@cardanowall/sdk-ts 0.3.0 → 0.5.0

package/dist/client/index.cjs

@@ -5,21 +5,21 @@ var sorts = require('cbor2/sorts');
 var blake2_js = require('@noble/hashes/blake2.js');
 var ed = require('@noble/ed25519');
 var sha2_js = require('@noble/hashes/sha2.js');
-require('hash-wasm');
+var hashWasm = require('hash-wasm');
 var zod = require('zod');
 var utils_js = require('@noble/ciphers/utils.js');
-var hmac_js = require('@noble/hashes/hmac.js');
 var chacha_js = require('@noble/ciphers/chacha.js');
-var hkdf_js = require('@noble/hashes/hkdf.js');
 require('@noble/curves/abstract/edwards.js');
 require('@noble/curves/abstract/montgomery.js');
 require('@noble/curves/abstract/weierstrass.js');
 var ed25519_js = require('@noble/curves/ed25519.js');
 require('@noble/curves/nist.js');
 var utils_js$2 = require('@noble/curves/utils.js');
+var hkdf_js = require('@noble/hashes/hkdf.js');
 var sha3_js = require('@noble/hashes/sha3.js');
 var utils_js$1 = require('@noble/hashes/utils.js');
 var fft_js = require('@noble/curves/abstract/fft.js');
+var hmac_js = require('@noble/hashes/hmac.js');
 
 function _interopNamespace(e) {
   if (e && e.__esModule) return e;
@@ -103,6 +103,14 @@ function encodeCoseSign1(args) {
 function sha256(input) {
   return sha2_js.sha256(input);
 }
+async function sha256Stream(source) {
+  const hasher = await hashWasm.createSHA256();
+  hasher.init();
+  for await (const chunk of source) {
+    hasher.update(chunk);
+  }
+  return hasher.digest("binary");
+}
 function blake2b256(input) {
   return blake2_js.blake2b(input, { dkLen: 32 });
 }
@@ -158,190 +166,325 @@ function mthRecursive(leaves, start, end) {
   const right = mthRecursive(leaves, start + k, end);
   return hashNode(left, right);
 }
-var ChunkedBytesArraySchema = zod.z.array(
-  zod.z.instanceof(Uint8Array).refine((b) => b.length >= 1 && b.length <= 64, {
-    params: { code: "CHUNK_TOO_LARGE" }
-  })
-).min(1);
-var UTF8_ENCODER = new TextEncoder();
-var UriChunkArraySchema = zod.z.array(
-  zod.z.string().refine(
-    (s) => {
-      const n = UTF8_ENCODER.encode(s).length;
-      return n >= 1 && n <= 64;
-    },
-    { params: { code: "CHUNK_TOO_LARGE" } }
-  )
-).min(1);
+function textKeyedMap(inner) {
+  return zod.z.custom((value) => !(value instanceof Uint8Array), {
+    message: "CBOR byte string present where a text-keyed map is required"
+  }).pipe(inner);
+}
 var HashDigestSchema = zod.z.instanceof(Uint8Array);
 var HashesMapSchema = zod.z.record(zod.z.string(), HashDigestSchema);
-var MerkleCommitSchema = zod.z.object({
-  alg: zod.z.string(),
-  root: zod.z.instanceof(Uint8Array),
-  leaf_count: zod.z.number().int().min(1),
-  uris: zod.z.array(UriChunkArraySchema).min(1).optional()
-}).strict();
-var SlotSchema = zod.z.object({
-  epk: zod.z.instanceof(Uint8Array).optional(),
-  kem_ct: ChunkedBytesArraySchema.optional(),
-  wrap: zod.z.instanceof(Uint8Array).optional()
-});
-zod.z.object({
-  m: zod.z.number().int(),
-  t: zod.z.number().int(),
-  p: zod.z.number().int()
-}).strict();
-var PassphraseBlockSchema = zod.z.object({
-  alg: zod.z.string(),
-  salt: zod.z.instanceof(Uint8Array).superRefine((bytes, ctx) => {
-    if (bytes.length < 16) {
-      ctx.addIssue({
-        code: "custom",
-        path: [],
-        message: `passphrase.salt length ${bytes.length} < 16`,
-        params: { code: "ENC_PASSPHRASE_SALT_TOO_SHORT" }
-      });
-    } else if (bytes.length > 64) {
-      ctx.addIssue({
-        code: "custom",
-        path: [],
-        message: `passphrase.salt length ${bytes.length} > 64`,
-        params: { code: "ENC_PASSPHRASE_SALT_TOO_LONG" }
-      });
-    }
-  }),
-  params: zod.z.record(zod.z.string(), zod.z.unknown())
-}).strict();
-zod.z.object({
-  scheme: zod.z.unknown(),
-  aead: zod.z.string(),
-  kem: zod.z.string().optional(),
-  nonce: zod.z.instanceof(Uint8Array),
-  slots: zod.z.array(SlotSchema).optional(),
-  slots_mac: zod.z.instanceof(Uint8Array).refine((b) => b.length === 32, {
-    params: { code: "ENC_SLOTS_MAC_INVALID_LENGTH" }
-  }).optional(),
-  passphrase: PassphraseBlockSchema.optional()
-}).strict();
-var ItemEntrySchema = zod.z.object({
-  hashes: HashesMapSchema,
-  uris: zod.z.array(UriChunkArraySchema).min(1).optional(),
-  // Captured as `unknown` so the validator can run the
-  // `ENC_REQUIRES_CONTENT_HASH` pre-check ahead of any inner-shape errors
-  // and surface the most informative code first.
-  enc: zod.z.unknown().optional()
-}).strict();
-var SigEntrySchema = zod.z.object({
-  cose_key: ChunkedBytesArraySchema.optional(),
-  cose_sign1: ChunkedBytesArraySchema
-}).strict();
+var UriSchema = zod.z.string();
+var MerkleCommitSchema = textKeyedMap(
+  zod.z.object({
+    alg: zod.z.string(),
+    root: zod.z.instanceof(Uint8Array),
+    leaf_count: zod.z.union([zod.z.number().int(), zod.z.bigint()]),
+    uris: zod.z.array(UriSchema).optional()
+  }).strict()
+);
+var SlotSchema = textKeyedMap(
+  zod.z.object({
+    epk: zod.z.instanceof(Uint8Array).optional(),
+    kem_ct: zod.z.instanceof(Uint8Array).optional(),
+    wrap: zod.z.instanceof(Uint8Array).optional()
+  })
+);
+textKeyedMap(
+  zod.z.object({
+    m: zod.z.union([zod.z.number().int(), zod.z.bigint()]),
+    t: zod.z.union([zod.z.number().int(), zod.z.bigint()]),
+    p: zod.z.union([zod.z.number().int(), zod.z.bigint()])
+  }).strict()
+);
+var PassphraseBlockSchema = textKeyedMap(
+  zod.z.object({
+    alg: zod.z.string(),
+    salt: zod.z.instanceof(Uint8Array).superRefine((bytes, ctx) => {
+      if (bytes.length < 16) {
+        ctx.addIssue({
+          code: "custom",
+          path: [],
+          message: `passphrase.salt length ${bytes.length} < 16`,
+          params: { code: "ENC_PASSPHRASE_SALT_TOO_SHORT" }
+        });
+      } else if (bytes.length > 64) {
+        ctx.addIssue({
+          code: "custom",
+          path: [],
+          message: `passphrase.salt length ${bytes.length} > 64`,
+          params: { code: "ENC_PASSPHRASE_SALT_TOO_LONG" }
+        });
+      }
+    }),
+    params: zod.z.record(zod.z.string(), zod.z.unknown())
+  }).strict()
+);
+var EncScheme1Schema = textKeyedMap(
+  zod.z.object({
+    scheme: zod.z.literal(1),
+    aead: zod.z.string(),
+    kem: zod.z.string().optional(),
+    nonce: zod.z.instanceof(Uint8Array),
+    slots: zod.z.array(SlotSchema).optional(),
+    slots_mac: zod.z.instanceof(Uint8Array).refine((b) => b.length === 32, {
+      params: { code: "ENC_SLOTS_MAC_INVALID_LENGTH" }
+    }).optional(),
+    passphrase: PassphraseBlockSchema.optional()
+  }).strict()
+);
+var EncOpaqueSchema = textKeyedMap(
+  zod.z.looseObject({
+    scheme: zod.z.union([zod.z.number().int().nonnegative(), zod.z.bigint().nonnegative()])
+  })
+);
+zod.z.union([EncScheme1Schema, EncOpaqueSchema]);
+var ItemEntrySchema = textKeyedMap(
+  zod.z.object({
+    hashes: HashesMapSchema,
+    uris: zod.z.array(UriSchema).optional(),
+    // Captured as `unknown`: the envelope is a union whose disposition
+    // (typed scheme-1 vs opaque) depends on identifier support, so the
+    // validator's domain pass — not this schema — narrows it.
