@cedros/login-react 0.0.1 → 0.0.2

package/dist/solanaKeypair-BD7Kq1Mw.js

@@ -0,0 +1,1932 @@
+import { D as Be, e as Se, f as ht, i as ve, j as te } from "./ErrorMessage-C8vKB0JG.js";
+let P = null, Ae = 0;
+const et = /* @__PURE__ */ new Map();
+function Re() {
+  return typeof Worker > "u" ? null : (P || (P = new Worker(new URL(
+    /* @vite-ignore */
+    "" + new URL("assets/argon2Worker-Bi5TuQvD.js", import.meta.url).href,
+    import.meta.url
+  ), {
+    type: "module"
+  }), P.onmessage = (e) => {
+    const { id: t, key: n, error: o } = e.data, r = et.get(t);
+    if (r) {
+      if (et.delete(t), o) {
+        r.reject(new Error(o));
+        return;
+      }
+      if (!n) {
+        r.reject(new Error("Argon2 worker returned no key"));
+        return;
+      }
+      r.resolve(n);
+    }
+  }, P.onerror = (e) => {
+    const t = e instanceof ErrorEvent ? e.error : new Error("Argon2 worker error");
+    for (const n of et.values())
+      n.reject(t instanceof Error ? t : new Error(String(t)));
+    et.clear(), P?.terminate(), P = null;
+  }), P);
+}
+async function rr(e, t, n = Be) {
+  const o = Re();
+  return o ? new Promise((r, s) => {
+    const a = Ae++;
+    et.set(a, { resolve: r, reject: s });
+    const u = {
+      id: a,
+      password: e,
+      salt: t,
+      params: n
+    };
+    o.postMessage(u);
+  }) : Se(e, t, n);
+}
+function Ie(e) {
+  return e && e.__esModule && Object.prototype.hasOwnProperty.call(e, "default") ? e.default : e;
+}
+function _e(e) {
+  if (Object.prototype.hasOwnProperty.call(e, "__esModule")) return e;
+  var t = e.default;
+  if (typeof t == "function") {
+    var n = function o() {
+      var r = !1;
+      try {
+        r = this instanceof o;
+      } catch {
+      }
+      return r ? Reflect.construct(t, arguments, this.constructor) : t.apply(this, arguments);
+    };
+    n.prototype = t.prototype;
+  } else n = {};
+  return Object.defineProperty(n, "__esModule", { value: !0 }), Object.keys(e).forEach(function(o) {
+    var r = Object.getOwnPropertyDescriptor(e, o);
+    Object.defineProperty(n, o, r.get ? r : {
+      enumerable: !0,
+      get: function() {
+        return e[o];
+      }
+    });
+  }), n;
+}
+var it = { exports: {} };
+const Ne = globalThis.crypto, Oe = globalThis.crypto, Te = globalThis.crypto.subtle, Ce = globalThis.crypto.getRandomValues.bind(globalThis.crypto), Le = globalThis.crypto.randomUUID.bind(globalThis.crypto), Ue = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  default: Ne,
+  getRandomValues: Ce,
+  randomUUID: Le,
+  subtle: Te,
+  webcrypto: Oe
+}, Symbol.toStringTag, { value: "Module" })), He = /* @__PURE__ */ _e(Ue);
+var De = it.exports, Ut;
+function qe() {
+  return Ut || (Ut = 1, (function(e, t) {
+    (function(n, o) {
+      e.exports = o(He);
+    })(De, function(n) {
+      var o, r, s, a, u;
+      function i() {
+        o = {
+          bits: 8,
+          // default number of bits
+          radix: 16,
+          // work with HEX by default
+          minBits: 3,
+          maxBits: 20,
+          // this permits 1,048,575 shares, though going this high is NOT recommended in JS!
+          bytesPerChar: 2,
+          maxBytesPerChar: 6,
+          // Math.pow(256,7) > Math.pow(2,53)
+          // Primitive polynomials (in decimal form) for Galois Fields GF(2^n), for 2 <= n <= 30
+          // The index of each term in the array corresponds to the n for that polynomial
+          // i.e. to get the polynomial for n=16, use primitivePolynomials[16]
+          primitivePolynomials: [
+            null,
+            null,
+            1,
+            3,
+            3,
+            5,
+            3,
+            3,
+            29,
+            17,
+            9,
+            5,
+            83,
+            27,
+            43,
+            3,
+            45,
+            9,
+            39,
+            39,
+            9,
+            5,
+            3,
+            33,
+            27,
+            9,
+            71,
+            39,
+            9,
+            5,
+            83
+          ]
+        }, r = {}, s = new Array(1024).join("0"), a = !0, u = [
+          "nodeCryptoRandomBytes",
+          "browserCryptoGetRandomValues",
+          "testRandom"
+        ];
+      }
+      function x() {
+        return !!(r && r.rng && typeof r.rng == "function");
+      }
+      function y(f, h) {
+        var c;
+        if (h === 0 || h === 1)
+          return f;
+        if (h && h > 1024)
+          throw new Error(
+            "Padding must be multiples of no larger than 1024 bits."
+          );
+        return h = h || r.bits, f && (c = f.length % h), c ? (s + f).slice(
+          -(h - c + f.length)
+        ) : f;
+      }
+      function w(f) {
+        var h = "", c, l;
+        for (l = f.length - 1; l >= 0; l--) {
+          if (c = parseInt(f[l], 16), isNaN(c))
+            throw new Error("Invalid hex character.");
+          h = y(c.toString(2), 4) + h;
+        }
+        return h;
+      }
+      function S(f) {
+        var h = "", c, l;
+        for (f = y(f, 4), l = f.length; l >= 4; l -= 4) {
+          if (c = parseInt(f.slice(l - 4, l), 2), isNaN(c))
+            throw new Error("Invalid binary character.");
+          h = c.toString(16) + h;
+        }
+        return h;
+      }
+      function I() {
+        return !!(n && typeof n == "object" && (typeof n.getRandomValues == "function" || typeof n.getRandomValues == "object") && (typeof Uint32Array == "function" || typeof Uint32Array == "object"));
+      }
+      function v() {
+        return typeof n == "object" && typeof n.randomBytes == "function";
+      }
+      function O(f) {
+        function h(b, g, m, B) {
+          var R = 0, C, L = "", q;
+          for (g && (C = g.length - 1); R < C || L.length < b; )
+            q = Math.abs(parseInt(g[R], m)), L = L + y(q.toString(2), B), R++;
+          return L = L.substr(-b), (L.match(/0/g) || []).length === L.length ? null : L;
+        }
+        function c(b) {
+          var g, m, B, R, C = null;
+          for (B = 16, R = 4, m = Math.ceil(b / 8); C === null; )
+            g = n.randomBytes(m), C = h(b, g.toString("hex"), B, R);
+          return C;
+        }
+        function l(b) {
+          var g, m, B, R = null;
+          for (m = 10, B = 32, g = Math.ceil(b / 32); R === null; )
+            R = h(
+              b,
+              n.getRandomValues(new Uint32Array(g)),
+              m,
+              B
+            );
+          return R;
+        }
+        function d(b) {
+          var g, m, B, R, C, L = null;
+          R = 10, C = 32, m = Math.ceil(b / 32), B = 123456789, g = new Uint32Array(m);
+          for (var q = 0; q < g.length; q++)
+            g[q] = B;
+          for (; L === null; )
+            L = h(b, g, R, C);
+          return L;
+        }
+        if (f && f === "testRandom")
+          return r.typeCSPRNG = f, d;
+        if (f && f === "nodeCryptoRandomBytes")
+          return r.typeCSPRNG = f, c;
+        if (f && f === "browserCryptoGetRandomValues")
+          return r.typeCSPRNG = f, l;
+        if (v())
+          return r.typeCSPRNG = "nodeCryptoRandomBytes", c;
+        if (I())
+          return r.typeCSPRNG = "browserCryptoGetRandomValues", l;
+      }
+      function _(f, h) {
+        var c = [], l;
+        for (h && (f = y(f, h)), l = f.length; l > r.bits; l -= r.bits)
+          c.push(parseInt(f.slice(l - r.bits, l), 2));
+        return c.push(parseInt(f.slice(0, l), 2)), c;
+      }
+      function E(f, h) {
+        var c = r.logs[f], l = 0, d;
+        for (d = h.length - 1; d >= 0; d--)
+          l !== 0 ? l = r.exps[(c + r.logs[l]) % r.maxShares] ^ h[d] : l = h[d];
+        return l;
+      }
+      function A(f, h, c) {
+        var l = 0, d, b, g, m;
+        for (g = 0, d = h.length; g < d; g++)
+          if (c[g]) {
+            for (b = r.logs[c[g]], m = 0; m < d; m++)
+              if (g !== m) {
+                if (f === h[m]) {
+                  b = -1;
+                  break;
+                }
+                b = (b + r.logs[f ^ h[m]] - r.logs[h[g] ^ h[m]] + r.maxShares) % r.maxShares;
+              }
+            l = b === -1 ? l : l ^ r.exps[b];
+          }
+        return l;
+      }
+      function p(f, h, c) {
+        var l = [], d = [f], b, g;
+        for (b = 1; b < c; b++)
+          d[b] = parseInt(r.rng(r.bits), 2);
+        for (b = 1, g = h + 1; b < g; b++)
+          l[b - 1] = {
+            x: b,
+            y: E(b, d)
+          };
+        return l;
+      }
+      function N(f, h, c) {
+        var l, d, b, g, m;
+        if (h = parseInt(h, r.radix), f = parseInt(f, 10) || r.bits, l = f.toString(36).toUpperCase(), b = Math.pow(2, f) - 1, g = b.toString(r.radix).length, d = y(h.toString(r.radix), g), typeof h != "number" || h % 1 !== 0 || h < 1 || h > b)
+          throw new Error(
+            "Share id must be an integer between 1 and " + b + ", inclusive."
+          );
+        return m = l + d + c, m;
+      }
+      var T = {
+        init: function(f, h) {
+          var c = [], l = [], d = 1, b, g;
+          if (i(), f && (typeof f != "number" || f % 1 !== 0 || f < o.minBits || f > o.maxBits))
+            throw new Error(
+              "Number of bits must be an integer between " + o.minBits + " and " + o.maxBits + ", inclusive."
