npm - @btc-vision/transaction - Versions diffs - 1.8.6 → 1.8.7-beta.0 - Mend

@btc-vision/transaction 1.8.6 → 1.8.7-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (692) hide show

package/browser/noble-curves.js CHANGED Viewed

@@ -1,114 +1,119 @@
-import { n as Bt, r as je } from "./rolldown-runtime.js";
-function Kt(t) {
-  return t instanceof Uint8Array || ArrayBuffer.isView(t) && t.constructor.name === "Uint8Array";
+import { n as Dt, r as Bn } from "./rolldown-runtime.js";
+function Sn(t) {
+  return t instanceof Uint8Array || ArrayBuffer.isView(t) && t.constructor.name === "Uint8Array" && "BYTES_PER_ELEMENT" in t && t.BYTES_PER_ELEMENT === 1;
 }
-function xt(t, e = "") {
+function Pt(t, n = "") {
+  if (typeof t != "number") {
+    const e = n && `"${n}" `;
+    throw new TypeError(`${e}expected number, got ${typeof t}`);
+  }
   if (!Number.isSafeInteger(t) || t < 0) {
-    const r = e && `"${e}" `;
-    throw new Error(`${r}expected integer >= 0, got ${t}`);
+    const e = n && `"${n}" `;
+    throw new RangeError(`${e}expected integer >= 0, got ${t}`);
   }
 }
-function C(t, e, r = "") {
-  const n = Kt(t), o = t?.length, s = e !== void 0;
-  if (!n || s && o !== e) {
-    const i = r && `"${r}" `, c = s ? ` of length ${e}` : "", f = n ? `length=${o}` : `type=${typeof t}`;
-    throw new Error(i + "expected Uint8Array" + c + ", got " + f);
+function zt(t, n, e = "") {
+  const r = Sn(t), o = t?.length, i = n !== void 0;
+  if (!r || i && o !== n) {
+    const a = e && `"${e}" `, f = i ? ` of length ${n}` : "", l = r ? `length=${o}` : `type=${typeof t}`, g = a + "expected Uint8Array" + f + ", got " + l;
+    throw r ? new RangeError(g) : new TypeError(g);
   }
   return t;
 }
-function Ye(t) {
-  if (typeof t != "function" || typeof t.create != "function") throw new Error("Hash must wrapped by utils.createHasher");
-  xt(t.outputLen), xt(t.blockLen);
+function An(t) {
+  if (typeof t != "function" || typeof t.create != "function") throw new TypeError("Hash must wrapped by utils.createHasher");
+  if (Pt(t.outputLen), Pt(t.blockLen), t.outputLen < 1) throw new Error('"outputLen" must be >= 1');
+  if (t.blockLen < 1) throw new Error('"blockLen" must be >= 1');
 }
-function Vt(t, e = !0) {
+function de(t, n = !0) {
   if (t.destroyed) throw new Error("Hash instance has been destroyed");
-  if (e && t.finished) throw new Error("Hash#digest() has already been called");
-}
-function Rn(t, e) {
-  C(t, void 0, "digestInto() output");
-  const r = e.outputLen;
-  if (t.length < r) throw new Error('"digestInto() output" expected to be of length >=' + r);
+  if (n && t.finished) throw new Error("Hash#digest() has already been called");
 }
-function Hr(t) {
-  return new Uint32Array(t.buffer, t.byteOffset, Math.floor(t.byteLength / 4));
+function Rn(t, n) {
+  zt(t, void 0, "digestInto() output");
+  const e = n.outputLen;
+  if (t.length < e) throw new RangeError('"digestInto() output" expected to be of length >=' + e);
 }
-function At(...t) {
-  for (let e = 0; e < t.length; e++) t[e].fill(0);
+function Kt(...t) {
+  for (let n = 0; n < t.length; n++) t[n].fill(0);
 }
-function ee(t) {
+function Be(t) {
   return new DataView(t.buffer, t.byteOffset, t.byteLength);
 }
-function st(t, e) {
-  return t << 32 - e | t >>> e;
-}
-function Ir(t, e) {
-  return t << e | t >>> 32 - e >>> 0;
+function vt(t, n) {
+  return t << 32 - n | t >>> n;
 }
-function On(t) {
-  return t << 24 & 4278190080 | t << 8 & 16711680 | t >>> 8 & 65280 | t >>> 24 & 255;
+function Ho(t, n) {
+  return t << n | t >>> 32 - n >>> 0;
 }
-function Hn(t) {
-  for (let e = 0; e < t.length; e++) t[e] = On(t[e]);
-  return t;
+function Ke(t) {
+  if (zt(t), Xe) return t.toHex();
+  let n = "";
+  for (let e = 0; e < t.length; e++) n += On[t[e]];
+  return n;
 }
-function Xt(t) {
-  if (C(t), pe) return t.toHex();
-  let e = "";
-  for (let r = 0; r < t.length; r++) e += Ke[t[r]];
-  return e;
+function sn(t) {
+  if (t >= xt._0 && t <= xt._9) return t - xt._0;
+  if (t >= xt.A && t <= xt.F) return t - (xt.A - 10);
+  if (t >= xt.a && t <= xt.f) return t - (xt.a - 10);
 }
-function Oe(t) {
-  if (t >= it._0 && t <= it._9) return t - it._0;
-  if (t >= it.A && t <= it.F) return t - (it.A - 10);
-  if (t >= it.a && t <= it.f) return t - (it.a - 10);
-}
-function Mt(t) {
-  if (typeof t != "string") throw new Error("hex string expected, got " + typeof t);
-  if (pe) return Uint8Array.fromHex(t);
-  const e = t.length, r = e / 2;
-  if (e % 2) throw new Error("hex string expected, got unpadded hex of length " + e);
-  const n = new Uint8Array(r);
-  for (let o = 0, s = 0; o < r; o++, s += 2) {
-    const i = Oe(t.charCodeAt(s)), c = Oe(t.charCodeAt(s + 1));
-    if (i === void 0 || c === void 0) {
-      const f = t[s] + t[s + 1];
-      throw new Error('hex string expected, got non-hex character "' + f + '" at index ' + s);
-    }
-    n[o] = i * 16 + c;
+function _n(t) {
+  if (typeof t != "string") throw new TypeError("hex string expected, got " + typeof t);
+  if (Xe) try {
+    return Uint8Array.fromHex(t);
+  } catch (o) {
+    throw o instanceof SyntaxError ? new RangeError(o.message) : o;
+  }
+  const n = t.length, e = n / 2;
+  if (n % 2) throw new RangeError("hex string expected, got unpadded hex of length " + n);
+  const r = new Uint8Array(e);
+  for (let o = 0, i = 0; o < e; o++, i += 2) {
+    const a = sn(t.charCodeAt(i)), f = sn(t.charCodeAt(i + 1));
+    if (a === void 0 || f === void 0) {
+      const l = t[i] + t[i + 1];
+      throw new RangeError('hex string expected, got non-hex character "' + l + '" at index ' + i);
+    }
+    r[o] = a * 16 + f;
   }
-  return n;
+  return r;
 }
-function P(...t) {
-  let e = 0;
-  for (let n = 0; n < t.length; n++) {
-    const o = t[n];
-    C(o), e += o.length;
+function Nt(t) {
+  if (typeof t != "string") throw new TypeError("string expected");
+  return new Uint8Array(new TextEncoder().encode(t));
+}
+function br(...t) {
+  let n = 0;
+  for (let r = 0; r < t.length; r++) {
+    const o = t[r];
+    zt(o), n += o.length;
   }
-  const r = new Uint8Array(e);
-  for (let n = 0, o = 0; n < t.length; n++) {
-    const s = t[n];
-    r.set(s, o), o += s.length;
+  const e = new Uint8Array(n);
+  for (let r = 0, o = 0; r < t.length; r++) {
+    const i = t[r];
+    e.set(i, o), o += i.length;
   }
-  return r;
+  return e;
 }
-function _t(t, e = {}) {
-  const r = (o, s) => t(s).update(o).digest(), n = t(void 0);
-  return r.outputLen = n.outputLen, r.blockLen = n.blockLen, r.create = (o) => t(o), Object.assign(r, e), Object.freeze(r);
+function Yt(t, n = {}) {
+  const e = (o, i) => t(i).update(o).digest(), r = t(void 0);
+  return e.outputLen = r.outputLen, e.blockLen = r.blockLen, e.canXOF = r.canXOF, e.create = (o) => t(o), Object.assign(e, n), Object.freeze(e);
 }
-function Ge(t = 32) {
-  const e = typeof globalThis == "object" ? globalThis.crypto : null;
-  if (typeof e?.getRandomValues != "function") throw new Error("crypto.getRandomValues must be defined");
-  return e.getRandomValues(new Uint8Array(t));
+function yr(t = 32) {
+  Pt(t, "bytesLength");
+  const n = typeof globalThis == "object" ? globalThis.crypto : null;
+  if (typeof n?.getRandomValues != "function") throw new Error("crypto.getRandomValues must be defined");
+  if (t > 65536) throw new RangeError(`"bytesLength" expected <= 65536, got ${t}`);
+  return n.getRandomValues(new Uint8Array(t));
 }
-var He, In, pe, Ke, it, mt, Nt = Bt((() => {
-  He = new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68, In = He ? (t) => t : Hn, pe = typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function", Ke = /* @__PURE__ */ Array.from({ length: 256 }, (t, e) => e.toString(16).padStart(2, "0")), it = {
+var pr, Xe, On, xt, Lt, Qt = Dt((() => {
+  pr = new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68, Xe = typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function", On = /* @__PURE__ */ Array.from({ length: 256 }, (t, n) => n.toString(16).padStart(2, "0")), xt = {
     _0: 48,
     _9: 57,
     A: 65,
     F: 70,
     a: 97,
     f: 102
-  }, mt = (t) => ({ oid: Uint8Array.from([
+  }, Lt = (t) => ({ oid: Uint8Array.from([
     6,
     9,
     96,
@@ -121,32 +126,35 @@ var He, In, pe, Ke, it, mt, Nt = Bt((() => {
     2,
     t
   ]) });
-})), Lr = /* @__PURE__ */ je({
-  _HMAC: () => kt,
-  hmac: () => $t
-}), kt, $t, Ln = Bt((() => {
-  Nt(), kt = class {
+})), To = /* @__PURE__ */ Bn({
+  _HMAC: () => le,
+  hmac: () => We
+}), le, We, Er = Dt((() => {
+  Qt(), le = class {
     oHash;
     iHash;
     blockLen;
     outputLen;
+    canXOF = !1;
     finished = !1;
     destroyed = !1;
-    constructor(t, e) {
-      if (Ye(t), C(e, void 0, "key"), this.iHash = t.create(), typeof this.iHash.update != "function") throw new Error("Expected instance of class which extends utils.Hash");
+    constructor(t, n) {
+      if (An(t), zt(n, void 0, "key"), this.iHash = t.create(), typeof this.iHash.update != "function") throw new Error("Expected instance of class which extends utils.Hash");
       this.blockLen = this.iHash.blockLen, this.outputLen = this.iHash.outputLen;
-      const r = this.blockLen, n = new Uint8Array(r);
-      n.set(e.length > r ? t.create().update(e).digest() : e);
-      for (let o = 0; o < n.length; o++) n[o] ^= 54;
-      this.iHash.update(n), this.oHash = t.create();
-      for (let o = 0; o < n.length; o++) n[o] ^= 106;
-      this.oHash.update(n), At(n);
+      const e = this.blockLen, r = new Uint8Array(e);
+      r.set(n.length > e ? t.create().update(n).digest() : n);
+      for (let o = 0; o < r.length; o++) r[o] ^= 54;
+      this.iHash.update(r), this.oHash = t.create();
+      for (let o = 0; o < r.length; o++) r[o] ^= 106;
+      this.oHash.update(r), Kt(r);
     }
     update(t) {
-      return Vt(this), this.iHash.update(t), this;
+      return de(this), this.iHash.update(t), this;
     }
     digestInto(t) {
-      Vt(this), C(t, this.outputLen, "output"), this.finished = !0, this.iHash.digestInto(t), this.oHash.update(t), this.oHash.digestInto(t), this.destroy();
+      de(this), Rn(t, this), this.finished = !0;
+      const n = t.subarray(0, this.outputLen);
+      this.iHash.digestInto(n), this.oHash.update(n), this.oHash.digestInto(n), this.destroy();
     }
     digest() {
       const t = new Uint8Array(this.oHash.outputLen);
@@ -154,8 +162,8 @@ var He, In, pe, Ke, it, mt, Nt = Bt((() => {
     }
     _cloneInto(t) {
       t ||= Object.create(Object.getPrototypeOf(this), {});
-      const { oHash: e, iHash: r, finished: n, destroyed: o, blockLen: s, outputLen: i } = this;
-      return t = t, t.finished = n, t.destroyed = o, t.blockLen = s, t.outputLen = i, t.oHash = e._cloneInto(t.oHash), t.iHash = r._cloneInto(t.iHash), t;
+      const { oHash: n, iHash: e, finished: r, destroyed: o, blockLen: i, outputLen: a } = this;
+      return t = t, t.finished = r, t.destroyed = o, t.blockLen = i, t.outputLen = a, t.oHash = n._cloneInto(t.oHash), t.iHash = e._cloneInto(t.iHash), t;
     }
     clone() {
       return this._cloneInto();
@@ -163,18 +171,22 @@ var He, In, pe, Ke, it, mt, Nt = Bt((() => {
     destroy() {
       this.destroyed = !0, this.oHash.destroy(), this.iHash.destroy();
     }
-  }, $t = (t, e, r) => new kt(t, e).update(r).digest(), $t.create = (t, e) => new kt(t, e);
+  }, We = /* @__PURE__ */ (() => {
+    const t = ((n, e, r) => new le(n, e).update(r).digest());
+    return t.create = (n, e) => new le(n, e), t;
+  })();
 }));
-function qn(t, e, r) {
-  return t & e ^ ~t & r;
+function vr(t, n, e) {
+  return t & n ^ ~t & e;
 }
-function Un(t, e, r) {
-  return t & e ^ t & r ^ e & r;
+function xr(t, n, e) {
+  return t & n ^ t & e ^ n & e;
 }
-var ae, dt, ht, K, X, Nn = Bt((() => {
-  Nt(), ae = class {
+var Fe, Ht, Tt, lt, ut, Br = Dt((() => {
+  Qt(), Fe = class {
     blockLen;
     outputLen;
+    canXOF = !1;
     padOffset;
     isLE;
     buffer;
@@ -183,51 +195,51 @@ var ae, dt, ht, K, X, Nn = Bt((() => {
     length = 0;
     pos = 0;
     destroyed = !1;
-    constructor(t, e, r, n) {
-      this.blockLen = t, this.outputLen = e, this.padOffset = r, this.isLE = n, this.buffer = new Uint8Array(t), this.view = ee(this.buffer);
+    constructor(t, n, e, r) {
+      this.blockLen = t, this.outputLen = n, this.padOffset = e, this.isLE = r, this.buffer = new Uint8Array(t), this.view = Be(this.buffer);
     }
     update(t) {
-      Vt(this), C(t);
-      const { view: e, buffer: r, blockLen: n } = this, o = t.length;
-      for (let s = 0; s < o; ) {
-        const i = Math.min(n - this.pos, o - s);
-        if (i === n) {
-          const c = ee(t);
-          for (; n <= o - s; s += n) this.process(c, s);
+      de(this), zt(t);
+      const { view: n, buffer: e, blockLen: r } = this, o = t.length;
+      for (let i = 0; i < o; ) {
+        const a = Math.min(r - this.pos, o - i);
+        if (a === r) {
+          const f = Be(t);
+          for (; r <= o - i; i += r) this.process(f, i);
           continue;
         }
-        r.set(t.subarray(s, s + i), this.pos), this.pos += i, s += i, this.pos === n && (this.process(e, 0), this.pos = 0);
+        e.set(t.subarray(i, i + a), this.pos), this.pos += a, i += a, this.pos === r && (this.process(n, 0), this.pos = 0);
       }
       return this.length += t.length, this.roundClean(), this;
     }
     digestInto(t) {
-      Vt(this), Rn(t, this), this.finished = !0;
-      const { buffer: e, view: r, blockLen: n, isLE: o } = this;
-      let { pos: s } = this;
-      e[s++] = 128, At(this.buffer.subarray(s)), this.padOffset > n - s && (this.process(r, 0), s = 0);
-      for (let a = s; a < n; a++) e[a] = 0;
-      r.setBigUint64(n - 8, BigInt(this.length * 8), o), this.process(r, 0);
-      const i = ee(t), c = this.outputLen;
-      if (c % 4) throw new Error("_sha2: outputLen must be aligned to 32bit");
-      const f = c / 4, l = this.get();
-      if (f > l.length) throw new Error("_sha2: outputLen bigger than state");
-      for (let a = 0; a < f; a++) i.setUint32(4 * a, l[a], o);
+      de(this), Rn(t, this), this.finished = !0;
+      const { buffer: n, view: e, blockLen: r, isLE: o } = this;
+      let { pos: i } = this;
+      n[i++] = 128, Kt(this.buffer.subarray(i)), this.padOffset > r - i && (this.process(e, 0), i = 0);
+      for (let s = i; s < r; s++) n[s] = 0;
+      e.setBigUint64(r - 8, BigInt(this.length * 8), o), this.process(e, 0);
+      const a = Be(t), f = this.outputLen;
+      if (f % 4) throw new Error("_sha2: outputLen must be aligned to 32bit");
+      const l = f / 4, g = this.get();
+      if (l > g.length) throw new Error("_sha2: outputLen bigger than state");
+      for (let s = 0; s < l; s++) a.setUint32(4 * s, g[s], o);
     }
     digest() {
-      const { buffer: t, outputLen: e } = this;
+      const { buffer: t, outputLen: n } = this;
       this.digestInto(t);
-      const r = t.slice(0, e);
-      return this.destroy(), r;
+      const e = t.slice(0, n);
+      return this.destroy(), e;
     }
     _cloneInto(t) {
       t ||= new this.constructor(), t.set(...this.get());
-      const { blockLen: e, buffer: r, length: n, finished: o, destroyed: s, pos: i } = this;
-      return t.destroyed = s, t.finished = o, t.length = n, t.pos = i, n % e && t.buffer.set(r), t;
+      const { blockLen: n, buffer: e, length: r, finished: o, destroyed: i, pos: a } = this;
+      return t.destroyed = i, t.finished = o, t.length = r, t.pos = a, r % n && t.buffer.set(e), t;
     }
     clone() {
       return this._cloneInto();
     }
-  }, dt = /* @__PURE__ */ Uint32Array.from([
+  }, Ht = /* @__PURE__ */ Uint32Array.from([
     1779033703,
     3144134277,
     1013904242,
@@ -236,7 +248,7 @@ var ae, dt, ht, K, X, Nn = Bt((() => {
     2600822924,
     528734635,
     1541459225
-  ]), ht = /* @__PURE__ */ Uint32Array.from([
+  ]), Tt = /* @__PURE__ */ Uint32Array.from([
     3238371032,
     914150663,
     812702999,
@@ -245,7 +257,7 @@ var ae, dt, ht, K, X, Nn = Bt((() => {
     1750603025,
     1694076839,
     3204075428
-  ]), K = /* @__PURE__ */ Uint32Array.from([
+  ]), lt = /* @__PURE__ */ Uint32Array.from([
     3418070365,
     3238371032,
     1654270250,
@@ -262,7 +274,7 @@ var ae, dt, ht, K, X, Nn = Bt((() => {
     1694076839,
     1203062813,
     3204075428
-  ]), X = /* @__PURE__ */ Uint32Array.from([
+  ]), ut = /* @__PURE__ */ Uint32Array.from([
     1779033703,
     4089235720,
     3144134277,
@@ -281,48 +293,48 @@ var ae, dt, ht, K, X, Nn = Bt((() => {
     327033209
   ]);
 }));
-function Dn(t, e = !1) {
-  return e ? {
-    h: Number(t & It),
-    l: Number(t >> le & It)
+function Sr(t, n = !1) {
+  return n ? {
+    h: Number(t & ee),
+    l: Number(t >> Ie & ee)
   } : {
-    h: Number(t >> le & It) | 0,
-    l: Number(t & It) | 0
+    h: Number(t >> Ie & ee) | 0,
+    l: Number(t & ee) | 0
   };
 }
-function Cn(t, e = !1) {
-  const r = t.length;
-  let n = new Uint32Array(r), o = new Uint32Array(r);
-  for (let s = 0; s < r; s++) {
-    const { h: i, l: c } = Dn(t[s], e);
-    [n[s], o[s]] = [i, c];
+function Ar(t, n = !1) {
+  const e = t.length;
+  let r = new Uint32Array(e), o = new Uint32Array(e);
+  for (let i = 0; i < e; i++) {
+    const { h: a, l: f } = Sr(t[i], n);
+    [r[i], o[i]] = [a, f];
   }
-  return [n, o];
+  return [r, o];
 }
-function ft(t, e, r, n) {
-  const o = (e >>> 0) + (n >>> 0);
+function At(t, n, e, r) {
+  const o = (n >>> 0) + (r >>> 0);
   return {
-    h: t + r + (o / 2 ** 32 | 0) | 0,
+    h: t + e + (o / 2 ** 32 | 0) | 0,
     l: o | 0
   };
 }
-var It, le, ue, de, yt, Et, Lt, qt, Zn, kn, Tn, Vn, Xe, ze, We, Qe, Je, Pe, Mn = Bt((() => {
-  It = /* @__PURE__ */ BigInt(2 ** 32 - 1), le = /* @__PURE__ */ BigInt(32), ue = (t, e, r) => t >>> r, de = (t, e, r) => t << 32 - r | e >>> r, yt = (t, e, r) => t >>> r | e << 32 - r, Et = (t, e, r) => t << 32 - r | e >>> r, Lt = (t, e, r) => t << 64 - r | e >>> r - 32, qt = (t, e, r) => t >>> r - 32 | e << 64 - r, Zn = (t, e, r) => t << r | e >>> 32 - r, kn = (t, e, r) => e << r | t >>> 32 - r, Tn = (t, e, r) => e << r - 32 | t >>> 64 - r, Vn = (t, e, r) => t << r - 32 | e >>> 64 - r, Xe = (t, e, r) => (t >>> 0) + (e >>> 0) + (r >>> 0), ze = (t, e, r, n) => e + r + n + (t / 2 ** 32 | 0) | 0, We = (t, e, r, n) => (t >>> 0) + (e >>> 0) + (r >>> 0) + (n >>> 0), Qe = (t, e, r, n, o) => e + r + n + o + (t / 2 ** 32 | 0) | 0, Je = (t, e, r, n, o) => (t >>> 0) + (e >>> 0) + (r >>> 0) + (n >>> 0) + (o >>> 0), Pe = (t, e, r, n, o, s) => e + r + n + o + s + (t / 2 ** 32 | 0) | 0;
-})), qr = /* @__PURE__ */ je({
-  _SHA224: () => be,
-  _SHA256: () => he,
-  _SHA384: () => ge,
-  _SHA512: () => we,
-  _SHA512_224: () => me,
-  _SHA512_256: () => ye,
-  sha224: () => Fe,
-  sha256: () => zt,
-  sha384: () => en,
-  sha512: () => tn,
-  sha512_224: () => rn,
-  sha512_256: () => nn
-}), Ie, at, ne, he, be, re, Le, qe, lt, ut, Ht, we, ge, Y, G, me, ye, zt, Fe, tn, en, nn, rn, $n = Bt((() => {
-  Nn(), Mn(), Nt(), Ie = /* @__PURE__ */ Uint32Array.from([
+var ee, Ie, Ne, je, Ut, qt, ne, re, Hn, Tn, Fn, In, Nn, jn, Rr = Dt((() => {
