@did-btcr2/method 0.29.0 → 0.33.0

package/dist/cjs/index.js

@@ -62,7 +62,9 @@ __export(index_exports, {
   CONSOLE_LOGGER: () => CONSOLE_LOGGER,
   DEFAULT_ADVERT_REPEAT_INTERVAL_MS: () => DEFAULT_ADVERT_REPEAT_INTERVAL_MS,
   DEFAULT_BROADCAST_LOOKBACK_MS: () => DEFAULT_BROADCAST_LOOKBACK_MS,
+  DEFAULT_CLOCK_SKEW_SEC: () => DEFAULT_CLOCK_SKEW_SEC,
   DEFAULT_MAX_UPDATE_SIZE_BYTES: () => DEFAULT_MAX_UPDATE_SIZE_BYTES,
+  DEFAULT_NONCE_LEN_BYTES: () => DEFAULT_NONCE_LEN_BYTES,
   DEFAULT_NOSTR_RELAYS: () => DEFAULT_NOSTR_RELAYS,
   DID_REGEX: () => DID_REGEX,
   DISTRIBUTE_AGGREGATED_DATA: () => DISTRIBUTE_AGGREGATED_DATA,
@@ -73,16 +75,31 @@ __export(index_exports, {
   DidVerificationMethod: () => DidVerificationMethod,
   Document: () => Document,
   GenesisDocument: () => GenesisDocument,
+  HTTP_ENVELOPE_VERSION: () => HTTP_ENVELOPE_VERSION,
+  HTTP_ROUTE: () => HTTP_ROUTE,
+  HttpClientTransport: () => HttpClientTransport,
+  HttpServerTransport: () => HttpServerTransport,
+  HttpTransportError: () => HttpTransportError,
   ID_PLACEHOLDER_VALUE: () => ID_PLACEHOLDER_VALUE,
   Identifier: () => Identifier,
+  InMemoryRateLimitStore: () => InMemoryRateLimitStore,
+  InboxBuffer: () => InboxBuffer,
   NONCE_CONTRIBUTION: () => NONCE_CONTRIBUTION,
+  NonceCache: () => NonceCache,
   NostrTransport: () => NostrTransport,
+  P2PKH_BEACON_TX_VSIZE: () => P2PKH_BEACON_TX_VSIZE,
+  P2TR_BEACON_TX_VSIZE: () => P2TR_BEACON_TX_VSIZE,
+  P2WPKH_BEACON_TX_VSIZE: () => P2WPKH_BEACON_TX_VSIZE,
   ParticipantCohortPhase: () => ParticipantCohortPhase,
+  REQUEST_AUTH_SCHEME: () => REQUEST_AUTH_SCHEME,
+  RateLimiter: () => RateLimiter,
   Resolver: () => Resolver,
   SIGNATURE_AUTHORIZATION: () => SIGNATURE_AUTHORIZATION,
   SILENT_LOGGER: () => SILENT_LOGGER,
+  SINGLETON_BEACON_TX_VSIZE: () => SINGLETON_BEACON_TX_VSIZE,
   SMTBeacon: () => SMTBeacon,
   SMTBeaconError: () => SMTBeaconError,
+  SSE_EVENT: () => SSE_EVENT,
   SUBMIT_UPDATE: () => SUBMIT_UPDATE,
   ServiceCohortPhase: () => ServiceCohortPhase,
   SigningSessionError: () => SigningSessionError,
@@ -97,6 +114,7 @@ __export(index_exports, {
   Updater: () => Updater,
   VALIDATION_ACK: () => VALIDATION_ACK,
   buildAggregationBeaconTx: () => buildAggregationBeaconTx,
+  buildRequestAuth: () => buildRequestAuth,
   createAggregatedNonceMessage: () => createAggregatedNonceMessage,
   createAuthorizationRequestMessage: () => createAuthorizationRequestMessage,
   createCohortAdvertMessage: () => createCohortAdvertMessage,
@@ -108,6 +126,11 @@ __export(index_exports, {
   createSignatureAuthorizationMessage: () => createSignatureAuthorizationMessage,
   createSubmitUpdateMessage: () => createSubmitUpdateMessage,
   createValidationAckMessage: () => createValidationAckMessage,
+  defaultReconnectBackoff: () => defaultReconnectBackoff,
+  deriveSingletonAddress: () => deriveSingletonAddress,
+  detectSingletonScriptKind: () => detectSingletonScriptKind,
+  formatSseComment: () => formatSseComment,
+  formatSseEvent: () => formatSseEvent,
   getBeaconStrategy: () => getBeaconStrategy,
   isAggregatedNonceMessage: () => isAggregatedNonceMessage,
   isAggregationMessageType: () => isAggregationMessageType,
@@ -124,8 +147,15 @@ __export(index_exports, {
   isSubmitUpdateMessage: () => isSubmitUpdateMessage,
   isUpdateMessageType: () => isUpdateMessageType,
   isValidationAckMessage: () => isValidationAckMessage,
+  normalizeForWire: () => normalizeForWire,
   opReturnScript: () => opReturnScript,
-  registerBeaconStrategy: () => registerBeaconStrategy
+  parseRequestAuth: () => parseRequestAuth,
+  parseSseStream: () => parseSseStream,
+  registerBeaconStrategy: () => registerBeaconStrategy,
+  reviveFromWire: () => reviveFromWire,
+  signEnvelope: () => signEnvelope,
+  verifyEnvelope: () => verifyEnvelope,
+  verifyRequestAuth: () => verifyRequestAuth
 });
 module.exports = __toCommonJS(index_exports);
 
@@ -167,12 +197,12 @@ var SMT_STRATEGY = {
     const smtProof = body.smtProof;
     if (!smtProof?.updateId || !smtProof?.nonce) return { matches: false };
     const canonicalBytes = new TextEncoder().encode((0, import_common.canonicalize)(submittedUpdate));
-    const expectedUpdateId = (0, import_smt.hashToHex)((0, import_smt.blockHash)(canonicalBytes));
+    const expectedUpdateId = (0, import_smt.hashToBase64Url)((0, import_smt.blockHash)(canonicalBytes));
