uint8Array, publicKey: Uint8Array): Promise<boolean>;
+    /** Derive a node ID from a public key via SHA-256 hash (hex). */
+    deriveNodeId(publicKey: Uint8Array): string;
+    /** Convert compressed (33-byte) public key to uncompressed (65-byte). */
+    private ensureUncompressed;
+    /** Build a JWK for a secp256k1 private key. */
+    private buildPrivateJWK;
+    /** Build a JWK for a secp256k1 public key (uncompressed 65-byte input). */
+    private buildPublicJWK;
+}
+//# sourceMappingURL=ecdsaNodeAuthenticator.d.ts.map

package/src/lib/auth/ecdsaNodeAuthenticator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecdsaNodeAuthenticator.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/ecdsaNodeAuthenticator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAGvE;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAChC,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7D;AAED,qBAAa,sBAAuB,YAAW,kBAAkB;IAC/D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAoB;gBAEhC,MAAM,CAAC,EAAE,iBAAiB;IAItC,iDAAiD;IACjD,eAAe,IAAI,UAAU;IAI7B;;;;OAIG;IACG,aAAa,CACjB,SAAS,EAAE,UAAU,EACrB,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,UAAU,CAAC;IActB;;;;OAIG;IACG,eAAe,CACnB,SAAS,EAAE,UAAU,EACrB,SAAS,EAAE,UAAU,EACrB,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,OAAO,CAAC;IA2BnB,iEAAiE;IACjE,YAAY,CAAC,SAAS,EAAE,UAAU,GAAG,MAAM;IAO3C,yEAAyE;IACzE,OAAO,CAAC,kBAAkB;IAqB1B,+CAA+C;IAC/C,OAAO,CAAC,eAAe;IAevB,2EAA2E;IAC3E,OAAO,CAAC,cAAc;CAUvB"}

package/src/lib/auth/ecdsaNodeAuthenticator.js

@@ -0,0 +1,110 @@
+"use strict";
+/**
+ * ECDSA Node Authenticator - Node.js implementation of INodeAuthenticator.
+ *
+ * Uses Node.js `crypto` module for all cryptographic operations:
+ * - Challenge: 32 random bytes via crypto.randomBytes
+ * - Sign/verify: ECDSA with secp256k1 curve (via JWK key import)
+ * - Node ID derivation: SHA-256 hash of public key (hex string)
+ *
+ * @see Requirements 9.1, 9.2, 9.3, 9.5
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ECDSANodeAuthenticator = void 0;
+const tslib_1 = require("tslib");
+const crypto = tslib_1.__importStar(require("crypto"));
+class ECDSANodeAuthenticator {
+    constructor(logger) {
+        this.logger = logger;
+    }
+    /** Generate a 32-byte random challenge nonce. */
+    createChallenge() {
+        return new Uint8Array(crypto.randomBytes(32));
+    }
+    /**
+     * Sign a challenge with the node's ECDSA private key (secp256k1).
+     * The private key must be a raw 32-byte secp256k1 private key.
+     * Returns a DER-encoded ECDSA signature.
+     */
+    async signChallenge(challenge, privateKey) {
+        const ecdh = crypto.createECDH('secp256k1');
+        ecdh.setPrivateKey(Buffer.from(privateKey));
+        const uncompressedPub = ecdh.getPublicKey();
+        const keyObject = crypto.createPrivateKey({
+            key: this.buildPrivateJWK(privateKey, uncompressedPub),
+            format: 'jwk',
+        });
+        const signature = crypto.sign(null, Buffer.from(challenge), keyObject);
+        return new Uint8Array(signature);
+    }
+    /**
+     * Verify an ECDSA signature against a public key (secp256k1).
+     * Accepts uncompressed (65 bytes) or compressed (33 bytes) keys.
+     * Logs authentication failures when a logger is provided (Requirement 9.3).
+     */
+    async verifySignature(challenge, signature, publicKey) {
+        try {
+            const uncompressed = this.ensureUncompressed(publicKey);
+            const keyObject = crypto.createPublicKey({
+                key: this.buildPublicJWK(uncompressed),
+                format: 'jwk',
+            });
+            const result = crypto.verify(null, Buffer.from(challenge), keyObject, Buffer.from(signature));
+            if (!result && this.logger) {
+                const nodeId = this.deriveNodeId(publicKey);
+                this.logger.logAuthFailure(nodeId, 'signature_verification');
+            }
+            return result;
+        }
+        catch {
+            if (this.logger) {
+                const nodeId = this.deriveNodeId(publicKey);
+                this.logger.logAuthFailure(nodeId, 'signature_verification');
+            }
+            return false;
+        }
+    }
+    /** Derive a node ID from a public key via SHA-256 hash (hex). */
+    deriveNodeId(publicKey) {
+        return crypto
+            .createHash('sha256')
+            .update(Buffer.from(publicKey))
+            .digest('hex');
+    }
+    /** Convert compressed (33-byte) public key to uncompressed (65-byte). */
+    ensureUncompressed(publicKey) {
+        if (publicKey.length === 65 && publicKey[0] === 0x04) {
+            return Buffer.from(publicKey);
+        }
+        if (publicKey.length === 33 &&
+            (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {
+            return crypto.ECDH.convertKey(Buffer.from(publicKey), 'secp256k1', undefined, undefined, 'uncompressed');
+        }
+        throw new Error(`Invalid secp256k1 public key: expected 33 or 65 bytes, got ${publicKey.length}`);
+    }
+    /** Build a JWK for a secp256k1 private key. */
+    buildPrivateJWK(rawPrivateKey, uncompressedPublicKey) {
+        const x = uncompressedPublicKey.subarray(1, 33);
+        const y = uncompressedPublicKey.subarray(33, 65);
+        return {
+            kty: 'EC',
+            crv: 'secp256k1',
+            x: x.toString('base64url'),
+            y: y.toString('base64url'),
+            d: Buffer.from(rawPrivateKey).toString('base64url'),
+        };
+    }
+    /** Build a JWK for a secp256k1 public key (uncompressed 65-byte input). */
+    buildPublicJWK(uncompressedPublicKey) {
+        const x = uncompressedPublicKey.subarray(1, 33);
+        const y = uncompressedPublicKey.subarray(33, 65);
+        return {
+            kty: 'EC',
+            crv: 'secp256k1',
+            x: x.toString('base64url'),
+            y: y.toString('base64url'),
+        };
+    }
+}
+exports.ECDSANodeAuthenticator = ECDSANodeAuthenticator;
+//# sourceMappingURL=ecdsaNodeAuthenticator.js.map

