@cello-protocol/daemon 0.0.3 → 0.0.4

package/dist/session-ceremony.d.ts

@@ -0,0 +1,156 @@
+/**
+ * Session-signing FROST ceremony participation — daemon side (DOD-SPINE-5, increment 3).
+ *
+ * When an initiator's `cello_initiate_session` reaches the directory, the directory
+ * FROST-signs the SessionAssignment by DELEGATING to the initiator: its
+ * `ClientDelegatedSigner.participateInCeremony` sends a `ceremony_request`
+ * {ceremony_id, tbs, context} over the initiator's authenticated signaling stream and
+ * awaits a `ceremony_result` {ceremony_id, signature}. The initiator (coordinator) runs
+ * the FROST ceremony with its share + the directory's K_server_X shares, and replies.
+ *
+ * This wires that handler onto a PER-AGENT signaling stream (the same per-agent routing
+ * SPINE-4 established for registration). It is a faithful port of
+ * core/client `SealManager.handleCeremonyRequest` + `client-startup` signer
+ * reconstruction — the daemon must NOT import the dead core/client stack.
+ *
+ * The threshold signer is reconstructed lazily from the agent's persisted
+ * `frost-share.json` (the daemon holds no FrostThresholdSigner after registration —
+ * the registration-time signer was on the disposed RegistrationContext).
+ */
+import { type LegibilityForHash } from "./seal-legibility-tbs.js";
+import type { IThresholdSigner } from "@cello-protocol/crypto";
+import type { CelloNode } from "@cello-protocol/transport";
+import type { SignalingSeam } from "./registration-context.js";
+import type { Logger } from "./types.js";
+/**
+ * WIRE-002: answer the directory's `session_offer` on a per-agent signaling stream. When an
+ * initiator's session_request names this agent as the target, the directory sends a
+ * `session_offer {session_id}` before it builds the FROST-signed assignment; the agent must
+ * reply `session_offer_accept` advertising its SESSION endpoint (its standing receiver, which
+ * `acceptSession` reuses as the receiver-side session node) so the directory can fold the
+ * counterparty endpoint into the assignment and the initiator can reach it. Without this, the
+ * assignment carries an empty counterparty endpoint and content delivery can never connect.
+ */
+export declare function wireSessionOfferHandler(deps: {
+    agentName: string;
+    getStandingReceiverEndpoint: () => {
+        peerId: string;
+        addrs: string[];
+    } | null;
+    signaling: SignalingSeam;
+    logger: Logger;
+}): () => void;
+export interface CeremonyWiringDeps {
+    agentName: string;
+    /** `${celloDir}/agents/<name>` — holds frost-share.json. */
+    agentDir: string;
+    agentPubkeyHex: string;
+    /** The agent's directory-connected libp2p node (the per-agent signaling node). */
+    getNode: () => CelloNode | null;
+    /** Resolve the directory endpoint to open FROST streams on. */
+    getDirectoryEndpoint: () => Promise<{
+        peerId: string;
+        multiaddr?: string;
+    } | null>;
+    /** The agent's per-agent signaling seam (where ceremony_request arrives + result is sent). */
+    signaling: SignalingSeam;
+    logger: Logger;
+}
+/**
+ * Reconstruct the agent's FROST threshold signer from its persisted share, configured to
+ * drive the ceremony's `/cello/frost/1.0.0` round-trips on the agent's directory node.
+ * Returns null when no share is persisted or the share is unreadable.
+ */
+export declare function reconstructThresholdSigner(deps: CeremonyWiringDeps): Promise<IThresholdSigner | null>;
+/**
+ * Register a `ceremony_request` handler on the agent's signaling seam. On the directory's
+ * delegated-signing request, run the agent's threshold signer's participateInCeremony and
+ * reply with `ceremony_result`. The signer is reconstructed lazily and cached. Returns the
+ * unregister function. SI-001: tbs/signature never logged.
+ */
+/**
+ * DOD-SPINE-7: register a `seal_verified` handler on the agent's signaling seam. After the
+ * directory rebuilds + verifies the bilateral seal's signed Merkle chain (relay-mediated
+ * processSeal FROST path), it sends the SEAL INITIATOR a `seal_verified` {session_id,
+ * sealed_root, leaf_count, timestamp} and waits for the initiator to COORDINATE the seal FROST
+ * ceremony. This handler reconstructs the agent's threshold signer (same machinery as the
+ * session ceremony), runs participateInCeremony over buildSealTbs with context
+ * "cello-frost-seal-v1", and replies `seal_frost_signature` {session_id, frost_signature}. The
+ * directory's #processSealFrostSignature then completes notarization and delivers
+ * `session_sealed` (the byte-identical sealed_root) to both parties.
+ *
+ * Faithful port of core/client `SealManager.handleSealVerified` (the dead stack); the daemon
+ * must NOT import that stack. SI-001: tbs/signature never logged.
+ */
+export declare function wireSealCeremonyHandler(deps: CeremonyWiringDeps): () => void;
+/**
+ * SESSION-002 (DOD-SEAL-3): verify a unilateral seal certificate WITHOUT trusting the
+ * channel. Rebuilds the canonical seal TBS from the cert fields and verifies the signature
+ * against a key trusted independently of the delivering frame: the session primary_pubkey
+ * (commitments[0] of this agent's FROST share) for 'frost'. A channel-swapped sealed_root
+ * (or any TBS-bound field) fails this check (SI-003). The 'single' (pre-DKG) variant verifies
+ * against the directory node key from the consortium manifest — not yet wired on the daemon;
+ * surfaced honestly rather than accepted on faith.
