npm - @did-btcr2/api - Versions diffs - 0.7.0 → 0.8.0 - Mend

@did-btcr2/api 0.7.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/browser.mjs CHANGED Viewed

@@ -222,7 +222,7 @@ var require_buffer = __commonJS({
   "../../node_modules/.pnpm/buffer@5.7.1/node_modules/buffer/index.js"(exports) {
     "use strict";
     init_shim();
-    var base648 = require_base64_js();
+    var base647 = require_base64_js();
     var ieee754 = require_ieee754();
     var customInspectSymbol = typeof Symbol === "function" && typeof Symbol["for"] === "function" ? Symbol["for"]("nodejs.util.inspect.custom") : null;
     exports.Buffer = Buffer3;
@@ -923,9 +923,9 @@ var require_buffer = __commonJS({
     };
     function base64Slice(buf2, start2, end) {
       if (start2 === 0 && end === buf2.length) {
-        return base648.fromByteArray(buf2);
+        return base647.fromByteArray(buf2);
       } else {
-        return base648.fromByteArray(buf2.slice(start2, end));
+        return base647.fromByteArray(buf2.slice(start2, end));
       }
     }
     function utf8Slice2(buf2, start2, end) {
@@ -1560,7 +1560,7 @@ var require_buffer = __commonJS({
       return byteArray;
     }
     function base64ToBytes(str) {
-      return base648.toByteArray(base64clean(str));
+      return base647.toByteArray(base64clean(str));
     }
     function blitBuffer(src6, dst, offset, length9) {
       for (var i5 = 0; i5 < length9; ++i5) {
@@ -58438,11 +58438,11 @@ function padNumber(inputNumber, fullLength) {
     return "";
   }
   const dif = fullLength - str.length;
-  const padding3 = new Array(dif);
+  const padding2 = new Array(dif);
   for (let i42 = 0; i42 < dif; i42++) {
-    padding3[i42] = "0";
+    padding2[i42] = "0";
   }
-  const paddingString = padding3.join("");
+  const paddingString = padding2.join("");
   return paddingString.concat(str);
 }
 var log22;
@@ -105289,32 +105289,6 @@ function join(separator = "") {
   };
 }
 // @__NO_SIDE_EFFECTS__
-function padding(bits, chr = "=") {
-  anumber2(bits);
-  astr("padding", chr);
-  return {
-    encode(data) {
-      astrArr("padding.encode", data);
-      while (data.length * bits % 8)
-        data.push(chr);
-      return data;
-    },
-    decode(input) {
-      astrArr("padding.decode", input);
-      let end = input.length;
-      if (end * bits % 8)
-        throw new Error("padding: invalid, string should have whole number of bytes");
-      for (; end > 0 && input[end - 1] === chr; end--) {
-        const last = end - 1;
-        const byte = last * bits;
-        if (byte % 8 === 0)
-          throw new Error("padding: invalid, string has too much padding");
-      }
-      return input.slice(0, end);
-    }
-  };
-}
-// @__NO_SIDE_EFFECTS__
 function normalize(fn) {
   afn(fn);
   return { encode: (from82) => from82, decode: (to) => fn(to) };
@@ -105375,7 +105349,7 @@ var powers = /* @__PURE__ */ (() => {
     res.push(2 ** i42);
   return res;
 })();
-function convertRadix2(data, from82, to, padding3) {
+function convertRadix2(data, from82, to, padding2) {
   aArr(data);
   if (from82 <= 0 || from82 > 32)
     throw new Error(`convertRadix2: wrong from=${from82}`);
@@ -105405,11 +105379,11 @@ function convertRadix2(data, from82, to, padding3) {
     carry &= pow32 - 1;
   }
   carry = carry << to - pos & mask;
-  if (!padding3 && pos >= from82)
+  if (!padding2 && pos >= from82)
     throw new Error("Excess padding");
-  if (!padding3 && carry > 0)
+  if (!padding2 && carry > 0)
     throw new Error(`Non-zero padding: ${carry}`);
-  if (padding3 && pos > 0)
+  if (padding2 && pos > 0)
     res.push(carry >>> 0);
   return res;
 }
@@ -105483,24 +105457,6 @@ function checksum(len, fn) {
     }
   };
 }
-var hasBase64Builtin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
-var decodeBase64Builtin = (s2, isUrl) => {
-  astr("base64", s2);
-  const re = isUrl ? /^[A-Za-z0-9=_-]+$/ : /^[A-Za-z0-9=+/]+$/;
-  const alphabet52 = isUrl ? "base64url" : "base64";
-  if (s2.length > 0 && !re.test(s2))
-    throw new Error("invalid base64");
-  return Uint8Array.fromBase64(s2, { alphabet: alphabet52, lastChunkHandling: "strict" });
-};
-var base64 = hasBase64Builtin ? {
-  encode(b) {
-    abytes2(b);
-    return b.toBase64();
-  },
-  decode(s2) {
-    return decodeBase64Builtin(s2, false);
-  }
-} : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join(""));
 var base64urlnopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"), /* @__PURE__ */ join(""));
 var genBase58 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain(/* @__PURE__ */ radix(58), /* @__PURE__ */ alphabet(abc), /* @__PURE__ */ join(""));
 var base58 = /* @__PURE__ */ genBase58("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
@@ -109826,7 +109782,7 @@ function join2(separator = "") {
   };
 }
 // @__NO_SIDE_EFFECTS__
-function padding2(bits, chr = "=") {
