@buildonspark/spark-sdk 0.1.43 → 0.1.45

package/dist/{chunk-DQYKQJRZ.js → chunk-C2S227QR.js}

@@ -2,10 +2,10 @@ import {
   calculateAvailableTokenAmount,
   checkIfSelectedOutputsAreAvailable,
   collectResponses
-} from "./chunk-6AFUC5M2.js";
+} from "./chunk-HWJWKEIU.js";
 import {
   decodeSparkAddress
-} from "./chunk-O4RYNJNB.js";
+} from "./chunk-KMUMFYFX.js";
 import {
   bigIntToPrivateKey,
   recoverSecret
@@ -110,13 +110,21 @@ function hashTokenTransactionV0(tokenTransaction, partialHash = false) {
         });
       }
       hashObj2.update(issuerPubKey);
-      if (tokenTransaction.tokenInputs.mintInput.issuerProvidedTimestamp != 0) {
+      let timestampValue = 0;
+      const mintInput = tokenTransaction.tokenInputs.mintInput;
+      if ("issuerProvidedTimestamp" in mintInput) {
+        const v0MintInput = mintInput;
+        if (v0MintInput.issuerProvidedTimestamp != 0) {
+          timestampValue = v0MintInput.issuerProvidedTimestamp;
+        }
+      } else if ("clientCreatedTimestamp" in tokenTransaction && tokenTransaction.clientCreatedTimestamp) {
+        timestampValue = tokenTransaction.clientCreatedTimestamp.getTime();
+      }
+      if (timestampValue != 0) {
         const timestampBytes = new Uint8Array(8);
         new DataView(timestampBytes.buffer).setBigUint64(
           0,
-          BigInt(
-            tokenTransaction.tokenInputs.mintInput.issuerProvidedTimestamp
-          ),
+          BigInt(timestampValue),
           true
           // true for little-endian to match Go implementation
         );
@@ -125,12 +133,95 @@ function hashTokenTransactionV0(tokenTransaction, partialHash = false) {
       allHashes.push(hashObj2.digest());
     }
   }
+  if (tokenTransaction.tokenInputs?.$case === "createInput") {
+    const issuerPubKeyHashObj = sha256.create();
+    const createInput = tokenTransaction.tokenInputs.createInput;
+    if (!createInput.issuerPublicKey || createInput.issuerPublicKey.length === 0) {
+      throw new ValidationError("issuer public key cannot be nil or empty", {
+        field: "tokenInputs.createInput.issuerPublicKey"
+      });
+    }
+    issuerPubKeyHashObj.update(createInput.issuerPublicKey);
+    allHashes.push(issuerPubKeyHashObj.digest());
+    const tokenNameHashObj = sha256.create();
+    if (!createInput.tokenName || createInput.tokenName.length === 0) {
+      throw new ValidationError("token name cannot be empty", {
+        field: "tokenInputs.createInput.tokenName"
+      });
+    }
+    if (createInput.tokenName.length > 20) {
+      throw new ValidationError("token name cannot be longer than 20 bytes", {
+        field: "tokenInputs.createInput.tokenName",
+        value: createInput.tokenName,
+        expectedLength: 20,
+        actualLength: createInput.tokenName.length
+      });
+    }
+    const tokenNameBytes = new Uint8Array(20);
+    const tokenNameEncoder = new TextEncoder();
+    tokenNameBytes.set(tokenNameEncoder.encode(createInput.tokenName));
+    tokenNameHashObj.update(tokenNameBytes);
+    allHashes.push(tokenNameHashObj.digest());
+    const tokenTickerHashObj = sha256.create();
+    if (!createInput.tokenTicker || createInput.tokenTicker.length === 0) {
+      throw new ValidationError("token ticker cannot be empty", {
+        field: "tokenInputs.createInput.tokenTicker"
+      });
+    }
+    if (createInput.tokenTicker.length > 6) {
+      throw new ValidationError("token ticker cannot be longer than 6 bytes", {
+        field: "tokenInputs.createInput.tokenTicker",
+        value: createInput.tokenTicker,
+        expectedLength: 6,
+        actualLength: createInput.tokenTicker.length
+      });
+    }
+    const tokenTickerBytes = new Uint8Array(6);
+    const tokenTickerEncoder = new TextEncoder();
+    tokenTickerBytes.set(tokenTickerEncoder.encode(createInput.tokenTicker));
+    tokenTickerHashObj.update(tokenTickerBytes);
+    allHashes.push(tokenTickerHashObj.digest());
+    const decimalsHashObj = sha256.create();
+    const decimalsBytes = new Uint8Array(4);
+    new DataView(decimalsBytes.buffer).setUint32(
+      0,
+      createInput.decimals,
+      false
+    );
+    decimalsHashObj.update(decimalsBytes);
+    allHashes.push(decimalsHashObj.digest());
+    const maxSupplyHashObj = sha256.create();
+    if (!createInput.maxSupply) {
+      throw new ValidationError("max supply cannot be nil", {
+        field: "tokenInputs.createInput.maxSupply"
