npm - @btc-vision/transaction - Versions diffs - 1.7.25 → 1.7.27 - Mend

@btc-vision/transaction 1.7.25 → 1.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/browser/_version.d.ts +1 -1
package/browser/btc-vision-bitcoin.js +2326 -1928
package/browser/index.js +456 -443
package/browser/noble-curves.js +1045 -1016
package/browser/noble-hashes.js +841 -776
package/browser/vendors.js +11416 -15797
package/build/_version.d.ts +1 -1
package/build/_version.js +1 -1
package/build/tsconfig.build.tsbuildinfo +1 -1
package/package.json +2 -2
package/src/_version.ts +1 -1
package/src/crypto/crypto-browser.js +9 -16
package/vite.config.browser.ts +30 -29
package/browser/bip39.js +0 -204
package/browser/bitcoin-utils.js +0 -3172
package/browser/btc-vision-bip32.js +0 -805
package/browser/btc-vision-logger.js +0 -86
package/browser/btc-vision-post-quantum.js +0 -542
package/browser/polyfills.js +0 -4952
package/browser/scure-base.js +0 -410
package/cjs/package.json +0 -3
package/webpack.config.js +0 -220

package/browser/noble-curves.js CHANGED Viewed

@@ -1,9 +1,36 @@
-import { c as We, e as ln, n as dn, o as Me, p as yt, q as Qe, t as hn, u as Ae, v as yn, w as mn, x as kt, y as bn, z as wn } from "./noble-hashes.js";
+import { r as We, a as ln, b as dn, c as Me, i as yt, h as Qe, d as hn, e as Ae, f as yn, g as mn, j as kt, k as bn, s as wn } from "./noble-hashes.js";
+function er(e) {
+  return e && e.__esModule && Object.prototype.hasOwnProperty.call(e, "default") ? e.default : e;
+}
+function tr(e) {
+  if (Object.prototype.hasOwnProperty.call(e, "__esModule")) return e;
+  var n = e.default;
+  if (typeof n == "function") {
+    var c = function t() {
+      var u = !1;
+      try {
+        u = this instanceof t;
+      } catch {
+      }
+      return u ? Reflect.construct(n, arguments, this.constructor) : n.apply(this, arguments);
+    };
+    c.prototype = n.prototype;
+  } else c = {};
+  return Object.defineProperty(c, "__esModule", { value: !0 }), Object.keys(e).forEach(function(t) {
+    var u = Object.getOwnPropertyDescriptor(e, t);
+    Object.defineProperty(c, t, u.get ? u : {
+      enumerable: !0,
+      get: function() {
+        return e[t];
+      }
+    });
+  }), c;
+}
 var tt = {}, Ke = {}, nt = {}, rt = {}, _t;
 function Ce() {
   return _t || (_t = 1, (function(e) {
-    Object.defineProperty(e, "__esModule", { value: !0 }), e.notImplemented = e.bitMask = e.utf8ToBytes = e.randomBytes = e.isBytes = e.hexToBytes = e.concatBytes = e.bytesToUtf8 = e.bytesToHex = e.anumber = e.abytes = void 0, e.abool = m, e._abool2 = g, e._abytes2 = p, e.numberToHexUnpadded = v, e.hexToNumber = U, e.bytesToNumberBE = H, e.bytesToNumberLE = V, e.numberToBytesBE = E, e.numberToBytesLE = b, e.numberToVarBytesBE = S, e.ensureBytes = A, e.equalBytes = M, e.copyBytes = Q, e.asciiToBytes = F, e.inRange = se, e.aInRange = ie, e.bitLen = j, e.bitGet = O, e.bitSet = L, e.createHmacDrbg = K, e.validateObject = z, e.isHash = d, e._validateObject = u, e.memoized = a;
-    const r = /* @__PURE__ */ We();
+    Object.defineProperty(e, "__esModule", { value: !0 }), e.notImplemented = e.bitMask = e.utf8ToBytes = e.randomBytes = e.isBytes = e.hexToBytes = e.concatBytes = e.bytesToUtf8 = e.bytesToHex = e.anumber = e.abytes = void 0, e.abool = m, e._abool2 = g, e._abytes2 = p, e.numberToHexUnpadded = v, e.hexToNumber = U, e.bytesToNumberBE = H, e.bytesToNumberLE = V, e.numberToBytesBE = E, e.numberToBytesLE = b, e.numberToVarBytesBE = S, e.ensureBytes = A, e.equalBytes = M, e.copyBytes = Q, e.asciiToBytes = F, e.inRange = se, e.aInRange = ie, e.bitLen = j, e.bitGet = R, e.bitSet = L, e.createHmacDrbg = K, e.validateObject = D, e.isHash = d, e._validateObject = l, e.memoized = a;
+    const n = /* @__PURE__ */ We();
     var c = /* @__PURE__ */ We();
     Object.defineProperty(e, "abytes", { enumerable: !0, get: function() {
       return c.abytes;
@@ -24,7 +51,7 @@ function Ce() {
     } }), Object.defineProperty(e, "utf8ToBytes", { enumerable: !0, get: function() {
       return c.utf8ToBytes;
     } });
-    const t = /* @__PURE__ */ BigInt(0), l = /* @__PURE__ */ BigInt(1);
+    const t = /* @__PURE__ */ BigInt(0), u = /* @__PURE__ */ BigInt(1);
     function m(i, o) {
       if (typeof o != "boolean")
         throw new Error(i + " boolean expected, got " + o);
@@ -37,10 +64,10 @@ function Ce() {
       return i;
     }
     function p(i, o, h = "") {
-      const w = (0, r.isBytes)(i), s = i?.length, f = o !== void 0;
+      const w = (0, n.isBytes)(i), s = i?.length, f = o !== void 0;
       if (!w || f && s !== o) {
-        const y = h && `"${h}" `, B = f ? ` of length ${o}` : "", T = w ? `length=${s}` : `type=${typeof i}`;
-        throw new Error(y + "expected Uint8Array" + B + ", got " + T);
+        const y = h && `"${h}" `, B = f ? ` of length ${o}` : "", O = w ? `length=${s}` : `type=${typeof i}`;
+        throw new Error(y + "expected Uint8Array" + B + ", got " + O);
       }
       return i;
     }
@@ -54,29 +81,29 @@ function Ce() {
       return i === "" ? t : BigInt("0x" + i);
     }
     function H(i) {
-      return U((0, r.bytesToHex)(i));
+      return U((0, n.bytesToHex)(i));
     }
     function V(i) {
-      return (0, r.abytes)(i), U((0, r.bytesToHex)(Uint8Array.from(i).reverse()));
+      return (0, n.abytes)(i), U((0, n.bytesToHex)(Uint8Array.from(i).reverse()));
     }
     function E(i, o) {
-      return (0, r.hexToBytes)(i.toString(16).padStart(o * 2, "0"));
+      return (0, n.hexToBytes)(i.toString(16).padStart(o * 2, "0"));
     }
     function b(i, o) {
       return E(i, o).reverse();
     }
     function S(i) {
-      return (0, r.hexToBytes)(v(i));
+      return (0, n.hexToBytes)(v(i));
     }
     function A(i, o, h) {
       let w;
       if (typeof o == "string")
         try {
-          w = (0, r.hexToBytes)(o);
+          w = (0, n.hexToBytes)(o);
         } catch (f) {
           throw new Error(i + " must be hex string or Uint8Array, cause: " + f);
         }
-      else if ((0, r.isBytes)(o))
+      else if ((0, n.isBytes)(o))
         w = Uint8Array.from(o);
       else
         throw new Error(i + " must be hex string or Uint8Array");
@@ -114,17 +141,17 @@ function Ce() {
     }
     function j(i) {
       let o;
-      for (o = 0; i > t; i >>= l, o += 1)
+      for (o = 0; i > t; i >>= u, o += 1)
         ;
       return o;
     }
-    function O(i, o) {
-      return i >> BigInt(o) & l;
+    function R(i, o) {
+      return i >> BigInt(o) & u;
     }
     function L(i, o, h) {
-      return i | (h ? l : t) << BigInt(o);
+      return i | (h ? u : t) << BigInt(o);
     }
-    const _ = (i) => (l << BigInt(i)) - l;
+    const _ = (i) => (u << BigInt(i)) - u;
     e.bitMask = _;
     function K(i, o, h) {
       if (typeof i != "number" || i < 2)
@@ -135,7 +162,7 @@ function Ce() {
         throw new Error("hmacFn must be a function");
       const w = (C) => new Uint8Array(C), s = (C) => Uint8Array.of(C);
       let f = w(i), y = w(i), B = 0;
-      const T = () => {
+      const O = () => {
         f.fill(1), y.fill(0), B = 0;
       }, k = (...C) => h(y, f, ...C), Y = (C = w(0)) => {
         y = k(s(0), C), f = k(), C.length !== 0 && (y = k(s(1), C), f = k());
@@ -149,14 +176,14 @@ function Ce() {
           const $ = f.slice();
           te.push($), C += f.length;
         }
-        return (0, r.concatBytes)(...te);
+        return (0, n.concatBytes)(...te);
       };
       return (C, te) => {
-        T(), Y(C);
+        O(), Y(C);
         let $;
         for (; !($ = te(I())); )
           Y();
-        return T(), $;
+        return O(), $;
       };
     }
     const W = {
@@ -164,20 +191,20 @@ function Ce() {
       function: (i) => typeof i == "function",
       boolean: (i) => typeof i == "boolean",
       string: (i) => typeof i == "string",
-      stringOrUint8Array: (i) => typeof i == "string" || (0, r.isBytes)(i),
+      stringOrUint8Array: (i) => typeof i == "string" || (0, n.isBytes)(i),
       isSafeInteger: (i) => Number.isSafeInteger(i),
       array: (i) => Array.isArray(i),
       field: (i, o) => o.Fp.isValid(i),
       hash: (i) => typeof i == "function" && Number.isSafeInteger(i.outputLen)
     };
-    function z(i, o, h = {}) {
+    function D(i, o, h = {}) {
       const w = (s, f, y) => {
         const B = W[f];
         if (typeof B != "function")
           throw new Error("invalid validator function");
-        const T = i[s];
-        if (!(y && T === void 0) && !B(T, i))
-          throw new Error("param " + String(s) + " is invalid. Expected " + f + ", got " + T);
+        const O = i[s];
+        if (!(y && O === void 0) && !B(O, i))
+          throw new Error("param " + String(s) + " is invalid. Expected " + f + ", got " + O);
       };
       for (const [s, f] of Object.entries(o))
         w(s, f, !1);
@@ -188,23 +215,23 @@ function Ce() {
     function d(i) {
       return typeof i == "function" && Number.isSafeInteger(i.outputLen);
     }
-    function u(i, o, h = {}) {
+    function l(i, o, h = {}) {
       if (!i || typeof i != "object")
         throw new Error("expected valid options object");
       function w(s, f, y) {
         const B = i[s];
         if (y && B === void 0)
           return;
-        const T = typeof B;
-        if (T !== f || B === null)
-          throw new Error(`param "${s}" is invalid: expected ${f}, got ${T}`);
+        const O = typeof B;
+        if (O !== f || B === null)
+          throw new Error(`param "${s}" is invalid: expected ${f}, got ${O}`);
       }
       Object.entries(o).forEach(([s, f]) => w(s, f, !1)), Object.entries(h).forEach(([s, f]) => w(s, f, !0));
     }
-    const n = () => {
+    const r = () => {
       throw new Error("not implemented");
     };
-    e.notImplemented = n;
+    e.notImplemented = r;
     function a(i) {
       const o = /* @__PURE__ */ new WeakMap();
       return (h, ...w) => {
@@ -217,37 +244,37 @@ function Ce() {
     }
   })(rt)), rt;
 }
-var Oe = {}, he = {}, St;
+var Re = {}, he = {}, St;
 function $e() {
   if (St) return he;
-  St = 1, Object.defineProperty(he, "__esModule", { value: !0 }), he.isNegativeLE = void 0, he.mod = V, he.pow = E, he.pow2 = b, he.invert = S, he.tonelliShanks = G, he.FpSqrt = se, he.validateField = O, he.FpPow = L, he.FpInvertBatch = _, he.FpDiv = K, he.FpLegendre = W, he.FpIsSquare = z, he.nLength = d, he.Field = u, he.FpSqrtOdd = n, he.FpSqrtEven = a, he.hashToPrivateScalar = i, he.getFieldBytesLength = o, he.getMinHashLength = h, he.mapHashToField = w;
-  const e = /* @__PURE__ */ Ce(), r = BigInt(0), c = BigInt(1), t = /* @__PURE__ */ BigInt(2), l = /* @__PURE__ */ BigInt(3), m = /* @__PURE__ */ BigInt(4), g = /* @__PURE__ */ BigInt(5), p = /* @__PURE__ */ BigInt(7), v = /* @__PURE__ */ BigInt(8), U = /* @__PURE__ */ BigInt(9), H = /* @__PURE__ */ BigInt(16);
+  St = 1, Object.defineProperty(he, "__esModule", { value: !0 }), he.isNegativeLE = void 0, he.mod = V, he.pow = E, he.pow2 = b, he.invert = S, he.tonelliShanks = G, he.FpSqrt = se, he.validateField = R, he.FpPow = L, he.FpInvertBatch = _, he.FpDiv = K, he.FpLegendre = W, he.FpIsSquare = D, he.nLength = d, he.Field = l, he.FpSqrtOdd = r, he.FpSqrtEven = a, he.hashToPrivateScalar = i, he.getFieldBytesLength = o, he.getMinHashLength = h, he.mapHashToField = w;
+  const e = /* @__PURE__ */ Ce(), n = BigInt(0), c = BigInt(1), t = /* @__PURE__ */ BigInt(2), u = /* @__PURE__ */ BigInt(3), m = /* @__PURE__ */ BigInt(4), g = /* @__PURE__ */ BigInt(5), p = /* @__PURE__ */ BigInt(7), v = /* @__PURE__ */ BigInt(8), U = /* @__PURE__ */ BigInt(9), H = /* @__PURE__ */ BigInt(16);
   function V(s, f) {
     const y = s % f;
-    return y >= r ? y : f + y;
+    return y >= n ? y : f + y;
   }
   function E(s, f, y) {
-    return L(u(y), s, f);
+    return L(l(y), s, f);
   }
   function b(s, f, y) {
     let B = s;
-    for (; f-- > r; )
+    for (; f-- > n; )
       B *= B, B %= y;
     return B;
   }
   function S(s, f) {
-    if (s === r)
+    if (s === n)
       throw new Error("invert: expected non-zero number");
-    if (f <= r)
+    if (f <= n)
       throw new Error("invert: expected positive modulus, got " + f);
-    let y = V(s, f), B = f, T = r, k = c;
-    for (; y !== r; ) {
-      const I = B / y, q = B % y, C = T - k * I;
-      B = y, y = q, T = k, k = C;
+    let y = V(s, f), B = f, O = n, k = c;
+    for (; y !== n; ) {
+      const I = B / y, q = B % y, C = O - k * I;
+      B = y, y = q, O = k, k = C;
     }
     if (B !== c)
       throw new Error("invert: does not exist");
-    return V(T, f);
+    return V(O, f);
   }
   function A(s, f, y) {
     if (!s.eql(s.sqr(f), y))
@@ -258,55 +285,55 @@ function $e() {
     return A(s, B, f), B;
   }
   function Q(s, f) {
-    const y = (s.ORDER - g) / v, B = s.mul(f, t), T = s.pow(B, y), k = s.mul(f, T), Y = s.mul(s.mul(k, t), T), I = s.mul(k, s.sub(Y, s.ONE));
+    const y = (s.ORDER - g) / v, B = s.mul(f, t), O = s.pow(B, y), k = s.mul(f, O), Y = s.mul(s.mul(k, t), O), I = s.mul(k, s.sub(Y, s.ONE));
     return A(s, I, f), I;
   }
   function F(s) {
-    const f = u(s), y = G(s), B = y(f, f.neg(f.ONE)), T = y(f, B), k = y(f, f.neg(B)), Y = (s + p) / H;
+    const f = l(s), y = G(s), B = y(f, f.neg(f.ONE)), O = y(f, B), k = y(f, f.neg(B)), Y = (s + p) / H;
     return (I, q) => {
       let C = I.pow(q, Y), te = I.mul(C, B);
-      const $ = I.mul(C, T), x = I.mul(C, k), X = I.eql(I.sqr(te), q), ae = I.eql(I.sqr($), q);
-      C = I.cmov(C, te, X), te = I.cmov(x, $, ae);
+      const $ = I.mul(C, O), T = I.mul(C, k), X = I.eql(I.sqr(te), q), ae = I.eql(I.sqr($), q);
+      C = I.cmov(C, te, X), te = I.cmov(T, $, ae);
       const ye = I.eql(I.sqr(te), q), pe = I.cmov(C, te, ye);
       return A(I, pe, q), pe;
     };
   }
   function G(s) {
-    if (s < l)
+    if (s < u)
       throw new Error("sqrt is not defined for small field");
     let f = s - c, y = 0;
-    for (; f % t === r; )
+    for (; f % t === n; )
       f /= t, y++;
     let B = t;
-    const T = u(s);
-    for (; W(T, B) === 1; )
+    const O = l(s);
+    for (; W(O, B) === 1; )
       if (B++ > 1e3)
         throw new Error("Cannot find square root: probably non-prime P");
     if (y === 1)
       return M;
-    let k = T.pow(B, f);
+    let k = O.pow(B, f);
     const Y = (f + c) / t;
     return function(q, C) {
       if (q.is0(C))
         return C;
       if (W(q, C) !== 1)
         throw new Error("Cannot find square root");
-      let te = y, $ = q.mul(q.ONE, k), x = q.pow(C, f), X = q.pow(C, Y);
-      for (; !q.eql(x, q.ONE); ) {
-        if (q.is0(x))
+      let te = y, $ = q.mul(q.ONE, k), T = q.pow(C, f), X = q.pow(C, Y);
+      for (; !q.eql(T, q.ONE); ) {
+        if (q.is0(T))
           return q.ZERO;
-        let ae = 1, ye = q.sqr(x);
+        let ae = 1, ye = q.sqr(T);
         for (; !q.eql(ye, q.ONE); )
           if (ae++, ye = q.sqr(ye), ae === te)
             throw new Error("Cannot find square root");
         const pe = c << BigInt(te - ae - 1), ve = q.pow($, pe);
-        te = ae, $ = q.sqr(ve), x = q.mul(x, $), X = q.mul(X, ve);
+        te = ae, $ = q.sqr(ve), T = q.mul(T, $), X = q.mul(X, ve);
       }
       return X;
     };
   }
   function se(s) {
-    return s % m === l ? M : s % v === g ? Q : s % H === U ? F(s) : G(s);
+    return s % m === u ? M : s % v === g ? Q : s % H === U ? F(s) : G(s);
   }
   const ie = (s, f) => (V(s, f) & c) === c;
   he.isNegativeLE = ie;
@@ -329,41 +356,41 @@ function $e() {
     "mulN",
     "sqrN"
   ];
-  function O(s) {
+  function R(s) {
     const f = {
       ORDER: "bigint",
       MASK: "bigint",
       BYTES: "number",
       BITS: "number"
-    }, y = j.reduce((B, T) => (B[T] = "function", B), f);
+    }, y = j.reduce((B, O) => (B[O] = "function", B), f);
     return (0, e._validateObject)(s, y), s;
   }
   function L(s, f, y) {
-    if (y < r)
+    if (y < n)
       throw new Error("invalid exponent, negatives unsupported");
-    if (y === r)
+    if (y === n)
       return s.ONE;
     if (y === c)
       return f;
-    let B = s.ONE, T = f;
-    for (; y > r; )
-      y & c && (B = s.mul(B, T)), T = s.sqr(T), y >>= c;
+    let B = s.ONE, O = f;
+    for (; y > n; )
+      y & c && (B = s.mul(B, O)), O = s.sqr(O), y >>= c;
     return B;
   }
   function _(s, f, y = !1) {
-    const B = new Array(f.length).fill(y ? s.ZERO : void 0), T = f.reduce((Y, I, q) => s.is0(I) ? Y : (B[q] = Y, s.mul(Y, I)), s.ONE), k = s.inv(T);
+    const B = new Array(f.length).fill(y ? s.ZERO : void 0), O = f.reduce((Y, I, q) => s.is0(I) ? Y : (B[q] = Y, s.mul(Y, I)), s.ONE), k = s.inv(O);
     return f.reduceRight((Y, I, q) => s.is0(I) ? Y : (B[q] = s.mul(Y, B[q]), s.mul(Y, I)), k), B;
   }
   function K(s, f, y) {
     return s.mul(f, typeof y == "bigint" ? S(y, s.ORDER) : s.inv(y));
   }
   function W(s, f) {
-    const y = (s.ORDER - c) / t, B = s.pow(f, y), T = s.eql(B, s.ONE), k = s.eql(B, s.ZERO), Y = s.eql(B, s.neg(s.ONE));
-    if (!T && !k && !Y)
+    const y = (s.ORDER - c) / t, B = s.pow(f, y), O = s.eql(B, s.ONE), k = s.eql(B, s.ZERO), Y = s.eql(B, s.neg(s.ONE));
+    if (!O && !k && !Y)
       throw new Error("invalid Legendre symbol result");
-    return T ? 1 : k ? 0 : -1;
+    return O ? 1 : k ? 0 : -1;
   }
-  function z(s, f) {
+  function D(s, f) {
     return W(s, f) === 1;
   }
   function d(s, f) {
@@ -371,18 +398,18 @@ function $e() {
     const y = f !== void 0 ? f : s.toString(2).length, B = Math.ceil(y / 8);
     return { nBitLength: y, nByteLength: B };
   }
-  function u(s, f, y = !1, B = {}) {
-    if (s <= r)
+  function l(s, f, y = !1, B = {}) {
+    if (s <= n)
       throw new Error("invalid field: expected ORDER > 0, got " + s);
-    let T, k, Y = !1, I;
+    let O, k, Y = !1, I;
     if (typeof f == "object" && f != null) {
       if (B.sqrt || y)
         throw new Error("cannot specify opts in two arguments");
-      const x = f;
-      x.BITS && (T = x.BITS), x.sqrt && (k = x.sqrt), typeof x.isLE == "boolean" && (y = x.isLE), typeof x.modFromBytes == "boolean" && (Y = x.modFromBytes), I = x.allowedLengths;
+      const T = f;
+      T.BITS && (O = T.BITS), T.sqrt && (k = T.sqrt), typeof T.isLE == "boolean" && (y = T.isLE), typeof T.modFromBytes == "boolean" && (Y = T.modFromBytes), I = T.allowedLengths;
     } else
-      typeof f == "number" && (T = f), B.sqrt && (k = B.sqrt);
-    const { nBitLength: q, nByteLength: C } = d(s, T);
+      typeof f == "number" && (O = f), B.sqrt && (k = B.sqrt);
+    const { nBitLength: q, nByteLength: C } = d(s, O);
     if (C > 2048)
       throw new Error("invalid field: expected ORDER of <= 2048 bytes");
     let te;
@@ -392,58 +419,58 @@ function $e() {
       BITS: q,
       BYTES: C,
       MASK: (0, e.bitMask)(q),
-      ZERO: r,
+      ZERO: n,
       ONE: c,
       allowedLengths: I,
-      create: (x) => V(x, s),
-      isValid: (x) => {
-        if (typeof x != "bigint")
-          throw new Error("invalid field element: expected bigint, got " + typeof x);
-        return r <= x && x < s;
+      create: (T) => V(T, s),
+      isValid: (T) => {
+        if (typeof T != "bigint")
+          throw new Error("invalid field element: expected bigint, got " + typeof T);
+        return n <= T && T < s;
       },
-      is0: (x) => x === r,
+      is0: (T) => T === n,
       // is valid and invertible
-      isValidNot0: (x) => !$.is0(x) && $.isValid(x),
-      isOdd: (x) => (x & c) === c,
-      neg: (x) => V(-x, s),
-      eql: (x, X) => x === X,
-      sqr: (x) => V(x * x, s),
-      add: (x, X) => V(x + X, s),
-      sub: (x, X) => V(x - X, s),
-      mul: (x, X) => V(x * X, s),
-      pow: (x, X) => L($, x, X),
-      div: (x, X) => V(x * S(X, s), s),
+      isValidNot0: (T) => !$.is0(T) && $.isValid(T),
+      isOdd: (T) => (T & c) === c,
+      neg: (T) => V(-T, s),
+      eql: (T, X) => T === X,
+      sqr: (T) => V(T * T, s),
+      add: (T, X) => V(T + X, s),
+      sub: (T, X) => V(T - X, s),
+      mul: (T, X) => V(T * X, s),
+      pow: (T, X) => L($, T, X),
+      div: (T, X) => V(T * S(X, s), s),
       // Same as above, but doesn't normalize
-      sqrN: (x) => x * x,
-      addN: (x, X) => x + X,
-      subN: (x, X) => x - X,
-      mulN: (x, X) => x * X,
-      inv: (x) => S(x, s),
-      sqrt: k || ((x) => (te || (te = se(s)), te($, x))),
-      toBytes: (x) => y ? (0, e.numberToBytesLE)(x, C) : (0, e.numberToBytesBE)(x, C),
-      fromBytes: (x, X = !0) => {
+      sqrN: (T) => T * T,
+      addN: (T, X) => T + X,
+      subN: (T, X) => T - X,
+      mulN: (T, X) => T * X,
+      inv: (T) => S(T, s),
+      sqrt: k || ((T) => (te || (te = se(s)), te($, T))),
+      toBytes: (T) => y ? (0, e.numberToBytesLE)(T, C) : (0, e.numberToBytesBE)(T, C),
+      fromBytes: (T, X = !0) => {
         if (I) {
-          if (!I.includes(x.length) || x.length > C)
-            throw new Error("Field.fromBytes: expected " + I + " bytes, got " + x.length);
+          if (!I.includes(T.length) || T.length > C)
+            throw new Error("Field.fromBytes: expected " + I + " bytes, got " + T.length);
           const ye = new Uint8Array(C);
-          ye.set(x, y ? 0 : ye.length - x.length), x = ye;
+          ye.set(T, y ? 0 : ye.length - T.length), T = ye;
         }
-        if (x.length !== C)
-          throw new Error("Field.fromBytes: expected " + C + " bytes, got " + x.length);
-        let ae = y ? (0, e.bytesToNumberLE)(x) : (0, e.bytesToNumberBE)(x);
+        if (T.length !== C)
+          throw new Error("Field.fromBytes: expected " + C + " bytes, got " + T.length);
+        let ae = y ? (0, e.bytesToNumberLE)(T) : (0, e.bytesToNumberBE)(T);
         if (Y && (ae = V(ae, s)), !X && !$.isValid(ae))
           throw new Error("invalid field element: outside of range 0..ORDER");
         return ae;
       },
       // TODO: we don't need it here, move out to separate fn
-      invertBatch: (x) => _($, x),
+      invertBatch: (T) => _($, T),
       // We can't move this out because Fp6, Fp12 implement it
       // and it's unclear what to return in there.