     if (smtProof.updateId !== expectedUpdateId) {
       return { matches: false, smtProof };
     }
     const index = (0, import_smt.didToIndex)(participantDid);
-    const candidateHash = (0, import_smt.blockHash)((0, import_smt.blockHash)((0, import_smt.hexToHash)(smtProof.nonce)), (0, import_smt.hexToHash)(smtProof.updateId));
+    const candidateHash = (0, import_smt.blockHash)((0, import_smt.blockHash)((0, import_smt.base64UrlToHash)(smtProof.nonce)), (0, import_smt.base64UrlToHash)(smtProof.updateId));
     return {
       matches: (0, import_smt.verifySerializedProof)(smtProof, index, candidateHash),
       smtProof
@@ -1751,11 +1781,1392 @@ var TransportAdapterError = class extends import_common6.MethodError {
 };
 
 // src/core/aggregation/transport/factory.ts
+var import_common10 = require("@did-btcr2/common");
+
+// src/core/aggregation/transport/http/client.ts
+var import_keypair2 = require("@did-btcr2/keypair");
+
+// src/core/identifier.ts
 var import_common7 = require("@did-btcr2/common");
+var import_keypair = require("@did-btcr2/keypair");
+var import_base4 = require("@scure/base");
+var Identifier = class _Identifier {
+  /**
+   * Implements {@link https://dcdpr.github.io/did-btcr2/#didbtcr2-identifier-encoding | 3.2 did:btcr2 Identifier Encoding}.
+   *
+   * A did:btcr2 DID consists of a did:btcr2 prefix, followed by an id-bech32 value, which is a Bech32m encoding of:
+   *  - the specification version;
+   *  - the Bitcoin network identifier; and
+   *  - either:
+   *    - a key-value representing a secp256k1 public key; or
+   *    - a hash-value representing the hash of an initiating external DID document.
+   *
+   * @param {KeyBytes | DocumentBytes} genesisBytes The genesis bytes (public key or document bytes).
+   * @param {DidCreateOptions} options The DID creation options.
+   * @returns {string} The new did:btcr2 identifier.
+   */
+  static encode(genesisBytes, options) {
+    const { idType, version = 1, network } = options;
+    if (!(idType in import_common7.IdentifierTypes)) {
+      throw new import_common7.IdentifierError('Expected "idType" to be "KEY" or "EXTERNAL"', import_common7.INVALID_DID, { idType });
+    }
+    if (isNaN(version) || version > 1) {
+      throw new import_common7.IdentifierError('Expected "version" to be 1', import_common7.INVALID_DID, { version });
+    }
+    if (typeof network === "string" && !(network in import_common7.BitcoinNetworkNames)) {
+      throw new import_common7.IdentifierError('Invalid "network" name', import_common7.INVALID_DID, { network });
+    }
+    if (typeof network === "number" && (network < 0 || network > 8)) {
+      throw new import_common7.IdentifierError('Invalid "network" number', import_common7.INVALID_DID, { network });
+    }
+    if (idType === "KEY") {
+      try {
+        new import_keypair.CompressedSecp256k1PublicKey(genesisBytes);
+      } catch {
+        throw new import_common7.IdentifierError(
+          'Expected "genesisBytes" to be a valid compressed secp256k1 public key',
+          import_common7.INVALID_DID,
+          { genesisBytes }
+        );
+      }
+    }
+    const hrp = idType === "KEY" ? "k" : "x";
+    const nibbles = [];
+    const fCount = Math.floor((version - 1) / 15);
+    for (let i = 0; i < fCount; i++) {
+      nibbles.push(15);
+    }
+    nibbles.push((version - 1) % 15);
+    if (typeof network === "string") {
+      nibbles.push(import_common7.BitcoinNetworkNames[network]);
+    } else if (typeof network === "number") {
+      nibbles.push(network + 11);
+    }
+    if (nibbles.length % 2 !== 0) {
+      nibbles.push(0);
+    }
+    if (fCount !== 0) {
+      for (const index in Array.from({ length: nibbles.length / 2 - 1 })) {
+        throw new import_common7.IdentifierError("Not implemented", "NOT_IMPLEMENTED", { index });
+      }
+    }
+    const dataBytes = new Uint8Array([nibbles[2 * 0] << 4 | nibbles[2 * 0 + 1], ...genesisBytes]);
+    return `did:btcr2:${import_base4.bech32m.encodeFromBytes(hrp, dataBytes)}`;
+  }
+  /**
+   * Implements {@link https://dcdpr.github.io/did-btcr2/#didbtcr2-identifier-decoding | 3.3 did:btcr2 Identifier Decoding}.
+   * @param {string} identifier The BTCR2 DID to be parsed
+   * @returns {DidComponents} The parsed identifier components. See {@link DidComponents} for details.