package/src/lib/auth/ecdsaNodeAuthenticator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecdsaNodeAuthenticator.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/ecdsaNodeAuthenticator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;AAGH,uDAAiC;AAWjC,MAAa,sBAAsB;IAGjC,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,iDAAiD;IACjD,eAAe;QACb,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAChD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CACjB,SAAqB,EACrB,UAAsB;QAEtB,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAC5C,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAE5C,MAAM,SAAS,GAAG,MAAM,CAAC,gBAAgB,CAAC;YACxC,GAAG,EAAE,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,eAAe,CAAC;YACtD,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC,CAAC;QACvE,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CACnB,SAAqB,EACrB,SAAqB,EACrB,SAAqB;QAErB,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YACxD,MAAM,SAAS,GAAG,MAAM,CAAC,eAAe,CAAC;gBACvC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC;gBACtC,MAAM,EAAE,KAAK;aACd,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAC1B,IAAI,EACJ,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EACtB,SAAS,EACT,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CACvB,CAAC;YACF,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;gBAC5C,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;gBAC5C,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,YAAY,CAAC,SAAqB;QAChC,OAAO,MAAM;aACV,UAAU,CAAC,QAAQ,CAAC;aACpB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;aAC9B,MAAM,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC;IAED,yEAAyE;IACjE,kBAAkB,CAAC,SAAqB;QAC9C,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACrD,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QACD,IACE,SAAS,CAAC,MAAM,KAAK,EAAE;YACvB,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,EAChD,CAAC;YACD,OAAO,MAAM,CAAC,IAAI,CAAC,UAAU,CAC3B,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EACtB,WAAW,EACX,SAAS,EACT,SAAS,EACT,cAAc,CACL,CAAC;QACd,CAAC;QACD,MAAM,IAAI,KAAK,CACb,8DAA8D,SAAS,CAAC,MAAM,EAAE,CACjF,CAAC;IACJ,CAAC;IAED,+CAA+C;IACvC,eAAe,CACrB,aAAyB,EACzB,qBAA6B;QAE7B,MAAM,CAAC,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,GAAG,qBAAqB,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjD,OAAO;YACL,GAAG,EAAE,IAAI;YACT,GAAG,EAAE,WAAW;YAChB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC1B,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC1B,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;SACpD,CAAC;IACJ,CAAC;IAED,2EAA2E;IACnE,cAAc,CAAC,qBAA6B;QAClD,MAAM,CAAC,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,GAAG,qBAAqB,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjD,OAAO;YACL,GAAG,EAAE,IAAI;YACT,GAAG,EAAE,WAAW;YAChB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC1B,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;SAC3B,CAAC;IACJ,CAAC;CACF;AA/HD,wDA+HC"}