-      cmov: (x, X, ae) => ae ? X : x
+      cmov: (T, X, ae) => ae ? X : T
     });
     return Object.freeze($);
   }
-  function n(s, f) {
+  function r(s, f) {
     if (!s.isOdd)
       throw new Error("Field doesn't have isOdd");
     const y = s.sqrt(f);
@@ -457,9 +484,9 @@ function $e() {
   }
   function i(s, f, y = !1) {
     s = (0, e.ensureBytes)("privateHash", s);
-    const B = s.length, T = d(f).nByteLength + 8;
-    if (T < 24 || B < T || B > 1024)
-      throw new Error("hashToPrivateScalar: expected " + T + "-1024 bytes of input, got " + B);
+    const B = s.length, O = d(f).nByteLength + 8;
+    if (O < 24 || B < O || B > 1024)
+      throw new Error("hashToPrivateScalar: expected " + O + "-1024 bytes of input, got " + B);
     const k = y ? (0, e.bytesToNumberLE)(s) : (0, e.bytesToNumberBE)(s);
     return V(k, f - c) + c;
   }
@@ -474,56 +501,56 @@ function $e() {
     return f + Math.ceil(f / 2);
   }
   function w(s, f, y = !1) {
-    const B = s.length, T = o(f), k = h(f);
+    const B = s.length, O = o(f), k = h(f);
     if (B < 16 || B < k || B > 1024)
       throw new Error("expected " + k + "-1024 bytes of input, got " + B);
     const Y = y ? (0, e.bytesToNumberLE)(s) : (0, e.bytesToNumberBE)(s), I = V(Y, f - c) + c;
-    return y ? (0, e.numberToBytesLE)(I, T) : (0, e.numberToBytesBE)(I, T);
+    return y ? (0, e.numberToBytesLE)(I, O) : (0, e.numberToBytesBE)(I, O);
   }
   return he;
 }
-var Tt;
+var Ot;
 function gn() {
-  if (Tt) return Oe;
-  Tt = 1, Object.defineProperty(Oe, "__esModule", { value: !0 }), Oe.wNAF = void 0, Oe.negateCt = l, Oe.normalizeZ = m, Oe.mulEndoUnsafe = M, Oe.pippenger = Q, Oe.precomputeMSMUnsafe = F, Oe.validateBasic = G, Oe._createCurveFields = ie;
-  const e = /* @__PURE__ */ Ce(), r = /* @__PURE__ */ $e(), c = BigInt(0), t = BigInt(1);
-  function l(j, O) {
-    const L = O.negate();
-    return j ? L : O;
-  }
-  function m(j, O) {
-    const L = (0, r.FpInvertBatch)(j.Fp, O.map((_) => _.Z));
-    return O.map((_, K) => j.fromAffine(_.toAffine(L[K])));
-  }
-  function g(j, O) {
-    if (!Number.isSafeInteger(j) || j <= 0 || j > O)
-      throw new Error("invalid window size, expected [1.." + O + "], got W=" + j);
-  }
-  function p(j, O) {
-    g(j, O);
-    const L = Math.ceil(O / j) + 1, _ = 2 ** (j - 1), K = 2 ** j, W = (0, e.bitMask)(j), z = BigInt(j);
-    return { windows: L, windowSize: _, mask: W, maxNumber: K, shiftBy: z };
-  }
-  function v(j, O, L) {
-    const { windowSize: _, mask: K, maxNumber: W, shiftBy: z } = L;
-    let d = Number(j & K), u = j >> z;
-    d > _ && (d -= W, u += t);
-    const n = O * _, a = n + Math.abs(d) - 1, i = d === 0, o = d < 0, h = O % 2 !== 0;
-    return { nextN: u, offset: a, isZero: i, isNeg: o, isNegF: h, offsetF: n };
-  }
-  function U(j, O) {
+  if (Ot) return Re;
+  Ot = 1, Object.defineProperty(Re, "__esModule", { value: !0 }), Re.wNAF = void 0, Re.negateCt = u, Re.normalizeZ = m, Re.mulEndoUnsafe = M, Re.pippenger = Q, Re.precomputeMSMUnsafe = F, Re.validateBasic = G, Re._createCurveFields = ie;
+  const e = /* @__PURE__ */ Ce(), n = /* @__PURE__ */ $e(), c = BigInt(0), t = BigInt(1);
+  function u(j, R) {
+    const L = R.negate();
+    return j ? L : R;
+  }
+  function m(j, R) {
+    const L = (0, n.FpInvertBatch)(j.Fp, R.map((_) => _.Z));
+    return R.map((_, K) => j.fromAffine(_.toAffine(L[K])));
+  }
+  function g(j, R) {
+    if (!Number.isSafeInteger(j) || j <= 0 || j > R)
+      throw new Error("invalid window size, expected [1.." + R + "], got W=" + j);
+  }
+  function p(j, R) {
+    g(j, R);
+    const L = Math.ceil(R / j) + 1, _ = 2 ** (j - 1), K = 2 ** j, W = (0, e.bitMask)(j), D = BigInt(j);
+    return { windows: L, windowSize: _, mask: W, maxNumber: K, shiftBy: D };
+  }
+  function v(j, R, L) {
+    const { windowSize: _, mask: K, maxNumber: W, shiftBy: D } = L;
+    let d = Number(j & K), l = j >> D;
+    d > _ && (d -= W, l += t);
+    const r = R * _, a = r + Math.abs(d) - 1, i = d === 0, o = d < 0, h = R % 2 !== 0;
+    return { nextN: l, offset: a, isZero: i, isNeg: o, isNegF: h, offsetF: r };
+  }
+  function U(j, R) {
     if (!Array.isArray(j))
       throw new Error("array expected");
     j.forEach((L, _) => {
-      if (!(L instanceof O))
+      if (!(L instanceof R))
         throw new Error("invalid point at index " + _);
     });
   }
-  function H(j, O) {
+  function H(j, R) {
     if (!Array.isArray(j))
       throw new Error("array of scalars expected");
     j.forEach((L, _) => {
-      if (!O.isValid(L))
+      if (!R.isValid(L))
         throw new Error("invalid scalar at index " + _);
     });
   }
@@ -537,12 +564,12 @@ function gn() {
   }
   class A {
     // Parametrized with a given Point class (not individual point)
-    constructor(O, L) {
-      this.BASE = O.BASE, this.ZERO = O.ZERO, this.Fn = O.Fn, this.bits = L;
+    constructor(R, L) {
+      this.BASE = R.BASE, this.ZERO = R.ZERO, this.Fn = R.Fn, this.bits = L;
     }
     // non-const time multiplication ladder
-    _unsafeLadder(O, L, _ = this.ZERO) {
-      let K = O;
+    _unsafeLadder(R, L, _ = this.ZERO) {
+      let K = R;
       for (; L > c; )
         L & t && (_ = _.add(K)), K = K.double(), L >>= t;
       return _;
@@ -559,14 +586,14 @@ function gn() {
      * @param W window size
      * @returns precomputed point tables flattened to a single array
      */
-    precomputeWindow(O, L) {
+    precomputeWindow(R, L) {
       const { windows: _, windowSize: K } = p(L, this.bits), W = [];
-      let z = O, d = z;
-      for (let u = 0; u < _; u++) {
-        d = z, W.push(d);
-        for (let n = 1; n < K; n++)
-          d = d.add(z), W.push(d);
-        z = d.double();
+      let D = R, d = D;
+      for (let l = 0; l < _; l++) {
+        d = D, W.push(d);
+        for (let r = 1; r < K; r++)
+          d = d.add(D), W.push(d);
+        D = d.double();
       }
       return W;
     }
@@ -576,14 +603,14 @@ function gn() {
      * https://github.com/paulmillr/noble-secp256k1/blob/47cb1669b6e506ad66b35fe7d76132ae97465da2/index.ts#L502-L541
      * @returns real and fake (for const-time) points
      */
-    wNAF(O, L, _) {
+    wNAF(R, L, _) {
       if (!this.Fn.isValid(_))
         throw new Error("invalid scalar");
       let K = this.ZERO, W = this.BASE;
-      const z = p(O, this.bits);
-      for (let d = 0; d < z.windows; d++) {
-        const { nextN: u, offset: n, isZero: a, isNeg: i, isNegF: o, offsetF: h } = v(_, d, z);
-        _ = u, a ? W = W.add(l(o, L[h])) : K = K.add(l(i, L[n]));
+      const D = p(R, this.bits);
+      for (let d = 0; d < D.windows; d++) {
+        const { nextN: l, offset: r, isZero: a, isNeg: i, isNegF: o, offsetF: h } = v(_, d, D);
+        _ = l, a ? W = W.add(u(o, L[h])) : K = K.add(u(i, L[r]));
       }
       return S(_), { p: K, f: W };
     }
@@ -592,98 +619,98 @@ function gn() {
      * @param acc accumulator point to add result of multiplication
      * @returns point
      */
-    wNAFUnsafe(O, L, _, K = this.ZERO) {
-      const W = p(O, this.bits);
-      for (let z = 0; z < W.windows && _ !== c; z++) {
-        const { nextN: d, offset: u, isZero: n, isNeg: a } = v(_, z, W);
-        if (_ = d, !n) {
-          const i = L[u];
+    wNAFUnsafe(R, L, _, K = this.ZERO) {
+      const W = p(R, this.bits);
+      for (let D = 0; D < W.windows && _ !== c; D++) {
+        const { nextN: d, offset: l, isZero: r, isNeg: a } = v(_, D, W);
+        if (_ = d, !r) {
+          const i = L[l];
           K = K.add(a ? i.negate() : i);
         }
       }
       return S(_), K;
     }
-    getPrecomputes(O, L, _) {
+    getPrecomputes(R, L, _) {
       let K = V.get(L);
-      return K || (K = this.precomputeWindow(L, O), O !== 1 && (typeof _ == "function" && (K = _(K)), V.set(L, K))), K;
+      return K || (K = this.precomputeWindow(L, R), R !== 1 && (typeof _ == "function" && (K = _(K)), V.set(L, K))), K;
     }
-    cached(O, L, _) {
-      const K = b(O);
-      return this.wNAF(K, this.getPrecomputes(K, O, _), L);
+    cached(R, L, _) {
+      const K = b(R);
+      return this.wNAF(K, this.getPrecomputes(K, R, _), L);
     }
-    unsafe(O, L, _, K) {
-      const W = b(O);
-      return W === 1 ? this._unsafeLadder(O, L, K) : this.wNAFUnsafe(W, this.getPrecomputes(W, O, _), L, K);
+    unsafe(R, L, _, K) {
+      const W = b(R);
+      return W === 1 ? this._unsafeLadder(R, L, K) : this.wNAFUnsafe(W, this.getPrecomputes(W, R, _), L, K);
     }
     // We calculate precomputes for elliptic curve point multiplication
     // using windowed method. This specifies window size and
     // stores precomputed values. Usually only base point would be precomputed.
-    createCache(O, L) {
-      g(L, this.bits), E.set(O, L), V.delete(O);
+    createCache(R, L) {
+      g(L, this.bits), E.set(R, L), V.delete(R);
     }
-    hasCache(O) {
-      return b(O) !== 1;
+    hasCache(R) {
+      return b(R) !== 1;
     }
   }
-  Oe.wNAF = A;
-  function M(j, O, L, _) {
-    let K = O, W = j.ZERO, z = j.ZERO;
+  Re.wNAF = A;
+  function M(j, R, L, _) {
+    let K = R, W = j.ZERO, D = j.ZERO;
     for (; L > c || _ > c; )
-      L & t && (W = W.add(K)), _ & t && (z = z.add(K)), K = K.double(), L >>= t, _ >>= t;
-    return { p1: W, p2: z };
+      L & t && (W = W.add(K)), _ & t && (D = D.add(K)), K = K.double(), L >>= t, _ >>= t;
+    return { p1: W, p2: D };
   }
-  function Q(j, O, L, _) {
-    U(L, j), H(_, O);
+  function Q(j, R, L, _) {
+    U(L, j), H(_, R);
     const K = L.length, W = _.length;
     if (K !== W)
       throw new Error("arrays of points and scalars must have equal length");
-    const z = j.ZERO, d = (0, e.bitLen)(BigInt(K));
-    let u = 1;
-    d > 12 ? u = d - 3 : d > 4 ? u = d - 2 : d > 0 && (u = 2);
-    const n = (0, e.bitMask)(u), a = new Array(Number(n) + 1).fill(z), i = Math.floor((O.BITS - 1) / u) * u;
-    let o = z;
-    for (let h = i; h >= 0; h -= u) {
-      a.fill(z);
+    const D = j.ZERO, d = (0, e.bitLen)(BigInt(K));
+    let l = 1;
+    d > 12 ? l = d - 3 : d > 4 ? l = d - 2 : d > 0 && (l = 2);
+    const r = (0, e.bitMask)(l), a = new Array(Number(r) + 1).fill(D), i = Math.floor((R.BITS - 1) / l) * l;
+    let o = D;
+    for (let h = i; h >= 0; h -= l) {
+      a.fill(D);
       for (let s = 0; s < W; s++) {
-        const f = _[s], y = Number(f >> BigInt(h) & n);
+        const f = _[s], y = Number(f >> BigInt(h) & r);
         a[y] = a[y].add(L[s]);
       }
-      let w = z;
-      for (let s = a.length - 1, f = z; s > 0; s--)
+      let w = D;
+      for (let s = a.length - 1, f = D; s > 0; s--)
         f = f.add(a[s]), w = w.add(f);
       if (o = o.add(w), h !== 0)
-        for (let s = 0; s < u; s++)
+        for (let s = 0; s < l; s++)
           o = o.double();
     }
     return o;
   }
-  function F(j, O, L, _) {
-    g(_, O.BITS), U(L, j);
-    const K = j.ZERO, W = 2 ** _ - 1, z = Math.ceil(O.BITS / _), d = (0, e.bitMask)(_), u = L.map((n) => {
+  function F(j, R, L, _) {
+    g(_, R.BITS), U(L, j);
+    const K = j.ZERO, W = 2 ** _ - 1, D = Math.ceil(R.BITS / _), d = (0, e.bitMask)(_), l = L.map((r) => {
       const a = [];
-      for (let i = 0, o = n; i < W; i++)
-        a.push(o), o = o.add(n);
+      for (let i = 0, o = r; i < W; i++)
+        a.push(o), o = o.add(r);
       return a;
     });
-    return (n) => {
-      if (H(n, O), n.length > L.length)
+    return (r) => {
+      if (H(r, R), r.length > L.length)
         throw new Error("array of scalars must be smaller than array of points");
       let a = K;
-      for (let i = 0; i < z; i++) {
+      for (let i = 0; i < D; i++) {
         if (a !== K)
           for (let h = 0; h < _; h++)
             a = a.double();
-        const o = BigInt(z * _ - (i + 1) * _);
-        for (let h = 0; h < n.length; h++) {
-          const w = n[h], s = Number(w >> o & d);
-          s && (a = a.add(u[h][s - 1]));
+        const o = BigInt(D * _ - (i + 1) * _);
+        for (let h = 0; h < r.length; h++) {
+          const w = r[h], s = Number(w >> o & d);
+          s && (a = a.add(l[h][s - 1]));
         }
       }
       return a;
     };
   }
   function G(j) {
-    return (0, r.validateField)(j.Fp), (0, e.validateObject)(j, {
+    return (0, n.validateField)(j.Fp), (0, e.validateObject)(j, {
       n: "bigint",
       h: "bigint",
       Gx: "field",
@@ -692,59 +719,59 @@ function gn() {
       nBitLength: "isSafeInteger",
       nByteLength: "isSafeInteger"
     }), Object.freeze({
-      ...(0, r.nLength)(j.n, j.nBitLength),
+      ...(0, n.nLength)(j.n, j.nBitLength),
       ...j,
       p: j.Fp.ORDER
     });
   }
-  function se(j, O, L) {
-    if (O) {
-      if (O.ORDER !== j)
+  function se(j, R, L) {
+    if (R) {
+      if (R.ORDER !== j)
         throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
-      return (0, r.validateField)(O), O;
+      return (0, n.validateField)(R), R;
     } else
-      return (0, r.Field)(j, { isLE: L });
+      return (0, n.Field)(j, { isLE: L });
   }
-  function ie(j, O, L = {}, _) {
-    if (_ === void 0 && (_ = j === "edwards"), !O || typeof O != "object")
+  function ie(j, R, L = {}, _) {
+    if (_ === void 0 && (_ = j === "edwards"), !R || typeof R != "object")
       throw new Error(`expected valid ${j} CURVE object`);
-    for (const u of ["p", "n", "h"]) {
-      const n = O[u];
-      if (!(typeof n == "bigint" && n > c))
-        throw new Error(`CURVE.${u} must be positive bigint`);
+    for (const l of ["p", "n", "h"]) {
+      const r = R[l];
+      if (!(typeof r == "bigint" && r > c))
+        throw new Error(`CURVE.${l} must be positive bigint`);
     }
-    const K = se(O.p, L.Fp, _), W = se(O.n, L.Fn, _), d = ["Gx", "Gy", "a", j === "weierstrass" ? "b" : "d"];
-    for (const u of d)
-      if (!K.isValid(O[u]))
-        throw new Error(`CURVE.${u} must be valid field element of CURVE.Fp`);
-    return O = Object.freeze(Object.assign({}, O)), { CURVE: O, Fp: K, Fn: W };
+    const K = se(R.p, L.Fp, _), W = se(R.n, L.Fn, _), d = ["Gx", "Gy", "a", j === "weierstrass" ? "b" : "d"];
+    for (const l of d)
+      if (!K.isValid(R[l]))
+        throw new Error(`CURVE.${l} must be valid field element of CURVE.Fp`);
+    return R = Object.freeze(Object.assign({}, R)), { CURVE: R, Fp: K, Fn: W };
   }
-  return Oe;
+  return Re;
 }
-var xt;
+var Tt;
 function Ct() {
-  return xt || (xt = 1, (function(e) {
-    Object.defineProperty(e, "__esModule", { value: !0 }), e.DER = e.DERErr = void 0, e._splitEndoScalar = p, e._normFnElement = M, e.weierstrassN = Q, e.SWUFpSqrtRatio = G, e.mapToCurveSimpleSWU = se, e.ecdh = j, e.ecdsa = O, e.weierstrassPoints = L, e._legacyHelperEquat = W, e.weierstrass = u;
-    const r = /* @__PURE__ */ ln(), c = /* @__PURE__ */ We(), t = /* @__PURE__ */ Ce(), l = /* @__PURE__ */ gn(), m = /* @__PURE__ */ $e(), g = (n, a) => (n + (n >= 0 ? a : -a) / b) / a;
-    function p(n, a, i) {
-      const [[o, h], [w, s]] = a, f = g(s * n, i), y = g(-h * n, i);
-      let B = n - f * o - y * w, T = -f * h - y * s;
-      const k = B < V, Y = T < V;
-      k && (B = -B), Y && (T = -T);
+  return Tt || (Tt = 1, (function(e) {
+    Object.defineProperty(e, "__esModule", { value: !0 }), e.DER = e.DERErr = void 0, e._splitEndoScalar = p, e._normFnElement = M, e.weierstrassN = Q, e.SWUFpSqrtRatio = G, e.mapToCurveSimpleSWU = se, e.ecdh = j, e.ecdsa = R, e.weierstrassPoints = L, e._legacyHelperEquat = W, e.weierstrass = l;
+    const n = /* @__PURE__ */ ln(), c = /* @__PURE__ */ We(), t = /* @__PURE__ */ Ce(), u = /* @__PURE__ */ gn(), m = /* @__PURE__ */ $e(), g = (r, a) => (r + (r >= 0 ? a : -a) / b) / a;
+    function p(r, a, i) {
+      const [[o, h], [w, s]] = a, f = g(s * r, i), y = g(-h * r, i);
+      let B = r - f * o - y * w, O = -f * h - y * s;
+      const k = B < V, Y = O < V;
+      k && (B = -B), Y && (O = -O);
       const I = (0, t.bitMask)(Math.ceil((0, t.bitLen)(i) / 2)) + E;
-      if (B < V || B >= I || T < V || T >= I)
-        throw new Error("splitScalar (endomorphism): failed, k=" + n);
-      return { k1neg: k, k1: B, k2neg: Y, k2: T };
+      if (B < V || B >= I || O < V || O >= I)
+        throw new Error("splitScalar (endomorphism): failed, k=" + r);
+      return { k1neg: k, k1: B, k2neg: Y, k2: O };
     }
-    function v(n) {
-      if (!["compact", "recovered", "der"].includes(n))
+    function v(r) {
+      if (!["compact", "recovered", "der"].includes(r))
         throw new Error('Signature format must be "compact", "recovered", or "der"');
-      return n;
+      return r;
     }
-    function U(n, a) {
+    function U(r, a) {
       const i = {};
       for (let o of Object.keys(a))
-        i[o] = n[o] === void 0 ? a[o] : n[o];
+        i[o] = r[o] === void 0 ? a[o] : r[o];
       return (0, t._abool2)(i.lowS, "lowS"), (0, t._abool2)(i.prehash, "prehash"), i.format !== void 0 && v(i.format), i;
     }
     class H extends Error {
@@ -757,9 +784,9 @@ function Ct() {
       Err: H,
       // Basic building block is TLV (Tag-Length-Value)
       _tlv: {
-        encode: (n, a) => {
+        encode: (r, a) => {
           const { Err: i } = e.DER;
-          if (n < 0 || n > 256)