+function padding(bits, chr = "=") {
   anumber4(bits);
   astr2("padding", chr);
   return {
@@ -109907,7 +109863,7 @@ var powers2 = /* @__PURE__ */ (() => {
     res.push(2 ** i42);
   return res;
 })();
-function convertRadix22(data, from82, to, padding3) {
+function convertRadix22(data, from82, to, padding2) {
   aArr2(data);
   if (from82 <= 0 || from82 > 32)
     throw new Error(`convertRadix2: wrong from=${from82}`);
@@ -109937,11 +109893,11 @@ function convertRadix22(data, from82, to, padding3) {
     carry &= pow32 - 1;
   }
   carry = carry << to - pos & mask;
-  if (!padding3 && pos >= from82)
+  if (!padding2 && pos >= from82)
     throw new Error("Excess padding");
-  if (!padding3 && carry > 0)
+  if (!padding2 && carry > 0)
     throw new Error(`Non-zero padding: ${carry}`);
-  if (padding3 && pos > 0)
+  if (padding2 && pos > 0)
     res.push(carry >>> 0);
   return res;
 }
@@ -109989,8 +109945,8 @@ function unsafeWrapper2(fn) {
     }
   };
 }
-var hasBase64Builtin2 = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
-var decodeBase64Builtin2 = (s2, isUrl) => {
+var hasBase64Builtin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
+var decodeBase64Builtin = (s2, isUrl) => {
   astr2("base64", s2);
   const re = isUrl ? /^[A-Za-z0-9=_-]+$/ : /^[A-Za-z0-9=+/]+$/;
   const alphabet52 = isUrl ? "base64url" : "base64";
@@ -109998,15 +109954,15 @@ var decodeBase64Builtin2 = (s2, isUrl) => {
     throw new Error("invalid base64");
   return Uint8Array.fromBase64(s2, { alphabet: alphabet52, lastChunkHandling: "strict" });
 };
-var base642 = hasBase64Builtin2 ? {
+var base64 = hasBase64Builtin ? {
   encode(b) {
     abytes4(b);
     return b.toBase64();
   },
   decode(s2) {
-    return decodeBase64Builtin2(s2, false);
+    return decodeBase64Builtin(s2, false);
   }
-} : /* @__PURE__ */ chain2(/* @__PURE__ */ radix22(6), /* @__PURE__ */ alphabet2("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding2(6), /* @__PURE__ */ join2(""));
+} : /* @__PURE__ */ chain2(/* @__PURE__ */ radix22(6), /* @__PURE__ */ alphabet2("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join2(""));
 var genBase582 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain2(/* @__PURE__ */ radix3(58), /* @__PURE__ */ alphabet2(abc), /* @__PURE__ */ join2(""));
 var base582 = /* @__PURE__ */ genBase582("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
 var BECH_ALPHABET2 = /* @__PURE__ */ chain2(/* @__PURE__ */ alphabet2("qpzry9x8gf2tvdw0s3jn54khce6mua7l"), /* @__PURE__ */ join2(""));
@@ -112232,123 +112188,23 @@ function hashToHex(hash32) {
   }
   return s2;
 }
-function hexToHash(hex22) {
-  validateHex(hex22, true);
-  const hash32 = new Uint8Array(HASH_BYTE_LENGTH);
-  for (let i42 = 0; i42 < HASH_BYTE_LENGTH; i42++) {
-    hash32[i42] = Number.parseInt(hex22.substring(i42 * 2, i42 * 2 + 2), 16);
-  }
-  return hash32;
-}
-function bigIntToHex(value2, padded) {
-  const s2 = value2.toString(16);
-  return padded ? s2.padStart(HASH_HEX_LENGTH, "0") : s2;
-}
-function hexToBigInt(hex22, padded) {
-  validateHex(hex22, padded);
-  return BigInt(`0x${hex22}`);
-}
 function hashesEqual(a2, b) {
   if (!isValidHash(a2) || !isValidHash(b))
     return false;
   return equalBytes(a2, b);
 }
-function hashToBase64(hash32) {
+function hashToBase64Url(hash32) {
   validateHash(hash32);
-  return base64.encode(hash32);
+  return base64urlnopad.encode(hash32);
 }
-function base64ToHash(b64) {
-  const hash32 = base64.decode(b64);
+function base64UrlToHash(b64u) {
+  const hash32 = base64urlnopad.decode(b64u);
   if (hash32.length !== HASH_BYTE_LENGTH) {
-    throw new RangeError(`Invalid base64 hash: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${hash32.length}`);
+    throw new RangeError(`Invalid base64url hash: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${hash32.length}`);
   }
   return hash32;
 }
-function bigIntToBase64(value2, padded) {
-  let bytes32 = bigIntToHash(value2);
-  if (!padded) {
-    const firstNonZero = bytes32.findIndex((b) => b !== 0);
-    bytes32 = firstNonZero === -1 ? new Uint8Array(1) : bytes32.slice(firstNonZero);
-  }
-  return base64.encode(bytes32);
-}
-function base64ToBigInt(b64, padded) {
-  const bytes32 = base64.decode(b64);
-  if (padded && bytes32.length !== HASH_BYTE_LENGTH) {
-    throw new RangeError(`Invalid padded base64 bigint: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${bytes32.length}`);
-  }
-  if (bytes32.length > HASH_BYTE_LENGTH) {
-    throw new RangeError(`Value exceeds ${HASH_BYTE_LENGTH} bytes`);
-  }
-  let value2 = 0n;
-  for (const byte of bytes32) {
-    value2 = value2 << 8n | BigInt(byte);
-  }
-  return value2;
-}
-var HEX_RE = /^[0-9A-Fa-f]+$/;
-function validateHex(s2, requireHashLength) {
-  const len = s2.length;
-  const minLen = requireHashLength ? HASH_HEX_LENGTH : 1;