+ */
+export declare function verifyUnilateralCertificate(deps: {
+    agentDir: string;
+    agentPubkeyHex: string;
+    logger: Logger;
+}, cert: {
+    sessionId: Uint8Array;
+    sealedRoot: Uint8Array;
+    leafCount: number;
+    closeTimestamp: number;
+    frostSignature: Uint8Array;
+    signatureType: "frost" | "single";
+}): Promise<{
+    ok: true;
+} | {
+    ok: false;
+    reason: string;
+}>;
+/**
+ * M7 legibility-TBS-binding: verify a BILATERAL session_sealed certificate's signature over the
+ * legibility-bound TBS, channel-independently.
+ *
+ * KEY STRUCTURE (why this is asymmetric): the seal's FROST signature is produced by the
+ * INITIATOR's group key (commitments[0] of the initiator's DKG share) + the directory's K_server
+ * shares. So only the INITIATOR holds the verification key locally — it loads its OWN primary from
+ * its share and checks `signer_pubkey === own primary`, then verifies the FROST signature over
+ * `buildSealTbs ‖ legibilityHash`. A tampered legibility (answered / content_frontier_seq /
+ * attestation_mode — carried unsigned on the frame) changes the hash → the signature fails → REJECT.
+ *
+ * The NON-INITIATOR (the responder B) does NOT hold the initiator's group key, so it cannot
+ * channel-independently verify here — it ACCEPTS (`verified:false`). This is sound for the LIVE
+ * path: session_sealed arrives over the daemon↔directory libp2p Noise channel (authenticated +
+ * encrypted), so it is not MITM-tamperable in transit. The binding's primary value is OUT-OF-BAND:
+ * any holder of the initiator's primary (an arbitrator) can verify an exported cert's legibility.
+ * Giving the responder the initiator's primary via the FROST-signed session establishment (so it,
+ * too, can verify locally) is a follow-on.
+ *
+ * `legibility` MUST be the AS-RECEIVED wire object (not a normalised copy) — the directory signed
+ * over the canonical hash of exactly what it sent.
+ */
+export declare function verifyBilateralSealCertificate(deps: {
+    agentDir: string;
+    agentPubkeyHex: string;
+    logger: Logger;
+    counterpartyPrimaryHex?: string | null;
+}, cert: {
+    sessionId: Uint8Array;
+    sealedRoot: Uint8Array;
+    leafCount: number;
+    closeTimestamp: number;
+    frostSignature: Uint8Array;
+    signerPubkey: Uint8Array;
+    signatureType: "frost" | "single";
+    legibility: LegibilityForHash | null;
+}): Promise<{
+    ok: true;
+    verified: boolean;
+} | {
+    ok: false;
+    reason: string;
+}>;
+export declare function wireSessionCeremonyHandler(deps: CeremonyWiringDeps): () => void;
+//# sourceMappingURL=session-ceremony.d.ts.map

package/dist/session-ceremony.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-ceremony.d.ts","sourceRoot":"","sources":["../src/session-ceremony.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAIH,OAAO,EAAuB,KAAK,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAIvF,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE/D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAG3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,YAAY,CAAC;AAEzC;;;;;;;;GAQG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B,EAAE,MAAM;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC;IAC9E,SAAS,EAAE,aAAa,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;CAChB,GAAG,MAAM,IAAI,CAkCb;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,4DAA4D;IAC5D,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,kFAAkF;IAClF,OAAO,EAAE,MAAM,SAAS,GAAG,IAAI,CAAC;IAChC,+DAA+D;IAC/D,oBAAoB,EAAE,MAAM,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;IACnF,8FAA8F;IAC9F,SAAS,EAAE,aAAa,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,wBAAsB,0BAA0B,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAkE3G;AAED;;;;;GAKG;AACH;;;;;;;;;;;;;GAaG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,kBAAkB,GAAG,MAAM,IAAI,CAmH5E;AAED;;;;;;;;GAQG;AACH,wBAAsB,2BAA2B,CAC/C,IAAI,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,EAClE,IAAI,EAAE;IACJ,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,OAAO,GAAG,QAAQ,CAAC;CACnC,GACA,OAAO,CAAC;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CA+BvD;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,8BAA8B,CAClD,IAAI,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,sBAAsB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,EAC1G,IAAI,EAAE;IACJ,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,UAAU,CAAC;IAC3B,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,EAAE,OAAO,GAAG,QAAQ,CAAC;IAClC,UAAU,EAAE,iBAAiB,GAAG,IAAI,CAAC;CACtC,GACA,OAAO,CAAC;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,OAAO,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CA2C1E;AAED,wBAAgB,0BAA0B,CAAC,IAAI,EAAE,kBAAkB,GAAG,MAAM,IAAI,CA+D/E"}

package/dist/session-ceremony.js

@@ -0,0 +1,447 @@
+/**
+ * Session-signing FROST ceremony participation — daemon side (DOD-SPINE-5, increment 3).
+ *
+ * When an initiator's `cello_initiate_session` reaches the directory, the directory
+ * FROST-signs the SessionAssignment by DELEGATING to the initiator: its
+ * `ClientDelegatedSigner.participateInCeremony` sends a `ceremony_request`
+ * {ceremony_id, tbs, context} over the initiator's authenticated signaling stream and
+ * awaits a `ceremony_result` {ceremony_id, signature}. The initiator (coordinator) runs
+ * the FROST ceremony with its share + the directory's K_server_X shares, and replies.
+ *
+ * This wires that handler onto a PER-AGENT signaling stream (the same per-agent routing
+ * SPINE-4 established for registration). It is a faithful port of
+ * core/client `SealManager.handleCeremonyRequest` + `client-startup` signer
+ * reconstruction — the daemon must NOT import the dead core/client stack.
+ *
+ * The threshold signer is reconstructed lazily from the agent's persisted
+ * `frost-share.json` (the daemon holds no FrostThresholdSigner after registration —
+ * the registration-time signer was on the disposed RegistrationContext).
