@cedros/login-react 0.0.11 → 0.0.13

package/dist/crypto/bip39.d.ts

@@ -1,106 +0,0 @@
-import { Seed, ShamirShare } from './types';
-/** Number of words in recovery phrase (12 = 128 bits, standard Solana format) */
-export declare const MNEMONIC_WORD_COUNT = 12;
-/**
- * Encode a Shamir share as a BIP-39 mnemonic phrase
- *
- * @param share - 16-byte share to encode
- * @returns Array of 12 mnemonic words
- */
-export declare function shareToMnemonic(share: ShamirShare): string[];
-/**
- * Decode a BIP-39 mnemonic phrase back to a Shamir share
- *
- * @param words - Array of 12 mnemonic words
- * @returns 16-byte share
- * @throws Error if mnemonic is invalid
- */
-export declare function mnemonicToShare(words: string[]): ShamirShare;
-/**
- * Encode a 16-byte seed as a BIP-39 mnemonic phrase
- *
- * This is used for the recovery phrase which encodes the FULL SEED
- * (not a Shamir share) to allow complete wallet recovery.
- *
- * @param seed - 16-byte seed to encode
- * @returns Array of 12 mnemonic words
- */
-export declare function seedToMnemonic(seed: Seed): string[];
-/**
- * Decode a BIP-39 mnemonic phrase back to a seed
- *
- * This is used during recovery to restore the full wallet seed.
- *
- * @param words - Array of 12 mnemonic words
- * @returns 16-byte seed
- * @throws Error if mnemonic is invalid
- */
-export declare function mnemonicToSeed(words: string[]): Seed;
-/**
- * Validate a mnemonic phrase without decoding
- *
- * @param words - Array of words to validate
- * @returns true if valid BIP-39 mnemonic
- */
-export declare function isValidMnemonic(words: string[]): boolean;
-/**
- * Check if a single word is in the BIP-39 wordlist
- *
- * @param word - Word to check
- * @returns true if word is in the wordlist
- */
-export declare function isValidWord(word: string): boolean;
-/**
- * Get word suggestions for autocomplete
- *
- * @param prefix - Partial word input
- * @param limit - Maximum number of suggestions
- * @returns Array of matching words from wordlist
- */
-export declare function getWordSuggestions(prefix: string, limit?: number): string[];
-/**
- * Generate a random mnemonic for testing purposes
- *
- * WARNING: Do not use this for actual wallet generation.
- * Use the proper enrollment flow which generates a seed and splits it.
- *
- * @returns Array of 12 random words
- */
-export declare function generateRandomMnemonic(): string[];
-/**
- * Format mnemonic words for display (groups of 4)
- *
- * @param words - Array of mnemonic words
- * @returns Array of word groups
- */
-export declare function formatMnemonicForDisplay(words: string[]): string[][];
-/**
- * Parse user input into word array, handling various formats
- *
- * @param input - User input (space/comma/newline separated)
- * @returns Array of normalized words
- */
-export declare function parseMnemonicInput(input: string): string[];
-/**
- * Securely wipe mnemonic array
- *
- * @security CRYPTO-2: This is BEST-EFFORT only. JavaScript strings are immutable
- * and the original word values WILL persist in memory until garbage collected.
- * See secureWipe.ts wipeString() for details on JS string wiping limitations.
- *
- * @param words - Array of words to wipe
- */
-export declare function wipeMnemonic(words: string[]): void;
-/**
- * Get the BIP-39 wordlist for UI purposes (e.g., validation indicators)
- *
- * @returns Copy of the wordlist
- */
-export declare function getWordlist(): readonly string[];
-/**
- * Calculate the index of a word in the wordlist
- *
- * @param word - Word to look up
- * @returns Index (0-2047) or -1 if not found
- */
-export declare function getWordIndex(word: string): number;

