@capsara/sdk 1.0.1

package/LICENSE

@@ -0,0 +1,74 @@
+Capsara SDK License
+
+Copyright (c) 2024-2026 Tessarai, LLC and Laird Rixford (the "License Holders"). All rights reserved.
+
+TERMS AND CONDITIONS
+
+1. GRANT OF LICENSE
+
+   Subject to the terms and conditions of this License, Tessarai, LLC
+   ("Licensor") grants you a limited, non-exclusive, non-transferable,
+   non-sublicensable, revocable license to use the Capsara SDK ("Software")
+   solely in connection with the Capsara platform and services provided by
+   Licensor.
+
+2. RESTRICTIONS
+
+   You may NOT:
+
+   a. Redistribute, sublicense, sell, lease, or otherwise transfer the
+      Software or any portion thereof to any third party;
+   b. Modify, adapt, translate, reverse engineer, decompile, disassemble,
+      or create derivative works based on the Software;
+   c. Use the Software to build, support, or operate any product or service
+      that competes with the Capsara platform;
+   d. Use the Software independently of or outside the Capsara platform;
+   e. Remove, alter, or obscure any copyright, trademark, or other
+      proprietary notices in the Software.
+
+3. PLATFORM BINDING
+
+   This license is valid only for use with the Capsara platform. Any use of
+   the Software outside the Capsara platform, including but not limited to
+   integration with competing or unrelated services, is strictly prohibited.
+
+4. INTELLECTUAL PROPERTY
+
+   The Software and all copies thereof are proprietary to and the property
+   of the License Holders. All right, title, and interest in and to the
+   Software, including all intellectual property rights therein, remain
+   exclusively with the License Holders. No rights are
+   granted to you other than as expressly set forth in this License.
+
+5. TERMINATION
+
+   This License is effective until terminated. Licensor may terminate this
+   License at any time, with or without cause, upon written notice. This
+   License will terminate automatically if you fail to comply with any term
+   or condition of this License. Upon termination, you must cease all use
+   of the Software and destroy all copies in your possession or control.
+
+6. GOVERNING TERMS
+
+   Use of the Software is governed by the Capsara Terms of Service, which
+   are incorporated herein by reference. In the event of any conflict
+   between this License and the Terms of Service, the Terms of Service
+   shall prevail.
+
+7. DISCLAIMER OF WARRANTIES
+
+   THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS
+   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT.
+   IN NO EVENT SHALL THE LICENSE HOLDERS OR ANY CONTRIBUTORS BE
+   LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY, WHETHER IN AN ACTION
+   OF CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT OF, OR IN CONNECTION
+   WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+8. LIMITATION OF LIABILITY
+
+   IN NO EVENT SHALL LICENSOR BE LIABLE FOR ANY INDIRECT, INCIDENTAL,
+   SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS OR
+   REVENUE, WHETHER INCURRED DIRECTLY OR INDIRECTLY, OR ANY LOSS OF DATA,
+   USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM YOUR USE OF
+   OR INABILITY TO USE THE SOFTWARE.

package/README.md

@@ -0,0 +1,230 @@
+# Capsara SDK — TypeScript
+
+Zero-knowledge encrypted messaging and file sharing for multi-party collaboration.
+
+## Features
+
+- **AES-256-GCM** encryption with unique keys per capsa
+- **RSA-4096-OAEP** key encryption for multi-party access
+- **Compression** — gzip before encryption
+- **Digital signatures** — RSA-SHA256 sender authenticity
+- **Encrypted subject, body, and structured data**
+- **Batch sending** with automatic chunking
+
+## Installation
+
+```bash
+npm install @capsara/sdk
+```
+
+## Initialize the Client
+
+```typescript
+import { CapsaraClient } from '@capsara/sdk';
+
+const client = new CapsaraClient('https://api.capsara.com');
+```
+
+## Authentication
+
+Authentication requires two steps: login with your credentials, then set your private key for cryptographic operations.
+
+### Login
+
+```typescript
+await client.login({
+  email: 'you@example.com',
+  password: '...'
+});
+```
+
+### Set Private Key
+
+After logging in, set your private key for signing and decryption. Generate and register your keypair using `generateKeyPair()` and `addPublicKey()`, then store the private key securely.
+
+```typescript
+// Load your private key from secure storage (key vault, HSM, etc.)