+            );
+          if (h && u.indexOf(h) === -1)
+            throw new Error("Invalid RNG type argument : '" + h + "'");
+          for (r.radix = o.radix, r.bits = f || o.bits, r.size = Math.pow(2, r.bits), r.maxShares = r.size - 1, b = o.primitivePolynomials[r.bits], g = 0; g < r.size; g++)
+            l[g] = d, c[d] = g, d = d << 1, d >= r.size && (d = d ^ b, d = d & r.maxShares);
+          if (r.logs = c, r.exps = l, h && this.setRNG(h), x() || this.setRNG(), !x() || !r.bits || !r.size || !r.maxShares || !r.logs || !r.exps || r.logs.length !== r.size || r.exps.length !== r.size)
+            throw new Error("Initialization failed.");
+        },
+        // Evaluates the Lagrange interpolation polynomial at x=`at` for
+        // individual config.bits-length segments of each share in the `shares`
+        // Array. Each share is expressed in base `inputRadix`. The output
+        // is expressed in base `outputRadix'.
+        combine: function(f, h) {
+          var c, l, d, b, g = "", m, B, R, C = [], L = [];
+          for (h = h || 0, c = 0, d = f.length; c < d; c++) {
+            if (B = this.extractShareComponents(f[c]), m === void 0)
+              m = B.bits;
+            else if (B.bits !== m)
+              throw new Error(
+                "Mismatched shares: Different bit settings."
+              );
+            if (r.bits !== m && this.init(m), C.indexOf(B.id) === -1)
+              for (C.push(B.id), R = _(w(B.data)), l = 0, b = R.length; l < b; l++)
+                L[l] = L[l] || [], L[l][C.length - 1] = R[l];
+          }
+          for (c = 0, d = L.length; c < d; c++)
+            g = y(A(h, C, L[c]).toString(2)) + g;
+          return S(
+            h >= 1 ? g : g.slice(g.indexOf("1") + 1)
+          );
+        },
+        getConfig: function() {
+          var f = {};
+          return f.radix = r.radix, f.bits = r.bits, f.maxShares = r.maxShares, f.hasCSPRNG = x(), f.typeCSPRNG = r.typeCSPRNG, f;
+        },
+        // Given a public share, extract the bits (Integer), share ID (Integer), and share data (Hex)
+        // and return an Object containing those components.
+        extractShareComponents: function(f) {
+          var h, c, l, d, b = {}, g, m;
+          if (h = parseInt(f.substr(0, 1), 36), h && (typeof h != "number" || h % 1 !== 0 || h < o.minBits || h > o.maxBits))
+            throw new Error(
+              "Invalid share : Number of bits must be an integer between " + o.minBits + " and " + o.maxBits + ", inclusive."
+            );
+          if (d = Math.pow(2, h) - 1, l = (Math.pow(2, h) - 1).toString(r.radix).length, g = "^([a-kA-K3-9]{1})([a-fA-F0-9]{" + l + "})([a-fA-F0-9]+)$", m = new RegExp(g).exec(f), m && (c = parseInt(m[2], r.radix)), typeof c != "number" || c % 1 !== 0 || c < 1 || c > d)
+            throw new Error(
+              "Invalid share : Share id must be an integer between 1 and " + r.maxShares + ", inclusive."
+            );
+          if (m && m[3])
+            return b.bits = h, b.id = c, b.data = m[3], b;
+          throw new Error("The share data provided is invalid : " + f);
+        },
+        // Set the PRNG to use. If no RNG function is supplied, pick a default using getRNG()
+        setRNG: function(f) {
+          var h = "Random number generator is invalid ", c = " Supply an CSPRNG of the form function(bits){} that returns a string containing 'bits' number of random 1's and 0's.";
+          if (f && typeof f == "string" && u.indexOf(f) === -1)
+            throw new Error("Invalid RNG type argument : '" + f + "'");
+          if (f || (f = O()), f && typeof f == "string" && (f = O(f)), a) {
+            if (f && typeof f != "function")
+              throw new Error(h + "(Not a function)." + c);
+            if (f && typeof f(r.bits) != "string")
+              throw new Error(
+                h + "(Output is not a string)." + c
+              );
+            if (f && !parseInt(f(r.bits), 2))
+              throw new Error(
+                h + "(Binary string output not parseable to an Integer)." + c
+              );
+            if (f && f(r.bits).length > r.bits)
+              throw new Error(
+                h + "(Output length is greater than config.bits)." + c
+              );
+            if (f && f(r.bits).length < r.bits)
+              throw new Error(
+                h + "(Output length is less than config.bits)." + c
+              );
+          }
+          return r.rng = f, !0;
+        },
+        // Converts a given UTF16 character string to the HEX representation.
+        // Each character of the input string is represented by
+        // `bytesPerChar` bytes in the output string which defaults to 2.
+        str2hex: function(f, h) {
+          var c, l, d = "", b, g, m, B;
+          if (typeof f != "string")
+            throw new Error("Input must be a character string.");
+          if (h || (h = o.bytesPerChar), typeof h != "number" || h < 1 || h > o.maxBytesPerChar || h % 1 !== 0)
+            throw new Error(
+              "Bytes per character must be an integer between 1 and " + o.maxBytesPerChar + ", inclusive."
+            );
+          for (c = 2 * h, l = Math.pow(16, c) - 1, m = 0, B = f.length; m < B; m++) {
+            if (g = f[m].charCodeAt(), isNaN(g))
+              throw new Error("Invalid character: " + f[m]);
+            if (g > l)
+              throw b = Math.ceil(Math.log(g + 1) / Math.log(256)), new Error(
+                "Invalid character code (" + g + "). Maximum allowable is 256^bytes-1 (" + l + "). To convert this character, use at least " + b + " bytes."
+              );
+            d = y(g.toString(16), c) + d;
+          }
+          return d;
+        },
+        // Converts a given HEX number string to a UTF16 character string.
+        hex2str: function(f, h) {
+          var c, l = "", d, b;
+          if (typeof f != "string")
+            throw new Error("Input must be a hexadecimal string.");
+          if (h = h || o.bytesPerChar, typeof h != "number" || h % 1 !== 0 || h < 1 || h > o.maxBytesPerChar)
+            throw new Error(
+              "Bytes per character must be an integer between 1 and " + o.maxBytesPerChar + ", inclusive."
+            );
+          for (c = 2 * h, f = y(f, c), d = 0, b = f.length; d < b; d += c)
+            l = String.fromCharCode(
+              parseInt(f.slice(d, d + c), 16)
+            ) + l;
+          return l;
+        },
+        // Generates a random bits-length number string using the PRNG
+        random: function(f) {
+          if (typeof f != "number" || f % 1 !== 0 || f < 2 || f > 65536)
+            throw new Error(
+              "Number of bits must be an Integer between 1 and 65536."
+            );
+          return S(r.rng(f));
+        },
+        // Divides a `secret` number String str expressed in radix `inputRadix` (optional, default 16)
+        // into `numShares` shares, each expressed in radix `outputRadix` (optional, default to `inputRadix`),
+        // requiring `threshold` number of shares to reconstruct the secret.
+        // Optionally, zero-pads the secret to a length that is a multiple of padLength before sharing.
+        share: function(f, h, c, l) {
+          var d, b, g = new Array(h), m = new Array(h), B, R, C;
+          if (l = l || 128, typeof f != "string")
+            throw new Error("Secret must be a string.");
+          if (typeof h != "number" || h % 1 !== 0 || h < 2)
+            throw new Error(
+              "Number of shares must be an integer between 2 and 2^bits-1 (" + r.maxShares + "), inclusive."
+            );
+          if (h > r.maxShares)
+            throw d = Math.ceil(Math.log(h + 1) / Math.LN2), new Error(
+              "Number of shares must be an integer between 2 and 2^bits-1 (" + r.maxShares + "), inclusive. To create " + h + " shares, use at least " + d + " bits."
+            );
+          if (typeof c != "number" || c % 1 !== 0 || c < 2)
+            throw new Error(
+              "Threshold number of shares must be an integer between 2 and 2^bits-1 (" + r.maxShares + "), inclusive."
+            );
+          if (c > r.maxShares)
+            throw d = Math.ceil(Math.log(c + 1) / Math.LN2), new Error(
+              "Threshold number of shares must be an integer between 2 and 2^bits-1 (" + r.maxShares + "), inclusive.  To use a threshold of " + c + ", use at least " + d + " bits."
+            );
+          if (c > h)
+            throw new Error(
+              "Threshold number of shares was " + c + " but must be less than or equal to the " + h + " shares specified as the total to generate."
+            );
+          if (typeof l != "number" || l % 1 !== 0 || l < 0 || l > 1024)
+            throw new Error(
+              "Zero-pad length must be an integer between 0 and 1024 inclusive."
+            );
+          for (f = "1" + w(f), f = _(f, l), B = 0, C = f.length; B < C; B++)
+            for (b = p(f[B], h, c), R = 0; R < h; R++)
+              g[R] = g[R] || b[R].x.toString(r.radix), m[R] = y(b[R].y.toString(2)) + (m[R] || "");
+          for (B = 0; B < h; B++)
+            g[B] = N(
+              r.bits,
+              g[B],
+              S(m[B])
+            );
+          return g;
+        },
+        // Generate a new share with id `id` (a number between 1 and 2^bits-1)
+        // `id` can be a Number or a String in the default radix (16)
+        newShare: function(f, h) {
+          var c, l;
+          if (f && typeof f == "string" && (f = parseInt(f, r.radix)), l = f.toString(r.radix), f && l && h && h[0])
+            return c = this.extractShareComponents(h[0]), N(
+              c.bits,
+              l,
+              this.combine(h, f)
+            );
+          throw new Error(
+            "Invalid 'id' or 'shares' Array argument to newShare()."
+          );
+        },
+        /* test-code */
+        // export private functions so they can be unit tested directly.