+ */
+import { decode } from "cbor-x";
+import { buildSealTbs } from "@cello-protocol/protocol-types";
+import { bindLegibilityToTbs } from "./seal-legibility-tbs.js";
+import { reDeriveFrontiers, findInflatedFrontier } from "./seal-frontier-verify.js";
+import { FrostThresholdSigner } from "@cello-protocol/crypto";
+import { storeDkgResult } from "@cello-protocol/crypto/frost/frost-threshold-signer.js";
+import { NetworkDirectoryNode } from "./network-directory-node.js";
+import { FileRegistrationPersistence } from "./registration-persistence.js";
+/**
+ * WIRE-002: answer the directory's `session_offer` on a per-agent signaling stream. When an
+ * initiator's session_request names this agent as the target, the directory sends a
+ * `session_offer {session_id}` before it builds the FROST-signed assignment; the agent must
+ * reply `session_offer_accept` advertising its SESSION endpoint (its standing receiver, which
+ * `acceptSession` reuses as the receiver-side session node) so the directory can fold the
+ * counterparty endpoint into the assignment and the initiator can reach it. Without this, the
+ * assignment carries an empty counterparty endpoint and content delivery can never connect.
+ */
+export function wireSessionOfferHandler(deps) {
+    return deps.signaling.registerInboundHandler((frame) => {
+        if (frame["type"] !== "session_offer")
+            return;
+        void (async () => {
+            const sidRaw = frame["session_id"];
+            const sessionId = sidRaw instanceof Uint8Array ? sidRaw : Buffer.isBuffer(sidRaw) ? new Uint8Array(sidRaw) : null;
+            if (!sessionId) {
+                deps.logger.warn("session.offer.abort", { agentName: deps.agentName, reason: "no_session_id" });
+                return;
+            }
+            const sr = deps.getStandingReceiverEndpoint();
+            if (!sr) {
+                deps.logger.warn("session.offer.abort", { agentName: deps.agentName, reason: "standing_receiver_unavailable" });
+                return;
+            }
+            try {
+                await deps.signaling.sendRaw({
+                    type: "session_offer_accept",
+                    session_id: sessionId,
+                    counterparty_session_peer_id: sr.peerId,
+                    counterparty_session_addrs: sr.addrs,
+                });
+                deps.logger.info("session.offer.accepted", {
+                    agentName: deps.agentName,
+                    sessionPeerId: sr.peerId,
+                });
+            }
+            catch (err) {
+                deps.logger.warn("session.offer.accept.failed", {
+                    agentName: deps.agentName,
+                    detail: err instanceof Error ? err.message : String(err),
+                });
+            }
+        })();
+    });
+}
+/**
+ * Reconstruct the agent's FROST threshold signer from its persisted share, configured to
+ * drive the ceremony's `/cello/frost/1.0.0` round-trips on the agent's directory node.
+ * Returns null when no share is persisted or the share is unreadable.
+ */
+export async function reconstructThresholdSigner(deps) {
+    const persistence = new FileRegistrationPersistence({ agentDir: deps.agentDir, logger: deps.logger });
+    const share = await persistence.loadActiveFrostKeyShare();
+    if (!share)
+        return null;
+    const frostSecret = { identifier: share.identifier, signingShare: new Uint8Array(share.signingShare) };
+    let commitments = [];
+    const verifyingShares = {};
+    try {
+        const dc = decode(Buffer.from(share.commitmentsCbor));
+        if (Array.isArray(dc)) {
+            commitments = dc.map((c) => c instanceof Uint8Array ? c : Buffer.isBuffer(c) ? new Uint8Array(c) : new Uint8Array(0));
+        }
+        const dvs = decode(Buffer.from(share.verifyingSharesCbor));
+        if (dvs && typeof dvs === "object" && !Array.isArray(dvs)) {
+            for (const [k, v] of Object.entries(dvs)) {
+                verifyingShares[k] = v instanceof Uint8Array ? v : Buffer.isBuffer(v) ? new Uint8Array(v) : new Uint8Array(0);
+            }
+        }
+    }
+    catch (err) {
+        deps.logger.error("session.ceremony.share.load.failed", {
+            agentName: deps.agentName,
+            reason: "cbor_deserialize_failed",
+            detail: err instanceof Error ? err.message : String(err),
+        });
+        return null;
+    }
+    const frostPublic = { signers: { min: share.threshold, max: share.participants + 1 }, commitments, verifyingShares };
+    try {
+        // SI-001: storeDkgResult does not log the secret. Cast via the function's own param
+        // types (the daemon has no direct @noble/curves dependency).
+        storeDkgResult(deps.agentPubkeyHex, frostSecret, frostPublic);
+    }
+    catch (err) {
+        deps.logger.error("session.ceremony.share.load.failed", {
+            agentName: deps.agentName,
+            reason: "storeDkgResult_failed",
+            detail: err instanceof Error ? err.message : String(err),
+        });
+        return null;
+    }
+    let directoryNodeStubs;
+    const ep = await deps.getDirectoryEndpoint();
+    const node = deps.getNode();
+    if (ep && ep.multiaddr && node) {
+        const stub = new NetworkDirectoryNode({
+            id: ep.peerId,
+            node,
+            directoryPeerId: ep.peerId,
+            directoryMultiaddrs: [ep.multiaddr],
+            logger: deps.logger,
+        });
+        stub.setBootstrapContext(deps.agentPubkeyHex, `${deps.agentPubkeyHex}:epoch:1`);
+        directoryNodeStubs = [stub];
+    }
+    return new FrostThresholdSigner({ threshold: share.threshold, participants: share.participants, directoryNodeStubs }, Buffer.from(deps.agentPubkeyHex, "hex"));
+}
+/**
+ * Register a `ceremony_request` handler on the agent's signaling seam. On the directory's
+ * delegated-signing request, run the agent's threshold signer's participateInCeremony and
+ * reply with `ceremony_result`. The signer is reconstructed lazily and cached. Returns the
+ * unregister function. SI-001: tbs/signature never logged.