+   * @throws {DidError} if an error occurs while parsing the identifier
+   * @throws {DidErrorCode.InvalidDid} if identifier is invalid
+   * @throws {DidErrorCode.MethodNotSupported} if the method is not supported
+   */
+  static decode(identifier) {
+    const components = identifier.split(":");
+    if (components.length !== 3) {
+      throw new import_common7.IdentifierError(`Invalid did: ${identifier}`, import_common7.INVALID_DID, { identifier });
+    }
+    const [scheme, method, encoded] = components;
+    if (scheme !== "did") {
+      throw new import_common7.IdentifierError(`Invalid did: ${identifier}`, import_common7.INVALID_DID, { identifier });
+    }
+    if (method !== "btcr2") {
+      throw new import_common7.IdentifierError(`Invalid did method: ${method}`, import_common7.METHOD_NOT_SUPPORTED, { identifier });
+    }
+    if (!encoded) {
+      throw new import_common7.IdentifierError(`Invalid method-specific id: ${identifier}`, import_common7.INVALID_DID, { identifier });
+    }
+    const { prefix: hrp, bytes: dataBytes } = import_base4.bech32m.decodeToBytes(encoded);
+    if (!["x", "k"].includes(hrp)) {
+      throw new import_common7.IdentifierError(`Invalid hrp: ${hrp}`, import_common7.INVALID_DID, { identifier });
+    }
+    if (!dataBytes) {
+      throw new import_common7.IdentifierError(`Failed to decode id: ${encoded}`, import_common7.INVALID_DID, { identifier });
+    }
+    const idType = hrp === "k" ? "KEY" : "EXTERNAL";
+    let version = 1;
+    let byteIndex = 0;
+    let nibblesConsumed = 0;
+    let currentByte = dataBytes[byteIndex];
+    let versionNibble = currentByte >>> 4;
+    while (versionNibble === 15) {
+      version += 15;
+      if (nibblesConsumed % 2 === 0) {
+        versionNibble = currentByte & 15;
+      } else {
+        currentByte = dataBytes[++byteIndex];
+        versionNibble = currentByte >>> 4;
+      }
+      nibblesConsumed += 1;
+      if (version > 1) {
+        throw new import_common7.IdentifierError(`Invalid version: ${version}`, import_common7.INVALID_DID, { identifier });
+      }
+    }
+    version += versionNibble;
+    nibblesConsumed += 1;
+    let networkValue = nibblesConsumed % 2 === 0 ? dataBytes[++byteIndex] >>> 4 : currentByte & 15;
+    nibblesConsumed += 1;
+    let network = import_common7.BitcoinNetworkNames[networkValue];
+    if (!network) {
+      if (networkValue >= 8 && networkValue <= 15) {
+        network = networkValue - 11;
+      } else {
+        throw new import_common7.IdentifierError(`Invalid did: ${identifier}`, import_common7.INVALID_DID, { identifier });
+      }
+    }
+    if (nibblesConsumed % 2 === 1) {
+      const fillerNibble = currentByte & 15;
+      if (fillerNibble !== 0) {
+        throw new import_common7.IdentifierError(`Invalid did: ${identifier}`, import_common7.INVALID_DID, { identifier });
+      }
+    }
+    const genesisBytes = dataBytes.slice(byteIndex + 1);
+    if (idType === "KEY") {
+      try {
+        new import_keypair.CompressedSecp256k1PublicKey(genesisBytes);
+      } catch {
+        throw new import_common7.IdentifierError(`Invalid genesisBytes: ${genesisBytes}`, import_common7.INVALID_DID, { identifier });
+      }
+    }
+    return { idType, hrp, version, network, genesisBytes };
+  }
+  /**
+   * Generates a new did:btcr2 identifier based on a newly generated key pair.
+   * @returns {string} The new did:btcr2 identifier.
+   */
+  static generate() {
+    const keyPair = import_keypair.SchnorrKeyPair.generate();
+    const did = this.encode(
+      keyPair.publicKey.compressed,
+      {
+        idType: "KEY",
+        version: 1,
+        network: "regtest"
+      }
+    );
+    return { keyPair: keyPair.exportJSON(), did };
+  }
+  /**
+   * Extracts the compressed secp256k1 public key from a KEY-type did:btcr2 identifier.
+   * @param {string} did The did:btcr2 identifier to extract the public key from.
+   * @returns {CompressedSecp256k1PublicKey} The compressed public key.
+   * @throws {IdentifierError} If the DID is EXTERNAL type (genesis bytes are a hash, not a pubkey).
+   */
+  static getPublicKey(did) {
+    const { idType, genesisBytes } = _Identifier.decode(did);
+    if (idType !== "KEY") {
+      throw new import_common7.IdentifierError(
+        `Cannot extract public key from EXTERNAL DID: ${did}. EXTERNAL DIDs encode a document hash, not a public key.`,
+        import_common7.INVALID_DID,
+        { did, idType }
+      );
+    }
+    return new import_keypair.CompressedSecp256k1PublicKey(genesisBytes);
+  }
+  /**
+   * Validates a did:btcr2 identifier.
+   * @param {string} identifier The did:btcr2 identifier to validate.
+   * @returns {boolean} True if the identifier is valid, false otherwise.