+  ee = /* @__PURE__ */ BigInt(2 ** 32 - 1), Ie = /* @__PURE__ */ BigInt(32), Ne = (t, n, e) => t >>> e, je = (t, n, e) => t << 32 - e | n >>> e, Ut = (t, n, e) => t >>> e | n << 32 - e, qt = (t, n, e) => t << 32 - e | n >>> e, ne = (t, n, e) => t << 64 - e | n >>> e - 32, re = (t, n, e) => t >>> e - 32 | n << 64 - e, Hn = (t, n, e) => (t >>> 0) + (n >>> 0) + (e >>> 0), Tn = (t, n, e, r) => n + e + r + (t / 2 ** 32 | 0) | 0, Fn = (t, n, e, r) => (t >>> 0) + (n >>> 0) + (e >>> 0) + (r >>> 0), In = (t, n, e, r, o) => n + e + r + o + (t / 2 ** 32 | 0) | 0, Nn = (t, n, e, r, o) => (t >>> 0) + (n >>> 0) + (e >>> 0) + (r >>> 0) + (o >>> 0), jn = (t, n, e, r, o, i) => n + e + r + o + i + (t / 2 ** 32 | 0) | 0;
+})), Fo = /* @__PURE__ */ Bn({
+  _SHA224: () => Le,
+  _SHA256: () => De,
+  _SHA384: () => qe,
+  _SHA512: () => Ue,
+  _SHA512_224: () => Ce,
+  _SHA512_256: () => ke,
+  sha224: () => Dn,
+  sha256: () => jt,
+  sha384: () => Un,
+  sha512: () => Ln,
+  sha512_224: () => Cn,
+  sha512_256: () => qn
+}), cn, Rt, Se, De, Le, Ae, fn, an, _t, Ot, te, Ue, qe, ft, at, Ce, ke, jt, Dn, Ln, Un, qn, Cn, _r = Dt((() => {
+  Br(), Rr(), Qt(), cn = /* @__PURE__ */ Uint32Array.from([
     1116352408,
     1899447441,
     3049323471,
@@ -387,70 +399,70 @@ var It, le, ue, de, yt, Et, Lt, qt, Zn, kn, Tn, Vn, Xe, ze, We, Qe, Je, Pe, Mn =
     2756734187,
     3204031479,
     3329325298
-  ]), at = /* @__PURE__ */ new Uint32Array(64), ne = class extends ae {
+  ]), Rt = /* @__PURE__ */ new Uint32Array(64), Se = class extends Fe {
     constructor(t) {
       super(64, t, 8, !1);
     }
     get() {
-      const { A: t, B: e, C: r, D: n, E: o, F: s, G: i, H: c } = this;
+      const { A: t, B: n, C: e, D: r, E: o, F: i, G: a, H: f } = this;
       return [
         t,
+        n,
         e,
         r,
-        n,
         o,
-        s,
         i,
-        c
+        a,
+        f
       ];
     }
-    set(t, e, r, n, o, s, i, c) {
-      this.A = t | 0, this.B = e | 0, this.C = r | 0, this.D = n | 0, this.E = o | 0, this.F = s | 0, this.G = i | 0, this.H = c | 0;
+    set(t, n, e, r, o, i, a, f) {
+      this.A = t | 0, this.B = n | 0, this.C = e | 0, this.D = r | 0, this.E = o | 0, this.F = i | 0, this.G = a | 0, this.H = f | 0;
     }
-    process(t, e) {
-      for (let a = 0; a < 16; a++, e += 4) at[a] = t.getUint32(e, !1);
-      for (let a = 16; a < 64; a++) {
-        const g = at[a - 15], b = at[a - 2], w = st(g, 7) ^ st(g, 18) ^ g >>> 3;
-        at[a] = (st(b, 17) ^ st(b, 19) ^ b >>> 10) + at[a - 7] + w + at[a - 16] | 0;
+    process(t, n) {
+      for (let s = 0; s < 16; s++, n += 4) Rt[s] = t.getUint32(n, !1);
+      for (let s = 16; s < 64; s++) {
+        const u = Rt[s - 15], d = Rt[s - 2], h = vt(u, 7) ^ vt(u, 18) ^ u >>> 3;
+        Rt[s] = (vt(d, 17) ^ vt(d, 19) ^ d >>> 10) + Rt[s - 7] + h + Rt[s - 16] | 0;
       }
-      let { A: r, B: n, C: o, D: s, E: i, F: c, G: f, H: l } = this;
-      for (let a = 0; a < 64; a++) {
-        const g = st(i, 6) ^ st(i, 11) ^ st(i, 25), b = l + g + qn(i, c, f) + Ie[a] + at[a] | 0, w = (st(r, 2) ^ st(r, 13) ^ st(r, 22)) + Un(r, n, o) | 0;
-        l = f, f = c, c = i, i = s + b | 0, s = o, o = n, n = r, r = b + w | 0;
+      let { A: e, B: r, C: o, D: i, E: a, F: f, G: l, H: g } = this;
+      for (let s = 0; s < 64; s++) {
+        const u = vt(a, 6) ^ vt(a, 11) ^ vt(a, 25), d = g + u + vr(a, f, l) + cn[s] + Rt[s] | 0, h = (vt(e, 2) ^ vt(e, 13) ^ vt(e, 22)) + xr(e, r, o) | 0;
+        g = l, l = f, f = a, a = i + d | 0, i = o, o = r, r = e, e = d + h | 0;
       }
-      r = r + this.A | 0, n = n + this.B | 0, o = o + this.C | 0, s = s + this.D | 0, i = i + this.E | 0, c = c + this.F | 0, f = f + this.G | 0, l = l + this.H | 0, this.set(r, n, o, s, i, c, f, l);
+      e = e + this.A | 0, r = r + this.B | 0, o = o + this.C | 0, i = i + this.D | 0, a = a + this.E | 0, f = f + this.F | 0, l = l + this.G | 0, g = g + this.H | 0, this.set(e, r, o, i, a, f, l, g);
     }
     roundClean() {
-      At(at);
+      Kt(Rt);
     }
     destroy() {
-      this.set(0, 0, 0, 0, 0, 0, 0, 0), At(this.buffer);
-    }
-  }, he = class extends ne {
-    A = dt[0] | 0;
-    B = dt[1] | 0;
-    C = dt[2] | 0;
-    D = dt[3] | 0;
-    E = dt[4] | 0;
-    F = dt[5] | 0;
-    G = dt[6] | 0;
-    H = dt[7] | 0;
+      this.destroyed = !0, this.set(0, 0, 0, 0, 0, 0, 0, 0), Kt(this.buffer);
+    }
+  }, De = class extends Se {
+    A = Ht[0] | 0;
+    B = Ht[1] | 0;
+    C = Ht[2] | 0;
+    D = Ht[3] | 0;
+    E = Ht[4] | 0;
+    F = Ht[5] | 0;
+    G = Ht[6] | 0;
+    H = Ht[7] | 0;
     constructor() {
       super(32);
     }
-  }, be = class extends ne {
-    A = ht[0] | 0;
-    B = ht[1] | 0;
-    C = ht[2] | 0;
-    D = ht[3] | 0;
-    E = ht[4] | 0;
-    F = ht[5] | 0;
-    G = ht[6] | 0;
-    H = ht[7] | 0;
+  }, Le = class extends Se {
+    A = Tt[0] | 0;
+    B = Tt[1] | 0;
+    C = Tt[2] | 0;
+    D = Tt[3] | 0;
+    E = Tt[4] | 0;
+    F = Tt[5] | 0;
+    G = Tt[6] | 0;
+    H = Tt[7] | 0;
     constructor() {
       super(28);
     }
-  }, re = Cn([
+  }, Ae = Ar([
     "0x428a2f98d728ae22",
     "0x7137449123ef65cd",
     "0xb5c0fbcfec4d3b2f",
@@ -531,97 +543,97 @@ var It, le, ue, de, yt, Et, Lt, qt, Zn, kn, Tn, Vn, Xe, ze, We, Qe, Je, Pe, Mn =
     "0x597f299cfc657e2a",
     "0x5fcb6fab3ad6faec",
     "0x6c44198c4a475817"
-  ].map((t) => BigInt(t))), Le = re[0], qe = re[1], lt = /* @__PURE__ */ new Uint32Array(80), ut = /* @__PURE__ */ new Uint32Array(80), Ht = class extends ae {
+  ].map((t) => BigInt(t))), fn = Ae[0], an = Ae[1], _t = /* @__PURE__ */ new Uint32Array(80), Ot = /* @__PURE__ */ new Uint32Array(80), te = class extends Fe {
     constructor(t) {
       super(128, t, 16, !1);
     }
     get() {
-      const { Ah: t, Al: e, Bh: r, Bl: n, Ch: o, Cl: s, Dh: i, Dl: c, Eh: f, El: l, Fh: a, Fl: g, Gh: b, Gl: w, Hh: m, Hl: x } = this;
+      const { Ah: t, Al: n, Bh: e, Bl: r, Ch: o, Cl: i, Dh: a, Dl: f, Eh: l, El: g, Fh: s, Fl: u, Gh: d, Gl: h, Hh: w, Hl: b } = this;
       return [
         t,
+        n,
         e,
         r,
-        n,
         o,
-        s,
         i,
-        c,
+        a,
         f,
         l,
-        a,
         g,
-        b,
+        s,
+        u,
+        d,
+        h,
         w,
-        m,
-        x
+        b
       ];
     }
-    set(t, e, r, n, o, s, i, c, f, l, a, g, b, w, m, x) {
-      this.Ah = t | 0, this.Al = e | 0, this.Bh = r | 0, this.Bl = n | 0, this.Ch = o | 0, this.Cl = s | 0, this.Dh = i | 0, this.Dl = c | 0, this.Eh = f | 0, this.El = l | 0, this.Fh = a | 0, this.Fl = g | 0, this.Gh = b | 0, this.Gl = w | 0, this.Hh = m | 0, this.Hl = x | 0;
+    set(t, n, e, r, o, i, a, f, l, g, s, u, d, h, w, b) {
+      this.Ah = t | 0, this.Al = n | 0, this.Bh = e | 0, this.Bl = r | 0, this.Ch = o | 0, this.Cl = i | 0, this.Dh = a | 0, this.Dl = f | 0, this.Eh = l | 0, this.El = g | 0, this.Fh = s | 0, this.Fl = u | 0, this.Gh = d | 0, this.Gl = h | 0, this.Hh = w | 0, this.Hl = b | 0;
     }
-    process(t, e) {
-      for (let E = 0; E < 16; E++, e += 4)
-        lt[E] = t.getUint32(e), ut[E] = t.getUint32(e += 4);
-      for (let E = 16; E < 80; E++) {
-        const L = lt[E - 15] | 0, I = ut[E - 15] | 0, V = yt(L, I, 1) ^ yt(L, I, 8) ^ ue(L, I, 7), M = Et(L, I, 1) ^ Et(L, I, 8) ^ de(L, I, 7), D = lt[E - 2] | 0, N = ut[E - 2] | 0, O = yt(D, N, 19) ^ Lt(D, N, 61) ^ ue(D, N, 6), nt = Et(D, N, 19) ^ qt(D, N, 61) ^ de(D, N, 6), F = We(M, nt, ut[E - 7], ut[E - 16]);
-        lt[E] = Qe(F, V, O, lt[E - 7], lt[E - 16]) | 0, ut[E] = F | 0;
+    process(t, n) {
+      for (let B = 0; B < 16; B++, n += 4)
+        _t[B] = t.getUint32(n), Ot[B] = t.getUint32(n += 4);
+      for (let B = 16; B < 80; B++) {
+        const C = _t[B - 15] | 0, O = Ot[B - 15] | 0, F = Ut(C, O, 1) ^ Ut(C, O, 8) ^ Ne(C, O, 7), z = qt(C, O, 1) ^ qt(C, O, 8) ^ je(C, O, 7), W = _t[B - 2] | 0, N = Ot[B - 2] | 0, V = Ut(W, N, 19) ^ ne(W, N, 61) ^ Ne(W, N, 6), K = qt(W, N, 19) ^ re(W, N, 61) ^ je(W, N, 6), M = Fn(z, K, Ot[B - 7], Ot[B - 16]);
+        _t[B] = In(M, F, V, _t[B - 7], _t[B - 16]) | 0, Ot[B] = M | 0;
       }
-      let { Ah: r, Al: n, Bh: o, Bl: s, Ch: i, Cl: c, Dh: f, Dl: l, Eh: a, El: g, Fh: b, Fl: w, Gh: m, Gl: x, Hh: v, Hl: B } = this;
-      for (let E = 0; E < 80; E++) {
-        const L = yt(a, g, 14) ^ yt(a, g, 18) ^ Lt(a, g, 41), I = Et(a, g, 14) ^ Et(a, g, 18) ^ qt(a, g, 41), V = a & b ^ ~a & m, M = g & w ^ ~g & x, D = Je(B, I, M, qe[E], ut[E]), N = Pe(D, v, L, V, Le[E], lt[E]), O = D | 0, nt = yt(r, n, 28) ^ Lt(r, n, 34) ^ Lt(r, n, 39), F = Et(r, n, 28) ^ qt(r, n, 34) ^ qt(r, n, 39), U = r & o ^ r & i ^ o & i, h = n & s ^ n & c ^ s & c;
-        v = m | 0, B = x | 0, m = b | 0, x = w | 0, b = a | 0, w = g | 0, { h: a, l: g } = ft(f | 0, l | 0, N | 0, O | 0), f = i | 0, l = c | 0, i = o | 0, c = s | 0, o = r | 0, s = n | 0;
-        const d = Xe(O, F, h);
-        r = ze(d, N, nt, U), n = d | 0;
+      let { Ah: e, Al: r, Bh: o, Bl: i, Ch: a, Cl: f, Dh: l, Dl: g, Eh: s, El: u, Fh: d, Fl: h, Gh: w, Gl: b, Hh: E, Hl: T } = this;
+      for (let B = 0; B < 80; B++) {
+        const C = Ut(s, u, 14) ^ Ut(s, u, 18) ^ ne(s, u, 41), O = qt(s, u, 14) ^ qt(s, u, 18) ^ re(s, u, 41), F = s & d ^ ~s & w, z = u & h ^ ~u & b, W = Nn(T, O, z, an[B], Ot[B]), N = jn(W, E, C, F, fn[B], _t[B]), V = W | 0, K = Ut(e, r, 28) ^ ne(e, r, 34) ^ ne(e, r, 39), M = qt(e, r, 28) ^ re(e, r, 34) ^ re(e, r, 39), v = e & o ^ e & a ^ o & a, H = r & i ^ r & f ^ i & f;
+        E = w | 0, T = b | 0, w = d | 0, b = h | 0, d = s | 0, h = u | 0, { h: s, l: u } = At(l | 0, g | 0, N | 0, V | 0), l = a | 0, g = f | 0, a = o | 0, f = i | 0, o = e | 0, i = r | 0;
+        const U = Hn(V, M, H);
+        e = Tn(U, N, K, v), r = U | 0;
       }
-      ({ h: r, l: n } = ft(this.Ah | 0, this.Al | 0, r | 0, n | 0)), { h: o, l: s } = ft(this.Bh | 0, this.Bl | 0, o | 0, s | 0), { h: i, l: c } = ft(this.Ch | 0, this.Cl | 0, i | 0, c | 0), { h: f, l } = ft(this.Dh | 0, this.Dl | 0, f | 0, l | 0), { h: a, l: g } = ft(this.Eh | 0, this.El | 0, a | 0, g | 0), { h: b, l: w } = ft(this.Fh | 0, this.Fl | 0, b | 0, w | 0), { h: m, l: x } = ft(this.Gh | 0, this.Gl | 0, m | 0, x | 0), { h: v, l: B } = ft(this.Hh | 0, this.Hl | 0, v | 0, B | 0), this.set(r, n, o, s, i, c, f, l, a, g, b, w, m, x, v, B);
+      ({ h: e, l: r } = At(this.Ah | 0, this.Al | 0, e | 0, r | 0)), { h: o, l: i } = At(this.Bh | 0, this.Bl | 0, o | 0, i | 0), { h: a, l: f } = At(this.Ch | 0, this.Cl | 0, a | 0, f | 0), { h: l, l: g } = At(this.Dh | 0, this.Dl | 0, l | 0, g | 0), { h: s, l: u } = At(this.Eh | 0, this.El | 0, s | 0, u | 0), { h: d, l: h } = At(this.Fh | 0, this.Fl | 0, d | 0, h | 0), { h: w, l: b } = At(this.Gh | 0, this.Gl | 0, w | 0, b | 0), { h: E, l: T } = At(this.Hh | 0, this.Hl | 0, E | 0, T | 0), this.set(e, r, o, i, a, f, l, g, s, u, d, h, w, b, E, T);
     }
     roundClean() {
-      At(lt, ut);
+      Kt(_t, Ot);
     }
     destroy() {
-      At(this.buffer), this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-    }
-  }, we = class extends Ht {
-    Ah = X[0] | 0;
-    Al = X[1] | 0;
-    Bh = X[2] | 0;
-    Bl = X[3] | 0;
-    Ch = X[4] | 0;
-    Cl = X[5] | 0;
-    Dh = X[6] | 0;
-    Dl = X[7] | 0;
-    Eh = X[8] | 0;
-    El = X[9] | 0;
-    Fh = X[10] | 0;
-    Fl = X[11] | 0;
-    Gh = X[12] | 0;
-    Gl = X[13] | 0;
-    Hh = X[14] | 0;
-    Hl = X[15] | 0;
+      this.destroyed = !0, Kt(this.buffer), this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+    }
+  }, Ue = class extends te {
+    Ah = ut[0] | 0;
+    Al = ut[1] | 0;
+    Bh = ut[2] | 0;
+    Bl = ut[3] | 0;
+    Ch = ut[4] | 0;
+    Cl = ut[5] | 0;
+    Dh = ut[6] | 0;
+    Dl = ut[7] | 0;
+    Eh = ut[8] | 0;
+    El = ut[9] | 0;
+    Fh = ut[10] | 0;
+    Fl = ut[11] | 0;
+    Gh = ut[12] | 0;
+    Gl = ut[13] | 0;
+    Hh = ut[14] | 0;
+    Hl = ut[15] | 0;
     constructor() {
       super(64);
     }
-  }, ge = class extends Ht {
-    Ah = K[0] | 0;
-    Al = K[1] | 0;
-    Bh = K[2] | 0;
-    Bl = K[3] | 0;
-    Ch = K[4] | 0;
-    Cl = K[5] | 0;
-    Dh = K[6] | 0;
-    Dl = K[7] | 0;
-    Eh = K[8] | 0;
-    El = K[9] | 0;
-    Fh = K[10] | 0;
-    Fl = K[11] | 0;
-    Gh = K[12] | 0;
-    Gl = K[13] | 0;
-    Hh = K[14] | 0;
-    Hl = K[15] | 0;
+  }, qe = class extends te {
+    Ah = lt[0] | 0;
+    Al = lt[1] | 0;
+    Bh = lt[2] | 0;
+    Bl = lt[3] | 0;
+    Ch = lt[4] | 0;
+    Cl = lt[5] | 0;
+    Dh = lt[6] | 0;
+    Dl = lt[7] | 0;
+    Eh = lt[8] | 0;
+    El = lt[9] | 0;
+    Fh = lt[10] | 0;
+    Fl = lt[11] | 0;
+    Gh = lt[12] | 0;
+    Gl = lt[13] | 0;
+    Hh = lt[14] | 0;
+    Hl = lt[15] | 0;
     constructor() {
       super(48);
     }
-  }, Y = /* @__PURE__ */ Uint32Array.from([
+  }, ft = /* @__PURE__ */ Uint32Array.from([
     2352822216,
     424955298,
     1944164710,
@@ -638,7 +650,7 @@ var It, le, ue, de, yt, Et, Lt, qt, Zn, kn, Tn, Vn, Xe, ze, We, Qe, Je, Pe, Mn =
     1780299464,
     286451373,
     2446758561
-  ]), G = /* @__PURE__ */ Uint32Array.from([
+  ]), at = /* @__PURE__ */ Uint32Array.from([
     573645204,
     4230739756,
     2673172387,
@@ -655,285 +667,376 @@ var It, le, ue, de, yt, Et, Lt, qt, Zn, kn, Tn, Vn, Xe, ze, We, Qe, Je, Pe, Mn =
     746961066,
     246885852,
     2177182882
-  ]), me = class extends Ht {
-    Ah = Y[0] | 0;
-    Al = Y[1] | 0;
-    Bh = Y[2] | 0;
-    Bl = Y[3] | 0;
-    Ch = Y[4] | 0;
-    Cl = Y[5] | 0;
-    Dh = Y[6] | 0;
-    Dl = Y[7] | 0;
-    Eh = Y[8] | 0;
-    El = Y[9] | 0;
-    Fh = Y[10] | 0;
-    Fl = Y[11] | 0;
-    Gh = Y[12] | 0;
-    Gl = Y[13] | 0;
-    Hh = Y[14] | 0;
-    Hl = Y[15] | 0;
+  ]), Ce = class extends te {
+    Ah = ft[0] | 0;
+    Al = ft[1] | 0;
+    Bh = ft[2] | 0;
+    Bl = ft[3] | 0;
+    Ch = ft[4] | 0;
+    Cl = ft[5] | 0;
+    Dh = ft[6] | 0;
+    Dl = ft[7] | 0;
+    Eh = ft[8] | 0;
+    El = ft[9] | 0;
+    Fh = ft[10] | 0;
+    Fl = ft[11] | 0;
+    Gh = ft[12] | 0;
+    Gl = ft[13] | 0;
+    Hh = ft[14] | 0;
+    Hl = ft[15] | 0;
     constructor() {
       super(28);
     }
-  }, ye = class extends Ht {
-    Ah = G[0] | 0;
-    Al = G[1] | 0;
-    Bh = G[2] | 0;
-    Bl = G[3] | 0;
-    Ch = G[4] | 0;
-    Cl = G[5] | 0;
-    Dh = G[6] | 0;
-    Dl = G[7] | 0;
-    Eh = G[8] | 0;
-    El = G[9] | 0;
-    Fh = G[10] | 0;
-    Fl = G[11] | 0;
-    Gh = G[12] | 0;
-    Gl = G[13] | 0;
-    Hh = G[14] | 0;
-    Hl = G[15] | 0;
+  }, ke = class extends te {
+    Ah = at[0] | 0;
+    Al = at[1] | 0;
+    Bh = at[2] | 0;
+    Bl = at[3] | 0;
+    Ch = at[4] | 0;
+    Cl = at[5] | 0;
+    Dh = at[6] | 0;
+    Dl = at[7] | 0;
+    Eh = at[8] | 0;
+    El = at[9] | 0;
+    Fh = at[10] | 0;
+    Fl = at[11] | 0;
+    Gh = at[12] | 0;
+    Gl = at[13] | 0;
+    Hh = at[14] | 0;
+    Hl = at[15] | 0;
     constructor() {
       super(32);
     }
-  }, zt = /* @__PURE__ */ _t(() => new he(), /* @__PURE__ */ mt(1)), Fe = /* @__PURE__ */ _t(() => new be(), /* @__PURE__ */ mt(4)), tn = /* @__PURE__ */ _t(() => new we(), /* @__PURE__ */ mt(3)), en = /* @__PURE__ */ _t(() => new ge(), /* @__PURE__ */ mt(2)), nn = /* @__PURE__ */ _t(() => new ye(), /* @__PURE__ */ mt(6)), rn = /* @__PURE__ */ _t(() => new me(), /* @__PURE__ */ mt(5));
+  }, jt = /* @__PURE__ */ Yt(() => new De(), /* @__PURE__ */ Lt(1)), Dn = /* @__PURE__ */ Yt(() => new Le(), /* @__PURE__ */ Lt(4)), Ln = /* @__PURE__ */ Yt(() => new Ue(), /* @__PURE__ */ Lt(3)), Un = /* @__PURE__ */ Yt(() => new qe(), /* @__PURE__ */ Lt(2)), qn = /* @__PURE__ */ Yt(() => new ke(), /* @__PURE__ */ Lt(6)), Cn = /* @__PURE__ */ Yt(() => new Ce(), /* @__PURE__ */ Lt(5));
 }));
-function jt(t, e = "") {
-  if (typeof t != "boolean") {
-    const r = e && `"${e}" `;
-    throw new Error(r + "expected boolean, got type=" + typeof t);
-  }
-  return t;
-}
-function on(t) {
-  if (typeof t == "bigint") {
-    if (!Ut(t)) throw new Error("positive bigint expected, got " + t);
-  } else xt(t);
-  return t;
+function Or(t) {
+  return t instanceof Uint8Array || ArrayBuffer.isView(t) && t.constructor.name === "Uint8Array";
 }
-function Rt(t, e = "") {
-  if (!Number.isSafeInteger(t)) {
-    const r = e && `"${e}" `;
-    throw new Error(r + "expected safe integer, got type=" + typeof t);
+function Io(t, n = "") {
+  if (!Number.isSafeInteger(t) || t < 0) {
+    const e = n && `"${n}" `;
+    throw new Error(`${e}expected integer >= 0, got ${t}`);
   }
 }
-function Zt(t) {
-  const e = on(t).toString(16);
-  return e.length & 1 ? "0" + e : e;
-}
-function sn(t) {
-  if (typeof t != "string") throw new Error("hex string expected, got " + typeof t);
-  return t === "" ? Yt : BigInt("0x" + t);
-}
-function Dt(t) {
-  return sn(Xt(t));
-}
-function cn(t) {
-  return sn(Xt(jn(C(t)).reverse()));
+function kn(t, n, e = "") {
+  const r = Or(t), o = t?.length, i = n !== void 0;
+  if (!r || i && o !== n) {
+    const a = e && `"${e}" `, f = i ? ` of length ${n}` : "", l = r ? `length=${o}` : `type=${typeof t}`;
+    throw new Error(a + "expected Uint8Array" + f + ", got " + l);
+  }
+  return t;
 }
-function xe(t, e) {
-  xt(e), t = on(t);
-  const r = Mt(t.toString(16).padStart(e * 2, "0"));
-  if (r.length !== e) throw new Error("number too large");
-  return r;
+function No(t, n = !0) {
+  if (t.destroyed) throw new Error("Hash instance has been destroyed");
+  if (n && t.finished) throw new Error("Hash#digest() has already been called");
 }
-function fn(t, e) {
-  return xe(t, e).reverse();
+function jo(t, n) {
+  kn(t, void 0, "digestInto() output");
+  const e = n.outputLen;
+  if (t.length < e) throw new Error('"digestInto() output" expected to be of length >=' + e);
 }
-function jn(t) {
-  return Uint8Array.from(t);
+function Do(t) {
+  return new Uint32Array(t.buffer, t.byteOffset, Math.floor(t.byteLength / 4));
 }
-function Wt(t) {
-  return Uint8Array.from(t, (e, r) => {
-    const n = e.charCodeAt(0);
-    if (e.length !== 1 || n > 127) throw new Error(`string contains non-ASCII character "${t[r]}" with code ${n} at position ${r}`);
-    return n;
-  });
+function Lo(...t) {
+  for (let n = 0; n < t.length; n++) t[n].fill(0);
 }
-function Yn(t, e, r) {
-  return Ut(t) && Ut(e) && Ut(r) && e <= t && t < r;
+function Hr(t) {
+  return t << 24 & 4278190080 | t << 8 & 16711680 | t >>> 8 & 65280 | t >>> 24 & 255;
 }
-function Gn(t, e, r, n) {
-  if (!Yn(e, r, n)) throw new Error("expected valid " + t + ": " + r + " <= n < " + n + ", got " + e);
+function Tr(t) {
+  for (let n = 0; n < t.length; n++) t[n] = Hr(t[n]);
+  return t;
 }
-function Kn(t) {
-  let e;
-  for (e = 0; t > Yt; t >>= Tt, e += 1) ;
+function Uo(...t) {
+  let n = 0;
+  for (let r = 0; r < t.length; r++) {
+    const o = t[r];
+    kn(o), n += o.length;
+  }
+  const e = new Uint8Array(n);
+  for (let r = 0, o = 0; r < t.length; r++) {
+    const i = t[r];
+    e.set(i, o), o += i.length;
+  }
   return e;
 }
-function Xn(t, e, r) {
-  if (xt(t, "hashLen"), xt(e, "qByteLen"), typeof r != "function") throw new Error("hmacFn must be a function");