+      });
+    }
+    if (createInput.maxSupply.length !== 16) {
+      throw new ValidationError("max supply must be exactly 16 bytes", {
+        field: "tokenInputs.createInput.maxSupply",
+        value: createInput.maxSupply,
+        expectedLength: 16,
+        actualLength: createInput.maxSupply.length
+      });
+    }
+    maxSupplyHashObj.update(createInput.maxSupply);
+    allHashes.push(maxSupplyHashObj.digest());
+    const isFreezableHashObj = sha256.create();
+    const isFreezableByte = new Uint8Array([createInput.isFreezable ? 1 : 0]);
+    isFreezableHashObj.update(isFreezableByte);
+    allHashes.push(isFreezableHashObj.digest());
+    const creationEntityHashObj = sha256.create();
+    if (!partialHash && createInput.creationEntityPublicKey) {
+      creationEntityHashObj.update(createInput.creationEntityPublicKey);
+    }
+    allHashes.push(creationEntityHashObj.digest());
+  }
   if (!tokenTransaction.tokenOutputs) {
     throw new ValidationError("token outputs cannot be null", {
       field: "tokenOutputs"
     });
   }
-  if (tokenTransaction.tokenOutputs.length === 0) {
+  if (tokenTransaction.tokenOutputs.length === 0 && tokenTransaction.tokenInputs?.$case !== "createInput") {
     throw new ValidationError("token outputs cannot be empty", {
       field: "tokenOutputs"
     });
@@ -307,6 +398,26 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
   );
   versionHashObj.update(versionBytes);
   allHashes.push(versionHashObj.digest());
+  const typeHashObj = sha256.create();
+  const typeBytes = new Uint8Array(4);
+  let transactionType = 0;
+  if (tokenTransaction.tokenInputs?.$case === "mintInput") {
+    transactionType = 2 /* TOKEN_TRANSACTION_TYPE_MINT */;
+  } else if (tokenTransaction.tokenInputs?.$case === "transferInput") {
+    transactionType = 3 /* TOKEN_TRANSACTION_TYPE_TRANSFER */;
+  } else if (tokenTransaction.tokenInputs?.$case === "createInput") {
+    transactionType = 1 /* TOKEN_TRANSACTION_TYPE_CREATE */;
+  } else {
+    throw new ValidationError(
+      "token transaction must have exactly one input type",
+      {
+        field: "tokenInputs"
+      }
+    );
+  }
+  new DataView(typeBytes.buffer).setUint32(0, transactionType, false);
+  typeHashObj.update(typeBytes);
+  allHashes.push(typeHashObj.digest());
   if (tokenTransaction.tokenInputs?.$case === "transferInput") {
     if (!tokenTransaction.tokenInputs.transferInput.outputsToSpend) {
       throw new ValidationError("outputs to spend cannot be null", {
@@ -318,6 +429,15 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
         field: "tokenInputs.transferInput.outputsToSpend"
       });
     }
+    const outputsLenHashObj2 = sha256.create();
+    const outputsLenBytes2 = new Uint8Array(4);
+    new DataView(outputsLenBytes2.buffer).setUint32(
+      0,
+      tokenTransaction.tokenInputs.transferInput.outputsToSpend.length,
+      false
+    );
+    outputsLenHashObj2.update(outputsLenBytes2);
+    allHashes.push(outputsLenHashObj2.digest());
     for (const [
       i,
       output
@@ -354,8 +474,7 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
       hashObj2.update(voutBytes);
       allHashes.push(hashObj2.digest());
     }
-  }
-  if (tokenTransaction.tokenInputs?.$case === "mintInput") {
+  } else if (tokenTransaction.tokenInputs?.$case === "mintInput") {
     const hashObj2 = sha256.create();
     if (tokenTransaction.tokenInputs.mintInput.issuerPublicKey) {
       const issuerPubKey = tokenTransaction.tokenInputs.mintInput.issuerPublicKey;
@@ -368,31 +487,113 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
         });
       }
       hashObj2.update(issuerPubKey);
-      if (tokenTransaction.tokenInputs.mintInput.issuerProvidedTimestamp != 0) {
-        const timestampBytes = new Uint8Array(8);
-        new DataView(timestampBytes.buffer).setBigUint64(
-          0,
-          BigInt(
-            tokenTransaction.tokenInputs.mintInput.issuerProvidedTimestamp
-          ),
-          true
-          // true for little-endian to match Go implementation
+      allHashes.push(hashObj2.digest());
+      const tokenIdentifierHashObj = sha256.create();
+      if (tokenTransaction.tokenInputs.mintInput.tokenIdentifier) {
+        tokenIdentifierHashObj.update(
+          tokenTransaction.tokenInputs.mintInput.tokenIdentifier
         );
-        hashObj2.update(timestampBytes);
+      } else {