package/dist/crypto/capabilities.d.ts

@@ -1,35 +0,0 @@
-import { CryptoCapabilities } from './types';
-/**
- * Check all required crypto capabilities
- *
- * @returns Capability check results
- */
-export declare function checkCryptoCapabilities(): Promise<CryptoCapabilities>;
-/**
- * Get a human-readable message about missing capabilities
- *
- * @param capabilities - Capability check results
- * @returns Error message describing what's missing, or null if all supported
- */
-export declare function getMissingCapabilitiesMessage(capabilities: CryptoCapabilities): string | null;
-/**
- * Check if the browser is known to support all required features
- *
- * @returns Object with browser info and support status
- */
-export declare function getBrowserSupportInfo(): {
-    browser: string;
-    version: string;
-    likelySupported: boolean;
-};
-/**
- * Get cached capabilities or check if not cached
- *
- * @param forceRefresh - If true, bypass cache and recheck
- * @returns Capability check results
- */
-export declare function getCryptoCapabilities(forceRefresh?: boolean): Promise<CryptoCapabilities>;
-/**
- * Clear the capability cache (useful for testing)
- */
-export declare function clearCapabilityCache(): void;

package/dist/crypto/entropy.d.ts

@@ -1,56 +0,0 @@
-import { Seed, AesNonce, Argon2Salt, PrfSalt } from './types';
-/**
- * Get cryptographically secure random bytes
- *
- * @param length - Number of bytes to generate
- * @returns Random bytes
- * @throws Error if WebCrypto is not available
- */
-export declare function getRandomBytes(length: number): Uint8Array;
-/**
- * Generate a cryptographically secure 16-byte seed for wallet derivation
- *
- * Note: 16 bytes (128 bits) matches standard Solana wallet format.
- *
- * @returns 16-byte seed
- * @throws Error if WebCrypto is not available
- */
-export declare function generateSeed(): Seed;
-/**
- * Generate a 12-byte nonce for AES-GCM encryption
- *
- * Security: AES-GCM requires a unique nonce per encryption with the same key.
- * Using random nonces is safe for reasonable message counts (< 2^32).
- *
- * CRYPTO-03: For high-volume encryption scenarios (>2^30 messages with same key),
- * the birthday bound risk of nonce collision increases. Recommendations:
- * 1. Rotate encryption keys periodically (e.g., every 2^20 encryptions)
- * 2. Use counter-based nonces instead of random for sequential encryption
- * 3. Monitor encryption count and trigger re-keying before limits are reached
- *
- * For typical wallet use cases (encrypting seed once), random nonces are safe.
- *
- * @returns 12-byte nonce
- * @throws Error if WebCrypto is not available
- */
-export declare function generateNonce(): AesNonce;
-/**
- * Generate a 16-byte salt for Argon2id KDF
- *
- * Security: Salt must be unique per user/password combination.
- * 16 bytes provides sufficient uniqueness.
- *
- * @returns 16-byte salt
- * @throws Error if WebCrypto is not available
- */
-export declare function generateArgon2Salt(): Argon2Salt;
-/**
- * Generate a 32-byte salt for WebAuthn PRF extension
- *
- * Security: PRF salt is used as input to the PRF to derive unique
- * per-credential keys. Must be stored alongside encrypted share.
- *
- * @returns 32-byte PRF salt
- * @throws Error if WebCrypto is not available
- */
-export declare function generatePrfSalt(): PrfSalt;

package/dist/crypto/hkdf.d.ts

@@ -1,38 +0,0 @@
-import { EncryptionKey } from './types';
-/**
- * Derive an encryption key using HKDF-SHA256
- *
- * @param inputKeyMaterial - Raw key material (e.g., from PRF)
- * @param salt - Optional salt (if not provided, uses zero-filled buffer)
- * @param info - Context/application-specific info string
- * @param outputLength - Desired output key length in bytes (default: 32)
- * @returns Derived key
- */
-export declare function hkdfDerive(inputKeyMaterial: Uint8Array, salt: Uint8Array | undefined, info: string, outputLength?: number): Promise<Uint8Array>;
-/**
- * Derive a 256-bit encryption key from PRF output
- *
- * @param prfOutput - Output from WebAuthn PRF extension (typically 32 bytes)
- * @param prfSalt - Salt used with PRF (stored with encrypted share)
- * @returns 32-byte encryption key suitable for AES-256-GCM
- */
-export declare function deriveKeyFromPrf(prfOutput: Uint8Array, prfSalt: Uint8Array): Promise<EncryptionKey>;
-/**
- * Derive a key with domain separation for different purposes
- *
- * @param inputKeyMaterial - Base key material
- * @param domain - Domain separator string (e.g., 'signing', 'encryption')
- * @param salt - Optional salt
- * @returns Derived key
- *
- * @security Domain strings MUST be unique across the codebase. Using the same
- * domain with the same input key material will produce identical keys, which
- * could lead to key reuse vulnerabilities. See module-level docs for reserved domains.
- */
-export declare function deriveKeyWithDomain(inputKeyMaterial: Uint8Array, domain: string, salt?: Uint8Array): Promise<Uint8Array>;
-/**
- * Check if HKDF is supported in the current environment
- *
- * @returns true if HKDF is available
- */
-export declare function isHkdfSupported(): Promise<boolean>;