+        _reset: i,
+        _padLeft: y,
+        _hex2bin: w,
+        _bin2hex: S,
+        _hasCryptoGetRandomValues: I,
+        _hasCryptoRandomBytes: v,
+        _getRNG: O,
+        _isSetRNG: x,
+        _splitNumStringToIntArray: _,
+        _horner: E,
+        _lagrange: A,
+        _getShares: p,
+        _constructPublicShareString: N
+        /* end-test-code */
+      };
+      return T.init(), T;
+    });
+  })(it)), it.exports;
+}
+var Me = qe();
+const ee = /* @__PURE__ */ Ie(Me), Ge = 2, $e = 3;
+function or(e) {
+  if (e.length !== 16)
+    throw new Error(`Invalid seed length: expected 16, got ${e.length}`);
+  const t = ne(e), n = ee.share(t, $e, Ge);
+  if (n.length !== 3)
+    throw new Error(`Unexpected share count: ${n.length}`);
+  const o = lt(n[0]), r = lt(n[1]), s = lt(n[2]);
+  return {
+    shareA: ht(o),
+    shareB: ht(r),
+    shareC: ht(s)
+  };
+}
+function sr(e, t) {
+  const n = Ht(e), o = Ht(t);
+  try {
+    const r = ee.combine([n, o]), s = re(r);
+    if (s.length !== 16)
+      throw new Error(`Reconstructed seed has wrong length: ${s.length}`);
+    return ve(s);
+  } catch {
+    throw new Error("Failed to reconstruct seed from shares");
+  }
+}
+function ne(e) {
+  return Array.from(e).map((t) => t.toString(16).padStart(2, "0")).join("");
+}
+function re(e) {
+  if (!/^[0-9a-fA-F]*$/.test(e))
+    throw new Error("Invalid hex string: contains non-hex characters");
+  if (e.length % 2 !== 0)
+    throw new Error(`Invalid hex string: length ${e.length} is odd (must be even)`);
+  const t = new Uint8Array(e.length / 2);
+  for (let n = 0; n < t.length; n++)
+    t[n] = parseInt(e.substr(n * 2, 2), 16);
+  return t;
+}
+function lt(e) {
+  const t = e.length % 2 === 0 ? e : "0" + e;
+  return re(t);
+}
+function Ht(e) {
+  const t = ne(e);
+  return t.startsWith("0") && !t.startsWith("00") ? t.substring(1) : t;
+}
+function Ze(e) {
+  return e instanceof Uint8Array || ArrayBuffer.isView(e) && e.constructor.name === "Uint8Array";
+}
+function At(e, ...t) {
+  if (!Ze(e))
+    throw new Error("Uint8Array expected");
+  if (t.length > 0 && !t.includes(e.length))
+    throw new Error("Uint8Array expected of length " + t + ", got length=" + e.length);
+}
+function Dt(e, t = !0) {
+  if (e.destroyed)
+    throw new Error("Hash instance has been destroyed");
+  if (t && e.finished)
+    throw new Error("Hash#digest() has already been called");
+}
+function je(e, t) {
+  At(e);
+  const n = t.outputLen;
+  if (e.length < n)
+    throw new Error("digestInto() expects output buffer of length at least " + n);
+}
+function yt(...e) {
+  for (let t = 0; t < e.length; t++)
+    e[t].fill(0);
+}
+function dt(e) {
+  return new DataView(e.buffer, e.byteOffset, e.byteLength);
+}
+function Z(e, t) {
+  return e << 32 - t | e >>> t;
+}
+function Ve(e) {
+  if (typeof e != "string")
+    throw new Error("string expected");
+  return new Uint8Array(new TextEncoder().encode(e));
+}
+function oe(e) {
+  return typeof e == "string" && (e = Ve(e)), At(e), e;
+}
+class ke {
+}
+function Ye(e) {
+  const t = (o) => e().update(oe(o)).digest(), n = e();
+  return t.outputLen = n.outputLen, t.blockLen = n.blockLen, t.create = () => e(), t;
+}
+function ze(e, t, n, o) {
+  if (typeof e.setBigUint64 == "function")
+    return e.setBigUint64(t, n, o);
+  const r = BigInt(32), s = BigInt(4294967295), a = Number(n >> r & s), u = Number(n & s), i = o ? 4 : 0, x = o ? 0 : 4;
+  e.setUint32(t + i, a, o), e.setUint32(t + x, u, o);
+}
+function Ke(e, t, n) {
+  return e & t ^ ~e & n;
+}
+function Xe(e, t, n) {
+  return e & t ^ e & n ^ t & n;
+}
+let We = class extends ke {
+  constructor(t, n, o, r) {
+    super(), this.finished = !1, this.length = 0, this.pos = 0, this.destroyed = !1, this.blockLen = t, this.outputLen = n, this.padOffset = o, this.isLE = r, this.buffer = new Uint8Array(t), this.view = dt(this.buffer);
+  }
+  update(t) {
+    Dt(this), t = oe(t), At(t);
+    const { view: n, buffer: o, blockLen: r } = this, s = t.length;
+    for (let a = 0; a < s; ) {
+      const u = Math.min(r - this.pos, s - a);
+      if (u === r) {
+        const i = dt(t);
+        for (; r <= s - a; a += r)
+          this.process(i, a);
+        continue;
+      }
+      o.set(t.subarray(a, a + u), this.pos), this.pos += u, a += u, this.pos === r && (this.process(n, 0), this.pos = 0);
+    }
+    return this.length += t.length, this.roundClean(), this;
+  }
+  digestInto(t) {
+    Dt(this), je(t, this), this.finished = !0;
+    const { buffer: n, view: o, blockLen: r, isLE: s } = this;
+    let { pos: a } = this;
+    n[a++] = 128, yt(this.buffer.subarray(a)), this.padOffset > r - a && (this.process(o, 0), a = 0);
+    for (let w = a; w < r; w++)
+      n[w] = 0;
+    ze(o, r - 8, BigInt(this.length * 8), s), this.process(o, 0);
+    const u = dt(t), i = this.outputLen;
+    if (i % 4)
+      throw new Error("_sha2: outputLen should be aligned to 32bit");
+    const x = i / 4, y = this.get();
+    if (x > y.length)
+      throw new Error("_sha2: outputLen bigger than state");
+    for (let w = 0; w < x; w++)
+      u.setUint32(4 * w, y[w], s);
+  }
+  digest() {
+    const { buffer: t, outputLen: n } = this;
+    this.digestInto(t);
+    const o = t.slice(0, n);
+    return this.destroy(), o;
+  }
+  _cloneInto(t) {
+    t || (t = new this.constructor()), t.set(...this.get());
+    const { blockLen: n, buffer: o, length: r, finished: s, destroyed: a, pos: u } = this;
+    return t.destroyed = a, t.finished = s, t.length = r, t.pos = u, r % n && t.buffer.set(o), t;
+  }
+  clone() {
+    return this._cloneInto();
+  }
+};
+const Y = /* @__PURE__ */ Uint32Array.from([
+  1779033703,
+  3144134277,
+  1013904242,
+  2773480762,
+  1359893119,
+  2600822924,
+  528734635,
+  1541459225
+]), Pe = /* @__PURE__ */ Uint32Array.from([
+  1116352408,
+  1899447441,
+  3049323471,
+  3921009573,
+  961987163,
+  1508970993,
+  2453635748,
+  2870763221,
+  3624381080,
+  310598401,
+  607225278,
+  1426881987,
+  1925078388,
+  2162078206,
+  2614888103,
+  3248222580,
+  3835390401,
+  4022224774,
+  264347078,
+  604807628,
+  770255983,
+  1249150122,
+  1555081692,
+  1996064986,
+  2554220882,
+  2821834349,
+  2952996808,
+  3210313671,
+  3336571891,
+  3584528711,
+  113926993,
+  338241895,
+  666307205,
+  773529912,
+  1294757372,
+  1396182291,
+  1695183700,
+  1986661051,
+  2177026350,
+  2456956037,
+  2730485921,
+  2820302411,
+  3259730800,
+  3345764771,
+  3516065817,
+  3600352804,
+  4094571909,
+  275423344,
+  430227734,
+  506948616,
+  659060556,
+  883997877,
+  958139571,
+  1322822218,
+  1537002063,
+  1747873779,
+  1955562222,
+  2024104815,
+  2227730452,
+  2361852424,
+  2428436474,
+  2756734187,
+  3204031479,
+  3329325298
+]), z = /* @__PURE__ */ new Uint32Array(64);
+class Fe extends We {
+  constructor(t = 32) {
+    super(64, t, 8, !1), this.A = Y[0] | 0, this.B = Y[1] | 0, this.C = Y[2] | 0, this.D = Y[3] | 0, this.E = Y[4] | 0, this.F = Y[5] | 0, this.G = Y[6] | 0, this.H = Y[7] | 0;
+  }
+  get() {
+    const { A: t, B: n, C: o, D: r, E: s, F: a, G: u, H: i } = this;
+    return [t, n, o, r, s, a, u, i];
+  }
+  // prettier-ignore
+  set(t, n, o, r, s, a, u, i) {
+    this.A = t | 0, this.B = n | 0, this.C = o | 0, this.D = r | 0, this.E = s | 0, this.F = a | 0, this.G = u | 0, this.H = i | 0;
+  }
+  process(t, n) {
+    for (let w = 0; w < 16; w++, n += 4)
+      z[w] = t.getUint32(n, !1);
+    for (let w = 16; w < 64; w++) {
+      const S = z[w - 15], I = z[w - 2], v = Z(S, 7) ^ Z(S, 18) ^ S >>> 3, O = Z(I, 17) ^ Z(I, 19) ^ I >>> 10;
+      z[w] = O + z[w - 7] + v + z[w - 16] | 0;
+    }
+    let { A: o, B: r, C: s, D: a, E: u, F: i, G: x, H: y } = this;
+    for (let w = 0; w < 64; w++) {