-  const n = (v) => new Uint8Array(v), o = Uint8Array.of(), s = Uint8Array.of(0), i = Uint8Array.of(1), c = 1e3;
-  let f = n(t), l = n(t), a = 0;
-  const g = () => {
-    f.fill(1), l.fill(0), a = 0;
-  }, b = (...v) => r(l, P(f, ...v)), w = (v = o) => {
-    l = b(s, v), f = b(), v.length !== 0 && (l = b(i, v), f = b());
-  }, m = () => {
-    if (a++ >= c) throw new Error("drbg: tried max amount of iterations");
-    let v = 0;
-    const B = [];
-    for (; v < e; ) {
-      f = b();
-      const E = f.slice();
-      B.push(E), v += f.length;
-    }
-    return P(...B);
-  };
-  return (v, B) => {
-    g(), w(v);
-    let E;
-    for (; !(E = B(m())); ) w();
-    return g(), E;
-  };
+function qo(t, n = {}) {
+  const e = (o, i) => t(i).update(o).digest(), r = t(void 0);
+  return e.outputLen = r.outputLen, e.blockLen = r.blockLen, e.create = (o) => t(o), Object.assign(e, n), Object.freeze(e);
 }
-function Qt(t, e = {}, r = {}) {
-  if (!t || typeof t != "object") throw new Error("expected valid options object");
-  function n(s, i, c) {
-    const f = t[s];
-    if (c && f === void 0) return;
-    const l = typeof f;
-    if (l !== i || f === null) throw new Error(`param "${s}" is invalid: expected ${i}, got ${l}`);
-  }
-  const o = (s, i) => Object.entries(s).forEach(([c, f]) => n(c, f, i));
-  o(e, !1), o(r, !0);
-}
-function Ue(t) {
-  const e = /* @__PURE__ */ new WeakMap();
-  return (r, ...n) => {
-    const o = e.get(r);
-    if (o !== void 0) return o;
-    const s = t(r, ...n);
-    return e.set(r, s), s;
-  };
+function Co(t = 32) {
+  const n = typeof globalThis == "object" ? globalThis.crypto : null;
+  if (typeof n?.getRandomValues != "function") throw new Error("crypto.getRandomValues must be defined");
+  return n.getRandomValues(new Uint8Array(t));
+}
+var ln, Fr, Ir, Nr, jr = Dt((() => {
+  ln = new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68, Fr = ln ? (t) => t : Tr, Ir = typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function", Nr = (t) => ({ oid: Uint8Array.from([
+    6,
+    9,
+    96,
+    134,
+    72,
+    1,
+    101,
+    3,
+    4,
+    2,
+    t
+  ]) });
+}));
+function ko(t, n = "") {
+  if (typeof t != "boolean") {
+    const e = n && `"${n}" `;
+    throw new Error(e + "expected boolean, got type=" + typeof t);
+  }
+  return t;
 }
-var Yt, Tt, Ut, Jt, Pt = Bt((() => {
-  Nt(), Yt = /* @__PURE__ */ BigInt(0), Tt = /* @__PURE__ */ BigInt(1), Ut = (t) => typeof t == "bigint" && Yt <= t, Jt = (t) => (Tt << BigInt(t)) - Tt;
+var $o = Dt((() => {
+  jr();
 }));
-function Be(t) {
+function Qe(t) {
   if (!Number.isSafeInteger(t) || t < 0 || t > 4294967295) throw new Error("wrong u32 integer:" + t);
   return t;
 }
-function an(t) {
-  return Be(t), (t & t - 1) === 0 && t !== 0;
+function $n(t) {
+  return Qe(t), (t & t - 1) === 0 && t !== 0;
 }
-function zn(t, e) {
-  Be(t);
-  let r = 0;
-  for (let n = 0; n < e; n++, t >>>= 1) r = r << 1 | t & 1;
-  return r;
+function Dr(t, n) {
+  Qe(t);
+  let e = 0;
+  for (let r = 0; r < n; r++, t >>>= 1) e = e << 1 | t & 1;
+  return e;
 }
-function ln(t) {
-  return Be(t), 31 - Math.clz32(t);
+function Zn(t) {
+  return Qe(t), 31 - Math.clz32(t);
 }
-function Ne(t) {
-  const e = t.length;
-  if (e < 2 || !an(e)) throw new Error("n must be a power of 2 and greater than 1. Got " + e);
-  const r = ln(e);
-  for (let n = 0; n < e; n++) {
-    const o = zn(n, r);
-    if (n < o) {
-      const s = t[n];
-      t[n] = t[o], t[o] = s;
+function un(t) {
+  const n = t.length;
+  if (n < 2 || !$n(n)) throw new Error("n must be a power of 2 and greater than 1. Got " + n);
+  const e = Zn(n);
+  for (let r = 0; r < n; r++) {
+    const o = Dr(r, e);
+    if (r < o) {
+      const i = t[r];
+      t[r] = t[o], t[o] = i;
     }
   }
   return t;
 }
-var Wn, Ur = Bt((() => {
-  Wn = (t, e) => {
-    const { N: r, roots: n, dit: o, invertButterflies: s = !1, skipStages: i = 0, brp: c = !0 } = e, f = ln(r);
-    if (!an(r)) throw new Error("FFT: Polynomial size should be power of two");
-    const l = o !== s;
-    return (a) => {
-      if (a.length !== r) throw new Error("FFT: wrong Polynomial length");
-      o && c && Ne(a);
-      for (let g = 0, b = 1; g < f - i; g++) {
-        const w = o ? g + 1 + i : f - g, m = 1 << w, x = m >> 1, v = r >> w;
-        for (let B = 0; B < r; B += m) for (let E = 0, L = b++; E < x; E++) {
-          const I = s ? o ? r - L : L : E * v, V = B + E, M = B + E + x, D = n[I], N = a[M], O = a[V];
-          if (l) {
-            const nt = t.mul(N, D);
-            a[V] = t.add(O, nt), a[M] = t.sub(O, nt);
-          } else s ? (a[V] = t.add(N, O), a[M] = t.mul(t.sub(N, O), D)) : (a[V] = t.add(O, N), a[M] = t.mul(t.sub(O, N), D));
+var Lr, Zo = Dt((() => {
+  Lr = (t, n) => {
+    const { N: e, roots: r, dit: o, invertButterflies: i = !1, skipStages: a = 0, brp: f = !0 } = n, l = Zn(e);
+    if (!$n(e)) throw new Error("FFT: Polynomial size should be power of two");
+    const g = o !== i;
+    return (s) => {
+      if (s.length !== e) throw new Error("FFT: wrong Polynomial length");
+      o && f && un(s);
+      for (let u = 0, d = 1; u < l - a; u++) {
+        const h = o ? u + 1 + a : l - u, w = 1 << h, b = w >> 1, E = e >> h;
+        for (let T = 0; T < e; T += w) for (let B = 0, C = d++; B < b; B++) {
+          const O = i ? o ? e - C : C : B * E, F = T + B, z = T + B + b, W = r[O], N = s[z], V = s[F];
+          if (g) {
+            const K = t.mul(N, W);
+            s[F] = t.add(V, K), s[z] = t.sub(V, K);
+          } else i ? (s[F] = t.add(N, V), s[z] = t.mul(t.sub(N, V), W)) : (s[F] = t.add(V, N), s[z] = t.mul(t.sub(V, N), W));
         }
       }
-      return !o && c && Ne(a), a;
+      return !o && f && un(s), s;
     };
   };
 }));
-Pt();
-var J = /* @__PURE__ */ BigInt(0), W = /* @__PURE__ */ BigInt(1), vt = /* @__PURE__ */ BigInt(2), un = /* @__PURE__ */ BigInt(3), dn = /* @__PURE__ */ BigInt(4), hn = /* @__PURE__ */ BigInt(5), Qn = /* @__PURE__ */ BigInt(7), bn = /* @__PURE__ */ BigInt(8), Jn = /* @__PURE__ */ BigInt(9), wn = /* @__PURE__ */ BigInt(16);
-function et(t, e) {
-  const r = t % e;
-  return r >= J ? r : e + r;
-}
-function tt(t, e, r) {
-  let n = t;
-  for (; e-- > J; )
-    n *= n, n %= r;
+_r();
+Qt();
+var st = (t, n, e) => zt(t, n, e), Vn = Pt, Ct = Ke, Q = (...t) => br(...t), he = (t) => _n(t), oe = Sn, wt = (t) => yr(t), me = /* @__PURE__ */ BigInt(0), $e = /* @__PURE__ */ BigInt(1);
+function ie(t, n = "") {
+  if (typeof t != "boolean") {
+    const e = n && `"${n}" `;
+    throw new TypeError(e + "expected boolean, got type=" + typeof t);
+  }
+  return t;
+}
+function Je(t) {
+  if (typeof t == "bigint") {
+    if (!ue(t)) throw new RangeError("positive bigint expected, got " + t);
+  } else Vn(t);
+  return t;
+}
+function Ft(t, n = "") {
+  if (typeof t != "number") {
+    const e = n && `"${n}" `;
+    throw new TypeError(e + "expected number, got type=" + typeof t);
+  }
+  if (!Number.isSafeInteger(t)) {
+    const e = n && `"${n}" `;
+    throw new RangeError(e + "expected safe integer, got " + t);
+  }
+}
+function ce(t) {
+  const n = Je(t).toString(16);
+  return n.length & 1 ? "0" + n : n;
+}
+function Pn(t) {
+  if (typeof t != "string") throw new TypeError("hex string expected, got " + typeof t);
+  return t === "" ? me : BigInt("0x" + t);
+}
+function St(t) {
+  return Pn(Ke(t));
+}
+function ge(t) {
+  return Pn(Ke(Ze(zt(t)).reverse()));
+}
+function tn(t, n) {
+  if (Pt(n), n === 0) throw new RangeError("zero length");
+  t = Je(t);
+  const e = t.toString(16);
+  if (e.length > n * 2) throw new RangeError("number too large");
+  return _n(e.padStart(n * 2, "0"));
+}
+function zn(t, n) {
+  return tn(t, n).reverse();
+}
+function Ze(t) {
+  return Uint8Array.from(st(t));
+}
+function be(t) {
+  if (typeof t != "string") throw new TypeError("ascii string expected, got " + typeof t);
+  return Uint8Array.from(t, (n, e) => {
+    const r = n.charCodeAt(0);
+    if (n.length !== 1 || r > 127) throw new RangeError(`string contains non-ASCII character "${t[e]}" with code ${r} at position ${e}`);
+    return r;
+  });
+}
+var ue = (t) => typeof t == "bigint" && me <= t;
+function Ur(t, n, e) {
+  return ue(t) && ue(n) && ue(e) && n <= t && t < e;
+}
+function Mn(t, n, e, r) {
+  if (!Ur(n, e, r)) throw new RangeError("expected valid " + t + ": " + e + " <= n < " + r + ", got " + n);
+}
+function ye(t) {
+  if (t < me) throw new Error("expected non-negative bigint, got " + t);
+  let n;
+  for (n = 0; t > me; t >>= $e, n += 1) ;
   return n;
 }
-function De(t, e) {
-  if (t === J) throw new Error("invert: expected non-zero number");
-  if (e <= J) throw new Error("invert: expected positive modulus, got " + e);
-  let r = et(t, e), n = e, o = J, s = W, i = W, c = J;
-  for (; r !== J; ) {
-    const f = n / r, l = n % r, a = o - i * f, g = s - c * f;
-    n = r, r = l, o = i, s = c, i = a, c = g;
-  }
-  if (n !== W) throw new Error("invert: does not exist");
-  return et(o, e);
-}
-function _e(t, e, r) {
-  if (!t.eql(t.sqr(e), r)) throw new Error("Cannot find square root");
-}
-function gn(t, e) {
-  const r = (t.ORDER + W) / dn, n = t.pow(e, r);
-  return _e(t, n, e), n;
-}
-function Pn(t, e) {
-  const r = (t.ORDER - hn) / bn, n = t.mul(e, vt), o = t.pow(n, r), s = t.mul(e, o), i = t.mul(t.mul(s, vt), o), c = t.mul(s, t.sub(i, t.ONE));
-  return _e(t, c, e), c;
-}
-function Fn(t) {
-  const e = te(t), r = mn(t), n = r(e, e.neg(e.ONE)), o = r(e, n), s = r(e, e.neg(n)), i = (t + Qn) / wn;
-  return (c, f) => {
-    let l = c.pow(f, i), a = c.mul(l, n);
-    const g = c.mul(l, o), b = c.mul(l, s), w = c.eql(c.sqr(a), f), m = c.eql(c.sqr(g), f);
-    l = c.cmov(l, a, w), a = c.cmov(b, g, m);
-    const x = c.eql(c.sqr(a), f), v = c.cmov(l, a, x);
-    return _e(c, v, f), v;
+var pe = (t) => ($e << BigInt(t)) - $e;
+function qr(t, n, e) {
+  if (Pt(t, "hashLen"), Pt(n, "qByteLen"), typeof e != "function") throw new TypeError("hmacFn must be a function");
+  const r = (E) => new Uint8Array(E), o = Uint8Array.of(), i = Uint8Array.of(0), a = Uint8Array.of(1), f = 1e3;
+  let l = r(t), g = r(t), s = 0;
+  const u = () => {
+    l.fill(1), g.fill(0), s = 0;
+  }, d = (...E) => e(g, Q(l, ...E)), h = (E = o) => {
+    g = d(i, E), l = d(), E.length !== 0 && (g = d(a, E), l = d());
+  }, w = () => {
+    if (s++ >= f) throw new Error("drbg: tried max amount of iterations");
+    let E = 0;
+    const T = [];
+    for (; E < n; ) {
+      l = d();
+      const B = l.slice();
+      T.push(B), E += l.length;
+    }
+    return Q(...T);
   };
+  return (E, T) => {
+    u(), h(E);
+    let B;
+    for (; (B = T(w())) === void 0; ) h();
+    return u(), B;
+  };
+}
+function Mt(t, n = {}, e = {}) {
+  if (Object.prototype.toString.call(t) !== "[object Object]") throw new TypeError("expected valid options object");
+  function r(i, a, f) {
+    if (!f && a !== "function" && !Object.hasOwn(t, i)) throw new TypeError(`param "${i}" is invalid: expected own property`);
+    const l = t[i];
+    if (f && l === void 0) return;
+    const g = typeof l;
+    if (g !== a || l === null) throw new TypeError(`param "${i}" is invalid: expected ${a}, got ${g}`);
+  }
+  const o = (i, a) => Object.entries(i).forEach(([f, l]) => r(f, l, a));
+  o(n, !1), o(e, !0);
+}
+var dt = /* @__PURE__ */ BigInt(0), ot = /* @__PURE__ */ BigInt(1), $t = /* @__PURE__ */ BigInt(2), Gn = /* @__PURE__ */ BigInt(3), Yn = /* @__PURE__ */ BigInt(4), Kn = /* @__PURE__ */ BigInt(5), Cr = /* @__PURE__ */ BigInt(7), Xn = /* @__PURE__ */ BigInt(8), kr = /* @__PURE__ */ BigInt(9), Wn = /* @__PURE__ */ BigInt(16);
+function bt(t, n) {
+  if (n <= dt) throw new Error("mod: expected positive modulus, got " + n);
+  const e = t % n;
+  return e >= dt ? e : n + e;
+}
+function gt(t, n, e) {
+  if (n < dt) throw new Error("pow2: expected non-negative exponent, got " + n);
+  let r = t;
+  for (; n-- > dt; )
+    r *= r, r %= e;
+  return r;
+}
+function dn(t, n) {
+  if (t === dt) throw new Error("invert: expected non-zero number");
+  if (n <= dt) throw new Error("invert: expected positive modulus, got " + n);
+  let e = bt(t, n), r = n, o = dt, i = ot, a = ot, f = dt;
+  for (; e !== dt; ) {
+    const l = r / e, g = r - e * l, s = o - a * l, u = i - f * l;
+    r = e, e = g, o = a, i = f, a = s, f = u;
+  }
+  if (r !== ot) throw new Error("invert: does not exist");
+  return bt(o, n);
+}
+function en(t, n, e) {
+  const r = t;
+  if (!r.eql(r.sqr(n), e)) throw new Error("Cannot find square root");
+}
+function Qn(t, n) {
+  const e = t, r = (e.ORDER + ot) / Yn, o = e.pow(n, r);
+  return en(e, o, n), o;
+}
+function $r(t, n) {
+  const e = t, r = (e.ORDER - Kn) / Xn, o = e.mul(n, $t), i = e.pow(o, r), a = e.mul(n, i), f = e.mul(e.mul(a, $t), i), l = e.mul(a, e.sub(f, e.ONE));
+  return en(e, l, n), l;
+}
+function Zr(t) {
+  const n = ve(t), e = Jn(t), r = e(n, n.neg(n.ONE)), o = e(n, r), i = e(n, n.neg(r)), a = (t + Cr) / Wn;
+  return ((f, l) => {
+    const g = f;
+    let s = g.pow(l, a), u = g.mul(s, r);
+    const d = g.mul(s, o), h = g.mul(s, i), w = g.eql(g.sqr(u), l), b = g.eql(g.sqr(d), l);
+    s = g.cmov(s, u, w), u = g.cmov(h, d, b);
+    const E = g.eql(g.sqr(u), l), T = g.cmov(s, u, E);
+    return en(g, T, l), T;
+  });
 }
-function mn(t) {
-  if (t < un) throw new Error("sqrt is not defined for small field");
-  let e = t - W, r = 0;
-  for (; e % vt === J; )
-    e /= vt, r++;
-  let n = vt;
-  const o = te(t);
-  for (; Ce(o, n) === 1; ) if (n++ > 1e3) throw new Error("Cannot find square root: probably non-prime P");
-  if (r === 1) return gn;
-  let s = o.pow(n, e);
-  const i = (e + W) / vt;
-  return function(f, l) {
-    if (f.is0(l)) return l;
-    if (Ce(f, l) !== 1) throw new Error("Cannot find square root");
-    let a = r, g = f.mul(f.ONE, s), b = f.pow(l, e), w = f.pow(l, i);
-    for (; !f.eql(b, f.ONE); ) {
-      if (f.is0(b)) return f.ZERO;
-      let m = 1, x = f.sqr(b);
-      for (; !f.eql(x, f.ONE); )
-        if (m++, x = f.sqr(x), m === a) throw new Error("Cannot find square root");
-      const v = W << BigInt(a - m - 1), B = f.pow(g, v);
-      a = m, g = f.sqr(B), b = f.mul(b, g), w = f.mul(w, B);
+function Jn(t) {
+  if (t < Gn) throw new Error("sqrt is not defined for small field");
+  let n = t - ot, e = 0;
+  for (; n % $t === dt; )
+    n /= $t, e++;
+  let r = $t;
+  const o = ve(t);
+  for (; Ve(o, r) === 1; ) if (r++ > 1e3) throw new Error("Cannot find square root: probably non-prime P");
+  if (e === 1) return Qn;
+  let i = o.pow(r, n);
+  const a = (n + ot) / $t;
+  return function(l, g) {
+    const s = l;
+    if (s.is0(g)) return g;
+    if (Ve(s, g) !== 1) throw new Error("Cannot find square root");
+    let u = e, d = s.mul(s.ONE, i), h = s.pow(g, n), w = s.pow(g, a);
+    for (; !s.eql(h, s.ONE); ) {
+      if (s.is0(h)) return s.ZERO;
+      let b = 1, E = s.sqr(h);
+      for (; !s.eql(E, s.ONE); )
+        if (b++, E = s.sqr(E), b === u) throw new Error("Cannot find square root");
+      const T = ot << BigInt(u - b - 1), B = s.pow(d, T);
+      u = b, d = s.sqr(B), h = s.mul(h, d), w = s.mul(w, B);
     }
     return w;
   };
 }
-function tr(t) {
-  return t % dn === un ? gn : t % bn === hn ? Pn : t % wn === Jn ? Fn(t) : mn(t);
+function Vr(t) {
+  return t % Yn === Gn ? Qn : t % Xn === Kn ? $r : t % Wn === kr ? Zr(t) : Jn(t);
 }
-var er = [
+var Pr = [
   "create",
   "isValid",
   "is0",
@@ -952,448 +1055,1088 @@ var er = [
   "mulN",
   "sqrN"
 ];
-function yn(t) {
-  return Qt(t, er.reduce((e, r) => (e[r] = "function", e), {
+function se(t) {
+  if (Mt(t, Pr.reduce((n, e) => (n[e] = "function", n), {
     ORDER: "bigint",
     BYTES: "number",
     BITS: "number"
-  })), t;
-}
-function nr(t, e, r) {
-  if (r < J) throw new Error("invalid exponent, negatives unsupported");
-  if (r === J) return t.ONE;
-  if (r === W) return e;
-  let n = t.ONE, o = e;
-  for (; r > J; )
-    r & W && (n = t.mul(n, o)), o = t.sqr(o), r >>= W;
-  return n;
-}
-function Ft(t, e, r = !1) {
-  const n = new Array(e.length).fill(r ? t.ZERO : void 0), o = e.reduce((i, c, f) => t.is0(c) ? i : (n[f] = i, t.mul(i, c)), t.ONE), s = t.inv(o);
-  return e.reduceRight((i, c, f) => t.is0(c) ? i : (n[f] = t.mul(i, n[f]), t.mul(i, c)), s), n;
-}
-function Ce(t, e) {
-  const r = (t.ORDER - W) / vt, n = t.pow(e, r), o = t.eql(n, t.ONE), s = t.eql(n, t.ZERO), i = t.eql(n, t.neg(t.ONE));
-  if (!o && !s && !i) throw new Error("invalid Legendre symbol result");
-  return o ? 1 : s ? 0 : -1;
+  })), Ft(t.BYTES, "BYTES"), Ft(t.BITS, "BITS"), t.BYTES < 1 || t.BITS < 1) throw new Error("invalid field: expected BYTES/BITS > 0");
+  if (t.ORDER <= ot) throw new Error("invalid field: expected ORDER > 1, got " + t.ORDER);
+  return t;
 }
-function rr(t, e) {
-  e !== void 0 && xt(e);
-  const r = e !== void 0 ? e : t.toString(2).length;
+function zr(t, n, e) {
+  const r = t;
+  if (e < dt) throw new Error("invalid exponent, negatives unsupported");
+  if (e === dt) return r.ONE;
+  if (e === ot) return n;
+  let o = r.ONE, i = n;
+  for (; e > dt; )
+    e & ot && (o = r.mul(o, i)), i = r.sqr(i), e >>= ot;
+  return o;
+}
+function Ee(t, n, e = !1) {
+  const r = t, o = new Array(n.length).fill(e ? r.ZERO : void 0), i = n.reduce((f, l, g) => r.is0(l) ? f : (o[g] = f, r.mul(f, l)), r.ONE), a = r.inv(i);
+  return n.reduceRight((f, l, g) => r.is0(l) ? f : (o[g] = r.mul(f, o[g]), r.mul(f, l)), a), o;
+}
+function Ve(t, n) {
+  const e = t, r = (e.ORDER - ot) / $t, o = e.pow(n, r), i = e.eql(o, e.ONE), a = e.eql(o, e.ZERO), f = e.eql(o, e.neg(e.ONE));
+  if (!i && !a && !f) throw new Error("invalid Legendre symbol result");
+  return i ? 1 : a ? 0 : -1;
+}
+function hn(t, n) {
+  return Ve(t, n) !== -1;
+}
+function Mr(t, n) {
+  if (n !== void 0 && Vn(n), t <= dt) throw new Error("invalid n length: expected positive n, got " + t);
+  if (n !== void 0 && n < 1) throw new Error("invalid n length: expected positive bit length, got " + n);
+  const e = ye(t);
+  if (n !== void 0 && n < e) throw new Error(`invalid n length: expected bit length (${e}) >= n.length (${n})`);
+  const r = n !== void 0 ? n : e;
   return {
     nBitLength: r,
     nByteLength: Math.ceil(r / 8)
   };
 }
-var or = class {
+var mn = /* @__PURE__ */ new WeakMap(), tr = class {
   ORDER;
   BITS;
   BYTES;
   isLE;
-  ZERO = J;
-  ONE = W;
+  ZERO = dt;
+  ONE = ot;
   _lengths;
-  _sqrt;
   _mod;
-  constructor(t, e = {}) {
-    if (t <= J) throw new Error("invalid field: expected ORDER > 0, got " + t);
-    let r;
-    this.isLE = !1, e != null && typeof e == "object" && (typeof e.BITS == "number" && (r = e.BITS), typeof e.sqrt == "function" && (this.sqrt = e.sqrt), typeof e.isLE == "boolean" && (this.isLE = e.isLE), e.allowedLengths && (this._lengths = e.allowedLengths?.slice()), typeof e.modFromBytes == "boolean" && (this._mod = e.modFromBytes));
-    const { nBitLength: n, nByteLength: o } = rr(t, r);
+  constructor(t, n = {}) {
+    if (t <= ot) throw new Error("invalid field: expected ORDER > 1, got " + t);
+    let e;