+        tokenIdentifierHashObj.update(new Uint8Array(32));
       }
-      allHashes.push(hashObj2.digest());
+      allHashes.push(tokenIdentifierHashObj.digest());
+    }
+  } else if (tokenTransaction.tokenInputs?.$case === "createInput") {
+    const createInput = tokenTransaction.tokenInputs.createInput;
+    const issuerPubKeyHashObj = sha256.create();
+    if (!createInput.issuerPublicKey || createInput.issuerPublicKey.length === 0) {
+      throw new ValidationError("issuer public key cannot be nil or empty", {
+        field: "tokenInputs.createInput.issuerPublicKey"
+      });
+    }
+    issuerPubKeyHashObj.update(createInput.issuerPublicKey);
+    allHashes.push(issuerPubKeyHashObj.digest());
+    const tokenNameHashObj = sha256.create();
+    if (!createInput.tokenName || createInput.tokenName.length === 0) {
+      throw new ValidationError("token name cannot be empty", {
+        field: "tokenInputs.createInput.tokenName"
+      });
+    }
+    if (createInput.tokenName.length > 20) {
+      throw new ValidationError("token name cannot be longer than 20 bytes", {
+        field: "tokenInputs.createInput.tokenName",
+        value: createInput.tokenName,
+        expectedLength: 20,
+        actualLength: createInput.tokenName.length
+      });
+    }
+    const tokenNameEncoder = new TextEncoder();
+    tokenNameHashObj.update(tokenNameEncoder.encode(createInput.tokenName));
+    allHashes.push(tokenNameHashObj.digest());
+    const tokenTickerHashObj = sha256.create();
+    if (!createInput.tokenTicker || createInput.tokenTicker.length === 0) {
+      throw new ValidationError("token ticker cannot be empty", {
+        field: "tokenInputs.createInput.tokenTicker"
+      });
+    }
+    if (createInput.tokenTicker.length > 6) {
+      throw new ValidationError("token ticker cannot be longer than 6 bytes", {
+        field: "tokenInputs.createInput.tokenTicker",
+        value: createInput.tokenTicker,
+        expectedLength: 6,
+        actualLength: createInput.tokenTicker.length
+      });
+    }
+    const tokenTickerEncoder = new TextEncoder();
+    tokenTickerHashObj.update(
+      tokenTickerEncoder.encode(createInput.tokenTicker)
+    );
+    allHashes.push(tokenTickerHashObj.digest());
+    const decimalsHashObj = sha256.create();
+    const decimalsBytes = new Uint8Array(4);
+    new DataView(decimalsBytes.buffer).setUint32(
+      0,
+      createInput.decimals,
+      false
+    );
+    decimalsHashObj.update(decimalsBytes);
+    allHashes.push(decimalsHashObj.digest());
+    const maxSupplyHashObj = sha256.create();
+    if (!createInput.maxSupply) {
+      throw new ValidationError("max supply cannot be nil", {
+        field: "tokenInputs.createInput.maxSupply"
+      });
     }
+    if (createInput.maxSupply.length !== 16) {
+      throw new ValidationError("max supply must be exactly 16 bytes", {
+        field: "tokenInputs.createInput.maxSupply",
+        value: createInput.maxSupply,
+        expectedLength: 16,
+        actualLength: createInput.maxSupply.length
+      });
+    }
+    maxSupplyHashObj.update(createInput.maxSupply);
+    allHashes.push(maxSupplyHashObj.digest());
+    const isFreezableHashObj = sha256.create();
+    isFreezableHashObj.update(
+      new Uint8Array([createInput.isFreezable ? 1 : 0])
+    );
+    allHashes.push(isFreezableHashObj.digest());
+    const creationEntityHashObj = sha256.create();
+    if (!partialHash && createInput.creationEntityPublicKey) {
+      creationEntityHashObj.update(createInput.creationEntityPublicKey);
+    }
+    allHashes.push(creationEntityHashObj.digest());
   }
   if (!tokenTransaction.tokenOutputs) {
     throw new ValidationError("token outputs cannot be null", {
       field: "tokenOutputs"
     });
   }
-  if (tokenTransaction.tokenOutputs.length === 0) {
-    throw new ValidationError("token outputs cannot be empty", {
-      field: "tokenOutputs"
-    });
-  }
+  const outputsLenHashObj = sha256.create();
+  const outputsLenBytes = new Uint8Array(4);
+  new DataView(outputsLenBytes.buffer).setUint32(
+    0,
+    tokenTransaction.tokenOutputs.length,
+    false
+  );
+  outputsLenHashObj.update(outputsLenBytes);
+  allHashes.push(outputsLenHashObj.digest());
   for (const [i, output] of tokenTransaction.tokenOutputs.entries()) {
     if (!output) {
       throw new ValidationError(`output cannot be null at index ${i}`, {