-  if (len < minLen || len > HASH_HEX_LENGTH || !HEX_RE.test(s2)) {
-    throw new RangeError(`Invalid hex string: expected ${requireHashLength ? HASH_HEX_LENGTH : "1-" + HASH_HEX_LENGTH} hex characters, got ${len}`);
-  }
-}
 init_shim2();
-var BaseNode = class {
-  #index;
-  #depth;
-  constructor(index, depth) {
-    this.#index = index;
-    this.#depth = depth;
-  }
-  get index() {
-    return this.#index;
-  }
-  get depth() {
-    return this.#depth;
-  }
-};
-var LeafNode = class extends BaseNode {
-  #hash = null;
-  get hash() {
-    return this.#hash;
-  }
-  set hash(value2) {
-    if (this.#hash !== null) {
-      throw new RangeError("Leaf hash already set");
-    }
-    this.#hash = value2;
-  }
-  reset() {
-    this.#hash = null;
-  }
-};
-var ParentNode = class extends BaseNode {
-  #left;
-  #right;
-  constructor(index, depth, left, right) {
-    super(index, depth);
-    this.#left = left;
-    this.#right = right;
-  }
-  get left() {
-    return this.#left;
-  }
-  set left(node) {
-    this.#left = node;
-  }
-  get right() {
-    return this.#right;
-  }
-  set right(node) {
-    this.#right = node;
-  }
-  reset() {
-    this.#left.reset();
-    this.#right.reset();
-  }
-};
 init_shim2();
 var ValidationState;
 (function(ValidationState2) {
@@ -112356,375 +112212,80 @@ var ValidationState;
   ValidationState2[ValidationState2["Valid"] = 1] = "Valid";
   ValidationState2[ValidationState2["Invalid"] = 2] = "Invalid";
 })(ValidationState || (ValidationState = {}));
-var SMTProof = class _SMTProof {
-  #converge;
-  #hashes;
-  constructor(converge, hashes2) {
-    this.#converge = converge;
-    this.#hashes = hashes2;
-  }
-  /** Converge bitmap: bit `i` set means a sibling hash exists at depth `256 - i - 1`. */
-  get converge() {
-    return this.#converge;
-  }
-  /** Sibling hashes at converge points, ordered leaf-to-root. */
-  get hashes() {
-    return this.#hashes;
-  }
-  /**
-   * Verify this proof for a single leaf.
-   *
-   * @param index         - Leaf index in the 256-bit key space.
-   * @param candidateHash - Expected leaf hash.
-   * @param rootHash      - Expected root hash.
-   * @returns `true` if the proof is valid.
-   */
-  isValid(index, candidateHash, rootHash) {
-    return this.#validate(index, candidateHash, rootHash);
-  }
-  /**
-   * Batch-validate multiple proofs against the same root hash.
-   *
-   * Caches intermediate (partial) proofs so that subsequent candidates
-   * sharing an ancestor path can short-circuit once a cached match is found.
-   *
-   * @yields One {@link SMTProofResult} per candidate.
-   */
-  static *isValidBatch(candidates, rootHash) {
-    const cache42 = /* @__PURE__ */ new Map();
-    for (const candidate of candidates) {
-      const added = [];
-      const { index } = candidate;
-      const valid = candidate.proof.#validate(index | OUTER_BIT, candidate.hash, rootHash, (nodeIndex, partial) => {
-        const cached = cache42.get(nodeIndex);
-        if (cached === void 0) {
-          cache42.set(nodeIndex, partial);
-          added.push(nodeIndex);
-          return ValidationState.Pending;
-        }
-        if (hashesEqual(partial.hash, cached.hash) && partial.converge === cached.converge && partial.hashes.length === cached.hashes.length && partial.hashes.every((h, i42) => hashesEqual(h, cached.hashes[i42]))) {
-          return ValidationState.Valid;
-        }
-        return ValidationState.Invalid;
-      });
-      if (!valid) {
-        for (const key of added)
-          cache42.delete(key);
-      }
-      yield { index, valid, additional: candidate.additional };
-    }
-  }
-  /**
-   * Export to JSON.
-   * @param base64  - Use base64 encoding instead of hex (default: `false`).
-   * @param compact - Omit whitespace (default: `true`).
-   */
-  toJSON(base6462 = false, compact = true) {
-    const convergeStr = base6462 ? bigIntToBase64(this.#converge, false) : bigIntToHex(this.#converge, false);
-    const hashStrs = this.#hashes.map((h) => base6462 ? hashToBase64(h) : hashToHex(h));
-    const obj = { converge: convergeStr, hashes: hashStrs };
-    return JSON.stringify(obj, null, compact ? 0 : 2);
-  }
-  /**
-   * Import from JSON.
-   * @param json   - JSON string.
-   * @param base64 - Parse base64 instead of hex (default: `false`).
-   */
-  static fromJSON(json, base6462 = false) {
-    const raw = JSON.parse(json);
-    if (typeof raw?.converge !== "string" || !Array.isArray(raw.hashes)) {
-      throw new RangeError("Invalid SMTProof JSON: expected { converge, hashes }");
-    }
-    const converge = base6462 ? base64ToBigInt(raw.converge, false) : hexToBigInt(raw.converge, false);
-    const hashes2 = raw.hashes.map((h) => base6462 ? base64ToHash(h) : hexToHash(h));
-    return new _SMTProof(converge, hashes2);
-  }
-  /**
-   * Export to compact binary format.