+    this.isLE = !1, n != null && typeof n == "object" && (typeof n.BITS == "number" && (e = n.BITS), typeof n.sqrt == "function" && Object.defineProperty(this, "sqrt", {
+      value: n.sqrt,
+      enumerable: !0
+    }), typeof n.isLE == "boolean" && (this.isLE = n.isLE), n.allowedLengths && (this._lengths = Object.freeze(n.allowedLengths.slice())), typeof n.modFromBytes == "boolean" && (this._mod = n.modFromBytes));
+    const { nBitLength: r, nByteLength: o } = Mr(t, e);
     if (o > 2048) throw new Error("invalid field: expected ORDER of <= 2048 bytes");
-    this.ORDER = t, this.BITS = n, this.BYTES = o, this._sqrt = void 0, Object.preventExtensions(this);
+    this.ORDER = t, this.BITS = r, this.BYTES = o, Object.freeze(this);
   }
   create(t) {
-    return et(t, this.ORDER);
+    return bt(t, this.ORDER);
   }
   isValid(t) {
-    if (typeof t != "bigint") throw new Error("invalid field element: expected bigint, got " + typeof t);
-    return J <= t && t < this.ORDER;
+    if (typeof t != "bigint") throw new TypeError("invalid field element: expected bigint, got " + typeof t);
+    return dt <= t && t < this.ORDER;
   }
   is0(t) {
-    return t === J;
+    return t === dt;
   }
   isValidNot0(t) {
     return !this.is0(t) && this.isValid(t);
   }
   isOdd(t) {
-    return (t & W) === W;
+    return (t & ot) === ot;
   }
   neg(t) {
-    return et(-t, this.ORDER);
+    return bt(-t, this.ORDER);
   }
-  eql(t, e) {
-    return t === e;
+  eql(t, n) {
+    return t === n;
   }
   sqr(t) {
-    return et(t * t, this.ORDER);
+    return bt(t * t, this.ORDER);
   }
-  add(t, e) {
-    return et(t + e, this.ORDER);
+  add(t, n) {
+    return bt(t + n, this.ORDER);
   }
-  sub(t, e) {
-    return et(t - e, this.ORDER);
+  sub(t, n) {
+    return bt(t - n, this.ORDER);
   }
-  mul(t, e) {
-    return et(t * e, this.ORDER);
+  mul(t, n) {
+    return bt(t * n, this.ORDER);
   }
-  pow(t, e) {
-    return nr(this, t, e);
+  pow(t, n) {
+    return zr(this, t, n);
   }
-  div(t, e) {
-    return et(t * De(e, this.ORDER), this.ORDER);
+  div(t, n) {
+    return bt(t * dn(n, this.ORDER), this.ORDER);
   }
   sqrN(t) {
     return t * t;
   }
-  addN(t, e) {
-    return t + e;
+  addN(t, n) {
+    return t + n;
   }
-  subN(t, e) {
-    return t - e;
+  subN(t, n) {
+    return t - n;
   }
-  mulN(t, e) {
-    return t * e;
+  mulN(t, n) {
+    return t * n;
   }
   inv(t) {
-    return De(t, this.ORDER);
+    return dn(t, this.ORDER);
   }
   sqrt(t) {
-    return this._sqrt || (this._sqrt = tr(this.ORDER)), this._sqrt(this, t);
+    let n = mn.get(this);
+    return n || mn.set(this, n = Vr(this.ORDER)), n(this, t);
   }
   toBytes(t) {
-    return this.isLE ? fn(t, this.BYTES) : xe(t, this.BYTES);
-  }
-  fromBytes(t, e = !1) {
-    C(t);
-    const { _lengths: r, BYTES: n, isLE: o, ORDER: s, _mod: i } = this;
-    if (r) {
-      if (!r.includes(t.length) || t.length > n) throw new Error("Field.fromBytes: expected " + r + " bytes, got " + t.length);
-      const f = new Uint8Array(n);
-      f.set(t, o ? 0 : f.length - t.length), t = f;
-    }
-    if (t.length !== n) throw new Error("Field.fromBytes: expected " + n + " bytes, got " + t.length);
-    let c = o ? cn(t) : Dt(t);
-    if (i && (c = et(c, s)), !e && !this.isValid(c))
+    return this.isLE ? zn(t, this.BYTES) : tn(t, this.BYTES);
+  }
+  fromBytes(t, n = !1) {
+    st(t);
+    const { _lengths: e, BYTES: r, isLE: o, ORDER: i, _mod: a } = this;
+    if (e) {
+      if (t.length < 1 || !e.includes(t.length) || t.length > r) throw new Error("Field.fromBytes: expected " + e + " bytes, got " + t.length);
+      const l = new Uint8Array(r);
+      l.set(t, o ? 0 : l.length - t.length), t = l;
+    }
+    if (t.length !== r) throw new Error("Field.fromBytes: expected " + r + " bytes, got " + t.length);
+    let f = o ? ge(t) : St(t);
+    if (a && (f = bt(f, i)), !n && !this.isValid(f))
       throw new Error("invalid field element: outside of range 0..ORDER");
-    return c;
+    return f;
   }
   invertBatch(t) {
-    return Ft(this, t);
+    return Ee(this, t);
   }
-  cmov(t, e, r) {
-    return r ? e : t;
+  cmov(t, n, e) {
+    return ie(e, "condition"), e ? n : t;
   }
 };
-function te(t, e = {}) {
-  return new or(t, e);
+Object.freeze(tr.prototype);
+function ve(t, n = {}) {
+  return new tr(t, n);
 }
-function En(t) {
+function er(t) {
   if (typeof t != "bigint") throw new Error("field order must be bigint");
-  const e = t.toString(2).length;
-  return Math.ceil(e / 8);
-}
-function vn(t) {
-  const e = En(t);
-  return e + Math.ceil(e / 2);
-}
-function sr(t, e, r = !1) {
-  C(t);
-  const n = t.length, o = En(e), s = vn(e);
-  if (n < 16 || n < s || n > 1024) throw new Error("expected " + s + "-1024 bytes of input, got " + n);
-  const i = et(r ? cn(t) : Dt(t), e - W) + W;
-  return r ? fn(i, o) : xe(i, o);
-}
-Pt();
-var Ot = /* @__PURE__ */ BigInt(0), pt = /* @__PURE__ */ BigInt(1);
-function Gt(t, e) {
-  const r = e.negate();
-  return t ? r : e;
-}
-function Ze(t, e) {
-  const r = Ft(t.Fp, e.map((n) => n.Z));
-  return e.map((n, o) => t.fromAffine(n.toAffine(r[o])));
-}
-function pn(t, e) {
-  if (!Number.isSafeInteger(t) || t <= 0 || t > e) throw new Error("invalid window size, expected [1.." + e + "], got W=" + t);
-}
-function oe(t, e) {
-  pn(t, e);
-  const r = Math.ceil(e / t) + 1, n = 2 ** (t - 1), o = 2 ** t;
+  if (t <= ot) throw new Error("field order must be greater than 1");
+  const n = ye(t - ot);
+  return Math.ceil(n / 8);
+}
+function nn(t) {
+  const n = er(t);
+  return n + Math.ceil(n / 2);
+}
+function nr(t, n, e = !1) {
+  st(t);
+  const r = t.length, o = er(n), i = Math.max(nn(n), 16);
+  if (r < i || r > 1024) throw new Error("expected " + i + "-1024 bytes of input, got " + r);
+  const a = bt(e ? ge(t) : St(t), n - ot) + ot;
+  return e ? zn(a, o) : tn(a, o);
+}
+var Wt = /* @__PURE__ */ BigInt(0), Zt = /* @__PURE__ */ BigInt(1);
+function Gr(t) {
+  const n = t;
+  if (typeof n != "function") throw new TypeError("Point must be a constructor");
+  Mt({
+    Fp: n.Fp,
+    Fn: n.Fn,
+    fromAffine: n.fromAffine,
+    fromBytes: n.fromBytes,
+    fromHex: n.fromHex
+  }, {
+    Fp: "object",
+    Fn: "object",
+    fromAffine: "function",
+    fromBytes: "function",
+    fromHex: "function"
+  }), se(n.Fp), se(n.Fn);
+}
+function we(t, n) {
+  const e = n.negate();
+  return t ? e : n;
+}
+function gn(t, n) {
+  const e = Ee(t.Fp, n.map((r) => r.Z));
+  return n.map((r, o) => t.fromAffine(r.toAffine(e[o])));
+}
+function rr(t, n) {
+  if (!Number.isSafeInteger(t) || t <= 0 || t > n) throw new Error("invalid window size, expected [1.." + n + "], got W=" + t);
+}
+function Re(t, n) {
+  rr(t, n);
+  const e = Math.ceil(n / t) + 1, r = 2 ** (t - 1), o = 2 ** t;
   return {
-    windows: r,
-    windowSize: n,
-    mask: Jt(t),
+    windows: e,
+    windowSize: r,
+    mask: pe(t),
     maxNumber: o,
     shiftBy: BigInt(t)
   };
 }
-function ke(t, e, r) {
-  const { windowSize: n, mask: o, maxNumber: s, shiftBy: i } = r;
-  let c = Number(t & o), f = t >> i;
-  c > n && (c -= s, f += pt);
-  const l = e * n, a = l + Math.abs(c) - 1, g = c === 0, b = c < 0, w = e % 2 !== 0;
+function wn(t, n, e) {
+  const { windowSize: r, mask: o, maxNumber: i, shiftBy: a } = e;
+  let f = Number(t & o), l = t >> a;
+  f > r && (f -= i, l += Zt);
+  const g = n * r, s = g + Math.abs(f) - 1, u = f === 0, d = f < 0, h = n % 2 !== 0;
   return {
-    nextN: f,
-    offset: a,
-    isZero: g,
-    isNeg: b,
-    isNegF: w,
-    offsetF: l
+    nextN: l,
+    offset: s,
+    isZero: u,
+    isNeg: d,
+    isNegF: h,
+    offsetF: g
   };
 }
-var se = /* @__PURE__ */ new WeakMap(), xn = /* @__PURE__ */ new WeakMap();
-function ie(t) {
-  return xn.get(t) || 1;
+function Yr(t, n) {
+  if (!Array.isArray(t)) throw new Error("array expected");
+  t.forEach((e, r) => {
+    if (!(e instanceof n)) throw new Error("invalid point at index " + r);
+  });
 }
-function Te(t) {
-  if (t !== Ot) throw new Error("invalid wNAF");
+function Kr(t, n) {
+  if (!Array.isArray(t)) throw new Error("array of scalars expected");
+  t.forEach((e, r) => {
+    if (!n.isValid(e)) throw new Error("invalid scalar at index " + r);
+  });
 }
-var ir = class {
+var _e = /* @__PURE__ */ new WeakMap(), or = /* @__PURE__ */ new WeakMap();
+function Oe(t) {
+  return or.get(t) || 1;
+}
+function bn(t) {
+  if (t !== Wt) throw new Error("invalid wNAF");
+}
+var Xr = class {
   BASE;
   ZERO;
   Fn;
   bits;
-  constructor(t, e) {
-    this.BASE = t.BASE, this.ZERO = t.ZERO, this.Fn = t.Fn, this.bits = e;
-  }
-  _unsafeLadder(t, e, r = this.ZERO) {
-    let n = t;
-    for (; e > Ot; )
-      e & pt && (r = r.add(n)), n = n.double(), e >>= pt;
-    return r;
-  }
-  precomputeWindow(t, e) {
-    const { windows: r, windowSize: n } = oe(e, this.bits), o = [];
-    let s = t, i = s;
-    for (let c = 0; c < r; c++) {
-      i = s, o.push(i);
-      for (let f = 1; f < n; f++)
-        i = i.add(s), o.push(i);
-      s = i.double();
+  constructor(t, n) {
+    this.BASE = t.BASE, this.ZERO = t.ZERO, this.Fn = t.Fn, this.bits = n;
+  }
+  _unsafeLadder(t, n, e = this.ZERO) {
+    let r = t;
+    for (; n > Wt; )
+      n & Zt && (e = e.add(r)), r = r.double(), n >>= Zt;
+    return e;
+  }
+  precomputeWindow(t, n) {
+    const { windows: e, windowSize: r } = Re(n, this.bits), o = [];
+    let i = t, a = i;
+    for (let f = 0; f < e; f++) {
+      a = i, o.push(a);
+      for (let l = 1; l < r; l++)
+        a = a.add(i), o.push(a);
+      i = a.double();
     }
     return o;
   }
-  wNAF(t, e, r) {
-    if (!this.Fn.isValid(r)) throw new Error("invalid scalar");
-    let n = this.ZERO, o = this.BASE;
-    const s = oe(t, this.bits);
-    for (let i = 0; i < s.windows; i++) {
-      const { nextN: c, offset: f, isZero: l, isNeg: a, isNegF: g, offsetF: b } = ke(r, i, s);
-      r = c, l ? o = o.add(Gt(g, e[b])) : n = n.add(Gt(a, e[f]));
+  wNAF(t, n, e) {
+    if (!this.Fn.isValid(e)) throw new Error("invalid scalar");
+    let r = this.ZERO, o = this.BASE;
+    const i = Re(t, this.bits);
+    for (let a = 0; a < i.windows; a++) {
+      const { nextN: f, offset: l, isZero: g, isNeg: s, isNegF: u, offsetF: d } = wn(e, a, i);
+      e = f, g ? o = o.add(we(u, n[d])) : r = r.add(we(s, n[l]));
     }
-    return Te(r), {
-      p: n,
+    return bn(e), {
+      p: r,
       f: o
     };
   }
-  wNAFUnsafe(t, e, r, n = this.ZERO) {
-    const o = oe(t, this.bits);
-    for (let s = 0; s < o.windows && r !== Ot; s++) {
-      const { nextN: i, offset: c, isZero: f, isNeg: l } = ke(r, s, o);
-      if (r = i, !f) {
-        const a = e[c];
-        n = n.add(l ? a.negate() : a);
+  wNAFUnsafe(t, n, e, r = this.ZERO) {
+    const o = Re(t, this.bits);
+    for (let i = 0; i < o.windows && e !== Wt; i++) {
+      const { nextN: a, offset: f, isZero: l, isNeg: g } = wn(e, i, o);
+      if (e = a, !l) {
+        const s = n[f];
+        r = r.add(g ? s.negate() : s);
       }
     }
-    return Te(r), n;
+    return bn(e), r;
   }
-  getPrecomputes(t, e, r) {
-    let n = se.get(e);
-    return n || (n = this.precomputeWindow(e, t), t !== 1 && (typeof r == "function" && (n = r(n)), se.set(e, n))), n;
+  getPrecomputes(t, n, e) {
+    let r = _e.get(n);
+    return r || (r = this.precomputeWindow(n, t), t !== 1 && (typeof e == "function" && (r = e(r)), _e.set(n, r))), r;
   }
-  cached(t, e, r) {
-    const n = ie(t);
-    return this.wNAF(n, this.getPrecomputes(n, t, r), e);
+  cached(t, n, e) {
+    const r = Oe(t);
+    return this.wNAF(r, this.getPrecomputes(r, t, e), n);
   }
-  unsafe(t, e, r, n) {
-    const o = ie(t);
-    return o === 1 ? this._unsafeLadder(t, e, n) : this.wNAFUnsafe(o, this.getPrecomputes(o, t, r), e, n);
+  unsafe(t, n, e, r) {
+    const o = Oe(t);
+    return o === 1 ? this._unsafeLadder(t, n, r) : this.wNAFUnsafe(o, this.getPrecomputes(o, t, e), n, r);
   }
-  createCache(t, e) {
-    pn(e, this.bits), xn.set(t, e), se.delete(t);
+  createCache(t, n) {
+    rr(n, this.bits), or.set(t, n), _e.delete(t);
   }
   hasCache(t) {
-    return ie(t) !== 1;
+    return Oe(t) !== 1;
   }
 };
-function cr(t, e, r, n) {
-  let o = e, s = t.ZERO, i = t.ZERO;
-  for (; r > Ot || n > Ot; )
-    r & pt && (s = s.add(o)), n & pt && (i = i.add(o)), o = o.double(), r >>= pt, n >>= pt;
+function Wr(t, n, e, r) {
+  let o = n, i = t.ZERO, a = t.ZERO;
+  for (; e > Wt || r > Wt; )
+    e & Zt && (i = i.add(o)), r & Zt && (a = a.add(o)), o = o.double(), e >>= Zt, r >>= Zt;
   return {
-    p1: s,
-    p2: i
+    p1: i,
+    p2: a
   };
 }
-function Ve(t, e, r) {
-  if (e) {
-    if (e.ORDER !== t) throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
-    return yn(e), e;
-  } else return te(t, { isLE: r });
-}
-function fr(t, e, r = {}, n) {
-  if (n === void 0 && (n = t === "edwards"), !e || typeof e != "object") throw new Error(`expected valid ${t} CURVE object`);
-  for (const c of [
+function Qr(t, n, e) {
+  const r = t.Fn;
+  Yr(n, t), Kr(e, r);
+  const o = n.length, i = e.length;
+  if (o !== i) throw new Error("arrays of points and scalars must have equal length");
+  const a = t.ZERO, f = ye(BigInt(o));
+  let l = 1;
+  f > 12 ? l = f - 3 : f > 4 ? l = f - 2 : f > 0 && (l = 2);
+  const g = pe(l), s = new Array(Number(g) + 1).fill(a), u = Math.floor((r.BITS - 1) / l) * l;
+  let d = a;
+  for (let h = u; h >= 0; h -= l) {
+    s.fill(a);
+    for (let b = 0; b < i; b++) {
+      const E = e[b], T = Number(E >> BigInt(h) & g);
+      s[T] = s[T].add(n[b]);
+    }
+    let w = a;
+    for (let b = s.length - 1, E = a; b > 0; b--)
+      E = E.add(s[b]), w = w.add(E);
+    if (d = d.add(w), h !== 0) for (let b = 0; b < l; b++) d = d.double();
+  }
+  return d;
+}
+function yn(t, n, e) {
+  if (n) {
+    if (n.ORDER !== t) throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
+    return se(n), n;
+  } else return ve(t, { isLE: e });
+}
+function Jr(t, n, e = {}, r) {
+  if (r === void 0 && (r = t === "edwards"), !n || typeof n != "object") throw new Error(`expected valid ${t} CURVE object`);
+  for (const f of [
     "p",
     "n",
     "h"
   ]) {
-    const f = e[c];
-    if (!(typeof f == "bigint" && f > Ot)) throw new Error(`CURVE.${c} must be positive bigint`);
+    const l = n[f];
+    if (!(typeof l == "bigint" && l > Wt)) throw new Error(`CURVE.${f} must be positive bigint`);
   }
-  const o = Ve(e.p, r.Fp, n), s = Ve(e.n, r.Fn, n), i = [
+  const o = yn(n.p, e.Fp, r), i = yn(n.n, e.Fn, r), a = [
     "Gx",
     "Gy",
     "a",
     t === "weierstrass" ? "b" : "d"
   ];
-  for (const c of i) if (!o.isValid(e[c])) throw new Error(`CURVE.${c} must be valid field element of CURVE.Fp`);
-  return e = Object.freeze(Object.assign({}, e)), {
-    CURVE: e,
+  for (const f of a) if (!o.isValid(n[f])) throw new Error(`CURVE.${f} must be valid field element of CURVE.Fp`);
+  return n = Object.freeze(Object.assign({}, n)), {
+    CURVE: n,
     Fp: o,
-    Fn: s
+    Fn: i
   };
 }
-function ar(t, e) {
-  return function(n) {
-    const o = t(n);
+function to(t, n) {
+  return function(r) {
+    const o = t(r);
     return {
       secretKey: o,
-      publicKey: e(o)
+      publicKey: n(o)
     };
   };
 }
-Pt();
-var lr = Dt;
-function bt(t, e) {
-  if (Rt(t), Rt(e), t < 0 || t >= 1 << 8 * e) throw new Error("invalid I2OSP input: " + t);
-  const r = Array.from({ length: e }).fill(0);
-  for (let n = e - 1; n >= 0; n--)
-    r[n] = t & 255, t >>>= 8;
-  return new Uint8Array(r);
-}
-function ur(t, e) {
-  const r = new Uint8Array(t.length);
-  for (let n = 0; n < t.length; n++) r[n] = t[n] ^ e[n];
-  return r;
+function ir(t) {
+  if (!Number.isSafeInteger(t) || t < 0 || t > 4294967295) throw new Error("wrong u32 integer:" + t);
+  return t;
+}
+function eo(t) {
+  if (ir(t), t <= 1) return 1;
+  if (t > 2147483648) throw new Error("nextPowerOfTwo overflow: result does not fit u32");
+  return 1 << Pe(t - 1) + 1 >>> 0;
+}
+function Pe(t) {
+  return ir(t), 31 - Math.clz32(t);
+}
+function no(t, n, e, r, o) {
+  const i = t, a = e || ((s, u) => new Array(s).fill(u ?? i.ZERO)), f = (s) => {
+    if (Array.isArray(s)) return !0;
+    if (!ArrayBuffer.isView(s)) return !1;
+    const u = s;
+    return typeof u.length == "number" && typeof u.slice == "function" && typeof u[Symbol.iterator] == "function";
+  }, l = (...s) => {
+    if (!s.length) return 0;
+    for (const d of s) if (!f(d)) throw new Error("poly: not polynomial: " + d);
+    const u = s[0].length;
+    for (let d = 1; d < s.length; d++) if (s[d].length !== u) throw new Error(`poly: mismatched lengths ${u} vs ${s[d].length}`);
+    if (o !== void 0 && u !== o) throw new Error(`poly: expected fixed length ${o}, got ${u}`);
+    return u;
+  };
+  function g(s, u, d = !1) {
+    const h = Pe(u), w = d ? n.brp(h) : n.roots(h);
+    for (let b = 0; b < u; b++) if (i.eql(s, w[b])) return b;
+    return -1;
+  }
+  return {
+    roots: n,
+    create: a,
+    length: o,
+    extend: (s, u) => {
+      l(s);
+      const d = a(u, i.ZERO);
+      for (let h = 0; h < Math.min(s.length, u); h++) d[h] = s[h];
+      return d;
+    },
+    degree: (s) => {
+      l(s);
+      for (let u = s.length - 1; u >= 0; u--) if (!i.is0(s[u])) return u;
+      return -1;
+    },
+    add: (s, u) => {
+      const d = l(s, u), h = a(d);
+      for (let w = 0; w < d; w++) h[w] = i.add(s[w], u[w]);
+      return h;
+    },
+    sub: (s, u) => {
+      const d = l(s, u), h = a(d);
+      for (let w = 0; w < d; w++) h[w] = i.sub(s[w], u[w]);
+      return h;
+    },
+    dot: (s, u) => {
+      const d = l(s, u), h = a(d);
+      for (let w = 0; w < d; w++) h[w] = i.mul(s[w], u[w]);
+      return h;
+    },
+    mul: (s, u) => {
+      if (f(u)) {
+        const d = l(s, u);
+        if (r) {
+          const h = r.direct(s, !1, !0), w = r.direct(u, !1, !0);
+          for (let b = 0; b < h.length; b++) h[b] = i.mul(h[b], w[b]);
+          return r.inverse(h, !0, !1);
+        } else {
+          const h = a(d);
+          for (let w = 0; w < d; w++) for (let b = 0; b < d; b++) {
+            const E = (w + b) % d;
+            h[E] = i.add(h[E], i.mul(s[w], u[b]));
+          }
+          return h;
+        }
+      } else {
+        const d = a(l(s));
+        for (let h = 0; h < d.length; h++) d[h] = i.mul(s[h], u);
+        return d;
+      }
+    },
+    convolve(s, u) {
+      const d = eo(s.length + u.length - 1);
+      return this.mul(this.extend(s, d), this.extend(u, d));
+    },
+    shift(s, u) {
+      const d = a(l(s));
+      d[0] = s[0];
+      for (let h = 1, w = i.ONE; h < s.length; h++)
+        w = i.mul(w, u), d[h] = i.mul(s[h], w);
+      return d;
+    },
+    clone: (s) => {
+      l(s);
+      const u = a(s.length);
+      for (let d = 0; d < s.length; d++) u[d] = s[d];
+      return u;
+    },
+    eval: (s, u) => {
+      l(s, u);
+      let d = i.ZERO;
+      for (let h = 0; h < s.length; h++) d = i.add(d, i.mul(s[h], u[h]));
+      return d;
+    },
+    monomial: {
+      basis: (s, u) => {
+        const d = a(u);