+          if (r < 0 || r > 256)
             throw new i("tlv.encode: wrong tag");
           if (a.length & 1)
             throw new i("tlv.encode: unpadded data");
@@ -767,15 +794,15 @@ function Ct() {
           if (h.length / 2 & 128)
             throw new i("tlv.encode: long form length too big");
           const w = o > 127 ? (0, t.numberToHexUnpadded)(h.length / 2 | 128) : "";
-          return (0, t.numberToHexUnpadded)(n) + w + h + a;
+          return (0, t.numberToHexUnpadded)(r) + w + h + a;
         },
         // v - value, l - left bytes (unparsed)
-        decode(n, a) {
+        decode(r, a) {
           const { Err: i } = e.DER;
           let o = 0;
-          if (n < 0 || n > 256)
+          if (r < 0 || r > 256)
             throw new i("tlv.encode: wrong tag");
-          if (a.length < 2 || a[o++] !== n)
+          if (a.length < 2 || a[o++] !== r)
             throw new i("tlv.decode: wrong tlv");
           const h = a[o++], w = !!(h & 128);
           let s = 0;
@@ -792,8 +819,8 @@ function Ct() {
               throw new i("tlv.decode: length bytes not complete");
             if (B[0] === 0)
               throw new i("tlv.decode(long): zero leftmost byte");
-            for (const T of B)
-              s = s << 8 | T;
+            for (const O of B)
+              s = s << 8 | O;
             if (o += y, s < 128)
               throw new i("tlv.decode(long): not minimal encoding");
           }
@@ -808,58 +835,58 @@ function Ct() {
       // - add zero byte if exists
       // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding)
       _int: {
-        encode(n) {
+        encode(r) {
           const { Err: a } = e.DER;
-          if (n < V)
+          if (r < V)
             throw new a("integer: negative integers are not allowed");
-          let i = (0, t.numberToHexUnpadded)(n);
+          let i = (0, t.numberToHexUnpadded)(r);
           if (Number.parseInt(i[0], 16) & 8 && (i = "00" + i), i.length & 1)
             throw new a("unexpected DER parsing assertion: unpadded hex");
           return i;
         },
-        decode(n) {
+        decode(r) {
           const { Err: a } = e.DER;
-          if (n[0] & 128)
+          if (r[0] & 128)
             throw new a("invalid signature integer: negative");
-          if (n[0] === 0 && !(n[1] & 128))
+          if (r[0] === 0 && !(r[1] & 128))
             throw new a("invalid signature integer: unnecessary leading zero");
-          return (0, t.bytesToNumberBE)(n);
+          return (0, t.bytesToNumberBE)(r);
         }
       },
-      toSig(n) {
-        const { Err: a, _int: i, _tlv: o } = e.DER, h = (0, t.ensureBytes)("signature", n), { v: w, l: s } = o.decode(48, h);
+      toSig(r) {
+        const { Err: a, _int: i, _tlv: o } = e.DER, h = (0, t.ensureBytes)("signature", r), { v: w, l: s } = o.decode(48, h);
         if (s.length)
           throw new a("invalid signature: left bytes after parsing");
-        const { v: f, l: y } = o.decode(2, w), { v: B, l: T } = o.decode(2, y);
-        if (T.length)
+        const { v: f, l: y } = o.decode(2, w), { v: B, l: O } = o.decode(2, y);
+        if (O.length)
           throw new a("invalid signature: left bytes after parsing");
         return { r: i.decode(f), s: i.decode(B) };
       },
-      hexFromSig(n) {
-        const { _tlv: a, _int: i } = e.DER, o = a.encode(2, i.encode(n.r)), h = a.encode(2, i.encode(n.s)), w = o + h;
+      hexFromSig(r) {
+        const { _tlv: a, _int: i } = e.DER, o = a.encode(2, i.encode(r.r)), h = a.encode(2, i.encode(r.s)), w = o + h;
         return a.encode(48, w);
       }
     };
     const V = BigInt(0), E = BigInt(1), b = BigInt(2), S = BigInt(3), A = BigInt(4);
-    function M(n, a) {
-      const { BYTES: i } = n;
+    function M(r, a) {
+      const { BYTES: i } = r;
       let o;
       if (typeof a == "bigint")
         o = a;
       else {
         let h = (0, t.ensureBytes)("private key", a);
         try {
-          o = n.fromBytes(h);
+          o = r.fromBytes(h);
         } catch {
           throw new Error(`invalid private key: expected ui8a of size ${i}, got ${typeof a}`);
         }
       }
-      if (!n.isValidNot0(o))
+      if (!r.isValidNot0(o))
         throw new Error("invalid private key: out of range [1..N-1]");
       return o;
     }
-    function Q(n, a = {}) {
-      const i = (0, l._createCurveFields)("weierstrass", n, a), { Fp: o, Fn: h } = i;
+    function Q(r, a = {}) {
+      const i = (0, u._createCurveFields)("weierstrass", r, a), { Fp: o, Fn: h } = i;
       let w = i.CURVE;
       const { h: s, n: f } = w;
       (0, t._validateObject)(a, {}, {
@@ -875,23 +902,23 @@ function Ct() {
       if (y && (!o.is0(w.a) || typeof y.beta != "bigint" || !Array.isArray(y.basises)))
         throw new Error('invalid endo: expected "beta": bigint and "basises": array');
       const B = ie(o, h);
-      function T() {
+      function O() {
         if (!o.isOdd)
           throw new Error("compression is not supported: Field does not have .isOdd()");
       }
       function k(le, Z, N) {
-        const { x: R, y: D } = Z.toAffine(), J = o.toBytes(R);
+        const { x, y: z } = Z.toAffine(), J = o.toBytes(x);
         if ((0, t._abool2)(N, "isCompressed"), N) {
-          T();
-          const re = !o.isOdd(D);
+          O();
+          const re = !o.isOdd(z);
           return (0, t.concatBytes)(F(re), J);
         } else
-          return (0, t.concatBytes)(Uint8Array.of(4), J, o.toBytes(D));
+          return (0, t.concatBytes)(Uint8Array.of(4), J, o.toBytes(z));
       }
       function Y(le) {
         (0, t._abytes2)(le, void 0, "Point");
-        const { publicKey: Z, publicKeyUncompressed: N } = B, R = le.length, D = le[0], J = le.subarray(1);
-        if (R === Z && (D === 2 || D === 3)) {
+        const { publicKey: Z, publicKeyUncompressed: N } = B, x = le.length, z = le[0], J = le.subarray(1);
+        if (x === Z && (z === 2 || z === 3)) {
           const re = o.fromBytes(J);
           if (!o.isValid(re))
             throw new Error("bad point: is not on curve, wrong x");
@@ -903,16 +930,16 @@ function Ct() {
             const de = we instanceof Error ? ": " + we.message : "";
             throw new Error("bad point: is not on curve, sqrt error" + de);
           }
-          T();
+          O();
           const oe = o.isOdd(ee);
-          return (D & 1) === 1 !== oe && (ee = o.neg(ee)), { x: re, y: ee };
-        } else if (R === N && D === 4) {
+          return (z & 1) === 1 !== oe && (ee = o.neg(ee)), { x: re, y: ee };
+        } else if (x === N && z === 4) {
           const re = o.BYTES, ne = o.fromBytes(J.subarray(0, re)), ee = o.fromBytes(J.subarray(re, re * 2));
           if (!te(ne, ee))
             throw new Error("bad point: is not on curve");
           return { x: ne, y: ee };
         } else
-          throw new Error(`bad point: got length ${R}, expected compressed=${Z} or uncompressed=${N}`);
+          throw new Error(`bad point: got length ${x}, expected compressed=${Z} or uncompressed=${N}`);
       }
       const I = a.toBytes || k, q = a.fromBytes || Y;
       function C(le) {
@@ -920,13 +947,13 @@ function Ct() {
         return o.add(o.add(N, o.mul(le, w.a)), w.b);
       }
       function te(le, Z) {
-        const N = o.sqr(Z), R = C(le);
-        return o.eql(N, R);
+        const N = o.sqr(Z), x = C(le);
+        return o.eql(N, x);
       }
       if (!te(w.Gx, w.Gy))
         throw new Error("bad curve params: generator point");
-      const $ = o.mul(o.pow(w.a, S), A), x = o.mul(o.sqr(w.b), BigInt(27));
-      if (o.is0(o.add($, x)))
+      const $ = o.mul(o.pow(w.a, S), A), T = o.mul(o.sqr(w.b), BigInt(27));
+      if (o.is0(o.add($, T)))
         throw new Error("bad curve params: a or b");
       function X(le, Z, N = !1) {
         if (!o.isValid(Z) || N && o.is0(Z))
@@ -943,12 +970,12 @@ function Ct() {
         return p(le, y.basises, h.ORDER);
       }
       const pe = (0, t.memoized)((le, Z) => {
-        const { X: N, Y: R, Z: D } = le;
-        if (o.eql(D, o.ONE))
-          return { x: N, y: R };
+        const { X: N, Y: x, Z: z } = le;
+        if (o.eql(z, o.ONE))
+          return { x: N, y: x };
         const J = le.is0();
-        Z == null && (Z = J ? o.ONE : o.inv(D));
-        const re = o.mul(N, Z), ne = o.mul(R, Z), ee = o.mul(D, Z);
+        Z == null && (Z = J ? o.ONE : o.inv(z));
+        const re = o.mul(N, Z), ne = o.mul(x, Z), ee = o.mul(z, Z);
         if (J)
           return { x: o.ZERO, y: o.ZERO };
         if (!o.eql(ee, o.ONE))
@@ -969,25 +996,25 @@ function Ct() {
           throw new Error("bad point: not in prime-order subgroup");
         return !0;
       });
-      function xe(le, Z, N, R, D) {
-        return N = new fe(o.mul(N.X, le), N.Y, N.Z), Z = (0, l.negateCt)(R, Z), N = (0, l.negateCt)(D, N), Z.add(N);
+      function Te(le, Z, N, x, z) {
+        return N = new fe(o.mul(N.X, le), N.Y, N.Z), Z = (0, u.negateCt)(x, Z), N = (0, u.negateCt)(z, N), Z.add(N);
       }
       class fe {
         /** Does NOT validate if the point is valid. Use `.assertValidity()`. */
-        constructor(Z, N, R) {
-          this.X = X("x", Z), this.Y = X("y", N, !0), this.Z = X("z", R), Object.freeze(this);
+        constructor(Z, N, x) {
+          this.X = X("x", Z), this.Y = X("y", N, !0), this.Z = X("z", x), Object.freeze(this);
         }
         static CURVE() {
           return w;
         }
         /** Does NOT validate if the point is valid. Use `.assertValidity()`. */
         static fromAffine(Z) {
-          const { x: N, y: R } = Z || {};
-          if (!Z || !o.isValid(N) || !o.isValid(R))
+          const { x: N, y: x } = Z || {};
+          if (!Z || !o.isValid(N) || !o.isValid(x))
             throw new Error("invalid affine point");
           if (Z instanceof fe)
             throw new Error("projective point not allowed");
-          return o.is0(N) && o.is0(R) ? fe.ZERO : new fe(N, R, o.ONE);
+          return o.is0(N) && o.is0(x) ? fe.ZERO : new fe(N, x, o.ONE);
         }
         static fromBytes(Z) {
           const N = fe.fromAffine(q((0, t._abytes2)(Z, void 0, "point")));
@@ -1025,7 +1052,7 @@ function Ct() {
         /** Compare one point to another. */
         equals(Z) {
           ae(Z);
-          const { X: N, Y: R, Z: D } = this, { X: J, Y: re, Z: ne } = Z, ee = o.eql(o.mul(N, ne), o.mul(J, D)), oe = o.eql(o.mul(R, ne), o.mul(re, D));
+          const { X: N, Y: x, Z: z } = this, { X: J, Y: re, Z: ne } = Z, ee = o.eql(o.mul(N, ne), o.mul(J, z)), oe = o.eql(o.mul(x, ne), o.mul(re, z));
           return ee && oe;
         }
         /** Flips point to one corresponding to (x, -y) in Affine coordinates. */
@@ -1037,9 +1064,9 @@ function Ct() {
         // https://eprint.iacr.org/2015/1060, algorithm 3
         // Cost: 8M + 3S + 3*a + 2*b3 + 15add.
         double() {
-          const { a: Z, b: N } = w, R = o.mul(N, S), { X: D, Y: J, Z: re } = this;
-          let ne = o.ZERO, ee = o.ZERO, oe = o.ZERO, ce = o.mul(D, D), we = o.mul(J, J), de = o.mul(re, re), ue = o.mul(D, J);
-          return ue = o.add(ue, ue), oe = o.mul(D, re), oe = o.add(oe, oe), ne = o.mul(Z, oe), ee = o.mul(R, de), ee = o.add(ne, ee), ne = o.sub(we, ee), ee = o.add(we, ee), ee = o.mul(ne, ee), ne = o.mul(ue, ne), oe = o.mul(R, oe), de = o.mul(Z, de), ue = o.sub(ce, de), ue = o.mul(Z, ue), ue = o.add(ue, oe), oe = o.add(ce, ce), ce = o.add(oe, ce), ce = o.add(ce, de), ce = o.mul(ce, ue), ee = o.add(ee, ce), de = o.mul(J, re), de = o.add(de, de), ce = o.mul(de, ue), ne = o.sub(ne, ce), oe = o.mul(de, we), oe = o.add(oe, oe), oe = o.add(oe, oe), new fe(ne, ee, oe);
+          const { a: Z, b: N } = w, x = o.mul(N, S), { X: z, Y: J, Z: re } = this;
+          let ne = o.ZERO, ee = o.ZERO, oe = o.ZERO, ce = o.mul(z, z), we = o.mul(J, J), de = o.mul(re, re), ue = o.mul(z, J);
+          return ue = o.add(ue, ue), oe = o.mul(z, re), oe = o.add(oe, oe), ne = o.mul(Z, oe), ee = o.mul(x, de), ee = o.add(ne, ee), ne = o.sub(we, ee), ee = o.add(we, ee), ee = o.mul(ne, ee), ne = o.mul(ue, ne), oe = o.mul(x, oe), de = o.mul(Z, de), ue = o.sub(ce, de), ue = o.mul(Z, ue), ue = o.add(ue, oe), oe = o.add(ce, ce), ce = o.add(oe, ce), ce = o.add(ce, de), ce = o.mul(ce, ue), ee = o.add(ee, ce), de = o.mul(J, re), de = o.add(de, de), ce = o.mul(de, ue), ne = o.sub(ne, ce), oe = o.mul(de, we), oe = o.add(oe, oe), oe = o.add(oe, oe), new fe(ne, ee, oe);
         }
         // Renes-Costello-Batina exception-free addition formula.
         // There is 30% faster Jacobian formula, but it is not complete.
@@ -1047,13 +1074,13 @@ function Ct() {
         // Cost: 12M + 0S + 3*a + 3*b3 + 23add.
         add(Z) {
           ae(Z);
-          const { X: N, Y: R, Z: D } = this, { X: J, Y: re, Z: ne } = Z;
+          const { X: N, Y: x, Z: z } = this, { X: J, Y: re, Z: ne } = Z;
           let ee = o.ZERO, oe = o.ZERO, ce = o.ZERO;
           const we = w.a, de = o.mul(w.b, S);
-          let ue = o.mul(N, J), me = o.mul(R, re), ge = o.mul(D, ne), _e = o.add(N, R), be = o.add(J, re);
-          _e = o.mul(_e, be), be = o.add(ue, me), _e = o.sub(_e, be), be = o.add(N, D);
+          let ue = o.mul(N, J), me = o.mul(x, re), ge = o.mul(z, ne), _e = o.add(N, x), be = o.add(J, re);
+          _e = o.mul(_e, be), be = o.add(ue, me), _e = o.sub(_e, be), be = o.add(N, z);
           let Ee = o.add(J, ne);
-          return be = o.mul(be, Ee), Ee = o.add(ue, ge), be = o.sub(be, Ee), Ee = o.add(R, D), ee = o.add(re, ne), Ee = o.mul(Ee, ee), ee = o.add(me, ge), Ee = o.sub(Ee, ee), ce = o.mul(we, be), ee = o.mul(de, ge), ce = o.add(ee, ce), ee = o.sub(me, ce), ce = o.add(me, ce), oe = o.mul(ee, ce), me = o.add(ue, ue), me = o.add(me, ue), ge = o.mul(we, ge), be = o.mul(de, be), me = o.add(me, ge), ge = o.sub(ue, ge), ge = o.mul(we, ge), be = o.add(be, ge), ue = o.mul(me, be), oe = o.add(oe, ue), ue = o.mul(Ee, be), ee = o.mul(_e, ee), ee = o.sub(ee, ue), ue = o.mul(_e, me), ce = o.mul(Ee, ce), ce = o.add(ce, ue), new fe(ee, oe, ce);
+          return be = o.mul(be, Ee), Ee = o.add(ue, ge), be = o.sub(be, Ee), Ee = o.add(x, z), ee = o.add(re, ne), Ee = o.mul(Ee, ee), ee = o.add(me, ge), Ee = o.sub(Ee, ee), ce = o.mul(we, be), ee = o.mul(de, ge), ce = o.add(ee, ce), ee = o.sub(me, ce), ce = o.add(me, ce), oe = o.mul(ee, ce), me = o.add(ue, ue), me = o.add(me, ue), ge = o.mul(we, ge), be = o.mul(de, be), me = o.add(me, ge), ge = o.sub(ue, ge), ge = o.mul(we, ge), be = o.add(be, ge), ue = o.mul(me, be), oe = o.add(oe, ue), ue = o.mul(Ee, be), ee = o.mul(_e, ee), ee = o.sub(ee, ue), ue = o.mul(_e, me), ce = o.mul(Ee, ce), ce = o.add(ce, ue), new fe(ee, oe, ce);
         }
         subtract(Z) {
           return this.add(Z.negate());
@@ -1074,16 +1101,16 @@ function Ct() {
           const { endo: N } = a;
           if (!h.isValidNot0(Z))
             throw new Error("invalid scalar: out of range");
-          let R, D;
-          const J = (re) => Ue.cached(this, re, (ne) => (0, l.normalizeZ)(fe, ne));
+          let x, z;
+          const J = (re) => Ue.cached(this, re, (ne) => (0, u.normalizeZ)(fe, ne));
           if (N) {
             const { k1neg: re, k1: ne, k2neg: ee, k2: oe } = ye(Z), { p: ce, f: we } = J(ne), { p: de, f: ue } = J(oe);
-            D = we.add(ue), R = xe(N.beta, ce, de, re, ee);
+            z = we.add(ue), x = Te(N.beta, ce, de, re, ee);
           } else {
             const { p: re, f: ne } = J(Z);
-            R = re, D = ne;
+            x = re, z = ne;
           }
-          return (0, l.normalizeZ)(fe, [R, D])[0];
+          return (0, u.normalizeZ)(fe, [x, z])[0];
         }
         /**
          * Non-constant-time multiplication. Uses double-and-add algorithm.
@@ -1091,24 +1118,24 @@ function Ct() {
          * an exposed secret key e.g. sig verification, which works over *public* keys.
          */
         multiplyUnsafe(Z) {
-          const { endo: N } = a, R = this;
+          const { endo: N } = a, x = this;
           if (!h.isValid(Z))
             throw new Error("invalid scalar: out of range");
-          if (Z === V || R.is0())
+          if (Z === V || x.is0())
             return fe.ZERO;
           if (Z === E)
-            return R;
+            return x;
           if (Ue.hasCache(this))
             return this.multiply(Z);
           if (N) {
-            const { k1neg: D, k1: J, k2neg: re, k2: ne } = ye(Z), { p1: ee, p2: oe } = (0, l.mulEndoUnsafe)(fe, R, J, ne);
-            return xe(N.beta, ee, oe, D, re);
+            const { k1neg: z, k1: J, k2neg: re, k2: ne } = ye(Z), { p1: ee, p2: oe } = (0, u.mulEndoUnsafe)(fe, x, J, ne);
+            return Te(N.beta, ee, oe, z, re);
           } else
-            return Ue.unsafe(R, Z);
+            return Ue.unsafe(x, Z);
         }
-        multiplyAndAddUnsafe(Z, N, R) {
-          const D = this.multiplyUnsafe(N).add(Z.multiplyUnsafe(R));
-          return D.is0() ? void 0 : D;
+        multiplyAndAddUnsafe(Z, N, x) {
+          const z = this.multiplyUnsafe(N).add(Z.multiplyUnsafe(x));
+          return z.is0() ? void 0 : z;
         }
         /**
          * Converts Projective point to affine (x, y) coordinates.