package/src/lib/auth/index.d.ts

@@ -0,0 +1,7 @@
+export * from './aclEnforcedAvailability';
+export * from './aclEnforcedBlockStore';
+export * from './ecdsaNodeAuthenticator';
+export * from './poolAclBootstrap';
+export * from './poolAclStore';
+export { InsufficientQuorumError, PoolACLUpdater, type ACLUpdateProposal, } from './poolAclUpdater';
+//# sourceMappingURL=index.d.ts.map

package/src/lib/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,2BAA2B,CAAC;AAC1C,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,oBAAoB,CAAC;AACnC,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EACL,uBAAuB,EACvB,cAAc,EACd,KAAK,iBAAiB,GACvB,MAAM,kBAAkB,CAAC"}

package/src/lib/auth/index.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PoolACLUpdater = exports.InsufficientQuorumError = void 0;
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./aclEnforcedAvailability"), exports);
+tslib_1.__exportStar(require("./aclEnforcedBlockStore"), exports);
+tslib_1.__exportStar(require("./ecdsaNodeAuthenticator"), exports);
+tslib_1.__exportStar(require("./poolAclBootstrap"), exports);
+tslib_1.__exportStar(require("./poolAclStore"), exports);
+var poolAclUpdater_1 = require("./poolAclUpdater");
+Object.defineProperty(exports, "InsufficientQuorumError", { enumerable: true, get: function () { return poolAclUpdater_1.InsufficientQuorumError; } });
+Object.defineProperty(exports, "PoolACLUpdater", { enumerable: true, get: function () { return poolAclUpdater_1.PoolACLUpdater; } });
+//# sourceMappingURL=index.js.map

package/src/lib/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/index.ts"],"names":[],"mappings":";;;;AAAA,oEAA0C;AAC1C,kEAAwC;AACxC,mEAAyC;AACzC,6DAAmC;AACnC,yDAA+B;AAC/B,mDAI0B;AAHxB,yHAAA,uBAAuB,OAAA;AACvB,gHAAA,cAAc,OAAA"}

package/src/lib/auth/poolAclBootstrap.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Pool ACL Bootstrap - creates the initial ACL when a new pool is created.
+ *
+ * Derives the creator's public key and node ID from their private key,
+ * creates an ACL with the creator as sole Admin, signs it, and stores it
+ * via PoolACLStore.
+ *
+ * @see Requirements 12.1, 12.2, 12.3, 12.4, 12.5, 12.6
+ */
+import type { IPoolACL } from '@brightchain/brightchain-lib';
+import { ECDSANodeAuthenticator } from './ecdsaNodeAuthenticator';
+import { PoolACLStore } from './poolAclStore';
+export interface BootstrapPoolOptions {
+    publicRead?: boolean;
+    publicWrite?: boolean;
+}
+export interface BootstrapPoolResult {
+    aclBlockId: string;
+    acl: IPoolACL<string>;
+}
+export declare class PoolACLBootstrap {
+    private readonly store;
+    private readonly authenticator;
+    constructor(store: PoolACLStore, authenticator?: ECDSANodeAuthenticator);
+    /**
+     * Bootstrap a new pool by creating and signing the initial ACL.
+     *
+     * - Derives the creator's public key and node ID from the private key
+     * - Creates an ACL with the creator as sole Admin member
+     * - Sets publicRead/publicWrite from options (default false)
+     * - Signs the ACL with the creator's key via PoolACLStore.storeACL()
+     * - Returns the block ID and the created ACL
+     */
+    bootstrapPool(poolId: string, creatorPrivateKey: Uint8Array, options?: BootstrapPoolOptions): Promise<BootstrapPoolResult>;
+}
+//# sourceMappingURL=poolAclBootstrap.d.ts.map

package/src/lib/auth/poolAclBootstrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"poolAclBootstrap.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/auth/poolAclBootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AAI7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,MAAM,WAAW,oBAAoB;IACnC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;CACvB;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAe;IACrC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAyB;gBAE3C,KAAK,EAAE,YAAY,EAAE,aAAa,CAAC,EAAE,sBAAsB;IAKvE;;;;;;;;OAQG;IACG,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,UAAU,EAC7B,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC;CAoChC"}