package/dist/crypto/index.d.ts

@@ -1,30 +0,0 @@
-/**
- * Crypto module exports for SSS wallet implementation
- *
- * This module provides all cryptographic primitives needed for the
- * non-custodial Solana wallet feature using Shamir Secret Sharing.
- *
- * Key components:
- * - Entropy: Secure random number generation
- * - Shamir: Secret splitting and reconstruction
- * - AES-GCM: Authenticated encryption
- * - Argon2: Password-based key derivation
- * - HKDF: Key derivation from PRF output
- * - BIP-39: Mnemonic encoding for recovery phrase
- * - WebAuthn PRF: Device key derivation via passkeys
- * - Solana Keypair: Ed25519 keypair derivation
- * - Secure Wipe: Memory cleanup utilities
- * - Capabilities: Feature detection
- */
-export * from './types';
-export { getRandomBytes, generateSeed, generateNonce, generateArgon2Salt, generatePrfSalt, } from './entropy';
-export { wipeBytes, wipeAll, withSecureCleanup, withSecureCleanupSync, createSecureContainer, type SecureContainer, } from './secureWipe';
-export { aesGcmEncrypt, aesGcmDecrypt, aesGcmEncryptToBase64, aesGcmDecryptFromBase64, encryptWithPasswordKey, decryptWithPasswordKey, encryptAndWipe, uint8ArrayToBase64, base64ToUint8Array, type AesGcmEncryptResult, } from './aesGcm';
-export { hkdfDerive, deriveKeyFromPrf, deriveKeyWithDomain, isHkdfSupported } from './hkdf';
-export { argon2Derive, argon2DeriveFromBytes, validateKdfParams, isArgon2Supported, verifyPassword, getRecommendedParams, } from './argon2';
-export { argon2DeriveInWorker } from './argon2WorkerClient';
-export { splitSecret, combineShares, verifyShares, getShareIndex, padToLength, SHAMIR_THRESHOLD, SHAMIR_TOTAL, type ShareId, type ShamirSplitResult, } from './shamir';
-export { shareToMnemonic, mnemonicToShare, seedToMnemonic, mnemonicToSeed, isValidMnemonic, isValidWord, getWordSuggestions, generateRandomMnemonic, formatMnemonicForDisplay, parseMnemonicInput, wipeMnemonic, getWordlist, getWordIndex, MNEMONIC_WORD_COUNT, } from './bip39';
-export { isWebAuthnAvailable, isPrfSupported, registerPasskeyWithPrf, authenticateWithPrf, authenticateWithDiscoverablePrf, getEncryptionKeyFromPasskey, isCredentialAvailable, type PasskeyRegistrationResult, type PasskeyAuthResult, } from './webauthnPrf';
-export { deriveKeypairFromSeed, getPublicKeyFromSeed, publicKeyToBase58, base58ToPublicKey, isValidSolanaAddress, type SolanaKeypair, } from './solanaKeypair';
-export { checkCryptoCapabilities, getMissingCapabilitiesMessage, getBrowserSupportInfo, getCryptoCapabilities, clearCapabilityCache, } from './capabilities';