+        let h = i.ONE;
+        for (let w = 0; w < u; w++)
+          d[w] = h, h = i.mul(h, s);
+        return d;
+      },
+      eval: (s, u) => {
+        l(s);
+        let d = i.ZERO;
+        for (let h = s.length - 1; h >= 0; h--) d = i.add(i.mul(d, u), s[h]);
+        return d;
+      }
+    },
+    lagrange: {
+      basis: (s, u, d = !1, h) => {
+        const w = Pe(u), b = h || (d ? n.brp(w) : n.roots(w)), E = a(u), T = g(s, u, d);
+        if (T !== -1)
+          return E[T] = i.ONE, E;
+        const B = i.pow(s, BigInt(u)), C = i.mul(i.sub(B, i.ONE), i.inv(BigInt(u))), O = a(u);
+        for (let z = 0; z < u; z++) O[z] = i.sub(s, b[z]);
+        const F = i.invertBatch(O);
+        for (let z = 0; z < u; z++) E[z] = i.mul(C, i.mul(b[z], F[z]));
+        return E;
+      },
+      eval(s, u, d = !1) {
+        l(s);
+        const h = g(u, s.length, d);
+        if (h !== -1) return s[h];
+        const w = this.basis(u, s.length, d);
+        let b = i.ZERO;
+        for (let E = 0; E < s.length; E++) i.is0(s[E]) || (b = i.add(b, i.mul(s[E], w[E])));
+        return b;
+      }
+    },
+    vanishing(s) {
+      l(s);
+      const u = a(s.length + 1, i.ZERO);
+      u[0] = i.ONE;
+      for (const d of s) {
+        const h = i.neg(d);
+        for (let w = u.length - 1; w > 0; w--) u[w] = i.add(i.mul(u[w], h), u[w - 1]);
+        u[0] = i.mul(u[0], h);
+      }
+      return u;
+    }
+  };
+}
+var ro = St;
+function kt(t, n) {
+  if (Ft(t), Ft(n), n < 0 || n > 4) throw new Error("invalid I2OSP length: " + n);
+  if (t < 0 || t > 2 ** (8 * n) - 1) throw new Error("invalid I2OSP input: " + t);
+  const e = Array.from({ length: n }).fill(0);
+  for (let r = n - 1; r >= 0; r--)
+    e[r] = t & 255, t >>>= 8;
+  return new Uint8Array(e);
+}
+function oo(t, n) {
+  const e = new Uint8Array(t.length);
+  for (let r = 0; r < t.length; r++) e[r] = t[r] ^ n[r];
+  return e;
+}
+function sr(t) {
+  if (!oe(t) && typeof t != "string") throw new Error("DST must be Uint8Array or ascii string");
+  const n = typeof t == "string" ? be(t) : t;
+  if (n.length === 0) throw new Error("DST must be non-empty");
+  return n;
 }
-function Bn(t) {
-  if (!Kt(t) && typeof t != "string") throw new Error("DST must be Uint8Array or ascii string");
-  return typeof t == "string" ? Wt(t) : t;
-}
-function dr(t, e, r, n) {
-  C(t), Rt(r), e = Bn(e), e.length > 255 && (e = n(P(Wt("H2C-OVERSIZE-DST-"), e)));
-  const { outputLen: o, blockLen: s } = n, i = Math.ceil(r / o);
-  if (r > 65535 || i > 255) throw new Error("expand_message_xmd: invalid lenInBytes");
-  const c = P(e, bt(e.length, 1)), f = bt(0, s), l = bt(r, 2), a = new Array(i), g = n(P(f, t, l, bt(0, 1), c));
-  a[0] = n(P(g, bt(1, 1), c));
-  for (let b = 1; b <= i; b++) a[b] = n(P(ur(g, a[b - 1]), bt(b + 1, 1), c));
-  return P(...a).slice(0, r);
-}
-function hr(t, e, r, n, o) {
-  if (C(t), Rt(r), e = Bn(e), e.length > 255) {
-    const s = Math.ceil(2 * n / 8);
-    e = o.create({ dkLen: s }).update(Wt("H2C-OVERSIZE-DST-")).update(e).digest();
-  }
-  if (r > 65535 || e.length > 255) throw new Error("expand_message_xof: invalid lenInBytes");
-  return o.create({ dkLen: r }).update(t).update(bt(r, 2)).update(e).update(bt(e.length, 1)).digest();
-}
-function ce(t, e, r) {
-  Qt(r, {
+function io(t, n, e, r) {
+  st(t), Ft(e), n = sr(n), n.length > 255 && (n = r(Q(be("H2C-OVERSIZE-DST-"), n)));
+  const { outputLen: o, blockLen: i } = r, a = Math.ceil(e / o);
+  if (e > 65535 || a > 255) throw new Error("expand_message_xmd: invalid lenInBytes");
+  const f = Q(n, kt(n.length, 1)), l = new Uint8Array(i), g = kt(e, 2), s = new Array(a), u = r(Q(l, t, g, kt(0, 1), f));
+  s[0] = r(Q(u, kt(1, 1), f));
+  for (let d = 1; d < a; d++) s[d] = r(Q(oo(u, s[d - 1]), kt(d + 1, 1), f));
+  return Q(...s).slice(0, e);
+}
+function so(t, n, e, r, o) {
+  if (st(t), Ft(e), n = sr(n), n.length > 255) {
+    const i = Math.ceil(2 * r / 8);
+    n = o.create({ dkLen: i }).update(be("H2C-OVERSIZE-DST-")).update(n).digest();
+  }
+  if (e > 65535 || n.length > 255) throw new Error("expand_message_xof: invalid lenInBytes");
+  return o.create({ dkLen: e }).update(t).update(kt(e, 2)).update(n).update(kt(n.length, 1)).digest();
+}
+function He(t, n, e) {
+  Mt(e, {
     p: "bigint",
     m: "number",
     k: "number",
     hash: "function"
   });
-  const { p: n, k: o, m: s, hash: i, expand: c, DST: f } = r;
-  Rt(i.outputLen, "valid hash"), C(t), Rt(e);
-  const l = n.toString(2).length, a = Math.ceil((l + o) / 8), g = e * s * a;
-  let b;
-  if (c === "xmd") b = dr(t, f, g, i);
-  else if (c === "xof") b = hr(t, f, g, o, i);
-  else if (c === "_internal_pass") b = t;
+  const { p: r, k: o, m: i, hash: a, expand: f, DST: l } = e;
+  if (Ft(a.outputLen, "valid hash"), st(t), Ft(n), n < 1) throw new Error("hash_to_field: expected count >= 1");
+  if (i < 1) throw new Error("hash_to_field: expected m >= 1");
+  const g = r.toString(2).length, s = Math.ceil((g + o) / 8), u = n * i * s;
+  let d;
+  if (f === "xmd") d = io(t, l, u, a);
+  else if (f === "xof") d = so(t, l, u, o, a);
+  else if (f === "_internal_pass") d = t;
   else throw new Error('expand must be "xmd" or "xof"');
-  const w = new Array(e);
-  for (let m = 0; m < e; m++) {
-    const x = new Array(s);
-    for (let v = 0; v < s; v++) {
-      const B = a * (v + m * s);
-      x[v] = et(lr(b.subarray(B, B + a)), n);
-    }
-    w[m] = x;
-  }
-  return w;
-}
-function br(t, e) {
-  const r = e.map((n) => Array.from(n).reverse());
-  return (n, o) => {
-    const [s, i, c, f] = r.map((g) => g.reduce((b, w) => t.add(t.mul(b, n), w))), [l, a] = Ft(t, [i, f], !0);
-    return n = t.mul(s, l), o = t.mul(o, t.mul(c, a)), {
-      x: n,
+  const h = new Array(n);
+  for (let w = 0; w < n; w++) {
+    const b = new Array(i);
+    for (let E = 0; E < i; E++) {
+      const T = s * (E + w * i);
+      b[E] = bt(ro(d.subarray(T, T + s)), r);
+    }
+    h[w] = b;
+  }
+  return h;
+}
+function co(t, n) {
+  const e = n.map((r) => Array.from(r).reverse());
+  return (r, o) => {
+    const [i, a, f, l] = e.map((u) => u.reduce((d, h) => t.add(t.mul(d, r), h))), [g, s] = Ee(t, [a, l], !0);
+    return r = t.mul(i, g), o = t.mul(o, t.mul(f, s)), {
+      x: r,
       y: o
     };
   };
 }
-var wr = Wt("HashToScalar-");
-function gr(t, e, r) {
-  if (typeof e != "function") throw new Error("mapToCurve() must be defined");
-  function n(s) {
-    return t.fromAffine(e(s));
+var fo = "HashToScalar-";
+function ao(t, n, e) {
+  if (typeof n != "function") throw new Error("mapToCurve() must be defined");
+  const r = (f) => Object.freeze({
+    ...f,
+    DST: oe(f.DST) ? Ze(f.DST) : f.DST,
+    ...f.encodeDST === void 0 ? {} : { encodeDST: oe(f.encodeDST) ? Ze(f.encodeDST) : f.encodeDST }
+  }), o = r(e);
+  function i(f) {
+    return t.fromAffine(n(f));
+  }
+  function a(f) {
+    const l = f.clearCofactor();
+    return l.equals(t.ZERO) ? t.ZERO : (l.assertValidity(), l);
   }
-  function o(s) {
-    const i = s.clearCofactor();
-    return i.equals(t.ZERO) ? t.ZERO : (i.assertValidity(), i);
-  }
-  return {
-    defaults: Object.freeze(r),
+  return Object.freeze({
+    get defaults() {
+      return r(o);
+    },
     Point: t,
-    hashToCurve(s, i) {
-      const c = ce(s, 2, Object.assign({}, r, i)), f = n(c[0]), l = n(c[1]);
-      return o(f.add(l));
+    hashToCurve(f, l) {
+      const g = He(f, 2, Object.assign({}, o, l)), s = i(g[0]), u = i(g[1]);
+      return a(s.add(u));
     },
-    encodeToCurve(s, i) {
-      const c = r.encodeDST ? { DST: r.encodeDST } : {};
-      return o(n(ce(s, 1, Object.assign({}, r, c, i))[0]));
+    encodeToCurve(f, l) {
+      const g = o.encodeDST ? { DST: o.encodeDST } : {};
+      return a(i(He(f, 1, Object.assign({}, o, g, l))[0]));
     },
-    mapToCurve(s) {
-      if (r.m === 1) {
-        if (typeof s != "bigint") throw new Error("expected bigint (m=1)");
-        return o(n([s]));
+    mapToCurve(f) {
+      if (o.m === 1) {
+        if (typeof f != "bigint") throw new Error("expected bigint (m=1)");
+        return a(i([f]));
       }
-      if (!Array.isArray(s)) throw new Error("expected array of bigints");
-      for (const i of s) if (typeof i != "bigint") throw new Error("expected array of bigints");
-      return o(n(s));
+      if (!Array.isArray(f)) throw new Error("expected array of bigints");
+      for (const l of f) if (typeof l != "bigint") throw new Error("expected array of bigints");
+      return a(i(f));
     },
-    hashToScalar(s, i) {
-      const c = t.Fn.ORDER;
-      return ce(s, 1, Object.assign({}, r, {
-        p: c,
+    hashToScalar(f, l) {
+      const g = t.Fn.ORDER;
+      return He(f, 1, Object.assign({}, o, {
+        p: g,
         m: 1,
-        DST: wr
-      }, i))[0][0];
+        DST: fo
+      }, l))[0][0];
     }
-  };
+  });
 }
-Ln();
-Nt();
-Pt();
-var Me = (t, e) => (t + (t >= 0 ? e : -e) / ct) / e;
-function mr(t, e, r) {
-  const [[n, o], [s, i]] = e, c = Me(i * t, r), f = Me(-o * t, r);
-  let l = t - c * n - f * s, a = -c * o - f * i;
-  const g = l < rt, b = a < rt;
-  g && (l = -l), b && (a = -a);
-  const w = Jt(Math.ceil(Kn(r) / 2)) + z;
-  if (l < rt || l >= w || a < rt || a >= w) throw new Error("splitScalar (endomorphism): failed, k=" + t);
+Qt();
+var fe = (t) => {
+  if (!Number.isSafeInteger(t.min) || !Number.isSafeInteger(t.max)) throw new Error("Wrong signers info: min=" + t.min + " max=" + t.max);
+  if (t.min < 2 || t.max < 2 || t.min > t.max) throw new Error("Wrong signers info: min=" + t.min + " max=" + t.max);
+}, pn = (t, n) => {
+  if (n < t.min || n > t.max) throw new Error("Wrong number of commitments=" + n);
+}, ae = class extends Error {
+  cheaters;
+  constructor(t, n) {
+    super(t), this.cheaters = n;
+  }
+};
+function cr(t) {
+  Mt(t, {
+    name: "string",
+    hash: "function"
+  }, {
+    hashToScalar: "function",
+    validatePoint: "function",
+    parsePublicKey: "function",
+    adjustScalar: "function",
+    adjustPoint: "function",
+    challenge: "function",
+    adjustNonces: "function",
+    adjustSecret: "function",
+    adjustPublic: "function",
+    adjustGroupCommitmentShare: "function",
+    adjustDKG: "function"
+  }), Gr(t.Point);
+  const { Point: n } = t, e = t.Fn === void 0 ? n.Fn : t.Fn, r = t.hash, o = t.hashToScalar === void 0 ? (c, m = { DST: new Uint8Array() }) => {
+    const y = r(Q(m.DST, c));
+    return e.create(e.isLE ? ge(y) : St(y));
+  } : t.hashToScalar, i = Nt(t.H1 !== void 0 ? t.H1 : t.name + "rho"), a = Nt(t.H2 !== void 0 ? t.H2 : t.name + "chal"), f = Nt(t.H3 !== void 0 ? t.H3 : t.name + "nonce"), l = Nt(t.H4 !== void 0 ? t.H4 : t.name + "msg"), g = Nt(t.H5 !== void 0 ? t.H5 : t.name + "com"), s = Nt(t.HDKG !== void 0 ? t.HDKG : t.name + "dkg"), u = Nt(t.HID !== void 0 ? t.HID : t.name + "id"), d = (c) => o(c, { DST: i }), h = (c) => o(c, { DST: a }), w = (c) => o(c, { DST: f }), b = (c) => r(Q(l, c)), E = (c) => r(Q(g, c)), T = (c) => o(c, { DST: s }), B = (c) => o(c, { DST: u }), C = (c = wt) => {
+    const m = nr(c(nn(e.ORDER)), e.ORDER, e.isLE);
+    return e.isLE ? ge(m) : St(m);
+  }, O = (c) => c.toBytes(), F = (c) => {
+    const m = n.fromBytes(c);
+    return t.validatePoint && t.validatePoint(m), m;
+  }, z = (c, m) => ({
+    identifier: c,
+    hiding: O(n.BASE.multiply(e.fromBytes(m.hiding))),
+    binding: O(n.BASE.multiply(e.fromBytes(m.binding)))
+  }), W = t.adjustPoint === void 0 ? (c) => c : t.adjustPoint, N = (c) => {
+    if (!e.isValid(c) || e.is0(c)) throw new Error("Invalid identifier " + c);
+    return c;
+  }, V = (c) => Ct(e.toBytes(N(c))), K = (c) => {
+    const m = N(e.fromBytes(he(c)));
+    if (V(m) !== c) throw new Error("expected canonical identifier hex");
+    return m;
+  }, M = {
+    encode: (c, m) => {
+      let y = Q(O(c), e.toBytes(m));
+      return t.adjustTx && (y = t.adjustTx.encode(y)), y;
+    },
+    decode: (c) => (t.adjustTx && (c = t.adjustTx.decode(c)), {
+      R: F(c.subarray(0, -e.BYTES)),
+      z: e.fromBytes(c.subarray(-e.BYTES))
+    })
+  }, v = (c = wt) => {
+    let m = C(c);
+    t.adjustScalar && (m = t.adjustScalar(m));
+    let y = n.BASE.multiply(m);
+    return {
+      scalar: m,
+      point: y
+    };
+  }, H = "roots are unavailable in FROST polynomial mode", U = no(e, {
+    info: {
+      G: e.ZERO,
+      oddFactor: e.ZERO,
+      powerOfTwo: 0
+    },
+    roots() {
+      throw new Error(H);
+    },
+    brp() {
+      throw new Error(H);
+    },
+    inverse() {
+      throw new Error(H);
+    },
+    omega() {
+      throw new Error(H);
+    },
+    clear() {
+    }
+  }), S = (c, m) => Qr(n, c, m), p = (c, m) => {
+    if (!m.length) throw new Error("empty coefficients");
+    return U.monomial.eval(m, c);
+  }, R = (c, m) => {
+    const y = "invalid parameters";
+    if (!c.some((L) => e.eql(L, m))) throw new Error(y);
+    const x = new Set(c);
+    if (x.size !== c.length) throw new Error(y);
+    if (!x.has(m)) throw new Error(y);
+    let A = e.ONE, j = e.ONE;
+    for (const L of c)
+      e.eql(L, m) || (A = e.mul(A, L), j = e.mul(j, e.sub(L, m)));
+    return e.div(A, j);
+  }, I = (c, m) => S(m, U.monomial.basis(c, m.length)), _ = (c, m, y, x = wt) => {
+    fe(c);
+    const A = m === void 0 ? C(x) : e.fromBytes(m);
+    if (!y) {
+      y = [];
+      for (let L = 0; L < c.min - 1; L++) y.push(C(x));
+    }
+    if (y.length !== c.min - 1) throw new Error("wrong coefficients length");
+    const j = [A, ...y];
+    return {
+      coefficients: j,
+      commitment: j.map((L) => n.BASE.multiply(L)),
+      secret: A
+    };
+  }, D = {
+    challenge: (c, m, y) => T(Q(e.toBytes(c), O(m), O(y))),
+    compute(c, m, y, x = wt) {
+      if (m.length < 1) throw new Error("coefficients should have at least one element");
+      const { point: A, scalar: j } = v(x), L = y[0], P = this.challenge(c, L, A), k = e.add(j, e.mul(m[0], P));
+      return M.encode(A, k);
+    },
+    validate(c, m, y) {
+      if (m.length < 1) throw new Error("commitment should have at least one element");
+      const { R: x, z: A } = M.decode(y), j = F(m[0]), L = this.challenge(c, j, x);
+      if (!x.equals(n.BASE.multiply(A).subtract(j.multiply(L)))) throw new Error("invalid proof of knowledge");
+    }
+  }, q = {
+    challenge: (c, m, y) => t.challenge ? t.challenge(c, m, y) : h(Q(O(c), O(m), y)),
+    sign(c, m, y = wt) {
+      const { point: x, scalar: A } = v(y), j = n.BASE.multiply(m), L = this.challenge(x, j, c);
+      return [x, e.add(A, e.mul(L, m))];
+    },
+    verify(c, m, y, x) {
+      t.adjustPoint && (x = t.adjustPoint(x)), t.adjustPoint && (m = t.adjustPoint(m));
+      const A = this.challenge(m, x, c), j = n.BASE.multiply(y), L = x.multiply(A);
+      let P = j.subtract(L).subtract(m);
+      return P.clearCofactor && (P = P.clearCofactor()), n.ZERO.equals(P);
+    }
+  }, X = (c, m, y) => {
+    if (!n.BASE.multiply(y).equals(I(c, m))) throw new Error("invalid secret share");
+  }, Y = {
+    fromNumber(c) {
+      if (!Number.isSafeInteger(c)) throw new Error("expected safe interger");
+      return V(BigInt(c));
+    },
+    derive(c) {
+      if (typeof c != "string") throw new Error("wrong identifier string: " + c);
+      return V(B(Nt(c)));
+    }
+  }, Z = (c, m = wt) => w(Q(m(32), e.toBytes(c))), nt = (c, m, y) => {
+    const x = m.map((tt) => [
+      tt.identifier,
+      K(tt.identifier),
+      F(tt.hiding),
+      F(tt.binding)
+    ]);
+    x.sort((tt, ht) => tt[1] < ht[1] ? -1 : tt[1] > ht[1] ? 1 : 0);
+    const A = [];
+    for (const [tt, ht, $, et] of x) A.push(e.toBytes(ht), O($), O(et));
+    const j = E(Q(...A)), L = Q(O(c), b(y), j), P = {};
+    for (const [tt, ht] of x) P[tt] = d(Q(L, e.toBytes(ht)));
+    const k = [], G = [];
+    for (const [tt, ht, $, et] of x) {
+      if (n.ZERO.equals($) || n.ZERO.equals(et)) throw new Error("infinity commitment");
+      k.push($, et), G.push(e.ONE, P[tt]);
+    }
+    const mt = S(k, G);
+    return {
+      identifiers: x.map((tt) => tt[1]),
+      groupCommitment: mt,
+      bindingFactors: P
+    };
+  }, rt = (c, m, y, x) => {
+    const A = W(F(c)), j = K(x), { identifiers: L, groupCommitment: P, bindingFactors: k } = nt(A, m, y), G = k[x];
+    return {
+      lambda: R(L, j),
+      challenge: q.challenge(P, A, y),
+      bindingFactor: G,
+      groupCommitment: P
+    };
+  };
+  Object.freeze(Y);
+  const it = {
+    Identifier: Y,
+    DKG: Object.freeze({
+      round1: (c, m, y, x = wt) => {
+        fe(m);
+        const A = K(c), { coefficients: j, commitment: L } = _(m, y, void 0, x), P = D.compute(A, j, L, x), k = L.map(O);
+        return {
+          public: {
+            identifier: V(A),
+            commitment: k,
+            proofOfKnowledge: P
+          },
+          secret: {
+            identifier: A,
+            coefficients: j,
+            commitment: L.map(O),
+            signers: {
+              min: m.min,
+              max: m.max
+            },
+            step: 1
+          }
+        };
+      },
+      round2: (c, m) => {
+        if (m.length !== c.signers.max - 1) throw new Error("wrong number of round1 packages");
+        if (!c.coefficients || c.step === 3) throw new Error("round3 package used in round2");
+        const y = {};
+        for (const x of m) {
+          if (x.commitment.length !== c.signers.min) throw new Error("wrong number of commitments");
+          const A = K(x.identifier);
+          if (A === c.identifier) throw new Error("duplicate id=" + V(A));
+          D.validate(A, x.commitment, x.proofOfKnowledge);
+          for (const L of x.commitment) F(L);
+          if (y[x.identifier]) throw new Error("Duplicate id=" + A);
+          const j = e.toBytes(p(A, c.coefficients));
+          y[x.identifier] = {
+            identifier: V(c.identifier),
+            signingShare: j
+          };
+        }
+        return c.step = 2, y;
+      },
+      round3: (c, m, y) => {
+        if (m.length !== c.signers.max - 1) throw new Error("wrong length of round1 packages");
+        if (!c.coefficients || c.step !== 2) throw new Error("round2 package used in round3");
+        if (y.length !== m.length) throw new Error("wrong length of round2 packages");
+        const x = {};
+        for (const $ of m) {
+          if (!$.identifier || !$.commitment) throw new Error("wrong round1 share");
+          x[$.identifier] = { ...$ };
+        }
+        for (const $ of y) {
+          if (!$.identifier || !$.signingShare) throw new Error("wrong round2 share");
+          if (!x[$.identifier]) throw new Error("round1 share for " + $.identifier + " is missing");
+          x[$.identifier].signingShare = $.signingShare;
+        }
+        if (Object.keys(x).length !== m.length) throw new Error("mismatch identifiers between rounds");
+        let A = e.ZERO;
+        if (c.commitment.length !== c.signers.min) throw new Error("wrong commitments length");
+        const j = c.commitment.map(F), L = p(c.identifier, c.coefficients);