+const privateKey = loadPrivateKeyFromSecureStorage();
+
+client.setPrivateKey(privateKey);
+```
+
+## Sending Capsas
+
+Use the `CapsaBuilder` to create capsas with recipients and files. Always use `sendCapsas()` even for a single capsa — it handles encryption and batching efficiently.
+
+```typescript
+import { CapsaraClient, CapsaraError, FileInput } from '@capsara/sdk';
+
+try {
+  // Create a builder for each capsa you want to send
+  const builder = await client.createCapsaBuilder();
+
+  // Add recipients — can add multiple
+  builder.addRecipient('party_recipient1');
+  builder.addRecipient('party_recipient2');
+
+  // Add files from path or buffer
+  builder.addFile(FileInput.fromPath('./documents/policy.pdf'));
+  builder.addFile(FileInput.fromBuffer(
+    Buffer.from('Policy data here'),
+    'policy-data.txt'
+  ));
+
+  // Add optional metadata
+  builder.withSubject('Policy Documents — Q1 2025');
+  builder.withBody('Please review the attached policy documents.');
+  builder.withStructured({
+    policyNumber: 'POL-12345',
+    effectiveDate: '2025-01-01'
+  });
+
+  // Set expiration
+  builder.withExpiration(new Date(Date.now() + 90 * 24 * 60 * 60 * 1000));
+
+  // Send
+  const result = await client.sendCapsas([builder]);
+  console.log(`Sent ${result.successful} capsa(s)`);
+
+  if (result.failed > 0) {
+    console.error(`${result.failed} capsas failed to send`);
+  }
+} catch (error) {
+  if (error instanceof CapsaraError) {
+    console.error('Failed to send:', error.message);
+  }
+}
+```
+
+A **capsa** maps one-to-one with a *matter* — a unique combination of sender, recipient, client, and action. Send multiple capsas in one call:
+
+```typescript
+const matter1 = await client.createCapsaBuilder();
+matter1
+  .addRecipient('party_org_b')
+  .withSubject('Client 1 — New Home Policy')
+  .addFile(FileInput.fromPath('./policy.pdf'));
+
+const matter2 = await client.createCapsaBuilder();
+matter2
+  .addRecipient('party_org_b')
+  .withSubject('Client 1 — Auto Endorsement')
+  .withBody('Endorsement effective 3/1. No documents required.');
+
+await client.sendCapsas([matter1, matter2]);
+```
+
+The SDK automatically splits large batches to stay within server limits.
+
+## Receiving Capsas
+
+### List Capsas
+
+```typescript
+const response = await client.listCapsas({
+  status: 'active',
+  limit: 50
+});
+
+console.log(`Found ${response.capsas.length} capsas`);
+
+for (const capsa of response.capsas) {
+  console.log(`- ${capsa.id}: ${capsa.fileCount} files`);
+  console.log(`  Created: ${capsa.createdAt}`);
+  console.log(`  From: ${capsa.creatorId}`);
+}
+
+// Pagination
+if (response.pagination.hasMore) {
+  const nextPage = await client.listCapsas({
+    after: response.pagination.nextCursor
+  });
+}
+```
+
+### Get Capsa and Download Files
+
+```typescript
+import fs from 'node:fs';
+
+const capsa = await client.getCapsa('cap_abc123');
+
+console.log('Subject:', capsa.subject);
+console.log('Body:', capsa.body);
+console.log('Structured data:', capsa.structured);
+
+// Download each file
+for (const file of capsa.files) {
+  const { data, filename } = await client.downloadFile(capsa.packageId, file.id);
+  fs.writeFileSync(`./downloads/${filename}`, data);
+}
+```
+
+## Delegation
+
+Capsara supports delegation for scenarios where a system acts on behalf of a party — for example, an agency management system (AMS) processing capsas on behalf of the agencies it serves. When a capsa is sent to a delegated recipient, the delegate receives its own RSA-encrypted copy of the master key. If the recipient also has a public key registered in the system, they receive their own encrypted copy as well; otherwise, only the delegate can decrypt on their behalf.
+
+If you're a delegate, the flow is identical to receiving. List your capsas and check the `actingFor` field on each one to see which party it belongs to. This lets you route the data to the correct recipient in your system.