@@ -1158,91 +1185,91 @@ function Ct() {
           this.precompute(Z);
         }
         static normalizeZ(Z) {
-          return (0, l.normalizeZ)(fe, Z);
+          return (0, u.normalizeZ)(fe, Z);
         }
         static msm(Z, N) {
-          return (0, l.pippenger)(fe, h, Z, N);
+          return (0, u.pippenger)(fe, h, Z, N);
         }
         static fromPrivateKey(Z) {
           return fe.BASE.multiply(M(h, Z));
         }
       }
       fe.BASE = new fe(w.Gx, w.Gy, o.ONE), fe.ZERO = new fe(o.ZERO, o.ONE, o.ZERO), fe.Fp = o, fe.Fn = h;
-      const Ye = h.BITS, Ue = new l.wNAF(fe, a.endo ? Math.ceil(Ye / 2) : Ye);
+      const Ye = h.BITS, Ue = new u.wNAF(fe, a.endo ? Math.ceil(Ye / 2) : Ye);
       return fe.BASE.precompute(8), fe;
     }
-    function F(n) {
-      return Uint8Array.of(n ? 2 : 3);
+    function F(r) {
+      return Uint8Array.of(r ? 2 : 3);
     }
-    function G(n, a) {
-      const i = n.ORDER;
+    function G(r, a) {
+      const i = r.ORDER;
       let o = V;
       for (let q = i - E; q % b === V; q /= b)
         o += E;
-      const h = o, w = b << h - E - E, s = w * b, f = (i - E) / s, y = (f - E) / b, B = s - E, T = w, k = n.pow(a, f), Y = n.pow(a, (f + E) / b);
+      const h = o, w = b << h - E - E, s = w * b, f = (i - E) / s, y = (f - E) / b, B = s - E, O = w, k = r.pow(a, f), Y = r.pow(a, (f + E) / b);
       let I = (q, C) => {
-        let te = k, $ = n.pow(C, B), x = n.sqr($);
-        x = n.mul(x, C);
-        let X = n.mul(q, x);
-        X = n.pow(X, y), X = n.mul(X, $), $ = n.mul(X, C), x = n.mul(X, q);
-        let ae = n.mul(x, $);
-        X = n.pow(ae, T);
-        let ye = n.eql(X, n.ONE);
-        $ = n.mul(x, Y), X = n.mul(ae, te), x = n.cmov($, x, ye), ae = n.cmov(X, ae, ye);
+        let te = k, $ = r.pow(C, B), T = r.sqr($);
+        T = r.mul(T, C);
+        let X = r.mul(q, T);
+        X = r.pow(X, y), X = r.mul(X, $), $ = r.mul(X, C), T = r.mul(X, q);
+        let ae = r.mul(T, $);
+        X = r.pow(ae, O);
+        let ye = r.eql(X, r.ONE);
+        $ = r.mul(T, Y), X = r.mul(ae, te), T = r.cmov($, T, ye), ae = r.cmov(X, ae, ye);
         for (let pe = h; pe > E; pe--) {
           let ve = pe - b;
           ve = b << ve - E;
-          let xe = n.pow(ae, ve);
-          const fe = n.eql(xe, n.ONE);
-          $ = n.mul(x, te), te = n.mul(te, te), xe = n.mul(ae, te), x = n.cmov($, x, fe), ae = n.cmov(xe, ae, fe);
+          let Te = r.pow(ae, ve);
+          const fe = r.eql(Te, r.ONE);
+          $ = r.mul(T, te), te = r.mul(te, te), Te = r.mul(ae, te), T = r.cmov($, T, fe), ae = r.cmov(Te, ae, fe);
         }
-        return { isValid: ye, value: x };
+        return { isValid: ye, value: T };
       };
-      if (n.ORDER % A === S) {
-        const q = (n.ORDER - S) / A, C = n.sqrt(n.neg(a));
+      if (r.ORDER % A === S) {
+        const q = (r.ORDER - S) / A, C = r.sqrt(r.neg(a));
         I = (te, $) => {
-          let x = n.sqr($);
-          const X = n.mul(te, $);
-          x = n.mul(x, X);
-          let ae = n.pow(x, q);
-          ae = n.mul(ae, X);
-          const ye = n.mul(ae, C), pe = n.mul(n.sqr(ae), $), ve = n.eql(pe, te);
-          let xe = n.cmov(ye, ae, ve);
-          return { isValid: ve, value: xe };
+          let T = r.sqr($);
+          const X = r.mul(te, $);
+          T = r.mul(T, X);
+          let ae = r.pow(T, q);
+          ae = r.mul(ae, X);
+          const ye = r.mul(ae, C), pe = r.mul(r.sqr(ae), $), ve = r.eql(pe, te);
+          let Te = r.cmov(ye, ae, ve);
+          return { isValid: ve, value: Te };
         };
       }
       return I;
     }
-    function se(n, a) {
-      (0, m.validateField)(n);
+    function se(r, a) {
+      (0, m.validateField)(r);
       const { A: i, B: o, Z: h } = a;
-      if (!n.isValid(i) || !n.isValid(o) || !n.isValid(h))
+      if (!r.isValid(i) || !r.isValid(o) || !r.isValid(h))
         throw new Error("mapToCurveSimpleSWU: invalid opts");
-      const w = G(n, h);
-      if (!n.isOdd)
+      const w = G(r, h);
+      if (!r.isOdd)
         throw new Error("Field does not have .isOdd()");
       return (s) => {
-        let f, y, B, T, k, Y, I, q;
-        f = n.sqr(s), f = n.mul(f, h), y = n.sqr(f), y = n.add(y, f), B = n.add(y, n.ONE), B = n.mul(B, o), T = n.cmov(h, n.neg(y), !n.eql(y, n.ZERO)), T = n.mul(T, i), y = n.sqr(B), Y = n.sqr(T), k = n.mul(Y, i), y = n.add(y, k), y = n.mul(y, B), Y = n.mul(Y, T), k = n.mul(Y, o), y = n.add(y, k), I = n.mul(f, B);
+        let f, y, B, O, k, Y, I, q;
+        f = r.sqr(s), f = r.mul(f, h), y = r.sqr(f), y = r.add(y, f), B = r.add(y, r.ONE), B = r.mul(B, o), O = r.cmov(h, r.neg(y), !r.eql(y, r.ZERO)), O = r.mul(O, i), y = r.sqr(B), Y = r.sqr(O), k = r.mul(Y, i), y = r.add(y, k), y = r.mul(y, B), Y = r.mul(Y, O), k = r.mul(Y, o), y = r.add(y, k), I = r.mul(f, B);
         const { isValid: C, value: te } = w(y, Y);
-        q = n.mul(f, s), q = n.mul(q, te), I = n.cmov(I, B, C), q = n.cmov(q, te, C);
-        const $ = n.isOdd(s) === n.isOdd(q);
-        q = n.cmov(n.neg(q), q, $);
-        const x = (0, m.FpInvertBatch)(n, [T], !0)[0];
-        return I = n.mul(I, x), { x: I, y: q };
+        q = r.mul(f, s), q = r.mul(q, te), I = r.cmov(I, B, C), q = r.cmov(q, te, C);
+        const $ = r.isOdd(s) === r.isOdd(q);
+        q = r.cmov(r.neg(q), q, $);
+        const T = (0, m.FpInvertBatch)(r, [O], !0)[0];
+        return I = r.mul(I, T), { x: I, y: q };
       };
     }
-    function ie(n, a) {
+    function ie(r, a) {
       return {
         secretKey: a.BYTES,
-        publicKey: 1 + n.BYTES,
-        publicKeyUncompressed: 1 + 2 * n.BYTES,
+        publicKey: 1 + r.BYTES,
+        publicKeyUncompressed: 1 + 2 * r.BYTES,
         publicKeyHasPrefix: !0,
         signature: 2 * a.BYTES
       };
     }
-    function j(n, a = {}) {
-      const { Fn: i } = n, o = a.randomBytes || t.randomBytes, h = Object.assign(ie(n.Fp, i), { seed: (0, m.getMinHashLength)(i.ORDER) });
+    function j(r, a = {}) {
+      const { Fn: i } = r, o = a.randomBytes || t.randomBytes, h = Object.assign(ie(r.Fp, i), { seed: (0, m.getMinHashLength)(i.ORDER) });
       function w(I) {
         try {
           return !!M(i, I);
@@ -1254,7 +1281,7 @@ function Ct() {
         const { publicKey: C, publicKeyUncompressed: te } = h;
         try {
           const $ = I.length;
-          return q === !0 && $ !== C || q === !1 && $ !== te ? !1 : !!n.fromBytes(I);
+          return q === !0 && $ !== C || q === !1 && $ !== te ? !1 : !!r.fromBytes(I);
         } catch {
           return !1;
         }
@@ -1263,16 +1290,16 @@ function Ct() {
         return (0, m.mapHashToField)((0, t._abytes2)(I, h.seed, "seed"), i.ORDER);
       }
       function y(I, q = !0) {
-        return n.BASE.multiply(M(i, I)).toBytes(q);
+        return r.BASE.multiply(M(i, I)).toBytes(q);
       }
       function B(I) {
         const q = f(I);
         return { secretKey: q, publicKey: y(q) };
       }
-      function T(I) {
+      function O(I) {
         if (typeof I == "bigint")
           return !1;
-        if (I instanceof n)
+        if (I instanceof r)
           return !0;
         const { secretKey: q, publicKey: C, publicKeyUncompressed: te } = h;
         if (i.allowedLengths || q === C)
@@ -1281,14 +1308,14 @@ function Ct() {
         return $ === C || $ === te;
       }
       function k(I, q, C = !0) {
-        if (T(I) === !0)
+        if (O(I) === !0)
           throw new Error("first arg must be private key");
-        if (T(q) === !1)
+        if (O(q) === !1)
           throw new Error("second arg must be public key");
         const te = M(i, I);
-        return n.fromHex(q).multiply(te).toBytes(C);
+        return r.fromHex(q).multiply(te).toBytes(C);
       }
-      return Object.freeze({ getPublicKey: y, getSharedSecret: k, keygen: B, Point: n, utils: {
+      return Object.freeze({ getPublicKey: y, getSharedSecret: k, keygen: B, Point: r, utils: {
         isValidSecretKey: w,
         isValidPublicKey: s,
         randomSecretKey: f,
@@ -1296,12 +1323,12 @@ function Ct() {
         isValidPrivateKey: w,
         randomPrivateKey: f,
         normPrivateKeyToScalar: (I) => M(i, I),
-        precompute(I = 8, q = n.BASE) {
+        precompute(I = 8, q = r.BASE) {
           return q.precompute(I, !1);
         }
       }, lengths: h });
     }
-    function O(n, a, i = {}) {
+    function R(r, a, i = {}) {
       (0, c.ahash)(a), (0, t._validateObject)(i, {}, {
         hmac: "function",
         lowS: "boolean",
@@ -1309,7 +1336,7 @@ function Ct() {
         bits2int: "function",
         bits2int_modN: "function"
       });
-      const o = i.randomBytes || t.randomBytes, h = i.hmac || ((N, ...R) => (0, r.hmac)(a, N, (0, t.concatBytes)(...R))), { Fp: w, Fn: s } = n, { ORDER: f, BITS: y } = s, { keygen: B, getPublicKey: T, getSharedSecret: k, utils: Y, lengths: I } = j(n, i), q = {
+      const o = i.randomBytes || t.randomBytes, h = i.hmac || ((N, ...x) => (0, n.hmac)(a, N, (0, t.concatBytes)(...x))), { Fp: w, Fn: s } = r, { ORDER: f, BITS: y } = s, { keygen: B, getPublicKey: O, getSharedSecret: k, utils: Y, lengths: I } = j(r, i), q = {
         prehash: !1,
         lowS: typeof i.lowS == "boolean" ? i.lowS : !1,
         format: void 0,
@@ -1317,50 +1344,50 @@ function Ct() {
         extraEntropy: !1
       }, C = "compact";
       function te(N) {
-        const R = f >> E;
-        return N > R;
+        const x = f >> E;
+        return N > x;
       }
-      function $(N, R) {
-        if (!s.isValidNot0(R))
+      function $(N, x) {
+        if (!s.isValidNot0(x))
           throw new Error(`invalid signature ${N}: out of range 1..Point.Fn.ORDER`);
-        return R;
+        return x;
       }
-      function x(N, R) {
-        v(R);
-        const D = I.signature, J = R === "compact" ? D : R === "recovered" ? D + 1 : void 0;
-        return (0, t._abytes2)(N, J, `${R} signature`);
+      function T(N, x) {
+        v(x);
+        const z = I.signature, J = x === "compact" ? z : x === "recovered" ? z + 1 : void 0;
+        return (0, t._abytes2)(N, J, `${x} signature`);
       }
       class X {
-        constructor(R, D, J) {
-          this.r = $("r", R), this.s = $("s", D), J != null && (this.recovery = J), Object.freeze(this);
+        constructor(x, z, J) {
+          this.r = $("r", x), this.s = $("s", z), J != null && (this.recovery = J), Object.freeze(this);
         }
-        static fromBytes(R, D = C) {
-          x(R, D);
+        static fromBytes(x, z = C) {
+          T(x, z);
           let J;
-          if (D === "der") {
-            const { r: oe, s: ce } = e.DER.toSig((0, t._abytes2)(R));
+          if (z === "der") {
+            const { r: oe, s: ce } = e.DER.toSig((0, t._abytes2)(x));
             return new X(oe, ce);
           }
-          D === "recovered" && (J = R[0], D = "compact", R = R.subarray(1));
-          const re = s.BYTES, ne = R.subarray(0, re), ee = R.subarray(re, re * 2);
+          z === "recovered" && (J = x[0], z = "compact", x = x.subarray(1));
+          const re = s.BYTES, ne = x.subarray(0, re), ee = x.subarray(re, re * 2);
           return new X(s.fromBytes(ne), s.fromBytes(ee), J);
         }
-        static fromHex(R, D) {
-          return this.fromBytes((0, t.hexToBytes)(R), D);
+        static fromHex(x, z) {
+          return this.fromBytes((0, t.hexToBytes)(x), z);
         }
-        addRecoveryBit(R) {
-          return new X(this.r, this.s, R);
+        addRecoveryBit(x) {
+          return new X(this.r, this.s, x);
         }
-        recoverPublicKey(R) {
-          const D = w.ORDER, { r: J, s: re, recovery: ne } = this;
+        recoverPublicKey(x) {
+          const z = w.ORDER, { r: J, s: re, recovery: ne } = this;
           if (ne == null || ![0, 1, 2, 3].includes(ne))
             throw new Error("recovery id invalid");
-          if (f * b < D && ne > 1)
+          if (f * b < z && ne > 1)
             throw new Error("recovery id is ambiguous for h>1 curve");
           const oe = ne === 2 || ne === 3 ? J + f : J;
           if (!w.isValid(oe))
             throw new Error("recovery id 2 or 3 invalid");
-          const ce = w.toBytes(oe), we = n.fromBytes((0, t.concatBytes)(F((ne & 1) === 0), ce)), de = s.inv(oe), ue = ye((0, t.ensureBytes)("msgHash", R)), me = s.create(-ue * de), ge = s.create(re * de), _e = n.BASE.multiplyUnsafe(me).add(we.multiplyUnsafe(ge));
+          const ce = w.toBytes(oe), we = r.fromBytes((0, t.concatBytes)(F((ne & 1) === 0), ce)), de = s.inv(oe), ue = ye((0, t.ensureBytes)("msgHash", x)), me = s.create(-ue * de), ge = s.create(re * de), _e = r.BASE.multiplyUnsafe(me).add(we.multiplyUnsafe(ge));
           if (_e.is0())
             throw new Error("point at infinify");
           return _e.assertValidity(), _e;
@@ -1369,28 +1396,28 @@ function Ct() {
         hasHighS() {
           return te(this.s);
         }
-        toBytes(R = C) {
-          if (v(R), R === "der")
+        toBytes(x = C) {
+          if (v(x), x === "der")
             return (0, t.hexToBytes)(e.DER.hexFromSig(this));
-          const D = s.toBytes(this.r), J = s.toBytes(this.s);
-          if (R === "recovered") {
+          const z = s.toBytes(this.r), J = s.toBytes(this.s);
+          if (x === "recovered") {
             if (this.recovery == null)
               throw new Error("recovery bit must be present");
-            return (0, t.concatBytes)(Uint8Array.of(this.recovery), D, J);
+            return (0, t.concatBytes)(Uint8Array.of(this.recovery), z, J);
           }
-          return (0, t.concatBytes)(D, J);
+          return (0, t.concatBytes)(z, J);
         }
-        toHex(R) {
-          return (0, t.bytesToHex)(this.toBytes(R));
+        toHex(x) {
+          return (0, t.bytesToHex)(this.toBytes(x));
         }
         // TODO: remove
         assertValidity() {
         }
-        static fromCompact(R) {
-          return X.fromBytes((0, t.ensureBytes)("sig", R), "compact");
+        static fromCompact(x) {
+          return X.fromBytes((0, t.ensureBytes)("sig", x), "compact");
         }
-        static fromDER(R) {
-          return X.fromBytes((0, t.ensureBytes)("sig", R), "der");
+        static fromDER(x) {
+          return X.fromBytes((0, t.ensureBytes)("sig", x), "der");
         }
         normalizeS() {
           return this.hasHighS() ? new X(this.r, s.neg(this.s), this.recovery) : this;
@@ -1408,26 +1435,26 @@ function Ct() {
           return (0, t.bytesToHex)(this.toBytes("compact"));
         }
       }
-      const ae = i.bits2int || function(R) {
-        if (R.length > 8192)
+      const ae = i.bits2int || function(x) {
+        if (x.length > 8192)
           throw new Error("input is too large");
-        const D = (0, t.bytesToNumberBE)(R), J = R.length * 8 - y;
-        return J > 0 ? D >> BigInt(J) : D;
-      }, ye = i.bits2int_modN || function(R) {
-        return s.create(ae(R));
+        const z = (0, t.bytesToNumberBE)(x), J = x.length * 8 - y;
+        return J > 0 ? z >> BigInt(J) : z;
+      }, ye = i.bits2int_modN || function(x) {
+        return s.create(ae(x));
       }, pe = (0, t.bitMask)(y);
       function ve(N) {
         return (0, t.aInRange)("num < 2^" + y, N, V, pe), s.toBytes(N);
       }
-      function xe(N, R) {
-        return (0, t._abytes2)(N, void 0, "message"), R ? (0, t._abytes2)(a(N), void 0, "prehashed message") : N;
+      function Te(N, x) {
+        return (0, t._abytes2)(N, void 0, "message"), x ? (0, t._abytes2)(a(N), void 0, "prehashed message") : N;
       }
-      function fe(N, R, D) {
-        if (["recovered", "canonical"].some((me) => me in D))
+      function fe(N, x, z) {
+        if (["recovered", "canonical"].some((me) => me in z))
           throw new Error("sign() legacy options not supported");
-        const { lowS: J, prehash: re, extraEntropy: ne } = U(D, q);
-        N = xe(N, re);
-        const ee = ye(N), oe = M(s, R), ce = [ve(oe), ve(ee)];
+        const { lowS: J, prehash: re, extraEntropy: ne } = U(z, q);
+        N = Te(N, re);
+        const ee = ye(N), oe = M(s, x), ce = [ve(oe), ve(ee)];
         if (ne != null && ne !== !1) {
           const me = ne === !0 ? o(I.secretKey) : ne;
           ce.push((0, t.ensureBytes)("extraEntropy", me));
@@ -1437,7 +1464,7 @@ function Ct() {
           const ge = ae(me);
           if (!s.isValidNot0(ge))
             return;
-          const _e = s.inv(ge), be = n.BASE.multiply(ge).toAffine(), Ee = s.create(be.x);
+          const _e = s.inv(ge), be = r.BASE.multiply(ge).toAffine(), Ee = s.create(be.x);
           if (Ee === V)
             return;
           const Pe = s.create(_e * s.create(de + Ee * oe));
@@ -1448,62 +1475,62 @@ function Ct() {
         }
         return { seed: we, k2sig: ue };
       }
-      function Ye(N, R, D = {}) {
+      function Ye(N, x, z = {}) {
         N = (0, t.ensureBytes)("message", N);
-        const { seed: J, k2sig: re } = fe(N, R, D);
+        const { seed: J, k2sig: re } = fe(N, x, z);
         return (0, t.createHmacDrbg)(a.outputLen, s.BYTES, h)(J, re);
       }
       function Ue(N) {
-        let R;
-        const D = typeof N == "string" || (0, t.isBytes)(N), J = !D && N !== null && typeof N == "object" && typeof N.r == "bigint" && typeof N.s == "bigint";
-        if (!D && !J)
+        let x;
+        const z = typeof N == "string" || (0, t.isBytes)(N), J = !z && N !== null && typeof N == "object" && typeof N.r == "bigint" && typeof N.s == "bigint";
+        if (!z && !J)
           throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");
         if (J)
-          R = new X(N.r, N.s);
-        else if (D) {
+          x = new X(N.r, N.s);
+        else if (z) {
           try {
-            R = X.fromBytes((0, t.ensureBytes)("sig", N), "der");
+            x = X.fromBytes((0, t.ensureBytes)("sig", N), "der");
           } catch (re) {
             if (!(re instanceof e.DER.Err))
               throw re;
           }
-          if (!R)
+          if (!x)
             try {
-              R = X.fromBytes((0, t.ensureBytes)("sig", N), "compact");
+              x = X.fromBytes((0, t.ensureBytes)("sig", N), "compact");
             } catch {
               return !1;
             }
         }
-        return R || !1;
+        return x || !1;
       }
-      function le(N, R, D, J = {}) {
+      function le(N, x, z, J = {}) {
         const { lowS: re, prehash: ne, format: ee } = U(J, q);
-        if (D = (0, t.ensureBytes)("publicKey", D), R = xe((0, t.ensureBytes)("message", R), ne), "strict" in J)
+        if (z = (0, t.ensureBytes)("publicKey", z), x = Te((0, t.ensureBytes)("message", x), ne), "strict" in J)
           throw new Error("options.strict was renamed to lowS");
         const oe = ee === void 0 ? Ue(N) : X.fromBytes((0, t.ensureBytes)("sig", N), ee);
         if (oe === !1)
           return !1;
         try {
-          const ce = n.fromBytes(D);
+          const ce = r.fromBytes(z);
           if (re && oe.hasHighS())
             return !1;
-          const { r: we, s: de } = oe, ue = ye(R), me = s.inv(de), ge = s.create(ue * me), _e = s.create(we * me), be = n.BASE.multiplyUnsafe(ge).add(ce.multiplyUnsafe(_e));
+          const { r: we, s: de } = oe, ue = ye(x), me = s.inv(de), ge = s.create(ue * me), _e = s.create(we * me), be = r.BASE.multiplyUnsafe(ge).add(ce.multiplyUnsafe(_e));
           return be.is0() ? !1 : s.create(be.x) === we;
         } catch {
           return !1;
         }
       }
-      function Z(N, R, D = {}) {
-        const { prehash: J } = U(D, q);
-        return R = xe(R, J), X.fromBytes(N, "recovered").recoverPublicKey(R).toBytes();
+      function Z(N, x, z = {}) {
+        const { prehash: J } = U(z, q);
+        return x = Te(x, J), X.fromBytes(N, "recovered").recoverPublicKey(x).toBytes();
       }
       return Object.freeze({
         keygen: B,
-        getPublicKey: T,
+        getPublicKey: O,
         getSharedSecret: k,
         utils: Y,
         lengths: I,
-        Point: n,
+        Point: r,
         sign: Ye,
         verify: le,
         recoverPublicKey: Z,
@@ -1511,62 +1538,62 @@ function Ct() {
         hash: a
       });
     }
-    function L(n) {
-      const { CURVE: a, curveOpts: i } = _(n), o = Q(a, i);
-      return z(n, o);
+    function L(r) {
+      const { CURVE: a, curveOpts: i } = _(r), o = Q(a, i);
+      return D(r, o);
     }
-    function _(n) {
+    function _(r) {
       const a = {
-        a: n.a,
-        b: n.b,
-        p: n.Fp.ORDER,
-        n: n.n,
-        h: n.h,
-        Gx: n.Gx,
-        Gy: n.Gy
-      }, i = n.Fp;
-      let o = n.allowedPrivateKeyLengths ? Array.from(new Set(n.allowedPrivateKeyLengths.map((s) => Math.ceil(s / 2)))) : void 0;
+        a: r.a,
+        b: r.b,
+        p: r.Fp.ORDER,
+        n: r.n,
+        h: r.h,
+        Gx: r.Gx,
+        Gy: r.Gy
+      }, i = r.Fp;