+        X(c.identifier, j, L);
+        const P = j.map(O), k = { [V(c.identifier)]: P };
+        for (const $ in x) {
+          const et = x[$];
+          if (!et.signingShare || !et.commitment) throw new Error("mismatch identifiers");
+          const pt = K($), Gt = e.fromBytes(et.signingShare), xe = et.commitment.map(F);
+          X(c.identifier, xe, Gt), A = e.add(A, Gt);
+          const Jt = V(pt);
+          if (k[Jt]) throw new Error("duplicated id=" + Jt);
+          k[Jt] = et.commitment;
+        }
+        A = e.add(A, L);
+        const G = new Array(c.signers.min).fill(n.ZERO);
+        for (const $ in k) {
+          const et = k[$];
+          if (et.length !== c.signers.min) throw new Error("wrong commitments length");
+          for (let pt = 0; pt < et.length; pt++) G[pt] = G[pt].add(F(et[pt]));
+        }
+        const mt = G.map(O), tt = {};
+        for (const $ in k) tt[$] = O(I(K($), G));
+        let ht = {
+          public: {
+            signers: {
+              min: c.signers.min,
+              max: c.signers.max
+            },
+            commitments: mt,
+            verifyingShares: Object.fromEntries(Object.entries(tt).map(([$, et]) => [$, et.slice()]))
+          },
+          secret: {
+            identifier: V(c.identifier),
+            signingShare: e.toBytes(A)
+          }
+        };
+        t.adjustDKG && (ht = t.adjustDKG(ht));
+        for (let $ = 0; $ < c.coefficients.length; $++) c.coefficients[$] -= c.coefficients[$];
+        return delete c.coefficients, c.step = 3, ht;
+      },
+      clean(c) {
+        if (c.identifier -= c.identifier, c.coefficients) for (let m = 0; m < c.coefficients.length; m++) c.coefficients[m] -= c.coefficients[m];
+        c.step = 3;
+      }
+    }),
+    trustedDealer(c, m, y, x = wt) {
+      if (fe(c), m === void 0) {
+        m = [];
+        for (let G = 1; G <= c.max; G++) m.push(Y.fromNumber(G));
+      } else if (!Array.isArray(m) || m.length !== c.max) throw new Error("identifiers should be array of " + c.max);
+      const A = {};
+      for (const G of m) {
+        const mt = K(G);
+        if (G in A) throw new Error("duplicated id=" + G);
+        A[G] = mt;
+      }
+      const j = _(c, y, void 0, x), L = j.commitment.map(O), P = {}, k = {};
+      for (const G of m) {
+        const mt = p(A[G], j.coefficients);
+        k[G] = O(n.BASE.multiply(mt)), P[G] = {
+          identifier: G,
+          signingShare: e.toBytes(mt)
+        };
+      }
+      return {
+        public: {
+          signers: {
+            min: c.min,
+            max: c.max
+          },
+          commitments: L,
+          verifyingShares: k
+        },
+        secretShares: P
+      };
+    },
+    validateSecret(c, m) {
+      X(K(c.identifier), m.commitments.map(F), e.fromBytes(c.signingShare));
+    },
+    commit(c, m = wt) {
+      const y = e.fromBytes(c.signingShare), x = Z(y, m), A = Z(y, m), j = {
+        hiding: e.toBytes(x),
+        binding: e.toBytes(A)
+      };
+      return {
+        nonces: j,
+        commitments: z(c.identifier, j)
+      };
+    },
+    signShare(c, m, y, x, A) {
+      pn(m.signers, x.length);
+      const j = e.fromBytes(y.hiding), L = e.fromBytes(y.binding);
+      if (e.is0(j) || e.is0(L)) throw new Error("signing nonces already used");
+      const P = {
+        identifier: c.identifier,
+        hiding: O(n.BASE.multiply(j)),
+        binding: O(n.BASE.multiply(L))
+      }, k = x.find((wr) => wr.identifier === c.identifier);
+      if (!k) throw new Error("missing signer commitment");
+      if (Ct(k.hiding) !== Ct(P.hiding) || Ct(k.binding) !== Ct(P.binding)) throw new Error("incorrect signer commitment");
+      t.adjustSecret && (c = t.adjustSecret(c, m)), t.adjustPublic && (m = t.adjustPublic(m));
+      const G = e.fromBytes(c.signingShare), { lambda: mt, challenge: tt, bindingFactor: ht, groupCommitment: $ } = rt(m.commitments[0], x, A, c.identifier), et = t.adjustNonces ? t.adjustNonces($, y) : y, pt = t.adjustNonces ? e.fromBytes(et.hiding) : j, Gt = t.adjustNonces ? e.fromBytes(et.binding) : L, xe = e.mul(e.mul(mt, G), tt), Jt = e.mul(Gt, ht), gr = e.toBytes(e.add(e.add(pt, Jt), xe));
+      return y.hiding.fill(0), y.binding.fill(0), gr;
+    },
+    verifyShare(c, m, y, x, A) {
+      t.adjustPublic && (c = t.adjustPublic(c));
+      const j = m.find((Gt) => Gt.identifier === x);
+      if (!j) throw new Error("cannot find identifier commitment");
+      const L = F(c.verifyingShares[x]), P = F(j.hiding), k = F(j.binding), { lambda: G, challenge: mt, bindingFactor: tt, groupCommitment: ht } = rt(c.commitments[0], m, y, x);
+      let $ = P.add(k.multiply(tt));
+      t.adjustGroupCommitmentShare && ($ = t.adjustGroupCommitmentShare(ht, $));
+      const et = n.BASE.multiply(e.fromBytes(A)), pt = $.add(L.multiply(e.mul(mt, G)));
+      return et.equals(pt);
+    },
+    aggregate(c, m, y, x) {
+      t.adjustPublic && (c = t.adjustPublic(c));
+      try {
+        pn(c.signers, m.length);
+      } catch {
+        throw new ae("aggregation failed", []);
+      }
+      const A = m.map((k) => k.identifier);
+      if (A.length !== Object.keys(x).length) throw new ae("aggregation failed", []);
+      for (const k of A) if (!(k in x) || !(k in c.verifyingShares)) throw new ae("aggregation failed", []);
+      const j = F(c.commitments[0]), { groupCommitment: L } = nt(j, m, y);
+      let P = e.ZERO;
+      for (const k of A) P = e.add(P, e.fromBytes(x[k]));
+      if (!q.verify(y, L, P, j)) {
+        const k = [];
+        for (const G of A) this.verifyShare(c, m, y, G, x[G]) || k.push(G);
+        throw new ae("aggregation failed", k);
+      }
+      return M.encode(L, P);
+    },
+    sign(c, m) {
+      let y = e.fromBytes(m);
+      t.adjustScalar && (y = t.adjustScalar(y));
+      const [x, A] = q.sign(c, y);
+      return M.encode(x, A);
+    },
+    verify(c, m, y) {
+      const x = t.parsePublicKey ? t.parsePublicKey(y) : F(y), { R: A, z: j } = M.decode(c);
+      return q.verify(m, A, j, x);
+    },
+    combineSecret(c, m) {
+      if (fe(m), !Array.isArray(c) || c.length < m.min) throw new Error("wrong secret shares array");
+      const y = [], x = {};
+      for (const L of c) {
+        const P = K(L.identifier), k = V(P);
+        if (x[k]) throw new Error("duplicated id=" + k);
+        x[k] = !0, y.push([P, e.fromBytes(L.signingShare)]);
+      }
+      const A = y.map(([L]) => L);
+      let j = e.ZERO;
+      for (const [L, P] of y) j = e.add(j, e.mul(P, R(A, L)));
+      return e.toBytes(j);
+    },
+    utils: Object.freeze({
+      Fn: e,
+      randomScalar: (c = wt) => e.toBytes(v(c).scalar),
+      generateSecretPolynomial: (c, m, y, x) => {
+        const A = _(c, m, y, x);
+        return {
+          ...A,
+          commitment: A.commitment.map(O)
+        };
+      }
+    })
+  };
+  return Object.freeze(it);
+}
+Er();
+Qt();
+var En = (t, n) => (t + (t >= 0 ? n : -n) / Bt) / n;
+function lo(t, n, e) {
+  Mn("scalar", t, yt, e);
+  const [[r, o], [i, a]] = n, f = En(a * t, e), l = En(-o * t, e);
+  let g = t - f * r - l * i, s = -f * o - l * a;
+  const u = g < yt, d = s < yt;
+  u && (g = -g), d && (s = -s);
+  const h = pe(Math.ceil(ye(e) / 2)) + ct;
+  if (g < yt || g >= h || s < yt || s >= h) throw new Error("splitScalar (endomorphism): failed for k");
   return {
-    k1neg: g,
-    k1: l,
-    k2neg: b,
-    k2: a
+    k1neg: u,
+    k1: g,
+    k2neg: d,
+    k2: s
   };
 }
-function Ee(t) {
+function ze(t) {
   if (![
     "compact",
     "recovered",
@@ -1401,88 +2144,96 @@ function Ee(t) {
   ].includes(t)) throw new Error('Signature format must be "compact", "recovered", or "der"');
   return t;
 }
-function fe(t, e) {
-  const r = {};
-  for (let n of Object.keys(e)) r[n] = t[n] === void 0 ? e[n] : t[n];
-  return jt(r.lowS, "lowS"), jt(r.prehash, "prehash"), r.format !== void 0 && Ee(r.format), r;
+function Te(t, n) {
+  Mt(t);
+  const e = {};
+  for (let r of Object.keys(n)) e[r] = t[r] === void 0 ? n[r] : t[r];
+  return ie(e.lowS, "lowS"), ie(e.prehash, "prehash"), e.format !== void 0 && ze(e.format), e;
 }
-var yr = class extends Error {
+var uo = class extends Error {
   constructor(t = "") {
     super(t);
   }
-}, wt = {
-  Err: yr,
+}, Et = {
+  Err: uo,
   _tlv: {
-    encode: (t, e) => {
-      const { Err: r } = wt;
-      if (t < 0 || t > 256) throw new r("tlv.encode: wrong tag");
-      if (e.length & 1) throw new r("tlv.encode: unpadded data");
-      const n = e.length / 2, o = Zt(n);
-      if (o.length / 2 & 128) throw new r("tlv.encode: long form length too big");
-      const s = n > 127 ? Zt(o.length / 2 | 128) : "";
-      return Zt(t) + s + o + e;
+    encode: (t, n) => {
+      const { Err: e } = Et;
+      if (Ft(t, "tag"), t < 0 || t > 255) throw new e("tlv.encode: wrong tag");
+      if (typeof n != "string") throw new TypeError('"data" expected string, got type=' + typeof n);
+      if (n.length & 1) throw new e("tlv.encode: unpadded data");
+      const r = n.length / 2, o = ce(r);
+      if (o.length / 2 & 128) throw new e("tlv.encode: long form length too big");
+      const i = r > 127 ? ce(o.length / 2 | 128) : "";
+      return ce(t) + i + o + n;
     },
-    decode(t, e) {
-      const { Err: r } = wt;
-      let n = 0;
-      if (t < 0 || t > 256) throw new r("tlv.encode: wrong tag");
-      if (e.length < 2 || e[n++] !== t) throw new r("tlv.decode: wrong tlv");
-      const o = e[n++], s = !!(o & 128);
-      let i = 0;
-      if (!s) i = o;
+    decode(t, n) {
+      const { Err: e } = Et;
+      n = st(n, void 0, "DER data");
+      let r = 0;
+      if (t < 0 || t > 255) throw new e("tlv.encode: wrong tag");
+      if (n.length < 2 || n[r++] !== t) throw new e("tlv.decode: wrong tlv");
+      const o = n[r++], i = !!(o & 128);
+      let a = 0;
+      if (!i) a = o;
       else {
-        const f = o & 127;
-        if (!f) throw new r("tlv.decode(long): indefinite length not supported");
-        if (f > 4) throw new r("tlv.decode(long): byte length is too big");
-        const l = e.subarray(n, n + f);
-        if (l.length !== f) throw new r("tlv.decode: length bytes not complete");
-        if (l[0] === 0) throw new r("tlv.decode(long): zero leftmost byte");
-        for (const a of l) i = i << 8 | a;
-        if (n += f, i < 128) throw new r("tlv.decode(long): not minimal encoding");
+        const l = o & 127;
+        if (!l) throw new e("tlv.decode(long): indefinite length not supported");
+        if (l > 4) throw new e("tlv.decode(long): byte length is too big");
+        const g = n.subarray(r, r + l);
+        if (g.length !== l) throw new e("tlv.decode: length bytes not complete");
+        if (g[0] === 0) throw new e("tlv.decode(long): zero leftmost byte");
+        for (const s of g) a = a << 8 | s;
+        if (r += l, a < 128) throw new e("tlv.decode(long): not minimal encoding");
       }
-      const c = e.subarray(n, n + i);
-      if (c.length !== i) throw new r("tlv.decode: wrong value length");
+      const f = n.subarray(r, r + a);
+      if (f.length !== a) throw new e("tlv.decode: wrong value length");
       return {
-        v: c,
-        l: e.subarray(n + i)
+        v: f,
+        l: n.subarray(r + a)
       };
     }
   },
   _int: {
     encode(t) {
-      const { Err: e } = wt;
-      if (t < rt) throw new e("integer: negative integers are not allowed");
-      let r = Zt(t);
-      if (Number.parseInt(r[0], 16) & 8 && (r = "00" + r), r.length & 1) throw new e("unexpected DER parsing assertion: unpadded hex");
-      return r;
+      const { Err: n } = Et;
+      if (Je(t), t < yt) throw new n("integer: negative integers are not allowed");
+      let e = ce(t);
+      if (Number.parseInt(e[0], 16) & 8 && (e = "00" + e), e.length & 1) throw new n("unexpected DER parsing assertion: unpadded hex");
+      return e;
     },
     decode(t) {
-      const { Err: e } = wt;
-      if (t[0] & 128) throw new e("invalid signature integer: negative");
-      if (t[0] === 0 && !(t[1] & 128)) throw new e("invalid signature integer: unnecessary leading zero");
-      return Dt(t);
+      const { Err: n } = Et;
+      if (t.length < 1) throw new n("invalid signature integer: empty");
+      if (t[0] & 128) throw new n("invalid signature integer: negative");
+      if (t.length > 1 && t[0] === 0 && !(t[1] & 128)) throw new n("invalid signature integer: unnecessary leading zero");
+      return St(t);
     }
   },
   toSig(t) {
-    const { Err: e, _int: r, _tlv: n } = wt, o = C(t, void 0, "signature"), { v: s, l: i } = n.decode(48, o);
-    if (i.length) throw new e("invalid signature: left bytes after parsing");
-    const { v: c, l: f } = n.decode(2, s), { v: l, l: a } = n.decode(2, f);
-    if (a.length) throw new e("invalid signature: left bytes after parsing");
+    const { Err: n, _int: e, _tlv: r } = Et, o = st(t, void 0, "signature"), { v: i, l: a } = r.decode(48, o);
+    if (a.length) throw new n("invalid signature: left bytes after parsing");
+    const { v: f, l } = r.decode(2, i), { v: g, l: s } = r.decode(2, l);
+    if (s.length) throw new n("invalid signature: left bytes after parsing");
     return {
-      r: r.decode(c),
-      s: r.decode(l)
+      r: e.decode(f),
+      s: e.decode(g)
     };
   },
   hexFromSig(t) {
-    const { _tlv: e, _int: r } = wt, n = e.encode(2, r.encode(t.r)) + e.encode(2, r.encode(t.s));
-    return e.encode(48, n);
-  }
-}, rt = BigInt(0), z = BigInt(1), ct = BigInt(2), St = BigInt(3), ve = BigInt(4);
-function Er(t, e = {}) {
-  const r = fr("weierstrass", t, e), { Fp: n, Fn: o } = r;
-  let s = r.CURVE;
-  const { h: i, n: c } = s;
-  Qt(e, {}, {
+    const { _tlv: n, _int: e } = Et, r = n.encode(2, e.encode(t.r)) + n.encode(2, e.encode(t.s));
+    return n.encode(48, r);
+  }
+};
+Object.freeze(Et._tlv);
+Object.freeze(Et._int);
+Object.freeze(Et);
+var yt = /* @__PURE__ */ BigInt(0), ct = /* @__PURE__ */ BigInt(1), Bt = /* @__PURE__ */ BigInt(2), Xt = /* @__PURE__ */ BigInt(3), Me = /* @__PURE__ */ BigInt(4);
+function ho(t, n = {}) {
+  const e = Jr("weierstrass", t, n), r = e.Fp, o = e.Fn;
+  let i = e.CURVE;
+  const { h: a, n: f } = i;
+  Mt(n, {}, {
     allowInfinityPoint: "boolean",
     clearCofactor: "function",
     isTorsionFree: "function",
@@ -1490,127 +2241,103 @@ function Er(t, e = {}) {
     toBytes: "function",
     endo: "object"
   });
-  const { endo: f } = e;
-  if (f && (!n.is0(s.a) || typeof f.beta != "bigint" || !Array.isArray(f.basises)))
+  const { endo: l, allowInfinityPoint: g } = n;
+  if (l && (!r.is0(i.a) || typeof l.beta != "bigint" || !Array.isArray(l.basises)))
     throw new Error('invalid endo: expected "beta": bigint and "basises": array');
-  const l = An(n, o);
-  function a() {
-    if (!n.isOdd) throw new Error("compression is not supported: Field does not have .isOdd()");
-  }
-  function g(U, h, d) {
-    const { x: u, y } = h.toAffine(), _ = n.toBytes(u);
-    return jt(d, "isCompressed"), d ? (a(), P(_n(!n.isOdd(y)), _)) : P(Uint8Array.of(4), _, n.toBytes(y));
-  }
-  function b(U) {
-    C(U, void 0, "Point");
-    const { publicKey: h, publicKeyUncompressed: d } = l, u = U.length, y = U[0], _ = U.subarray(1);
-    if (u === h && (y === 2 || y === 3)) {
-      const S = n.fromBytes(_);
-      if (!n.isValid(S)) throw new Error("bad point: is not on curve, wrong x");
-      const A = x(S);
-      let p;
+  const s = ar(r, o);
+  function u() {
+    if (!r.isOdd) throw new Error("compression is not supported: Field does not have .isOdd()");
+  }
+  function d(M, v, H) {
+    if (g && v.is0()) return Uint8Array.of(0);
+    const { x: U, y: S } = v.toAffine(), p = r.toBytes(U);
+    return ie(H, "isCompressed"), H ? (u(), Q(fr(!r.isOdd(S)), p)) : Q(Uint8Array.of(4), p, r.toBytes(S));
+  }
+  function h(M) {
+    st(M, void 0, "Point");
+    const { publicKey: v, publicKeyUncompressed: H } = s, U = M.length, S = M[0], p = M.subarray(1);
+    if (g && U === 1 && S === 0) return {
+      x: r.ZERO,
+      y: r.ZERO
+    };
+    if (U === v && (S === 2 || S === 3)) {
+      const R = r.fromBytes(p);
+      if (!r.isValid(R)) throw new Error("bad point: is not on curve, wrong x");
+      const I = E(R);
+      let _;
       try {
-        p = n.sqrt(A);
-      } catch (H) {
-        const $ = H instanceof Error ? ": " + H.message : "";
-        throw new Error("bad point: is not on curve, sqrt error" + $);
+        _ = r.sqrt(I);
+      } catch (q) {
+        const X = q instanceof Error ? ": " + q.message : "";
+        throw new Error("bad point: is not on curve, sqrt error" + X);
       }
-      a();
-      const R = n.isOdd(p);
-      return (y & 1) === 1 !== R && (p = n.neg(p)), {
-        x: S,
-        y: p
+      u();
+      const D = r.isOdd(_);
+      return (S & 1) === 1 !== D && (_ = r.neg(_)), {
+        x: R,
+        y: _
       };
-    } else if (u === d && y === 4) {
-      const S = n.BYTES, A = n.fromBytes(_.subarray(0, S)), p = n.fromBytes(_.subarray(S, S * 2));
-      if (!v(A, p)) throw new Error("bad point: is not on curve");
+    } else if (U === H && S === 4) {
+      const R = r.BYTES, I = r.fromBytes(p.subarray(0, R)), _ = r.fromBytes(p.subarray(R, R * 2));
+      if (!T(I, _)) throw new Error("bad point: is not on curve");
       return {
-        x: A,
-        y: p
+        x: I,
+        y: _
       };
-    } else throw new Error(`bad point: got length ${u}, expected compressed=${h} or uncompressed=${d}`);
-  }
-  const w = e.toBytes || g, m = e.fromBytes || b;
-  function x(U) {
-    const h = n.sqr(U), d = n.mul(h, U);
-    return n.add(n.add(d, n.mul(U, s.a)), s.b);
-  }
-  function v(U, h) {
-    const d = n.sqr(h), u = x(U);
-    return n.eql(d, u);
-  }
-  if (!v(s.Gx, s.Gy)) throw new Error("bad curve params: generator point");
-  const B = n.mul(n.pow(s.a, St), ve), E = n.mul(n.sqr(s.b), BigInt(27));
-  if (n.is0(n.add(B, E))) throw new Error("bad curve params: a or b");
-  function L(U, h, d = !1) {
-    if (!n.isValid(h) || d && n.is0(h)) throw new Error(`bad point coordinate ${U}`);
-    return h;
-  }
-  function I(U) {
-    if (!(U instanceof O)) throw new Error("Weierstrass Point expected");
-  }
-  function V(U) {
-    if (!f || !f.basises) throw new Error("no endo");
-    return mr(U, f.basises, o.ORDER);
-  }
-  const M = Ue((U, h) => {
-    const { X: d, Y: u, Z: y } = U;
-    if (n.eql(y, n.ONE)) return {
-      x: d,
-      y: u
-    };
-    const _ = U.is0();
-    h == null && (h = _ ? n.ONE : n.inv(y));
-    const S = n.mul(d, h), A = n.mul(u, h), p = n.mul(y, h);
-    if (_) return {
-      x: n.ZERO,
-      y: n.ZERO
-    };
-    if (!n.eql(p, n.ONE)) throw new Error("invZ was invalid");
-    return {
-      x: S,
-      y: A
-    };
-  }), D = Ue((U) => {
-    if (U.is0()) {
-      if (e.allowInfinityPoint && !n.is0(U.Y)) return;
-      throw new Error("bad point: ZERO");
-    }
-    const { x: h, y: d } = U.toAffine();
-    if (!n.isValid(h) || !n.isValid(d)) throw new Error("bad point: x or y not field elements");