+    enc: zod.z.unknown().optional()
+  }).strict()
+);
+var SigEntrySchema = textKeyedMap(
+  zod.z.object({
+    cose_key: zod.z.instanceof(Uint8Array).optional(),
+    cose_sign1: zod.z.instanceof(Uint8Array)
+  }).strict()
+);
 var SupersedesSchema = zod.z.instanceof(Uint8Array).refine((b) => b.length === 32, {
   params: { code: "SUPERSEDES_TX_INVALID_LENGTH" }
 });
 var VersionLiteralSchema = zod.z.literal(1);
-zod.z.looseObject({
-  v: VersionLiteralSchema,
-  items: zod.z.array(ItemEntrySchema).optional(),
-  merkle: zod.z.array(MerkleCommitSchema).optional(),
-  supersedes: SupersedesSchema.optional(),
-  sigs: zod.z.array(SigEntrySchema).optional(),
-  crit: zod.z.array(zod.z.string()).optional()
-});
+textKeyedMap(
+  zod.z.looseObject({
+    v: VersionLiteralSchema,
+    items: zod.z.array(ItemEntrySchema).optional(),
+    merkle: zod.z.array(MerkleCommitSchema).optional(),
+    supersedes: SupersedesSchema.optional(),
+    sigs: zod.z.array(SigEntrySchema).optional(),
+    crit: zod.z.array(zod.z.string()).optional()
+  })
+);
 
 // ../poe-standard/src/encoder.ts
 function encodePoeRecord(record) {
-  return encodeCanonicalCbor(recordToCbor(record));
-}
-function encodeRecordBodyForSigning(record) {
-  const body = recordToCborInternal(
+  return encodeCanonicalCbor(toCborValue(
     record,
     /* includeSigs */
-    false
-  );
-  return encodeCanonicalCbor(body);
+    true
+  ));
 }
-function recordToCbor(record) {
-  return recordToCborInternal(
+function encodeRecordBodyForSigning(record) {
+  return encodeCanonicalCbor(toCborValue(
     record,
     /* includeSigs */
-    true
-  );
-}
-function recordToCborInternal(record, includeSigs) {
-  const out = { v: record.v };
-  if (record.items !== void 0) out["items"] = record.items.map(itemToCbor);
-  if (record.merkle !== void 0) out["merkle"] = record.merkle.map(merkleToCbor);
-  if (record.supersedes !== void 0) out["supersedes"] = record.supersedes;
-  if (includeSigs && record.sigs !== void 0) out["sigs"] = record.sigs.map(sigEntryToCbor);
-  if (record.crit !== void 0) out["crit"] = record.crit.slice();
-  for (const [k, v] of Object.entries(record)) {
-    if (k === "v" || k === "items" || k === "merkle" || k === "supersedes" || k === "sigs" || k === "crit") {
-      continue;
-    }
-    out[k] = v;
-  }
-  return out;
-}
-function itemToCbor(item) {
-  const out = { hashes: hashesToCbor(item.hashes) };
-  if (item.uris !== void 0) {
-    out["uris"] = item.uris.map((chunks) => chunks.slice());
-  }
-  if (item.enc !== void 0) {
-    out["enc"] = envelopeToCbor(item.enc);
-  }
-  return out;
+    false
+  ));
 }
-function hashesToCbor(hashes2) {
+function toCborValue(record, includeSigs) {
   const out = {};
-  for (const [alg, digest] of Object.entries(hashes2)) {
-    out[alg] = digest;
+  for (const [key, value] of Object.entries(record)) {
+    if (value === void 0) continue;
+    if (!includeSigs && key === "sigs") continue;
+    out[key] = stripUndefined(value);
   }
   return out;
 }
-function merkleToCbor(commit) {
-  const out = {
-    alg: commit.alg,
-    root: commit.root,
-    leaf_count: commit.leaf_count
-  };
-  if (commit.uris !== void 0) {
-    out["uris"] = commit.uris.map((chunks) => chunks.slice());
+function stripUndefined(value) {
+  if (value === null || typeof value !== "object" || value instanceof Uint8Array) {
+    return value;
   }
-  return out;
-}
-function envelopeToCbor(enc) {
-  const out = {
-    scheme: enc.scheme,
-    aead: enc.aead,
-    nonce: enc.nonce
-  };
-  if (enc.kem !== void 0) out["kem"] = enc.kem;
-  if (enc.slots !== void 0) out["slots"] = enc.slots.map(slotToCbor);
-  if (enc.slots_mac !== void 0) out["slots_mac"] = enc.slots_mac;
-  if (enc.passphrase !== void 0) out["passphrase"] = passphraseToCbor(enc.passphrase);
-  return out;
-}
-function slotToCbor(slot) {
-  if (slot.kem_ct !== void 0) {
-    return { kem_ct: slot.kem_ct.map((c) => c), wrap: slot.wrap };
+  if (Array.isArray(value)) {
+    return value.map((element) => stripUndefined(element));
   }
-  return { epk: slot.epk, wrap: slot.wrap };
-}
-function passphraseToCbor(pp) {
-  return {
-    alg: pp.alg,
-    salt: pp.salt,
-    params: pp.params
-  };
-}
-function sigEntryToCbor(entry) {
-  const out = { cose_sign1: entry.cose_sign1.map((b) => b) };
-  if (entry.cose_key !== void 0) {
-    out["cose_key"] = entry.cose_key.map((b) => b);
+  if (value instanceof Map) {
+    const out2 = /* @__PURE__ */ new Map();
+    for (const [k, v] of value) {
+      if (v === void 0) continue;
+      out2.set(k, stripUndefined(v));
+    }
+    return out2;
+  }
+  const out = {};
+  for (const [k, v] of Object.entries(value)) {
+    if (v === void 0) continue;
+    out[k] = stripUndefined(v);
   }
   return out;
 }
+
+// ../poe-standard/src/error-codes.ts
+var ERROR_CODES = [
+  "MALFORMED_CBOR",
+  "SCHEMA_TYPE_MISMATCH",
+  "SCHEMA_MISSING_REQUIRED",
+  "SCHEMA_UNKNOWN_FIELD",
+  "SCHEMA_INVALID_LITERAL",
+  "SCHEMA_EMPTY_RECORD",
+  "HASH_DIGEST_LENGTH_MISMATCH",
+  "UNSUPPORTED_HASH_ALG",
+  "UNSUPPORTED_MERKLE_COMMIT_ALG",
+  "SCHEMA_MERKLE_LEAF_COUNT_INVALID",
+  "INVALID_URI",
+  "CHUNK_TOO_LARGE",
+  "UNAUTHENTICATED_CIPHER_FORBIDDEN",
+  "UNSUPPORTED_AEAD_ALG",
+  "NONCE_LENGTH_MISMATCH",
+  "UNSUPPORTED_ENVELOPE_SCHEME",
+  "ENC_UNSUPPORTED",
+  "ENC_SLOTS_EMPTY",
+  "ENC_SLOT_INVALID_SHAPE",
+  "UNSUPPORTED_KEM_ALG",
+  "ENC_KEM_REQUIRED",
+  "KEM_EPK_LENGTH_MISMATCH",
+  "KEM_CT_LENGTH_MISMATCH",
+  "WRAP_LENGTH_MISMATCH",
+  "ENC_SLOTS_MAC_INVALID_LENGTH",
+  "ENC_SLOTS_MAC_REQUIRED",
+  "ENC_SLOTS_REQUIRED",
+  "ENC_SLOTS_DUPLICATE_KEM_MATERIAL",
+  "ENC_SLOTS_TOO_MANY",
+  "ENC_ENVELOPE_TOO_LARGE",
+  "ENC_EXCLUSIVITY_VIOLATION",
+  "ENC_NO_KEY_PATH",
+  "ENC_REQUIRES_CONTENT_HASH",
+  "ENC_PASSPHRASE_ALG_UNSUPPORTED",
+  "ENC_PASSPHRASE_SALT_TOO_SHORT",
+  "ENC_PASSPHRASE_SALT_TOO_LONG",
+  "ENC_PASSPHRASE_ARGON2_PARAMS_TOO_LOW",
+  "ENC_PASSPHRASE_PARAMS_EXCEED_POLICY",
+  "MALFORMED_SIG_COSE_SIGN1",
+  "SIGNATURE_UNSUPPORTED",
+  "SIG_ENTRY_INVALID_SHAPE",
+  "SIG_ENTRY_KID_COSE_KEY_CONFLICT",
+  "SIG_PRIVATE_KEY_LEAKED",
+  "SUPERSEDES_TX_INVALID_LENGTH",
+  "EXTENSION_UNSUPPORTED_CRITICAL",
+  "CRIT_SHAPE_INVALID",
+  "TX_NOT_FOUND",
+  "PROVIDER_UNAVAILABLE",
+  "TX_INTEGRITY_MISMATCH",
+  "METADATA_NOT_FOUND",
+  "INSUFFICIENT_CONFIRMATIONS",
+  "SIGNATURE_INVALID",
+  "SIGNER_KEY_UNRESOLVED",
+  "WALLET_ADDRESS_MISMATCH",
+  "URI_TARGET_FORBIDDEN",
+  "URI_INTEGRITY_MISMATCH",
+  "URI_PROVIDER_INTEGRITY_MISMATCH",
+  "URI_FETCH_FAILED",
+  "CONTENT_UNAVAILABLE",
+  "CONTENT_FETCH_LIMIT_EXCEEDED",
+  "CIPHERTEXT_UNAVAILABLE",
+  "SERVICE_INDEPENDENCE_VIOLATION",
+  "WRONG_DECRYPTION_INPUT_SHAPE",
+  "WRONG_RECIPIENT_KEY",
+  "TAMPERED_HEADER",
+  "TAMPERED_CIPHERTEXT",
+  "KDF_DERIVATION_FAILED",
+  "ENC_PASSPHRASE_UNNORMALIZABLE",
+  "ENC_PASSPHRASE_EMPTY",
+  "SCHEMA_MERKLE_LEAF_COUNT_MISMATCH",
+  "SCHEMA_MERKLE_LEAVES_FORMAT_UNSUPPORTED",
+  "SCHEMA_MERKLE_LEAVES_MALFORMED",
+  "MERKLE_ROOT_MISMATCH",
+  "MERKLE_LEAVES_UNAVAILABLE",
+  "MERKLE_UNSUPPORTED",
+  "OUT_OF_PROFILE_SKIPPED"
+];
+var ERROR_CODE_PART = Object.freeze({
+  MALFORMED_CBOR: "A",
+  SCHEMA_TYPE_MISMATCH: "A",
+  SCHEMA_MISSING_REQUIRED: "A",
+  SCHEMA_UNKNOWN_FIELD: "A",
+  SCHEMA_INVALID_LITERAL: "A",
+  SCHEMA_EMPTY_RECORD: "A",
+  HASH_DIGEST_LENGTH_MISMATCH: "A",
+  UNSUPPORTED_HASH_ALG: "A",
+  UNSUPPORTED_MERKLE_COMMIT_ALG: "A",
+  SCHEMA_MERKLE_LEAF_COUNT_INVALID: "A",
+  INVALID_URI: "A",
+  CHUNK_TOO_LARGE: "carriage",
+  UNAUTHENTICATED_CIPHER_FORBIDDEN: "A",
+  UNSUPPORTED_AEAD_ALG: "A",
+  NONCE_LENGTH_MISMATCH: "A",
+  UNSUPPORTED_ENVELOPE_SCHEME: "A",
+  ENC_UNSUPPORTED: "A",
+  ENC_SLOTS_EMPTY: "A",
+  ENC_SLOT_INVALID_SHAPE: "A",
+  UNSUPPORTED_KEM_ALG: "A",
+  ENC_KEM_REQUIRED: "A",
+  KEM_EPK_LENGTH_MISMATCH: "A",
+  KEM_CT_LENGTH_MISMATCH: "A",
+  WRAP_LENGTH_MISMATCH: "A",
+  ENC_SLOTS_MAC_INVALID_LENGTH: "A",
+  ENC_SLOTS_MAC_REQUIRED: "A",
+  ENC_SLOTS_REQUIRED: "A",