-   *
-   * Layout: `[convergeZeroCount : 1] [truncatedConverge : 32-zc] [hashCount : 1] [hashes : N*32]`
-   */
-  toBinary() {
-    const convergeBin = bigIntToHash(this.#converge);
-    let zc = 0;
-    while (zc < HASH_BYTE_LENGTH && convergeBin[zc] === 0)
-      zc++;
-    const truncated = convergeBin.slice(zc);
-    const hashCount = this.#hashes.length;
-    const totalBytes = 1 + truncated.length + 1 + hashCount * HASH_BYTE_LENGTH;
-    const out = new Uint8Array(totalBytes);
-    let pos = 0;
-    out[pos++] = zc;
-    out.set(truncated, pos);
-    pos += truncated.length;
-    out[pos++] = hashCount;
-    for (const h of this.#hashes) {
-      out.set(h, pos);
-      pos += HASH_BYTE_LENGTH;
-    }
-    return out;
-  }
-  /**
-   * Import from compact binary format.
-   * Accepts any sync or async byte iterable (e.g. `Uint8Array`, `ReadableStream`).
-   */
-  static async fromBinary(source) {
-    const iter = Symbol.iterator in source ? source[Symbol.iterator]() : source[Symbol.asyncIterator]();
-    async function readBytes(n2) {
-      const buf2 = new Uint8Array(n2);
-      for (let i42 = 0; i42 < n2; i42++) {
-        const r2 = await iter.next();
-        if (r2.done)
-          throw new Error("Unexpected end of binary source");
-        buf2[i42] = r2.value;
-      }
-      return buf2;
-    }
-    const zc = (await readBytes(1))[0];
-    const convergeBin = new Uint8Array(HASH_BYTE_LENGTH);
-    convergeBin.set(await readBytes(HASH_BYTE_LENGTH - zc), zc);
-    const hashCount = (await readBytes(1))[0];
-    const hashes2 = new Array(hashCount);
-    for (let i42 = 0; i42 < hashCount; i42++) {
-      hashes2[i42] = await readBytes(HASH_BYTE_LENGTH);
-    }
-    return new _SMTProof(hashToBigInt(convergeBin), hashes2);
-  }
-  #validate(index, candidateHash, rootHash, onMerge) {
-    let nodeIndex = index;
-    let nodeHash = candidateHash;
-    let remaining = this.#converge;
-    const hashes2 = this.#hashes;
-    let hi = 0;
-    const leftPad = [];
-    const rightPad = [];
-    const finalizePadding = () => {
-      if (leftPad.length > 0 || rightPad.length > 0) {
-        nodeHash = blockHash(new Uint8Array(leftPad), nodeHash, new Uint8Array(rightPad));
-        leftPad.length = 0;
-        rightPad.length = 0;
-      }
-    };
-    let state = ValidationState.Pending;
-    for (let i42 = 0; state === ValidationState.Pending && i42 < HASH_BIT_LENGTH; i42++) {
-      const isLeft = (nodeIndex & 1n) === 0n;
-      nodeIndex >>= 1n;
-      const bit = BITS[i42];
-      if ((remaining & bit) !== 0n) {
-        remaining ^= bit;
-        finalizePadding();
-        if (hi >= hashes2.length) {
-          state = ValidationState.Invalid;
-        } else {
-          const peer = hashes2[hi++];
-          nodeHash = isLeft ? blockHash(nodeHash, peer) : blockHash(peer, nodeHash);
-          if (onMerge !== void 0) {
-            state = onMerge(nodeIndex, {
-              hash: nodeHash,
-              converge: remaining,
-              hashes: hashes2.slice(hi)
-            });
-          }
-        }
-      } else {
-        const depth = HASH_BIT_LENGTH - i42 - 1;
-        if (isLeft) {
-          rightPad.push(depth);
-        } else {
-          leftPad.unshift(depth);
-        }
-      }
-    }
-    finalizePadding();
-    if (state === ValidationState.Pending) {
-      state = hi === hashes2.length && hashesEqual(nodeHash, rootHash) ? ValidationState.Valid : ValidationState.Invalid;
-    }
-    return state === ValidationState.Valid;
-  }
-};
 init_shim2();
-var OptimizedSMT = class _OptimizedSMT {
-  /** `2^256` — sentinel bit above the key space. Used by batch validation. */
-  static OUTER_BIT = OUTER_BIT;
-  /** Pre-computed MSB-first bit masks for tree traversal. */
-  static BITS = BITS;
-  #allowNonInclusion;
-  #root = null;
-  #rootHash = null;
-  #proofs = /* @__PURE__ */ new Map();
-  constructor(allowNonInclusion) {
-    this.#allowNonInclusion = allowNonInclusion;
-  }
-  get allowNonInclusion() {
-    return this.#allowNonInclusion;
+init_shim2();
+var TREE_DEPTH = HASH_BIT_LENGTH;
+function bitAt(index, position) {
+  return Number(index >> BigInt(position) & 1n);
+}
+var CACHED_ZERO = (() => {
+  const arr = new Array(TREE_DEPTH + 1);
+  let z = new Uint8Array(HASH_BYTE_LENGTH);
+  for (let h = 0; h <= TREE_DEPTH; h++) {
+    z = blockHash(z, z);
+    arr[h] = z;
   }
-  /** Root hash. Throws if tree has not been finalized. */
-  get rootHash() {
-    if (this.#rootHash === null)
-      throw new RangeError("SMT not finalized");
-    return this.#rootHash;
-  }
-  // -----------------------------------------------------------------------
-  // Build phase
-  // -----------------------------------------------------------------------
-  /**
-   * Add leaf indexes to the tree.