-    if (!v(h, d)) throw new Error("bad point: equation left != right");
-    if (!U.isTorsionFree()) throw new Error("bad point: not in prime-order subgroup");
-    return !0;
-  });
-  function N(U, h, d, u, y) {
-    return d = new O(n.mul(d.X, U), d.Y, d.Z), h = Gt(u, h), d = Gt(y, d), h.add(d);
-  }
-  class O {
-    static BASE = new O(s.Gx, s.Gy, n.ONE);
-    static ZERO = new O(n.ZERO, n.ONE, n.ZERO);
-    static Fp = n;
+    } else throw new Error(`bad point: got length ${U}, expected compressed=${v} or uncompressed=${H}`);
+  }
+  const w = n.toBytes === void 0 ? d : n.toBytes, b = n.fromBytes === void 0 ? h : n.fromBytes;
+  function E(M) {
+    const v = r.sqr(M), H = r.mul(v, M);
+    return r.add(r.add(H, r.mul(M, i.a)), i.b);
+  }
+  function T(M, v) {
+    const H = r.sqr(v), U = E(M);
+    return r.eql(H, U);
+  }
+  if (!T(i.Gx, i.Gy)) throw new Error("bad curve params: generator point");
+  const B = r.mul(r.pow(i.a, Xt), Me), C = r.mul(r.sqr(i.b), BigInt(27));
+  if (r.is0(r.add(B, C))) throw new Error("bad curve params: a or b");
+  function O(M, v, H = !1) {
+    if (!r.isValid(v) || H && r.is0(v)) throw new Error(`bad point coordinate ${M}`);
+    return v;
+  }
+  function F(M) {
+    if (!(M instanceof N)) throw new Error("Weierstrass Point expected");
+  }
+  function z(M) {
+    if (!l || !l.basises) throw new Error("no endo");
+    return lo(M, l.basises, o.ORDER);
+  }
+  function W(M, v, H, U, S) {
+    return H = new N(r.mul(H.X, M), H.Y, H.Z), v = we(U, v), H = we(S, H), v.add(H);
+  }
+  class N {
+    static BASE = new N(i.Gx, i.Gy, r.ONE);
+    static ZERO = new N(r.ZERO, r.ONE, r.ZERO);
+    static Fp = r;
     static Fn = o;
     X;
     Y;
     Z;
-    constructor(h, d, u) {
-      this.X = L("x", h), this.Y = L("y", d, !0), this.Z = L("z", u), Object.freeze(this);
+    constructor(v, H, U) {
+      this.X = O("x", v), this.Y = O("y", H, !0), this.Z = O("z", U), Object.freeze(this);
     }
     static CURVE() {
-      return s;
+      return i;
     }
-    static fromAffine(h) {
-      const { x: d, y: u } = h || {};
-      if (!h || !n.isValid(d) || !n.isValid(u)) throw new Error("invalid affine point");
-      if (h instanceof O) throw new Error("projective point not allowed");
-      return n.is0(d) && n.is0(u) ? O.ZERO : new O(d, u, n.ONE);
+    static fromAffine(v) {
+      const { x: H, y: U } = v || {};
+      if (!v || !r.isValid(H) || !r.isValid(U)) throw new Error("invalid affine point");
+      if (v instanceof N) throw new Error("projective point not allowed");
+      return r.is0(H) && r.is0(U) ? N.ZERO : new N(H, U, r.ONE);
     }
-    static fromBytes(h) {
-      const d = O.fromAffine(m(C(h, void 0, "point")));
-      return d.assertValidity(), d;
+    static fromBytes(v) {
+      const H = N.fromAffine(b(st(v, void 0, "point")));
+      return H.assertValidity(), H;
     }
-    static fromHex(h) {
-      return O.fromBytes(Mt(h));
+    static fromHex(v) {
+      return N.fromBytes(he(v));
     }
     get x() {
       return this.toAffine().x;
@@ -1618,389 +2345,420 @@ function Er(t, e = {}) {
     get y() {
       return this.toAffine().y;
     }
-    precompute(h = 8, d = !0) {
-      return F.createCache(this, h), d || this.multiply(St), this;
+    precompute(v = 8, H = !0) {
+      return K.createCache(this, v), H || this.multiply(Xt), this;
     }
     assertValidity() {
-      D(this);
+      const v = this;
+      if (v.is0()) {
+        if (n.allowInfinityPoint && r.is0(v.X) && r.eql(v.Y, r.ONE) && r.is0(v.Z)) return;
+        throw new Error("bad point: ZERO");
+      }
+      const { x: H, y: U } = v.toAffine();
+      if (!r.isValid(H) || !r.isValid(U)) throw new Error("bad point: x or y not field elements");
+      if (!T(H, U)) throw new Error("bad point: equation left != right");
+      if (!v.isTorsionFree()) throw new Error("bad point: not in prime-order subgroup");
     }
     hasEvenY() {
-      const { y: h } = this.toAffine();
-      if (!n.isOdd) throw new Error("Field doesn't support isOdd");
-      return !n.isOdd(h);
+      const { y: v } = this.toAffine();
+      if (!r.isOdd) throw new Error("Field doesn't support isOdd");
+      return !r.isOdd(v);
     }
-    equals(h) {
-      I(h);
-      const { X: d, Y: u, Z: y } = this, { X: _, Y: S, Z: A } = h, p = n.eql(n.mul(d, A), n.mul(_, y)), R = n.eql(n.mul(u, A), n.mul(S, y));
-      return p && R;
+    equals(v) {
+      F(v);
+      const { X: H, Y: U, Z: S } = this, { X: p, Y: R, Z: I } = v, _ = r.eql(r.mul(H, I), r.mul(p, S)), D = r.eql(r.mul(U, I), r.mul(R, S));
+      return _ && D;
     }
     negate() {
-      return new O(this.X, n.neg(this.Y), this.Z);
+      return new N(this.X, r.neg(this.Y), this.Z);
     }
     double() {
-      const { a: h, b: d } = s, u = n.mul(d, St), { X: y, Y: _, Z: S } = this;
-      let A = n.ZERO, p = n.ZERO, R = n.ZERO, H = n.mul(y, y), $ = n.mul(_, _), Z = n.mul(S, S), q = n.mul(y, _);
-      return q = n.add(q, q), R = n.mul(y, S), R = n.add(R, R), A = n.mul(h, R), p = n.mul(u, Z), p = n.add(A, p), A = n.sub($, p), p = n.add($, p), p = n.mul(A, p), A = n.mul(q, A), R = n.mul(u, R), Z = n.mul(h, Z), q = n.sub(H, Z), q = n.mul(h, q), q = n.add(q, R), R = n.add(H, H), H = n.add(R, H), H = n.add(H, Z), H = n.mul(H, q), p = n.add(p, H), Z = n.mul(_, S), Z = n.add(Z, Z), H = n.mul(Z, q), A = n.sub(A, H), R = n.mul(Z, $), R = n.add(R, R), R = n.add(R, R), new O(A, p, R);
-    }
-    add(h) {
-      I(h);
-      const { X: d, Y: u, Z: y } = this, { X: _, Y: S, Z: A } = h;
-      let p = n.ZERO, R = n.ZERO, H = n.ZERO;
-      const $ = s.a, Z = n.mul(s.b, St);
-      let q = n.mul(d, _), k = n.mul(u, S), j = n.mul(y, A), ot = n.add(d, u), T = n.add(_, S);
-      ot = n.mul(ot, T), T = n.add(q, k), ot = n.sub(ot, T), T = n.add(d, y);
-      let Q = n.add(_, A);
-      return T = n.mul(T, Q), Q = n.add(q, j), T = n.sub(T, Q), Q = n.add(u, y), p = n.add(S, A), Q = n.mul(Q, p), p = n.add(k, j), Q = n.sub(Q, p), H = n.mul($, T), p = n.mul(Z, j), H = n.add(p, H), p = n.sub(k, H), H = n.add(k, H), R = n.mul(p, H), k = n.add(q, q), k = n.add(k, q), j = n.mul($, j), T = n.mul(Z, T), k = n.add(k, j), j = n.sub(q, j), j = n.mul($, j), T = n.add(T, j), q = n.mul(k, T), R = n.add(R, q), q = n.mul(Q, T), p = n.mul(ot, p), p = n.sub(p, q), q = n.mul(ot, k), H = n.mul(Q, H), H = n.add(H, q), new O(p, R, H);
-    }
-    subtract(h) {
-      return this.add(h.negate());
+      const { a: v, b: H } = i, U = r.mul(H, Xt), { X: S, Y: p, Z: R } = this;
+      let I = r.ZERO, _ = r.ZERO, D = r.ZERO, q = r.mul(S, S), X = r.mul(p, p), Y = r.mul(R, R), Z = r.mul(S, p);
+      return Z = r.add(Z, Z), D = r.mul(S, R), D = r.add(D, D), I = r.mul(v, D), _ = r.mul(U, Y), _ = r.add(I, _), I = r.sub(X, _), _ = r.add(X, _), _ = r.mul(I, _), I = r.mul(Z, I), D = r.mul(U, D), Y = r.mul(v, Y), Z = r.sub(q, Y), Z = r.mul(v, Z), Z = r.add(Z, D), D = r.add(q, q), q = r.add(D, q), q = r.add(q, Y), q = r.mul(q, Z), _ = r.add(_, q), Y = r.mul(p, R), Y = r.add(Y, Y), q = r.mul(Y, Z), I = r.sub(I, q), D = r.mul(Y, X), D = r.add(D, D), D = r.add(D, D), new N(I, _, D);
+    }
+    add(v) {
+      F(v);
+      const { X: H, Y: U, Z: S } = this, { X: p, Y: R, Z: I } = v;
+      let _ = r.ZERO, D = r.ZERO, q = r.ZERO;
+      const X = i.a, Y = r.mul(i.b, Xt);
+      let Z = r.mul(H, p), nt = r.mul(U, R), rt = r.mul(S, I), it = r.add(H, U), c = r.add(p, R);
+      it = r.mul(it, c), c = r.add(Z, nt), it = r.sub(it, c), c = r.add(H, S);
+      let m = r.add(p, I);
+      return c = r.mul(c, m), m = r.add(Z, rt), c = r.sub(c, m), m = r.add(U, S), _ = r.add(R, I), m = r.mul(m, _), _ = r.add(nt, rt), m = r.sub(m, _), q = r.mul(X, c), _ = r.mul(Y, rt), q = r.add(_, q), _ = r.sub(nt, q), q = r.add(nt, q), D = r.mul(_, q), nt = r.add(Z, Z), nt = r.add(nt, Z), rt = r.mul(X, rt), c = r.mul(Y, c), nt = r.add(nt, rt), rt = r.sub(Z, rt), rt = r.mul(X, rt), c = r.add(c, rt), Z = r.mul(nt, c), D = r.add(D, Z), Z = r.mul(m, c), _ = r.mul(it, _), _ = r.sub(_, Z), Z = r.mul(it, nt), q = r.mul(m, q), q = r.add(q, Z), new N(_, D, q);
+    }
+    subtract(v) {
+      return F(v), this.add(v.negate());
     }
     is0() {
-      return this.equals(O.ZERO);
-    }
-    multiply(h) {
-      const { endo: d } = e;
-      if (!o.isValidNot0(h)) throw new Error("invalid scalar: out of range");
-      let u, y;
-      const _ = (S) => F.cached(this, S, (A) => Ze(O, A));
-      if (d) {
-        const { k1neg: S, k1: A, k2neg: p, k2: R } = V(h), { p: H, f: $ } = _(A), { p: Z, f: q } = _(R);
-        y = $.add(q), u = N(d.beta, H, Z, S, p);
+      return this.equals(N.ZERO);
+    }
+    multiply(v) {
+      const { endo: H } = n;
+      if (!o.isValidNot0(v)) throw new RangeError("invalid scalar: out of range");
+      let U, S;
+      const p = (R) => K.cached(this, R, (I) => gn(N, I));
+      if (H) {
+        const { k1neg: R, k1: I, k2neg: _, k2: D } = z(v), { p: q, f: X } = p(I), { p: Y, f: Z } = p(D);
+        S = X.add(Z), U = W(H.beta, q, Y, R, _);
       } else {
-        const { p: S, f: A } = _(h);
-        u = S, y = A;
+        const { p: R, f: I } = p(v);
+        U = R, S = I;
       }
-      return Ze(O, [u, y])[0];
-    }
-    multiplyUnsafe(h) {
-      const { endo: d } = e, u = this;
-      if (!o.isValid(h)) throw new Error("invalid scalar: out of range");
-      if (h === rt || u.is0()) return O.ZERO;
-      if (h === z) return u;
-      if (F.hasCache(this)) return this.multiply(h);
-      if (d) {
-        const { k1neg: y, k1: _, k2neg: S, k2: A } = V(h), { p1: p, p2: R } = cr(O, u, _, A);
-        return N(d.beta, p, R, y, S);
-      } else return F.unsafe(u, h);
-    }
-    toAffine(h) {
-      return M(this, h);
+      return gn(N, [U, S])[0];
+    }
+    multiplyUnsafe(v) {
+      const { endo: H } = n, U = this, S = v;
+      if (!o.isValid(S)) throw new RangeError("invalid scalar: out of range");
+      if (S === yt || U.is0()) return N.ZERO;
+      if (S === ct) return U;
+      if (K.hasCache(this)) return this.multiply(S);
+      if (H) {
+        const { k1neg: p, k1: R, k2neg: I, k2: _ } = z(S), { p1: D, p2: q } = Wr(N, U, R, _);
+        return W(H.beta, D, q, p, I);
+      } else return K.unsafe(U, S);
+    }
+    toAffine(v) {
+      const H = this;
+      let U = v;
+      const { X: S, Y: p, Z: R } = H;
+      if (r.eql(R, r.ONE)) return {
+        x: S,
+        y: p
+      };
+      const I = H.is0();
+      U == null && (U = I ? r.ONE : r.inv(R));
+      const _ = r.mul(S, U), D = r.mul(p, U), q = r.mul(R, U);
+      if (I) return {
+        x: r.ZERO,
+        y: r.ZERO
+      };
+      if (!r.eql(q, r.ONE)) throw new Error("invZ was invalid");
+      return {
+        x: _,
+        y: D
+      };
     }
     isTorsionFree() {
-      const { isTorsionFree: h } = e;
-      return i === z ? !0 : h ? h(O, this) : F.unsafe(this, c).is0();
+      const { isTorsionFree: v } = n;
+      return a === ct ? !0 : v ? v(N, this) : K.unsafe(this, f).is0();
     }
     clearCofactor() {
-      const { clearCofactor: h } = e;
-      return i === z ? this : h ? h(O, this) : this.multiplyUnsafe(i);
+      const { clearCofactor: v } = n;
+      return a === ct ? this : v ? v(N, this) : this.multiplyUnsafe(a);
     }
     isSmallOrder() {
-      return this.multiplyUnsafe(i).is0();
+      return a === ct ? this.is0() : this.clearCofactor().is0();
     }
-    toBytes(h = !0) {
-      return jt(h, "isCompressed"), this.assertValidity(), w(O, this, h);
+    toBytes(v = !0) {
+      return ie(v, "isCompressed"), this.assertValidity(), w(N, this, v);
     }
-    toHex(h = !0) {
-      return Xt(this.toBytes(h));
+    toHex(v = !0) {
+      return Ct(this.toBytes(v));
     }
     toString() {
       return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
     }
   }
-  const nt = o.BITS, F = new ir(O, e.endo ? Math.ceil(nt / 2) : nt);
-  return O.BASE.precompute(8), O;
+  const V = o.BITS, K = new Xr(N, n.endo ? Math.ceil(V / 2) : V);
+  return V >= 8 && N.BASE.precompute(8), Object.freeze(N.prototype), Object.freeze(N), N;
 }
-function _n(t) {
+function fr(t) {
   return Uint8Array.of(t ? 2 : 3);
 }
-function vr(t, e) {
-  const r = t.ORDER;
-  let n = rt;
-  for (let m = r - z; m % ct === rt; m /= ct) n += z;
-  const o = n, s = ct << o - z - z, i = s * ct, c = (r - z) / i, f = (c - z) / ct, l = i - z, a = s, g = t.pow(e, c), b = t.pow(e, (c + z) / ct);
-  let w = (m, x) => {
-    let v = g, B = t.pow(x, l), E = t.sqr(B);
-    E = t.mul(E, x);
-    let L = t.mul(m, E);
-    L = t.pow(L, f), L = t.mul(L, B), B = t.mul(L, x), E = t.mul(L, m);
-    let I = t.mul(E, B);
-    L = t.pow(I, a);
-    let V = t.eql(L, t.ONE);
-    B = t.mul(E, b), L = t.mul(I, v), E = t.cmov(B, E, V), I = t.cmov(L, I, V);
-    for (let M = o; M > z; M--) {
-      let D = M - ct;
-      D = ct << D - z;
-      let N = t.pow(I, D);
-      const O = t.eql(N, t.ONE);
-      B = t.mul(E, v), v = t.mul(v, v), N = t.mul(I, v), E = t.cmov(B, E, O), I = t.cmov(N, I, O);
+function mo(t, n) {
+  const e = se(t), r = e.ORDER;
+  let o = yt;
+  for (let b = r - ct; b % Bt === yt; b /= Bt) o += ct;
+  const i = o, a = Bt << i - ct - ct, f = a * Bt, l = (r - ct) / f, g = (l - ct) / Bt, s = f - ct, u = a, d = e.pow(n, l), h = e.pow(n, (l + ct) / Bt);
+  let w = (b, E) => {
+    let T = d, B = e.pow(E, s), C = e.sqr(B);
+    C = e.mul(C, E);
+    let O = e.mul(b, C);
+    O = e.pow(O, g), O = e.mul(O, B), B = e.mul(O, E), C = e.mul(O, b);
+    let F = e.mul(C, B);
+    O = e.pow(F, u);
+    let z = e.eql(O, e.ONE);
+    B = e.mul(C, h), O = e.mul(F, T), C = e.cmov(B, C, z), F = e.cmov(O, F, z);
+    for (let W = i; W > ct; W--) {
+      let N = W - Bt;
+      N = Bt << N - ct;
+      let V = e.pow(F, N);
+      const K = e.eql(V, e.ONE);
+      B = e.mul(C, T), T = e.mul(T, T), V = e.mul(F, T), C = e.cmov(B, C, K), F = e.cmov(V, F, K);
     }
     return {
-      isValid: V,
-      value: E
+      isValid: !e.is0(E) && (z || e.is0(b)),
+      value: C
     };
   };
-  if (t.ORDER % ve === St) {
-    const m = (t.ORDER - St) / ve, x = t.sqrt(t.neg(e));
-    w = (v, B) => {
-      let E = t.sqr(B);
-      const L = t.mul(v, B);
-      E = t.mul(E, L);
-      let I = t.pow(E, m);
-      I = t.mul(I, L);
-      const V = t.mul(I, x), M = t.mul(t.sqr(I), B), D = t.eql(M, v);
+  if (e.ORDER % Me === Xt) {
+    const b = (e.ORDER - Xt) / Me, E = e.sqrt(e.neg(n));
+    w = (T, B) => {
+      let C = e.sqr(B);
+      const O = e.mul(T, B);
+      C = e.mul(C, O);
+      let F = e.pow(C, b);
+      F = e.mul(F, O);
+      const z = e.mul(F, E), W = e.mul(e.sqr(F), B), N = e.eql(W, T);
+      let V = e.cmov(z, F, N);
       return {
-        isValid: D,
-        value: t.cmov(V, I, D)
+        isValid: !e.is0(B) && N,
+        value: V
       };
     };
   }
   return w;
 }
-function pr(t, e) {
-  yn(t);
-  const { A: r, B: n, Z: o } = e;
-  if (!t.isValid(r) || !t.isValid(n) || !t.isValid(o)) throw new Error("mapToCurveSimpleSWU: invalid opts");
-  const s = vr(t, o);
-  if (!t.isOdd) throw new Error("Field does not have .isOdd()");
-  return (i) => {
-    let c, f, l, a, g, b, w, m;
-    c = t.sqr(i), c = t.mul(c, o), f = t.sqr(c), f = t.add(f, c), l = t.add(f, t.ONE), l = t.mul(l, n), a = t.cmov(o, t.neg(f), !t.eql(f, t.ZERO)), a = t.mul(a, r), f = t.sqr(l), b = t.sqr(a), g = t.mul(b, r), f = t.add(f, g), f = t.mul(f, l), b = t.mul(b, a), g = t.mul(b, n), f = t.add(f, g), w = t.mul(c, l);
-    const { isValid: x, value: v } = s(f, b);
-    m = t.mul(c, i), m = t.mul(m, v), w = t.cmov(w, l, x), m = t.cmov(m, v, x);
-    const B = t.isOdd(i) === t.isOdd(m);
-    m = t.cmov(t.neg(m), m, B);
-    const E = Ft(t, [a], !0)[0];
-    return w = t.mul(w, E), {
-      x: w,
-      y: m
+function go(t, n) {
+  const e = se(t), { A: r, B: o, Z: i } = n;
+  if (!e.isValidNot0(r) || !e.isValidNot0(o) || !e.isValid(i)) throw new Error("mapToCurveSimpleSWU: invalid opts");
+  if (e.eql(i, e.neg(e.ONE)) || hn(e, i)) throw new Error("mapToCurveSimpleSWU: invalid opts");
+  const a = e.mul(o, e.inv(e.mul(i, r)));
+  if (!hn(e, e.add(e.add(e.mul(e.sqr(a), a), e.mul(r, a)), o))) throw new Error("mapToCurveSimpleSWU: invalid opts");
+  const f = mo(e, i);
+  if (!e.isOdd) throw new Error("Field does not have .isOdd()");
+  return (l) => {
+    let g, s, u, d, h, w, b, E;
+    g = e.sqr(l), g = e.mul(g, i), s = e.sqr(g), s = e.add(s, g), u = e.add(s, e.ONE), u = e.mul(u, o), d = e.cmov(i, e.neg(s), !e.eql(s, e.ZERO)), d = e.mul(d, r), s = e.sqr(u), w = e.sqr(d), h = e.mul(w, r), s = e.add(s, h), s = e.mul(s, u), w = e.mul(w, d), h = e.mul(w, o), s = e.add(s, h), b = e.mul(g, u);
+    const { isValid: T, value: B } = f(s, w);
+    E = e.mul(g, l), E = e.mul(E, B), b = e.cmov(b, u, T), E = e.cmov(E, B, T);
+    const C = e.isOdd(l) === e.isOdd(E);
+    E = e.cmov(e.neg(E), E, C);
+    const O = Ee(e, [d], !0)[0];
+    return b = e.mul(b, O), {
+      x: b,
+      y: E
     };
   };
 }
-function An(t, e) {
+function ar(t, n) {
   return {
-    secretKey: e.BYTES,
+    secretKey: n.BYTES,
     publicKey: 1 + t.BYTES,
     publicKeyUncompressed: 1 + 2 * t.BYTES,
     publicKeyHasPrefix: !0,
-    signature: 2 * e.BYTES
+    signature: 2 * n.BYTES
   };
 }
-function xr(t, e = {}) {
-  const { Fn: r } = t, n = e.randomBytes || Ge, o = Object.assign(An(t.Fp, r), { seed: vn(r.ORDER) });
-  function s(w) {
+function wo(t, n = {}) {
+  const { Fn: e } = t, r = n.randomBytes === void 0 ? wt : n.randomBytes, o = Object.assign(ar(t.Fp, e), { seed: Math.max(nn(e.ORDER), 16) });
+  function i(h) {
     try {
-      const m = r.fromBytes(w);
-      return r.isValidNot0(m);
+      const w = e.fromBytes(h);
+      return e.isValidNot0(w);
     } catch {
       return !1;
     }
   }
-  function i(w, m) {
-    const { publicKey: x, publicKeyUncompressed: v } = o;
+  function a(h, w) {
+    const { publicKey: b, publicKeyUncompressed: E } = o;
     try {
-      const B = w.length;
-      return m === !0 && B !== x || m === !1 && B !== v ? !1 : !!t.fromBytes(w);
+      const T = h.length;
+      return w === !0 && T !== b || w === !1 && T !== E ? !1 : !!t.fromBytes(h);
     } catch {
       return !1;
     }
   }
-  function c(w = n(o.seed)) {
-    return sr(C(w, o.seed, "seed"), r.ORDER);
-  }
-  function f(w, m = !0) {
-    return t.BASE.multiply(r.fromBytes(w)).toBytes(m);
-  }
-  function l(w) {
-    const { secretKey: m, publicKey: x, publicKeyUncompressed: v } = o;
-    if (!Kt(w) || "_lengths" in r && r._lengths || m === x) return;
-    const B = C(w, void 0, "key").length;
-    return B === x || B === v;
-  }
-  function a(w, m, x = !0) {
-    if (l(w) === !0) throw new Error("first arg must be private key");
-    if (l(m) === !1) throw new Error("second arg must be public key");
-    const v = r.fromBytes(w);
-    return t.fromBytes(m).multiply(v).toBytes(x);
-  }
-  const g = {
-    isValidSecretKey: s,
-    isValidPublicKey: i,
-    randomSecretKey: c
-  }, b = ar(c, f);
-  return Object.freeze({
-    getPublicKey: f,
-    getSharedSecret: a,
-    keygen: b,
+  function f(h) {