+
+```typescript
+// Authenticate as the delegate (e.g., an AMS)
+const client = new CapsaraClient('https://api.capsara.com');
+await client.login({ email: 'ams@example.com', password: '...' });
+client.setPrivateKey(loadPrivateKeyFromSecureStorage());
+
+// List capsas — includes capsas for all parties you represent
+const response = await client.listCapsas();
+
+for (const summary of response.capsas) {
+  const capsa = await client.getCapsa(summary.id);
+
+  // Check who this capsa is for
+  if (capsa.actingFor) {
+    console.log(`Capsa ${summary.id} is for agency ${capsa.actingFor}`);
+    routeToAgency(capsa.actingFor, capsa);
+  }
+
+  // Download and process files
+  for (const file of capsa.files) {
+    const { data, filename } = await client.downloadFile(summary.id, file.id);
+    processFile(capsa.actingFor, filename, data);
+  }
+}
+```
+
+## Encryption
+
+Every capsa is protected by a unique AES-256-GCM symmetric key (the "master key") generated at send time. Files and metadata — subject, body, and structured data — are each encrypted with this master key using a fresh random IV, producing authenticated ciphertext that guarantees both confidentiality and tamper detection. The master key itself is then encrypted once per authorized party and any authorized delegates using their RSA-4096 public key with OAEP-SHA256 padding, so only the holder of the corresponding private key can recover it. Each file is independently hashed with SHA-256 before encryption, and these hashes — along with all IVs — are bound into a canonical string that the sender signs using RS256 (RSA-SHA256 in JWS format). Recipients and the server validate this signature against the sender's public key before trusting any content, ensuring both authenticity and integrity of the entire capsa. Key fingerprints are SHA-256 hashes of the public key PEM, providing a compact identifier for key verification. Files are gzip-compressed before encryption by default to reduce storage and transfer costs. All encryption, decryption, signing, and verification happen locally in the SDK — Capsara's servers only ever store ciphertext and cannot read your files, your metadata, or your keys.
+
+## Private Key Security
+
+Your private key is the sole point of access to every capsa encrypted for you. Capsara uses zero-knowledge encryption — your private key never leaves your environment, is never transmitted to Capsara's servers, and is never stored by Capsara. There is no recovery mechanism, no master backdoor, and no support override. If your private key is lost, every capsa encrypted for your party becomes permanently inaccessible. No one — not Capsara, not the sender, not an administrator — can recover your data without your private key.
+
+You are fully responsible for your private key's lifecycle: generation, secure storage, and backup. Store it in a cloud key vault (Azure Key Vault, AWS Secrets Manager, HashiCorp Vault), a hardware security module, or at minimum an encrypted secrets manager — never in source code, configuration files, or logs. Back it up to a secondary secure location so that a single infrastructure failure does not result in permanent data loss.
+
+The SDK provides a `rotateKey()` method that generates a new RSA-4096 key pair and registers the new public key with Capsara. New capsas sent to you will be encrypted with your new key. However, capsas are immutable once created — their keychain and encrypted contents never change. Existing capsas remain accessible only with the private key that was active when they were created. Keep prior private keys available for as long as you need access to capsas encrypted under them.
+
+## API Reference
+
+| Method | Description |
+|--------|-------------|
+| `CapsaraClient.generateKeyPair()` | Generate an RSA-4096 key pair (static) |
+| `login(credentials)` | Authenticate with email and password |
+| `logout()` | Log out and clear cached data |
+| `setPrivateKey(privateKey)` | Set the private key for signing and decryption |
+| `createCapsaBuilder()` | Create a `CapsaBuilder` pre-loaded with server limits |
+| `sendCapsas(builders)` | Encrypt and send one or more capsas |
+| `getCapsa(capsaId)` | Fetch and decrypt a capsa |
+| `listCapsas(filters?)` | List capsas with optional filters |
+| `deleteCapsa(capsaId)` | Soft-delete a capsa |
+| `downloadFile(capsaId, fileId)` | Download and decrypt a file |
+| `getAuditEntries(capsaId)` | Get audit trail entries |
+| `addPublicKey(key, fingerprint)` | Register a new public key |
+| `rotateKey()` | Generate and register a new key pair |
+| `getKeyHistory()` | Get previous public keys |
+| `getLimits()` | Get server-enforced limits |
+| `destroy()` | Release resources and clear keys |
+
+## License
+
+Capsara SDK License — see [LICENSE](./LICENSE) for details.