+ */
+/**
+ * DOD-SPINE-7: register a `seal_verified` handler on the agent's signaling seam. After the
+ * directory rebuilds + verifies the bilateral seal's signed Merkle chain (relay-mediated
+ * processSeal FROST path), it sends the SEAL INITIATOR a `seal_verified` {session_id,
+ * sealed_root, leaf_count, timestamp} and waits for the initiator to COORDINATE the seal FROST
+ * ceremony. This handler reconstructs the agent's threshold signer (same machinery as the
+ * session ceremony), runs participateInCeremony over buildSealTbs with context
+ * "cello-frost-seal-v1", and replies `seal_frost_signature` {session_id, frost_signature}. The
+ * directory's #processSealFrostSignature then completes notarization and delivers
+ * `session_sealed` (the byte-identical sealed_root) to both parties.
+ *
+ * Faithful port of core/client `SealManager.handleSealVerified` (the dead stack); the daemon
+ * must NOT import that stack. SI-001: tbs/signature never logged.
+ */
+export function wireSealCeremonyHandler(deps) {
+    return deps.signaling.registerInboundHandler((frame) => {
+        if (frame["type"] !== "seal_verified")
+            return;
+        void (async () => {
+            const toU8 = (v) => v instanceof Uint8Array ? v : Buffer.isBuffer(v) ? new Uint8Array(v) : null;
+            const sessionId = toU8(frame["session_id"]);
+            const sealedRoot = toU8(frame["sealed_root"]);
+            const leafCountRaw = frame["leaf_count"];
+            const leafCount = typeof leafCountRaw === "number" ? leafCountRaw : null;
+            const tsRaw = frame["timestamp"];
+            const timestamp = typeof tsRaw === "number" ? tsRaw : typeof tsRaw === "bigint" ? Number(tsRaw) : null;
+            if (!sessionId || !sealedRoot || leafCount === null || timestamp === null) {
+                deps.logger.warn("session.seal.ceremony.abort", {
+                    agentName: deps.agentName,
+                    reason: !sessionId ? "no_session_id" : !sealedRoot ? "no_sealed_root" : leafCount === null ? "no_leaf_count" : "no_timestamp",
+                });
+                return;
+            }
+            const sidHex = Buffer.from(sessionId).toString("hex");
+            // Reconstruct a FRESH signer per ceremony (same rationale as the session ceremony:
+            // fresh directory endpoint, no shared FROST state across concurrent ceremonies).
+            const signer = await reconstructThresholdSigner(deps);
+            if (!signer) {
+                deps.logger.warn("session.seal.ceremony.abort", { agentName: deps.agentName, sessionId: sidHex, reason: "no_signer" });
+                return;
+            }
+            // M7 legibility-TBS-binding: when the directory's seal_verified carries `legibility` (the
+            // bilateral seal), fold its canonical hash into the TBS we co-sign — so the FROST signature
+            // covers the legibility and a MITM cannot tamper answered/frontier/attestation_mode in
+            // transit. The directory binds the IDENTICAL hash (it built the TBS it verifies against);
+            // the receiving client re-binds and verifies. Unilateral seal_verified carries no legibility
+            // → plain TBS (bindLegibilityToTbs is a no-op), matching the directory's unilateral TBS.
+            const legibility = frame["legibility"];
+            const legForHash = legibility && typeof legibility === "object" ? legibility : null;
+            // DOD-LEG-2 (SI-002): the INITIATOR must not co-sign an inflated certificate — otherwise a
+            // validly-FROST-signed inflated cert would exist as a durable artifact. Re-derive each party's
+            // content_frontier_seq from the signed leaves the directory ships on seal_verified and ABORT
+            // the ceremony (no signature) if any published frontier is inflated. Same logic the receiver
+            // applies at session_sealed; doing it here means a lying directory gets NO signature at all.
+            const wireParts = legForHash && Array.isArray(legForHash.participants)
+                ? (legForHash.participants)
+                : null;
+            if (wireParts) {
+                // Wire pubkeys are Uint8Array; normalise to hex for comparison with the re-derived map.
+                const parts = wireParts.map((p) => ({
+                    pubkey: p.pubkey instanceof Uint8Array
+                        ? Buffer.from(p.pubkey).toString("hex")
+                        : (typeof p.pubkey === "string" ? p.pubkey : null),
+                    content_frontier_seq: typeof p.content_frontier_seq === "number" ? p.content_frontier_seq : null,
+                }));
+                const malformed = parts.some((p) => p.pubkey === null || p.content_frontier_seq === null);
+                const anyClaimed = parts.some((p) => (p.content_frontier_seq ?? 0) > 0);
+                const flRaw = frame["frontier_leaves"];
+                const haveLeaves = Array.isArray(flRaw) && flRaw.length > 0;
+                if (malformed || (anyClaimed && !haveLeaves)) {
+                    deps.logger.warn("session.seal.ceremony.abort", {
+                        agentName: deps.agentName, sessionId: sidHex,
+                        reason: malformed ? "frontier_participant_malformed" : "frontier_leaves_missing",
+                    });
+                    return;
+                }
+                if (haveLeaves) {
+                    const toLeaf = (v) => (v instanceof Uint8Array ? v : new Uint8Array(v));
+                    const leaves = flRaw.map((l) => {
+                        const o = l;
+                        return { structure1_cbor: toLeaf(o["structure1_cbor"]), sender_pubkey: toLeaf(o["sender_pubkey"]), sender_signature: toLeaf(o["sender_signature"]) };
+                    });
+                    const rederived = reDeriveFrontiers(leaves, sessionId);
+                    const inflated = rederived.ok
+                        ? findInflatedFrontier(parts, rederived.frontiers)
+                        : null;
+                    if (!rederived.ok || inflated) {
+                        deps.logger.warn("session.seal.ceremony.abort", {
+                            agentName: deps.agentName, sessionId: sidHex,
+                            reason: rederived.ok ? "frontier_unverifiable" : rederived.reason,
+                            ...(inflated ? { party: inflated.party, publishedFrontier: inflated.publishedFrontier, derivedFrontier: inflated.derivedFrontier } : {}),
+                        });
+                        return; // refuse to co-sign — the directory gets no signature for an inflated cert
+                    }
+                }
+            }
+            const tbs = bindLegibilityToTbs(buildSealTbs(sessionId, sealedRoot, leafCount, timestamp), legForHash);
+            let frostSignature = null;
+            try {
+                // The initiator COORDINATES the seal FROST ceremony (its signer drives the
+                // /cello/frost round-trips with the directory's K_server shares via directoryNodeStubs).