+  ENC_SLOTS_DUPLICATE_KEM_MATERIAL: "A",
+  ENC_SLOTS_TOO_MANY: "A",
+  ENC_ENVELOPE_TOO_LARGE: "A",
+  ENC_EXCLUSIVITY_VIOLATION: "A",
+  ENC_NO_KEY_PATH: "A",
+  ENC_REQUIRES_CONTENT_HASH: "A",
+  ENC_PASSPHRASE_ALG_UNSUPPORTED: "A",
+  ENC_PASSPHRASE_SALT_TOO_SHORT: "A",
+  ENC_PASSPHRASE_SALT_TOO_LONG: "A",
+  ENC_PASSPHRASE_ARGON2_PARAMS_TOO_LOW: "A",
+  ENC_PASSPHRASE_PARAMS_EXCEED_POLICY: "A",
+  MALFORMED_SIG_COSE_SIGN1: "A",
+  SIGNATURE_UNSUPPORTED: "A",
+  SIG_ENTRY_INVALID_SHAPE: "A",
+  SIG_ENTRY_KID_COSE_KEY_CONFLICT: "A",
+  SIG_PRIVATE_KEY_LEAKED: "A",
+  SUPERSEDES_TX_INVALID_LENGTH: "A",
+  EXTENSION_UNSUPPORTED_CRITICAL: "A",
+  CRIT_SHAPE_INVALID: "A",
+  TX_NOT_FOUND: "B",
+  PROVIDER_UNAVAILABLE: "B",
+  TX_INTEGRITY_MISMATCH: "B",
+  METADATA_NOT_FOUND: "B",
+  INSUFFICIENT_CONFIRMATIONS: "B",
+  SIGNATURE_INVALID: "B",
+  SIGNER_KEY_UNRESOLVED: "B",
+  WALLET_ADDRESS_MISMATCH: "B",
+  URI_TARGET_FORBIDDEN: "B",
+  URI_INTEGRITY_MISMATCH: "B",
+  URI_PROVIDER_INTEGRITY_MISMATCH: "B",
+  URI_FETCH_FAILED: "B",
+  CONTENT_UNAVAILABLE: "B",
+  CONTENT_FETCH_LIMIT_EXCEEDED: "B",
+  CIPHERTEXT_UNAVAILABLE: "B",
+  SERVICE_INDEPENDENCE_VIOLATION: "B",
+  WRONG_DECRYPTION_INPUT_SHAPE: "B",
+  WRONG_RECIPIENT_KEY: "B",
+  TAMPERED_HEADER: "B",
+  TAMPERED_CIPHERTEXT: "B",
+  KDF_DERIVATION_FAILED: "B",
+  ENC_PASSPHRASE_UNNORMALIZABLE: "B",
+  ENC_PASSPHRASE_EMPTY: "B",
+  SCHEMA_MERKLE_LEAF_COUNT_MISMATCH: "B",
+  SCHEMA_MERKLE_LEAVES_FORMAT_UNSUPPORTED: "B",
+  SCHEMA_MERKLE_LEAVES_MALFORMED: "B",
+  MERKLE_ROOT_MISMATCH: "B",
+  MERKLE_LEAVES_UNAVAILABLE: "B",
+  MERKLE_UNSUPPORTED: "B",
+  OUT_OF_PROFILE_SKIPPED: "B"
+});
+Object.freeze(
+  ERROR_CODES.filter((code) => ERROR_CODE_PART[code] === "A")
+);
+Object.freeze(
+  ERROR_CODES.filter((code) => ERROR_CODE_PART[code] === "carriage")
+);
+Object.freeze(
+  ERROR_CODES.filter((code) => ERROR_CODE_PART[code] === "B")
+);
+new Map(
+  ERROR_CODES.map((code, index) => [code, index])
+);
 var abytesDoc = utils_js$1.abytes;
 var randomBytes = utils_js$1.randomBytes;
 function equalBytes(a, b) {
@@ -1006,12 +1149,6 @@ var XWing = /* @__PURE__ */ (() => ml_kem768_x25519)();
 function chacha20Poly1305Encrypt(opts2) {
   return chacha_js.chacha20poly1305(opts2.key, opts2.nonce, opts2.aad).encrypt(opts2.plaintext);
 }
-function xchacha20Poly1305Encrypt(opts2) {
-  return chacha_js.xchacha20poly1305(opts2.key, opts2.nonce, opts2.aad).encrypt(opts2.plaintext);
-}
-function hkdfSha256(opts2) {
-  return hkdf_js.hkdf(sha2_js.sha256, opts2.ikm, opts2.salt, opts2.info, opts2.length);
-}
 var MLKEM768X25519_PUBLIC_KEY_LENGTH = 1216;
 var MLKEM768X25519_ENC_LENGTH = 1120;
 var MLKEM768X25519_ESEED_LENGTH = 64;
@@ -1050,6 +1187,9 @@ function x25519Ecdh(opts2) {
     throw e;
   }
 }
+function hkdfSha256(opts2) {
+  return hkdf_js.hkdf(sha2_js.sha256, opts2.ikm, opts2.salt, opts2.info, opts2.length);
+}
 var EciesSealedPoeError = class extends Error {
   code;
   constructor(code, message, options) {
@@ -1058,37 +1198,98 @@ var EciesSealedPoeError = class extends Error {
     this.code = code;
   }
 };
-var CHUNK_MAX_BYTES = 64;
-function chunkKemCt(value) {
-  if (value.length === 0) {
-    throw new Error("chunkKemCt: refusing to chunk an empty byte string");
+var CHUNK_SIZE = 65536;
+var TAG_SIZE = 16;
+var NONCE_LENGTH = 12;
+var COUNTER_LENGTH = 11;
+var PAYLOAD_KEY_LENGTH = 32;
+var EMPTY_AAD = new Uint8Array(0);
+var ChunkNonce = class {
+  nonce = new Uint8Array(NONCE_LENGTH);
+  finished = false;
+  next(final) {
+    if (this.finished) {
+      throw new Error("STREAM: no chunks may follow the final chunk");
+    }
+    if (final) {
+      this.finished = true;
+      this.nonce[COUNTER_LENGTH] = 1;
+    }
+    const out = this.nonce.slice();
+    this.increment();
+    return out;
+  }
+  get done() {
+    return this.finished;
+  }
+  increment() {
+    for (let i = COUNTER_LENGTH - 1; i >= 0; i--) {
+      const v = this.nonce[i] + 1 & 255;
+      this.nonce[i] = v;
+      if (v !== 0) return;
+    }
+    throw new Error("STREAM: chunk counter overflow");
   }
-  const chunks = [];
-  for (let i = 0; i < value.length; i += CHUNK_MAX_BYTES) {
-    chunks.push(value.subarray(i, Math.min(i + CHUNK_MAX_BYTES, value.length)));
+};
+function assertPayloadKey(payloadKey) {
+  if (payloadKey.length !== PAYLOAD_KEY_LENGTH) {
+    throw new Error(
+      `STREAM: payloadKey MUST be exactly ${PAYLOAD_KEY_LENGTH} bytes, got ${payloadKey.length}`
+    );
   }
-  return chunks;
 }
-function joinKemCt(chunks) {
-  let total = 0;
-  for (const c of chunks) total += c.length;
-  const out = new Uint8Array(total);
+var StreamSealer = class {
+  payloadKey;
+  nonce = new ChunkNonce();
+  chunkIndex = 0;
+  constructor(payloadKey) {
+    assertPayloadKey(payloadKey);
+    this.payloadKey = payloadKey;
+  }
+  sealChunk(plaintext, final) {
+    if (!final && plaintext.length !== CHUNK_SIZE) {
+      throw new Error(
+        `STREAM: non-final chunk MUST carry exactly ${CHUNK_SIZE} plaintext bytes, got ${plaintext.length}`
+      );
+    }
+    if (final && plaintext.length > CHUNK_SIZE) {
+      throw new Error(
+        `STREAM: final chunk MUST carry at most ${CHUNK_SIZE} plaintext bytes, got ${plaintext.length}`
+      );
+    }
+    if (final && plaintext.length === 0 && this.chunkIndex > 0) {
+      throw new Error(
+        "STREAM: a zero-length final chunk is admissible only for an empty plaintext"
+      );
+    }
+    const sealed = chacha20Poly1305Encrypt({
+      key: this.payloadKey,
+      nonce: this.nonce.next(final),
+      aad: EMPTY_AAD,
+      plaintext
+    });
+    this.chunkIndex += 1;
+    return sealed;
+  }
+};
+function streamSeal(args) {
+  const { plaintext } = args;
+  const sealer = new StreamSealer(args.payloadKey);
+  const chunkCount = Math.max(1, Math.ceil(plaintext.length / CHUNK_SIZE));
+  const out = new Uint8Array(plaintext.length + chunkCount * TAG_SIZE);
   let offset = 0;
-  for (const c of chunks) {
-    out.set(c, offset);
-    offset += c.length;
+  for (let i = 0; i < chunkCount; i++) {
+    const final = i === chunkCount - 1;
+    const chunk = plaintext.subarray(
+      i * CHUNK_SIZE,
+      Math.min((i + 1) * CHUNK_SIZE, plaintext.length)
+    );
+    const sealed = sealer.sealChunk(chunk, final);
+    out.set(sealed, offset);
+    offset += sealed.length;
   }
   return out;
 }
-function canonicalizeSlots(slots, kem) {
-  if (kem === "x25519") {
-    return slots.map((s) => ({ epk: s.epk, wrap: s.wrap }));
-  }
-  return slots.map((s) => ({
-    kem_ct: chunkKemCt(joinKemCt(s.kem_ct)),
-    wrap: s.wrap
-  }));
-}
 function encodeCanonicalCbor3(value) {
   return cbor2.encode(value, {
     cde: true,
@@ -1097,23 +1298,54 @@ function encodeCanonicalCbor3(value) {
     sortKeys: sorts.sortCoreDeterministic
   });
 }
+var CARDANO_POE_ITEM_HASHES_PREFIX = new TextEncoder().encode(
+  "cardano-poe-item-hashes-v1"
+);
 var CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX = new TextEncoder().encode(
   "cardano-poe-slots-transcript-v1"
 );
+var CARDANO_POE_PASSPHRASE_TRANSCRIPT_PREFIX = new TextEncoder().encode(
+  "cardano-poe-passphrase-transcript-v1"
+);
+var CARDANO_POE_HKDF_INFO_SLOTS_MAC = new TextEncoder().encode(
+  "cardano-poe-slots-mac-v1"
+);
+var CARDANO_POE_HKDF_INFO_PASSPHRASE_MAC = new TextEncoder().encode(
+  "cardano-poe-passphrase-mac-v1"
+);
 var CARDANO_POE_HKDF_INFO_PAYLOAD = new TextEncoder().encode(
   "cardano-poe-payload-v1"
 );
 var CARDANO_POE_HKDF_INFO_PAYLOAD_PASSPHRASE = new TextEncoder().encode(
   "cardano-poe-payload-passphrase-v1"
 );
+var CARDANO_POE_X25519_KEK_SALT_PREFIX = new TextEncoder().encode(
+  "cardano-poe-x25519-kek-salt-v1"
+);
 var CARDANO_POE_XWING_KEK_SALT_PREFIX = new TextEncoder().encode(
   "cardano-poe-xwing-kek-salt-v1"
 );
+if (CARDANO_POE_ITEM_HASHES_PREFIX.length !== 26) {
+  throw new Error("CARDANO_POE_ITEM_HASHES_PREFIX byte-length invariant violated (expected 26)");
+}
 if (CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX.length !== 31) {