package/dist/crypto/secureWipe.d.ts

@@ -1,71 +0,0 @@
-/**
- * Secure memory wiping utilities
- *
- * Security: JavaScript does not guarantee memory clearing due to GC and
- * JIT optimization. These functions provide best-effort clearing of
- * sensitive data. For truly sensitive operations, consider using
- * WebAssembly with explicit memory management.
- *
- * IMPORTANT - String vs Uint8Array:
- * - Uint8Array CAN be wiped (wipeBytes) - use for keys, seeds, passwords
- * - Strings CANNOT be wiped in JavaScript - they are immutable
- * - Always prefer Uint8Array for sensitive cryptographic material
- *
- * Best practices:
- * - Call wipe functions as soon as sensitive data is no longer needed
- * - Use try/finally blocks to ensure wiping on errors
- * - Keep sensitive data lifetime as short as possible
- * - Convert sensitive strings to Uint8Array immediately, wipe after use
- */
-/**
- * Best-effort wipe of a Uint8Array by zeroing all bytes
- *
- * Warning: JavaScript JIT may optimize away this operation. This provides
- * defense-in-depth but is not a guarantee against memory inspection.
- *
- * @param data - Array to wipe
- */
-export declare function wipeBytes(data: Uint8Array): void;
-/**
- * Wipe multiple byte arrays
- *
- * @param arrays - Arrays to wipe
- */
-export declare function wipeAll(...arrays: (Uint8Array | undefined | null)[]): void;
-/**
- * Execute a function with automatic cleanup of byte arrays
- *
- * @param arrays - Arrays to wipe after function completes
- * @param fn - Function to execute
- * @returns Result of function
- */
-export declare function withSecureCleanup<T>(arrays: Uint8Array[], fn: () => Promise<T>): Promise<T>;
-/**
- * Execute a synchronous function with automatic cleanup of byte arrays
- *
- * @param arrays - Arrays to wipe after function completes
- * @param fn - Function to execute
- * @returns Result of function
- */
-export declare function withSecureCleanupSync<T>(arrays: Uint8Array[], fn: () => T): T;
-/**
- * Create a scoped container for sensitive byte data with automatic cleanup
- *
- * Usage:
- * ```typescript
- * const container = createSecureContainer();
- * try {
- *   const key = container.track(generateKey());
- *   // use key...
- * } finally {
- *   container.wipeAll();
- * }
- * ```
- */
-export declare function createSecureContainer(): SecureContainer;
-export interface SecureContainer {
-    /** Track a byte array for later cleanup */
-    track<T extends Uint8Array>(data: T): T;
-    /** Wipe all tracked arrays */
-    wipeAll(): void;
-}

package/dist/crypto/shamir.d.ts

@@ -1,52 +0,0 @@
-import { Seed, ShamirShare } from './types';
-/** Shamir threshold (minimum shares to reconstruct) */
-export declare const SHAMIR_THRESHOLD = 2;
-/** Total number of shares */
-export declare const SHAMIR_TOTAL = 3;
-/** Share identifiers */
-export type ShareId = 'A' | 'B' | 'C';
-/** Result of splitting a secret into shares */
-export interface ShamirSplitResult {
-    /** Share A (for password encryption) */
-    shareA: ShamirShare;
-    /** Share B (for device PRF encryption) */
-    shareB: ShamirShare;
-    /** Share C (for recovery phrase) */
-    shareC: ShamirShare;
-}
-/**
- * Split a 16-byte seed into 3 shares using Shamir's Secret Sharing
- *
- * @param seed - 16-byte seed to split
- * @returns Three shares (any 2 can reconstruct the seed)
- */
-export declare function splitSecret(seed: Seed): ShamirSplitResult;
-/**
- * Combine 2 shares to reconstruct the original seed
- *
- * @param share1 - First share
- * @param share2 - Second share (must be different from first)
- * @returns Reconstructed 16-byte seed (MAINT-03: fixed from incorrect "32-byte")
- * @throws Error if shares are invalid or cannot reconstruct
- */
-export declare function combineShares(share1: ShamirShare, share2: ShamirShare): Seed;
-/**
- * Verify that shares can successfully reconstruct a seed
- *
- * @param share1 - First share
- * @param share2 - Second share
- * @param expectedSeed - Expected seed after reconstruction
- * @returns true if shares reconstruct to expected seed
- */
-export declare function verifyShares(share1: ShamirShare, share2: ShamirShare, expectedSeed: Seed): boolean;
-/**
- * Extract share index from a share (useful for debugging)
- *
- * @param share - Share to inspect
- * @returns Share index (1-based)
- */
-export declare function getShareIndex(share: ShamirShare): number;
-/**
- * Pad a Uint8Array to a specific length
- */
-export declare function padToLength(data: Uint8Array, targetLength: number): Uint8Array;