@@ -451,18 +652,16 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
       );
       hashObj2.update(locktimeBytes);
     }
-    if (output.tokenPublicKey) {
-      if (output.tokenPublicKey.length === 0) {
-        throw new ValidationError(
-          `token public key at index ${i} cannot be empty`,
-          {
-            field: `tokenOutputs[${i}].tokenPublicKey`,
-            index: i
-          }
-        );
-      }
+    if (!output.tokenPublicKey || output.tokenPublicKey.length === 0) {
+      hashObj2.update(new Uint8Array(33));
+    } else {
       hashObj2.update(output.tokenPublicKey);
     }
+    if (!output.tokenIdentifier || output.tokenIdentifier.length === 0) {
+      hashObj2.update(new Uint8Array(32));
+    } else {
+      hashObj2.update(output.tokenIdentifier);
+    }
     if (output.tokenAmount) {
       if (output.tokenAmount.length === 0) {
         throw new ValidationError(
@@ -503,6 +702,15 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
     }
     return a.length - b.length;
   });
+  const operatorLenHashObj = sha256.create();
+  const operatorLenBytes = new Uint8Array(4);
+  new DataView(operatorLenBytes.buffer).setUint32(
+    0,
+    sortedPubKeys.length,
+    false
+  );
+  operatorLenHashObj.update(operatorLenBytes);
+  allHashes.push(operatorLenHashObj.digest());
   for (const [i, pubKey] of sortedPubKeys.entries()) {
     if (!pubKey) {
       throw new ValidationError(
@@ -536,17 +744,38 @@ function hashTokenTransactionV1(tokenTransaction, partialHash = false) {
   );
   hashObj.update(networkBytes);
   allHashes.push(hashObj.digest());
-  const expiryHashObj = sha256.create();
-  const validityDurationBytes = new Uint8Array(8);
-  const expiryUnixTime = tokenTransaction.expiryTime ? Math.floor(tokenTransaction.expiryTime.getTime() / 1e3) : 0;
-  new DataView(validityDurationBytes.buffer).setBigUint64(
+  const clientTimestampHashObj = sha256.create();
+  const clientCreatedTs = tokenTransaction.clientCreatedTimestamp;
+  if (!clientCreatedTs) {
+    throw new ValidationError(
+      "client created timestamp cannot be null for V1 token transactions",
+      {
+        field: "clientCreatedTimestamp"
+      }
+    );
+  }
+  const clientUnixTime = clientCreatedTs.getTime();
+  const clientTimestampBytes = new Uint8Array(8);
+  new DataView(clientTimestampBytes.buffer).setBigUint64(
     0,
-    BigInt(expiryUnixTime),
+    BigInt(clientUnixTime),
     false
-    // false for big-endian
   );
-  expiryHashObj.update(validityDurationBytes);
-  allHashes.push(expiryHashObj.digest());
+  clientTimestampHashObj.update(clientTimestampBytes);
+  allHashes.push(clientTimestampHashObj.digest());
+  if (!partialHash) {
+    const expiryHashObj = sha256.create();
+    const expiryTimeBytes = new Uint8Array(8);
+    const expiryUnixTime = tokenTransaction.expiryTime ? Math.floor(tokenTransaction.expiryTime.getTime() / 1e3) : 0;
+    new DataView(expiryTimeBytes.buffer).setBigUint64(
+      0,
+      BigInt(expiryUnixTime),
+      false
+      // false for big-endian
+    );
+    expiryHashObj.update(expiryTimeBytes);
+    allHashes.push(expiryHashObj.digest());
+  }
   const finalHashObj = sha256.create();
   const concatenatedHashes = new Uint8Array(
     allHashes.reduce((sum, hash) => sum + hash.length, 0)
@@ -618,7 +847,7 @@ function areByteArraysEqual(a, b) {
 function hasDuplicates(array) {
   return new Set(array).size !== array.length;
 }
-function validateTokenTransaction(finalTokenTransaction, partialTokenTransaction, signingOperators, keyshareInfo, expectedWithdrawBondSats, expectedWithdrawRelativeBlockLocktime, expectedThreshold) {
+function validateTokenTransactionV0(finalTokenTransaction, partialTokenTransaction, signingOperators, keyshareInfo, expectedWithdrawBondSats, expectedWithdrawRelativeBlockLocktime, expectedThreshold) {
   if (finalTokenTransaction.network !== partialTokenTransaction.network) {
     throw new InternalValidationError(
       "Network mismatch in response token transaction",
@@ -775,7 +1004,251 @@ function validateTokenTransaction(finalTokenTransaction, partialTokenTransaction
         }
       );
     }
+    if (finalOutput.tokenPublicKey !== void 0 && partialOutput.tokenPublicKey !== void 0 && !areByteArraysEqual(
+      finalOutput.tokenPublicKey,
+      partialOutput.tokenPublicKey
+    )) {
+      throw new InternalValidationError(
+        "Token public key mismatch in token output",