   throw new Error(
     "CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX byte-length invariant violated (expected 31)"
   );
 }
+if (CARDANO_POE_PASSPHRASE_TRANSCRIPT_PREFIX.length !== 36) {
+  throw new Error(
+    "CARDANO_POE_PASSPHRASE_TRANSCRIPT_PREFIX byte-length invariant violated (expected 36)"
+  );
+}
+if (CARDANO_POE_HKDF_INFO_SLOTS_MAC.length !== 24) {
+  throw new Error("CARDANO_POE_HKDF_INFO_SLOTS_MAC byte-length invariant violated (expected 24)");
+}
+if (CARDANO_POE_HKDF_INFO_PASSPHRASE_MAC.length !== 29) {
+  throw new Error(
+    "CARDANO_POE_HKDF_INFO_PASSPHRASE_MAC byte-length invariant violated (expected 29)"
+  );
+}
 if (CARDANO_POE_HKDF_INFO_PAYLOAD.length !== 22) {
   throw new Error("CARDANO_POE_HKDF_INFO_PAYLOAD byte-length invariant violated (expected 22)");
 }
@@ -1122,49 +1354,60 @@ if (CARDANO_POE_HKDF_INFO_PAYLOAD_PASSPHRASE.length !== 33) {
     "CARDANO_POE_HKDF_INFO_PAYLOAD_PASSPHRASE byte-length invariant violated (expected 33)"
   );
 }
+if (CARDANO_POE_X25519_KEK_SALT_PREFIX.length !== 30) {
+  throw new Error(
+    "CARDANO_POE_X25519_KEK_SALT_PREFIX byte-length invariant violated (expected 30)"
+  );
+}
 if (CARDANO_POE_XWING_KEK_SALT_PREFIX.length !== 29) {
   throw new Error("CARDANO_POE_XWING_KEK_SALT_PREFIX byte-length invariant violated (expected 29)");
 }
-var MAX_SEALED_PLAINTEXT = 274877906880;
-function assertPlaintextWithinBound(plaintextLength) {
-  if (plaintextLength >= MAX_SEALED_PLAINTEXT) {
-    throw new SealedPayloadTooLargeError(
-      `plaintext length ${plaintextLength} is at or above the maximum sealed payload size ${MAX_SEALED_PLAINTEXT}`
-    );
+var EMPTY_SALT = new Uint8Array(0);
+function labelledSha256(prefix, ...parts) {
+  let total = prefix.length;
+  for (const p of parts) total += p.length;
+  const message = new Uint8Array(total);
+  message.set(prefix, 0);
+  let offset = prefix.length;
+  for (const p of parts) {
+    message.set(p, offset);
+    offset += p.length;
   }
+  return sha2_js.sha256(message);
 }
-var SealedPayloadTooLargeError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SealedPayloadTooLargeError";
+function itemHashesHash(hashes2) {
+  if (Object.keys(hashes2).length === 0) {
+    throw new EciesSealedPoeError(
+      "ENC_REQUIRES_CONTENT_HASH",
+      "hashes MUST carry at least one content-hash entry"
+    );
   }
-};
+  return labelledSha256(CARDANO_POE_ITEM_HASHES_PREFIX, encodeCanonicalCbor3(hashes2));
+}
 function computeSlotsHash(args) {
+  const slots = args.kem === "x25519" ? args.slots.map((s) => ({ epk: s.epk, wrap: s.wrap })) : args.slots.map((s) => ({
+    kem_ct: s.kem_ct,
+    wrap: s.wrap
+  }));
   const transcript = {
     scheme: 1,
     path: "slots",
-    aead: "xchacha20-poly1305",
+    aead: args.aead,
     kem: args.kem,
     nonce: args.nonce,
-    slots: canonicalizeSlots(args.slots, args.kem)
+    slots,
+    hashes_hash: args.hashesHash
   };
-  const encoded = encodeCanonicalCbor3(transcript);
-  const message = new Uint8Array(CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX.length + encoded.length);
-  message.set(CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX, 0);
-  message.set(encoded, CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX.length);
-  return sha2_js.sha256(message);
+  return labelledSha256(CARDANO_POE_SLOTS_TRANSCRIPT_PREFIX, encodeCanonicalCbor3(transcript));
 }
-function adContentSlots(args) {
-  const ad = {
-    scheme: 1,
-    path: "slots",
-    aead: "xchacha20-poly1305",
-    kem: args.kem,
-    nonce: args.nonce,
-    slots_hash: args.slotsHash,
-    slots_mac: args.slotsMac
-  };
-  return encodeCanonicalCbor3(ad);
+function computeSlotsMac(args) {
+  const macKey = hkdfSha256({
+    ikm: args.cek,
+    salt: EMPTY_SALT,
+    info: CARDANO_POE_HKDF_INFO_SLOTS_MAC,
+    length: 32
+  });
+  return hmac_js.hmac(sha2_js.sha256, macKey, args.slotsHash);
 }
 function slotsPayloadKey(args) {
   return hkdfSha256({
@@ -1174,31 +1417,22 @@ function slotsPayloadKey(args) {
     length: 32
   });
 }
+function x25519KekSalt(args) {
+  return labelledSha256(CARDANO_POE_X25519_KEK_SALT_PREFIX, args.nonce, args.epk, args.pubR);
+}
 function xwingKekSalt(args) {
-  const message = new Uint8Array(
-    CARDANO_POE_XWING_KEK_SALT_PREFIX.length + args.kemCt.length + args.pubR.length
-  );
-  let offset = 0;
-  message.set(CARDANO_POE_XWING_KEK_SALT_PREFIX, offset);
-  offset += CARDANO_POE_XWING_KEK_SALT_PREFIX.length;
-  message.set(args.kemCt, offset);
-  offset += args.kemCt.length;
-  message.set(args.pubR, offset);
-  return sha2_js.sha256(message);
+  return labelledSha256(CARDANO_POE_XWING_KEK_SALT_PREFIX, args.nonce, args.kemCt, args.pubR);
 }
+var SEALED_POE_AEAD = "chacha20-poly1305-stream64k";
 var CARDANO_POE_HKDF_INFO_KEK = new TextEncoder().encode("cardano-poe-kek-v1");
 var CARDANO_POE_HKDF_INFO_KEK_MLKEM768X25519 = new TextEncoder().encode(
   "cardano-poe-kek-mlkem768x25519-v1"
 );
-var CARDANO_POE_HKDF_INFO_SLOTS_MAC = new TextEncoder().encode(
-  "cardano-poe-slots-mac-v1"
-);
 var ZERO_NONCE_12 = new Uint8Array(12);
-var EMPTY_SALT = new Uint8Array(0);
 var X25519_PUBLIC_KEY_LENGTH = 32;
 var X25519_SECRET_KEY_LENGTH = 32;
 var CEK_LENGTH = 32;
-var NONCE_LENGTH = 24;
+var NONCE_LENGTH2 = 24;
 var WRAP_LENGTH = 48;
 var SLOTS_MAC_LENGTH = 32;
 if (CARDANO_POE_HKDF_INFO_KEK.length !== 18) {
@@ -1209,18 +1443,9 @@ if (CARDANO_POE_HKDF_INFO_KEK_MLKEM768X25519.length !== 33) {
     "CARDANO_POE_HKDF_INFO_KEK_MLKEM768X25519 byte-length invariant violated (expected 33)"
   );
 }
-if (CARDANO_POE_HKDF_INFO_SLOTS_MAC.length !== 24) {
-  throw new Error("CARDANO_POE_HKDF_INFO_SLOTS_MAC byte-length invariant violated (expected 24)");
-}
 if (ZERO_NONCE_12.length !== 12) {
   throw new Error("ZERO_NONCE_12 byte-length invariant violated (expected 12)");
 }
-function concat(a, b) {
-  const out = new Uint8Array(a.length + b.length);
-  out.set(a, 0);
-  out.set(b, a.length);
-  return out;
-}
 function uniformIndexBelow(m) {
   const limit = 4294967296 - 4294967296 % m;
   const buf = new Uint32Array(1);
@@ -1251,7 +1476,7 @@ function wrapSlotX25519(args) {
   const shared = x25519Ecdh({ secretKey: privEph, theirPublicKey: args.pubR });
   const kek = hkdfSha256({
     ikm: shared,
-    salt: concat(epk, args.pubR),
+    salt: x25519KekSalt({ nonce: args.nonce, epk, pubR: args.pubR }),
     info: CARDANO_POE_HKDF_INFO_KEK,
     length: 32
   });
@@ -1276,7 +1501,7 @@ function wrapSlotMlkem768X25519(args) {
   }
   const kek = hkdfSha256({
     ikm: ss,
-    salt: xwingKekSalt({ kemCt: enc, pubR: args.pubR }),
+    salt: xwingKekSalt({ nonce: args.nonce, kemCt: enc, pubR: args.pubR }),
     info: CARDANO_POE_HKDF_INFO_KEK_MLKEM768X25519,
     length: 32
   });
@@ -1289,13 +1514,13 @@ function wrapSlotMlkem768X25519(args) {
   if (wrap.length !== WRAP_LENGTH) {
     throw new Error(`internal: wrap.length=${wrap.length}, expected ${WRAP_LENGTH}`);
   }
-  return { kem_ct: chunkKemCt(enc), wrap };
+  return { kem_ct: enc, wrap };
 }
 function eciesSealedPoeWrap(args) {
   const { plaintext, recipientPublicKeys } = args;
   const kem = args.kem ?? "x25519";
   const n = recipientPublicKeys.length;
-  assertPlaintextWithinBound(plaintext.length);
+  const hashesHash = itemHashesHash(args.hashes);
   if (n < 1) {
     throw new EciesSealedPoeError(
       "ENC_SLOTS_EMPTY",
@@ -1351,21 +1576,20 @@ function eciesSealedPoeWrap(args) {
     }
   }
   const cek = args.cek ?? utils_js.randomBytes(CEK_LENGTH);
-  const nonce = args.nonce ?? utils_js.randomBytes(NONCE_LENGTH);
+  const nonce = args.nonce ?? utils_js.randomBytes(NONCE_LENGTH2);
   if (cek.length !== CEK_LENGTH) {
     throw new EciesSealedPoeError(
       "INVALID_CEK_LENGTH",
       `cek MUST be exactly ${CEK_LENGTH} bytes, got ${cek.length}`
     );
   }
-  if (nonce.length !== NONCE_LENGTH) {
+  if (nonce.length !== NONCE_LENGTH2) {
     throw new EciesSealedPoeError(
       "NONCE_LENGTH_MISMATCH",