package/dist/crypto/solanaKeypair.d.ts

@@ -1,63 +0,0 @@
-import { Seed } from './types';
-/** Solana keypair with public and secret key */
-export interface SolanaKeypair {
-    /** 32-byte Ed25519 public key */
-    publicKey: Uint8Array;
-    /** 64-byte Ed25519 secret key (32-byte expanded seed + 32-byte public key) */
-    secretKey: Uint8Array;
-}
-/**
- * Derive an Ed25519 keypair from a 16-byte seed
- *
- * The 16-byte seed is expanded to 32 bytes using SHA-256, then used for
- * Ed25519 derivation which internally:
- * - Hashes expanded seed with SHA-512
- * - Clamps lower 32 bytes to form scalar
- * - Multiplies by Ed25519 base point
- *
- * @param seed - 16-byte seed (128-bit entropy)
- * @returns Keypair with 32-byte public key and 64-byte secret key
- *
- * @security **CALLER MUST WIPE secretKey AFTER USE**
- * The returned `secretKey` contains sensitive cryptographic material.
- * Callers are responsible for wiping it when no longer needed:
- * ```ts
- * const keypair = deriveKeypairFromSeed(seed);
- * try {
- *   // use keypair.secretKey for signing
- * } finally {
- *   wipeBytes(keypair.secretKey);
- * }
- * ```
- * Failure to wipe may leave key material in memory, vulnerable to memory
- * dump attacks. The internal `expandedSeed` is automatically wiped.
- */
-export declare function deriveKeypairFromSeed(seed: Seed): SolanaKeypair;
-/**
- * Get the public key from a seed without returning the secret key
- *
- * @param seed - 32-byte seed
- * @returns 32-byte Ed25519 public key
- */
-export declare function getPublicKeyFromSeed(seed: Seed): Uint8Array;
-/**
- * Encode a public key as a Base58 Solana address
- *
- * @param publicKey - 32-byte public key
- * @returns Base58-encoded address string
- */
-export declare function publicKeyToBase58(publicKey: Uint8Array): string;
-/**
- * Decode a Base58 Solana address to public key bytes
- *
- * @param address - Base58-encoded address
- * @returns 32-byte public key
- */
-export declare function base58ToPublicKey(address: string): Uint8Array;
-/**
- * Validate a Solana address format
- *
- * @param address - Address string to validate
- * @returns true if valid Base58 and correct length
- */
-export declare function isValidSolanaAddress(address: string): boolean;