+      const S = Z(u, 6) ^ Z(u, 11) ^ Z(u, 25), I = y + S + Ke(u, i, x) + Pe[w] + z[w] | 0, O = (Z(o, 2) ^ Z(o, 13) ^ Z(o, 22)) + Xe(o, r, s) | 0;
+      y = x, x = i, i = u, u = a + I | 0, a = s, s = r, r = o, o = I + O | 0;
+    }
+    o = o + this.A | 0, r = r + this.B | 0, s = s + this.C | 0, a = a + this.D | 0, u = u + this.E | 0, i = i + this.F | 0, x = x + this.G | 0, y = y + this.H | 0, this.set(o, r, s, a, u, i, x, y);
+  }
+  roundClean() {
+    yt(z);
+  }
+  destroy() {
+    this.set(0, 0, 0, 0, 0, 0, 0, 0), yt(this.buffer);
+  }
+}
+const Qe = /* @__PURE__ */ Ye(() => new Fe());
+function se(e) {
+  return e instanceof Uint8Array || ArrayBuffer.isView(e) && e.constructor.name === "Uint8Array";
+}
+function Rt(e, t = "") {
+  if (!Number.isSafeInteger(e) || e < 0) {
+    const n = t && `"${t}" `;
+    throw new Error(`${n}expected integer >= 0, got ${e}`);
+  }
+}
+function D(e, t, n = "") {
+  const o = se(e), r = e?.length, s = t !== void 0;
+  if (!o || s && r !== t) {
+    const a = n && `"${n}" `, u = s ? ` of length ${t}` : "", i = o ? `length=${r}` : `type=${typeof e}`;
+    throw new Error(a + "expected Uint8Array" + u + ", got " + i);
+  }
+  return e;
+}
+function qt(e, t = !0) {
+  if (e.destroyed)
+    throw new Error("Hash instance has been destroyed");
+  if (t && e.finished)
+    throw new Error("Hash#digest() has already been called");
+}
+function Je(e, t) {
+  D(e, void 0, "digestInto() output");
+  const n = t.outputLen;
+  if (e.length < n)
+    throw new Error('"digestInto() output" expected to be of length >=' + n);
+}
+function Et(...e) {
+  for (let t = 0; t < e.length; t++)
+    e[t].fill(0);
+}
+function bt(e) {
+  return new DataView(e.buffer, e.byteOffset, e.byteLength);
+}
+const ie = /* @ts-ignore */ typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function", tn = /* @__PURE__ */ Array.from({ length: 256 }, (e, t) => t.toString(16).padStart(2, "0"));
+function It(e) {
+  if (D(e), ie)
+    return e.toHex();
+  let t = "";
+  for (let n = 0; n < e.length; n++)
+    t += tn[e[n]];
+  return t;
+}
+const V = { _0: 48, _9: 57, A: 65, F: 70, a: 97, f: 102 };
+function Mt(e) {
+  if (e >= V._0 && e <= V._9)
+    return e - V._0;
+  if (e >= V.A && e <= V.F)
+    return e - (V.A - 10);
+  if (e >= V.a && e <= V.f)
+    return e - (V.a - 10);
+}
+function ce(e) {
+  if (typeof e != "string")
+    throw new Error("hex string expected, got " + typeof e);
+  if (ie)
+    return Uint8Array.fromHex(e);
+  const t = e.length, n = t / 2;
+  if (t % 2)
+    throw new Error("hex string expected, got unpadded hex of length " + t);
+  const o = new Uint8Array(n);
+  for (let r = 0, s = 0; r < n; r++, s += 2) {
+    const a = Mt(e.charCodeAt(s)), u = Mt(e.charCodeAt(s + 1));
+    if (a === void 0 || u === void 0) {
+      const i = e[s] + e[s + 1];
+      throw new Error('hex string expected, got non-hex character "' + i + '" at index ' + s);
+    }
+    o[r] = a * 16 + u;
+  }
+  return o;
+}
+function Gt(...e) {
+  let t = 0;
+  for (let o = 0; o < e.length; o++) {
+    const r = e[o];
+    D(r), t += r.length;
+  }
+  const n = new Uint8Array(t);
+  for (let o = 0, r = 0; o < e.length; o++) {
+    const s = e[o];
+    n.set(s, r), r += s.length;
+  }
+  return n;
+}
+function en(e, t = {}) {
+  const n = (r, s) => e(s).update(r).digest(), o = e(void 0);
+  return n.outputLen = o.outputLen, n.blockLen = o.blockLen, n.create = (r) => e(r), Object.assign(n, t), Object.freeze(n);
+}
+function nn(e = 32) {
+  const t = typeof globalThis == "object" ? globalThis.crypto : null;
+  if (typeof t?.getRandomValues != "function")
+    throw new Error("crypto.getRandomValues must be defined");
+  return t.getRandomValues(new Uint8Array(e));
+}
+const rn = (e) => ({
+  oid: Uint8Array.from([6, 9, 96, 134, 72, 1, 101, 3, 4, 2, e])
+});
+class on {
+  blockLen;
+  outputLen;
+  padOffset;
+  isLE;
+  // For partial updates less than block size
+  buffer;
+  view;
+  finished = !1;
+  length = 0;
+  pos = 0;
+  destroyed = !1;
+  constructor(t, n, o, r) {
+    this.blockLen = t, this.outputLen = n, this.padOffset = o, this.isLE = r, this.buffer = new Uint8Array(t), this.view = bt(this.buffer);
+  }
+  update(t) {
+    qt(this), D(t);
+    const { view: n, buffer: o, blockLen: r } = this, s = t.length;
+    for (let a = 0; a < s; ) {
+      const u = Math.min(r - this.pos, s - a);
+      if (u === r) {
+        const i = bt(t);
+        for (; r <= s - a; a += r)
+          this.process(i, a);
+        continue;
+      }
+      o.set(t.subarray(a, a + u), this.pos), this.pos += u, a += u, this.pos === r && (this.process(n, 0), this.pos = 0);
+    }
+    return this.length += t.length, this.roundClean(), this;
+  }
+  digestInto(t) {
+    qt(this), Je(t, this), this.finished = !0;
+    const { buffer: n, view: o, blockLen: r, isLE: s } = this;
+    let { pos: a } = this;
+    n[a++] = 128, Et(this.buffer.subarray(a)), this.padOffset > r - a && (this.process(o, 0), a = 0);
+    for (let w = a; w < r; w++)
+      n[w] = 0;
+    o.setBigUint64(r - 8, BigInt(this.length * 8), s), this.process(o, 0);
+    const u = bt(t), i = this.outputLen;
+    if (i % 4)
+      throw new Error("_sha2: outputLen must be aligned to 32bit");
+    const x = i / 4, y = this.get();
+    if (x > y.length)
+      throw new Error("_sha2: outputLen bigger than state");
+    for (let w = 0; w < x; w++)
+      u.setUint32(4 * w, y[w], s);
+  }
+  digest() {
+    const { buffer: t, outputLen: n } = this;
+    this.digestInto(t);
+    const o = t.slice(0, n);
+    return this.destroy(), o;
+  }
+  _cloneInto(t) {
+    t ||= new this.constructor(), t.set(...this.get());
+    const { blockLen: n, buffer: o, length: r, finished: s, destroyed: a, pos: u } = this;
+    return t.destroyed = a, t.finished = s, t.length = r, t.pos = u, r % n && t.buffer.set(o), t;
+  }
+  clone() {
+    return this._cloneInto();
+  }
+}
+const M = /* @__PURE__ */ Uint32Array.from([
+  1779033703,
+  4089235720,
+  3144134277,
+  2227873595,
+  1013904242,
+  4271175723,
+  2773480762,
+  1595750129,
+  1359893119,
+  2917565137,
+  2600822924,
+  725511199,
+  528734635,
+  4215389547,
+  1541459225,
+  327033209
+]), rt = /* @__PURE__ */ BigInt(2 ** 32 - 1), $t = /* @__PURE__ */ BigInt(32);
+function sn(e, t = !1) {
+  return t ? { h: Number(e & rt), l: Number(e >> $t & rt) } : { h: Number(e >> $t & rt) | 0, l: Number(e & rt) | 0 };
+}
+function cn(e, t = !1) {
+  const n = e.length;
+  let o = new Uint32Array(n), r = new Uint32Array(n);
+  for (let s = 0; s < n; s++) {
+    const { h: a, l: u } = sn(e[s], t);
+    [o[s], r[s]] = [a, u];
+  }
+  return [o, r];
+}
+const Zt = (e, t, n) => e >>> n, jt = (e, t, n) => e << 32 - n | t >>> n, J = (e, t, n) => e >>> n | t << 32 - n, tt = (e, t, n) => e << 32 - n | t >>> n, ot = (e, t, n) => e << 64 - n | t >>> n - 32, st = (e, t, n) => e >>> n - 32 | t << 64 - n;
+function k(e, t, n, o) {
+  const r = (t >>> 0) + (o >>> 0);
+  return { h: e + n + (r / 2 ** 32 | 0) | 0, l: r | 0 };
+}
+const fn = (e, t, n) => (e >>> 0) + (t >>> 0) + (n >>> 0), an = (e, t, n, o) => t + n + o + (e / 2 ** 32 | 0) | 0, un = (e, t, n, o) => (e >>> 0) + (t >>> 0) + (n >>> 0) + (o >>> 0), hn = (e, t, n, o, r) => t + n + o + r + (e / 2 ** 32 | 0) | 0, ln = (e, t, n, o, r) => (e >>> 0) + (t >>> 0) + (n >>> 0) + (o >>> 0) + (r >>> 0), dn = (e, t, n, o, r, s) => t + n + o + r + s + (e / 2 ** 32 | 0) | 0, fe = cn([
+  "0x428a2f98d728ae22",
+  "0x7137449123ef65cd",
+  "0xb5c0fbcfec4d3b2f",
+  "0xe9b5dba58189dbbc",
+  "0x3956c25bf348b538",
+  "0x59f111f1b605d019",
+  "0x923f82a4af194f9b",
+  "0xab1c5ed5da6d8118",
+  "0xd807aa98a3030242",
+  "0x12835b0145706fbe",
+  "0x243185be4ee4b28c",
+  "0x550c7dc3d5ffb4e2",
+  "0x72be5d74f27b896f",
+  "0x80deb1fe3b1696b1",
+  "0x9bdc06a725c71235",
+  "0xc19bf174cf692694",
+  "0xe49b69c19ef14ad2",
+  "0xefbe4786384f25e3",
+  "0x0fc19dc68b8cd5b5",