+   */
+  static isValid(identifier) {
+    try {
+      this.decode(identifier);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+};
+
+// src/core/aggregation/transport/http/envelope.ts
+var import_common8 = require("@did-btcr2/common");
+var import_utils4 = require("@noble/hashes/utils");
+
+// src/core/aggregation/transport/http/errors.ts
+var HttpTransportError = class extends TransportAdapterError {
+  constructor(message, type = "HttpTransportError", data) {
+    super(message, type, { adapter: "http", ...data ?? {} });
+  }
+};
+
+// src/core/aggregation/transport/http/protocol.ts
+var HTTP_ENVELOPE_VERSION = 1;
+var HTTP_ROUTE = {
+  ADVERTS: "/v1/adverts",
+  MESSAGES: "/v1/messages",
+  ACTOR_INBOX: "/v1/actors/{did}/inbox",
+  WELL_KNOWN: "/v1/.well-known/aggregation"
+};
+var SSE_EVENT = {
+  ADVERT: "advert",
+  MESSAGE: "message",
+  HEARTBEAT: "heartbeat"
+};
+var DEFAULT_CLOCK_SKEW_SEC = 60;
+var DEFAULT_NONCE_LEN_BYTES = 16;
+
+// src/core/aggregation/transport/http/envelope.ts
+function signEnvelope(message, sender, opts = {}) {
+  const timestamp = opts.timestamp ?? Math.floor(Date.now() / 1e3);
+  const nonce = opts.nonce ?? (0, import_utils4.bytesToHex)((0, import_utils4.randomBytes)(DEFAULT_NONCE_LEN_BYTES));
+  const messageJson = normalizeForWire(normalizeMessage(message));
+  const unsigned = {
+    v: HTTP_ENVELOPE_VERSION,
+    from: sender.did,
+    ...opts.to !== void 0 ? { to: opts.to } : {},
+    timestamp,
+    nonce,
+    message: messageJson
+  };
+  const digest = (0, import_common8.canonicalHashBytes)(unsigned);
+  const sig = sender.keys.secretKey.sign(digest, { scheme: "schnorr" });
+  return { ...unsigned, sig: (0, import_utils4.bytesToHex)(sig) };
+}
+function verifyEnvelope(envelope, senderPk, opts = {}) {
+  if (envelope.v !== HTTP_ENVELOPE_VERSION) {
+    throw new HttpTransportError(
+      `Unsupported envelope version: ${envelope.v}`,
+      "ENVELOPE_VERSION_MISMATCH",
+      { version: envelope.v, expected: HTTP_ENVELOPE_VERSION }
+    );
+  }
+  if (opts.expectedFrom !== void 0 && envelope.from !== opts.expectedFrom) {
+    throw new HttpTransportError(
+      `Envelope from mismatch: expected ${opts.expectedFrom}, got ${envelope.from}`,
+      "ENVELOPE_FROM_MISMATCH",
+      { expected: opts.expectedFrom, got: envelope.from }
+    );
+  }
+  if ("expectedTo" in opts && envelope.to !== opts.expectedTo) {
+    throw new HttpTransportError(
+      `Envelope to mismatch: expected ${opts.expectedTo ?? "<broadcast>"}, got ${envelope.to ?? "<broadcast>"}`,
+      "ENVELOPE_TO_MISMATCH",
+      { expected: opts.expectedTo, got: envelope.to }
+    );
+  }
+  const skewSec = opts.clockSkewSec ?? DEFAULT_CLOCK_SKEW_SEC;
+  const nowMs = opts.now ? opts.now() : Date.now();
+  const nowSec = Math.floor(nowMs / 1e3);
+  const diff = Math.abs(nowSec - envelope.timestamp);
+  if (diff > skewSec) {
+    throw new HttpTransportError(
+      `Envelope timestamp out of skew: ${diff}s > ${skewSec}s`,
+      "ENVELOPE_TIMESTAMP_SKEW",
+      { diff, skewSec, timestamp: envelope.timestamp, now: nowSec }
+    );
+  }
+  let sigBytes;
+  try {
+    sigBytes = (0, import_utils4.hexToBytes)(envelope.sig);
+  } catch {
+    throw new HttpTransportError(
+      "Envelope signature is not valid hex",
+      "ENVELOPE_SIG_HEX"
+    );
+  }
+  if (sigBytes.length !== 64) {
+    throw new HttpTransportError(
+      `Invalid signature length: ${sigBytes.length} (expected 64)`,
+      "ENVELOPE_SIG_LENGTH",
+      { length: sigBytes.length }
+    );
+  }
+  const { sig: _sig, ...unsigned } = envelope;
+  const digest = (0, import_common8.canonicalHashBytes)(unsigned);
+  const ok = senderPk.verify(sigBytes, digest, { scheme: "schnorr" });
+  if (!ok) {
+    throw new HttpTransportError(
+      "Envelope signature verification failed",
+      "ENVELOPE_SIG_INVALID"
+    );
+  }
+}
+function normalizeMessage(message) {
+  const maybeToJSON = message.toJSON;
+  if (typeof maybeToJSON === "function") {
+    return maybeToJSON.call(message);
+  }
+  return message;
+}
+function normalizeForWire(value) {
+  if (value instanceof Uint8Array) {
+    return { __bytes: (0, import_utils4.bytesToHex)(value) };
+  }
+  if (Array.isArray(value)) {
+    return value.map((v) => normalizeForWire(v));
+  }
+  if (value && typeof value === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(value)) {
+      out[k] = normalizeForWire(v);
+    }
+    return out;
+  }
+  return value;
+}
+function reviveFromWire(value) {
+  if (value && typeof value === "object" && !Array.isArray(value)) {
+    const rec = value;
+    const keys = Object.keys(rec);
+    if (keys.length === 1 && keys[0] === "__bytes" && typeof rec.__bytes === "string") {
+      return (0, import_utils4.hexToBytes)(rec.__bytes);
+    }
+    const out = {};
+    for (const [k, v] of Object.entries(rec)) out[k] = reviveFromWire(v);
+    return out;
+  }
+  if (Array.isArray(value)) {
+    return value.map((v) => reviveFromWire(v));
+  }
+  return value;
+}
+
