@cloak.ag/sdk 1.0.3 → 1.0.4

package/dist/index.d.cts

@@ -34,7 +34,7 @@ interface CloakNote {
     version: string;
     /** Amount in lamports */
     amount: number;
-    /** Blake3 commitment hash (hex) */
+    /** Commitment hash (hex) */
     commitment: string;
     /** Spending secret key (hex, 64 chars) */
     sk_spend: string;
@@ -210,50 +210,6 @@ interface WithdrawOptions extends TransferOptions {
     /** Specific amount to withdraw in lamports (if not withdrawing all) */
     amount?: number;
 }
-/**
- * SP1 proof inputs for zero-knowledge proof generation
- */
-interface SP1ProofInputs {
-    privateInputs: {
-        amount: number;
-        r: string;
-        sk_spend: string;
-        leaf_index: number;
-        merkle_path: {
-            path_elements: string[];
-            path_indices: number[];
-        };
-    };
-    publicInputs: {
-        root: string;
-        nf: string;
-        outputs_hash: string;
-        amount: number;
-    };
-    outputs: Array<{
-        address: string;
-        amount: number;
-    }>;
-    /**
-     * Optional swap parameters for token swaps
-     * When provided, the proof will be for a swap transaction
-     */
-    swapParams?: {
-        output_mint: string;
-        recipient_ata: string;
-        min_output_amount: number;
-    };
-}
-/**
- * Result from proof generation
- */
-interface SP1ProofResult {
-    success: boolean;
-    proof?: string;
-    publicInputs?: string;
-    generationTimeMs: number;
-    error?: string;
-}
 /**
  * Merkle root response from indexer
  */
@@ -317,6 +273,13 @@ interface SwapOptions extends TransferOptions {
         outAmount: number;
         minOutputAmount: number;
     }>;
+    /**
+     * Recipient's associated token account for the output token.
+     * If not provided, will be computed automatically (requires @solana/spl-token).
+     * For browser environments, it's recommended to compute this in the frontend
+     * where @solana/spl-token is properly bundled.
+     */
+    recipientAta?: string;
 }
 /**
  * Result from a swap operation
@@ -1516,88 +1479,6 @@ declare class IndexerService {
     }>;
 }
 
-/**
- * Options for proof generation
- */
-interface ProofGenerationOptions {
-    /** Progress callback - called with percentage (0-100) */
-    onProgress?: (progress: number) => void;
-    /** Called when proof generation starts */
-    onStart?: () => void;
-    /** Called on successful proof generation */
-    onSuccess?: (result: SP1ProofResult) => void;
-    /** Called on error */
-    onError?: (error: string) => void;
-    /** Custom timeout in milliseconds */
-    timeout?: number;
-}
-/**
- * Prover Service Client (Legacy)
- *
- * Handles zero-knowledge proof generation via the backend prover service.
- *
- * ⚠️ DEPRECATED: This implementation sends private inputs to a backend service.
- *
- * **Use ArtifactProverService instead** for privacy-preserving proof generation
- * where private inputs are uploaded directly to TEE, never passing through backend.
- *
- * This class is kept for backward compatibility but is not used by CloakSDK anymore.
- */
-declare class ProverService {
-    private indexerUrl;
-    private timeout;
-    /**
-     * Create a new Prover Service client
-     *
-     * @param indexerUrl - Indexer/Prover service base URL
-     * @param timeout - Proof generation timeout in ms (default: 5 minutes)
-     */
-    constructor(indexerUrl: string, timeout?: number);
-    /**
-     * Generate a zero-knowledge proof for withdrawal
-     *
-     * This process typically takes 30-180 seconds depending on the backend.