+  "0x240ca1cc77ac9c65",
+  "0x2de92c6f592b0275",
+  "0x4a7484aa6ea6e483",
+  "0x5cb0a9dcbd41fbd4",
+  "0x76f988da831153b5",
+  "0x983e5152ee66dfab",
+  "0xa831c66d2db43210",
+  "0xb00327c898fb213f",
+  "0xbf597fc7beef0ee4",
+  "0xc6e00bf33da88fc2",
+  "0xd5a79147930aa725",
+  "0x06ca6351e003826f",
+  "0x142929670a0e6e70",
+  "0x27b70a8546d22ffc",
+  "0x2e1b21385c26c926",
+  "0x4d2c6dfc5ac42aed",
+  "0x53380d139d95b3df",
+  "0x650a73548baf63de",
+  "0x766a0abb3c77b2a8",
+  "0x81c2c92e47edaee6",
+  "0x92722c851482353b",
+  "0xa2bfe8a14cf10364",
+  "0xa81a664bbc423001",
+  "0xc24b8b70d0f89791",
+  "0xc76c51a30654be30",
+  "0xd192e819d6ef5218",
+  "0xd69906245565a910",
+  "0xf40e35855771202a",
+  "0x106aa07032bbd1b8",
+  "0x19a4c116b8d2d0c8",
+  "0x1e376c085141ab53",
+  "0x2748774cdf8eeb99",
+  "0x34b0bcb5e19b48a8",
+  "0x391c0cb3c5c95a63",
+  "0x4ed8aa4ae3418acb",
+  "0x5b9cca4f7763e373",
+  "0x682e6ff3d6b2b8a3",
+  "0x748f82ee5defb2fc",
+  "0x78a5636f43172f60",
+  "0x84c87814a1f0ab72",
+  "0x8cc702081a6439ec",
+  "0x90befffa23631e28",
+  "0xa4506cebde82bde9",
+  "0xbef9a3f7b2c67915",
+  "0xc67178f2e372532b",
+  "0xca273eceea26619c",
+  "0xd186b8c721c0c207",
+  "0xeada7dd6cde0eb1e",
+  "0xf57d4f7fee6ed178",
+  "0x06f067aa72176fba",
+  "0x0a637dc5a2c898a6",
+  "0x113f9804bef90dae",
+  "0x1b710b35131c471b",
+  "0x28db77f523047d84",
+  "0x32caab7b40c72493",
+  "0x3c9ebe0a15c9bebc",
+  "0x431d67c49c100d4c",
+  "0x4cc5d4becb3e42b6",
+  "0x597f299cfc657e2a",
+  "0x5fcb6fab3ad6faec",
+  "0x6c44198c4a475817"
+].map((e) => BigInt(e))), bn = fe[0], gn = fe[1], K = /* @__PURE__ */ new Uint32Array(80), X = /* @__PURE__ */ new Uint32Array(80);
+class wn extends on {
+  constructor(t) {
+    super(128, t, 16, !1);
+  }
+  // prettier-ignore
+  get() {
+    const { Ah: t, Al: n, Bh: o, Bl: r, Ch: s, Cl: a, Dh: u, Dl: i, Eh: x, El: y, Fh: w, Fl: S, Gh: I, Gl: v, Hh: O, Hl: _ } = this;
+    return [t, n, o, r, s, a, u, i, x, y, w, S, I, v, O, _];
+  }
+  // prettier-ignore
+  set(t, n, o, r, s, a, u, i, x, y, w, S, I, v, O, _) {
+    this.Ah = t | 0, this.Al = n | 0, this.Bh = o | 0, this.Bl = r | 0, this.Ch = s | 0, this.Cl = a | 0, this.Dh = u | 0, this.Dl = i | 0, this.Eh = x | 0, this.El = y | 0, this.Fh = w | 0, this.Fl = S | 0, this.Gh = I | 0, this.Gl = v | 0, this.Hh = O | 0, this.Hl = _ | 0;
+  }
+  process(t, n) {
+    for (let p = 0; p < 16; p++, n += 4)
+      K[p] = t.getUint32(n), X[p] = t.getUint32(n += 4);
+    for (let p = 16; p < 80; p++) {
+      const N = K[p - 15] | 0, T = X[p - 15] | 0, f = J(N, T, 1) ^ J(N, T, 8) ^ Zt(N, T, 7), h = tt(N, T, 1) ^ tt(N, T, 8) ^ jt(N, T, 7), c = K[p - 2] | 0, l = X[p - 2] | 0, d = J(c, l, 19) ^ ot(c, l, 61) ^ Zt(c, l, 6), b = tt(c, l, 19) ^ st(c, l, 61) ^ jt(c, l, 6), g = un(h, b, X[p - 7], X[p - 16]), m = hn(g, f, d, K[p - 7], K[p - 16]);
+      K[p] = m | 0, X[p] = g | 0;
+    }
+    let { Ah: o, Al: r, Bh: s, Bl: a, Ch: u, Cl: i, Dh: x, Dl: y, Eh: w, El: S, Fh: I, Fl: v, Gh: O, Gl: _, Hh: E, Hl: A } = this;
+    for (let p = 0; p < 80; p++) {
+      const N = J(w, S, 14) ^ J(w, S, 18) ^ ot(w, S, 41), T = tt(w, S, 14) ^ tt(w, S, 18) ^ st(w, S, 41), f = w & I ^ ~w & O, h = S & v ^ ~S & _, c = ln(A, T, h, gn[p], X[p]), l = dn(c, E, N, f, bn[p], K[p]), d = c | 0, b = J(o, r, 28) ^ ot(o, r, 34) ^ ot(o, r, 39), g = tt(o, r, 28) ^ st(o, r, 34) ^ st(o, r, 39), m = o & s ^ o & u ^ s & u, B = r & a ^ r & i ^ a & i;
+      E = O | 0, A = _ | 0, O = I | 0, _ = v | 0, I = w | 0, v = S | 0, { h: w, l: S } = k(x | 0, y | 0, l | 0, d | 0), x = u | 0, y = i | 0, u = s | 0, i = a | 0, s = o | 0, a = r | 0;
+      const R = fn(d, g, B);
+      o = an(R, l, b, m), r = R | 0;
+    }
+    ({ h: o, l: r } = k(this.Ah | 0, this.Al | 0, o | 0, r | 0)), { h: s, l: a } = k(this.Bh | 0, this.Bl | 0, s | 0, a | 0), { h: u, l: i } = k(this.Ch | 0, this.Cl | 0, u | 0, i | 0), { h: x, l: y } = k(this.Dh | 0, this.Dl | 0, x | 0, y | 0), { h: w, l: S } = k(this.Eh | 0, this.El | 0, w | 0, S | 0), { h: I, l: v } = k(this.Fh | 0, this.Fl | 0, I | 0, v | 0), { h: O, l: _ } = k(this.Gh | 0, this.Gl | 0, O | 0, _ | 0), { h: E, l: A } = k(this.Hh | 0, this.Hl | 0, E | 0, A | 0), this.set(o, r, s, a, u, i, x, y, w, S, I, v, O, _, E, A);
+  }
+  roundClean() {
+    Et(K, X);
+  }
+  destroy() {
+    Et(this.buffer), this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+  }
+}
+class xn extends wn {
+  Ah = M[0] | 0;
+  Al = M[1] | 0;
+  Bh = M[2] | 0;
+  Bl = M[3] | 0;
+  Ch = M[4] | 0;
+  Cl = M[5] | 0;
+  Dh = M[6] | 0;
+  Dl = M[7] | 0;
+  Eh = M[8] | 0;
+  El = M[9] | 0;
+  Fh = M[10] | 0;
+  Fl = M[11] | 0;
+  Gh = M[12] | 0;
+  Gl = M[13] | 0;
+  Hh = M[14] | 0;
+  Hl = M[15] | 0;
+  constructor() {
+    super(64);
+  }
+}
+const pn = /* @__PURE__ */ en(
+  () => new xn(),
+  /* @__PURE__ */ rn(3)
+);
+const ae = /* @__PURE__ */ BigInt(0), Vt = /* @__PURE__ */ BigInt(1);
+function Bt(e, t = "") {
+  if (typeof e != "boolean") {
+    const n = t && `"${t}" `;
+    throw new Error(n + "expected boolean, got type=" + typeof e);
+  }
+  return e;
+}
+function mn(e) {
+  if (typeof e == "bigint") {
+    if (!ct(e))
+      throw new Error("positive bigint expected, got " + e);
+  } else
+    Rt(e);
+  return e;
+}
+function ue(e) {
+  if (typeof e != "string")
+    throw new Error("hex string expected, got " + typeof e);
+  return e === "" ? ae : BigInt("0x" + e);
+}
+function yn(e) {
+  return ue(It(e));
+}
+function ft(e) {
+  return ue(It(St(D(e)).reverse()));
+}
+function he(e, t) {
+  Rt(t), e = mn(e);
+  const n = ce(e.toString(16).padStart(t * 2, "0"));
+  if (n.length !== t)
+    throw new Error("number too large");
+  return n;
+}
+function En(e, t) {
+  return he(e, t).reverse();
+}
+function St(e) {
+  return Uint8Array.from(e);
+}
+const ct = (e) => typeof e == "bigint" && ae <= e;
+function Bn(e, t, n) {
+  return ct(e) && ct(t) && ct(n) && t <= e && e < n;
+}
+function kt(e, t, n, o) {
+  if (!Bn(t, n, o))
+    throw new Error("expected valid " + e + ": " + n + " <= n < " + o + ", got " + t);
+}
+const Sn = (e) => (Vt << BigInt(e)) - Vt;
+function _t(e, t = {}, n = {}) {
+  if (!e || typeof e != "object")
+    throw new Error("expected valid options object");
+  function o(s, a, u) {
+    const i = e[s];
+    if (u && i === void 0)
+      return;
+    const x = typeof i;
+    if (x !== a || i === null)
+      throw new Error(`param "${s}" is invalid: expected ${a}, got ${x}`);
+  }
+  const r = (s, a) => Object.entries(s).forEach(([u, i]) => o(u, i, a));
+  r(t, !1), r(n, !0);
+}
+function Yt(e) {
+  const t = /* @__PURE__ */ new WeakMap();
+  return (n, ...o) => {
+    const r = t.get(n);
+    if (r !== void 0)
+      return r;
+    const s = e(n, ...o);
+    return t.set(n, s), s;
+  };
+}
+const $ = /* @__PURE__ */ BigInt(0), G = /* @__PURE__ */ BigInt(1), F = /* @__PURE__ */ BigInt(2), le = /* @__PURE__ */ BigInt(3), de = /* @__PURE__ */ BigInt(4), be = /* @__PURE__ */ BigInt(5), vn = /* @__PURE__ */ BigInt(7), ge = /* @__PURE__ */ BigInt(8), An = /* @__PURE__ */ BigInt(9), we = /* @__PURE__ */ BigInt(16);
+function U(e, t) {
+  const n = e % t;
+  return n >= $ ? n : t + n;
+}
+function j(e, t, n) {
+  let o = e;
+  for (; t-- > $; )
+    o *= o, o %= n;
+  return o;
+}
+function zt(e, t) {
+  if (e === $)
+    throw new Error("invert: expected non-zero number");
+  if (t <= $)
+    throw new Error("invert: expected positive modulus, got " + t);
+  let n = U(e, t), o = t, r = $, s = G;
+  for (; n !== $; ) {
+    const u = o / n, i = o % n, x = r - s * u;
+    o = n, n = i, r = s, s = x;
+  }
+  if (o !== G)
+    throw new Error("invert: does not exist");
+  return U(r, t);
+}
+function Nt(e, t, n) {
+  if (!e.eql(e.sqr(t), n))
+    throw new Error("Cannot find square root");
+}
+function xe(e, t) {
+  const n = (e.ORDER + G) / de, o = e.pow(t, n);
+  return Nt(e, o, t), o;
+}