+// src/core/aggregation/transport/http/request-auth.ts
+var import_common9 = require("@did-btcr2/common");
+var import_utils5 = require("@noble/hashes/utils");
+var REQUEST_AUTH_SCHEME = "BTCR2-Sig";
+function buildRequestAuth(did, keys, path, opts = {}) {
+  const ts = opts.timestamp ?? Math.floor(Date.now() / 1e3);
+  const nonce = opts.nonce ?? (0, import_utils5.bytesToHex)((0, import_utils5.randomBytes)(DEFAULT_NONCE_LEN_BYTES));
+  const digest = (0, import_common9.canonicalHashBytes)({
+    v: HTTP_ENVELOPE_VERSION,
+    did,
+    ts,
+    nonce,
+    path
+  });
+  const sig = keys.secretKey.sign(digest, { scheme: "schnorr" });
+  return `${REQUEST_AUTH_SCHEME} v=${HTTP_ENVELOPE_VERSION},did=${did},ts=${ts},nonce=${nonce},sig=${(0, import_utils5.bytesToHex)(sig)}`;
+}
+function parseRequestAuth(headerValue) {
+  const prefix = `${REQUEST_AUTH_SCHEME} `;
+  if (!headerValue.startsWith(prefix)) {
+    throw new HttpTransportError(
+      `Unexpected auth scheme (want ${REQUEST_AUTH_SCHEME})`,
+      "REQUEST_AUTH_SCHEME"
+    );
+  }
+  const params = {};
+  for (const piece of headerValue.slice(prefix.length).split(",")) {
+    const eq = piece.indexOf("=");
+    if (eq === -1) continue;
+    const key = piece.slice(0, eq).trim();
+    const val = piece.slice(eq + 1).trim();
+    if (key.length > 0) params[key] = val;
+  }
+  const v = Number(params.v);
+  const ts = Number(params.ts);
+  if (!Number.isInteger(v) || !Number.isInteger(ts) || !params.did || !params.nonce || !params.sig) {
+    throw new HttpTransportError(
+      "Malformed auth header (missing or invalid field)",
+      "REQUEST_AUTH_MALFORMED",
+      { received: Object.keys(params) }
+    );
+  }
+  return { v, did: params.did, ts, nonce: params.nonce, sig: params.sig };
+}
+function verifyRequestAuth(headerValue, expectedPath, senderPk, opts = {}) {
+  const parsed = parseRequestAuth(headerValue);
+  if (parsed.v !== HTTP_ENVELOPE_VERSION) {
+    throw new HttpTransportError(
+      `Unsupported auth version: ${parsed.v}`,
+      "REQUEST_AUTH_VERSION_MISMATCH",
+      { version: parsed.v, expected: HTTP_ENVELOPE_VERSION }
+    );
+  }
+  const skewSec = opts.clockSkewSec ?? DEFAULT_CLOCK_SKEW_SEC;
+  const nowMs = opts.now ? opts.now() : Date.now();
+  const nowSec = Math.floor(nowMs / 1e3);
+  const diff = Math.abs(nowSec - parsed.ts);
+  if (diff > skewSec) {
+    throw new HttpTransportError(
+      `Auth timestamp out of skew: ${diff}s > ${skewSec}s`,
+      "REQUEST_AUTH_TIMESTAMP_SKEW",
+      { diff, skewSec }
+    );
+  }
+  let sigBytes;
+  try {
+    sigBytes = (0, import_utils5.hexToBytes)(parsed.sig);
+  } catch {
+    throw new HttpTransportError("Auth signature is not valid hex", "REQUEST_AUTH_SIG_HEX");
+  }
+  if (sigBytes.length !== 64) {
+    throw new HttpTransportError(
+      `Invalid auth signature length: ${sigBytes.length}`,
+      "REQUEST_AUTH_SIG_LENGTH",
+      { length: sigBytes.length }
+    );
+  }
+  const digest = (0, import_common9.canonicalHashBytes)({
+    v: parsed.v,
+    did: parsed.did,
+    ts: parsed.ts,
+    nonce: parsed.nonce,
+    path: expectedPath
+  });
+  const ok = senderPk.verify(sigBytes, digest, { scheme: "schnorr" });
+  if (!ok) {
+    throw new HttpTransportError("Auth signature verification failed", "REQUEST_AUTH_SIG_INVALID");
+  }
+  return parsed;
+}
+
+// src/core/aggregation/transport/http/sse-stream.ts
+async function* parseSseStream(readable) {
+  const decoder = new TextDecoder("utf-8");
+  const reader = readable.getReader();
+  let buffer = "";
+  let pending = {};
+  const dispatchPending = () => {
+    if (pending.data === void 0) {
+      pending = {};
+      return null;
+    }
+    const ev = { data: pending.data };
+    if (pending.event !== void 0) ev.event = pending.event;
+    if (pending.id !== void 0) ev.id = pending.id;
+    if (pending.retry !== void 0) ev.retry = pending.retry;
+    pending = {};
+    return ev;
+  };
+  const processLine = (line) => {
+    if (line.startsWith(":")) return;
+    const colon = line.indexOf(":");
+    const field = colon === -1 ? line : line.slice(0, colon);
+    let value = colon === -1 ? "" : line.slice(colon + 1);
+    if (value.startsWith(" ")) value = value.slice(1);
+    switch (field) {
+      case "data":
+        pending.data = pending.data === void 0 ? value : `${pending.data}
+${value}`;
+        break;
+      case "event":
+        pending.event = value;
+        break;
+      case "id":
+        if (!value.includes("\0")) pending.id = value;
+        break;
+      case "retry": {
+        const n = Number(value);
+        if (Number.isInteger(n) && n >= 0) pending.retry = n;
+        break;
+      }
+    }
+  };
+  try {
+    for (; ; ) {
+      const { value, done } = await reader.read();
+      if (done) {
+        buffer += decoder.decode();
+        if (buffer.length > 0) {
+          const line = buffer.endsWith("\r") ? buffer.slice(0, -1) : buffer;
+          if (line.length > 0) processLine(line);
+          buffer = "";