-   * May be called multiple times before finalization. Duplicate indexes throw.
-   */
-  add(indexes) {
-    this.#checkNotFinalized();
-    for (const index of indexes) {
-      if (index < 0n || index >= _OptimizedSMT.OUTER_BIT) {
-        throw new RangeError("Index out of range");
-      }
-      const leaf = new LeafNode(index, HASH_BIT_LENGTH);
-      if (this.#root === null) {
-        this.#root = leaf;
+  return arr;
+})();
+function subtreeHash(leaves, height) {
+  if (leaves.length === 0)
+    return CACHED_ZERO[height];
+  if (height === 0)
+    return leaves[0].leaf;
+  const bit = TREE_DEPTH - height;
+  const left = [];
+  const right = [];
+  for (const e2 of leaves)
+    (bitAt(e2.index, bit) === 0 ? left : right).push(e2);
+  return blockHash(subtreeHash(left, height - 1), subtreeHash(right, height - 1));
+}
+function zeroHashRoot(leaves) {
+  return subtreeHash(leaves, TREE_DEPTH);
+}
+function generateZeroHashProof(leaves, targetIndex) {
+  let collapsed = 0n;
+  const hashes2 = [];
+  for (let height = 1; height <= TREE_DEPTH; height++) {
+    const bit = TREE_DEPTH - height;
+    const siblingLeaves = [];
+    for (const e2 of leaves) {
+      if (e2.index === targetIndex)
         continue;
-      }
-      let replaceNode = (node2) => {
-        this.#root = node2;
-      };
-      let node = this.#root;
-      let commonIndex = 0n;
-      let commonDepth = 0;
-      let done = false;
-      while (!done) {
-        const bit = BITS[commonDepth];
-        const indexBit = index & bit;
-        const isLeft = indexBit === 0n;
-        if (commonDepth === node.depth) {
-          if (node instanceof ParentNode) {
-            const parent = node;
-            if (isLeft) {
-              node = parent.left;
-              replaceNode = (n2) => {
-                parent.left = n2;
-              };
-            } else {
-              node = parent.right;
-              replaceNode = (n2) => {
-                parent.right = n2;
-              };
-            }
-          } else {
-            throw new RangeError("Duplicate index");
-          }
-        } else if ((node.index & bit) === indexBit) {
-          commonIndex |= indexBit;
-          commonDepth++;
-        } else {
-          replaceNode(new ParentNode(commonIndex, commonDepth, isLeft ? leaf : node, isLeft ? node : leaf));
-          done = true;
+      let sharesLowerPath = true;
+      for (let lower = 0; lower < bit; lower++) {
+        if (bitAt(e2.index, lower) !== bitAt(targetIndex, lower)) {
+          sharesLowerPath = false;
+          break;
         }
       }
+      if (sharesLowerPath && bitAt(e2.index, bit) !== bitAt(targetIndex, bit))
+        siblingLeaves.push(e2);
     }
-  }
-  /**
-   * Set the hash for a leaf at the given index.
-   * The index must have been previously added via {@link add}.
-   * Each leaf's hash can only be set once (until {@link reset}).
-   */
-  setHash(index, hash32) {
-    this.#checkNotFinalized();
-    validateHash(hash32);
-    let node = this.#root;
-    if (node === null)
-      throw new RangeError("Empty SMT");
-    while (node instanceof ParentNode) {
-      node = (index & BITS[node.depth]) === 0n ? node.left : node.right;
-    }
-    if (node.index !== index)
-      throw new RangeError("Index not found");
-    node.hash = hash32;
-  }
-  // -----------------------------------------------------------------------
-  // Finalize phase
-  // -----------------------------------------------------------------------
-  /**
-   * Compute root hash and generate all proofs in a single recursive pass.
-   * Must be called after all hashes are set.
-   */
-  finalize() {
-    if (this.#root === null) {
-      this.#rootHash = NULL_HASH;
-      return;
+    if (siblingLeaves.length === 0) {
+      collapsed |= 1n << BigInt(bit);
+    } else {
+      hashes2.push(subtreeHash(siblingLeaves, height - 1));
     }
-    const result = this.#finalizeStep(this.#root, 0n, 0);
-    this.#rootHash = result.hash;
-    result.saveProofs([]);
-  }
-  /** Retrieve the proof for an index. Only valid after {@link finalize}. */
-  proof(index) {
-    const p2 = this.#proofs.get(index);
-    if (p2 === void 0)
-      throw new RangeError("Proof not found");
-    return p2;
   }
-  /** Clear hashes and proofs, keeping the tree structure for reuse. */
-  reset() {
-    this.#root?.reset();
-    this.#rootHash = null;
-    this.#proofs.clear();
-  }
-  /**
-   * Check if the SMT has not been finalized yet.
-   * @throws {Error} If the SMT has already been finalized.
-   */
-  #checkNotFinalized() {
-    if (this.#rootHash !== null)
-      throw new Error("SMT already finalized");
-  }
-  /**
-   * Perform a single step of finalization on the given node.
-   * @param {Node} node The node to finalize.
-   * @param {bigint} parentConverge The convergence value from the parent node.
-   * @param {number} depth The current depth in the tree.
-   * @returns {FinalizeStepResult} The result of the finalization step.