+function Rn(e, t) {
+  const n = (e.ORDER - be) / ge, o = e.mul(t, F), r = e.pow(o, n), s = e.mul(t, r), a = e.mul(e.mul(s, F), r), u = e.mul(s, e.sub(a, e.ONE));
+  return Nt(e, u, t), u;
+}
+function In(e) {
+  const t = Ot(e), n = pe(e), o = n(t, t.neg(t.ONE)), r = n(t, o), s = n(t, t.neg(o)), a = (e + vn) / we;
+  return (u, i) => {
+    let x = u.pow(i, a), y = u.mul(x, o);
+    const w = u.mul(x, r), S = u.mul(x, s), I = u.eql(u.sqr(y), i), v = u.eql(u.sqr(w), i);
+    x = u.cmov(x, y, I), y = u.cmov(S, w, v);
+    const O = u.eql(u.sqr(y), i), _ = u.cmov(x, y, O);
+    return Nt(u, _, i), _;
+  };
+}
+function pe(e) {
+  if (e < le)
+    throw new Error("sqrt is not defined for small field");
+  let t = e - G, n = 0;
+  for (; t % F === $; )
+    t /= F, n++;
+  let o = F;
+  const r = Ot(e);
+  for (; Kt(r, o) === 1; )
+    if (o++ > 1e3)
+      throw new Error("Cannot find square root: probably non-prime P");
+  if (n === 1)
+    return xe;
+  let s = r.pow(o, t);
+  const a = (t + G) / F;
+  return function(i, x) {
+    if (i.is0(x))
+      return x;
+    if (Kt(i, x) !== 1)
+      throw new Error("Cannot find square root");
+    let y = n, w = i.mul(i.ONE, s), S = i.pow(x, t), I = i.pow(x, a);
+    for (; !i.eql(S, i.ONE); ) {
+      if (i.is0(S))
+        return i.ZERO;
+      let v = 1, O = i.sqr(S);
+      for (; !i.eql(O, i.ONE); )
+        if (v++, O = i.sqr(O), v === y)
+          throw new Error("Cannot find square root");
+      const _ = G << BigInt(y - v - 1), E = i.pow(w, _);
+      y = v, w = i.sqr(E), S = i.mul(S, w), I = i.mul(I, E);
+    }
+    return I;
+  };
+}
+function _n(e) {
+  return e % de === le ? xe : e % ge === be ? Rn : e % we === An ? In(e) : pe(e);
+}
+const Nn = (e, t) => (U(e, t) & G) === G, On = [
+  "create",
+  "isValid",
+  "is0",
+  "neg",
+  "inv",
+  "sqrt",
+  "sqr",
+  "eql",
+  "add",
+  "sub",
+  "mul",
+  "pow",
+  "div",
+  "addN",
+  "subN",
+  "mulN",
+  "sqrN"
+];
+function Tn(e) {
+  const t = {
+    ORDER: "bigint",
+    BYTES: "number",
+    BITS: "number"
+  }, n = On.reduce((o, r) => (o[r] = "function", o), t);
+  return _t(e, n), e;
+}
+function Cn(e, t, n) {
+  if (n < $)
+    throw new Error("invalid exponent, negatives unsupported");
+  if (n === $)
+    return e.ONE;
+  if (n === G)
+    return t;
+  let o = e.ONE, r = t;
+  for (; n > $; )
+    n & G && (o = e.mul(o, r)), r = e.sqr(r), n >>= G;
+  return o;
+}
+function me(e, t, n = !1) {
+  const o = new Array(t.length).fill(n ? e.ZERO : void 0), r = t.reduce((a, u, i) => e.is0(u) ? a : (o[i] = a, e.mul(a, u)), e.ONE), s = e.inv(r);
+  return t.reduceRight((a, u, i) => e.is0(u) ? a : (o[i] = e.mul(a, o[i]), e.mul(a, u)), s), o;
+}
+function Kt(e, t) {
+  const n = (e.ORDER - G) / F, o = e.pow(t, n), r = e.eql(o, e.ONE), s = e.eql(o, e.ZERO), a = e.eql(o, e.neg(e.ONE));
+  if (!r && !s && !a)
+    throw new Error("invalid Legendre symbol result");
+  return r ? 1 : s ? 0 : -1;
+}
+function Ln(e, t) {
+  t !== void 0 && Rt(t);
+  const n = t !== void 0 ? t : e.toString(2).length, o = Math.ceil(n / 8);
+  return { nBitLength: n, nByteLength: o };
+}
+class Un {
+  ORDER;
+  BITS;
+  BYTES;
+  isLE;
+  ZERO = $;
+  ONE = G;
+  _lengths;
+  _sqrt;
+  // cached sqrt
+  _mod;
+  constructor(t, n = {}) {
+    if (t <= $)
+      throw new Error("invalid field: expected ORDER > 0, got " + t);
+    let o;
+    this.isLE = !1, n != null && typeof n == "object" && (typeof n.BITS == "number" && (o = n.BITS), typeof n.sqrt == "function" && (this.sqrt = n.sqrt), typeof n.isLE == "boolean" && (this.isLE = n.isLE), n.allowedLengths && (this._lengths = n.allowedLengths?.slice()), typeof n.modFromBytes == "boolean" && (this._mod = n.modFromBytes));
+    const { nBitLength: r, nByteLength: s } = Ln(t, o);
+    if (s > 2048)
+      throw new Error("invalid field: expected ORDER of <= 2048 bytes");
+    this.ORDER = t, this.BITS = r, this.BYTES = s, this._sqrt = void 0, Object.preventExtensions(this);
+  }
+  create(t) {
+    return U(t, this.ORDER);
+  }
+  isValid(t) {
+    if (typeof t != "bigint")
+      throw new Error("invalid field element: expected bigint, got " + typeof t);
+    return $ <= t && t < this.ORDER;
+  }
+  is0(t) {
+    return t === $;
+  }
+  // is valid and invertible
+  isValidNot0(t) {
+    return !this.is0(t) && this.isValid(t);
+  }
+  isOdd(t) {
+    return (t & G) === G;
+  }
+  neg(t) {
+    return U(-t, this.ORDER);
+  }
+  eql(t, n) {
+    return t === n;
+  }
+  sqr(t) {
+    return U(t * t, this.ORDER);
+  }
+  add(t, n) {
+    return U(t + n, this.ORDER);
+  }
+  sub(t, n) {
+    return U(t - n, this.ORDER);
+  }
+  mul(t, n) {
+    return U(t * n, this.ORDER);
+  }
+  pow(t, n) {
+    return Cn(this, t, n);
+  }
+  div(t, n) {
+    return U(t * zt(n, this.ORDER), this.ORDER);
+  }
+  // Same as above, but doesn't normalize
+  sqrN(t) {
+    return t * t;
+  }
+  addN(t, n) {
+    return t + n;
+  }
+  subN(t, n) {
+    return t - n;
+  }
+  mulN(t, n) {
+    return t * n;
+  }
+  inv(t) {
+    return zt(t, this.ORDER);
+  }
+  sqrt(t) {
+    return this._sqrt || (this._sqrt = _n(this.ORDER)), this._sqrt(this, t);
+  }
+  toBytes(t) {
+    return this.isLE ? En(t, this.BYTES) : he(t, this.BYTES);
+  }
+  fromBytes(t, n = !1) {
+    D(t);
+    const { _lengths: o, BYTES: r, isLE: s, ORDER: a, _mod: u } = this;
+    if (o) {
+      if (!o.includes(t.length) || t.length > r)
+        throw new Error("Field.fromBytes: expected " + o + " bytes, got " + t.length);
+      const x = new Uint8Array(r);
+      x.set(t, s ? 0 : x.length - t.length), t = x;
+    }
+    if (t.length !== r)
+      throw new Error("Field.fromBytes: expected " + r + " bytes, got " + t.length);
+    let i = s ? ft(t) : yn(t);
+    if (u && (i = U(i, a)), !n && !this.isValid(i))
+      throw new Error("invalid field element: outside of range 0..ORDER");
+    return i;
+  }
+  // TODO: we don't need it here, move out to separate fn
+  invertBatch(t) {
+    return me(this, t);
+  }
+  // We can't move this out because Fp6, Fp12 implement it
+  // and it's unclear what to return in there.
+  cmov(t, n, o) {
+    return o ? n : t;
+  }
+}
+function Ot(e, t = {}) {
+  return new Un(e, t);
+}
+const at = /* @__PURE__ */ BigInt(0), vt = /* @__PURE__ */ BigInt(1);
+function Xt(e, t) {
+  const n = t.negate();
+  return e ? n : t;
+}
+function gt(e, t) {
+  const n = me(e.Fp, t.map((o) => o.Z));
+  return t.map((o, r) => e.fromAffine(o.toAffine(n[r])));
+}
+function ye(e, t) {
+  if (!Number.isSafeInteger(e) || e <= 0 || e > t)
+    throw new Error("invalid window size, expected [1.." + t + "], got W=" + e);
+}
+function wt(e, t) {
+  ye(e, t);
+  const n = Math.ceil(t / e) + 1, o = 2 ** (e - 1), r = 2 ** e, s = Sn(e), a = BigInt(e);
+  return { windows: n, windowSize: o, mask: s, maxNumber: r, shiftBy: a };
+}
+function Wt(e, t, n) {
+  const { windowSize: o, mask: r, maxNumber: s, shiftBy: a } = n;
+  let u = Number(e & r), i = e >> a;
+  u > o && (u -= s, i += vt);
+  const x = t * o, y = x + Math.abs(u) - 1, w = u === 0, S = u < 0, I = t % 2 !== 0;
+  return { nextN: i, offset: y, isZero: w, isNeg: S, isNegF: I, offsetF: x };
+}
+const xt = /* @__PURE__ */ new WeakMap(), Ee = /* @__PURE__ */ new WeakMap();
+function pt(e) {
+  return Ee.get(e) || 1;
+}
+function Pt(e) {
+  if (e !== at)
+    throw new Error("invalid wNAF");
+}
+class Hn {
+  BASE;
+  ZERO;
+  Fn;
+  bits;
+  // Parametrized with a given Point class (not individual point)
+  constructor(t, n) {
+    this.BASE = t.BASE, this.ZERO = t.ZERO, this.Fn = t.Fn, this.bits = n;
+  }
+  // non-const time multiplication ladder
+  _unsafeLadder(t, n, o = this.ZERO) {
+    let r = t;
+    for (; n > at; )
+      n & vt && (o = o.add(r)), r = r.double(), n >>= vt;
+    return o;
+  }
+  /**
+   * Creates a wNAF precomputation window. Used for caching.