package/dist/builder/capsa-builder.d.ts

@@ -0,0 +1,167 @@
+/** Fluent capsa builder for creating encrypted capsas. */
+import type { FileInput, PartyKey, SystemLimits } from '../types/index.js';
+import type { CapsaMetadata, KeychainEntry, EncryptedFile } from '../internal/types.js';
+/** Capsa metadata for upload */
+export interface CapsaUploadData {
+    packageId: string;
+    keychain: {
+        algorithm: string;
+        keys: KeychainEntry[];
+    };
+    signature: {
+        algorithm: string;
+        protected: string;
+        payload: string;
+        signature: string;
+    };
+    accessControl: {
+        expiresAt?: string;
+    };
+    deliveryPriority: string;
+    files: EncryptedFile[];
+    metadata?: CapsaMetadata;
+    encryptedSubject?: string;
+    subjectIV?: string;
+    subjectAuthTag?: string;
+    encryptedBody?: string;
+    bodyIV?: string;
+    bodyAuthTag?: string;
+    encryptedStructured?: string;
+    structuredIV?: string;
+    structuredAuthTag?: string;
+}
+/** Built capsa ready for upload */
+export interface BuiltCapsa {
+    capsa: CapsaUploadData;
+    files: Array<{
+        metadata: EncryptedFile;
+        data: Buffer;
+    }>;
+}
+/** Server-aligned validation constants. */
+export declare const SERVER_LIMITS: {
+    /** Maximum keychain entries (recipients + creator + delegates) */
+    readonly MAX_KEYCHAIN_KEYS: 100;
+    /** Maximum base64url-encoded encrypted subject length */
+    readonly MAX_ENCRYPTED_SUBJECT: 65536;
+    /** Maximum base64url-encoded encrypted body length */
+    readonly MAX_ENCRYPTED_BODY: 1048576;
+    /** Maximum base64url-encoded encrypted structured data length */
+    readonly MAX_ENCRYPTED_STRUCTURED: 1048576;
+    /** Maximum metadata label length */
+    readonly MAX_METADATA_LABEL: 512;
+    /** Maximum tags per envelope */
+    readonly MAX_METADATA_TAGS: 100;
+    /** Maximum characters per tag */
+    readonly MAX_TAG_LENGTH: 100;
+    /** Maximum metadata notes length */
+    readonly MAX_METADATA_NOTES: 10240;
+    /** Maximum related packages */
+    readonly MAX_RELATED_PACKAGES: 50;
+    /** Maximum party ID length */
+    readonly MAX_PARTY_ID_LENGTH: 100;
+    /** Maximum base64url-encoded encrypted filename length */
+    readonly MAX_ENCRYPTED_FILENAME: 2048;
+    /** Maximum base64url-encoded signature payload length */
+    readonly MAX_SIGNATURE_PAYLOAD: 65536;
+    /** Maximum parties a delegate can act for */
+    readonly MAX_ACTING_FOR: 10;
+};
+export declare class CapsaBuilder {
+    #private;
+    subject?: string;
+    body?: string;
+    structured: Record<string, unknown>;
+    /** Unencrypted metadata */
+    readonly metadata: CapsaMetadata;
+    /** Expiration date (UTC, rounded to minute) */
+    get expiresAt(): Date | undefined;
+    set expiresAt(value: Date | string | undefined);
+    constructor(creatorId: string, creatorPrivateKey: string, limits: SystemLimits);
+    /**
+     * Add a recipient to the capsa
+     * @param partyId - Party ID
+     */
+    addRecipient(partyId: string): this;
+    /**
+     * Add multiple recipients to the capsa
+     * @param partyIds - Party IDs
+     */
+    addRecipients(...partyIds: string[]): this;
+    /**
+     * Add a file to the capsa
+     * @param input - File input (path or buffer with filename)
+     * @throws Error if file exceeds size limit or too many files
+     */
+    addFile(input: FileInput): this;
+    /**
+     * Add a file from a file path
+     * @param filePath - File path on disk
+     * @param filename - Filename override (defaults to basename)
+     * @param mimetype - MIME type (auto-detected if not specified)
+     */
+    addFileFromPath(filePath: string, filename?: string, mimetype?: string): this;
+    /**
+     * Add a file from a Buffer
+     * @param buffer - File content
+     * @param filename - Filename
+     * @param mimetype - MIME type (auto-detected if not specified)
+     */
+    addFileFromBuffer(buffer: Buffer, filename: string, mimetype?: string): this;
+    /**
+     * Add multiple files from file paths
+     * @param paths - File paths on disk
+     */
+    addFiles(...paths: string[]): this;
+    /**
+     * Add multiple files from FileInput objects
+     * @param files - File inputs
+     */
+    addFilesFromInputs(...files: FileInput[]): this;
+    /**
+     * Add a text file from string content
+     * @param filename - Filename
+     * @param content - Text content
+     */
+    addTextFile(filename: string, content: string): this;
+    /**
+     * Add a JSON file from an object
+     * @param filename - Filename
+     * @param data - Object to serialize as JSON
+     */
+    addJsonFile(filename: string, data: unknown): this;
+    /**
+     * Set a structured data field
+     * @param key - Field key
+     * @param value - Field value
+     */
+    withStructured(key: string, value: unknown): this;
+    /**
+     * Set multiple structured data fields from an object
+     * @param data - Object with fields to add
+     */
+    withStructured(data: Record<string, unknown>): this;
+    /**
+     * Set the subject
+     * @param subject - Subject text
+     */
+    withSubject(subject: string): this;
+    /**
+     * Set the body
+     * @param body - Body text
+     */
+    withBody(body: string): this;
+    /**
+     * Set the expiration
+     * @param expiresAt - Expiration date/time
+     */
+    withExpiration(expiresAt: Date | string): this;
+    getRecipientIds(): string[];
+    getFileCount(): number;
+    /**
+     * Build the capsa with encryption and signature.