-      `nonce MUST be exactly ${NONCE_LENGTH} bytes, got ${nonce.length}`
+      `nonce MUST be exactly ${NONCE_LENGTH2} bytes, got ${nonce.length}`
     );
   }
   let envelope;
-  let slotsHash;
   if (kem === "x25519") {
     const slots = [];
     for (let i = 0; i < n; i++) {
@@ -1374,6 +1598,7 @@ function eciesSealedPoeWrap(args) {
           pubR: recipientPublicKeys[i],
           privEph: args.ephemeralSecrets ? args.ephemeralSecrets[i] : void 0,
           cek,
+          nonce,
           slotIdx: i
         })
       );
@@ -1381,14 +1606,20 @@ function eciesSealedPoeWrap(args) {
     if (args.skipShuffle !== true) {
       csprngShuffle(slots);
     }
-    slotsHash = computeSlotsHash({ kem: "x25519", nonce, slots });
+    const slotsHash = computeSlotsHash({
+      aead: SEALED_POE_AEAD,
+      kem: "x25519",
+      nonce,
+      slots,
+      hashesHash
+    });
     envelope = {
       scheme: 1,
-      aead: "xchacha20-poly1305",
+      aead: SEALED_POE_AEAD,
       kem: "x25519",
       nonce,
       slots,
-      slots_mac: computeSlotsMac(cek, slotsHash)
+      slots_mac: sizedSlotsMac(cek, slotsHash)
     };
   } else {
     const slots = [];
@@ -1397,83 +1628,55 @@ function eciesSealedPoeWrap(args) {
         wrapSlotMlkem768X25519({
           pubR: recipientPublicKeys[i],
           eseed: args.eseeds ? args.eseeds[i] : void 0,
-          cek
+          cek,
+          nonce
         })
       );
     }
     if (args.skipShuffle !== true) {
       csprngShuffle(slots);
     }
-    slotsHash = computeSlotsHash({ kem: "mlkem768x25519", nonce, slots });
+    const slotsHash = computeSlotsHash({
+      aead: SEALED_POE_AEAD,
+      kem: "mlkem768x25519",
+      nonce,
+      slots,
+      hashesHash
+    });
     envelope = {
       scheme: 1,
-      aead: "xchacha20-poly1305",
+      aead: SEALED_POE_AEAD,
       kem: "mlkem768x25519",
       nonce,
       slots,
-      slots_mac: computeSlotsMac(cek, slotsHash)
+      slots_mac: sizedSlotsMac(cek, slotsHash)
     };
   }
-  const payloadKey = slotsPayloadKey({ cek, nonce });
-  const adContent = adContentSlots({
-    kem: envelope.kem,
-    nonce,
-    slotsHash,
-    slotsMac: envelope.slots_mac
-  });
-  const ciphertext = xchacha20Poly1305Encrypt({
-    key: payloadKey,
-    nonce,
-    aad: adContent,
+  const ciphertext = streamSeal({
+    payloadKey: slotsPayloadKey({ cek, nonce }),
     plaintext
   });
   return { envelope, ciphertext };
 }
-function computeSlotsMac(cek, slotsHash) {
-  const hmacKey = hkdfSha256({
-    ikm: cek,
-    salt: EMPTY_SALT,
-    info: CARDANO_POE_HKDF_INFO_SLOTS_MAC,
-    length: 32
-  });
-  const slotsMac = hmac_js.hmac(sha2_js.sha256, hmacKey, slotsHash);
+function sizedSlotsMac(cek, slotsHash) {
+  const slotsMac = computeSlotsMac({ cek, slotsHash });
   if (slotsMac.length !== SLOTS_MAC_LENGTH) {
     throw new Error(`internal: slots_mac.length=${slotsMac.length}, expected ${SLOTS_MAC_LENGTH}`);
   }
   return slotsMac;
 }
-
-// ../poe-standard/src/chunked.ts
-var CHUNK_MAX_BYTES2 = 64;
-var UTF8_ENCODER2 = new TextEncoder();
-function chunkBytes(value) {
-  if (value.length === 0) return [new Uint8Array(0)];
-  const chunks = [];
-  for (let i = 0; i < value.length; i += CHUNK_MAX_BYTES2) {
-    chunks.push(value.subarray(i, Math.min(i + CHUNK_MAX_BYTES2, value.length)));
-  }
-  return chunks;
-}
-function chunkUri(uri) {
-  const bytes = UTF8_ENCODER2.encode(uri);
-  if (bytes.length === 0) return [""];
-  if (bytes.length <= CHUNK_MAX_BYTES2) return [uri];
-  const decoder = new TextDecoder("utf-8", { fatal: true });
-  const chunks = [];
-  let cursor = 0;
-  while (cursor < bytes.length) {
-    let end = Math.min(cursor + CHUNK_MAX_BYTES2, bytes.length);
-    while (end < bytes.length && (bytes[end] & 192) === 128) end--;
-    chunks.push(decoder.decode(bytes.subarray(cursor, end)));
-    cursor = end;
-  }
-  return chunks;
-}
+new TextEncoder();
+new TextEncoder();
 
 // src/client/off-host-sign.ts
 var EMPTY_BYTES2 = new Uint8Array(0);
 var ED25519_PUBLIC_KEY_LENGTH = 32;
 var ED25519_SIGNATURE_LENGTH = 64;
+function cloneToOwnedBuffer(src) {
+  const out = new Uint8Array(new ArrayBuffer(src.length));
+  out.set(src);
+  return out;
+}
 var OffHostSignError = class extends Error {
   code;
   constructor(code, message) {
@@ -1532,8 +1735,7 @@ function assembleCoseSign1(args) {
     payload: null,
     signature: args.signature
   });
-  const chunks = chunkBytes(coseSign1Bytes);
-  const sigEntry = { cose_sign1: chunks };
+  const sigEntry = { cose_sign1: cloneToOwnedBuffer(coseSign1Bytes) };
   return { coseSign1Bytes, sigEntry };
 }
 function prepareSigStructureHashed(args) {
@@ -1575,8 +1777,7 @@ function assembleCoseSign1Hashed(args) {
     payload: null,
     signature: args.signature
   });
-  const chunks = chunkBytes(coseSign1Bytes);
-  const sigEntry = { cose_sign1: chunks };
+  const sigEntry = { cose_sign1: cloneToOwnedBuffer(coseSign1Bytes) };
   return { coseSign1Bytes, sigEntry };
 }
 
@@ -1903,7 +2104,16 @@ function parseHttpError(args) {
       return new ForbiddenError(init);
     case "insufficient-scope":
       return new InsufficientScopeError(init);
+    // The three 402 funding/affordability failures are one condition to a
+    // caller: the account cannot fund the operation. `insufficient-funds` is the
+    // balance shortfall; `insufficient-storage-credit` is the storage funding
+    // source being out of credit; `no-funding-grant` is the absence of any
+    // funding source entitling the account beyond the free window. All three
+    // surface as the same funding error so a caller routes the user to top up
+    // without branching on the code.
     case "insufficient-funds":
+    case "insufficient-storage-credit":
+    case "no-funding-grant":
       return new InsufficientFundsError(init);
     case "quote-expired":
       return new QuoteExpiredError(init);
@@ -2015,6 +2225,25 @@ var InvalidClientConfigError = class extends Error {
 function bytesToHex(bytes) {
   return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
 }
+
+// src/client/partial-upload-error.ts
+var PartialUploadError = class extends Error {
+  response;
+  failed;
+  constructor(response) {
+    const failed = response.uploads.filter((u) => u.ok === false);
+    super(
+      `${failed.length} of ${response.uploads.length} upload(s) failed: ${failed.map((f) => `[${f.idx}] ${f.error.code} \u2014 ${f.error.detail}`).join("; ")}`
+    );
+    this.name = "PartialUploadError";
+    this.response = response;
+    this.failed = failed;
+  }
+  /** Convenience: the `idx` of every failed entry, in input order. */
+  get failedIndices() {
+    return this.failed.map((f) => f.idx);
+  }
+};
 function encodeCanonicalCbor4(value) {
   return cbor2.encode(value, {
     cde: true,
@@ -2077,24 +2306,493 @@ function encodeLeavesList(args) {
   return encodeCanonicalCbor4(map);
 }
 
-// src/client/partial-upload-error.ts
-var PartialUploadError = class extends Error {
-  response;
-  failed;
-  constructor(response) {
-    const failed = response.uploads.filter((u) => u.ok === false);
-    super(
-      `${failed.length} of ${response.uploads.length} upload(s) failed: ${failed.map((f) => `[${f.idx}] ${f.error.code} \u2014 ${f.error.detail}`).join("; ")}`
+// src/client/resumable-source.ts
+var openHandlePromise;
+async function loadOpen() {
+  if (openHandlePromise === void 0) {
+    openHandlePromise = import('fs/promises').then((fs) => fs.open);
+  }
+  return openHandlePromise;
+}
+var HASH_STREAM_CHUNK_BYTES = 1024 * 1024;
+function isResumableSource(value) {
+  return typeof value === "object" && value !== null && typeof value.size === "number" && typeof value.slice === "function" && typeof value.stream === "function" && // A Blob/File shares all three members but exposes `.arrayBuffer`; exclude it
+  // here so the adapter contract is unambiguous regardless of check order. A
+  // Blob is handled by its own branch, which adapts `.slice`/`.stream` to bytes.