package/dist/crypto/types.d.ts

@@ -1,134 +0,0 @@
-/**
- * Cryptographic type definitions for SSS wallet implementation
- *
- * Security: These types define the structure for client-side key material.
- * The server never receives plaintext seeds or derived keys.
- */
-/** 16-byte seed for wallet derivation (128 bits, standard Solana format) */
-export type Seed = Uint8Array & {
-    readonly _brand: 'Seed';
-};
-/** 16-byte Shamir share (128 bits) */
-export type ShamirShare = Uint8Array & {
-    readonly _brand: 'ShamirShare';
-};
-/** 32-byte encryption key */
-export type EncryptionKey = Uint8Array & {
-    readonly _brand: 'EncryptionKey';
-};
-/** 12-byte AES-GCM nonce */
-export type AesNonce = Uint8Array & {
-    readonly _brand: 'AesNonce';
-};
-/** 16+ byte Argon2 salt */
-export type Argon2Salt = Uint8Array & {
-    readonly _brand: 'Argon2Salt';
-};
-/** 32-byte PRF salt */
-export type PrfSalt = Uint8Array & {
-    readonly _brand: 'PrfSalt';
-};
-/** Argon2id KDF parameters (OWASP recommended) */
-export interface KdfParams {
-    /** Memory cost in KiB (default: 19456 = 19 MiB) */
-    mCost: number;
-    /** Time cost / iterations (default: 2) */
-    tCost: number;
-    /** Parallelism (default: 1) */
-    pCost: number;
-}
-/** Default OWASP-recommended Argon2id parameters */
-export declare const DEFAULT_KDF_PARAMS: KdfParams;
-/** Encrypted data with nonce for AES-GCM */
-export interface EncryptedData {
-    /** Base64-encoded ciphertext */
-    ciphertext: string;
-    /** Base64-encoded 12-byte nonce */
-    nonce: string;
-}
-/** Enrollment flow state */
-export type EnrollmentStep = 'idle' | 'generating_seed' | 'splitting_shares' | 'encrypting_shares' | 'registering_passkey' | 'uploading' | 'showing_recovery' | 'complete' | 'error';
-/** Enrollment flow state machine */
-export interface EnrollmentState {
-    step: EnrollmentStep;
-    error?: string;
-    /** BIP-39 mnemonic words (only during showing_recovery step) */
-    recoveryPhrase?: string[];
-    /** Solana public key (after complete) */
-    solanaPubkey?: string;
-}
-/** Recovery flow state */
-export type RecoveryStep = 'idle' | 'entering_phrase' | 'validating' | 'prompting_password' | 'registering_passkey' | 'encrypting' | 'uploading' | 'complete' | 'error';
-/** Recovery flow state machine */
-export interface RecoveryState {
-    step: RecoveryStep;
-    error?: string;
-    /**
-     * New recovery phrase (12 words) shown ONLY on successful completion.
-     * SECURITY: Must be displayed to user immediately and never logged.
-     * User should write down and securely store this phrase.
-     */
-    recoveryPhrase?: string[];
-}
-/** Crypto capability detection results */
-export interface CryptoCapabilities {
-    /** WebCrypto API available */
-    webCrypto: boolean;
-    /** AES-GCM supported */
-    aesGcm: boolean;
-    /** HKDF supported */
-    hkdf: boolean;
-    /** Ed25519 signing supported */
-    ed25519: boolean;
-    /** WebAuthn available */
-    webAuthn: boolean;
-    /** WebAuthn PRF extension supported */
-    webAuthnPrf: boolean;
-    /** Argon2 WASM can be loaded */
-    argon2: boolean;
-    /** All required capabilities available */
-    allSupported: boolean;
-}
-/** Wallet status */
-export type WalletStatus = 'loading' | 'not_enrolled' | 'enrolled_locked' | 'enrolled_unlocked' | 'unlocked' | 'error';
-/** Type guard: verify Seed length (16 bytes) */
-export declare function isSeed(data: Uint8Array): data is Seed;
-/** Type guard: verify ShamirShare is valid
- * CRYPTO-4: Improved validation to check secrets.js format markers.
- * secrets.js produces shares with format: {bits}{id}{data}
- *
- * Note: BIP-39 mnemonic system stores 16-byte entropy without secrets.js
- * metadata, so we also accept exactly 16-byte arrays for compatibility.
- */
-export declare function isShamirShare(data: Uint8Array): data is ShamirShare;
-/** Type guard: verify EncryptionKey length */
-export declare function isEncryptionKey(data: Uint8Array): data is EncryptionKey;
-/** Type guard: verify AesNonce length */
-export declare function isAesNonce(data: Uint8Array): data is AesNonce;
-/** Type guard: verify Argon2Salt length (16+ bytes) */
-export declare function isArgon2Salt(data: Uint8Array): data is Argon2Salt;
-/** Type guard: verify PrfSalt length */
-export declare function isPrfSalt(data: Uint8Array): data is PrfSalt;
-/** Create branded Seed from Uint8Array (throws if invalid) */
-export declare function toSeed(data: Uint8Array): Seed;
-/** Create branded ShamirShare from Uint8Array (throws if invalid) */
-export declare function toShamirShare(data: Uint8Array): ShamirShare;
-/** Create branded EncryptionKey from Uint8Array (throws if invalid) */
-export declare function toEncryptionKey(data: Uint8Array): EncryptionKey;
-/** Create branded AesNonce from Uint8Array (throws if invalid) */
-export declare function toAesNonce(data: Uint8Array): AesNonce;
-/** Create branded Argon2Salt from Uint8Array (throws if invalid) */
-export declare function toArgon2Salt(data: Uint8Array): Argon2Salt;
-/** Create branded PrfSalt from Uint8Array (throws if invalid) */
-export declare function toPrfSalt(data: Uint8Array): PrfSalt;
-/**
- * Cast branded Uint8Array types to BufferSource for Web Crypto API compatibility.
- *
- * Web Crypto APIs (importKey, encrypt, decrypt, etc.) expect BufferSource which only
- * accepts plain Uint8Array with ArrayBuffer (not ArrayBufferLike), not our branded types.
- * This function returns a new Uint8Array backed by a plain ArrayBuffer to satisfy the type.
- *
- * @param data - Any branded Uint8Array type (Seed, EncryptionKey, AesNonce, etc.)
- * @returns BufferSource suitable for Web Crypto APIs
- */
-export declare function toBufferSource<T extends Uint8Array>(data: T): BufferSource;