-     *
-     * @param inputs - Circuit inputs (private + public + outputs)
-     * @param options - Optional progress tracking and callbacks
-     * @returns Proof result with hex-encoded proof and public inputs
-     *
-     * @example
-     * ```typescript
-     * const result = await prover.generateProof(inputs);
-     * if (result.success) {
-     *   console.log(`Proof: ${result.proof}`);
-     * }
-     * ```
-     *
-     * @example
-     * ```typescript
-     * // With progress tracking
-     * const result = await prover.generateProof(inputs, {
-     *   onProgress: (progress) => console.log(`Progress: ${progress}%`),
-     *   onStart: () => console.log("Starting proof generation..."),
-     *   onSuccess: (result) => console.log("Proof generated!"),
-     *   onError: (error) => console.error("Failed:", error)
-     * });
-     * ```
-     */
-    generateProof(inputs: SP1ProofInputs, options?: ProofGenerationOptions): Promise<SP1ProofResult>;
-    /**
-     * Check if the prover service is available
-     *
-     * @returns True if service is healthy
-     */
-    healthCheck(): Promise<boolean>;
-    /**
-     * Get the configured timeout
-     */
-    getTimeout(): number;
-    /**
-     * Set a new timeout
-     */
-    setTimeout(timeout: number): void;
-}
-
 /**
  * Relay Service Client
  *
@@ -2007,4 +1888,4 @@ declare function generateWithdrawSwapProof(inputs: WithdrawSwapInputs, circuitsP
 
 declare const VERSION = "1.0.0";
 
-export { CLOAK_PROGRAM_ID, type CloakConfig, CloakError, type CloakKeyPair, type CloakNote, CloakSDK, type DepositInstructionParams, type DepositOptions, DepositRecoveryService, type DepositResult, type DepositStatus, type EncryptedNote, FIXED_FEE_LAMPORTS, type Groth16Proof, IndexerService, LAMPORTS_PER_SOL, LocalStorageAdapter, type MasterKey, type MaxLengthArray, MemoryStorageAdapter, type MerkleProof, type MerkleRootResponse, type Network, type NoteData, type NotesRangeResponse, type ProofGenerationOptions, type ProofResult, ProverService, type RecoveryOptions, type RecoveryResult, RelayService, type SP1ProofInputs, type SP1ProofResult, type ScanNotesOptions, type ScannedNote, type ShieldPoolPDAs, type SpendKey, type StorageAdapter, type SwapOptions, type SwapParams, type SwapResult, type Transfer, type TransferOptions, type TransferResult, type TxStatus, VARIABLE_FEE_RATE, VERSION, type ViewKey, type WalletAdapter, type WithdrawOptions, type WithdrawRegularInputs, type WithdrawSwapInputs, bigintToBytes32, buildPublicInputsBytes, bytesToHex, calculateFee, calculateRelayFee, computeCommitment, computeMerkleRoot, computeNullifier, computeNullifierAsync, computeNullifierSync, computeOutputsHash, computeOutputsHashAsync, computeOutputsHashSync, computeSwapOutputsHash, computeSwapOutputsHashAsync, computeSwapOutputsHashSync, copyNoteToClipboard, createCloakError, createDepositInstruction, deriveSpendKey, deriveViewKey, detectNetworkFromRpcUrl, downloadNote, encodeNoteSimple, encryptNoteForRecipient, exportKeys, exportNote, exportWalletKeys, filterNotesByNetwork, filterWithdrawableNotes, findNoteByCommitment, formatAmount, formatErrorForLogging, generateCloakKeys, generateCommitment, generateCommitmentAsync, generateMasterSeed, generateNote, generateNoteFromWallet, generateWithdrawRegularProof, generateWithdrawSwapProof, getAddressExplorerUrl, getDistributableAmount, getExplorerUrl, getPublicKey, getPublicViewKey, getRecipientAmount, getRpcUrlForNetwork, getShieldPoolPDAs, getViewKey, hexToBigint, hexToBytes, importKeys, importWalletKeys, isValidHex, isValidRpcUrl, isValidSolanaAddress, isWithdrawable, keypairToAdapter, parseAmount, parseNote, parseTransactionError, poseidonHash, prepareEncryptedOutput, prepareEncryptedOutputForRecipient, proofToBytes, pubkeyToLimbs, randomBytes, scanNotesForWallet, sendTransaction, serializeNote, signTransaction, splitTo2Limbs, tryDecryptNote, updateNoteWithDeposit, validateDepositParams, validateNote, validateOutputsSum, validateTransfers, validateWalletConnected, validateWithdrawableNote };