+   * Default window size is set by `utils.precompute()` and is equal to 8.
+   * Number of precomputed points depends on the curve size:
+   * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where:
+   * - 𝑊 is the window size
+   * - 𝑛 is the bitlength of the curve order.
+   * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224.
+   * @param point Point instance
+   * @param W window size
+   * @returns precomputed point tables flattened to a single array
+   */
+  precomputeWindow(t, n) {
+    const { windows: o, windowSize: r } = wt(n, this.bits), s = [];
+    let a = t, u = a;
+    for (let i = 0; i < o; i++) {
+      u = a, s.push(u);
+      for (let x = 1; x < r; x++)
+        u = u.add(a), s.push(u);
+      a = u.double();
+    }
+    return s;
+  }
+  /**
+   * Implements ec multiplication using precomputed tables and w-ary non-adjacent form.
+   * More compact implementation:
+   * https://github.com/paulmillr/noble-secp256k1/blob/47cb1669b6e506ad66b35fe7d76132ae97465da2/index.ts#L502-L541
+   * @returns real and fake (for const-time) points
+   */
+  wNAF(t, n, o) {
+    if (!this.Fn.isValid(o))
+      throw new Error("invalid scalar");
+    let r = this.ZERO, s = this.BASE;
+    const a = wt(t, this.bits);
+    for (let u = 0; u < a.windows; u++) {
+      const { nextN: i, offset: x, isZero: y, isNeg: w, isNegF: S, offsetF: I } = Wt(o, u, a);
+      o = i, y ? s = s.add(Xt(S, n[I])) : r = r.add(Xt(w, n[x]));
+    }
+    return Pt(o), { p: r, f: s };
+  }
+  /**
+   * Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form.
+   * @param acc accumulator point to add result of multiplication
+   * @returns point
+   */
+  wNAFUnsafe(t, n, o, r = this.ZERO) {
+    const s = wt(t, this.bits);
+    for (let a = 0; a < s.windows && o !== at; a++) {
+      const { nextN: u, offset: i, isZero: x, isNeg: y } = Wt(o, a, s);
+      if (o = u, !x) {
+        const w = n[i];
+        r = r.add(y ? w.negate() : w);
+      }
+    }
+    return Pt(o), r;
+  }
+  getPrecomputes(t, n, o) {
+    let r = xt.get(n);
+    return r || (r = this.precomputeWindow(n, t), t !== 1 && (typeof o == "function" && (r = o(r)), xt.set(n, r))), r;
+  }
+  cached(t, n, o) {
+    const r = pt(t);
+    return this.wNAF(r, this.getPrecomputes(r, t, o), n);
+  }
+  unsafe(t, n, o, r) {
+    const s = pt(t);
+    return s === 1 ? this._unsafeLadder(t, n, r) : this.wNAFUnsafe(s, this.getPrecomputes(s, t, o), n, r);
+  }
+  // We calculate precomputes for elliptic curve point multiplication
+  // using windowed method. This specifies window size and
+  // stores precomputed values. Usually only base point would be precomputed.
+  createCache(t, n) {
+    ye(n, this.bits), Ee.set(t, n), xt.delete(t);
+  }
+  hasCache(t) {
+    return pt(t) !== 1;
+  }
+}
+function Ft(e, t, n) {
+  if (t) {
+    if (t.ORDER !== e)
+      throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
+    return Tn(t), t;
+  } else
+    return Ot(e, { isLE: n });
+}
+function Dn(e, t, n = {}, o) {
+  if (o === void 0 && (o = e === "edwards"), !t || typeof t != "object")
+    throw new Error(`expected valid ${e} CURVE object`);
+  for (const i of ["p", "n", "h"]) {
+    const x = t[i];
+    if (!(typeof x == "bigint" && x > at))
+      throw new Error(`CURVE.${i} must be positive bigint`);
+  }
+  const r = Ft(t.p, n.Fp, o), s = Ft(t.n, n.Fn, o), u = ["Gx", "Gy", "a", "d"];
+  for (const i of u)
+    if (!r.isValid(t[i]))
+      throw new Error(`CURVE.${i} must be valid field element of CURVE.Fp`);
+  return t = Object.freeze(Object.assign({}, t)), { CURVE: t, Fp: r, Fn: s };
+}
+function qn(e, t) {
+  return function(o) {
+    const r = e(o);
+    return { secretKey: r, publicKey: t(r) };
+  };
+}
+const W = BigInt(0), H = BigInt(1), mt = BigInt(2), Mn = BigInt(8);
+function Gn(e, t, n, o) {
+  const r = e.sqr(n), s = e.sqr(o), a = e.add(e.mul(t.a, r), s), u = e.add(e.ONE, e.mul(t.d, e.mul(r, s)));
+  return e.eql(a, u);
+}
+function $n(e, t = {}) {
+  const n = Dn("edwards", e, t, t.FpFnLE), { Fp: o, Fn: r } = n;
+  let s = n.CURVE;
+  const { h: a } = s;
+  _t(t, {}, { uvRatio: "function" });
+  const u = mt << BigInt(r.BYTES * 8) - H, i = (_) => o.create(_), x = t.uvRatio || ((_, E) => {
+    try {
+      return { isValid: !0, value: o.sqrt(o.div(_, E)) };
+    } catch {
+      return { isValid: !1, value: W };
+    }
+  });
+  if (!Gn(o, s, s.Gx, s.Gy))
+    throw new Error("bad curve params: generator point");
+  function y(_, E, A = !1) {
+    const p = A ? H : W;
+    return kt("coordinate " + _, E, p, u), E;
+  }
+  function w(_) {
+    if (!(_ instanceof v))
+      throw new Error("EdwardsPoint expected");
+  }
+  const S = Yt((_, E) => {
+    const { X: A, Y: p, Z: N } = _, T = _.is0();
+    E == null && (E = T ? Mn : o.inv(N));
+    const f = i(A * E), h = i(p * E), c = o.mul(N, E);
+    if (T)
+      return { x: W, y: H };
+    if (c !== H)
+      throw new Error("invZ was invalid");
+    return { x: f, y: h };
+  }), I = Yt((_) => {
+    const { a: E, d: A } = s;
+    if (_.is0())
+      throw new Error("bad point: ZERO");
+    const { X: p, Y: N, Z: T, T: f } = _, h = i(p * p), c = i(N * N), l = i(T * T), d = i(l * l), b = i(h * E), g = i(l * i(b + c)), m = i(d + i(A * i(h * c)));
+    if (g !== m)
+      throw new Error("bad point: equation left != right (1)");
+    const B = i(p * N), R = i(T * f);
+    if (B !== R)
+      throw new Error("bad point: equation left != right (2)");
+    return !0;
+  });
+  class v {
+    // base / generator point
+    static BASE = new v(s.Gx, s.Gy, H, i(s.Gx * s.Gy));
+    // zero / infinity / identity point
+    static ZERO = new v(W, H, H, W);
+    // 0, 1, 1, 0
+    // math field
+    static Fp = o;
+    // scalar field
+    static Fn = r;
+    X;
+    Y;
+    Z;
+    T;
+    constructor(E, A, p, N) {
+      this.X = y("x", E), this.Y = y("y", A), this.Z = y("z", p, !0), this.T = y("t", N), Object.freeze(this);
+    }
+    static CURVE() {
+      return s;
+    }
+    static fromAffine(E) {
+      if (E instanceof v)
+        throw new Error("extended point not allowed");
+      const { x: A, y: p } = E || {};
+      return y("x", A), y("y", p), new v(A, p, H, i(A * p));
+    }
+    // Uses algo from RFC8032 5.1.3.
+    static fromBytes(E, A = !1) {
+      const p = o.BYTES, { a: N, d: T } = s;
+      E = St(D(E, p, "point")), Bt(A, "zip215");
+      const f = St(E), h = E[p - 1];
+      f[p - 1] = h & -129;
+      const c = ft(f), l = A ? u : o.ORDER;
+      kt("point.y", c, W, l);
+      const d = i(c * c), b = i(d - H), g = i(T * d - N);
+      let { isValid: m, value: B } = x(b, g);
+      if (!m)
+        throw new Error("bad point: invalid y coordinate");
+      const R = (B & H) === H, C = (h & 128) !== 0;
+      if (!A && B === W && C)
+        throw new Error("bad point: x=0 and x_0=1");
+      return C !== R && (B = i(-B)), v.fromAffine({ x: B, y: c });
+    }
+    static fromHex(E, A = !1) {
+      return v.fromBytes(ce(E), A);
+    }
+    get x() {
+      return this.toAffine().x;
+    }
+    get y() {
+      return this.toAffine().y;
+    }
+    precompute(E = 8, A = !0) {
+      return O.createCache(this, E), A || this.multiply(mt), this;
+    }
+    // Useful in fromAffine() - not for fromBytes(), which always created valid points.
+    assertValidity() {
+      I(this);
+    }
+    // Compare one point to another.
+    equals(E) {
+      w(E);
+      const { X: A, Y: p, Z: N } = this, { X: T, Y: f, Z: h } = E, c = i(A * h), l = i(T * N), d = i(p * h), b = i(f * N);
+      return c === l && d === b;
+    }
+    is0() {
+      return this.equals(v.ZERO);
+    }
+    negate() {
+      return new v(i(-this.X), this.Y, this.Z, i(-this.T));
+    }
+    // Fast algo for doubling Extended Point.
+    // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd
+    // Cost: 4M + 4S + 1*a + 6add + 1*2.
+    double() {
+      const { a: E } = s, { X: A, Y: p, Z: N } = this, T = i(A * A), f = i(p * p), h = i(mt * i(N * N)), c = i(E * T), l = A + p, d = i(i(l * l) - T - f), b = c + f, g = b - h, m = c - f, B = i(d * g), R = i(b * m), C = i(d * m), L = i(g * b);
+      return new v(B, R, L, C);
+    }
+    // Fast algo for adding 2 Extended Points.
+    // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd
+    // Cost: 9M + 1*a + 1*d + 7add.