+  typeof value.arrayBuffer !== "function";
+}
+function isBlobLike(value) {
+  return typeof value === "object" && value !== null && typeof value.size === "number" && typeof value.slice === "function" && typeof value.arrayBuffer === "function";
+}
+async function blobSlice(blob, start, end) {
+  return new Uint8Array(await blob.slice(start, end).arrayBuffer());
+}
+async function* blobStream(blob) {
+  const reader = blob.stream().getReader();
+  try {
+    for (; ; ) {
+      const { done, value } = await reader.read();
+      if (done) break;
+      if (value) yield value;
+    }
+  } finally {
+    reader.releaseLock();
+  }
+}
+function fromBlob(blob) {
+  return {
+    size: blob.size,
+    slice: (start, end) => blobSlice(blob, start, end),
+    stream: () => blobStream(blob)
+  };
+}
+function fromBytes(bytes) {
+  return {
+    size: bytes.byteLength,
+    slice: (start, end) => bytes.subarray(start, end),
+    stream: async function* () {
+      for (let offset = 0; offset < bytes.byteLength; offset += HASH_STREAM_CHUNK_BYTES) {
+        yield bytes.subarray(offset, Math.min(offset + HASH_STREAM_CHUNK_BYTES, bytes.byteLength));
+      }
+    }
+  };
+}
+async function fromPath(path) {
+  const open = await loadOpen();
+  const sliceAt = async (start, end) => {
+    const length = end - start;
+    if (length <= 0) return new Uint8Array(0);
+    const handle = await open(path, "r");
+    try {
+      const buffer = new Uint8Array(length);
+      let filled = 0;
+      while (filled < length) {
+        const { bytesRead } = await handle.read(buffer, filled, length - filled, start + filled);
+        if (bytesRead === 0) break;
+        filled += bytesRead;
+      }
+      return filled === length ? buffer : buffer.subarray(0, filled);
+    } finally {
+      await handle.close();
+    }
+  };
+  const streamFile = async function* () {
+    const handle = await open(path, "r");
+    try {
+      const buffer = new Uint8Array(HASH_STREAM_CHUNK_BYTES);
+      let position = 0;
+      for (; ; ) {
+        const { bytesRead } = await handle.read(buffer, 0, buffer.length, position);
+        if (bytesRead === 0) break;
+        position += bytesRead;
+        yield buffer.slice(0, bytesRead);
+      }
+    } finally {
+      await handle.close();
+    }
+  };
+  const { size } = await statSize(path);
+  return { size, slice: sliceAt, stream: streamFile };
+}
+async function statSize(path) {
+  const open = await loadOpen();
+  const handle = await open(path, "r");
+  try {
+    const stats = await handle.stat();
+    return { size: stats.size };
+  } finally {
+    await handle.close();
+  }
+}
+async function toResumableSource(input) {
+  if (typeof input === "string") return fromPath(input);
+  if (input instanceof Uint8Array) return fromBytes(input);
+  if (isBlobLike(input)) return fromBlob(input);
+  if (isResumableSource(input)) return input;
+  throw new TypeError(
+    "uploadResumable: unsupported source. Pass a Blob/File, a Uint8Array, a filesystem path string, or a ResumableSource."
+  );
+}
+
+// src/client/resumable-upload.ts
+var DEFAULT_RESUMABLE_THRESHOLD_BYTES = 50331648;
+var DEFAULT_RESUMABLE_CHUNK_BYTES = 50331648;
+var DEFAULT_PARALLELISM = 4;
+var DEFAULT_MAX_CHUNK_RETRIES = 4;
+var DEFAULT_CONTENT_TYPE = "application/octet-stream";
+var DEFAULT_TARGET = "arweave";
+var ATTEMPT_POLL_INTERVAL_MS = 1e3;
+var ATTEMPT_POLL_MAX_ATTEMPTS = 600;
+function bytesToHex2(bytes) {
+  return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+}
+var B64_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+function bytesToBase64(bytes) {
+  let out = "";
+  let i = 0;
+  for (; i + 2 < bytes.length; i += 3) {
+    const n = bytes[i] << 16 | bytes[i + 1] << 8 | bytes[i + 2];
+    out += B64_ALPHABET[n >> 18 & 63] + B64_ALPHABET[n >> 12 & 63] + B64_ALPHABET[n >> 6 & 63] + B64_ALPHABET[n & 63];
+  }
+  const rem = bytes.length - i;
+  if (rem === 1) {
+    const n = bytes[i] << 16;
+    out += B64_ALPHABET[n >> 18 & 63] + B64_ALPHABET[n >> 12 & 63] + "==";
+  } else if (rem === 2) {
+    const n = bytes[i] << 16 | bytes[i + 1] << 8;
+    out += B64_ALPHABET[n >> 18 & 63] + B64_ALPHABET[n >> 12 & 63] + B64_ALPHABET[n >> 6 & 63] + "=";
+  }
+  return out;
+}
+function jsonHeaders(config, idempotencyKey) {
+  const headers = new Headers({ "content-type": "application/json", accept: "application/json" });
+  if (config.apiKey !== void 0) headers.set("authorization", `Bearer ${config.apiKey}`);
+  if (idempotencyKey !== void 0) headers.set("idempotency-key", idempotencyKey);
+  return headers;
+}
+function octetHeaders(config, length, digestBase64) {
+  const headers = new Headers({
+    "content-type": "application/octet-stream",
+    accept: "application/json",
+    "content-length": String(length),
+    digest: `sha-256=${digestBase64}`
+  });
+  if (config.apiKey !== void 0) headers.set("authorization", `Bearer ${config.apiKey}`);
+  return headers;
+}
+var SESSIONS_PATH = "/api/v1/poe/uploads/sessions";
+function chunkRange(index, chunkBytes, totalBytes) {
+  const start = index * chunkBytes;
+  return [start, Math.min(start + chunkBytes, totalBytes)];
+}
+function missingIndices(received, chunkCount) {
+  const have = new Set(received);
+  const out = [];
+  for (let i = 0; i < chunkCount; i++) if (!have.has(i)) out.push(i);
+  return out;
+}
+function serverMissing(status) {
+  if (Array.isArray(status.missing)) return status.missing;
+  return missingIndices(status.received, status.chunk_count);
+}
+async function hashWholeFile(source) {
+  return bytesToHex2(await sha256Stream(source.stream()));
+}
+async function createSession(config, body, signal) {
+  const response = await config.fetch(`${config.baseUrl}${SESSIONS_PATH}`, {
+    method: "POST",
+    headers: jsonHeaders(config),
+    body: JSON.stringify(body),
+    ...signal ? { signal } : {}
+  });
+  await throwIfNotOk(response);
+  return await readJson(response);
+}
+async function getSessionStatus(config, sessionId, signal) {
+  const response = await config.fetch(
+    `${config.baseUrl}${SESSIONS_PATH}/${encodeURIComponent(sessionId)}`,
+    {
+      method: "GET",
+      headers: jsonHeaders(config),
+      ...signal ? { signal } : {}
+    }
+  );
+  await throwIfNotOk(response);
+  return await readJson(response);
+}
+async function putChunk(config, sessionId, index, bytes, signal) {
+  const digest = bytesToBase64(sha256(bytes));
+  const response = await config.fetch(
+    `${config.baseUrl}${SESSIONS_PATH}/${encodeURIComponent(sessionId)}/chunks/${index}`,
+    {
+      method: "PUT",
+      headers: octetHeaders(config, bytes.byteLength, digest),
+      // A Blob body streams without copying; a matching-digest re-PUT is an
+      // idempotent 200 server-side, so a retried chunk is always safe.
+      body: new Blob([bytes], { type: "application/octet-stream" }),
+      ...signal ? { signal } : {}
+    }
+  );
+  await throwIfNotOk(response);
+  return await readJson(response);
+}
+async function completeSession(config, sessionId, idempotencyKey, signal) {
+  const response = await config.fetch(
+    `${config.baseUrl}${SESSIONS_PATH}/${encodeURIComponent(sessionId)}/complete`,
+    {
+      method: "POST",
+      headers: jsonHeaders(config, idempotencyKey),
+      ...signal ? { signal } : {}
+    }
+  );
+  await throwIfNotOk(response);
+  return await readJson(response);
+}
+async function pollAttempt(config, attemptId, signal) {
+  for (let attempt = 0; attempt < ATTEMPT_POLL_MAX_ATTEMPTS; attempt++) {
+    const response = await config.fetch(
+      `${config.baseUrl}/api/v1/poe/uploads/attempts/${encodeURIComponent(attemptId)}`,
+      {
+        method: "GET",
+        headers: jsonHeaders(config),
+        ...signal ? { signal } : {}
+      }
     );
-    this.name = "PartialUploadError";
-    this.response = response;
-    this.failed = failed;
+    await throwIfNotOk(response);
+    const status = await readJson(response);
+    if (status.state !== "reserved") return status;
+    await delay(ATTEMPT_POLL_INTERVAL_MS, signal);
   }
-  /** Convenience: the `idx` of every failed entry, in input order. */
-  get failedIndices() {
-    return this.failed.map((f) => f.idx);
+  throw new ResumableUploadError(
+    "ATTEMPT_POLL_TIMEOUT",
+    `upload attempt ${attemptId} did not reach a terminal state in time`
+  );
+}
+function delay(ms, signal) {
+  return new Promise((resolve, reject) => {
+    if (signal?.aborted) {
+      reject(signalReason(signal));
+      return;
+    }
+    const timer = setTimeout(() => {
+      signal?.removeEventListener("abort", onAbort);
+      resolve();
+    }, ms);
+    const onAbort = () => {
+      clearTimeout(timer);
+      reject(signalReason(signal));
+    };
+    signal?.addEventListener("abort", onAbort, { once: true });
+  });
+}
+function signalReason(signal) {
+  const reason = signal?.reason;
+  return reason instanceof Error ? reason : new ResumableUploadError("ABORTED", "upload aborted");
+}
+var ResumableUploadError = class extends Error {
+  code;
+  constructor(code, message) {
+    super(message);
+    this.name = "ResumableUploadError";
+    this.code = code;
   }
 };
+async function uploadChunks(config, sessionId, source, chunkBytes, totalBytes, missing, parallelism, maxRetries, signal) {
+  let cursor = 0;
+  const workers = [];
+  const lanes = Math.max(1, Math.min(parallelism, missing.length || 1));
+  for (let lane = 0; lane < lanes; lane++) {
+    workers.push(
+      (async () => {
+        for (; ; ) {
+          if (signal?.aborted) throw signalReason(signal);
+          const next = cursor++;
+          if (next >= missing.length) return;
+          const index = missing[next];
+          const [start, end] = chunkRange(index, chunkBytes, totalBytes);
+          const bytes = await source.slice(start, end);