+export { CLOAK_PROGRAM_ID, type CloakConfig, CloakError, type CloakKeyPair, type CloakNote, CloakSDK, type DepositInstructionParams, type DepositOptions, DepositRecoveryService, type DepositResult, type DepositStatus, type EncryptedNote, FIXED_FEE_LAMPORTS, type Groth16Proof, IndexerService, LAMPORTS_PER_SOL, LocalStorageAdapter, type MasterKey, type MaxLengthArray, MemoryStorageAdapter, type MerkleProof, type MerkleRootResponse, type Network, type NoteData, type NotesRangeResponse, type ProofResult, type RecoveryOptions, type RecoveryResult, RelayService, type ScanNotesOptions, type ScannedNote, type ShieldPoolPDAs, type SpendKey, type StorageAdapter, type SwapOptions, type SwapParams, type SwapResult, type Transfer, type TransferOptions, type TransferResult, type TxStatus, VARIABLE_FEE_RATE, VERSION, type ViewKey, type WalletAdapter, type WithdrawOptions, type WithdrawRegularInputs, type WithdrawSwapInputs, bigintToBytes32, buildPublicInputsBytes, bytesToHex, calculateFee, calculateRelayFee, computeCommitment, computeMerkleRoot, computeNullifier, computeNullifierAsync, computeNullifierSync, computeOutputsHash, computeOutputsHashAsync, computeOutputsHashSync, computeSwapOutputsHash, computeSwapOutputsHashAsync, computeSwapOutputsHashSync, copyNoteToClipboard, createCloakError, createDepositInstruction, deriveSpendKey, deriveViewKey, detectNetworkFromRpcUrl, downloadNote, encodeNoteSimple, encryptNoteForRecipient, exportKeys, exportNote, exportWalletKeys, filterNotesByNetwork, filterWithdrawableNotes, findNoteByCommitment, formatAmount, formatErrorForLogging, generateCloakKeys, generateCommitment, generateCommitmentAsync, generateMasterSeed, generateNote, generateNoteFromWallet, generateWithdrawRegularProof, generateWithdrawSwapProof, getAddressExplorerUrl, getDistributableAmount, getExplorerUrl, getPublicKey, getPublicViewKey, getRecipientAmount, getRpcUrlForNetwork, getShieldPoolPDAs, getViewKey, hexToBigint, hexToBytes, importKeys, importWalletKeys, isValidHex, isValidRpcUrl, isValidSolanaAddress, isWithdrawable, keypairToAdapter, parseAmount, parseNote, parseTransactionError, poseidonHash, prepareEncryptedOutput, prepareEncryptedOutputForRecipient, proofToBytes, pubkeyToLimbs, randomBytes, scanNotesForWallet, sendTransaction, serializeNote, signTransaction, splitTo2Limbs, tryDecryptNote, updateNoteWithDeposit, validateDepositParams, validateNote, validateOutputsSum, validateTransfers, validateWalletConnected, validateWithdrawableNote };

package/dist/index.d.ts

@@ -34,7 +34,7 @@ interface CloakNote {
     version: string;
     /** Amount in lamports */
     amount: number;
-    /** Blake3 commitment hash (hex) */
+    /** Commitment hash (hex) */
     commitment: string;
     /** Spending secret key (hex, 64 chars) */
     sk_spend: string;
@@ -210,50 +210,6 @@ interface WithdrawOptions extends TransferOptions {
     /** Specific amount to withdraw in lamports (if not withdrawing all) */
     amount?: number;
 }
-/**
- * SP1 proof inputs for zero-knowledge proof generation
- */
-interface SP1ProofInputs {
-    privateInputs: {
-        amount: number;
-        r: string;
-        sk_spend: string;
-        leaf_index: number;
-        merkle_path: {
-            path_elements: string[];
-            path_indices: number[];
-        };
-    };
-    publicInputs: {
-        root: string;
-        nf: string;
-        outputs_hash: string;
-        amount: number;
-    };
-    outputs: Array<{
-        address: string;
-        amount: number;
-    }>;
-    /**
-     * Optional swap parameters for token swaps
-     * When provided, the proof will be for a swap transaction
-     */
-    swapParams?: {
-        output_mint: string;
-        recipient_ata: string;
-        min_output_amount: number;
-    };
-}
-/**
- * Result from proof generation
- */
-interface SP1ProofResult {
-    success: boolean;
-    proof?: string;
-    publicInputs?: string;
-    generationTimeMs: number;
-    error?: string;
-}
 /**
  * Merkle root response from indexer
  */
@@ -317,6 +273,13 @@ interface SwapOptions extends TransferOptions {
         outAmount: number;
         minOutputAmount: number;
     }>;
+    /**
+     * Recipient's associated token account for the output token.
+     * If not provided, will be computed automatically (requires @solana/spl-token).
+     * For browser environments, it's recommended to compute this in the frontend
+     * where @solana/spl-token is properly bundled.