+        {
+          outputIndex: i,
+          value: finalOutput.tokenPublicKey?.toString(),
+          expected: partialOutput.tokenPublicKey?.toString()
+        }
+      );
+    }
+    if (!areByteArraysEqual(finalOutput.tokenAmount, partialOutput.tokenAmount)) {
+      throw new InternalValidationError(
+        "Token amount mismatch in token output",
+        {
+          outputIndex: i,
+          value: finalOutput.tokenAmount.toString(),
+          expected: partialOutput.tokenAmount.toString()
+        }
+      );
+    }
+    if (finalOutput.withdrawBondSats !== void 0) {
+      if (finalOutput.withdrawBondSats !== expectedWithdrawBondSats) {
+        throw new InternalValidationError(
+          "Withdraw bond sats mismatch in token output",
+          {
+            outputIndex: i,
+            value: finalOutput.withdrawBondSats,
+            expected: expectedWithdrawBondSats
+          }
+        );
+      }
+    }
+    if (finalOutput.withdrawRelativeBlockLocktime !== void 0) {
+      if (finalOutput.withdrawRelativeBlockLocktime !== expectedWithdrawRelativeBlockLocktime) {
+        throw new InternalValidationError(
+          "Withdraw relative block locktime mismatch in token output",
+          {
+            outputIndex: i,
+            value: finalOutput.withdrawRelativeBlockLocktime,
+            expected: expectedWithdrawRelativeBlockLocktime
+          }
+        );
+      }
+    }
+    if (keyshareInfo.threshold !== expectedThreshold) {
+      throw new InternalValidationError(
+        "Threshold mismatch: expected " + expectedThreshold + " but got " + keyshareInfo.threshold,
+        {
+          field: "threshold",
+          value: keyshareInfo.threshold,
+          expected: expectedThreshold
+        }
+      );
+    }
+  }
+  if (keyshareInfo.ownerIdentifiers.length !== Object.keys(signingOperators).length) {
+    throw new InternalValidationError(
+      `Keyshare operator count (${keyshareInfo.ownerIdentifiers.length}) does not match signing operator count (${Object.keys(signingOperators).length})`,
+      {
+        keyshareInfo: keyshareInfo.ownerIdentifiers.length,
+        signingOperators: Object.keys(signingOperators).length
+      }
+    );
+  }
+  if (hasDuplicates(keyshareInfo.ownerIdentifiers)) {
+    throw new InternalValidationError(
+      "Duplicate ownerIdentifiers found in keyshareInfo",
+      {
+        keyshareInfo: keyshareInfo.ownerIdentifiers
+      }
+    );
+  }
+  for (const identifier of keyshareInfo.ownerIdentifiers) {
+    if (!signingOperators[identifier]) {
+      throw new InternalValidationError(
+        `Keyshare operator ${identifier} not found in signing operator list`,
+        {
+          keyshareInfo: identifier,
+          signingOperators: Object.keys(signingOperators)
+        }
+      );
+    }
+  }
+}
+function validateTokenTransaction(finalTokenTransaction, partialTokenTransaction, signingOperators, keyshareInfo, expectedWithdrawBondSats, expectedWithdrawRelativeBlockLocktime, expectedThreshold) {
+  if (finalTokenTransaction.network !== partialTokenTransaction.network) {
+    throw new InternalValidationError(
+      "Network mismatch in response token transaction",
+      {
+        value: finalTokenTransaction.network,
+        expected: partialTokenTransaction.network
+      }
+    );
+  }
+  if (!finalTokenTransaction.tokenInputs) {
+    throw new InternalValidationError(
+      "Token inputs missing in final transaction",
+      {
+        value: finalTokenTransaction
+      }
+    );
+  }
+  if (!partialTokenTransaction.tokenInputs) {
+    throw new InternalValidationError(
+      "Token inputs missing in partial transaction",
+      {
+        value: partialTokenTransaction
+      }
+    );
+  }
+  if (finalTokenTransaction.tokenInputs.$case !== partialTokenTransaction.tokenInputs.$case) {
+    throw new InternalValidationError(
+      `Transaction type mismatch: final transaction has ${finalTokenTransaction.tokenInputs.$case}, partial transaction has ${partialTokenTransaction.tokenInputs.$case}`,
+      {
+        value: finalTokenTransaction.tokenInputs.$case,
+        expected: partialTokenTransaction.tokenInputs.$case
+      }
+    );
+  }
+  if (finalTokenTransaction.sparkOperatorIdentityPublicKeys.length !== partialTokenTransaction.sparkOperatorIdentityPublicKeys.length) {
+    throw new InternalValidationError(
+      "Spark operator identity public keys count mismatch",