+     * @param partyKeys - Public keys for all recipients
+     */
+    build(partyKeys: PartyKey[]): Promise<BuiltCapsa>;
+}
+//# sourceMappingURL=capsa-builder.d.ts.map

package/dist/builder/capsa-builder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capsa-builder.d.ts","sourceRoot":"","sources":["../../src/builder/capsa-builder.ts"],"names":[],"mappings":"AAAA,0DAA0D;AAsB1D,OAAO,KAAK,EACV,SAAS,EAET,QAAQ,EAER,YAAY,EACb,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EACV,aAAa,EACb,aAAa,EACb,aAAa,EAEd,MAAM,sBAAsB,CAAC;AAE9B,gCAAgC;AAChC,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,aAAa,EAAE,CAAA;KAAE,CAAC;IACvD,SAAS,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;IACxF,aAAa,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACtC,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,aAAa,EAAE,CAAC;IACvB,QAAQ,CAAC,EAAE,aAAa,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,mCAAmC;AACnC,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,eAAe,CAAC;IACvB,KAAK,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,aAAa,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACzD;AAED,2CAA2C;AAC3C,eAAO,MAAM,aAAa;IACxB,kEAAkE;;IAElE,yDAAyD;;IAEzD,sDAAsD;;IAEtD,iEAAiE;;IAEjE,oCAAoC;;IAEpC,gCAAgC;;IAEhC,iCAAiC;;IAEjC,oCAAoC;;IAEpC,+BAA+B;;IAE/B,8BAA8B;;IAE9B,0DAA0D;;IAE1D,yDAAyD;;IAEzD,6CAA6C;;CAErC,CAAC;AAEX,qBAAa,YAAY;;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAM;IAEzC,2BAA2B;IAC3B,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAM;IAEtC,+CAA+C;IAC/C,IAAI,SAAS,IAAI,IAAI,GAAG,SAAS,CAEhC;IACD,IAAI,SAAS,CAAC,KAAK,EAAE,IAAI,GAAG,MAAM,GAAG,SAAS,EAQ7C;gBAUW,SAAS,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY;IAO9E;;;OAGG;IACH,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAmBnC;;;OAGG;IACH,aAAa,CAAC,GAAG,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI;IAuB1C;;;;OAIG;IACH,OAAO,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI;IA0B/B;;;;;OAKG;IACH,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI;IAK7E;;;;;OAKG;IACH,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI;IAI5E;;;OAGG;IACH,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAOlC;;;OAGG;IACH,kBAAkB,CAAC,GAAG,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI;IAO/C;;;;OAIG;IACH,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAKpD;;;;OAIG;IACH,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI;IAMlD;;;;OAIG;IACH,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG,IAAI;IACjD;;;OAGG;IACH,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAUnD;;;OAGG;IACH,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAKlC;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAK5B;;;OAGG;IACH,cAAc,CAAC,SAAS,EAAE,IAAI,GAAG,MAAM,GAAG,IAAI;IAgD9C,eAAe,IAAI,MAAM,EAAE;IAI3B,YAAY,IAAI,MAAM;IAItB;;;OAGG;IACG,KAAK,CAAC,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC;CA0SxD"}