+     */
+    recipientAta?: string;
 }
 /**
  * Result from a swap operation
@@ -1516,88 +1479,6 @@ declare class IndexerService {
     }>;
 }
 
-/**
- * Options for proof generation
- */
-interface ProofGenerationOptions {
-    /** Progress callback - called with percentage (0-100) */
-    onProgress?: (progress: number) => void;
-    /** Called when proof generation starts */
-    onStart?: () => void;
-    /** Called on successful proof generation */
-    onSuccess?: (result: SP1ProofResult) => void;
-    /** Called on error */
-    onError?: (error: string) => void;
-    /** Custom timeout in milliseconds */
-    timeout?: number;
-}
-/**
- * Prover Service Client (Legacy)
- *
- * Handles zero-knowledge proof generation via the backend prover service.
- *
- * ⚠️ DEPRECATED: This implementation sends private inputs to a backend service.
- *
- * **Use ArtifactProverService instead** for privacy-preserving proof generation
- * where private inputs are uploaded directly to TEE, never passing through backend.
- *
- * This class is kept for backward compatibility but is not used by CloakSDK anymore.
- */
-declare class ProverService {
-    private indexerUrl;
-    private timeout;
-    /**
-     * Create a new Prover Service client
-     *
-     * @param indexerUrl - Indexer/Prover service base URL
-     * @param timeout - Proof generation timeout in ms (default: 5 minutes)
-     */
-    constructor(indexerUrl: string, timeout?: number);
-    /**
-     * Generate a zero-knowledge proof for withdrawal
-     *
-     * This process typically takes 30-180 seconds depending on the backend.
-     *
-     * @param inputs - Circuit inputs (private + public + outputs)
-     * @param options - Optional progress tracking and callbacks
-     * @returns Proof result with hex-encoded proof and public inputs
-     *
-     * @example
-     * ```typescript
-     * const result = await prover.generateProof(inputs);
-     * if (result.success) {
-     *   console.log(`Proof: ${result.proof}`);
-     * }
-     * ```
-     *
-     * @example
-     * ```typescript
-     * // With progress tracking
-     * const result = await prover.generateProof(inputs, {
-     *   onProgress: (progress) => console.log(`Progress: ${progress}%`),
-     *   onStart: () => console.log("Starting proof generation..."),
-     *   onSuccess: (result) => console.log("Proof generated!"),
-     *   onError: (error) => console.error("Failed:", error)
-     * });
-     * ```
-     */
-    generateProof(inputs: SP1ProofInputs, options?: ProofGenerationOptions): Promise<SP1ProofResult>;
-    /**
-     * Check if the prover service is available
-     *
-     * @returns True if service is healthy
-     */
-    healthCheck(): Promise<boolean>;
-    /**
-     * Get the configured timeout
-     */
-    getTimeout(): number;
-    /**
-     * Set a new timeout
-     */
-    setTimeout(timeout: number): void;
-}
-
 /**
  * Relay Service Client
  *
@@ -2007,4 +1888,4 @@ declare function generateWithdrawSwapProof(inputs: WithdrawSwapInputs, circuitsP
 
 declare const VERSION = "1.0.0";
 
-export { CLOAK_PROGRAM_ID, type CloakConfig, CloakError, type CloakKeyPair, type CloakNote, CloakSDK, type DepositInstructionParams, type DepositOptions, DepositRecoveryService, type DepositResult, type DepositStatus, type EncryptedNote, FIXED_FEE_LAMPORTS, type Groth16Proof, IndexerService, LAMPORTS_PER_SOL, LocalStorageAdapter, type MasterKey, type MaxLengthArray, MemoryStorageAdapter, type MerkleProof, type MerkleRootResponse, type Network, type NoteData, type NotesRangeResponse, type ProofGenerationOptions, type ProofResult, ProverService, type RecoveryOptions, type RecoveryResult, RelayService, type SP1ProofInputs, type SP1ProofResult, type ScanNotesOptions, type ScannedNote, type