+          await putChunkWithRetry(config, sessionId, index, bytes, maxRetries, signal);
+        }
+      })()
+    );
+  }
+  await Promise.all(workers);
+}
+async function putChunkWithRetry(config, sessionId, index, bytes, maxRetries, signal) {
+  let lastError;
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    if (signal?.aborted) throw signalReason(signal);
+    try {
+      await putChunk(config, sessionId, index, bytes, signal);
+      return;
+    } catch (err) {
+      if (signal?.aborted) throw signalReason(signal);
+      if (isTerminalChunkError(err)) throw err;
+      lastError = err;
+      if (attempt < maxRetries) {
+        await delay(Math.min(250 * 2 ** attempt, 8e3), signal);
+      }
+    }
+  }
+  throw new ResumableUploadError(
+    "CHUNK_UPLOAD_FAILED",
+    `chunk ${index} failed after ${maxRetries + 1} attempt(s): ${lastError instanceof Error ? lastError.message : String(lastError)}`
+  );
+}
+async function uploadResumable(config, singleShot, input) {
+  const source = await toResumableSource(input.source);
+  const target = input.target ?? DEFAULT_TARGET;
+  const threshold = input.threshold ?? DEFAULT_RESUMABLE_THRESHOLD_BYTES;
+  const totalBytes = source.size;
+  if (totalBytes <= threshold && input.sessionId === void 0) {
+    const bytes = await source.slice(0, totalBytes);
+    const result = await singleShot({
+      target,
+      bytes,
+      ...input.idempotencyKey !== void 0 ? { idempotencyKey: input.idempotencyKey } : {},
+      ...input.signal ? { signal: input.signal } : {}
+    });
+    return {
+      uri: result.uri,
+      sha256: result.sha256,
+      bytes: result.bytes,
+      deduplicated: false,
+      mode: "single-shot"
+    };
+  }
+  return runSession(config, source, target, totalBytes, input);
+}
+async function runSession(config, source, target, totalBytes, input) {
+  const signal = input.signal;
+  let sessionId;
+  let chunkBytes;
+  let missing;
+  let declaredSha256;
+  let gridTotalBytes;
+  if (input.sessionId !== void 0) {
+    const status = await getSessionStatus(config, input.sessionId, signal);
+    if (status.state === "completed" && status.uri !== null) {
+      return {
+        uri: status.uri,
+        sha256: status.sha256,
+        bytes: status.total_bytes,
+        deduplicated: false,
+        mode: "chunked"
+      };
+    }
+    if (status.state === "failed" || status.state === "expired") {
+      throw new ResumableUploadError(
+        "SESSION_FAILED",
+        `cannot resume session ${input.sessionId} in state '${status.state}'`
+      );
+    }
+    sessionId = status.session_id;
+    declaredSha256 = status.sha256;
+    chunkBytes = status.chunk_bytes;
+    gridTotalBytes = status.total_bytes;
+    missing = serverMissing(status);
+  } else {
+    declaredSha256 = await hashWholeFile(source);
+    const requestedChunkBytes = input.chunkBytes ?? DEFAULT_RESUMABLE_CHUNK_BYTES;
+    const created = await createSession(
+      config,
+      {
+        target,
+        sha256: declaredSha256,
+        total_bytes: totalBytes,
+        chunk_bytes: requestedChunkBytes,
+        content_type: input.contentType ?? DEFAULT_CONTENT_TYPE
+      },
+      signal
+    );
+    if ("deduplicated" in created) {
+      return {
+        uri: created.uri,
+        sha256: created.sha256,
+        bytes: created.bytes,
+        deduplicated: true,
+        mode: "chunked"
+      };
+    }
+    sessionId = created.session_id;
+    chunkBytes = created.chunk_bytes;
+    gridTotalBytes = totalBytes;
+    missing = missingIndices(created.received, created.chunk_count);
+  }
+  if (missing.length > 0) {
+    await uploadChunks(
+      config,
+      sessionId,
+      source,
+      chunkBytes,
+      gridTotalBytes,
+      missing,
+      input.parallelism ?? DEFAULT_PARALLELISM,
+      input.maxChunkRetries ?? DEFAULT_MAX_CHUNK_RETRIES,
+      signal
+    );
+  }
+  return finishSession(config, sessionId, declaredSha256, input);
+}
+async function finishSession(config, sessionId, declaredSha256, input) {
+  const signal = input.signal;
+  const idempotencyKey = input.idempotencyKey ?? `resumable-${declaredSha256}`;
+  const COMPLETE_RETRIES = 2;
+  for (let attempt = 0; attempt <= COMPLETE_RETRIES; attempt++) {
+    try {
+      const completion = await completeSession(config, sessionId, idempotencyKey, signal);
+      if ("ok" in completion) {
+        return {
+          uri: completion.uri,
+          sha256: completion.sha256,
+          bytes: completion.bytes,
+          // The server sends the number 0 for a dedup-on-commit (the bytes were
+          // already stored, so nothing was charged); compare numerically.
+          deduplicated: completion.charged_usd_micros === 0,
+          mode: "chunked"
+        };
+      }
+      return resolveAccepted(config, completion.attempt_id, signal);
+    } catch (err) {
+      if (attempt < COMPLETE_RETRIES && isIncompleteUpload(err)) {
+        const status = await getSessionStatus(config, sessionId, signal);
+        const stillMissing = serverMissing(status);
+        if (stillMissing.length === 0) continue;
+        await uploadChunks(
+          config,
+          sessionId,
+          await toResumableSource(input.source),
+          status.chunk_bytes,
+          // Re-bound the resend grid against the server's declared total too, so a
+          // source that grew during the upload cannot over-read the final chunk.
+          status.total_bytes,
+          stillMissing,
+          input.parallelism ?? DEFAULT_PARALLELISM,
+          input.maxChunkRetries ?? DEFAULT_MAX_CHUNK_RETRIES,
+          signal
+        );
+        continue;
+      }
+      throw err;
+    }
+  }
+  throw new ResumableUploadError(
+    "SESSION_FAILED",
+    `session ${sessionId} could not be completed after resending missing chunks`
+  );
+}
+async function resolveAccepted(config, attemptId, signal) {
+  const status = await pollAttempt(config, attemptId, signal);
+  if (status.state === "released") {
+    throw new ResumableUploadError(
+      "ATTEMPT_FAILED",
+      `upload attempt ${attemptId} was released: ${status.reason}`
+    );
+  }
+  if (status.uri.length === 0) {
+    throw new ResumableUploadError(
+      "ATTEMPT_FAILED",
+      `upload attempt ${attemptId} committed without a uri`
+    );
+  }
+  return {
+    uri: status.uri,
+    sha256: status.sha256,
+    bytes: status.bytes,
+    // A committed attempt that charged nothing deduped against bytes already
+    // stored for this account on this backend.
+    deduplicated: status.charged_usd_micros === 0,
+    mode: "chunked"
+  };
+}
+function isTerminalChunkError(err) {
+  if (!(err instanceof Label309HttpError)) return false;
+  const status = err.httpStatus;
+  return status >= 400 && status < 500 && status !== 408 && status !== 429;
+}
+function isIncompleteUpload(err) {
+  return typeof err === "object" && err !== null && "code" in err && err.code === "incomplete-upload";
+}
 
 // src/client/publish.ts
 var ED25519_PUBLIC_KEY_LENGTH2 = 32;
@@ -2111,7 +2809,7 @@ var PublishError = class extends Error {
     this.code = code;
   }
 };
-function bytesToHex2(bytes) {
+function bytesToHex3(bytes) {
   return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
 }
 function hexToBytes(hex) {
@@ -2132,14 +2830,14 @@ function toBytes(content) {
   if (typeof content === "string") return new TextEncoder().encode(content);
   return content;
 }
-function cloneToOwnedBuffer(src) {
+function cloneToOwnedBuffer2(src) {
   const out = new Uint8Array(new ArrayBuffer(src.length));
   out.set(src);
   return out;
 }
 function hashContent(bytes, alg) {
-  if (alg === "sha2-256") return cloneToOwnedBuffer(sha256(bytes));
-  if (alg === "blake2b-256") return cloneToOwnedBuffer(blake2b256(bytes));
+  if (alg === "sha2-256") return cloneToOwnedBuffer2(sha256(bytes));
+  if (alg === "blake2b-256") return cloneToOwnedBuffer2(blake2b256(bytes));
   throw new PublishError(
     "UNSUPPORTED_HASH_ALG",
     `hashAlg must be 'sha2-256' or 'blake2b-256', got '${alg}'`
@@ -2223,29 +2921,45 @@ async function postPublish(config, recordBytesHex, quoteId, idempotencyKey) {
   const parsed = await readJson2(response);
   return { ...parsed, dedup_hit: response.status === 200 };
 }
-async function postUploads(config, blobs, idempotencyKey) {
+var singleShotUpload = (config) => async ({ target, bytes, idempotencyKey, signal }) => {
   const form = new FormData();
-  form.append("target", STORAGE_TARGET_ARWEAVE);
-  for (let idx = 0; idx < blobs.length; idx++) {
-    const bytes = blobs[idx];
-    form.append(
-      `file_${idx}`,
-      new Blob([bytes], { type: "application/octet-stream" }),
-      `file_${idx}.bin`
-    );
-  }
+  form.append("target", target);
+  form.append(
+    "file_0",
+    new Blob([bytes], { type: "application/octet-stream" }),
+    "file_0.bin"
+  );
   const response = await config.fetch(`${config.baseUrl}/api/v1/poe/uploads`, {
     method: "POST",
     headers: buildMultipartHeaders(config.apiKey, idempotencyKey),
-    body: form
+    body: form,
+    ...signal ? { signal } : {}
   });
   await throwIfNotOk2(response);
   const result = await readJson2(response);
-  const anyFailed = result.uploads.some((u) => u.ok === false);
-  if (anyFailed) {
+  const entry = result.uploads[0];
+  if (entry === void 0 || entry.ok === false) {
     throw new PartialUploadError(result);
   }
-  return result;
+  const ok = entry;
+  return { uri: ok.uri, sha256: ok.sha256, bytes: ok.bytes };
+};
+async function uploadBlob(config, bytes, idempotencyKey) {
+  const target = STORAGE_TARGET_ARWEAVE;
+  if (bytes.byteLength <= DEFAULT_RESUMABLE_THRESHOLD_BYTES) {
+    const single = await singleShotUpload(config)({
+      target,
+      bytes,