-   */
-  #finalizeStep(node, parentConverge, depth) {
-    const converge = parentConverge | BITS[HASH_BIT_LENGTH - depth];
-    let hash32;
-    let saveProofs;
-    if (node instanceof ParentNode) {
-      const childDepth = node.depth + 1;
-      const leftResult = this.#finalizeStep(node.left, converge, childDepth);
-      const rightResult = this.#finalizeStep(node.right, converge, childDepth);
-      hash32 = blockHash(leftResult.hash, rightResult.hash);
-      saveProofs = (hashes2) => {
-        const leftHashes = hashes2;
-        const rightHashes = hashes2.slice();
-        leftHashes.unshift(rightResult.hash);
-        rightHashes.unshift(leftResult.hash);
-        leftResult.saveProofs(leftHashes);
-        rightResult.saveProofs(rightHashes);
-      };
+  return { collapsed, hashes: hashes2 };
+}
+function verifyZeroHash(collapsed, hashes2, index, candidate, root) {
+  let acc = candidate;
+  let hashPtr = 0;
+  for (let n2 = 0; n2 < TREE_DEPTH; n2++) {
+    const i42 = TREE_DEPTH - 1 - n2;
+    let sibling;
+    if ((collapsed >> BigInt(i42) & 1n) === 1n) {
+      sibling = CACHED_ZERO[n2];
     } else {
-      if (node.hash === null) {
-        if (!this.#allowNonInclusion)
-          throw new RangeError("Hash missing");
-        node.hash = NULL_HASH;
-      }
-      hash32 = node.hash;
-      saveProofs = (hashes2) => {
-        this.#proofs.set(node.index, new SMTProof(converge, hashes2));
-      };
-    }
-    if (node.depth !== depth) {
-      const leftPad = [];
-      const rightPad = [];
-      for (let i42 = node.depth - 1; i42 >= depth; i42--) {
-        if ((node.index & BITS[i42]) === 0n) {
-          rightPad.push(i42);
-        } else {
-          leftPad.unshift(i42);
-        }
-      }
-      hash32 = blockHash(new Uint8Array(leftPad), hash32, new Uint8Array(rightPad));
+      if (hashPtr >= hashes2.length)
+        return false;
+      sibling = hashes2[hashPtr++];
     }
-    return { hash: hash32, saveProofs };
+    acc = bitAt(index, i42) === 1 ? blockHash(sibling, acc) : blockHash(acc, sibling);
   }
-};
+  return hashPtr === hashes2.length && hashesEqual(acc, root);
+}
 init_shim2();
 var encoder = new TextEncoder();
 function didToIndex(did) {
@@ -112737,49 +112298,51 @@ function nonInclusionLeafHash(nonce) {
   return blockHash(blockHash(nonce));
 }
 init_shim2();
-function serializeProof(proof, rootHash, options2) {
+function serializeProof(rootHash, proof, options2) {
   const result = {
-    id: hashToHex(rootHash),
-    collapsed: bigIntToHex(proof.converge, false),
-    hashes: proof.hashes.map((h) => hashToHex(h))
+    id: hashToBase64Url(rootHash),
+    collapsed: hashToBase64Url(bigIntToHash(proof.collapsed)),
+    hashes: proof.hashes.map((h) => hashToBase64Url(h))
   };
   if (options2?.nonce)
-    result.nonce = hashToHex(options2.nonce);
+    result.nonce = hashToBase64Url(options2.nonce);
   if (options2?.updateId)
-    result.updateId = hashToHex(options2.updateId);
+    result.updateId = hashToBase64Url(options2.updateId);
   return result;
 }
 function deserializeProof(serialized) {
-  const converge = hexToBigInt(serialized.collapsed, false);
-  const hashes2 = serialized.hashes.map((h) => hexToHash(h));
   const result = {
-    proof: new SMTProof(converge, hashes2),
-    rootHash: hexToHash(serialized.id)
+    rootHash: base64UrlToHash(serialized.id),
+    collapsed: hashToBigInt(base64UrlToHash(serialized.collapsed)),
+    hashes: serialized.hashes.map((h) => base64UrlToHash(h))
   };
   if (serialized.nonce)
-    result.nonce = hexToHash(serialized.nonce);
+    result.nonce = base64UrlToHash(serialized.nonce);
   if (serialized.updateId)
-    result.updateId = hexToHash(serialized.updateId);
+    result.updateId = base64UrlToHash(serialized.updateId);
   return result;
 }
 function verifySerializedProof(serialized, index, candidateHash) {
-  const { proof, rootHash } = deserializeProof(serialized);
-  return proof.isValid(index, candidateHash, rootHash);
+  const { rootHash, collapsed, hashes: hashes2 } = deserializeProof(serialized);
+  return verifyZeroHash(collapsed, hashes2, index, candidateHash, rootHash);
 }
 init_shim2();
 var BTCR2MerkleTree = class {
-  #smt;
   #entries = /* @__PURE__ */ new Map();
   #indexByDid = /* @__PURE__ */ new Map();
-  constructor(allowNonInclusion = true) {
-    this.#smt = new OptimizedSMT(allowNonInclusion);
+  #leaves = null;
+  #root = null;
+  /**
+   * @param _allowNonInclusion Retained for API compatibility; non-inclusion
+   *   leaves are always supported (an entry without `signedUpdate`).
+   */
+  constructor(_allowNonInclusion = true) {
   }
   /**
    * Add entries to the tree. May be called multiple times before
    * {@link finalize}. Duplicate DIDs (same index) throw.
    */
   addEntries(entries) {
-    const indexes = [];
     for (const entry of entries) {
       const index = didToIndex(entry.did);
       if (this.#entries.has(index)) {
@@ -112787,24 +112350,28 @@ var BTCR2MerkleTree = class {
       }
       this.#entries.set(index, entry);
       this.#indexByDid.set(entry.did, index);
-      indexes.push(index);
     }
-    this.#smt.add(indexes);
+    this.#leaves = null;
+    this.#root = null;
   }
   /**
-   * Compute leaf hashes and finalize the tree.