ShieldPoolPDAs, type SpendKey, type StorageAdapter, type SwapOptions, type SwapParams, type SwapResult, type Transfer, type TransferOptions, type TransferResult, type TxStatus, VARIABLE_FEE_RATE, VERSION, type ViewKey, type WalletAdapter, type WithdrawOptions, type WithdrawRegularInputs, type WithdrawSwapInputs, bigintToBytes32, buildPublicInputsBytes, bytesToHex, calculateFee, calculateRelayFee, computeCommitment, computeMerkleRoot, computeNullifier, computeNullifierAsync, computeNullifierSync, computeOutputsHash, computeOutputsHashAsync, computeOutputsHashSync, computeSwapOutputsHash, computeSwapOutputsHashAsync, computeSwapOutputsHashSync, copyNoteToClipboard, createCloakError, createDepositInstruction, deriveSpendKey, deriveViewKey, detectNetworkFromRpcUrl, downloadNote, encodeNoteSimple, encryptNoteForRecipient, exportKeys, exportNote, exportWalletKeys, filterNotesByNetwork, filterWithdrawableNotes, findNoteByCommitment, formatAmount, formatErrorForLogging, generateCloakKeys, generateCommitment, generateCommitmentAsync, generateMasterSeed, generateNote, generateNoteFromWallet, generateWithdrawRegularProof, generateWithdrawSwapProof, getAddressExplorerUrl, getDistributableAmount, getExplorerUrl, getPublicKey, getPublicViewKey, getRecipientAmount, getRpcUrlForNetwork, getShieldPoolPDAs, getViewKey, hexToBigint, hexToBytes, importKeys, importWalletKeys, isValidHex, isValidRpcUrl, isValidSolanaAddress, isWithdrawable, keypairToAdapter, parseAmount, parseNote, parseTransactionError, poseidonHash, prepareEncryptedOutput, prepareEncryptedOutputForRecipient, proofToBytes, pubkeyToLimbs, randomBytes, scanNotesForWallet, sendTransaction, serializeNote, signTransaction, splitTo2Limbs, tryDecryptNote, updateNoteWithDeposit, validateDepositParams, validateNote, validateOutputsSum, validateTransfers, validateWalletConnected, validateWithdrawableNote };
+export { CLOAK_PROGRAM_ID, type CloakConfig, CloakError, type CloakKeyPair, type CloakNote, CloakSDK, type DepositInstructionParams, type DepositOptions, DepositRecoveryService, type DepositResult, type DepositStatus, type EncryptedNote, FIXED_FEE_LAMPORTS, type Groth16Proof, IndexerService, LAMPORTS_PER_SOL, LocalStorageAdapter, type MasterKey, type MaxLengthArray, MemoryStorageAdapter, type MerkleProof, type MerkleRootResponse, type Network, type NoteData, type NotesRangeResponse, type ProofResult, type RecoveryOptions, type RecoveryResult, RelayService, type ScanNotesOptions, type ScannedNote, type ShieldPoolPDAs, type SpendKey, type StorageAdapter, type SwapOptions, type SwapParams, type SwapResult, type Transfer, type TransferOptions, type TransferResult, type TxStatus, VARIABLE_FEE_RATE, VERSION, type ViewKey, type WalletAdapter, type WithdrawOptions, type WithdrawRegularInputs, type WithdrawSwapInputs, bigintToBytes32, buildPublicInputsBytes, bytesToHex, calculateFee, calculateRelayFee, computeCommitment, computeMerkleRoot, computeNullifier, computeNullifierAsync, computeNullifierSync, computeOutputsHash, computeOutputsHashAsync, computeOutputsHashSync, computeSwapOutputsHash, computeSwapOutputsHashAsync, computeSwapOutputsHashSync, copyNoteToClipboard, createCloakError, createDepositInstruction, deriveSpendKey, deriveViewKey, detectNetworkFromRpcUrl, downloadNote, encodeNoteSimple, encryptNoteForRecipient, exportKeys, exportNote, exportWalletKeys, filterNotesByNetwork, filterWithdrawableNotes, findNoteByCommitment, formatAmount, formatErrorForLogging, generateCloakKeys, generateCommitment, generateCommitmentAsync, generateMasterSeed, generateNote, generateNoteFromWallet, generateWithdrawRegularProof, generateWithdrawSwapProof, getAddressExplorerUrl, getDistributableAmount, getExplorerUrl, getPublicKey, getPublicViewKey, getRecipientAmount, getRpcUrlForNetwork, getShieldPoolPDAs, getViewKey, hexToBigint, hexToBytes, importKeys, importWalletKeys, isValidHex, isValidRpcUrl, isValidSolanaAddress, isWithdrawable, keypairToAdapter, parseAmount, parseNote, parseTransactionError, poseidonHash, prepareEncryptedOutput, prepareEncryptedOutputForRecipient, proofToBytes, pubkeyToLimbs, randomBytes, scanNotesForWallet, sendTransaction, serializeNote, signTransaction, splitTo2Limbs, tryDecryptNote, updateNoteWithDeposit, validateDepositParams, validateNote, validateOutputsSum, validateTransfers, validateWalletConnected, validateWithdrawableNote };

package/dist/index.js

@@ -1714,11 +1714,7 @@ async function generateWithdrawRegularProof(inputs, circuitsPath) {
     var_fee: inputs.var_fee.toString(),
     rem: inputs.rem.toString()
   };
-  const { proof, publicSignals } = await snarkjs.groth16.fullProve(
-    circuitInputs,
-    wasmPath,
-    zkeyPath
-  );
+  const { proof, publicSignals } = await snarkjs.groth16.fullProve(circuitInputs, wasmPath, zkeyPath);
   const proofBytes = proofToBytes(proof);
   return {
     proof,
@@ -2194,17 +2190,10 @@ var CloakSDK = class {
     const feeBps = Math.ceil(protocolFee * 1e4 / note.amount);
     const distributableAmount = getDistributableAmount2(note.amount);
     validateTransfers(recipients, distributableAmount);
-    let merkleProof;
-    let merkleRoot;
-    if (note.merkleProof && note.root) {
-      merkleProof = {
-        pathElements: note.merkleProof.pathElements,
-        pathIndices: note.merkleProof.pathIndices
-      };
-      merkleRoot = note.root;
-    } else {
-      merkleProof = await this.indexer.getMerkleProof(note.leafIndex);
-      merkleRoot = merkleProof.root || (await this.indexer.getMerkleRoot()).root;
+    const merkleProof = await this.indexer.getMerkleProof(note.leafIndex);
+    const merkleRoot = merkleProof.root || (await this.indexer.getMerkleRoot()).root;
+    if (!merkleRoot) {
+      throw new Error("Failed to get Merkle root from indexer");
     }
     const nullifier = await computeNullifierAsync(note.sk_spend, note.leafIndex);
     const nullifierHex = nullifier.toString(16).padStart(64, "0");
@@ -2278,6 +2267,13 @@ var CloakSDK = class {
       }
       const sk = splitTo2Limbs(sk_spend_bigint);
       const r = splitTo2Limbs(r_bigint);
+      const computedCommitment = await computeCommitment(amount_bigint, r_bigint, sk_spend_bigint);
+      const noteCommitment = BigInt("0x" + note.commitment);
+      if (computedCommitment !== noteCommitment) {
+        throw new Error(
+          `Commitment mismatch! Computed: ${computedCommitment.toString(16)}, Note: ${note.commitment}. This means the note's sk_spend, r, or amount doesn't match what was deposited.`
+        );
+      }
       const proofInputs = {
         root: root_bigint,
         nullifier: nullifier_bigint,
@@ -2296,7 +2292,9 @@ var CloakSDK = class {
         var_fee: varFee,
         rem
       };
+      options?.onProgress?.("proof_generating");
       const proofResult = await generateWithdrawRegularProof(proofInputs, circuitsPath);
+      options?.onProgress?.("proof_complete");
       proofHex = Buffer.from(proofResult.proofBytes).toString("hex");
       finalPublicInputs = {
         root: merkleRoot,
@@ -2462,30 +2460,27 @@ var CloakSDK = class {
         );
       }
       let recipientAta;
-      try {
-        const splTokenModule = await import("@solana/spl-token");
-        const getAssociatedTokenAddress = splTokenModule.getAssociatedTokenAddress;
-        if (!getAssociatedTokenAddress) {
-          throw new Error("getAssociatedTokenAddress not found");
+      if (options.recipientAta) {
+        recipientAta = new PublicKey4(options.recipientAta);
+      } else {
+        try {
+          const splTokenModule = await import("@solana/spl-token");