+      let o = r.allowedPrivateKeyLengths ? Array.from(new Set(r.allowedPrivateKeyLengths.map((s) => Math.ceil(s / 2)))) : void 0;
       const h = (0, m.Field)(a.n, {
-        BITS: n.nBitLength,
+        BITS: r.nBitLength,
         allowedLengths: o,
-        modFromBytes: n.wrapPrivateKey
+        modFromBytes: r.wrapPrivateKey
       }), w = {
         Fp: i,
         Fn: h,
-        allowInfinityPoint: n.allowInfinityPoint,
-        endo: n.endo,
-        isTorsionFree: n.isTorsionFree,
-        clearCofactor: n.clearCofactor,
-        fromBytes: n.fromBytes,
-        toBytes: n.toBytes
+        allowInfinityPoint: r.allowInfinityPoint,
+        endo: r.endo,
+        isTorsionFree: r.isTorsionFree,
+        clearCofactor: r.clearCofactor,
+        fromBytes: r.fromBytes,
+        toBytes: r.toBytes
       };
       return { CURVE: a, curveOpts: w };
     }
-    function K(n) {
-      const { CURVE: a, curveOpts: i } = _(n), o = {
-        hmac: n.hmac,
-        randomBytes: n.randomBytes,
-        lowS: n.lowS,
-        bits2int: n.bits2int,
-        bits2int_modN: n.bits2int_modN
+    function K(r) {
+      const { CURVE: a, curveOpts: i } = _(r), o = {
+        hmac: r.hmac,
+        randomBytes: r.randomBytes,
+        lowS: r.lowS,
+        bits2int: r.bits2int,
+        bits2int_modN: r.bits2int_modN
       };
-      return { CURVE: a, curveOpts: i, hash: n.hash, ecdsaOpts: o };
+      return { CURVE: a, curveOpts: i, hash: r.hash, ecdsaOpts: o };
     }
-    function W(n, a, i) {
+    function W(r, a, i) {
       function o(h) {
-        const w = n.sqr(h), s = n.mul(w, h);
-        return n.add(n.add(s, n.mul(h, a)), i);
+        const w = r.sqr(h), s = r.mul(w, h);
+        return r.add(r.add(s, r.mul(h, a)), i);
       }
       return o;
     }
-    function z(n, a) {
+    function D(r, a) {
       const { Fp: i, Fn: o } = a;
       function h(s) {
         return (0, t.inRange)(s, E, o.ORDER);
       }
-      const w = W(i, n.a, n.b);
+      const w = W(i, r.a, r.b);
       return Object.assign({}, {
-        CURVE: n,
+        CURVE: r,
         Point: a,
         ProjectivePoint: a,
         normPrivateKeyToScalar: (s) => M(o, s),
@@ -1574,39 +1601,39 @@ function Ct() {
         isWithinCurveOrder: h
       });
     }
-    function d(n, a) {
+    function d(r, a) {
       const i = a.Point;
       return Object.assign({}, a, {
         ProjectivePoint: i,
-        CURVE: Object.assign({}, n, (0, m.nLength)(i.Fn.ORDER, i.Fn.BITS))
+        CURVE: Object.assign({}, r, (0, m.nLength)(i.Fn.ORDER, i.Fn.BITS))
       });
     }
-    function u(n) {
-      const { CURVE: a, curveOpts: i, hash: o, ecdsaOpts: h } = K(n), w = Q(a, i), s = O(w, o, h);
-      return d(n, s);
+    function l(r) {
+      const { CURVE: a, curveOpts: i, hash: o, ecdsaOpts: h } = K(r), w = Q(a, i), s = R(w, o, h);
+      return d(r, s);
     }
   })(nt)), nt;
 }
-var Ot;
+var Rt;
 function En() {
-  if (Ot) return Ke;
-  Ot = 1, Object.defineProperty(Ke, "__esModule", { value: !0 }), Ke.getHash = r, Ke.createCurve = c;
+  if (Rt) return Ke;
+  Rt = 1, Object.defineProperty(Ke, "__esModule", { value: !0 }), Ke.getHash = n, Ke.createCurve = c;
   const e = /* @__PURE__ */ Ct();
-  function r(t) {
+  function n(t) {
     return { hash: t };
   }
-  function c(t, l) {
+  function c(t, u) {
     const m = (g) => (0, e.weierstrass)({ ...t, hash: g });
-    return { ...m(l), create: m };
+    return { ...m(u), create: m };
   }
   return Ke;
 }
-var ot = {}, Rt;
+var ot = {}, xt;
 function Bn() {
-  return Rt || (Rt = 1, (function(e) {
+  return xt || (xt = 1, (function(e) {
     Object.defineProperty(e, "__esModule", { value: !0 }), e._DST_scalar = void 0, e.expand_message_xmd = v, e.expand_message_xof = U, e.hash_to_field = H, e.isogenyMap = V, e.createHasher = E;
-    const r = /* @__PURE__ */ Ce(), c = /* @__PURE__ */ $e(), t = r.bytesToNumberBE;
-    function l(b, S) {
+    const n = /* @__PURE__ */ Ce(), c = /* @__PURE__ */ $e(), t = n.bytesToNumberBE;
+    function u(b, S) {
       if (g(b), g(S), b < 0 || b >= 1 << 8 * S)
         throw new Error("invalid I2OSP input: " + b);
       const A = Array.from({ length: S }).fill(0);
@@ -1625,44 +1652,44 @@ function Bn() {
         throw new Error("number expected");
     }
     function p(b) {
-      if (!(0, r.isBytes)(b) && typeof b != "string")
+      if (!(0, n.isBytes)(b) && typeof b != "string")
         throw new Error("DST must be Uint8Array or string");
-      return typeof b == "string" ? (0, r.utf8ToBytes)(b) : b;
+      return typeof b == "string" ? (0, n.utf8ToBytes)(b) : b;
     }
     function v(b, S, A, M) {
-      (0, r.abytes)(b), g(A), S = p(S), S.length > 255 && (S = M((0, r.concatBytes)((0, r.utf8ToBytes)("H2C-OVERSIZE-DST-"), S)));
+      (0, n.abytes)(b), g(A), S = p(S), S.length > 255 && (S = M((0, n.concatBytes)((0, n.utf8ToBytes)("H2C-OVERSIZE-DST-"), S)));
       const { outputLen: Q, blockLen: F } = M, G = Math.ceil(A / Q);
       if (A > 65535 || G > 255)
         throw new Error("expand_message_xmd: invalid lenInBytes");
-      const se = (0, r.concatBytes)(S, l(S.length, 1)), ie = l(0, F), j = l(A, 2), O = new Array(G), L = M((0, r.concatBytes)(ie, b, j, l(0, 1), se));
-      O[0] = M((0, r.concatBytes)(L, l(1, 1), se));
+      const se = (0, n.concatBytes)(S, u(S.length, 1)), ie = u(0, F), j = u(A, 2), R = new Array(G), L = M((0, n.concatBytes)(ie, b, j, u(0, 1), se));
+      R[0] = M((0, n.concatBytes)(L, u(1, 1), se));
       for (let K = 1; K <= G; K++) {
-        const W = [m(L, O[K - 1]), l(K + 1, 1), se];
-        O[K] = M((0, r.concatBytes)(...W));
+        const W = [m(L, R[K - 1]), u(K + 1, 1), se];
+        R[K] = M((0, n.concatBytes)(...W));
       }
-      return (0, r.concatBytes)(...O).slice(0, A);
+      return (0, n.concatBytes)(...R).slice(0, A);
     }
     function U(b, S, A, M, Q) {
-      if ((0, r.abytes)(b), g(A), S = p(S), S.length > 255) {
+      if ((0, n.abytes)(b), g(A), S = p(S), S.length > 255) {
         const F = Math.ceil(2 * M / 8);
-        S = Q.create({ dkLen: F }).update((0, r.utf8ToBytes)("H2C-OVERSIZE-DST-")).update(S).digest();
+        S = Q.create({ dkLen: F }).update((0, n.utf8ToBytes)("H2C-OVERSIZE-DST-")).update(S).digest();
       }
       if (A > 65535 || S.length > 255)
         throw new Error("expand_message_xof: invalid lenInBytes");
-      return Q.create({ dkLen: A }).update(b).update(l(A, 2)).update(S).update(l(S.length, 1)).digest();
+      return Q.create({ dkLen: A }).update(b).update(u(A, 2)).update(S).update(u(S.length, 1)).digest();
     }
     function H(b, S, A) {
-      (0, r._validateObject)(A, {
+      (0, n._validateObject)(A, {
         p: "bigint",
         m: "number",
         k: "number",
         hash: "function"
       });
       const { p: M, k: Q, m: F, hash: G, expand: se, DST: ie } = A;
-      if (!(0, r.isHash)(A.hash))
+      if (!(0, n.isHash)(A.hash))
         throw new Error("expected valid hash");
-      (0, r.abytes)(b), g(S);
-      const j = M.toString(2).length, O = Math.ceil((j + Q) / 8), L = S * F * O;
+      (0, n.abytes)(b), g(S);
+      const j = M.toString(2).length, R = Math.ceil((j + Q) / 8), L = S * F * R;
       let _;
       if (se === "xmd")
         _ = v(b, ie, L, G);
@@ -1674,23 +1701,23 @@ function Bn() {
         throw new Error('expand must be "xmd" or "xof"');
       const K = new Array(S);
       for (let W = 0; W < S; W++) {
-        const z = new Array(F);
+        const D = new Array(F);
         for (let d = 0; d < F; d++) {
-          const u = O * (d + W * F), n = _.subarray(u, u + O);
-          z[d] = (0, c.mod)(t(n), M);
+          const l = R * (d + W * F), r = _.subarray(l, l + R);
+          D[d] = (0, c.mod)(t(r), M);
         }
-        K[W] = z;
+        K[W] = D;
       }
       return K;
     }
     function V(b, S) {
       const A = S.map((M) => Array.from(M).reverse());
       return (M, Q) => {
-        const [F, G, se, ie] = A.map((L) => L.reduce((_, K) => b.add(b.mul(_, M), K))), [j, O] = (0, c.FpInvertBatch)(b, [G, ie], !0);
-        return M = b.mul(F, j), Q = b.mul(Q, b.mul(se, O)), { x: M, y: Q };
+        const [F, G, se, ie] = A.map((L) => L.reduce((_, K) => b.add(b.mul(_, M), K))), [j, R] = (0, c.FpInvertBatch)(b, [G, ie], !0);
+        return M = b.mul(F, j), Q = b.mul(Q, b.mul(se, R)), { x: M, y: Q };
       };
     }
-    e._DST_scalar = (0, r.utf8ToBytes)("HashToScalar-");
+    e._DST_scalar = (0, n.utf8ToBytes)("HashToScalar-");
     function E(b, S, A) {
       if (typeof S != "function")
         throw new Error("mapToCurve() must be defined");
@@ -1704,12 +1731,12 @@ function Bn() {
       return {
         defaults: A,
         hashToCurve(F, G) {
-          const se = Object.assign({}, A, G), ie = H(F, 2, se), j = M(ie[0]), O = M(ie[1]);
-          return Q(j.add(O));
+          const se = Object.assign({}, A, G), ie = H(F, 2, se), j = M(ie[0]), R = M(ie[1]);
+          return Q(j.add(R));
         },
         encodeToCurve(F, G) {
-          const se = A.encodeDST ? { DST: A.encodeDST } : {}, ie = Object.assign({}, A, se, G), j = H(F, 1, ie), O = M(j[0]);
-          return Q(O);
+          const se = A.encodeDST ? { DST: A.encodeDST } : {}, ie = Object.assign({}, A, se, G), j = H(F, 1, ie), R = M(j[0]);
+          return Q(R);
         },
         /** See {@link H2CHasher} */
         mapToCurve(F) {
@@ -1731,10 +1758,10 @@ function Bn() {
   })(ot)), ot;
 }
 var qt;
-function er() {
+function nr() {
   return qt || (qt = 1, (function(e) {
     Object.defineProperty(e, "__esModule", { value: !0 }), e.encodeToCurve = e.hashToCurve = e.secp256k1_hasher = e.schnorr = e.secp256k1 = void 0;
-    const r = /* @__PURE__ */ dn(), c = /* @__PURE__ */ We(), t = /* @__PURE__ */ En(), l = /* @__PURE__ */ Bn(), m = /* @__PURE__ */ $e(), g = /* @__PURE__ */ Ct(), p = /* @__PURE__ */ Ce(), v = {
+    const n = /* @__PURE__ */ dn(), c = /* @__PURE__ */ We(), t = /* @__PURE__ */ En(), u = /* @__PURE__ */ Bn(), m = /* @__PURE__ */ $e(), g = /* @__PURE__ */ Ct(), p = /* @__PURE__ */ Ce(), v = {
       p: BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),
       n: BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),
       h: BigInt(1),
@@ -1750,52 +1777,52 @@ function er() {
       ]
     }, H = /* @__PURE__ */ BigInt(0), V = /* @__PURE__ */ BigInt(1), E = /* @__PURE__ */ BigInt(2);
     function b(d) {
-      const u = v.p, n = BigInt(3), a = BigInt(6), i = BigInt(11), o = BigInt(22), h = BigInt(23), w = BigInt(44), s = BigInt(88), f = d * d * d % u, y = f * f * d % u, B = (0, m.pow2)(y, n, u) * y % u, T = (0, m.pow2)(B, n, u) * y % u, k = (0, m.pow2)(T, E, u) * f % u, Y = (0, m.pow2)(k, i, u) * k % u, I = (0, m.pow2)(Y, o, u) * Y % u, q = (0, m.pow2)(I, w, u) * I % u, C = (0, m.pow2)(q, s, u) * q % u, te = (0, m.pow2)(C, w, u) * I % u, $ = (0, m.pow2)(te, n, u) * y % u, x = (0, m.pow2)($, h, u) * Y % u, X = (0, m.pow2)(x, a, u) * f % u, ae = (0, m.pow2)(X, E, u);
+      const l = v.p, r = BigInt(3), a = BigInt(6), i = BigInt(11), o = BigInt(22), h = BigInt(23), w = BigInt(44), s = BigInt(88), f = d * d * d % l, y = f * f * d % l, B = (0, m.pow2)(y, r, l) * y % l, O = (0, m.pow2)(B, r, l) * y % l, k = (0, m.pow2)(O, E, l) * f % l, Y = (0, m.pow2)(k, i, l) * k % l, I = (0, m.pow2)(Y, o, l) * Y % l, q = (0, m.pow2)(I, w, l) * I % l, C = (0, m.pow2)(q, s, l) * q % l, te = (0, m.pow2)(C, w, l) * I % l, $ = (0, m.pow2)(te, r, l) * y % l, T = (0, m.pow2)($, h, l) * Y % l, X = (0, m.pow2)(T, a, l) * f % l, ae = (0, m.pow2)(X, E, l);
       if (!S.eql(S.sqr(ae), d))
         throw new Error("Cannot find square root");
       return ae;
     }
     const S = (0, m.Field)(v.p, { sqrt: b });
-    e.secp256k1 = (0, t.createCurve)({ ...v, Fp: S, lowS: !0, endo: U }, r.sha256);
+    e.secp256k1 = (0, t.createCurve)({ ...v, Fp: S, lowS: !0, endo: U }, n.sha256);
     const A = {};
-    function M(d, ...u) {
-      let n = A[d];
-      if (n === void 0) {
-        const a = (0, r.sha256)((0, p.utf8ToBytes)(d));
-        n = (0, p.concatBytes)(a, a), A[d] = n;
+    function M(d, ...l) {
+      let r = A[d];
+      if (r === void 0) {
+        const a = (0, n.sha256)((0, p.utf8ToBytes)(d));
+        r = (0, p.concatBytes)(a, a), A[d] = r;
       }
-      return (0, r.sha256)((0, p.concatBytes)(n, ...u));
+      return (0, n.sha256)((0, p.concatBytes)(r, ...l));
     }
     const Q = (d) => d.toBytes(!0).slice(1), F = e.secp256k1.Point, G = (d) => d % E === H;
     function se(d) {
-      const { Fn: u, BASE: n } = F, a = (0, g._normFnElement)(u, d), i = n.multiply(a);
-      return { scalar: G(i.y) ? a : u.neg(a), bytes: Q(i) };
+      const { Fn: l, BASE: r } = F, a = (0, g._normFnElement)(l, d), i = r.multiply(a);
+      return { scalar: G(i.y) ? a : l.neg(a), bytes: Q(i) };
     }
     function ie(d) {
-      const u = S;
-      if (!u.isValidNot0(d))
+      const l = S;
+      if (!l.isValidNot0(d))
         throw new Error("invalid x: Fail if x ≥ p");
-      const n = u.create(d * d), a = u.create(n * d + BigInt(7));
-      let i = u.sqrt(a);
-      G(i) || (i = u.neg(i));
+      const r = l.create(d * d), a = l.create(r * d + BigInt(7));
+      let i = l.sqrt(a);
+      G(i) || (i = l.neg(i));
       const o = F.fromAffine({ x: d, y: i });
       return o.assertValidity(), o;
     }
     const j = p.bytesToNumberBE;
-    function O(...d) {
+    function R(...d) {
       return F.Fn.create(j(M("BIP0340/challenge", ...d)));
     }
     function L(d) {
       return se(d).bytes;
     }
-    function _(d, u, n = (0, c.randomBytes)(32)) {
-      const { Fn: a } = F, i = (0, p.ensureBytes)("message", d), { bytes: o, scalar: h } = se(u), w = (0, p.ensureBytes)("auxRand", n, 32), s = a.toBytes(h ^ j(M("BIP0340/aux", w))), f = M("BIP0340/nonce", s, o, i), { bytes: y, scalar: B } = se(f), T = O(y, o, i), k = new Uint8Array(64);
-      if (k.set(y, 0), k.set(a.toBytes(a.create(B + T * h)), 32), !K(k, i, o))
+    function _(d, l, r = (0, c.randomBytes)(32)) {
+      const { Fn: a } = F, i = (0, p.ensureBytes)("message", d), { bytes: o, scalar: h } = se(l), w = (0, p.ensureBytes)("auxRand", r, 32), s = a.toBytes(h ^ j(M("BIP0340/aux", w))), f = M("BIP0340/nonce", s, o, i), { bytes: y, scalar: B } = se(f), O = R(y, o, i), k = new Uint8Array(64);
+      if (k.set(y, 0), k.set(a.toBytes(a.create(B + O * h)), 32), !K(k, i, o))
         throw new Error("sign: Invalid signature produced");
       return k;
     }
-    function K(d, u, n) {
-      const { Fn: a, BASE: i } = F, o = (0, p.ensureBytes)("signature", d, 64), h = (0, p.ensureBytes)("message", u), w = (0, p.ensureBytes)("publicKey", n, 32);
+    function K(d, l, r) {
+      const { Fn: a, BASE: i } = F, o = (0, p.ensureBytes)("signature", d, 64), h = (0, p.ensureBytes)("message", l), w = (0, p.ensureBytes)("publicKey", r, 32);
       try {
         const s = ie(j(w)), f = j(o.subarray(0, 32));
         if (!(0, p.inRange)(f, V, v.p))
@@ -1803,17 +1830,17 @@ function er() {
         const y = j(o.subarray(32, 64));
         if (!(0, p.inRange)(y, V, v.n))
           return !1;
-        const B = O(a.toBytes(f), Q(s), h), T = i.multiplyUnsafe(y).add(s.multiplyUnsafe(a.neg(B))), { x: k, y: Y } = T.toAffine();
-        return !(T.is0() || !G(Y) || k !== f);
+        const B = R(a.toBytes(f), Q(s), h), O = i.multiplyUnsafe(y).add(s.multiplyUnsafe(a.neg(B))), { x: k, y: Y } = O.toAffine();
+        return !(O.is0() || !G(Y) || k !== f);
       } catch {
         return !1;
       }
     }
     e.schnorr = (() => {
-      const n = (i = (0, c.randomBytes)(48)) => (0, m.mapHashToField)(i, v.n);
+      const r = (i = (0, c.randomBytes)(48)) => (0, m.mapHashToField)(i, v.n);
       e.secp256k1.utils.randomSecretKey;
       function a(i) {
-        const o = n(i);
+        const o = r(i);
         return { secretKey: o, publicKey: L(o) };
       }
       return {
@@ -1823,8 +1850,8 @@ function er() {
         verify: K,
         Point: F,
         utils: {
-          randomSecretKey: n,
-          randomPrivateKey: n,
+          randomSecretKey: r,
+          randomPrivateKey: r,
           taggedHash: M,
           // TODO: remove
           lift_x: ie,
@@ -1842,7 +1869,7 @@ function er() {
         }
       };
     })();
-    const W = (0, l.isogenyMap)(S, [
+    const W = (0, u.isogenyMap)(S, [
       // xNum
       [
         "0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7",
@@ -1872,14 +1899,14 @@ function er() {
         "0x0000000000000000000000000000000000000000000000000000000000000001"
         // LAST 1
       ]
-    ].map((d) => d.map((u) => BigInt(u)))), z = (0, g.mapToCurveSimpleSWU)(S, {
+    ].map((d) => d.map((l) => BigInt(l)))), D = (0, g.mapToCurveSimpleSWU)(S, {
       A: BigInt("0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533"),
       B: BigInt("1771"),
       Z: S.create(BigInt("-11"))
     });
-    e.secp256k1_hasher = (0, l.createHasher)(e.secp256k1.Point, (d) => {
-      const { x: u, y: n } = z(S.create(d[0]));
-      return W(u, n);
+    e.secp256k1_hasher = (0, u.createHasher)(e.secp256k1.Point, (d) => {
+      const { x: l, y: r } = D(S.create(d[0]));
+      return W(l, r);
     }, {
       DST: "secp256k1_XMD:SHA-256_SSWU_RO_",
       encodeDST: "secp256k1_XMD:SHA-256_SSWU_NU_",
@@ -1887,20 +1914,20 @@ function er() {
       m: 1,
       k: 128,
       expand: "xmd",
-      hash: r.sha256
+      hash: n.sha256
     }), e.hashToCurve = e.secp256k1_hasher.hashToCurve, e.encodeToCurve = e.secp256k1_hasher.encodeToCurve;
   })(tt)), tt;
 }
 var P = {}, It;
-function tr() {
+function rr() {
   if (It) return P;
   It = 1, Object.defineProperty(P, "__esModule", { value: !0 }), P.isHash = P.validateObject = P.memoized = P.notImplemented = P.createHmacDrbg = P.bitMask = P.bitSet = P.bitGet = P.bitLen = P.aInRange = P.inRange = P.asciiToBytes = P.copyBytes = P.equalBytes = P.ensureBytes = P.numberToVarBytesBE = P.numberToBytesLE = P.numberToBytesBE = P.bytesToNumberLE = P.bytesToNumberBE = P.hexToNumber = P.numberToHexUnpadded = P.abool = P.utf8ToBytes = P.randomBytes = P.isBytes = P.hexToBytes = P.concatBytes = P.bytesToUtf8 = P.bytesToHex = P.anumber = P.abytes = void 0;
   const e = /* @__PURE__ */ Ce();
   return P.abytes = e.abytes, P.anumber = e.anumber, P.bytesToHex = e.bytesToHex, P.bytesToUtf8 = e.bytesToUtf8, P.concatBytes = e.concatBytes, P.hexToBytes = e.hexToBytes, P.isBytes = e.isBytes, P.randomBytes = e.randomBytes, P.utf8ToBytes = e.utf8ToBytes, P.abool = e.abool, P.numberToHexUnpadded = e.numberToHexUnpadded, P.hexToNumber = e.hexToNumber, P.bytesToNumberBE = e.bytesToNumberBE, P.bytesToNumberLE = e.bytesToNumberLE, P.numberToBytesBE = e.numberToBytesBE, P.numberToBytesLE = e.numberToBytesLE, P.numberToVarBytesBE = e.numberToVarBytesBE, P.ensureBytes = e.ensureBytes, P.equalBytes = e.equalBytes, P.copyBytes = e.copyBytes, P.asciiToBytes = e.asciiToBytes, P.inRange = e.inRange, P.aInRange = e.aInRange, P.bitLen = e.bitLen, P.bitGet = e.bitGet, P.bitSet = e.bitSet, P.bitMask = e.bitMask, P.createHmacDrbg = e.createHmacDrbg, P.notImplemented = e.notImplemented, P.memoized = e.memoized, P.validateObject = e.validateObject, P.isHash = e.isHash, P;
 }
-function nr(e, r = "") {
+function or(e, n = "") {
   if (typeof e != "boolean") {
-    const c = r && `"${r}" `;
+    const c = n && `"${n}" `;
     throw new Error(c + "expected boolean, got type=" + typeof e);
   }
   return e;
@@ -1913,138 +1940,138 @@ function mt(e) {
 function Kt(e) {
   return mt(e), (e & e - 1) === 0 && e !== 0;
 }
-function pn(e, r) {
+function pn(e, n) {
   mt(e);
   let c = 0;
-  for (let t = 0; t < r; t++, e >>>= 1)
+  for (let t = 0; t < n; t++, e >>>= 1)
     c = c << 1 | e & 1;
   return c;
 }
-function zt(e) {
+function Dt(e) {
   return mt(e), 31 - Math.clz32(e);
 }
 function Nt(e) {
-  const r = e.length;
-  if (r < 2 || !Kt(r))
-    throw new Error("n must be a power of 2 and greater than 1. Got " + r);
-  const c = zt(r);
-  for (let t = 0; t < r; t++) {
-    const l = pn(t, c);
-    if (t < l) {
+  const n = e.length;
+  if (n < 2 || !Kt(n))
+    throw new Error("n must be a power of 2 and greater than 1. Got " + n);
+  const c = Dt(n);
+  for (let t = 0; t < n; t++) {
+    const u = pn(t, c);
+    if (t < u) {
       const m = e[t];
-      e[t] = e[l], e[l] = m;
+      e[t] = e[u], e[u] = m;
     }
   }
   return e;
 }
-const rr = (e, r) => {
-  const { N: c, roots: t, dit: l, invertButterflies: m = !1, skipStages: g = 0, brp: p = !0 } = r, v = zt(c);
+const sr = (e, n) => {
+  const { N: c, roots: t, dit: u, invertButterflies: m = !1, skipStages: g = 0, brp: p = !0 } = n, v = Dt(c);
   if (!Kt(c))
     throw new Error("FFT: Polynomial size should be power of two");
-  const U = l !== m;
+  const U = u !== m;
   return (H) => {
     if (H.length !== c)
       throw new Error("FFT: wrong Polynomial length");
-    l && p && Nt(H);
+    u && p && Nt(H);