+      {
+        value: finalTokenTransaction.sparkOperatorIdentityPublicKeys.length,
+        expected: partialTokenTransaction.sparkOperatorIdentityPublicKeys.length
+      }
+    );
+  }
+  if (partialTokenTransaction.tokenInputs.$case === "mintInput" && finalTokenTransaction.tokenInputs.$case === "mintInput") {
+    const finalMintInput = finalTokenTransaction.tokenInputs.mintInput;
+    const partialMintInput = partialTokenTransaction.tokenInputs.mintInput;
+    if (!areByteArraysEqual(
+      finalMintInput.issuerPublicKey,
+      partialMintInput.issuerPublicKey
+    )) {
+      throw new InternalValidationError(
+        "Issuer public key mismatch in mint input",
+        {
+          value: finalMintInput.issuerPublicKey.toString(),
+          expected: partialMintInput.issuerPublicKey.toString()
+        }
+      );
+    }
+  } else if (partialTokenTransaction.tokenInputs.$case === "transferInput" && finalTokenTransaction.tokenInputs.$case === "transferInput") {
+    const finalTransferInput = finalTokenTransaction.tokenInputs.transferInput;
+    const partialTransferInput = partialTokenTransaction.tokenInputs.transferInput;
+    if (finalTransferInput.outputsToSpend.length !== partialTransferInput.outputsToSpend.length) {
+      throw new InternalValidationError(
+        "Outputs to spend count mismatch in transfer input",
+        {
+          value: finalTransferInput.outputsToSpend.length,
+          expected: partialTransferInput.outputsToSpend.length
+        }
+      );
+    }
+    for (let i = 0; i < finalTransferInput.outputsToSpend.length; i++) {
+      const finalOutput = finalTransferInput.outputsToSpend[i];
+      const partialOutput = partialTransferInput.outputsToSpend[i];
+      if (!finalOutput) {
+        throw new InternalValidationError(
+          "Token output to spend missing in final transaction",
+          {
+            outputIndex: i,
+            value: finalOutput
+          }
+        );
+      }
+      if (!partialOutput) {
+        throw new InternalValidationError(
+          "Token output to spend missing in partial transaction",
+          {
+            outputIndex: i,
+            value: partialOutput
+          }
+        );
+      }
+      if (!areByteArraysEqual(
+        finalOutput.prevTokenTransactionHash,
+        partialOutput.prevTokenTransactionHash
+      )) {
+        throw new InternalValidationError(
+          "Previous token transaction hash mismatch in transfer input",
+          {
+            outputIndex: i,
+            value: finalOutput.prevTokenTransactionHash.toString(),
+            expected: partialOutput.prevTokenTransactionHash.toString()
+          }
+        );
+      }
+      if (finalOutput.prevTokenTransactionVout !== partialOutput.prevTokenTransactionVout) {
+        throw new InternalValidationError(
+          "Previous token transaction vout mismatch in transfer input",
+          {
+            outputIndex: i,
+            value: finalOutput.prevTokenTransactionVout,
+            expected: partialOutput.prevTokenTransactionVout
+          }
+        );
+      }
+    }
+  }
+  if (finalTokenTransaction.tokenOutputs.length !== partialTokenTransaction.tokenOutputs.length) {
+    throw new InternalValidationError("Token outputs count mismatch", {
+      value: finalTokenTransaction.tokenOutputs.length,
+      expected: partialTokenTransaction.tokenOutputs.length
+    });
+  }
+  for (let i = 0; i < finalTokenTransaction.tokenOutputs.length; i++) {
+    const finalOutput = finalTokenTransaction.tokenOutputs[i];
+    const partialOutput = partialTokenTransaction.tokenOutputs[i];
+    if (!finalOutput) {
+      throw new InternalValidationError(
+        "Token output missing in final transaction",
+        {
+          outputIndex: i,
+          value: finalOutput
+        }
+      );
+    }
+    if (!partialOutput) {
+      throw new InternalValidationError(
+        "Token output missing in partial transaction",
+        {
+          outputIndex: i,
+          value: partialOutput
+        }
+      );
+    }
     if (!areByteArraysEqual(
+      finalOutput.ownerPublicKey,
+      partialOutput.ownerPublicKey
+    )) {
+      throw new InternalValidationError(
+        "Owner public key mismatch in token output",
+        {
+          outputIndex: i,
+          value: finalOutput.ownerPublicKey.toString(),
+          expected: partialOutput.ownerPublicKey.toString()