+          const getAssociatedTokenAddress = splTokenModule.getAssociatedTokenAddress;
+          if (!getAssociatedTokenAddress) {
+            throw new Error("getAssociatedTokenAddress not found");
+          }
+          const outputMint2 = new PublicKey4(options.outputMint);
+          recipientAta = await getAssociatedTokenAddress(outputMint2, recipient);
+        } catch (error) {
+          throw new Error(
+            `Failed to get associated token account: ${error instanceof Error ? error.message : String(error)}. Please install @solana/spl-token or provide recipientAta in options.`
+          );
         }
-        const outputMint2 = new PublicKey4(options.outputMint);
-        recipientAta = await getAssociatedTokenAddress(outputMint2, recipient);
-      } catch (error) {
-        throw new Error(
-          `Failed to get associated token account: ${error instanceof Error ? error.message : String(error)}. Please install @solana/spl-token or provide recipientAta in options.`
-        );
       }
-      let merkleProof;
-      let merkleRoot;
-      if (note.merkleProof && note.root) {
-        merkleProof = {
-          pathElements: note.merkleProof.pathElements,
-          pathIndices: note.merkleProof.pathIndices
-        };
-        merkleRoot = note.root;
-      } else {
-        merkleProof = await this.indexer.getMerkleProof(note.leafIndex);
-        merkleRoot = merkleProof.root || (await this.indexer.getMerkleRoot()).root;
+      const merkleProof = await this.indexer.getMerkleProof(note.leafIndex);
+      const merkleRoot = merkleProof.root || (await this.indexer.getMerkleRoot()).root;
+      if (!merkleRoot) {
+        throw new Error("Failed to get Merkle root from indexer");
       }
       const nullifier = await computeNullifierAsync(note.sk_spend, note.leafIndex);
       const nullifierHex = nullifier.toString(16).padStart(64, "0");
@@ -2521,6 +2516,13 @@ var CloakSDK = class {
         const inputMintLimbs = pubkeyToLimbs(inputMint.toBytes());
         const outputMintLimbs = pubkeyToLimbs(outputMint.toBytes());
         const recipientAtaLimbs = pubkeyToLimbs(recipientAta.toBytes());
+        const computedCommitment = await computeCommitment(amount_bigint, r_bigint, sk_spend_bigint);
+        const noteCommitment = BigInt("0x" + note.commitment);
+        if (computedCommitment !== noteCommitment) {
+          throw new Error(
+            `Commitment mismatch! Computed: ${computedCommitment.toString(16)}, Note: ${note.commitment}. This means the note's sk_spend, r, or amount doesn't match what was deposited.`
+          );
+        }
         const t = amount_bigint * 5n;
         const varFee = t / 1000n;
         const rem = t % 1000n;
@@ -2542,7 +2544,9 @@ var CloakSDK = class {
           var_fee: varFee,
           rem
         };
+        options?.onProgress?.("proof_generating");
         const proofResult = await generateWithdrawSwapProof(proofInputs, circuitsPath);
+        options?.onProgress?.("proof_complete");
         proofHex = Buffer.from(proofResult.proofBytes).toString("hex");
         finalPublicInputs = {
           root: merkleRoot,
@@ -3062,188 +3066,6 @@ function formatErrorForLogging(error) {
   return String(error);
 }
 
-// src/services/ProverService.ts
-var ProverService = class {
-  /**
-   * Create a new Prover Service client
-   *
-   * @param indexerUrl - Indexer/Prover service base URL
-   * @param timeout - Proof generation timeout in ms (default: 5 minutes)
-   */
-  constructor(indexerUrl, timeout = 5 * 60 * 1e3) {
-    this.indexerUrl = indexerUrl.replace(/\/$/, "");
-    this.timeout = timeout;
-  }
-  /**
-   * Generate a zero-knowledge proof for withdrawal
-   *
-   * This process typically takes 30-180 seconds depending on the backend.