+        }
+        const tail = dispatchPending();
+        if (tail) yield tail;
+        return;
+      }
+      buffer += decoder.decode(value, { stream: true });
+      let lineEnd = buffer.indexOf("\n");
+      while (lineEnd !== -1) {
+        let line = buffer.slice(0, lineEnd);
+        if (line.endsWith("\r")) line = line.slice(0, -1);
+        buffer = buffer.slice(lineEnd + 1);
+        if (line.length === 0) {
+          const ev = dispatchPending();
+          if (ev) yield ev;
+        } else {
+          processLine(line);
+        }
+        lineEnd = buffer.indexOf("\n");
+      }
+    }
+  } finally {
+    try {
+      reader.releaseLock();
+    } catch {
+    }
+  }
+}
+
+// src/core/aggregation/transport/http/client.ts
+function defaultReconnectBackoff(attempt) {
+  const base2 = Math.min(1e3 * 2 ** attempt, 3e4);
+  const jitter = base2 * 0.2 * Math.random();
+  return Math.floor(base2 + jitter);
+}
+var HttpClientTransport = class {
+  name = "http";
+  #baseUrl;
+  #fetch;
+  #logger;
+  #backoff;
+  #clockSkewSec;
+  #actors = /* @__PURE__ */ new Map();
+  #peers = /* @__PURE__ */ new Map();
+  #started = false;
+  #broadcastAbort;
+  constructor(config) {
+    const base2 = typeof config.baseUrl === "string" ? new URL(config.baseUrl) : new URL(config.baseUrl.href);
+    if (!base2.pathname.endsWith("/")) base2.pathname += "/";
+    this.#baseUrl = base2;
+    this.#logger = config.logger ?? CONSOLE_LOGGER;
+    this.#backoff = config.reconnectBackoff ?? defaultReconnectBackoff;
+    this.#clockSkewSec = config.clockSkewSec ?? DEFAULT_CLOCK_SKEW_SEC;
+    const fetchImpl = config.fetchImpl ?? globalThis.fetch;
+    if (typeof fetchImpl !== "function") {
+      throw new HttpTransportError(
+        "No fetch implementation available. Pass config.fetchImpl explicitly.",
+        "NO_FETCH_IMPL"
+      );
+    }
+    this.#fetch = fetchImpl;
+  }
+  start() {
+    if (this.#started) return;
+    this.#started = true;
+    this.#broadcastAbort = new AbortController();
+    this.#runBroadcastLoop(this.#broadcastAbort.signal);
+    for (const [did, entry] of this.#actors) {
+      this.#openInbox(did, entry);
+    }
+  }
+  /**
+   * Tear down all SSE subscriptions and stop reconnect loops. Not part of the
+   * {@link Transport} interface, but needed in tests and whenever a client
+   * wants to cleanly disconnect without unregistering every actor.
+   *
+   * Idempotent. Actors remain registered (re-call {@link start} to resume).
+   */
+  stop() {
+    this.#broadcastAbort?.abort();
+    this.#broadcastAbort = void 0;
+    for (const entry of this.#actors.values()) {
+      entry.inboxAbort?.abort();
+      entry.inboxAbort = void 0;
+    }
+    this.#started = false;
+  }
+  registerActor(did, keys) {
+    const existing = this.#actors.get(did);
+    if (existing?.inboxAbort) existing.inboxAbort.abort();
+    const entry = { keys, handlers: /* @__PURE__ */ new Map() };
+    this.#actors.set(did, entry);
+    if (this.#started) this.#openInbox(did, entry);
+  }
+  unregisterActor(did) {
+    const entry = this.#actors.get(did);
+    if (!entry) return;
+    entry.inboxAbort?.abort();
+    this.#actors.delete(did);
+    this.#peers.delete(did);
+  }
+  getActorPk(did) {
+    return this.#actors.get(did)?.keys.publicKey.compressed;
+  }
+  registerPeer(did, communicationPk) {
+    try {
+      new import_keypair2.CompressedSecp256k1PublicKey(communicationPk);
+    } catch {
+      throw new HttpTransportError(
+        `Invalid communication public key for peer ${did}: expected a 33-byte compressed secp256k1 key.`,
+        "INVALID_PEER_KEY",
+        { did, keyLength: communicationPk.length }
+      );
+    }
+    this.#peers.set(did, communicationPk);
+  }
+  getPeerPk(did) {
+    return this.#peers.get(did);
+  }
+  registerMessageHandler(actorDid, messageType, handler) {
+    const actor = this.#actors.get(actorDid);
+    if (!actor) {
+      throw new HttpTransportError(
+        `Cannot register handler: actor ${actorDid} not registered. Call registerActor() first.`,
+        "UNKNOWN_ACTOR",
+        { did: actorDid }
+      );
+    }
+    actor.handlers.set(messageType, handler);
+  }
+  unregisterMessageHandler(actorDid, messageType) {
+    this.#actors.get(actorDid)?.handlers.delete(messageType);
+  }
+  async sendMessage(message, sender, recipient) {
+    const actor = this.#actors.get(sender);
+    if (!actor) {
+      throw new HttpTransportError(
+        `Unknown sender: ${sender}. Call registerActor() before sending messages.`,
+        "UNKNOWN_SENDER",
+        { did: sender }
+      );
+    }
+    const envelope = signEnvelope(
+      message,
+      { did: sender, keys: actor.keys },
+      { to: recipient }
+    );
+    const url = this.#route(HTTP_ROUTE.MESSAGES);
+    const res = await this.#fetch(url, {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(envelope)
+    });
+    if (!res.ok) {
+      const body = await safeText(res);
+      throw new HttpTransportError(