+      ...idempotencyKey !== void 0 ? { idempotencyKey } : {}
+    });
+    return single.uri;
+  }
+  const result = await uploadResumable(config, singleShotUpload(config), {
+    target,
+    source: bytes,
+    ...idempotencyKey !== void 0 ? { idempotencyKey } : {}
+  });
+  return result.uri;
 }
 async function publishContent(config, input) {
   if (input.signer !== void 0) assertSigner(input.signer);
@@ -2257,7 +2971,7 @@ async function publishContent(config, input) {
     items: [{ hashes: { [hashAlg]: digest } }]
   };
   const recordBytes = await encodeRecord(record, input.signer);
-  return postPublish(config, bytesToHex2(recordBytes), input.quoteId, input.idempotencyKey);
+  return postPublish(config, bytesToHex3(recordBytes), input.quoteId, input.idempotencyKey);
 }
 var DIGEST_BYTE_LENGTH = {
   "sha2-256": 32,
@@ -2289,14 +3003,14 @@ async function publishPrehashed(config, input) {
         `hashes[${alg}] must be a ${expected}-byte digest (got ${bytes.length} bytes)`
       );
     }
-    decoded[alg] = cloneToOwnedBuffer(bytes);
+    decoded[alg] = cloneToOwnedBuffer2(bytes);
   }
   const record = {
     v: 1,
     items: [{ hashes: decoded }]
   };
   const recordBytes = await encodeRecord(record, input.signer);
-  return postPublish(config, bytesToHex2(recordBytes), input.quoteId, input.idempotencyKey);
+  return postPublish(config, bytesToHex3(recordBytes), input.quoteId, input.idempotencyKey);
 }
 async function publishSealed(config, input) {
   if (input.signer !== void 0) assertSigner(input.signer);
@@ -2320,41 +3034,42 @@ async function publishSealed(config, input) {
   const hashAlg = input.hashAlg ?? "sha2-256";
   const plaintext = toBytes(input.content);
   const plaintextDigest = hashContent(plaintext, hashAlg);
+  const hashes2 = { [hashAlg]: plaintextDigest };
   const sealed = eciesSealedPoeWrap({
     plaintext,
+    hashes: hashes2,
     recipientPublicKeys: input.recipients.map((r) => r),
     kem
   });
-  const uploadsResp = await postUploads(config, [sealed.ciphertext], input.idempotencyKey);
-  const uri = uploadsResp.uploads[0].uri;
+  const uri = await uploadBlob(config, sealed.ciphertext, input.idempotencyKey);
   const env = sealed.envelope;
   const slots = env.kem === "mlkem768x25519" ? env.slots.map((s) => ({
-    kem_ct: s.kem_ct.map((c) => cloneToOwnedBuffer(c)),
-    wrap: cloneToOwnedBuffer(s.wrap)
+    kem_ct: cloneToOwnedBuffer2(s.kem_ct),
+    wrap: cloneToOwnedBuffer2(s.wrap)
   })) : env.slots.map((s) => ({
-    epk: cloneToOwnedBuffer(s.epk),
-    wrap: cloneToOwnedBuffer(s.wrap)
+    epk: cloneToOwnedBuffer2(s.epk),
+    wrap: cloneToOwnedBuffer2(s.wrap)
   }));
   const envelope = {
     scheme: 1,
     aead: env.aead,
     kem: env.kem,
-    nonce: cloneToOwnedBuffer(env.nonce),
+    nonce: cloneToOwnedBuffer2(env.nonce),
     slots,
-    slots_mac: cloneToOwnedBuffer(env.slots_mac)
+    slots_mac: cloneToOwnedBuffer2(env.slots_mac)
   };
   const record = {
     v: 1,
     items: [
       {
-        hashes: { [hashAlg]: plaintextDigest },
-        uris: [chunkUri(uri)],
+        hashes: hashes2,
+        uris: [uri],
         enc: envelope
       }
     ]
   };
   const recordBytes = await encodeRecord(record, input.signer);
-  return postPublish(config, bytesToHex2(recordBytes), input.quoteId, input.idempotencyKey);
+  return postPublish(config, bytesToHex3(recordBytes), input.quoteId, input.idempotencyKey);
 }
 async function publishMerkle(config, input) {
   if (input.signer !== void 0) assertSigner(input.signer);
@@ -2377,21 +3092,20 @@ async function publishMerkle(config, input) {
     }
     return bytes;
   });
-  const root = cloneToOwnedBuffer(merkleSha2256Root(leaves));
+  const root = cloneToOwnedBuffer2(merkleSha2256Root(leaves));
   const leavesListCbor = encodeLeavesList({ leaves, root });
-  const uploadsResp = await postUploads(config, [leavesListCbor], input.idempotencyKey);
-  const uri = uploadsResp.uploads[0].uri;
+  const uri = await uploadBlob(config, leavesListCbor, input.idempotencyKey);
   const merkleEntry = {
     alg: MERKLE_ALG_ID,
     root,
     leaf_count: leaves.length,
-    uris: [chunkUri(uri)]
+    uris: [uri]
   };
   const record = { v: 1, merkle: [merkleEntry] };
   const recordBytes = await encodeRecord(record, input.signer);
   const published = await postPublish(
     config,
-    bytesToHex2(recordBytes),
+    bytesToHex3(recordBytes),
     input.quoteId,
     input.idempotencyKey
   );
@@ -2399,7 +3113,7 @@ async function publishMerkle(config, input) {
     id: published.id,
     tx_hash: published.tx_hash,
     status: published.status,
-    root: bytesToHex2(root),
+    root: bytesToHex3(root),
     leaf_count: leaves.length,
     ar_uri: uri,
     balance_after_usd_micros: published.balance_after_usd_micros
@@ -2494,6 +3208,65 @@ var PoeNamespace = class {
     await throwIfNotOk(response);
     return await readJson(response);
   }
+  /**
+   * Upload a single file of any size, choosing the ingress path by size.
+   *
+   * A file at or below `threshold` (default ~48 MiB) is sent with the unchanged
+   * single-shot `uploads()` multipart call. A larger file is uploaded as a
+   * resumable, content-addressed session: the helper streams the whole-file
+   * SHA-256 once (never buffering a multi-GB file), creates a session, PUTs each
+   * chunk (several in parallel, retrying a failed chunk), then completes —
+   * polling the shared attempt endpoint when completion is accepted
+   * asynchronously. Both paths converge on one `ar://` URI.
+   *
+   * The chunk size is the server's authoritative `chunk_bytes` from the create
+   * response, clamped to its `max_chunk_bytes` ceiling; the client's `chunkBytes`
+   * is only a request. A create-time dedup hit returns the existing URI without
+   * uploading; a `402` funding error is surfaced as a typed error.
+   *
+   * The `source` works in both runtimes: a `Blob`/`File` in the browser, a
+   * `Uint8Array`, a filesystem path string, or a pre-adapted `ResumableSource`
+   * on the server. To resume an interrupted upload, pass the prior `sessionId`;
+   * the helper GETs its status and uploads only the missing chunks.
+   */
+  async uploadResumable(input) {
+    return uploadResumable(this.config, this.singleShotUpload, input);
+  }
+  /**
+   * Upload exactly one blob via the single-shot multipart route and resolve its
+   * `ar://` URI. Backs the small-file branch of `uploadResumable`; it shares the
+   * `uploads()` wire shape but takes one blob and an optional abort signal, and
+   * surfaces a per-file failure as a `PartialUploadError` (the resumable helper
+   * promises a single resolved URI, unlike the raw `uploads()` passthrough).
+   */
+  singleShotUpload = async ({
+    target,
+    bytes,
+    idempotencyKey,
+    signal
+  }) => {
+    const form = new FormData();
+    form.append("target", target);
+    form.append(
+      "file_0",
+      new Blob([bytes], { type: "application/octet-stream" }),
+      "file_0.bin"
+    );
+    const response = await this.config.fetch(`${this.config.baseUrl}/api/v1/poe/uploads`, {
+      method: "POST",
+      headers: buildMultipartHeaders2({ apiKey: this.config.apiKey, idempotencyKey }),
+      body: form,
+      ...signal ? { signal } : {}
+    });
+    await throwIfNotOk(response);
+    const result = await readJson(response);
+    const entry = result.uploads[0];
+    if (entry === void 0 || entry.ok === false) {
+      throw new PartialUploadError(result);
+    }
+    const ok = entry;
+    return { uri: ok.uri, sha256: ok.sha256, bytes: ok.bytes };
+  };
   /**
    * Submit a single finalised canonical-CBOR record to Cardano. Caller is
    * responsible for constructing the record bytes (use `publishContent` /
@@ -2672,8 +3445,12 @@ var RecordsNamespace = class {
    * between.
    *
    * Auth required (Bearer with `poe:read` scope, or NextAuth session
-   * cookie). Optional `verify_uris` toggles URI hash-equivalence checks;
-   * `decryption[]` drives trial-decrypt of sealed envelopes per item.
+   * cookie). This is the hosted PUBLIC verifier: it accepts no decryption
+   * credentials, and sealed items report as unverifiable without decryption.
+   * To verify as a recipient (decrypt + plaintext-hash recheck), run the
+   * `verifier` module locally with its `decryption` input — keys never leave
+   * the process. Optional `fetch_content: false` skips content re-fetching;
+   * affected claims report `not_checked`.
    */
   async verify(txHash, input) {
     const response = await this.config.fetch(
@@ -2744,6 +3521,8 @@ var Label309Client = class {
 exports.AccountNamespace = AccountNamespace;
 exports.BatchEmptyError = BatchEmptyError;
 exports.BatchTooLargeError = BatchTooLargeError;
+exports.DEFAULT_RESUMABLE_CHUNK_BYTES = DEFAULT_RESUMABLE_CHUNK_BYTES;
+exports.DEFAULT_RESUMABLE_THRESHOLD_BYTES = DEFAULT_RESUMABLE_THRESHOLD_BYTES;
 exports.ForbiddenError = ForbiddenError;
 exports.IdempotencyConflictError = IdempotencyConflictError;
 exports.InsufficientFundsError = InsufficientFundsError;
@@ -2765,6 +3544,7 @@ exports.QuoteNotFoundError = QuoteNotFoundError;
 exports.RateLimitedError = RateLimitedError;
 exports.RecordNotFoundError = RecordNotFoundError;
 exports.RecordsNamespace = RecordsNamespace;
+exports.ResumableUploadError = ResumableUploadError;
 exports.ServiceUnavailableError = ServiceUnavailableError;
 exports.UnauthorizedError = UnauthorizedError;
 exports.ValidationFailedError = ValidationFailedError;
@@ -2774,5 +3554,6 @@ exports.buildToSign = buildToSign;
 exports.parseHttpError = parseHttpError;
 exports.prepareSigStructure = prepareSigStructure;
 exports.prepareSigStructureHashed = prepareSigStructureHashed;
+exports.toResumableSource = toResumableSource;
 //# sourceMappingURL=index.cjs.map
 //# sourceMappingURL=index.cjs.map