+                const result = await signer.participateInCeremony(`seal:${sidHex}`, tbs, "cello-frost-seal-v1");
+                frostSignature = result.ok ? new Uint8Array(result.signature) : null;
+                deps.logger.info("session.seal.ceremony.participated", { agentName: deps.agentName, sessionId: sidHex, ok: result.ok });
+            }
+            catch (err) {
+                deps.logger.warn("session.seal.ceremony.failed", {
+                    agentName: deps.agentName,
+                    sessionId: sidHex,
+                    detail: err instanceof Error ? err.message : String(err),
+                });
+                return;
+            }
+            if (!frostSignature)
+                return; // ceremony failed (threshold not met) — no signature to send
+            try {
+                await deps.signaling.sendRaw({ type: "seal_frost_signature", session_id: sessionId, frost_signature: frostSignature });
+                deps.logger.info("session.seal.frost.signature.sent", { agentName: deps.agentName, sessionId: sidHex });
+            }
+            catch (err) {
+                deps.logger.warn("session.seal.frost.signature.send.failed", {
+                    agentName: deps.agentName,
+                    sessionId: sidHex,
+                    detail: err instanceof Error ? err.message : String(err),
+                });
+            }
+        })();
+    });
+}
+/**
+ * SESSION-002 (DOD-SEAL-3): verify a unilateral seal certificate WITHOUT trusting the
+ * channel. Rebuilds the canonical seal TBS from the cert fields and verifies the signature
+ * against a key trusted independently of the delivering frame: the session primary_pubkey
+ * (commitments[0] of this agent's FROST share) for 'frost'. A channel-swapped sealed_root
+ * (or any TBS-bound field) fails this check (SI-003). The 'single' (pre-DKG) variant verifies
+ * against the directory node key from the consortium manifest — not yet wired on the daemon;
+ * surfaced honestly rather than accepted on faith.
+ */
+export async function verifyUnilateralCertificate(deps, cert) {
+    const tbs = buildSealTbs(cert.sessionId, cert.sealedRoot, cert.leafCount, cert.closeTimestamp);
+    if (cert.signatureType !== "frost") {
+        // 'single' (pre-DKG) — verify vs the directory node key from the manifest. Not wired yet.
+        return { ok: false, reason: "single_key_verification_unsupported" };
+    }
+    const persistence = new FileRegistrationPersistence({ agentDir: deps.agentDir, logger: deps.logger });
+    const share = await persistence.loadActiveFrostKeyShare();
+    if (!share)
+        return { ok: false, reason: "no_frost_share" };
+    let primaryPubkey = null;
+    try {
+        const dc = decode(Buffer.from(share.commitmentsCbor));
+        if (Array.isArray(dc) && dc.length > 0) {
+            const c0 = dc[0];
+            primaryPubkey = c0 instanceof Uint8Array ? c0 : Buffer.isBuffer(c0) ? new Uint8Array(c0) : null;
+        }
+    }
+    catch (err) {
+        deps.logger.warn("session.unilateral.certificate.share.decode.failed", {
+            agentPubkey: deps.agentPubkeyHex,
+            detail: err instanceof Error ? err.message : String(err),
+        });
+        return { ok: false, reason: "share_decode_failed" };
+    }
+    if (!primaryPubkey || primaryPubkey.length !== 32)
+        return { ok: false, reason: "no_primary_pubkey" };
+    const verifier = new FrostThresholdSigner({ threshold: 1, participants: 1 }, Buffer.from(deps.agentPubkeyHex, "hex"));
+    const valid = verifier.verifySignature(cert.frostSignature, tbs, "cello-frost-seal-v1", primaryPubkey);
+    return valid ? { ok: true } : { ok: false, reason: "signature_invalid" };
+}
+/**
+ * M7 legibility-TBS-binding: verify a BILATERAL session_sealed certificate's signature over the
+ * legibility-bound TBS, channel-independently.
+ *
+ * KEY STRUCTURE (why this is asymmetric): the seal's FROST signature is produced by the
+ * INITIATOR's group key (commitments[0] of the initiator's DKG share) + the directory's K_server
+ * shares. So only the INITIATOR holds the verification key locally — it loads its OWN primary from
+ * its share and checks `signer_pubkey === own primary`, then verifies the FROST signature over
+ * `buildSealTbs ‖ legibilityHash`. A tampered legibility (answered / content_frontier_seq /
+ * attestation_mode — carried unsigned on the frame) changes the hash → the signature fails → REJECT.
+ *
+ * The NON-INITIATOR (the responder B) does NOT hold the initiator's group key, so it cannot
+ * channel-independently verify here — it ACCEPTS (`verified:false`). This is sound for the LIVE
+ * path: session_sealed arrives over the daemon↔directory libp2p Noise channel (authenticated +
+ * encrypted), so it is not MITM-tamperable in transit. The binding's primary value is OUT-OF-BAND:
+ * any holder of the initiator's primary (an arbitrator) can verify an exported cert's legibility.
+ * Giving the responder the initiator's primary via the FROST-signed session establishment (so it,
+ * too, can verify locally) is a follow-on.
+ *
+ * `legibility` MUST be the AS-RECEIVED wire object (not a normalised copy) — the directory signed
+ * over the canonical hash of exactly what it sent.