     for (let V = 0, E = 1; V < v - g; V++) {
-      const b = l ? V + 1 + g : v - V, S = 1 << b, A = S >> 1, M = c >> b;
+      const b = u ? V + 1 + g : v - V, S = 1 << b, A = S >> 1, M = c >> b;
       for (let Q = 0; Q < c; Q += S)
         for (let F = 0, G = E++; F < A; F++) {
-          const se = m ? l ? c - G : G : F * M, ie = Q + F, j = Q + F + A, O = t[se], L = H[j], _ = H[ie];
+          const se = m ? u ? c - G : G : F * M, ie = Q + F, j = Q + F + A, R = t[se], L = H[j], _ = H[ie];
           if (U) {
-            const K = e.mul(L, O);
+            const K = e.mul(L, R);
             H[ie] = e.add(_, K), H[j] = e.sub(_, K);
-          } else m ? (H[ie] = e.add(L, _), H[j] = e.mul(e.sub(L, _), O)) : (H[ie] = e.add(_, L), H[j] = e.mul(e.sub(_, L), O));
+          } else m ? (H[ie] = e.add(L, _), H[j] = e.mul(e.sub(L, _), R)) : (H[ie] = e.add(_, L), H[j] = e.mul(e.sub(_, L), R));
         }
     }
-    return !l && p && Nt(H), H;
+    return !u && p && Nt(H), H;
   };
 };
 const bt = /* @__PURE__ */ BigInt(0), lt = /* @__PURE__ */ BigInt(1);
-function Je(e, r = "") {
+function Je(e, n = "") {
   if (typeof e != "boolean") {
-    const c = r && `"${r}"`;
+    const c = n && `"${n}"`;
     throw new Error(c + "expected boolean, got type=" + typeof e);
   }
   return e;
 }
-function Ze(e, r, c = "") {
-  const t = yt(e), l = e?.length, m = r !== void 0;
-  if (!t || m && l !== r) {
-    const g = c && `"${c}" `, p = m ? ` of length ${r}` : "", v = t ? `length=${l}` : `type=${typeof e}`;
+function Ze(e, n, c = "") {
+  const t = yt(e), u = e?.length, m = n !== void 0;
+  if (!t || m && u !== n) {
+    const g = c && `"${c}" `, p = m ? ` of length ${n}` : "", v = t ? `length=${u}` : `type=${typeof e}`;
     throw new Error(g + "expected Uint8Array" + p + ", got " + v);
   }
   return e;
 }
 function Xe(e) {
-  const r = e.toString(16);
-  return r.length & 1 ? "0" + r : r;
+  const n = e.toString(16);
+  return n.length & 1 ? "0" + n : n;
 }
-function Dt(e) {
+function zt(e) {
   if (typeof e != "string")
     throw new Error("hex string expected, got " + typeof e);
   return e === "" ? bt : BigInt("0x" + e);
 }
 function et(e) {
-  return Dt(Me(e));
+  return zt(Me(e));
 }
 function Yt(e) {
-  return hn(e), Dt(Me(Uint8Array.from(e).reverse()));
+  return hn(e), zt(Me(Uint8Array.from(e).reverse()));
 }
-function wt(e, r) {
-  return Qe(e.toString(16).padStart(r * 2, "0"));
+function wt(e, n) {
+  return Qe(e.toString(16).padStart(n * 2, "0"));
 }
-function Pt(e, r) {
-  return wt(e, r).reverse();
+function Pt(e, n) {
+  return wt(e, n).reverse();
 }
-function Se(e, r, c) {
+function Se(e, n, c) {
   let t;
-  if (typeof r == "string")
+  if (typeof n == "string")
     try {
-      t = Qe(r);
-    } catch (l) {
-      throw new Error(e + " must be hex string or Uint8Array, cause: " + l);
+      t = Qe(n);
+    } catch (u) {
+      throw new Error(e + " must be hex string or Uint8Array, cause: " + u);
     }
-  else if (yt(r))
-    t = Uint8Array.from(r);
+  else if (yt(n))
+    t = Uint8Array.from(n);
   else
     throw new Error(e + " must be hex string or Uint8Array");
   return t.length, t;
 }
 const st = (e) => typeof e == "bigint" && bt <= e;
-function vn(e, r, c) {
-  return st(e) && st(r) && st(c) && r <= e && e < c;
+function vn(e, n, c) {
+  return st(e) && st(n) && st(c) && n <= e && e < c;
 }
-function _n(e, r, c, t) {
-  if (!vn(r, c, t))
-    throw new Error("expected valid " + e + ": " + c + " <= n < " + t + ", got " + r);
+function _n(e, n, c, t) {
+  if (!vn(n, c, t))
+    throw new Error("expected valid " + e + ": " + c + " <= n < " + t + ", got " + n);
 }
 function Xt(e) {
-  let r;
-  for (r = 0; e > bt; e >>= lt, r += 1)
+  let n;
+  for (n = 0; e > bt; e >>= lt, n += 1)
     ;
-  return r;
+  return n;
 }
-const ze = (e) => (lt << BigInt(e)) - lt;
-function Sn(e, r, c) {
+const De = (e) => (lt << BigInt(e)) - lt;
+function Sn(e, n, c) {
   if (typeof e != "number" || e < 2)
     throw new Error("hashLen must be a number");
-  if (typeof r != "number" || r < 2)
+  if (typeof n != "number" || n < 2)
     throw new Error("qByteLen must be a number");
   if (typeof c != "function")
     throw new Error("hmacFn must be a function");
-  const t = (b) => new Uint8Array(b), l = (b) => Uint8Array.of(b);
+  const t = (b) => new Uint8Array(b), u = (b) => Uint8Array.of(b);
   let m = t(e), g = t(e), p = 0;
   const v = () => {
     m.fill(1), g.fill(0), p = 0;
   }, U = (...b) => c(g, m, ...b), H = (b = t(0)) => {
-    g = U(l(0), b), m = U(), b.length !== 0 && (g = U(l(1), b), m = U());
+    g = U(u(0), b), m = U(), b.length !== 0 && (g = U(u(1), b), m = U());
   }, V = () => {
     if (p++ >= 1e3)
       throw new Error("drbg: tried 1000 values");
     let b = 0;
     const S = [];
-    for (; b < r; ) {
+    for (; b < n; ) {
       m = U();
       const A = m.slice();
       S.push(A), b += m.length;
@@ -2059,71 +2086,71 @@ function Sn(e, r, c) {
     return v(), A;
   };
 }
-function gt(e, r, c = {}) {
+function gt(e, n, c = {}) {
   if (!e || typeof e != "object")
     throw new Error("expected valid options object");
-  function t(l, m, g) {
-    const p = e[l];
+  function t(u, m, g) {
+    const p = e[u];
     if (g && p === void 0)
       return;
     const v = typeof p;
     if (v !== m || p === null)
-      throw new Error(`param "${l}" is invalid: expected ${m}, got ${v}`);
+      throw new Error(`param "${u}" is invalid: expected ${m}, got ${v}`);
   }
-  Object.entries(r).forEach(([l, m]) => t(l, m, !1)), Object.entries(c).forEach(([l, m]) => t(l, m, !0));
+  Object.entries(n).forEach(([u, m]) => t(u, m, !1)), Object.entries(c).forEach(([u, m]) => t(u, m, !0));
 }
 function At(e) {
-  const r = /* @__PURE__ */ new WeakMap();
+  const n = /* @__PURE__ */ new WeakMap();
   return (c, ...t) => {
-    const l = r.get(c);
-    if (l !== void 0)
-      return l;
+    const u = n.get(c);
+    if (u !== void 0)
+      return u;
     const m = e(c, ...t);
-    return r.set(c, m), m;
+    return n.set(c, m), m;
   };
 }
-const Te = BigInt(0), Be = BigInt(1), je = /* @__PURE__ */ BigInt(2), Gt = /* @__PURE__ */ BigInt(3), Wt = /* @__PURE__ */ BigInt(4), Qt = /* @__PURE__ */ BigInt(5), Tn = /* @__PURE__ */ BigInt(7), Jt = /* @__PURE__ */ BigInt(8), xn = /* @__PURE__ */ BigInt(9), Ft = /* @__PURE__ */ BigInt(16);
-function qe(e, r) {
-  const c = e % r;
-  return c >= Te ? c : r + c;
+const Oe = BigInt(0), Be = BigInt(1), je = /* @__PURE__ */ BigInt(2), Gt = /* @__PURE__ */ BigInt(3), Wt = /* @__PURE__ */ BigInt(4), Qt = /* @__PURE__ */ BigInt(5), On = /* @__PURE__ */ BigInt(7), Jt = /* @__PURE__ */ BigInt(8), Tn = /* @__PURE__ */ BigInt(9), Ft = /* @__PURE__ */ BigInt(16);
+function qe(e, n) {
+  const c = e % n;
+  return c >= Oe ? c : n + c;
 }
-function Re(e, r, c) {
+function xe(e, n, c) {
   let t = e;
-  for (; r-- > Te; )
+  for (; n-- > Oe; )
     t *= t, t %= c;
   return t;
 }
-function Ut(e, r) {
-  if (e === Te)
+function Ut(e, n) {
+  if (e === Oe)
     throw new Error("invert: expected non-zero number");
-  if (r <= Te)
-    throw new Error("invert: expected positive modulus, got " + r);
-  let c = qe(e, r), t = r, l = Te, m = Be;
-  for (; c !== Te; ) {
-    const p = t / c, v = t % c, U = l - m * p;
-    t = c, c = v, l = m, m = U;
+  if (n <= Oe)
+    throw new Error("invert: expected positive modulus, got " + n);
+  let c = qe(e, n), t = n, u = Oe, m = Be;
+  for (; c !== Oe; ) {
+    const p = t / c, v = t % c, U = u - m * p;
+    t = c, c = v, u = m, m = U;
   }
   if (t !== Be)
     throw new Error("invert: does not exist");
-  return qe(l, r);
+  return qe(u, n);
 }
-function Et(e, r, c) {
-  if (!e.eql(e.sqr(r), c))
+function Et(e, n, c) {
+  if (!e.eql(e.sqr(n), c))
     throw new Error("Cannot find square root");
 }
-function $t(e, r) {
-  const c = (e.ORDER + Be) / Wt, t = e.pow(r, c);
-  return Et(e, t, r), t;
+function $t(e, n) {
+  const c = (e.ORDER + Be) / Wt, t = e.pow(n, c);
+  return Et(e, t, n), t;
 }
-function On(e, r) {
-  const c = (e.ORDER - Qt) / Jt, t = e.mul(r, je), l = e.pow(t, c), m = e.mul(r, l), g = e.mul(e.mul(m, je), l), p = e.mul(m, e.sub(g, e.ONE));
-  return Et(e, p, r), p;
+function Rn(e, n) {
+  const c = (e.ORDER - Qt) / Jt, t = e.mul(n, je), u = e.pow(t, c), m = e.mul(n, u), g = e.mul(e.mul(m, je), u), p = e.mul(m, e.sub(g, e.ONE));
+  return Et(e, p, n), p;
 }
-function Rn(e) {
-  const r = De(e), c = en(e), t = c(r, r.neg(r.ONE)), l = c(r, t), m = c(r, r.neg(t)), g = (e + Tn) / Ft;
+function xn(e) {
+  const n = ze(e), c = en(e), t = c(n, n.neg(n.ONE)), u = c(n, t), m = c(n, n.neg(t)), g = (e + On) / Ft;
   return (p, v) => {
     let U = p.pow(v, g), H = p.mul(U, t);
-    const V = p.mul(U, l), E = p.mul(U, m), b = p.eql(p.sqr(H), v), S = p.eql(p.sqr(V), v);
+    const V = p.mul(U, u), E = p.mul(U, m), b = p.eql(p.sqr(H), v), S = p.eql(p.sqr(V), v);
     U = p.cmov(U, H, b), H = p.cmov(E, V, S);
     const A = p.eql(p.sqr(H), v), M = p.cmov(U, H, A);
     return Et(p, M, v), M;
@@ -2132,24 +2159,24 @@ function Rn(e) {
 function en(e) {
   if (e < Gt)
     throw new Error("sqrt is not defined for small field");
-  let r = e - Be, c = 0;
-  for (; r % je === Te; )
-    r /= je, c++;
+  let n = e - Be, c = 0;
+  for (; n % je === Oe; )
+    n /= je, c++;
   let t = je;
-  const l = De(e);
-  for (; Zt(l, t) === 1; )
+  const u = ze(e);
+  for (; Zt(u, t) === 1; )
     if (t++ > 1e3)
       throw new Error("Cannot find square root: probably non-prime P");
   if (c === 1)
     return $t;
-  let m = l.pow(t, r);
-  const g = (r + Be) / je;
+  let m = u.pow(t, n);
+  const g = (n + Be) / je;
   return function(v, U) {
     if (v.is0(U))
       return U;
     if (Zt(v, U) !== 1)
       throw new Error("Cannot find square root");
-    let H = c, V = v.mul(v.ONE, m), E = v.pow(U, r), b = v.pow(U, g);
+    let H = c, V = v.mul(v.ONE, m), E = v.pow(U, n), b = v.pow(U, g);
     for (; !v.eql(E, v.ONE); ) {
       if (v.is0(E))
         return v.ZERO;
@@ -2164,7 +2191,7 @@ function en(e) {
   };
 }
 function qn(e) {
-  return e % Wt === Gt ? $t : e % Jt === Qt ? On : e % Ft === xn ? Rn(e) : en(e);
+  return e % Wt === Gt ? $t : e % Jt === Qt ? Rn : e % Ft === Tn ? xn(e) : en(e);
 }
 const In = [
   "create",
@@ -2186,53 +2213,53 @@ const In = [
   "sqrN"
 ];
 function Nn(e) {
-  const r = {
+  const n = {
     ORDER: "bigint",
     MASK: "bigint",
     BYTES: "number",
     BITS: "number"
-  }, c = In.reduce((t, l) => (t[l] = "function", t), r);
+  }, c = In.reduce((t, u) => (t[u] = "function", t), n);
   return gt(e, c), e;
 }
-function An(e, r, c) {
-  if (c < Te)
+function An(e, n, c) {
+  if (c < Oe)
     throw new Error("invalid exponent, negatives unsupported");
-  if (c === Te)
+  if (c === Oe)
     return e.ONE;
   if (c === Be)
-    return r;
-  let t = e.ONE, l = r;
-  for (; c > Te; )
-    c & Be && (t = e.mul(t, l)), l = e.sqr(l), c >>= Be;
+    return n;
+  let t = e.ONE, u = n;
+  for (; c > Oe; )
+    c & Be && (t = e.mul(t, u)), u = e.sqr(u), c >>= Be;
   return t;
 }
-function tn(e, r, c = !1) {
-  const t = new Array(r.length).fill(c ? e.ZERO : void 0), l = r.reduce((g, p, v) => e.is0(p) ? g : (t[v] = g, e.mul(g, p)), e.ONE), m = e.inv(l);
-  return r.reduceRight((g, p, v) => e.is0(p) ? g : (t[v] = e.mul(g, t[v]), e.mul(g, p)), m), t;
+function tn(e, n, c = !1) {
+  const t = new Array(n.length).fill(c ? e.ZERO : void 0), u = n.reduce((g, p, v) => e.is0(p) ? g : (t[v] = g, e.mul(g, p)), e.ONE), m = e.inv(u);
+  return n.reduceRight((g, p, v) => e.is0(p) ? g : (t[v] = e.mul(g, t[v]), e.mul(g, p)), m), t;
 }
-function Zt(e, r) {
-  const c = (e.ORDER - Be) / je, t = e.pow(r, c), l = e.eql(t, e.ONE), m = e.eql(t, e.ZERO), g = e.eql(t, e.neg(e.ONE));
-  if (!l && !m && !g)
+function Zt(e, n) {
+  const c = (e.ORDER - Be) / je, t = e.pow(n, c), u = e.eql(t, e.ONE), m = e.eql(t, e.ZERO), g = e.eql(t, e.neg(e.ONE));
+  if (!u && !m && !g)
     throw new Error("invalid Legendre symbol result");
-  return l ? 1 : m ? 0 : -1;
+  return u ? 1 : m ? 0 : -1;
 }
-function nn(e, r) {
-  r !== void 0 && yn(r);
-  const c = r !== void 0 ? r : e.toString(2).length, t = Math.ceil(c / 8);
+function nn(e, n) {
+  n !== void 0 && yn(n);
+  const c = n !== void 0 ? n : e.toString(2).length, t = Math.ceil(c / 8);
   return { nBitLength: c, nByteLength: t };
 }
-function De(e, r, c = !1, t = {}) {
-  if (e <= Te)
+function ze(e, n, c = !1, t = {}) {
+  if (e <= Oe)
     throw new Error("invalid field: expected ORDER > 0, got " + e);
-  let l, m, g = !1, p;
-  if (typeof r == "object" && r != null) {
+  let u, m, g = !1, p;
+  if (typeof n == "object" && n != null) {
     if (t.sqrt || c)
       throw new Error("cannot specify opts in two arguments");
-    const E = r;
-    E.BITS && (l = E.BITS), E.sqrt && (m = E.sqrt), typeof E.isLE == "boolean" && (c = E.isLE), typeof E.modFromBytes == "boolean" && (g = E.modFromBytes), p = E.allowedLengths;
+    const E = n;
+    E.BITS && (u = E.BITS), E.sqrt && (m = E.sqrt), typeof E.isLE == "boolean" && (c = E.isLE), typeof E.modFromBytes == "boolean" && (g = E.modFromBytes), p = E.allowedLengths;
   } else
-    typeof r == "number" && (l = r), t.sqrt && (m = t.sqrt);
-  const { nBitLength: v, nByteLength: U } = nn(e, l);
+    typeof n == "number" && (u = n), t.sqrt && (m = t.sqrt);
+  const { nBitLength: v, nByteLength: U } = nn(e, u);
   if (U > 2048)
     throw new Error("invalid field: expected ORDER of <= 2048 bytes");
   let H;
@@ -2241,17 +2268,17 @@ function De(e, r, c = !1, t = {}) {
     isLE: c,
     BITS: v,
     BYTES: U,
-    MASK: ze(v),
-    ZERO: Te,
+    MASK: De(v),
+    ZERO: Oe,
     ONE: Be,
     allowedLengths: p,
     create: (E) => qe(E, e),
     isValid: (E) => {
       if (typeof E != "bigint")
         throw new Error("invalid field element: expected bigint, got " + typeof E);
-      return Te <= E && E < e;
+      return Oe <= E && E < e;
     },
-    is0: (E) => E === Te,
+    is0: (E) => E === Oe,
     // is valid and invertible
     isValidNot0: (E) => !V.is0(E) && V.isValid(E),
     isOdd: (E) => (E & Be) === Be,
@@ -2296,58 +2323,58 @@ function De(e, r, c = !1, t = {}) {
 function rn(e) {
   if (typeof e != "bigint")
     throw new Error("field order must be bigint");
-  const r = e.toString(2).length;
-  return Math.ceil(r / 8);
+  const n = e.toString(2).length;
+  return Math.ceil(n / 8);
 }
 function on(e) {
-  const r = rn(e);
-  return r + Math.ceil(r / 2);
+  const n = rn(e);
+  return n + Math.ceil(n / 2);
 }
-function Un(e, r, c = !1) {
-  const t = e.length, l = rn(r), m = on(r);
+function Un(e, n, c = !1) {
+  const t = e.length, u = rn(n), m = on(n);
   if (t < 16 || t < m || t > 1024)
     throw new Error("expected " + m + "-1024 bytes of input, got " + t);
-  const g = c ? Yt(e) : et(e), p = qe(g, r - Be) + Be;
-  return c ? Pt(p, l) : wt(p, l);
+  const g = c ? Yt(e) : et(e), p = qe(g, n - Be) + Be;
+  return c ? Pt(p, u) : wt(p, u);
 }
 const ke = BigInt(0), Le = BigInt(1);
-function Fe(e, r) {
-  const c = r.negate();
-  return e ? c : r;
-}
-function it(e, r) {
-  const c = tn(e.Fp, r.map((t) => t.Z));
-  return r.map((t, l) => e.fromAffine(t.toAffine(c[l])));
-}
-function sn(e, r) {
-  if (!Number.isSafeInteger(e) || e <= 0 || e > r)
-    throw new Error("invalid window size, expected [1.." + r + "], got W=" + e);
-}
-function ct(e, r) {
-  sn(e, r);
-  const c = Math.ceil(r / e) + 1, t = 2 ** (e - 1), l = 2 ** e, m = ze(e), g = BigInt(e);
-  return { windows: c, windowSize: t, mask: m, maxNumber: l, shiftBy: g };
-}
-function jt(e, r, c) {
-  const { windowSize: t, mask: l, maxNumber: m, shiftBy: g } = c;
-  let p = Number(e & l), v = e >> g;
+function Fe(e, n) {
+  const c = n.negate();
+  return e ? c : n;
+}
+function it(e, n) {
+  const c = tn(e.Fp, n.map((t) => t.Z));
+  return n.map((t, u) => e.fromAffine(t.toAffine(c[u])));
+}
+function sn(e, n) {
+  if (!Number.isSafeInteger(e) || e <= 0 || e > n)
+    throw new Error("invalid window size, expected [1.." + n + "], got W=" + e);
+}
+function ct(e, n) {
+  sn(e, n);
+  const c = Math.ceil(n / e) + 1, t = 2 ** (e - 1), u = 2 ** e, m = De(e), g = BigInt(e);
+  return { windows: c, windowSize: t, mask: m, maxNumber: u, shiftBy: g };
+}
+function jt(e, n, c) {
+  const { windowSize: t, mask: u, maxNumber: m, shiftBy: g } = c;
+  let p = Number(e & u), v = e >> g;
   p > t && (p -= m, v += Le);
-  const U = r * t, H = U + Math.abs(p) - 1, V = p === 0, E = p < 0, b = r % 2 !== 0;
+  const U = n * t, H = U + Math.abs(p) - 1, V = p === 0, E = p < 0, b = n % 2 !== 0;
   return { nextN: v, offset: H, isZero: V, isNeg: E, isNegF: b, offsetF: U };
 }
-function Zn(e, r) {
+function Zn(e, n) {
   if (!Array.isArray(e))
     throw new Error("array expected");
   e.forEach((c, t) => {
-    if (!(c instanceof r))
+    if (!(c instanceof n))
       throw new Error("invalid point at index " + t);
   });
 }
-function jn(e, r) {
+function jn(e, n) {
   if (!Array.isArray(e))
     throw new Error("array of scalars expected");
   e.forEach((c, t) => {
-    if (!r.isValid(c))
+    if (!n.isValid(c))
       throw new Error("invalid scalar at index " + t);
   });
 }
@@ -2361,14 +2388,14 @@ function Lt(e) {
 }
 class Ln {
   // Parametrized with a given Point class (not individual point)
-  constructor(r, c) {
-    this.BASE = r.BASE, this.ZERO = r.ZERO, this.Fn = r.Fn, this.bits = c;
+  constructor(n, c) {
+    this.BASE = n.BASE, this.ZERO = n.ZERO, this.Fn = n.Fn, this.bits = c;
   }
   // non-const time multiplication ladder
-  _unsafeLadder(r, c, t = this.ZERO) {
-    let l = r;
+  _unsafeLadder(n, c, t = this.ZERO) {
+    let u = n;
     for (; c > ke; )
-      c & Le && (t = t.add(l)), l = l.double(), c >>= Le;
+      c & Le && (t = t.add(u)), u = u.double(), c >>= Le;
     return t;
   }
   /**
@@ -2383,12 +2410,12 @@ class Ln {
    * @param W window size
    * @returns precomputed point tables flattened to a single array
    */
-  precomputeWindow(r, c) {
-    const { windows: t, windowSize: l } = ct(c, this.bits), m = [];
-    let g = r, p = g;
+  precomputeWindow(n, c) {
+    const { windows: t, windowSize: u } = ct(c, this.bits), m = [];
+    let g = n, p = g;
     for (let v = 0; v < t; v++) {
       p = g, m.push(p);
-      for (let U = 1; U < l; U++)
+      for (let U = 1; U < u; U++)
         p = p.add(g), m.push(p);
       g = p.double();
     }
@@ -2400,70 +2427,70 @@ class Ln {
    * https://github.com/paulmillr/noble-secp256k1/blob/47cb1669b6e506ad66b35fe7d76132ae97465da2/index.ts#L502-L541
    * @returns real and fake (for const-time) points
    */
-  wNAF(r, c, t) {
+  wNAF(n, c, t) {
     if (!this.Fn.isValid(t))
       throw new Error("invalid scalar");
-    let l = this.ZERO, m = this.BASE;
-    const g = ct(r, this.bits);
+    let u = this.ZERO, m = this.BASE;
+    const g = ct(n, this.bits);
     for (let p = 0; p < g.windows; p++) {
       const { nextN: v, offset: U, isZero: H, isNeg: V, isNegF: E, offsetF: b } = jt(t, p, g);
-      t = v, H ? m = m.add(Fe(E, c[b])) : l = l.add(Fe(V, c[U]));
+      t = v, H ? m = m.add(Fe(E, c[b])) : u = u.add(Fe(V, c[U]));
     }
-    return Lt(t), { p: l, f: m };
+    return Lt(t), { p: u, f: m };
   }
   /**
    * Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form.
    * @param acc accumulator point to add result of multiplication
    * @returns point
    */
-  wNAFUnsafe(r, c, t, l = this.ZERO) {
-    const m = ct(r, this.bits);
+  wNAFUnsafe(n, c, t, u = this.ZERO) {
+    const m = ct(n, this.bits);
     for (let g = 0; g < m.windows && t !== ke; g++) {
       const { nextN: p, offset: v, isZero: U, isNeg: H } = jt(t, g, m);
       if (t = p, !U) {
         const V = c[v];
-        l = l.add(H ? V.negate() : V);
+        u = u.add(H ? V.negate() : V);
       }
     }
-    return Lt(t), l;
+    return Lt(t), u;
   }
-  getPrecomputes(r, c, t) {
-    let l = at.get(c);
-    return l || (l = this.precomputeWindow(c, r), r !== 1 && (typeof t == "function" && (l = t(l)), at.set(c, l))), l;
+  getPrecomputes(n, c, t) {
+    let u = at.get(c);
+    return u || (u = this.precomputeWindow(c, n), n !== 1 && (typeof t == "function" && (u = t(u)), at.set(c, u))), u;
   }
-  cached(r, c, t) {
-    const l = ft(r);
-    return this.wNAF(l, this.getPrecomputes(l, r, t), c);
+  cached(n, c, t) {
+    const u = ft(n);
+    return this.wNAF(u, this.getPrecomputes(u, n, t), c);
   }
-  unsafe(r, c, t, l) {
-    const m = ft(r);
-    return m === 1 ? this._unsafeLadder(r, c, l) : this.wNAFUnsafe(m, this.getPrecomputes(m, r, t), c, l);
+  unsafe(n, c, t, u) {
+    const m = ft(n);
+    return m === 1 ? this._unsafeLadder(n, c, u) : this.wNAFUnsafe(m, this.getPrecomputes(m, n, t), c, u);
   }
   // We calculate precomputes for elliptic curve point multiplication
   // using windowed method. This specifies window size and
   // stores precomputed values. Usually only base point would be precomputed.