-   *
-   * @param inputs - Circuit inputs (private + public + outputs)
-   * @param options - Optional progress tracking and callbacks
-   * @returns Proof result with hex-encoded proof and public inputs
-   *
-   * @example
-   * ```typescript
-   * const result = await prover.generateProof(inputs);
-   * if (result.success) {
-   *   console.log(`Proof: ${result.proof}`);
-   * }
-   * ```
-   * 
-   * @example
-   * ```typescript
-   * // With progress tracking
-   * const result = await prover.generateProof(inputs, {
-   *   onProgress: (progress) => console.log(`Progress: ${progress}%`),
-   *   onStart: () => console.log("Starting proof generation..."),
-   *   onSuccess: (result) => console.log("Proof generated!"),
-   *   onError: (error) => console.error("Failed:", error)
-   * });
-   * ```
-   */
-  async generateProof(inputs, options) {
-    const startTime = Date.now();
-    const actualTimeout = options?.timeout || this.timeout;
-    options?.onStart?.();
-    let progressInterval;
-    try {
-      const requestBody = {
-        private_inputs: JSON.stringify(inputs.privateInputs),
-        public_inputs: JSON.stringify(inputs.publicInputs),
-        outputs: JSON.stringify(inputs.outputs)
-      };
-      if (inputs.swapParams) {
-        requestBody.swap_params = inputs.swapParams;
-      }
-      const controller = new AbortController();
-      const timeoutId = setTimeout(() => controller.abort(), actualTimeout);
-      if (options?.onProgress) {
-        let progress = 0;
-        progressInterval = setInterval(() => {
-          progress = Math.min(90, progress + Math.random() * 10);
-          options.onProgress(Math.floor(progress));
-        }, 2e3);
-      }
-      const response = await fetch(`${this.indexerUrl}/api/v1/prove`, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/json"
-        },
-        body: JSON.stringify(requestBody),
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
-      if (progressInterval) clearInterval(progressInterval);
-      if (!response.ok) {
-        let errorMessage = `${response.status} ${response.statusText}`;
-        try {
-          const errorText = await response.text();
-          try {
-            const errorJson = JSON.parse(errorText);
-            errorMessage = errorJson.error || errorJson.message || errorText;
-          } catch {
-            errorMessage = errorText || errorMessage;
-          }
-        } catch {
-        }
-        options?.onError?.(errorMessage);
-        return {
-          success: false,
-          generationTimeMs: Date.now() - startTime,
-          error: errorMessage
-        };
-      }
-      options?.onProgress?.(100);
-      const rawData = await response.json();
-      const result = {
-        success: rawData.success,
-        proof: rawData.proof,
-        publicInputs: rawData.public_inputs,
-        // Map snake_case
-        generationTimeMs: rawData.generation_time_ms || Date.now() - startTime,
-        error: rawData.error
-      };
-      if (!result.success && rawData.execution_report) {
-      }
-      if (!result.success && result.error) {
-        try {
-          const errorObj = typeof result.error === "string" ? JSON.parse(result.error) : result.error;
-          if (errorObj?.error && typeof errorObj.error === "string") {
-            result.error = errorObj.error;
-          } else if (typeof errorObj === "string") {
-            result.error = errorObj;
-          }
-          if (errorObj?.execution_report && typeof errorObj.execution_report === "string") {
-            result.error += `
-Execution report: ${errorObj.execution_report}`;
-          }
-          if (errorObj?.total_cycles !== void 0) {
-            result.error += `
-Total cycles: ${errorObj.total_cycles}`;
-          }
-          if (errorObj?.total_syscalls !== void 0) {
-            result.error += `
-Total syscalls: ${errorObj.total_syscalls}`;
-          }
-        } catch {
-        }
-      }
-      if (result.success) {
-        options?.onSuccess?.(result);
-      } else if (result.error) {
-        options?.onError?.(result.error);
-      }
-      return result;
-    } catch (error) {
-      const totalTime = Date.now() - startTime;
-      if (progressInterval) clearInterval(progressInterval);
-      let errorMessage;
-      if (error instanceof Error && error.name === "AbortError") {
-        errorMessage = `Proof generation timed out after ${actualTimeout}ms`;
-      } else {
-        errorMessage = error instanceof Error ? error.message : "Unknown error occurred";
-      }
-      options?.onError?.(errorMessage);
-      return {
-        success: false,
-        generationTimeMs: totalTime,
-        error: errorMessage
-      };
-    }
-  }
-  /**
-   * Check if the prover service is available
-   *
-   * @returns True if service is healthy
-   */
-  async healthCheck() {
-    try {
-      const response = await fetch(`${this.indexerUrl}/health`, {
-        method: "GET"
-      });
-      return response.ok;
-    } catch {
-      return false;
-    }
-  }
-  /**
-   * Get the configured timeout
-   */
-  getTimeout() {
-    return this.timeout;
-  }
-  /**
-   * Set a new timeout
-   */
-  setTimeout(timeout) {
-    if (timeout <= 0) {
-      throw new Error("Timeout must be positive");
-    }
-    this.timeout = timeout;
-  }
-};
-
 // src/helpers/wallet-integration.ts
 import {
   Keypair as Keypair2
@@ -3330,7 +3152,6 @@ export {
   LAMPORTS_PER_SOL,
   LocalStorageAdapter,
   MemoryStorageAdapter,
-  ProverService,
   RelayService,
   VARIABLE_FEE_RATE,
   VERSION,