+ */
+export async function verifyBilateralSealCertificate(deps, cert) {
+    if (cert.signatureType !== "frost")
+        return { ok: true, verified: false };
+    if (cert.signerPubkey.length !== 32)
+        return { ok: false, reason: "no_signer_pubkey" };
+    const signerHex = Buffer.from(cert.signerPubkey).toString("hex");
+    const persistence = new FileRegistrationPersistence({ agentDir: deps.agentDir, logger: deps.logger });
+    const share = await persistence.loadActiveFrostKeyShare();
+    if (!share)
+        return { ok: true, verified: false }; // no share to verify with — accept (Noise-delivered)
+    let ownPrimary = null;
+    try {
+        const dc = decode(Buffer.from(share.commitmentsCbor));
+        if (Array.isArray(dc) && dc.length > 0) {
+            const c0 = dc[0];
+            ownPrimary = c0 instanceof Uint8Array ? c0 : Buffer.isBuffer(c0) ? new Uint8Array(c0) : null;
+        }
+    }
+    catch {
+        return { ok: true, verified: false };
+    }
+    if (!ownPrimary || ownPrimary.length !== 32)
+        return { ok: true, verified: false };
+    // The seal is signed by the INITIATOR's primary (group) key. This party can verify against a
+    // key it holds independently: its OWN primary (when it is the initiator) or the counterparty's
+    // primary from the FROST-signed SessionAssignment (when it is the responder). SI-003: the signer
+    // must be one of these — never a key supplied only by the (untrusted) cert frame.
+    const cpHex = deps.counterpartyPrimaryHex ?? null;
+    if (signerHex === Buffer.from(ownPrimary).toString("hex")) {
+        // initiator path — verify against own primary.
+    }
+    else if (cpHex && signerHex === cpHex.toLowerCase()) {
+        // responder path — verify against the known counterparty primary.
+    }
+    else if (cpHex) {
+        // We know the counterparty primary and the signer is NEITHER participant → unknown signer.
+        return { ok: false, reason: "signer_not_a_session_participant" };
+    }
+    else {
+        // We do not hold the signer's key (no counterparty primary recorded) → cannot verify; accept
+        // (the live frame arrived over the authenticated Noise channel; the binding aids out-of-band).
+        return { ok: true, verified: false };
+    }
+    const tbs = bindLegibilityToTbs(buildSealTbs(cert.sessionId, cert.sealedRoot, cert.leafCount, cert.closeTimestamp), cert.legibility);
+    const verifier = new FrostThresholdSigner({ threshold: 1, participants: 1 }, Buffer.from(deps.agentPubkeyHex, "hex"));
+    const valid = verifier.verifySignature(cert.frostSignature, tbs, "cello-frost-seal-v1", cert.signerPubkey);
+    return valid ? { ok: true, verified: true } : { ok: false, reason: "signature_invalid" };
+}
+export function wireSessionCeremonyHandler(deps) {
+    return deps.signaling.registerInboundHandler((frame) => {
+        if (frame["type"] !== "ceremony_request")
+            return;
+        void (async () => {
+            const ceremonyId = typeof frame["ceremony_id"] === "string" ? frame["ceremony_id"] : undefined;
+            const tbsRaw = frame["tbs"];
+            const tbs = tbsRaw instanceof Uint8Array ? tbsRaw : Buffer.isBuffer(tbsRaw) ? new Uint8Array(tbsRaw) : null;
+            const context = typeof frame["context"] === "string" ? frame["context"] : undefined;
+            // L3: the reply send is best-effort — a throw here must not become an unhandled
+            // rejection in this fire-and-forget handler.
+            const reply = async (signature) => {
+                if (!ceremonyId)
+                    return;
+                try {
+                    await deps.signaling.sendRaw({ type: "ceremony_result", ceremony_id: ceremonyId, signature });
+                }
+                catch (err) {
+                    deps.logger.warn("session.ceremony.reply.failed", {
+                        agentName: deps.agentName,
+                        detail: err instanceof Error ? err.message : String(err),
+                    });
+                }
+            };
+            // L1: a request with no addressable ceremony_id cannot be replied to (the reply is
+            // keyed by it) — log and drop rather than send an unkeyed result.
+            if (!ceremonyId) {
+                deps.logger.warn("session.ceremony.abort", { agentName: deps.agentName, reason: "no_ceremony_id" });
+                return;
+            }
+            if (!tbs || !context) {
+                deps.logger.warn("session.ceremony.abort", { agentName: deps.agentName, reason: !tbs ? "no_tbs" : "no_context" });
+                await reply(null);
+                return;
+            }
+            // H1 / M1 / concurrency: reconstruct a FRESH signer (fresh directory endpoint +
+            // NetworkDirectoryNode) PER ceremony. No caching — so signaling reconnecting to a
+            // different directory node is picked up, a transient reconstruction failure retries
+            // on the next request, and concurrent ceremonies never share one signer's FROST
+            // state. (storeDkgResult is idempotent for the same share; reconstruction is cheap.)