+   * Compute leaf hashes and the zero-hash root.
    * After this call, {@link rootHash} and {@link proof} become available.
    */
   finalize() {
+    const leaves = [];
     for (const [index, entry] of this.#entries) {
-      const leafHash = entry.signedUpdate !== void 0 ? inclusionLeafHash(entry.nonce, entry.signedUpdate) : nonInclusionLeafHash(entry.nonce);
-      this.#smt.setHash(index, leafHash);
+      const leaf = entry.signedUpdate !== void 0 ? inclusionLeafHash(entry.nonce, entry.signedUpdate) : nonInclusionLeafHash(entry.nonce);
+      leaves.push({ index, leaf });
     }
-    this.#smt.finalize();
+    this.#leaves = leaves;
+    this.#root = zeroHashRoot(leaves);
   }
   /** Root hash of the finalized tree. Throws if not finalized. */
   get rootHash() {
-    return this.#smt.rootHash;
+    if (this.#root === null)
+      throw new Error("Tree not finalized: call finalize() first");
+    return this.#root;
   }
   /**
    * Get the did:btcr2 serialized proof for a DID.
@@ -112814,14 +112381,18 @@ var BTCR2MerkleTree = class {
     const index = this.#indexByDid.get(did);
     if (index === void 0)
       throw new RangeError(`DID not in tree: ${did}`);
+    if (this.#leaves === null || this.#root === null) {
+      throw new Error("Tree not finalized: call finalize() first");
+    }
     const entry = this.#entries.get(index);
-    const smtProof = this.#smt.proof(index);
+    const proof = generateZeroHashProof(this.#leaves, index);
     const updateId = entry.signedUpdate !== void 0 ? blockHash(entry.signedUpdate) : void 0;
-    return serializeProof(smtProof, this.#smt.rootHash, { nonce: entry.nonce, updateId });
+    return serializeProof(this.#root, proof, { nonce: entry.nonce, updateId });
   }
-  /** Clear hashes and proofs, keeping tree structure. Entries are preserved. */
+  /** Clear computed leaves and root, keeping entries. */
   reset() {
-    this.#smt.reset();
+    this.#leaves = null;
+    this.#root = null;
   }
 };
 var CAS_STRATEGY = {
@@ -112854,12 +112425,12 @@ var SMT_STRATEGY = {
     const smtProof = body.smtProof;
     if (!smtProof?.updateId || !smtProof?.nonce) return { matches: false };
     const canonicalBytes = new TextEncoder().encode(canonicalize2(submittedUpdate));
-    const expectedUpdateId = hashToHex(blockHash(canonicalBytes));
+    const expectedUpdateId = hashToBase64Url(blockHash(canonicalBytes));
     if (smtProof.updateId !== expectedUpdateId) {
       return { matches: false, smtProof };
     }
     const index = didToIndex(participantDid);
-    const candidateHash = blockHash(blockHash(hexToHash(smtProof.nonce)), hexToHash(smtProof.updateId));
+    const candidateHash = blockHash(blockHash(base64UrlToHash(smtProof.nonce)), base64UrlToHash(smtProof.updateId));
     return {
       matches: verifySerializedProof(smtProof, index, candidateHash),
       smtProof
@@ -117135,8 +116706,8 @@ function encrypt2(secretKey, pubkey, text) {
   let iv = Uint8Array.from(randomBytes2(16));
   let plaintext = utf8Encoder.encode(text);
   let ciphertext = cbc(normalizedKey, iv).encrypt(plaintext);
-  let ctb64 = base642.encode(new Uint8Array(ciphertext));
-  let ivb64 = base642.encode(new Uint8Array(iv.buffer));
+  let ctb64 = base64.encode(new Uint8Array(ciphertext));
+  let ivb64 = base64.encode(new Uint8Array(iv.buffer));
   return `${ctb64}?iv=${ivb64}`;
 }
 function decrypt2(secretKey, pubkey, data) {
@@ -117144,8 +116715,8 @@ function decrypt2(secretKey, pubkey, data) {
   let [ctb64, ivb64] = data.split("?iv=");
   let key = secp256k1.getSharedSecret(privkey, hexToBytes2("02" + pubkey));
   let normalizedKey = getNormalizedX(key);
-  let iv = base642.decode(ivb64);
-  let ciphertext = base642.decode(ctb64);
+  let iv = base64.decode(ivb64);
+  let ciphertext = base64.decode(ctb64);
   let plaintext = cbc(normalizedKey, iv).decrypt(ciphertext);
   return utf8Decoder.decode(plaintext);
 }
@@ -117465,7 +117036,7 @@ function decodePayload(payload) {
     throw new Error("unknown encryption version");
   let data;
   try {
-    data = base642.decode(payload);
+    data = base64.decode(payload);
   } catch (error) {
     throw new Error("invalid base64: " + error.message);
   }
@@ -117486,7 +117057,7 @@ function encrypt22(plaintext, conversationKey, nonce = randomBytes2(32)) {
   const padded = pad(plaintext);
   const ciphertext = chacha20(chacha_key, chacha_nonce, padded);
   const mac = hmacAad(hmac_key, ciphertext, nonce);
-  return base642.encode(concatBytes2(new Uint8Array([2]), nonce, ciphertext, mac));
+  return base64.encode(concatBytes2(new Uint8Array([2]), nonce, ciphertext, mac));
 }
 function decrypt22(payload, conversationKey) {
   const { nonce, ciphertext, mac } = decodePayload(payload);
@@ -118761,7 +118332,7 @@ async function getToken(loginUrl, httpMethod, sign, includeAuthorizationScheme =
   }
   const signedEvent = await sign(event);