+        }
+      );
+    }
+    if (finalOutput.tokenPublicKey !== void 0 && partialOutput.tokenPublicKey !== void 0 && !areByteArraysEqual(
       finalOutput.tokenPublicKey,
       partialOutput.tokenPublicKey
     )) {
@@ -861,6 +1334,12 @@ function validateTokenTransaction(finalTokenTransaction, partialTokenTransaction
       );
     }
   }
+  if (finalTokenTransaction.clientCreatedTimestamp.getTime() !== partialTokenTransaction.clientCreatedTimestamp.getTime()) {
+    throw new InternalValidationError("Client created timestamp mismatch", {
+      value: finalTokenTransaction.clientCreatedTimestamp,
+      expected: partialTokenTransaction.clientCreatedTimestamp
+    });
+  }
 }
 
 // src/services/token-transactions.ts
@@ -976,6 +1455,9 @@ var TokenTransactionService = class {
     return txId;
   }
   async constructTransferTokenTransactionV0(selectedOutputs, tokenOutputData) {
+    selectedOutputs.sort(
+      (a, b) => a.previousTransactionVout - b.previousTransactionVout
+    );
     const availableTokenAmount = calculateAvailableTokenAmount(selectedOutputs);
     const totalRequestedAmount = tokenOutputData.reduce(
       (sum, output) => sum + output.tokenAmount,
@@ -1011,6 +1493,9 @@ var TokenTransactionService = class {
     };
   }
   async constructTransferTokenTransaction(selectedOutputs, tokenOutputData) {
+    selectedOutputs.sort(
+      (a, b) => a.previousTransactionVout - b.previousTransactionVout
+    );
     const availableTokenAmount = calculateAvailableTokenAmount(selectedOutputs);
     const totalRequestedAmount = tokenOutputData.reduce(
       (sum, output) => sum + output.tokenAmount,
@@ -1044,7 +1529,8 @@ var TokenTransactionService = class {
       },
       tokenOutputs,
       sparkOperatorIdentityPublicKeys: this.collectOperatorIdentityPublicKeys(),
-      expiryTime: void 0
+      expiryTime: void 0,
+      clientCreatedTimestamp: /* @__PURE__ */ new Date()
     };
   }
   collectOperatorIdentityPublicKeys() {
@@ -1253,7 +1739,7 @@ var TokenTransactionService = class {
     if (!startResponse.keyshareInfo) {
       throw new Error("Keyshare info missing in start response");
     }
-    validateTokenTransaction(
+    validateTokenTransactionV0(
       startResponse.finalTokenTransaction,
       tokenTransaction,
       signingOperators,
@@ -1477,6 +1963,7 @@ var TokenTransactionService = class {
       await coordinatorClient.commit_transaction(
         {
           finalTokenTransaction,
+          finalTokenTransactionHash,
           inputTtxoSignaturesPerOperator,
           ownerIdentityPublicKey: await this.config.signer.getIdentityPublicKey()
         },
@@ -1503,7 +1990,26 @@ var TokenTransactionService = class {
       );
     }
   }
-  async fetchOwnedTokenOutputs(ownerPublicKeys, tokenPublicKeys) {
+  async fetchOwnedTokenOutputs(params) {
+    if (this.config.getTokenTransactionVersion() === "V0") {
+      return this.fetchOwnedTokenOutputsV0(params);
+    } else {
+      return this.fetchOwnedTokenOutputsV1(params);
+    }
+  }
+  async queryTokenTransactions(params) {
+    if (this.config.getTokenTransactionVersion() === "V0") {
+      return this.queryTokenTransactionsV0(params);
+    } else {
+      return this.queryTokenTransactionsV1(params);
+    }
+  }
+  async fetchOwnedTokenOutputsV0(params) {
+    const {
+      ownerPublicKeys,
+      issuerPublicKeys: tokenPublicKeys = [],
+      tokenIdentifiers = []
+    } = params;
     const sparkClient = await this.connectionManager.createSparkClient(
       this.config.getCoordinatorAddress()
     );
@@ -1511,6 +2017,7 @@ var TokenTransactionService = class {
       const result = await sparkClient.query_token_outputs({
         ownerPublicKeys,
         tokenPublicKeys,
+        tokenIdentifiers,
         network: this.config.getNetworkProto()
       });
       return result.outputsWithPreviousTransactionData;
@@ -1518,7 +2025,7 @@ var TokenTransactionService = class {
       throw new NetworkError(
         "Failed to fetch owned token outputs",
         {
-          operation: "query_token_outputs",
+          operation: "spark.query_token_outputs",
           errorCount: 1,
           errors: error instanceof Error ? error.message : String(error)
         },
@@ -1526,11 +2033,127 @@ var TokenTransactionService = class {
       );
     }
   }
-  async syncTokenOutputs(tokenOutputs) {
-    const unsortedTokenOutputs = await this.fetchOwnedTokenOutputs(