+            const signer = await reconstructThresholdSigner(deps);
+            if (!signer) {
+                deps.logger.warn("session.ceremony.abort", { agentName: deps.agentName, reason: "no_signer" });
+                await reply(null);
+                return;
+            }
+            try {
+                const result = await signer.participateInCeremony(ceremonyId, tbs, context);
+                deps.logger.info("session.ceremony.participated", {
+                    agentName: deps.agentName,
+                    ceremonyId: ceremonyId.slice(0, 16),
+                    ok: result.ok,
+                });
+                await reply(result.ok ? new Uint8Array(result.signature) : null);
+            }
+            catch (err) {
+                deps.logger.warn("session.ceremony.failed", {
+                    agentName: deps.agentName,
+                    detail: err instanceof Error ? err.message : String(err),
+                });
+                await reply(null);
+            }
+        })();
+    });
+}
+//# sourceMappingURL=session-ceremony.js.map

package/dist/session-ceremony.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-ceremony.js","sourceRoot":"","sources":["../src/session-ceremony.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAC9D,OAAO,EAAE,mBAAmB,EAA0B,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,oBAAoB,EAAyB,MAAM,2BAA2B,CAAC;AAC3G,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wDAAwD,CAAC;AAIxF,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAI5E;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAKvC;IACC,OAAO,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC,KAAK,EAAE,EAAE;QACrD,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,eAAe;YAAE,OAAO;QAC9C,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;YACnC,MAAM,SAAS,GAAG,MAAM,YAAY,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,MAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YAC5H,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CAAC;gBAChG,OAAO;YACT,CAAC;YACD,MAAM,EAAE,GAAG,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAC9C,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,+BAA+B,EAAE,CAAC,CAAC;gBAChH,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;oBAC3B,IAAI,EAAE,sBAAsB;oBAC5B,UAAU,EAAE,SAAS;oBACrB,4BAA4B,EAAE,EAAE,CAAC,MAAM;oBACvC,0BAA0B,EAAE,EAAE,CAAC,KAAK;iBACrC,CAAC,CAAC;gBACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;oBACzC,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,aAAa,EAAE,EAAE,CAAC,MAAM;iBACzB,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;oBAC9C,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;iBACzD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;IACP,CAAC,CAAC,CAAC;AACL,CAAC;AAgBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,IAAwB;IACvE,MAAM,WAAW,GAAG,IAAI,2BAA2B,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;IAC1D,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,MAAM,WAAW,GAAG,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,YAAY,EAAE,IAAI,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;IACvG,IAAI,WAAW,GAAiB,EAAE,CAAC;IACnC,MAAM,eAAe,GAA+B,EAAE,CAAC;IACvD,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAY,CAAC;QACjE,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;YACtB,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACzB,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAW,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CACnG,CAAC;QACJ,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAY,CAAC;QACtE,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1D,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;gBACpE,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAW,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;YAC1H,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;YACtD,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,yBAAyB;YACjC,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACzD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,EAAE,OAAO,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,CAAC,YAAY,GAAG,CAAC,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IACrH,IAAI,CAAC;QACH,oFAAoF;QACpF,6DAA6D;QAC7D,cAAc,CACZ,IAAI,CAAC,cAAc,EACnB,WAA8D,EAC9D,WAA8D,CAC/D,CAAC;IACJ,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;YACtD,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,uBAAuB;YAC/B,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACzD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,kBAAsD,CAAC;IAC3D,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;IAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;IAC5B,IAAI,EAAE,IAAI,EAAE,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,IAAI,oBAAoB,CAAC;YACpC,EAAE,EAAE,EAAE,CAAC,MAAM;YACb,IAAI;YACJ,eAAe,EAAE,EAAE,CAAC,MAAM;YAC1B,mBAAmB,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC;YACnC,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC,CAAC;QACH,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,cAAc,EAAE,GAAG,IAAI,CAAC,cAAc,UAAU,CAAC,CAAC;QAChF,kBAAkB,GAAG,CAAC,IAAI,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,IAAI,oBAAoB,CAC7B,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE,kBAAkB,EAAE,EACpF,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,CACxC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAwB;IAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC,KAAK,EAAE,EAAE;QACrD,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,eAAe;YAAE,OAAO;QAC9C,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,MAAM,IAAI,GAAG,CAAC,CAAU,EAAqB,EAAE,CAC7C,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACxF,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;YAC9C,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;YACzC,MAAM,SAAS,GAAG,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;YACzE,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACvG,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;oBAC9C,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,cAAc;iBAC9H,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAEtD,mFAAmF;YACnF,iFAAiF;YACjF,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC,IAAI,CAAC,CAAC;YACtD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;gBACvH,OAAO;YACT,CAAC;YACD,0FAA0F;YAC1F,4FAA4F;YAC5F,uFAAuF;YACvF,0FAA0F;YAC1F,6FAA6F;YAC7F,yFAAyF;YACzF,MAAM,UAAU,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;YACvC,MAAM,UAAU,GAAG,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAE,UAAgC,CAAC,CAAC,CAAC,IAAI,CAAC;YAE3G,2FAA2F;YAC3F,+FAA+F;YAC/F,6FAA6F;YAC7F,6FAA6F;YAC7F,6FAA6F;YAC7F,MAAM,SAAS,GAAG,UAAU,IAAI,KAAK,CAAC,OAAO,CAAE,UAAyC,CAAC,YAAY,CAAC;gBACpG,CAAC,CAAC,CAAE,UAA4F,CAAC,YAAY,CAAC;gBAC9G,CAAC,CAAC,IAAI,CAAC;YACT,IAAI,SAAS,EAAE,CAAC;gBACd,wFAAwF;gBACxF,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAClC,MAAM,EAAE,CAAC,CAAC,MAAM,YAAY,UAAU;wBACpC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;wBACvC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;oBACpD,oBAAoB,EAAE,OAAO,CAAC,CAAC,oBAAoB,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI;iBACjG,CAAC,CAAC,CAAC;gBACJ,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,oBAAoB,KAAK,IAAI,CAAC,CAAC;gBAC1F,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,oBAAoB,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACxE,MAAM,KAAK,GAAG,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBACvC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC5D,IAAI,SAAS,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;wBAC9C,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM;wBAC5C,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