+    add(E) {
+      w(E);
+      const { a: A, d: p } = s, { X: N, Y: T, Z: f, T: h } = this, { X: c, Y: l, Z: d, T: b } = E, g = i(N * c), m = i(T * l), B = i(h * p * b), R = i(f * d), C = i((N + T) * (c + l) - g - m), L = R - B, q = R + B, Q = i(m - A * g), nt = i(C * L), ut = i(q * Q), Ct = i(C * Q), Lt = i(L * q);
+      return new v(nt, ut, Lt, Ct);
+    }
+    subtract(E) {
+      return this.add(E.negate());
+    }
+    // Constant-time multiplication.
+    multiply(E) {
+      if (!r.isValidNot0(E))
+        throw new Error("invalid scalar: expected 1 <= sc < curve.n");
+      const { p: A, f: p } = O.cached(this, E, (N) => gt(v, N));
+      return gt(v, [A, p])[0];
+    }
+    // Non-constant-time multiplication. Uses double-and-add algorithm.
+    // It's faster, but should only be used when you don't care about
+    // an exposed private key e.g. sig verification.
+    // Does NOT allow scalars higher than CURVE.n.
+    // Accepts optional accumulator to merge with multiply (important for sparse scalars)
+    multiplyUnsafe(E, A = v.ZERO) {
+      if (!r.isValid(E))
+        throw new Error("invalid scalar: expected 0 <= sc < curve.n");
+      return E === W ? v.ZERO : this.is0() || E === H ? this : O.unsafe(this, E, (p) => gt(v, p), A);
+    }
+    // Checks if point is of small order.
+    // If you add something to small order point, you will have "dirty"
+    // point with torsion component.
+    // Multiplies point by cofactor and checks if the result is 0.
+    isSmallOrder() {
+      return this.multiplyUnsafe(a).is0();
+    }
+    // Multiplies point by curve order and checks if the result is 0.
+    // Returns `false` is the point is dirty.
+    isTorsionFree() {
+      return O.unsafe(this, s.n).is0();
+    }
+    // Converts Extended point to default (x, y) coordinates.
+    // Can accept precomputed Z^-1 - for example, from invertBatch.
+    toAffine(E) {
+      return S(this, E);
+    }
+    clearCofactor() {
+      return a === H ? this : this.multiplyUnsafe(a);
+    }
+    toBytes() {
+      const { x: E, y: A } = this.toAffine(), p = o.toBytes(A);
+      return p[p.length - 1] |= E & H ? 128 : 0, p;
+    }
+    toHex() {
+      return It(this.toBytes());
+    }
+    toString() {
+      return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
+    }
+  }
+  const O = new Hn(v, r.BITS);
+  return v.BASE.precompute(8), v;
+}
+function Zn(e, t, n = {}) {
+  if (typeof t != "function")
+    throw new Error('"hash" function param is required');
+  _t(n, {}, {
+    adjustScalarBytes: "function",
+    randomBytes: "function",
+    domain: "function",
+    prehash: "function",
+    mapToCurve: "function"
+  });
+  const { prehash: o } = n, { BASE: r, Fp: s, Fn: a } = e, u = n.randomBytes || nn, i = n.adjustScalarBytes || ((c) => c), x = n.domain || ((c, l, d) => {
+    if (Bt(d, "phflag"), l.length || d)
+      throw new Error("Contexts/pre-hash are not supported");
+    return c;
+  });
+  function y(c) {
+    return a.create(ft(c));
+  }
+  function w(c) {
+    const l = p.secretKey;
+    D(c, p.secretKey, "secretKey");
+    const d = D(t(c), 2 * l, "hashedSecretKey"), b = i(d.slice(0, l)), g = d.slice(l, 2 * l), m = y(b);
+    return { head: b, prefix: g, scalar: m };
+  }
+  function S(c) {
+    const { head: l, prefix: d, scalar: b } = w(c), g = r.multiply(b), m = g.toBytes();
+    return { head: l, prefix: d, scalar: b, point: g, pointBytes: m };
+  }
+  function I(c) {
+    return S(c).pointBytes;
+  }
+  function v(c = Uint8Array.of(), ...l) {
+    const d = Gt(...l);
+    return y(t(x(d, D(c, void 0, "context"), !!o)));
+  }
+  function O(c, l, d = {}) {
+    c = D(c, void 0, "message"), o && (c = o(c));
+    const { prefix: b, scalar: g, pointBytes: m } = S(l), B = v(d.context, b, c), R = r.multiply(B).toBytes(), C = v(d.context, R, m, c), L = a.create(B + C * g);
+    if (!a.isValid(L))
+      throw new Error("sign failed: invalid s");
+    const q = Gt(R, a.toBytes(L));
+    return D(q, p.signature, "result");
+  }
+  const _ = { zip215: !0 };
+  function E(c, l, d, b = _) {
+    const { context: g, zip215: m } = b, B = p.signature;
+    c = D(c, B, "signature"), l = D(l, void 0, "message"), d = D(d, p.publicKey, "publicKey"), m !== void 0 && Bt(m, "zip215"), o && (l = o(l));
+    const R = B / 2, C = c.subarray(0, R), L = ft(c.subarray(R, B));
+    let q, Q, nt;
+    try {
+      q = e.fromBytes(d, m), Q = e.fromBytes(C, m), nt = r.multiplyUnsafe(L);
+    } catch {
+      return !1;
+    }
+    if (!m && q.isSmallOrder())
+      return !1;
+    const ut = v(g, Q.toBytes(), q.toBytes(), l);
+    return Q.add(q.multiplyUnsafe(ut)).subtract(nt).clearCofactor().is0();
+  }
+  const A = s.BYTES, p = {
+    secretKey: A,
+    publicKey: A,
+    signature: 2 * A,
+    seed: A
+  };
+  function N(c = u(p.seed)) {
+    return D(c, p.seed, "seed");
+  }
+  function T(c) {
+    return se(c) && c.length === a.BYTES;
+  }
+  function f(c, l) {
+    try {
+      return !!e.fromBytes(c, l);
+    } catch {
+      return !1;
+    }
+  }
+  const h = {
+    getExtendedPublicKey: S,
+    randomSecretKey: N,
+    isValidSecretKey: T,
+    isValidPublicKey: f,
+    /**
+     * Converts ed public key to x public key. Uses formula:
+     * - ed25519:
+     *   - `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)`
+     *   - `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))`
+     * - ed448:
+     *   - `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)`
+     *   - `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))`
+     */
+    toMontgomery(c) {
+      const { y: l } = e.fromBytes(c), d = p.publicKey, b = d === 32;
+      if (!b && d !== 57)
+        throw new Error("only defined for 25519 and 448");
+      const g = b ? s.div(H + l, H - l) : s.div(l - H, l + H);
+      return s.toBytes(g);
+    },
+    toMontgomerySecret(c) {
+      const l = p.secretKey;
+      D(c, l);
+      const d = t(c.subarray(0, l));
+      return i(d).subarray(0, l);
+    }
+  };
+  return Object.freeze({
+    keygen: qn(N, I),
+    getPublicKey: I,
+    sign: O,
+    verify: E,
+    utils: h,
+    Point: e,
+    lengths: p
+  });
+}
+const jn = BigInt(1), Qt = BigInt(2), Vn = BigInt(5), kn = BigInt(8), Tt = BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed"), Yn = {
+  p: Tt,
+  n: BigInt("0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed"),
+  h: kn,
+  a: BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec"),
+  d: BigInt("0x52036cee2b6ffe738cc740797779e89800700a4d4141d8ab75eb4dca135978a3"),
+  Gx: BigInt("0x216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a"),
+  Gy: BigInt("0x6666666666666666666666666666666666666666666666666666666666666658")
+};
+function zn(e) {
+  const t = BigInt(10), n = BigInt(20), o = BigInt(40), r = BigInt(80), s = Tt, u = e * e % s * e % s, i = j(u, Qt, s) * u % s, x = j(i, jn, s) * e % s, y = j(x, Vn, s) * x % s, w = j(y, t, s) * y % s, S = j(w, n, s) * w % s, I = j(S, o, s) * S % s, v = j(I, r, s) * I % s, O = j(v, r, s) * I % s, _ = j(O, t, s) * y % s;
+  return { pow_p_5_8: j(_, Qt, s) * e % s, b2: u };
+}
+function Kn(e) {
+  return e[0] &= 248, e[31] &= 127, e[31] |= 64, e;
+}
+const Jt = /* @__PURE__ */ BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");
+function Xn(e, t) {
+  const n = Tt, o = U(t * t * t, n), r = U(o * o * t, n), s = zn(e * r).pow_p_5_8;
+  let a = U(e * o * s, n);
+  const u = U(t * a * a, n), i = a, x = U(a * Jt, n), y = u === e, w = u === U(-e, n), S = u === U(-e * Jt, n);
+  return y && (a = i), (w || S) && (a = x), Nn(a, n) && (a = U(-a, n)), { isValid: y || w, value: a };
+}
+const Wn = /* @__PURE__ */ $n(Yn, { uvRatio: Xn });
+function Pn(e) {
+  return Zn(Wn, pn, Object.assign({ adjustScalarBytes: Kn }, e));
+}
+const Fn = /* @__PURE__ */ Pn({}), Qn = Qe, Jn = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function tr(e) {
+  if (e.length !== 16)
+    throw new Error(`Invalid seed length: expected 16, got ${e.length}`);
+  const t = Qn(e), n = Fn.getPublicKey(t), o = new Uint8Array(64);
+  return o.set(t, 0), o.set(n, 32), te(t), { publicKey: n, secretKey: o };
+}
+function cr(e) {
+  const t = tr(e), n = t.publicKey;
+  return te(t.secretKey), n;
+}
+function fr(e) {
+  if (e.length !== 32)
+    throw new Error(`Invalid public key length: expected 32, got ${e.length}`);
+  return er(e);
+}
+function er(e) {
+  let t = 0;
+  for (let r = 0; r < e.length && e[r] === 0; r++)
+    t++;
+  let n = 0n;
+  for (let r = 0; r < e.length; r++)
+    n = n * 256n + BigInt(e[r]);
+  let o = "";
+  for (; n > 0n; ) {
+    const r = Number(n % 58n);
+    o = Jn[r] + o, n = n / 58n;
+  }
+  return "1".repeat(t) + o;
+}
+export {
+  rr as a,
+  At as b,
+  Qe as c,
+  sr as d,
+  Ie as e,
+  cr as g,
+  fr as p,
+  or as s
+};