   const authorizationScheme = includeAuthorizationScheme ? _authorizationScheme : "";
-  return authorizationScheme + base642.encode(utf8Encoder.encode(JSON.stringify(signedEvent)));
+  return authorizationScheme + base64.encode(utf8Encoder.encode(JSON.stringify(signedEvent)));
 }
 async function validateToken(token, url, method) {
   const event = await unpackEventFromToken(token).catch((error) => {
@@ -118777,7 +118348,7 @@ async function unpackEventFromToken(token) {
     throw new Error("Missing token");
   }
   token = token.replace(_authorizationScheme, "");
-  const eventB64 = utf8Decoder.decode(base642.decode(token));
+  const eventB64 = utf8Decoder.decode(base64.decode(token));
   if (!eventB64 || eventB64.length === 0 || !eventB64.startsWith("{")) {
     throw new Error("Invalid token");
   }
@@ -119357,9 +118928,6 @@ var SMTBeacon = class extends Beacon {
         });
         continue;
       }
-      if (!smtProof.updateId) {
-        continue;
-      }
       if (!smtProof.nonce) {
         throw new SMTBeaconError(
           "SMT proof missing required nonce field.",
@@ -119368,7 +118936,8 @@ var SMTBeacon = class extends Beacon {
         );
       }
       const index = didToIndex(did);
-      const candidateHash = blockHash(blockHash(hexToHash(smtProof.nonce)), hexToHash(smtProof.updateId));
+      const nonceHash2 = base64UrlToHash(smtProof.nonce);
+      const candidateHash = smtProof.updateId ? blockHash(blockHash(nonceHash2), base64UrlToHash(smtProof.updateId)) : blockHash(blockHash(nonceHash2));
       const valid = verifySerializedProof(smtProof, index, candidateHash);
       if (!valid) {
         throw new SMTBeaconError(
@@ -119377,11 +118946,15 @@ var SMTBeacon = class extends Beacon {
           { smtProof, did }
         );
       }
-      const signedUpdate = sidecar.updateMap.get(smtProof.updateId);
+      if (!smtProof.updateId) {
+        continue;
+      }
+      const updateHashHex = hashToHex(base64UrlToHash(smtProof.updateId));
+      const signedUpdate = sidecar.updateMap.get(updateHashHex);
       if (!signedUpdate) {
         needs.push({
           kind: "NeedSignedUpdate",
-          updateHash: smtProof.updateId,
+          updateHash: updateHashHex,
           beaconServiceId: this.service.id
         });
         continue;
@@ -135137,7 +134710,7 @@ var Resolver = class _Resolver {
     const smtMap = /* @__PURE__ */ new Map();
     if (sidecar.smtProofs?.length)
       for (const proof of sidecar.smtProofs) {
-        smtMap.set(proof.id, proof);
+        smtMap.set(encode(decode(proof.id, "base64urlnopad"), "hex"), proof);
       }
     return { updateMap, casMap, smtMap };
   }
@@ -135425,11 +134998,12 @@ var Resolver = class _Resolver {
       case "NeedSMTProof": {
         const smtNeed = need;
         const proof = data;
-        if (proof.id !== smtNeed.smtRootHash) {
+        const proofIdHex = encode(decode(proof.id, "base64urlnopad"), "hex");
+        if (proofIdHex !== smtNeed.smtRootHash) {
           throw new ResolveError(
-            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proof.id}`,
+            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proofIdHex}`,
             INVALID_DID_UPDATE,
-            { expected: smtNeed.smtRootHash, actual: proof.id }
+            { expected: smtNeed.smtRootHash, actual: proofIdHex }
           );
         }
         this.#sidecarData.smtMap.set(smtNeed.smtRootHash, proof);
@@ -136066,7 +135640,7 @@ var powers3 = /* @__PURE__ */ (() => {
     res.push(2 ** i5);
   return res;
 })();
-function convertRadix23(data, from14, to, padding3) {
+function convertRadix23(data, from14, to, padding2) {
   aArr3(data);
   if (from14 <= 0 || from14 > 32)
     throw new Error(`convertRadix2: wrong from=${from14}`);
@@ -136096,11 +135670,11 @@ function convertRadix23(data, from14, to, padding3) {
     carry &= pow4 - 1;
   }
   carry = carry << to - pos & mask;
-  if (!padding3 && pos >= from14)
+  if (!padding2 && pos >= from14)
     throw new Error("Excess padding");
-  if (!padding3 && carry > 0)
+  if (!padding2 && carry > 0)
     throw new Error(`Non-zero padding: ${carry}`);
-  if (padding3 && pos > 0)
+  if (padding2 && pos > 0)
     res.push(carry >>> 0);
   return res;
 }
@@ -146697,7 +146271,7 @@ var base58flickr5 = baseX5({
 // ../../node_modules/.pnpm/multiformats@13.1.0/node_modules/multiformats/dist/src/bases/base64.js
 init_shim();
-var base646 = rfc46485({
+var base642 = rfc46485({
   prefix: "m",
   name: "base64",
   alphabet: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
@@ -158681,7 +158255,7 @@ var rfc46486 = ({ name: name11, prefix: prefix2, bitsPerChar, alphabet: alphabet
 };
 // ../../node_modules/.pnpm/multiformats@12.1.3/node_modules/multiformats/src/bases/base64.js
-var base647 = rfc46486({
+var base646 = rfc46486({
   prefix: "m",
   name: "base64",
   alphabet: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",