-      await this.config.signer.getTrackedPublicKeys(),
-      []
+  async fetchOwnedTokenOutputsV1(params) {
+    const {
+      ownerPublicKeys,
+      issuerPublicKeys = [],
+      tokenIdentifiers = []
+    } = params;
+    const tokenClient = await this.connectionManager.createSparkTokenClient(
+      this.config.getCoordinatorAddress()
     );
+    try {
+      const result = await tokenClient.query_token_outputs({
+        ownerPublicKeys,
+        issuerPublicKeys,
+        tokenIdentifiers,
+        network: this.config.getNetworkProto()
+      });
+      return result.outputsWithPreviousTransactionData;
+    } catch (error) {
+      throw new NetworkError(
+        "Failed to fetch owned token outputs",
+        {
+          operation: "spark_token.query_token_outputs",
+          errorCount: 1,
+          errors: error instanceof Error ? error.message : String(error)
+        },
+        error
+      );
+    }
+  }
+  async queryTokenTransactionsV0(params) {
+    const {
+      ownerPublicKeys,
+      issuerPublicKeys,
+      tokenTransactionHashes,
+      tokenIdentifiers,
+      outputIds
+    } = params;
+    const sparkClient = await this.connectionManager.createSparkClient(
+      this.config.getCoordinatorAddress()
+    );
+    let queryParams = {
+      tokenPublicKeys: issuerPublicKeys?.map(hexToBytes),
+      ownerPublicKeys: ownerPublicKeys?.map(hexToBytes),
+      tokenIdentifiers: tokenIdentifiers?.map(hexToBytes),
+      tokenTransactionHashes: tokenTransactionHashes?.map(hexToBytes),
+      outputIds: outputIds || [],
+      limit: 100,
+      offset: 0
+    };
+    try {
+      const response = await sparkClient.query_token_transactions(queryParams);
+      return response.tokenTransactionsWithStatus.map((tx) => {
+        const v1TokenTransaction = {
+          version: 1,
+          network: tx.tokenTransaction.network,
+          tokenInputs: tx.tokenTransaction.tokenInputs,
+          tokenOutputs: tx.tokenTransaction.tokenOutputs,
+          sparkOperatorIdentityPublicKeys: tx.tokenTransaction.sparkOperatorIdentityPublicKeys,
+          expiryTime: void 0,
+          // V0 doesn't have expiry time
+          clientCreatedTimestamp: tx.tokenTransaction?.tokenInputs?.$case === "mintInput" ? new Date(
+            tx.tokenTransaction.tokenInputs.mintInput.issuerProvidedTimestamp * 1e3
+          ) : /* @__PURE__ */ new Date()
+        };
+        return {
+          tokenTransaction: v1TokenTransaction,
+          status: tx.status,
+          confirmationMetadata: tx.confirmationMetadata
+        };
+      });
+    } catch (error) {
+      throw new NetworkError(
+        "Failed to query token transactions",
+        {
+          operation: "spark.query_token_transactions",
+          errorCount: 1,
+          errors: error instanceof Error ? error.message : String(error)
+        },
+        error
+      );
+    }
+  }
+  async queryTokenTransactionsV1(params) {
+    const {
+      ownerPublicKeys,
+      issuerPublicKeys,
+      tokenTransactionHashes,
+      tokenIdentifiers,
+      outputIds
+    } = params;
+    const tokenClient = await this.connectionManager.createSparkTokenClient(
+      this.config.getCoordinatorAddress()
+    );
+    let queryParams = {
+      issuerPublicKeys: issuerPublicKeys?.map(hexToBytes),
+      ownerPublicKeys: ownerPublicKeys?.map(hexToBytes),
+      tokenIdentifiers: tokenIdentifiers?.map(hexToBytes),
+      tokenTransactionHashes: tokenTransactionHashes?.map(hexToBytes),
+      outputIds: outputIds || [],
+      limit: 100,
+      offset: 0
+    };
+    try {
+      const response = await tokenClient.query_token_transactions(queryParams);
+      return response.tokenTransactionsWithStatus;
+    } catch (error) {
+      throw new NetworkError(
+        "Failed to query token transactions",
+        {
+          operation: "spark_token.query_token_transactions",
+          errorCount: 1,
+          errors: error instanceof Error ? error.message : String(error)
+        },
+        error
+      );
+    }
+  }
+  async syncTokenOutputs(tokenOutputs) {
+    const unsortedTokenOutputs = await this.fetchOwnedTokenOutputs({
+      ownerPublicKeys: await this.config.signer.getTrackedPublicKeys()
+    });
     unsortedTokenOutputs.forEach((output) => {
       const tokenKey = bytesToHex(output.output.tokenPublicKey);
       const index = output.previousTransactionVout;