-  createCache(r, c) {
-    sn(c, this.bits), cn.set(r, c), at.delete(r);
+  createCache(n, c) {
+    sn(c, this.bits), cn.set(n, c), at.delete(n);
   }
-  hasCache(r) {
-    return ft(r) !== 1;
+  hasCache(n) {
+    return ft(n) !== 1;
   }
 }
-function Hn(e, r, c, t) {
-  let l = r, m = e.ZERO, g = e.ZERO;
+function Hn(e, n, c, t) {
+  let u = n, m = e.ZERO, g = e.ZERO;
   for (; c > ke || t > ke; )
-    c & Le && (m = m.add(l)), t & Le && (g = g.add(l)), l = l.double(), c >>= Le, t >>= Le;
+    c & Le && (m = m.add(u)), t & Le && (g = g.add(u)), u = u.double(), c >>= Le, t >>= Le;
   return { p1: m, p2: g };
 }
-function Mn(e, r, c, t) {
-  Zn(c, e), jn(t, r);
-  const l = c.length, m = t.length;
-  if (l !== m)
+function Mn(e, n, c, t) {
+  Zn(c, e), jn(t, n);
+  const u = c.length, m = t.length;
+  if (u !== m)
     throw new Error("arrays of points and scalars must have equal length");
-  const g = e.ZERO, p = Xt(BigInt(l));
+  const g = e.ZERO, p = Xt(BigInt(u));
   let v = 1;
   p > 12 ? v = p - 3 : p > 4 ? v = p - 2 : p > 0 && (v = 2);
-  const U = ze(v), H = new Array(Number(U) + 1).fill(g), V = Math.floor((r.BITS - 1) / v) * v;
+  const U = De(v), H = new Array(Number(U) + 1).fill(g), V = Math.floor((n.BITS - 1) / v) * v;
   let E = g;
   for (let b = V; b >= 0; b -= v) {
     H.fill(g);
@@ -2480,35 +2507,35 @@ function Mn(e, r, c, t) {
   }
   return E;
 }
-function Ht(e, r, c) {
-  if (r) {
-    if (r.ORDER !== e)
+function Ht(e, n, c) {
+  if (n) {
+    if (n.ORDER !== e)
       throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
-    return Nn(r), r;
+    return Nn(n), n;
   } else
-    return De(e, { isLE: c });
+    return ze(e, { isLE: c });
 }
-function Vn(e, r, c = {}, t) {
-  if (t === void 0 && (t = e === "edwards"), !r || typeof r != "object")
+function Vn(e, n, c = {}, t) {
+  if (t === void 0 && (t = e === "edwards"), !n || typeof n != "object")
     throw new Error(`expected valid ${e} CURVE object`);
   for (const v of ["p", "n", "h"]) {
-    const U = r[v];
+    const U = n[v];
     if (!(typeof U == "bigint" && U > ke))
       throw new Error(`CURVE.${v} must be positive bigint`);
   }
-  const l = Ht(r.p, c.Fp, t), m = Ht(r.n, c.Fn, t), p = ["Gx", "Gy", "a", "b"];
+  const u = Ht(n.p, c.Fp, t), m = Ht(n.n, c.Fn, t), p = ["Gx", "Gy", "a", "b"];
   for (const v of p)
-    if (!l.isValid(r[v]))
+    if (!u.isValid(n[v]))
       throw new Error(`CURVE.${v} must be valid field element of CURVE.Fp`);
-  return r = Object.freeze(Object.assign({}, r)), { CURVE: r, Fp: l, Fn: m };
+  return n = Object.freeze(Object.assign({}, n)), { CURVE: n, Fp: u, Fn: m };
 }
-const Mt = (e, r) => (e + (e >= 0 ? r : -r) / an) / r;
-function kn(e, r, c) {
-  const [[t, l], [m, g]] = r, p = Mt(g * e, c), v = Mt(-l * e, c);
-  let U = e - p * t - v * m, H = -p * l - v * g;
+const Mt = (e, n) => (e + (e >= 0 ? n : -n) / an) / n;
+function kn(e, n, c) {
+  const [[t, u], [m, g]] = n, p = Mt(g * e, c), v = Mt(-u * e, c);
+  let U = e - p * t - v * m, H = -p * u - v * g;
   const V = U < Ne, E = H < Ne;
   V && (U = -U), E && (H = -H);
-  const b = ze(Math.ceil(Xt(c) / 2)) + Ve;
+  const b = De(Math.ceil(Xt(c) / 2)) + Ve;
   if (U < Ne || U >= b || H < Ne || H >= b)
     throw new Error("splitScalar (endomorphism): failed, k=" + e);
   return { k1neg: V, k1: U, k2neg: E, k2: H };
@@ -2518,15 +2545,15 @@ function dt(e) {
     throw new Error('Signature format must be "compact", "recovered", or "der"');
   return e;
 }
-function ut(e, r) {
+function ut(e, n) {
   const c = {};
-  for (let t of Object.keys(r))
-    c[t] = e[t] === void 0 ? r[t] : e[t];
+  for (let t of Object.keys(n))
+    c[t] = e[t] === void 0 ? n[t] : e[t];
   return Je(c.lowS, "lowS"), Je(c.prehash, "prehash"), c.format !== void 0 && dt(c.format), c;
 }
 class Cn extends Error {
-  constructor(r = "") {
-    super(r);
+  constructor(n = "") {
+    super(n);
   }
 }
 const Ie = {
@@ -2534,37 +2561,37 @@ const Ie = {
   Err: Cn,
   // Basic building block is TLV (Tag-Length-Value)
   _tlv: {
-    encode: (e, r) => {
+    encode: (e, n) => {
       const { Err: c } = Ie;
       if (e < 0 || e > 256)
         throw new c("tlv.encode: wrong tag");
-      if (r.length & 1)
+      if (n.length & 1)
         throw new c("tlv.encode: unpadded data");
-      const t = r.length / 2, l = Xe(t);
-      if (l.length / 2 & 128)
+      const t = n.length / 2, u = Xe(t);
+      if (u.length / 2 & 128)
         throw new c("tlv.encode: long form length too big");
-      const m = t > 127 ? Xe(l.length / 2 | 128) : "";
-      return Xe(e) + m + l + r;
+      const m = t > 127 ? Xe(u.length / 2 | 128) : "";
+      return Xe(e) + m + u + n;
     },
     // v - value, l - left bytes (unparsed)
-    decode(e, r) {
+    decode(e, n) {
       const { Err: c } = Ie;
       let t = 0;
       if (e < 0 || e > 256)
         throw new c("tlv.encode: wrong tag");
-      if (r.length < 2 || r[t++] !== e)
+      if (n.length < 2 || n[t++] !== e)
         throw new c("tlv.decode: wrong tlv");
-      const l = r[t++], m = !!(l & 128);
+      const u = n[t++], m = !!(u & 128);
       let g = 0;
       if (!m)
-        g = l;
+        g = u;
       else {
-        const v = l & 127;
+        const v = u & 127;
         if (!v)
           throw new c("tlv.decode(long): indefinite length not supported");
         if (v > 4)
           throw new c("tlv.decode(long): byte length is too big");
-        const U = r.subarray(t, t + v);
+        const U = n.subarray(t, t + v);
         if (U.length !== v)
           throw new c("tlv.decode: length bytes not complete");
         if (U[0] === 0)
@@ -2574,10 +2601,10 @@ const Ie = {
         if (t += v, g < 128)
           throw new c("tlv.decode(long): not minimal encoding");
       }
-      const p = r.subarray(t, t + g);
+      const p = n.subarray(t, t + g);
       if (p.length !== g)
         throw new c("tlv.decode: wrong value length");
-      return { v: p, l: r.subarray(t + g) };
+      return { v: p, l: n.subarray(t + g) };
     }
   },
   // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag,
@@ -2586,59 +2613,59 @@ const Ie = {
   // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding)
   _int: {
     encode(e) {
-      const { Err: r } = Ie;
+      const { Err: n } = Ie;
       if (e < Ne)
-        throw new r("integer: negative integers are not allowed");
+        throw new n("integer: negative integers are not allowed");
       let c = Xe(e);
       if (Number.parseInt(c[0], 16) & 8 && (c = "00" + c), c.length & 1)
-        throw new r("unexpected DER parsing assertion: unpadded hex");
+        throw new n("unexpected DER parsing assertion: unpadded hex");
       return c;
     },
     decode(e) {
-      const { Err: r } = Ie;
+      const { Err: n } = Ie;
       if (e[0] & 128)
-        throw new r("invalid signature integer: negative");
+        throw new n("invalid signature integer: negative");
       if (e[0] === 0 && !(e[1] & 128))
-        throw new r("invalid signature integer: unnecessary leading zero");
+        throw new n("invalid signature integer: unnecessary leading zero");
       return et(e);
     }
   },
   toSig(e) {
-    const { Err: r, _int: c, _tlv: t } = Ie, l = Se("signature", e), { v: m, l: g } = t.decode(48, l);
+    const { Err: n, _int: c, _tlv: t } = Ie, u = Se("signature", e), { v: m, l: g } = t.decode(48, u);
     if (g.length)
-      throw new r("invalid signature: left bytes after parsing");
+      throw new n("invalid signature: left bytes after parsing");
     const { v: p, l: v } = t.decode(2, m), { v: U, l: H } = t.decode(2, v);
     if (H.length)
-      throw new r("invalid signature: left bytes after parsing");
+      throw new n("invalid signature: left bytes after parsing");
     return { r: c.decode(p), s: c.decode(U) };
   },
   hexFromSig(e) {
-    const { _tlv: r, _int: c } = Ie, t = r.encode(2, c.encode(e.r)), l = r.encode(2, c.encode(e.s)), m = t + l;
-    return r.encode(48, m);
+    const { _tlv: n, _int: c } = Ie, t = n.encode(2, c.encode(e.r)), u = n.encode(2, c.encode(e.s)), m = t + u;
+    return n.encode(48, m);
   }
 }, Ne = BigInt(0), Ve = BigInt(1), an = BigInt(2), Ge = BigInt(3), Kn = BigInt(4);
-function He(e, r) {
+function He(e, n) {
   const { BYTES: c } = e;
   let t;
-  if (typeof r == "bigint")
-    t = r;
+  if (typeof n == "bigint")
+    t = n;
   else {
-    let l = Se("private key", r);
+    let u = Se("private key", n);
     try {
-      t = e.fromBytes(l);
+      t = e.fromBytes(u);
     } catch {
-      throw new Error(`invalid private key: expected ui8a of size ${c}, got ${typeof r}`);
+      throw new Error(`invalid private key: expected ui8a of size ${c}, got ${typeof n}`);
     }
   }
   if (!e.isValidNot0(t))
     throw new Error("invalid private key: out of range [1..N-1]");
   return t;
 }
-function zn(e, r = {}) {
-  const c = Vn("weierstrass", e, r), { Fp: t, Fn: l } = c;
+function Dn(e, n = {}) {
+  const c = Vn("weierstrass", e, n), { Fp: t, Fn: u } = c;
   let m = c.CURVE;
   const { h: g, n: p } = m;
-  gt(r, {}, {
+  gt(n, {}, {
     allowInfinityPoint: "boolean",
     clearCofactor: "function",
     isTorsionFree: "function",
@@ -2647,27 +2674,27 @@ function zn(e, r = {}) {
     endo: "object",
     wrapPrivateKey: "boolean"
   });
-  const { endo: v } = r;
+  const { endo: v } = n;
   if (v && (!t.is0(m.a) || typeof v.beta != "bigint" || !Array.isArray(v.basises)))
     throw new Error('invalid endo: expected "beta": bigint and "basises": array');
-  const U = un(t, l);
+  const U = un(t, u);
   function H() {
     if (!t.isOdd)
       throw new Error("compression is not supported: Field does not have .isOdd()");
   }
-  function V(z, d, u) {
-    const { x: n, y: a } = d.toAffine(), i = t.toBytes(n);
-    if (Je(u, "isCompressed"), u) {
+  function V(D, d, l) {
+    const { x: r, y: a } = d.toAffine(), i = t.toBytes(r);
+    if (Je(l, "isCompressed"), l) {
       H();
       const o = !t.isOdd(a);
       return Ae(fn(o), i);
     } else
       return Ae(Uint8Array.of(4), i, t.toBytes(a));
   }
-  function E(z) {
-    Ze(z, void 0, "Point");
-    const { publicKey: d, publicKeyUncompressed: u } = U, n = z.length, a = z[0], i = z.subarray(1);
-    if (n === d && (a === 2 || a === 3)) {
+  function E(D) {
+    Ze(D, void 0, "Point");
+    const { publicKey: d, publicKeyUncompressed: l } = U, r = D.length, a = D[0], i = D.subarray(1);
+    if (r === d && (a === 2 || a === 3)) {
       const o = t.fromBytes(i);
       if (!t.isValid(o))
         throw new Error("bad point: is not on curve, wrong x");
@@ -2682,92 +2709,92 @@ function zn(e, r = {}) {
       H();
       const s = t.isOdd(w);
       return (a & 1) === 1 !== s && (w = t.neg(w)), { x: o, y: w };
-    } else if (n === u && a === 4) {
+    } else if (r === l && a === 4) {
       const o = t.BYTES, h = t.fromBytes(i.subarray(0, o)), w = t.fromBytes(i.subarray(o, o * 2));
       if (!M(h, w))
         throw new Error("bad point: is not on curve");
       return { x: h, y: w };
     } else
-      throw new Error(`bad point: got length ${n}, expected compressed=${d} or uncompressed=${u}`);
+      throw new Error(`bad point: got length ${r}, expected compressed=${d} or uncompressed=${l}`);
   }
-  const b = r.toBytes || V, S = r.fromBytes || E;
-  function A(z) {
-    const d = t.sqr(z), u = t.mul(d, z);
-    return t.add(t.add(u, t.mul(z, m.a)), m.b);
+  const b = n.toBytes || V, S = n.fromBytes || E;
+  function A(D) {
+    const d = t.sqr(D), l = t.mul(d, D);
+    return t.add(t.add(l, t.mul(D, m.a)), m.b);
   }
-  function M(z, d) {
-    const u = t.sqr(d), n = A(z);
-    return t.eql(u, n);
+  function M(D, d) {
+    const l = t.sqr(d), r = A(D);
+    return t.eql(l, r);
   }
   if (!M(m.Gx, m.Gy))
     throw new Error("bad curve params: generator point");
   const Q = t.mul(t.pow(m.a, Ge), Kn), F = t.mul(t.sqr(m.b), BigInt(27));
   if (t.is0(t.add(Q, F)))
     throw new Error("bad curve params: a or b");
-  function G(z, d, u = !1) {
-    if (!t.isValid(d) || u && t.is0(d))
-      throw new Error(`bad point coordinate ${z}`);
+  function G(D, d, l = !1) {
+    if (!t.isValid(d) || l && t.is0(d))
+      throw new Error(`bad point coordinate ${D}`);
     return d;
   }
-  function se(z) {
-    if (!(z instanceof _))
+  function se(D) {
+    if (!(D instanceof _))
       throw new Error("ProjectivePoint expected");
   }
-  function ie(z) {
+  function ie(D) {
     if (!v || !v.basises)
       throw new Error("no endo");
-    return kn(z, v.basises, l.ORDER);
+    return kn(D, v.basises, u.ORDER);
   }
-  const j = At((z, d) => {
-    const { X: u, Y: n, Z: a } = z;
+  const j = At((D, d) => {
+    const { X: l, Y: r, Z: a } = D;
     if (t.eql(a, t.ONE))
-      return { x: u, y: n };
-    const i = z.is0();
+      return { x: l, y: r };
+    const i = D.is0();
     d == null && (d = i ? t.ONE : t.inv(a));
-    const o = t.mul(u, d), h = t.mul(n, d), w = t.mul(a, d);
+    const o = t.mul(l, d), h = t.mul(r, d), w = t.mul(a, d);
     if (i)
       return { x: t.ZERO, y: t.ZERO };
     if (!t.eql(w, t.ONE))
       throw new Error("invZ was invalid");
     return { x: o, y: h };
-  }), O = At((z) => {
-    if (z.is0()) {
-      if (r.allowInfinityPoint && !t.is0(z.Y))
+  }), R = At((D) => {
+    if (D.is0()) {
+      if (n.allowInfinityPoint && !t.is0(D.Y))
         return;
       throw new Error("bad point: ZERO");
     }
-    const { x: d, y: u } = z.toAffine();
-    if (!t.isValid(d) || !t.isValid(u))
+    const { x: d, y: l } = D.toAffine();
+    if (!t.isValid(d) || !t.isValid(l))
       throw new Error("bad point: x or y not field elements");
-    if (!M(d, u))
+    if (!M(d, l))
       throw new Error("bad point: equation left != right");
-    if (!z.isTorsionFree())
+    if (!D.isTorsionFree())
       throw new Error("bad point: not in prime-order subgroup");
     return !0;
   });
-  function L(z, d, u, n, a) {
-    return u = new _(t.mul(u.X, z), u.Y, u.Z), d = Fe(n, d), u = Fe(a, u), d.add(u);
+  function L(D, d, l, r, a) {
+    return l = new _(t.mul(l.X, D), l.Y, l.Z), d = Fe(r, d), l = Fe(a, l), d.add(l);
   }
   class _ {
     /** Does NOT validate if the point is valid. Use `.assertValidity()`. */
-    constructor(d, u, n) {
-      this.X = G("x", d), this.Y = G("y", u, !0), this.Z = G("z", n), Object.freeze(this);
+    constructor(d, l, r) {
+      this.X = G("x", d), this.Y = G("y", l, !0), this.Z = G("z", r), Object.freeze(this);
     }
     static CURVE() {
       return m;
     }
     /** Does NOT validate if the point is valid. Use `.assertValidity()`. */
     static fromAffine(d) {
-      const { x: u, y: n } = d || {};
-      if (!d || !t.isValid(u) || !t.isValid(n))
+      const { x: l, y: r } = d || {};
+      if (!d || !t.isValid(l) || !t.isValid(r))
         throw new Error("invalid affine point");
       if (d instanceof _)
         throw new Error("projective point not allowed");
-      return t.is0(u) && t.is0(n) ? _.ZERO : new _(u, n, t.ONE);
+      return t.is0(l) && t.is0(r) ? _.ZERO : new _(l, r, t.ONE);
     }
     static fromBytes(d) {
-      const u = _.fromAffine(S(Ze(d, void 0, "point")));
-      return u.assertValidity(), u;
+      const l = _.fromAffine(S(Ze(d, void 0, "point")));
+      return l.assertValidity(), l;
     }
     static fromHex(d) {
       return _.fromBytes(Se("pointHex", d));
@@ -2784,13 +2811,13 @@ function zn(e, r = {}) {
      * @param isLazy true will defer table computation until the first multiplication
      * @returns
      */
-    precompute(d = 8, u = !0) {
-      return W.createCache(this, d), u || this.multiply(Ge), this;
+    precompute(d = 8, l = !0) {
+      return W.createCache(this, d), l || this.multiply(Ge), this;
     }
     // TODO: return `this`
     /** A point on curve is valid if it conforms to equation. */
     assertValidity() {
-      O(this);
+      R(this);
     }
     hasEvenY() {
       const { y: d } = this.toAffine();
@@ -2801,7 +2828,7 @@ function zn(e, r = {}) {
     /** Compare one point to another. */
     equals(d) {
       se(d);
-      const { X: u, Y: n, Z: a } = this, { X: i, Y: o, Z: h } = d, w = t.eql(t.mul(u, h), t.mul(i, a)), s = t.eql(t.mul(n, h), t.mul(o, a));
+      const { X: l, Y: r, Z: a } = this, { X: i, Y: o, Z: h } = d, w = t.eql(t.mul(l, h), t.mul(i, a)), s = t.eql(t.mul(r, h), t.mul(o, a));
       return w && s;
     }
     /** Flips point to one corresponding to (x, -y) in Affine coordinates. */
@@ -2813,9 +2840,9 @@ function zn(e, r = {}) {
     // https://eprint.iacr.org/2015/1060, algorithm 3
     // Cost: 8M + 3S + 3*a + 2*b3 + 15add.
     double() {
-      const { a: d, b: u } = m, n = t.mul(u, Ge), { X: a, Y: i, Z: o } = this;
-      let h = t.ZERO, w = t.ZERO, s = t.ZERO, f = t.mul(a, a), y = t.mul(i, i), B = t.mul(o, o), T = t.mul(a, i);
-      return T = t.add(T, T), s = t.mul(a, o), s = t.add(s, s), h = t.mul(d, s), w = t.mul(n, B), w = t.add(h, w), h = t.sub(y, w), w = t.add(y, w), w = t.mul(h, w), h = t.mul(T, h), s = t.mul(n, s), B = t.mul(d, B), T = t.sub(f, B), T = t.mul(d, T), T = t.add(T, s), s = t.add(f, f), f = t.add(s, f), f = t.add(f, B), f = t.mul(f, T), w = t.add(w, f), B = t.mul(i, o), B = t.add(B, B), f = t.mul(B, T), h = t.sub(h, f), s = t.mul(B, y), s = t.add(s, s), s = t.add(s, s), new _(h, w, s);
+      const { a: d, b: l } = m, r = t.mul(l, Ge), { X: a, Y: i, Z: o } = this;
+      let h = t.ZERO, w = t.ZERO, s = t.ZERO, f = t.mul(a, a), y = t.mul(i, i), B = t.mul(o, o), O = t.mul(a, i);
+      return O = t.add(O, O), s = t.mul(a, o), s = t.add(s, s), h = t.mul(d, s), w = t.mul(r, B), w = t.add(h, w), h = t.sub(y, w), w = t.add(y, w), w = t.mul(h, w), h = t.mul(O, h), s = t.mul(r, s), B = t.mul(d, B), O = t.sub(f, B), O = t.mul(d, O), O = t.add(O, s), s = t.add(f, f), f = t.add(s, f), f = t.add(f, B), f = t.mul(f, O), w = t.add(w, f), B = t.mul(i, o), B = t.add(B, B), f = t.mul(B, O), h = t.sub(h, f), s = t.mul(B, y), s = t.add(s, s), s = t.add(s, s), new _(h, w, s);
     }
     // Renes-Costello-Batina exception-free addition formula.
     // There is 30% faster Jacobian formula, but it is not complete.