,gCAAgC,CAAC,CAAC,CAAC,yBAAyB;qBACjF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,CAAC,CAAU,EAAc,EAAE,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAsB,CAAC,CAAC,CAAC;oBAClH,MAAM,MAAM,GAAwB,KAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;wBAChE,MAAM,CAAC,GAAG,CAA4B,CAAC;wBACvC,OAAO,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC;oBACvJ,CAAC,CAAC,CAAC;oBACH,MAAM,SAAS,GAAG,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;oBACvD,MAAM,QAAQ,GAAG,SAAS,CAAC,EAAE;wBAC3B,CAAC,CAAC,oBAAoB,CAAC,KAAgE,EAAE,SAAS,CAAC,SAAS,CAAC;wBAC7G,CAAC,CAAC,IAAI,CAAC;oBACT,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,QAAQ,EAAE,CAAC;wBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;4BAC9C,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM;4BAC5C,MAAM,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM;4BACjE,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,EAAE,eAAe,EAAE,QAAQ,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;yBACzI,CAAC,CAAC;wBACH,OAAO,CAAC,2EAA2E;oBACrF,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,GAAG,GAAG,mBAAmB,CAAC,YAAY,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,CAAC,EAAE,UAAU,CAAC,CAAC;YACvG,IAAI,cAAc,GAAsB,IAAI,CAAC;YAC7C,IAAI,CAAC;gBACH,2EAA2E;gBAC3E,yFAAyF;gBACzF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,QAAQ,MAAM,EAAE,EAAE,GAAG,EAAE,qBAAqC,CAAC,CAAC;gBAChH,cAAc,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;gBACrE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1H,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;oBAC/C,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,SAAS,EAAE,MAAM;oBACjB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;iBACzD,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YACD,IAAI,CAAC,cAAc;gBAAE,OAAO,CAAC,6DAA6D;YAE1F,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,sBAAsB,EAAE,UAAU,EAAE,SAAS,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC;gBACvH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;YAC1G,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,EAAE;oBAC3D,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,SAAS,EAAE,MAAM;oBACjB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;iBACzD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;IACP,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,IAAkE,EAClE,IAOC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;IAE/F,IAAI,IAAI,CAAC,aAAa,KAAK,OAAO,EAAE,CAAC;QACnC,0FAA0F;QAC1F,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,qCAAqC,EAAE,CAAC;IACtE,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,2BAA2B,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;IAC1D,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAE3D,IAAI,aAAa,GAAsB,IAAI,CAAC;IAC5C,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAY,CAAC;QACjE,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACjB,aAAa,GAAG,EAAE,YAAY,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5G,CAAC;IACH,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oDAAoD,EAAE;YACrE,WAAW,EAAE,IAAI,CAAC,cAAc;YAChC,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACzD,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC;IACtD,CAAC;IACD,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IAErG,MAAM,QAAQ,GAAG,IAAI,oBAAoB,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;IACtH,MAAM,KAAK,GAAG,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,EAAE,GAAG,EAAE,qBAAqC,EAAE,aAAa,CAAC,CAAC;IACvH,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;AAC3E,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,IAA0G,EAC1G,IASC;IAED,IAAI,IAAI,CAAC,aAAa,KAAK,OAAO;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IACzE,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,EAAE,CAAC;IACtF,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEjE,MAAM,WAAW,GAAG,IAAI,2BAA2B,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;IAC1D,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,qDAAqD;IAEvG,IAAI,UAAU,GAAsB,IAAI,CAAC;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAY,CAAC;QACjE,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACjB,UAAU,GAAG,EAAE,YAAY,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACzG,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IACvC,CAAC;IACD,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAElF,6FAA6F;IAC7F,+FAA+F;IAC/F,iGAAiG;IACjG,kFAAkF;IAClF,MAAM,KAAK,GAAG,IAAI,CAAC,sBAAsB,IAAI,IAAI,CAAC;IAClD,IAAI,SAAS,KAAK,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1D,+CAA+C;IACjD,CAAC;SAAM,IAAI,KAAK,IAAI,SAAS,KAAK,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;QACtD,kEAAkE;IACpE,CAAC;SAAM,IAAI,KAAK,EAAE,CAAC;QACjB,2FAA2F;QAC3F,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,kCAAkC,EAAE,CAAC;IACnE,CAAC;SAAM,CAAC;QACN,6FAA6F;QAC7F,+FAA+F;QAC/F,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IACvC,CAAC;IAED,MAAM,GAAG,GAAG,mBAAmB,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACrI,MAAM,QAAQ,GAAG,IAAI,oBAAoB,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;IACtH,MAAM,KAAK,GAAG,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,EAAE,GAAG,EAAE,qBAAqC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IAC3H,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;AAC3F,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,IAAwB;IACjE,OAAO,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC,KAAK,EAAE,EAAE;QACrD,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,kBAAkB;YAAE,OAAO;QACjD,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,MAAM,UAAU,GAAG,OAAO,KAAK,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,KAAK,CAAC,aAAa,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YAC3G,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;YAC5B,MAAM,GAAG,GAAG,MAAM,YAAY,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,MAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtH,MAAM,OAAO,GAAG,OAAO,KAAK,CAAC,SAAS,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,KAAK,CAAC,SAAS,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YAEhG,gFAAgF;YAChF,6CAA6C;YAC7C,MAAM,KAAK,GAAG,KAAK,EAAE,SAA4B,EAAiB,EAAE;gBAClE,IAAI,CAAC,UAAU;oBAAE,OAAO;gBACxB,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;gBAChG,CAAC;gBAAC,OAAO,GAAY,EAAE,CAAC;oBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;wBAChD,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;qBACzD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC;YAEF,mFAAmF;YACnF,kEAAkE;YAClE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;gBACpG,OAAO;YACT,CAAC;YACD,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;gBAClH,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC;gBAClB,OAAO;YACT,CAAC;YAED,gFAAgF;YAChF,kFAAkF;YAClF,oFAAoF;YACpF,gFAAgF;YAChF,qFAAqF;YACrF,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC,IAAI,CAAC,CAAC;YACtD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;gBAC/F,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC;gBAClB,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,UAAU,EAAE,GAAG,EAAE,OAAuB,CAAC,CAAC;gBAC5F,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;oBAChD,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,UAAU,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;oBACnC,EAAE,EAAE,MAAM,CAAC,EAAE;iBACd,CAAC,CAAC;gBACH,MAAM,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACnE,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;oBAC1C,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;iBACzD,CAAC,CAAC;gBACH,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC;YACpB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;IACP,CAAC,CAAC,CAAC;AACL,CAAC"}