+    return h = h === void 0 ? r(o.seed) : h, nr(st(h, o.seed, "seed"), e.ORDER);
+  }
+  function l(h, w = !0) {
+    return t.BASE.multiply(e.fromBytes(h)).toBytes(w);
+  }
+  function g(h) {
+    const { secretKey: w, publicKey: b, publicKeyUncompressed: E } = o, T = e._lengths;
+    if (!oe(h)) return;
+    const B = st(h, void 0, "key").length, C = B === b || B === E, O = B === w || !!T?.includes(B);
+    if (!(C && O))
+      return C;
+  }
+  function s(h, w, b = !0) {
+    if (g(h) === !0) throw new Error("first arg must be private key");
+    if (g(w) === !1) throw new Error("second arg must be public key");
+    const E = e.fromBytes(h);
+    return t.fromBytes(w).multiply(E).toBytes(b);
+  }
+  const u = {
+    isValidSecretKey: i,
+    isValidPublicKey: a,
+    randomSecretKey: f
+  }, d = to(f, l);
+  return Object.freeze(u), Object.freeze(o), Object.freeze({
+    getPublicKey: l,
+    getSharedSecret: s,
+    keygen: d,
     Point: t,
-    utils: g,
+    utils: u,
     lengths: o
   });
 }
-function Br(t, e, r = {}) {
-  Ye(e), Qt(r, {}, {
+function bo(t, n, e = {}) {
+  const r = n;
+  An(r), Mt(e, {}, {
     hmac: "function",
     lowS: "boolean",
     randomBytes: "function",
     bits2int: "function",
     bits2int_modN: "function"
-  }), r = Object.assign({}, r);
-  const n = r.randomBytes || Ge, o = r.hmac || ((d, u) => $t(e, d, u)), { Fp: s, Fn: i } = t, { ORDER: c, BITS: f } = i, { keygen: l, getPublicKey: a, getSharedSecret: g, utils: b, lengths: w } = xr(t, r), m = {
+  }), e = Object.assign({}, e);
+  const o = e.randomBytes === void 0 ? wt : e.randomBytes, i = e.hmac === void 0 ? (S, p) => We(r, S, p) : e.hmac, { Fp: a, Fn: f } = t, { ORDER: l, BITS: g } = f, { keygen: s, getPublicKey: u, getSharedSecret: d, utils: h, lengths: w } = wo(t, e), b = {
     prehash: !0,
-    lowS: typeof r.lowS == "boolean" ? r.lowS : !0,
+    lowS: typeof e.lowS == "boolean" ? e.lowS : !0,
     format: "compact",
     extraEntropy: !1
-  }, x = c * ct < s.ORDER;
-  function v(d) {
-    return d > c >> z;
+  }, E = l * Bt + ct < a.ORDER;
+  function T(S) {
+    return S > l >> ct;
   }
-  function B(d, u) {
-    if (!i.isValidNot0(u)) throw new Error(`invalid signature ${d}: out of range 1..Point.Fn.ORDER`);
-    return u;
+  function B(S, p) {
+    if (!f.isValidNot0(p)) throw new Error(`invalid signature ${S}: out of range 1..Point.Fn.ORDER`);
+    return p;
   }
-  function E() {
-    if (x) throw new Error('"recovered" sig type is not supported for cofactor >2 curves');
+  function C() {
+    if (E) throw new Error('"recovered" sig type is not supported for cofactor >2 curves');
   }
-  function L(d, u) {
-    Ee(u);
-    const y = w.signature;
-    return C(d, u === "compact" ? y : u === "recovered" ? y + 1 : void 0);
+  function O(S, p) {
+    ze(p);
+    const R = w.signature;
+    return st(S, p === "compact" ? R : p === "recovered" ? R + 1 : void 0);
   }
-  class I {
+  class F {
     r;
     s;
     recovery;
-    constructor(u, y, _) {
-      if (this.r = B("r", u), this.s = B("s", y), _ != null) {
-        if (E(), ![
+    constructor(p, R, I) {
+      if (this.r = B("r", p), this.s = B("s", R), I != null) {
+        if (C(), ![
           0,
           1,
           2,
           3
-        ].includes(_)) throw new Error("invalid recovery id");
-        this.recovery = _;
+        ].includes(I)) throw new Error("invalid recovery id");
+        this.recovery = I;
       }
       Object.freeze(this);
     }
-    static fromBytes(u, y = m.format) {
-      L(u, y);
-      let _;
-      if (y === "der") {
-        const { r: R, s: H } = wt.toSig(C(u));
-        return new I(R, H);
+    static fromBytes(p, R = b.format) {
+      O(p, R);
+      let I;
+      if (R === "der") {
+        const { r: X, s: Y } = Et.toSig(st(p));
+        return new F(X, Y);
       }
-      y === "recovered" && (_ = u[0], y = "compact", u = u.subarray(1));
-      const S = w.signature / 2, A = u.subarray(0, S), p = u.subarray(S, S * 2);
-      return new I(i.fromBytes(A), i.fromBytes(p), _);
+      R === "recovered" && (I = p[0], R = "compact", p = p.subarray(1));
+      const _ = w.signature / 2, D = p.subarray(0, _), q = p.subarray(_, _ * 2);
+      return new F(f.fromBytes(D), f.fromBytes(q), I);
     }
-    static fromHex(u, y) {
-      return this.fromBytes(Mt(u), y);
+    static fromHex(p, R) {
+      return this.fromBytes(he(p), R);
     }
     assertRecovery() {
-      const { recovery: u } = this;
-      if (u == null) throw new Error("invalid recovery id: must be present");
-      return u;
+      const { recovery: p } = this;
+      if (p == null) throw new Error("invalid recovery id: must be present");
+      return p;
     }
-    addRecoveryBit(u) {
-      return new I(this.r, this.s, u);
+    addRecoveryBit(p) {
+      return new F(this.r, this.s, p);
     }
-    recoverPublicKey(u) {
-      const { r: y, s: _ } = this, S = this.assertRecovery(), A = S === 2 || S === 3 ? y + c : y;
-      if (!s.isValid(A)) throw new Error("invalid recovery id: sig.r+curve.n != R.x");
-      const p = s.toBytes(A), R = t.fromBytes(P(_n((S & 1) === 0), p)), H = i.inv(A), $ = M(C(u, void 0, "msgHash")), Z = i.create(-$ * H), q = i.create(_ * H), k = t.BASE.multiplyUnsafe(Z).add(R.multiplyUnsafe(q));
-      if (k.is0()) throw new Error("invalid recovery: point at infinify");
-      return k.assertValidity(), k;
+    recoverPublicKey(p) {
+      const { r: R, s: I } = this, _ = this.assertRecovery(), D = _ === 2 || _ === 3 ? R + l : R;
+      if (!a.isValid(D)) throw new Error("invalid recovery id: sig.r+curve.n != R.x");
+      const q = a.toBytes(D), X = t.fromBytes(Q(fr((_ & 1) === 0), q)), Y = f.inv(D), Z = W(st(p, void 0, "msgHash")), nt = f.create(-Z * Y), rt = f.create(I * Y), it = t.BASE.multiplyUnsafe(nt).add(X.multiplyUnsafe(rt));
+      if (it.is0()) throw new Error("invalid recovery: point at infinify");
+      return it.assertValidity(), it;
     }
     hasHighS() {
-      return v(this.s);
-    }
-    toBytes(u = m.format) {
-      if (Ee(u), u === "der") return Mt(wt.hexFromSig(this));
-      const { r: y, s: _ } = this, S = i.toBytes(y), A = i.toBytes(_);
-      return u === "recovered" ? (E(), P(Uint8Array.of(this.assertRecovery()), S, A)) : P(S, A);
-    }
-    toHex(u) {
-      return Xt(this.toBytes(u));
-    }
-  }
-  const V = r.bits2int || function(u) {
-    if (u.length > 8192) throw new Error("input is too large");
-    const y = Dt(u), _ = u.length * 8 - f;
-    return _ > 0 ? y >> BigInt(_) : y;
-  }, M = r.bits2int_modN || function(u) {
-    return i.create(V(u));
-  }, D = Jt(f);
-  function N(d) {
-    return Gn("num < 2^" + f, d, rt, D), i.toBytes(d);
-  }
-  function O(d, u) {
-    return C(d, void 0, "message"), u ? C(e(d), void 0, "prehashed message") : d;
-  }
-  function nt(d, u, y) {
-    const { lowS: _, prehash: S, extraEntropy: A } = fe(y, m);
-    d = O(d, S);
-    const p = M(d), R = i.fromBytes(u);
-    if (!i.isValidNot0(R)) throw new Error("invalid private key");
-    const H = [N(R), N(p)];
-    if (A != null && A !== !1) {
-      const k = A === !0 ? n(w.secretKey) : A;
-      H.push(C(k, void 0, "extraEntropy"));
-    }
-    const $ = P(...H), Z = p;
-    function q(k) {
-      const j = V(k);
-      if (!i.isValidNot0(j)) return;
-      const ot = i.inv(j), T = t.BASE.multiply(j).toAffine(), Q = i.create(T.x);
-      if (Q === rt) return;
-      const Ct = i.create(ot * i.create(Z + Q * R));
-      if (Ct === rt) return;
-      let Se = (T.x === Q ? 0 : 2) | Number(T.y & z), Re = Ct;
-      return _ && v(Ct) && (Re = i.neg(Ct), Se ^= 1), new I(Q, Re, x ? void 0 : Se);
+      return T(this.s);
+    }
+    toBytes(p = b.format) {
+      if (ze(p), p === "der") return he(Et.hexFromSig(this));
+      const { r: R, s: I } = this, _ = f.toBytes(R), D = f.toBytes(I);
+      return p === "recovered" ? (C(), Q(Uint8Array.of(this.assertRecovery()), _, D)) : Q(_, D);
+    }
+    toHex(p) {
+      return Ct(this.toBytes(p));
+    }
+  }
+  Object.freeze(F.prototype), Object.freeze(F);
+  const z = e.bits2int === void 0 ? function(p) {
+    if (p.length > 8192) throw new Error("input is too large");
+    const R = St(p), I = p.length * 8 - g;
+    return I > 0 ? R >> BigInt(I) : R;
+  } : e.bits2int, W = e.bits2int_modN === void 0 ? function(p) {
+    return f.create(z(p));
+  } : e.bits2int_modN, N = pe(g);
+  function V(S) {
+    return Mn("num < 2^" + g, S, yt, N), f.toBytes(S);
+  }
+  function K(S, p) {
+    return st(S, void 0, "message"), p ? st(r(S), void 0, "prehashed message") : S;
+  }
+  function M(S, p, R) {
+    const { lowS: I, prehash: _, extraEntropy: D } = Te(R, b);
+    S = K(S, _);
+    const q = W(S), X = f.fromBytes(p);
+    if (!f.isValidNot0(X)) throw new Error("invalid private key");
+    const Y = [V(X), V(q)];
+    if (D != null && D !== !1) {
+      const it = D === !0 ? o(w.secretKey) : D;
+      Y.push(st(it, void 0, "extraEntropy"));
+    }
+    const Z = Q(...Y), nt = q;
+    function rt(it) {
+      const c = z(it);
+      if (!f.isValidNot0(c)) return;
+      const m = f.inv(c), y = t.BASE.multiply(c).toAffine(), x = f.create(y.x);
+      if (x === yt) return;
+      const A = f.create(m * f.create(nt + x * X));
+      if (A === yt) return;
+      let j = (y.x === x ? 0 : 2) | Number(y.y & ct), L = A;
+      return I && T(A) && (L = f.neg(A), j ^= 1), new F(x, L, E ? void 0 : j);
     }
     return {
-      seed: $,
-      k2sig: q
+      seed: Z,
+      k2sig: rt
     };
   }
-  function F(d, u, y = {}) {
-    const { seed: _, k2sig: S } = nt(d, u, y);
-    return Xn(e.outputLen, i.BYTES, o)(_, S).toBytes(y.format);
+  function v(S, p, R = {}) {
+    const { seed: I, k2sig: _ } = M(S, p, R);
+    return qr(r.outputLen, f.BYTES, i)(I, _).toBytes(R.format);
   }
-  function U(d, u, y, _ = {}) {
-    const { lowS: S, prehash: A, format: p } = fe(_, m);
-    if (y = C(y, void 0, "publicKey"), u = O(u, A), !Kt(d)) {
-      const R = d instanceof I ? ", use sig.toBytes()" : "";
-      throw new Error("verify expects Uint8Array signature" + R);
+  function H(S, p, R, I = {}) {
+    const { lowS: _, prehash: D, format: q } = Te(I, b);
+    if (R = st(R, void 0, "publicKey"), p = K(p, D), !oe(S)) {
+      const X = S instanceof F ? ", use sig.toBytes()" : "";
+      throw new Error("verify expects Uint8Array signature" + X);
     }
-    L(d, p);
+    O(S, q);
     try {
-      const R = I.fromBytes(d, p), H = t.fromBytes(y);
-      if (S && R.hasHighS()) return !1;
-      const { r: $, s: Z } = R, q = M(u), k = i.inv(Z), j = i.create(q * k), ot = i.create($ * k), T = t.BASE.multiplyUnsafe(j).add(H.multiplyUnsafe(ot));
-      return T.is0() ? !1 : i.create(T.x) === $;
+      const X = F.fromBytes(S, q), Y = t.fromBytes(R);
+      if (_ && X.hasHighS()) return !1;
+      const { r: Z, s: nt } = X, rt = W(p), it = f.inv(nt), c = f.create(rt * it), m = f.create(Z * it), y = t.BASE.multiplyUnsafe(c).add(Y.multiplyUnsafe(m));
+      return y.is0() ? !1 : f.create(y.x) === Z;
     } catch {
       return !1;
     }
   }
-  function h(d, u, y = {}) {
-    const { prehash: _ } = fe(y, m);
-    return u = O(u, _), I.fromBytes(d, "recovered").recoverPublicKey(u).toBytes();
+  function U(S, p, R = {}) {
+    const { prehash: I } = Te(R, b);
+    return p = K(p, I), F.fromBytes(S, "recovered").recoverPublicKey(p).toBytes();
   }
   return Object.freeze({
-    keygen: l,
-    getPublicKey: a,
-    getSharedSecret: g,
-    utils: b,
+    keygen: s,
+    getPublicKey: u,
+    getSharedSecret: d,
+    utils: h,
     lengths: w,
     Point: t,
-    sign: F,
-    verify: U,
-    recoverPublicKey: h,
-    Signature: I,
-    hash: e
+    sign: v,
+    verify: H,
+    recoverPublicKey: U,
+    Signature: F,
+    hash: r
   });
 }
-$n();
-var Ae = {
+var rn = {
   p: BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),
   n: BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),
   h: BigInt(1),
@@ -2008,19 +2766,45 @@ var Ae = {
   b: BigInt(7),
   Gx: BigInt("0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"),
   Gy: BigInt("0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8")
-}, _r = {
+}, yo = {
   beta: BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),
   basises: [[BigInt("0x3086d221a7d46bcde86c90e49284eb15"), -BigInt("0xe4437ed6010e88286f547fa90abfe4c3")], [BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"), BigInt("0x3086d221a7d46bcde86c90e49284eb15")]]
-}, $e = /* @__PURE__ */ BigInt(2);
-function Ar(t) {
-  const e = Ae.p, r = BigInt(3), n = BigInt(6), o = BigInt(11), s = BigInt(22), i = BigInt(23), c = BigInt(44), f = BigInt(88), l = t * t * t % e, a = l * l * t % e, g = tt(tt(tt(a, r, e) * a % e, r, e) * a % e, $e, e) * l % e, b = tt(g, o, e) * g % e, w = tt(b, s, e) * b % e, m = tt(w, c, e) * w % e, x = tt(tt(tt(tt(tt(tt(m, f, e) * m % e, c, e) * w % e, r, e) * a % e, i, e) * b % e, n, e) * l % e, $e, e);
-  if (!gt.eql(gt.sqr(x), t)) throw new Error("Cannot find square root");
-  return x;
-}
-var gt = te(Ae.p, { sqrt: Ar }), Sn = /* @__PURE__ */ Er(Ae, {
-  Fp: gt,
-  endo: _r
-}), Nr = /* @__PURE__ */ Br(Sn, zt), Sr = br(gt, [
+}, lr = /* @__PURE__ */ BigInt(0), Ge = /* @__PURE__ */ BigInt(2);
+function po(t) {
+  const n = rn.p, e = BigInt(3), r = BigInt(6), o = BigInt(11), i = BigInt(22), a = BigInt(23), f = BigInt(44), l = BigInt(88), g = t * t * t % n, s = g * g * t % n, u = gt(gt(gt(s, e, n) * s % n, e, n) * s % n, Ge, n) * g % n, d = gt(u, o, n) * u % n, h = gt(d, i, n) * d % n, w = gt(h, f, n) * h % n, b = gt(gt(gt(gt(gt(gt(w, l, n) * w % n, f, n) * h % n, e, n) * s % n, a, n) * d % n, r, n) * g % n, Ge, n);
+  if (!It.eql(It.sqr(b), t)) throw new Error("Cannot find square root");
+  return b;
+}
+var It = ve(rn.p, { sqrt: po }), J = /* @__PURE__ */ ho(rn, {
+  Fp: It,
+  endo: yo
+}), Vo = /* @__PURE__ */ bo(J, jt), vn = {};
+function ur(t, ...n) {
+  let e = vn[t];
+  if (e === void 0) {
+    const r = jt(be(t));
+    e = Q(r, r), vn[t] = e;
+  }
+  return jt(Q(e, ...n));
+}
+var Ye = (t) => t.toBytes(!0).slice(1), Vt = (t) => t % Ge === lr;
+function Eo(t) {
+  const n = It;
+  if (!n.isValidNot0(t)) throw new Error("invalid x: Fail if x ≥ p");
+  const e = n.create(t * t), r = n.create(e * t + BigInt(7));
+  let o = n.sqrt(r);
+  Vt(o) || (o = n.neg(o));
+  const i = J.fromAffine({
+    x: t,
+    y: o
+  });
+  return i.assertValidity(), i;
+}
+var vo = St;
+function xo(...t) {
+  return J.Fn.create(vo(ur("BIP0340/challenge", ...t)));
+}
+var Bo = co(It, [
   [
     "0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7",
     "0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581",
@@ -2044,59 +2828,147 @@ var gt = te(Ae.p, { sqrt: Ar }), Sn = /* @__PURE__ */ Er(Ae, {
     "0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f",
     "0x0000000000000000000000000000000000000000000000000000000000000001"
   ]
-].map((t) => t.map((e) => BigInt(e)))), Rr = pr(gt, {
+].map((t) => t.map((n) => BigInt(n)))), xn, So = () => xn || (xn = go(It, {
   A: BigInt("0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533"),
   B: BigInt("1771"),
-  Z: gt.create(BigInt("-11"))
-}), Dr = gr(Sn, (t) => {
-  const { x: e, y: r } = Rr(gt.create(t[0]));
-  return Sr(e, r);
+  Z: It.create(BigInt("-11"))
+})), dr = ao(J, (t) => {
+  const { x: n, y: e } = So()(It.create(t[0]));
+  return Bo(n, e);
 }, {
   DST: "secp256k1_XMD:SHA-256_SSWU_RO_",
   encodeDST: "secp256k1_XMD:SHA-256_SSWU_NU_",
-  p: gt.ORDER,
+  p: It.ORDER,
   m: 1,
   k: 128,
   expand: "xmd",
-  hash: zt
+  hash: jt
+}), Po = cr({
+  name: "FROST-secp256k1-SHA256-v1",
+  Point: J,
+  hashToScalar: dr.hashToScalar,
+  hash: jt
+});
+function hr(t, n) {
+  if (n === void 0) return lr;
+  const e = St(ur("TapTweak", Ye(t), n));
+  if (!J.Fn.isValid(e)) throw new Error("invalid TapTweak hash");
+  return e;
+}
+function on(t) {
+  return Vt(J.fromBytes(t.commitments[0]).y) ? t : {
+    signers: {
+      min: t.signers.min,
+      max: t.signers.max
+    },
+    commitments: t.commitments.map((n) => J.fromBytes(n).negate().toBytes()),
+    verifyingShares: Object.fromEntries(Object.entries(t.verifyingShares).map(([n, e]) => [n, J.fromBytes(e).negate().toBytes()]))
+  };
+}
+function mr(t, n) {
+  if (Vt(J.fromBytes(n.commitments[0]).y)) return t;
+  const e = J.Fn;
+  return {
+    ...t,
+    signingShare: e.toBytes(e.neg(e.fromBytes(t.signingShare)))
+  };
+}
+function Ao(t, n) {
+  if (Vt(t.y)) return n;
+  const e = J.Fn;
+  return {
+    binding: e.toBytes(e.neg(e.fromBytes(n.binding))),
+    hiding: e.toBytes(e.neg(e.fromBytes(n.hiding)))
+  };
+}
+function Ro(t, n, e) {
+  const r = J.Fn, o = mr(t, n), i = on(n), a = hr(J.fromBytes(i.commitments[0]), e), f = r.toBytes(r.add(r.fromBytes(o.signingShare), a));
+  return {
+    identifier: o.identifier,
+    signingShare: f
+  };
+}
+function _o(t, n) {
+  const e = on(t), r = hr(J.fromBytes(e.commitments[0]), n), o = J.BASE.multiply(r), i = e.commitments.map((f, l) => (l === 0 ? J.fromBytes(f).add(o) : J.fromBytes(f)).toBytes()), a = {};
+  for (const f in e.verifyingShares) a[f] = J.fromBytes(e.verifyingShares[f]).add(o).toBytes();
+  return {
+    signers: {
+      min: e.signers.min,
+      max: e.signers.max
+    },
+    commitments: i,
+    verifyingShares: a
+  };
+}
+var zo = cr({
+  name: "FROST-secp256k1-SHA256-TR-v1",
+  Point: J,
+  hashToScalar: dr.hashToScalar,
+  hash: jt,
+  parsePublicKey(t) {
+    if (t.length === 32) return Eo(St(t));
+    if (t.length === 33) return J.fromBytes(t);
+    throw new Error(`expected x-only or compressed public key, got length=${t.length}`);
+  },
+  adjustScalar(t) {
+    return Vt(J.BASE.multiply(t).y) ? t : J.Fn.neg(t);
+  },
+  adjustPoint: (t) => Vt(t.y) ? t : t.negate(),
+  challenge(t, n, e) {
+    return xo(Ye(t), Ye(n), e);
+  },
+  adjustNonces: Ao,
+  adjustGroupCommitmentShare: (t, n) => Vt(t.y) ? n : n.negate(),
+  adjustPublic: on,
+  adjustSecret: mr,
+  adjustTx: {
+    encode: (t) => t.subarray(1),
+    decode: (t) => Q(Uint8Array.of(2), t)
+  },
+  adjustDKG: (t) => {
+    const n = new Uint8Array(0);
+    return {
+      public: _o(t.public, n),
+      secret: Ro(t.secret, t.public, n)
+    };
+  }
 });
 export {
-  P as A,
-  Lr as C,
-  xt as D,
-  Vt as E,
-  Ge as F,
-  Ir as I,
-  In as L,
-  Nt as M,
-  Kt as N,
-  Rn as O,
-  mt as P,
-  Hr as R,
-  Nn as S,
-  C as T,
-  kn as _,
-  zn as a,
-  ae as b,
-  Pt as c,
-  qr as d,
-  tn as f,
-  Zn as g,
-  Vn as h,
-  Ur as i,
-  _t as j,
-  At as k,
-  $n as l,
-  Tn as m,
-  et as n,
-  jt as o,
-  Mn as p,
-  Wn as r,
-  Dt as s,
-  Nr as t,
-  zt as u,
-  Cn as v,
-  Ln as w,
-  Un as x,
-  qn as y
+  xr as A,
+  Do as C,
+  Ln as D,
+  Fo as E,
+  Yt as F,
+  Qt as I,
+  Ho as L,
+  To as M,
+  Er as N,
+  vr as O,
+  Kt as P,
+  Fr as S,
+  jt as T,
+  qo as _,
+  wt as a,
+  Nr as b,
+  Dr as c,
+  kn as d,
+  No as f,
+  Uo as g,
+  Lo as h,
+  Q as i,
+  Br as j,
+  Fe as k,
+  ko as l,
+  jo as m,
+  bt as n,
+  Lr as o,
+  Io as p,
+  St as r,
+  Zo as s,
+  Vo as t,
+  $o as u,
+  jr as v,
+  _r as w,
+  Co as x,
+  Or as y
 };