+        `sendMessage failed: HTTP ${res.status}`,
+        "SEND_MESSAGE_HTTP",
+        { status: res.status, body: body.slice(0, 256), messageType: message.type }
+      );
+    }
+  }
+  publishRepeating(message, sender, intervalMs, recipient) {
+    let stopped = false;
+    const attempt = () => {
+      if (stopped) return;
+      this.sendMessage(message, sender, recipient).catch((err) => {
+        this.#logger.debug("publishRepeating send failed:", err);
+      });
+    };
+    attempt();
+    const timer = setInterval(attempt, intervalMs);
+    return () => {
+      if (stopped) return;
+      stopped = true;
+      clearInterval(timer);
+    };
+  }
+  #route(template) {
+    return new URL(template.replace(/^\//, ""), this.#baseUrl);
+  }
+  #openInbox(did, entry) {
+    const abort = new AbortController();
+    entry.inboxAbort = abort;
+    this.#runInboxLoop(did, entry, abort.signal);
+  }
+  async #runBroadcastLoop(signal) {
+    const url = this.#route(HTTP_ROUTE.ADVERTS);
+    let attempt = 0;
+    while (!signal.aborted) {
+      try {
+        const res = await this.#fetch(url, {
+          method: "GET",
+          headers: { accept: "text/event-stream" },
+          signal
+        });
+        if (!res.ok || !res.body) {
+          this.#logger.warn(`Broadcast subscribe failed: HTTP ${res.status}`);
+          await sleep(this.#backoff(attempt++), signal);
+          continue;
+        }
+        attempt = 0;
+        for await (const ev of parseSseStream(res.body)) {
+          if (signal.aborted) return;
+          if (ev.event !== SSE_EVENT.ADVERT) continue;
+          this.#dispatchBroadcast(ev.data);
+        }
+      } catch (err) {
+        if (signal.aborted) return;
+        this.#logger.debug("Broadcast loop error:", err);
+        try {
+          await sleep(this.#backoff(attempt++), signal);
+        } catch {
+          return;
+        }
+      }
+    }
+  }
+  async #runInboxLoop(did, entry, signal) {
+    const url = this.#route(HTTP_ROUTE.ACTOR_INBOX.replace("{did}", encodeURIComponent(did)));
+    let attempt = 0;
+    while (!signal.aborted) {
+      try {
+        const auth = buildRequestAuth(did, entry.keys, url.pathname);
+        const res = await this.#fetch(url, {
+          method: "GET",
+          headers: { accept: "text/event-stream", authorization: auth },
+          signal
+        });
+        if (!res.ok || !res.body) {
+          this.#logger.warn(`Inbox subscribe failed for ${did}: HTTP ${res.status}`);
+          await sleep(this.#backoff(attempt++), signal);
+          continue;
+        }
+        attempt = 0;
+        for await (const ev of parseSseStream(res.body)) {
+          if (signal.aborted) return;
+          if (ev.event !== SSE_EVENT.MESSAGE) continue;
+          await this.#dispatchInbox(ev.data, did, entry);
+        }
+      } catch (err) {
+        if (signal.aborted) return;
+        this.#logger.debug(`Inbox loop error for ${did}:`, err);
+        try {
+          await sleep(this.#backoff(attempt++), signal);
+        } catch {
+          return;
+        }
+      }
+    }
+  }
+  #dispatchBroadcast(dataJson) {
+    const envelope = parseEnvelope(dataJson, this.#logger);
+    if (!envelope) return;
+    const senderPk = this.#resolveSenderPk(envelope.from);
+    if (!senderPk) {
+      this.#logger.debug(`Broadcast from unresolvable DID: ${envelope.from}`);
+      return;
+    }
+    try {
+      verifyEnvelope(envelope, senderPk, { clockSkewSec: this.#clockSkewSec });
+    } catch (err) {
+      this.#logger.debug("Broadcast envelope verification failed:", err);
+      return;
+    }
+    const revived = reviveFromWire(envelope.message);
+    const flat = flattenMessage(revived);
+    const messageType = typeof flat.type === "string" ? flat.type : void 0;
+    if (!messageType) return;
+    for (const actor of this.#actors.values()) {
+      const handler = actor.handlers.get(messageType);
+      if (handler) void Promise.resolve(handler(flat));
+    }
+  }
+  async #dispatchInbox(dataJson, actorDid, entry) {
+    const envelope = parseEnvelope(dataJson, this.#logger);
+    if (!envelope) return;
+    const senderPk = this.#resolveSenderPk(envelope.from);
+    if (!senderPk) {
+      this.#logger.debug(`Inbox message from unresolvable DID: ${envelope.from}`);
+      return;
+    }
+    try {
+      verifyEnvelope(envelope, senderPk, {
+        clockSkewSec: this.#clockSkewSec,
+        expectedTo: actorDid
+      });
+    } catch (err) {
+      this.#logger.debug(`Inbox envelope verification failed for ${actorDid}:`, err);
+      return;
+    }
+    const revived = reviveFromWire(envelope.message);
+    const flat = flattenMessage(revived);
+    const messageType = typeof flat.type === "string" ? flat.type : void 0;
+    if (!messageType) return;
+    const handler = entry.handlers.get(messageType);
+    if (handler) await handler(flat);
+  }
+  #resolveSenderPk(did) {
+    const peerBytes = this.#peers.get(did);
+    if (peerBytes) {
+      try {