@@ -2823,13 +2850,13 @@ function zn(e, r = {}) {
     // Cost: 12M + 0S + 3*a + 3*b3 + 23add.
     add(d) {
       se(d);
-      const { X: u, Y: n, Z: a } = this, { X: i, Y: o, Z: h } = d;
+      const { X: l, Y: r, Z: a } = this, { X: i, Y: o, Z: h } = d;
       let w = t.ZERO, s = t.ZERO, f = t.ZERO;
       const y = m.a, B = t.mul(m.b, Ge);
-      let T = t.mul(u, i), k = t.mul(n, o), Y = t.mul(a, h), I = t.add(u, n), q = t.add(i, o);
-      I = t.mul(I, q), q = t.add(T, k), I = t.sub(I, q), q = t.add(u, a);
+      let O = t.mul(l, i), k = t.mul(r, o), Y = t.mul(a, h), I = t.add(l, r), q = t.add(i, o);
+      I = t.mul(I, q), q = t.add(O, k), I = t.sub(I, q), q = t.add(l, a);
       let C = t.add(i, h);
-      return q = t.mul(q, C), C = t.add(T, Y), q = t.sub(q, C), C = t.add(n, a), w = t.add(o, h), C = t.mul(C, w), w = t.add(k, Y), C = t.sub(C, w), f = t.mul(y, q), w = t.mul(B, Y), f = t.add(w, f), w = t.sub(k, f), f = t.add(k, f), s = t.mul(w, f), k = t.add(T, T), k = t.add(k, T), Y = t.mul(y, Y), q = t.mul(B, q), k = t.add(k, Y), Y = t.sub(T, Y), Y = t.mul(y, Y), q = t.add(q, Y), T = t.mul(k, q), s = t.add(s, T), T = t.mul(C, q), w = t.mul(I, w), w = t.sub(w, T), T = t.mul(I, k), f = t.mul(C, f), f = t.add(f, T), new _(w, s, f);
+      return q = t.mul(q, C), C = t.add(O, Y), q = t.sub(q, C), C = t.add(r, a), w = t.add(o, h), C = t.mul(C, w), w = t.add(k, Y), C = t.sub(C, w), f = t.mul(y, q), w = t.mul(B, Y), f = t.add(w, f), w = t.sub(k, f), f = t.add(k, f), s = t.mul(w, f), k = t.add(O, O), k = t.add(k, O), Y = t.mul(y, Y), q = t.mul(B, q), k = t.add(k, Y), Y = t.sub(O, Y), Y = t.mul(y, Y), q = t.add(q, Y), O = t.mul(k, q), s = t.add(s, O), O = t.mul(C, q), w = t.mul(I, w), w = t.sub(w, O), O = t.mul(I, k), f = t.mul(C, f), f = t.add(f, O), new _(w, s, f);
     }
     subtract(d) {
       return this.add(d.negate());
@@ -2847,19 +2874,19 @@ function zn(e, r = {}) {
      * @returns New point
      */
     multiply(d) {
-      const { endo: u } = r;
-      if (!l.isValidNot0(d))
+      const { endo: l } = n;
+      if (!u.isValidNot0(d))
         throw new Error("invalid scalar: out of range");
-      let n, a;
+      let r, a;
       const i = (o) => W.cached(this, o, (h) => it(_, h));
-      if (u) {
-        const { k1neg: o, k1: h, k2neg: w, k2: s } = ie(d), { p: f, f: y } = i(h), { p: B, f: T } = i(s);
-        a = y.add(T), n = L(u.beta, f, B, o, w);
+      if (l) {
+        const { k1neg: o, k1: h, k2neg: w, k2: s } = ie(d), { p: f, f: y } = i(h), { p: B, f: O } = i(s);
+        a = y.add(O), r = L(l.beta, f, B, o, w);
       } else {
         const { p: o, f: h } = i(d);
-        n = o, a = h;
+        r = o, a = h;
       }
-      return it(_, [n, a])[0];
+      return it(_, [r, a])[0];
     }
     /**
      * Non-constant-time multiplication. Uses double-and-add algorithm.
@@ -2867,23 +2894,23 @@ function zn(e, r = {}) {
      * an exposed secret key e.g. sig verification, which works over *public* keys.
      */
     multiplyUnsafe(d) {
-      const { endo: u } = r, n = this;
-      if (!l.isValid(d))
+      const { endo: l } = n, r = this;
+      if (!u.isValid(d))
         throw new Error("invalid scalar: out of range");
-      if (d === Ne || n.is0())
+      if (d === Ne || r.is0())
         return _.ZERO;
       if (d === Ve)
-        return n;
+        return r;
       if (W.hasCache(this))
         return this.multiply(d);
-      if (u) {
-        const { k1neg: a, k1: i, k2neg: o, k2: h } = ie(d), { p1: w, p2: s } = Hn(_, n, i, h);
-        return L(u.beta, w, s, a, o);
+      if (l) {
+        const { k1neg: a, k1: i, k2neg: o, k2: h } = ie(d), { p1: w, p2: s } = Hn(_, r, i, h);
+        return L(l.beta, w, s, a, o);
       } else
-        return W.unsafe(n, d);
+        return W.unsafe(r, d);
     }
-    multiplyAndAddUnsafe(d, u, n) {
-      const a = this.multiplyUnsafe(u).add(d.multiplyUnsafe(n));
+    multiplyAndAddUnsafe(d, l, r) {
+      const a = this.multiplyUnsafe(l).add(d.multiplyUnsafe(r));
       return a.is0() ? void 0 : a;
     }
     /**
@@ -2898,11 +2925,11 @@ function zn(e, r = {}) {
      * Always torsion-free for cofactor=1 curves.
      */
     isTorsionFree() {
-      const { isTorsionFree: d } = r;
+      const { isTorsionFree: d } = n;
       return g === Ve ? !0 : d ? d(_, this) : W.unsafe(this, p).is0();
     }
     clearCofactor() {
-      const { clearCofactor: d } = r;
+      const { clearCofactor: d } = n;
       return g === Ve ? this : d ? d(_, this) : this.multiplyUnsafe(g);
     }
     isSmallOrder() {
@@ -2936,31 +2963,31 @@ function zn(e, r = {}) {
     static normalizeZ(d) {
       return it(_, d);
     }
-    static msm(d, u) {
-      return Mn(_, l, d, u);
+    static msm(d, l) {
+      return Mn(_, u, d, l);
     }
     static fromPrivateKey(d) {
-      return _.BASE.multiply(He(l, d));
+      return _.BASE.multiply(He(u, d));
     }
   }
-  _.BASE = new _(m.Gx, m.Gy, t.ONE), _.ZERO = new _(t.ZERO, t.ONE, t.ZERO), _.Fp = t, _.Fn = l;
-  const K = l.BITS, W = new Ln(_, r.endo ? Math.ceil(K / 2) : K);
+  _.BASE = new _(m.Gx, m.Gy, t.ONE), _.ZERO = new _(t.ZERO, t.ONE, t.ZERO), _.Fp = t, _.Fn = u;
+  const K = u.BITS, W = new Ln(_, n.endo ? Math.ceil(K / 2) : K);
   return _.BASE.precompute(8), _;
 }
 function fn(e) {
   return Uint8Array.of(e ? 2 : 3);
 }
-function un(e, r) {
+function un(e, n) {
   return {
-    secretKey: r.BYTES,
+    secretKey: n.BYTES,
     publicKey: 1 + e.BYTES,
     publicKeyUncompressed: 1 + 2 * e.BYTES,
     publicKeyHasPrefix: !0,
-    signature: 2 * r.BYTES
+    signature: 2 * n.BYTES
   };
 }
-function Dn(e, r = {}) {
-  const { Fn: c } = e, t = r.randomBytes || kt, l = Object.assign(un(e.Fp, c), { seed: on(c.ORDER) });
+function zn(e, n = {}) {
+  const { Fn: c } = e, t = n.randomBytes || kt, u = Object.assign(un(e.Fp, c), { seed: on(c.ORDER) });
   function m(b) {
     try {
       return !!He(c, b);
@@ -2969,7 +2996,7 @@ function Dn(e, r = {}) {
     }
   }
   function g(b, S) {
-    const { publicKey: A, publicKeyUncompressed: M } = l;
+    const { publicKey: A, publicKeyUncompressed: M } = u;
     try {
       const Q = b.length;
       return S === !0 && Q !== A || S === !1 && Q !== M ? !1 : !!e.fromBytes(b);
@@ -2977,8 +3004,8 @@ function Dn(e, r = {}) {
       return !1;
     }
   }
-  function p(b = t(l.seed)) {
-    return Un(Ze(b, l.seed, "seed"), c.ORDER);
+  function p(b = t(u.seed)) {
+    return Un(Ze(b, u.seed, "seed"), c.ORDER);
   }
   function v(b, S = !0) {
     return e.BASE.multiply(He(c, b)).toBytes(S);
@@ -2992,7 +3019,7 @@ function Dn(e, r = {}) {
       return !1;
     if (b instanceof e)
       return !0;
-    const { secretKey: S, publicKey: A, publicKeyUncompressed: M } = l;
+    const { secretKey: S, publicKey: A, publicKeyUncompressed: M } = u;
     if (c.allowedLengths || S === A)
       return;
     const Q = Se("key", b).length;
@@ -3017,59 +3044,59 @@ function Dn(e, r = {}) {
     precompute(b = 8, S = e.BASE) {
       return S.precompute(b, !1);
     }
-  }, lengths: l });
+  }, lengths: u });
 }
-function Yn(e, r, c = {}) {
-  mn(r), gt(c, {}, {
+function Yn(e, n, c = {}) {
+  mn(n), gt(c, {}, {
     hmac: "function",
     lowS: "boolean",
     randomBytes: "function",
     bits2int: "function",
     bits2int_modN: "function"
   });
-  const t = c.randomBytes || kt, l = c.hmac || ((u, ...n) => bn(r, u, Ae(...n))), { Fp: m, Fn: g } = e, { ORDER: p, BITS: v } = g, { keygen: U, getPublicKey: H, getSharedSecret: V, utils: E, lengths: b } = Dn(e, c), S = {
+  const t = c.randomBytes || kt, u = c.hmac || ((l, ...r) => bn(n, l, Ae(...r))), { Fp: m, Fn: g } = e, { ORDER: p, BITS: v } = g, { keygen: U, getPublicKey: H, getSharedSecret: V, utils: E, lengths: b } = zn(e, c), S = {
     prehash: !1,
     lowS: typeof c.lowS == "boolean" ? c.lowS : !1,
     format: void 0,
     //'compact' as ECDSASigFormat,
     extraEntropy: !1
   }, A = "compact";
-  function M(u) {
-    const n = p >> Ve;
-    return u > n;
+  function M(l) {
+    const r = p >> Ve;
+    return l > r;
   }
-  function Q(u, n) {
-    if (!g.isValidNot0(n))
-      throw new Error(`invalid signature ${u}: out of range 1..Point.Fn.ORDER`);
-    return n;
+  function Q(l, r) {
+    if (!g.isValidNot0(r))
+      throw new Error(`invalid signature ${l}: out of range 1..Point.Fn.ORDER`);
+    return r;
   }
-  function F(u, n) {
-    dt(n);
-    const a = b.signature, i = n === "compact" ? a : n === "recovered" ? a + 1 : void 0;
-    return Ze(u, i, `${n} signature`);
+  function F(l, r) {
+    dt(r);
+    const a = b.signature, i = r === "compact" ? a : r === "recovered" ? a + 1 : void 0;
+    return Ze(l, i, `${r} signature`);
   }
   class G {
-    constructor(n, a, i) {
-      this.r = Q("r", n), this.s = Q("s", a), i != null && (this.recovery = i), Object.freeze(this);
+    constructor(r, a, i) {
+      this.r = Q("r", r), this.s = Q("s", a), i != null && (this.recovery = i), Object.freeze(this);
     }
-    static fromBytes(n, a = A) {
-      F(n, a);
+    static fromBytes(r, a = A) {
+      F(r, a);
       let i;
       if (a === "der") {
-        const { r: s, s: f } = Ie.toSig(Ze(n));
+        const { r: s, s: f } = Ie.toSig(Ze(r));
         return new G(s, f);
       }
-      a === "recovered" && (i = n[0], a = "compact", n = n.subarray(1));
-      const o = g.BYTES, h = n.subarray(0, o), w = n.subarray(o, o * 2);
+      a === "recovered" && (i = r[0], a = "compact", r = r.subarray(1));
+      const o = g.BYTES, h = r.subarray(0, o), w = r.subarray(o, o * 2);
       return new G(g.fromBytes(h), g.fromBytes(w), i);
     }
-    static fromHex(n, a) {
-      return this.fromBytes(Qe(n), a);
+    static fromHex(r, a) {
+      return this.fromBytes(Qe(r), a);
     }
-    addRecoveryBit(n) {
-      return new G(this.r, this.s, n);
+    addRecoveryBit(r) {
+      return new G(this.r, this.s, r);
     }
-    recoverPublicKey(n) {
+    recoverPublicKey(r) {
       const a = m.ORDER, { r: i, s: o, recovery: h } = this;
       if (h == null || ![0, 1, 2, 3].includes(h))
         throw new Error("recovery id invalid");
@@ -3078,7 +3105,7 @@ function Yn(e, r, c = {}) {
       const s = h === 2 || h === 3 ? i + p : i;
       if (!m.isValid(s))
         throw new Error("recovery id 2 or 3 invalid");
-      const f = m.toBytes(s), y = e.fromBytes(Ae(fn((h & 1) === 0), f)), B = g.inv(s), T = ie(Se("msgHash", n)), k = g.create(-T * B), Y = g.create(o * B), I = e.BASE.multiplyUnsafe(k).add(y.multiplyUnsafe(Y));
+      const f = m.toBytes(s), y = e.fromBytes(Ae(fn((h & 1) === 0), f)), B = g.inv(s), O = ie(Se("msgHash", r)), k = g.create(-O * B), Y = g.create(o * B), I = e.BASE.multiplyUnsafe(k).add(y.multiplyUnsafe(Y));
       if (I.is0())
         throw new Error("point at infinify");
       return I.assertValidity(), I;
@@ -3087,28 +3114,28 @@ function Yn(e, r, c = {}) {
     hasHighS() {
       return M(this.s);
     }
-    toBytes(n = A) {
-      if (dt(n), n === "der")
+    toBytes(r = A) {
+      if (dt(r), r === "der")
         return Qe(Ie.hexFromSig(this));
       const a = g.toBytes(this.r), i = g.toBytes(this.s);
-      if (n === "recovered") {
+      if (r === "recovered") {
         if (this.recovery == null)
           throw new Error("recovery bit must be present");
         return Ae(Uint8Array.of(this.recovery), a, i);
       }
       return Ae(a, i);
     }
-    toHex(n) {
-      return Me(this.toBytes(n));
+    toHex(r) {
+      return Me(this.toBytes(r));
     }
     // TODO: remove
     assertValidity() {
     }
-    static fromCompact(n) {
-      return G.fromBytes(Se("sig", n), "compact");
+    static fromCompact(r) {
+      return G.fromBytes(Se("sig", r), "compact");
     }
-    static fromDER(n) {
-      return G.fromBytes(Se("sig", n), "der");
+    static fromDER(r) {
+      return G.fromBytes(Se("sig", r), "der");
     }
     normalizeS() {
       return this.hasHighS() ? new G(this.r, g.neg(this.s), this.recovery) : this;
@@ -3126,32 +3153,32 @@ function Yn(e, r, c = {}) {
       return Me(this.toBytes("compact"));
     }
   }
-  const se = c.bits2int || function(n) {
-    if (n.length > 8192)
+  const se = c.bits2int || function(r) {
+    if (r.length > 8192)
       throw new Error("input is too large");
-    const a = et(n), i = n.length * 8 - v;
+    const a = et(r), i = r.length * 8 - v;
     return i > 0 ? a >> BigInt(i) : a;
-  }, ie = c.bits2int_modN || function(n) {
-    return g.create(se(n));
-  }, j = ze(v);
-  function O(u) {
-    return _n("num < 2^" + v, u, Ne, j), g.toBytes(u);
+  }, ie = c.bits2int_modN || function(r) {
+    return g.create(se(r));
+  }, j = De(v);
+  function R(l) {
+    return _n("num < 2^" + v, l, Ne, j), g.toBytes(l);
   }
-  function L(u, n) {
-    return Ze(u, void 0, "message"), n ? Ze(r(u), void 0, "prehashed message") : u;
+  function L(l, r) {
+    return Ze(l, void 0, "message"), r ? Ze(n(l), void 0, "prehashed message") : l;
   }
-  function _(u, n, a) {
+  function _(l, r, a) {
     if (["recovered", "canonical"].some((k) => k in a))
       throw new Error("sign() legacy options not supported");
     const { lowS: i, prehash: o, extraEntropy: h } = ut(a, S);
-    u = L(u, o);
-    const w = ie(u), s = He(g, n), f = [O(s), O(w)];
+    l = L(l, o);
+    const w = ie(l), s = He(g, r), f = [R(s), R(w)];
     if (h != null && h !== !1) {
       const k = h === !0 ? t(b.secretKey) : h;
       f.push(Se("extraEntropy", k));
     }
     const y = Ae(...f), B = w;
-    function T(k) {
+    function O(k) {
       const Y = se(k);
       if (!g.isValidNot0(Y))
         return;
@@ -3161,59 +3188,59 @@ function Yn(e, r, c = {}) {
       const te = g.create(I * g.create(B + C * s));
       if (te === Ne)
         return;
-      let $ = (q.x === C ? 0 : 2) | Number(q.y & Ve), x = te;
-      return i && M(te) && (x = g.neg(te), $ ^= 1), new G(C, x, $);
+      let $ = (q.x === C ? 0 : 2) | Number(q.y & Ve), T = te;
+      return i && M(te) && (T = g.neg(te), $ ^= 1), new G(C, T, $);
     }
-    return { seed: y, k2sig: T };
+    return { seed: y, k2sig: O };
   }
-  function K(u, n, a = {}) {
-    u = Se("message", u);
-    const { seed: i, k2sig: o } = _(u, n, a);
-    return Sn(r.outputLen, g.BYTES, l)(i, o);
+  function K(l, r, a = {}) {
+    l = Se("message", l);
+    const { seed: i, k2sig: o } = _(l, r, a);
+    return Sn(n.outputLen, g.BYTES, u)(i, o);
   }
-  function W(u) {
-    let n;
-    const a = typeof u == "string" || yt(u), i = !a && u !== null && typeof u == "object" && typeof u.r == "bigint" && typeof u.s == "bigint";
+  function W(l) {
+    let r;
+    const a = typeof l == "string" || yt(l), i = !a && l !== null && typeof l == "object" && typeof l.r == "bigint" && typeof l.s == "bigint";
     if (!a && !i)
       throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");
     if (i)
-      n = new G(u.r, u.s);
+      r = new G(l.r, l.s);
     else if (a) {
       try {
-        n = G.fromBytes(Se("sig", u), "der");
+        r = G.fromBytes(Se("sig", l), "der");
       } catch (o) {
         if (!(o instanceof Ie.Err))
           throw o;
       }
-      if (!n)
+      if (!r)
         try {
-          n = G.fromBytes(Se("sig", u), "compact");
+          r = G.fromBytes(Se("sig", l), "compact");
         } catch {
           return !1;
         }
     }
-    return n || !1;
+    return r || !1;
   }
-  function z(u, n, a, i = {}) {
+  function D(l, r, a, i = {}) {
     const { lowS: o, prehash: h, format: w } = ut(i, S);
-    if (a = Se("publicKey", a), n = L(Se("message", n), h), "strict" in i)
+    if (a = Se("publicKey", a), r = L(Se("message", r), h), "strict" in i)
       throw new Error("options.strict was renamed to lowS");
-    const s = w === void 0 ? W(u) : G.fromBytes(Se("sig", u), w);
+    const s = w === void 0 ? W(l) : G.fromBytes(Se("sig", l), w);
     if (s === !1)
       return !1;
     try {
       const f = e.fromBytes(a);
       if (o && s.hasHighS())
         return !1;
-      const { r: y, s: B } = s, T = ie(n), k = g.inv(B), Y = g.create(T * k), I = g.create(y * k), q = e.BASE.multiplyUnsafe(Y).add(f.multiplyUnsafe(I));
+      const { r: y, s: B } = s, O = ie(r), k = g.inv(B), Y = g.create(O * k), I = g.create(y * k), q = e.BASE.multiplyUnsafe(Y).add(f.multiplyUnsafe(I));
       return q.is0() ? !1 : g.create(q.x) === y;
     } catch {
       return !1;
     }
   }
-  function d(u, n, a = {}) {
+  function d(l, r, a = {}) {
     const { prehash: i } = ut(a, S);
-    return n = L(n, i), G.fromBytes(u, "recovered").recoverPublicKey(n).toBytes();
+    return r = L(r, i), G.fromBytes(l, "recovered").recoverPublicKey(r).toBytes();
   }
   return Object.freeze({
     keygen: U,
@@ -3223,14 +3250,14 @@ function Yn(e, r, c = {}) {
     lengths: b,
     Point: e,
     sign: K,
-    verify: z,
+    verify: D,
     recoverPublicKey: d,
     Signature: G,
-    hash: r
+    hash: n
   });
 }
 function Pn(e) {
-  const r = {
+  const n = {
     a: e.a,
     b: e.b,
     p: e.Fp.ORDER,
@@ -3240,13 +3267,13 @@ function Pn(e) {
     Gy: e.Gy
   }, c = e.Fp;
   let t = e.allowedPrivateKeyLengths ? Array.from(new Set(e.allowedPrivateKeyLengths.map((g) => Math.ceil(g / 2)))) : void 0;
-  const l = De(r.n, {
+  const u = ze(n.n, {
     BITS: e.nBitLength,
     allowedLengths: t,
     modFromBytes: e.wrapPrivateKey
   }), m = {
     Fp: c,
-    Fn: l,
+    Fn: u,
     allowInfinityPoint: e.allowInfinityPoint,
     endo: e.endo,
     isTorsionFree: e.isTorsionFree,
@@ -3254,32 +3281,32 @@ function Pn(e) {
     fromBytes: e.fromBytes,
     toBytes: e.toBytes
   };
-  return { CURVE: r, curveOpts: m };
+  return { CURVE: n, curveOpts: m };
 }
 function Xn(e) {
-  const { CURVE: r, curveOpts: c } = Pn(e), t = {
+  const { CURVE: n, curveOpts: c } = Pn(e), t = {
     hmac: e.hmac,
     randomBytes: e.randomBytes,
     lowS: e.lowS,
     bits2int: e.bits2int,
     bits2int_modN: e.bits2int_modN
   };
-  return { CURVE: r, curveOpts: c, hash: e.hash, ecdsaOpts: t };
+  return { CURVE: n, curveOpts: c, hash: e.hash, ecdsaOpts: t };
 }
-function Gn(e, r) {
-  const c = r.Point;
-  return Object.assign({}, r, {
+function Gn(e, n) {
+  const c = n.Point;
+  return Object.assign({}, n, {
     ProjectivePoint: c,
     CURVE: Object.assign({}, e, nn(c.Fn.ORDER, c.Fn.BITS))
   });
 }
 function Wn(e) {
-  const { CURVE: r, curveOpts: c, hash: t, ecdsaOpts: l } = Xn(e), m = zn(r, c), g = Yn(m, t, l);
+  const { CURVE: n, curveOpts: c, hash: t, ecdsaOpts: u } = Xn(e), m = Dn(n, c), g = Yn(m, t, u);
   return Gn(e, g);
 }
-function Qn(e, r) {
+function Qn(e, n) {
   const c = (t) => Wn({ ...e, hash: t });
-  return { ...c(r), create: c };
+  return { ...c(n), create: c };
 }
 const Bt = {
   p: BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),
@@ -3297,20 +3324,22 @@ const Bt = {
   ]
 }, Vt = /* @__PURE__ */ BigInt(2);
 function Fn(e) {
-  const r = Bt.p, c = BigInt(3), t = BigInt(6), l = BigInt(11), m = BigInt(22), g = BigInt(23), p = BigInt(44), v = BigInt(88), U = e * e * e % r, H = U * U * e % r, V = Re(H, c, r) * H % r, E = Re(V, c, r) * H % r, b = Re(E, Vt, r) * U % r, S = Re(b, l, r) * b % r, A = Re(S, m, r) * S % r, M = Re(A, p, r) * A % r, Q = Re(M, v, r) * M % r, F = Re(Q, p, r) * A % r, G = Re(F, c, r) * H % r, se = Re(G, g, r) * S % r, ie = Re(se, t, r) * U % r, j = Re(ie, Vt, r);
+  const n = Bt.p, c = BigInt(3), t = BigInt(6), u = BigInt(11), m = BigInt(22), g = BigInt(23), p = BigInt(44), v = BigInt(88), U = e * e * e % n, H = U * U * e % n, V = xe(H, c, n) * H % n, E = xe(V, c, n) * H % n, b = xe(E, Vt, n) * U % n, S = xe(b, u, n) * b % n, A = xe(S, m, n) * S % n, M = xe(A, p, n) * A % n, Q = xe(M, v, n) * M % n, F = xe(Q, p, n) * A % n, G = xe(F, c, n) * H % n, se = xe(G, g, n) * S % n, ie = xe(se, t, n) * U % n, j = xe(ie, Vt, n);
   if (!ht.eql(ht.sqr(j), e))
     throw new Error("Cannot find square root");
   return j;
 }
-const ht = De(Bt.p, { sqrt: Fn }), or = Qn({ ...Bt, Fp: ht, lowS: !0, endo: Jn }, wn);
+const ht = ze(Bt.p, { sqrt: Fn }), ir = Qn({ ...Bt, Fp: ht, lowS: !0, endo: Jn }, wn);
 export {
-  rr as F,
-  tr as a,
+  sr as F,
+  rr as a,
   $e as b,
-  pn as c,
-  nr as d,
-  et as e,
+  tr as c,
+  pn as d,
+  or as e,
+  et as f,
+  er as g,
   qe as m,
-  er as r,
-  or as s
+  nr as r,
+  ir as s
 };