+        return new import_keypair2.CompressedSecp256k1PublicKey(peerBytes);
+      } catch {
+      }
+    }
+    try {
+      const components = Identifier.decode(did);
+      if (components.idType === "KEY") {
+        return new import_keypair2.CompressedSecp256k1PublicKey(components.genesisBytes);
+      }
+    } catch {
+    }
+    return void 0;
+  }
+};
+function sleep(ms, signal) {
+  if (ms <= 0) return Promise.resolve();
+  return new Promise((resolve, reject) => {
+    const onAbort = () => {
+      clearTimeout(timer);
+      reject(new Error("aborted"));
+    };
+    const timer = setTimeout(() => {
+      signal.removeEventListener("abort", onAbort);
+      resolve();
+    }, ms);
+    if (signal.aborted) onAbort();
+    else signal.addEventListener("abort", onAbort, { once: true });
+  });
+}
+async function safeText(res) {
+  try {
+    return await res.text();
+  } catch {
+    return "";
+  }
+}
+function parseEnvelope(dataJson, logger) {
+  try {
+    return JSON.parse(dataJson);
+  } catch (err) {
+    logger.debug("SSE event: failed to parse envelope JSON:", err);
+    return void 0;
+  }
+}
+function flattenMessage(msg) {
+  if (msg.body && typeof msg.body === "object") {
+    return { ...msg, ...msg.body };
+  }
+  return msg;
+}
+
+// src/core/aggregation/transport/http/server.ts
+var import_keypair3 = require("@did-btcr2/keypair");
+
+// src/core/aggregation/transport/http/inbox-buffer.ts
+var InboxBuffer = class {
+  #capacity;
+  #entries = [];
+  #nextId = 1;
+  constructor(capacity = 100) {
+    if (capacity < 1) throw new Error(`InboxBuffer capacity must be >= 1; got ${capacity}`);
+    this.#capacity = capacity;
+  }
+  /** Append an event. Returns the stored record (including its assigned id). */
+  append(event, data) {
+    const stored = { id: String(this.#nextId++), event, data };
+    this.#entries.push(stored);
+    if (this.#entries.length > this.#capacity) this.#entries.shift();
+    return stored;
+  }
+  /**
+   * Return stored events with id strictly greater than `lastEventId`. If
+   * `lastEventId` is unset or unparseable, returns everything currently
+   * retained.
+   */
+  since(lastEventId) {
+    if (!lastEventId) return this.#entries.slice();
+    const boundary = Number(lastEventId);
+    if (!Number.isFinite(boundary)) return this.#entries.slice();
+    return this.#entries.filter((e) => Number(e.id) > boundary);
+  }
+  /** Currently retained event count. */
+  size() {
+    return this.#entries.length;
+  }
+};
+
+// src/core/aggregation/transport/http/nonce-cache.ts
+var NonceCache = class {
+  #maxEntries;
+  #entries = /* @__PURE__ */ new Map();
+  constructor(config = {}) {
+    this.#maxEntries = config.maxEntries ?? 1e4;
+  }
+  /**
+   * Record a nonce. Returns `true` if it was novel (caller should accept the
+   * request) or `false` if it was a replay (caller should reject).
+   */
+  store(did, nonce, timestampSec) {
+    const key = `${did}:${nonce}`;
+    if (this.#entries.has(key)) return false;
+    this.#entries.set(key, timestampSec);
+    if (this.#entries.size > this.#maxEntries) {
+      const oldest = this.#entries.keys().next();
+      if (!oldest.done) this.#entries.delete(oldest.value);
+    }
+    return true;
+  }
+  /** Current cache size. Exposed for observability and tests. */
+  size() {
+    return this.#entries.size;
+  }
+};
+
+// src/core/aggregation/transport/http/rate-limiter.ts
+var InMemoryRateLimitStore = class {
+  #buckets = /* @__PURE__ */ new Map();
+  get(key) {
+    return this.#buckets.get(key);
+  }
+  set(key, state) {
+    this.#buckets.set(key, state);
+  }
+};
+var RateLimiter = class {
+  #rps;
+  #burst;
+  #store;
+  constructor(config = {}) {
+    this.#rps = config.rps ?? 10;
+    this.#burst = config.burst ?? 30;
+    this.#store = config.store ?? new InMemoryRateLimitStore();
+  }
+  /** Consume one token for `key`. Returns `true` if accepted, `false` if throttled. */
+  consume(key, nowMs) {
+    const existing = this.#store.get(key);
+    const state = existing ?? { tokens: this.#burst, lastRefillMs: nowMs };
+    if (existing) {
+      const elapsedSec = Math.max(0, (nowMs - existing.lastRefillMs) / 1e3);
+      state.tokens = Math.min(this.#burst, existing.tokens + elapsedSec * this.#rps);
+      state.lastRefillMs = nowMs;
+    }
+    if (state.tokens < 1) {
+      this.#store.set(key, state);
+      return false;
+    }
+    state.tokens -= 1;
+    this.#store.set(key, state);
+    return true;
+  }
+};
+
+// src/core/aggregation/transport/http/server.ts
+var INBOX_PATH_PREFIX = "/v1/actors/";
+var INBOX_PATH_SUFFIX = "/inbox";
+var DEFAULT_ADVERT_TTL_MS = 5 * 60 * 1e3;
+var DEFAULT_HEARTBEAT_MS = 2e4;
+var HttpServerTransport = class {
+  name = "http";
+  #logger;
+  #cors;
+  #clockSkewSec;
+  #inboxBufferSize;
+  #advertTtlMs;
+  #heartbeatMs;
+  #rateLimiter;
+  #nonceCache;
+  #now;
+  #actors = /* @__PURE__ */ new Map();
+  #peers = /* @__PURE__ */ new Map();
+  #inboxes = /* @__PURE__ */ new Map();
+  #broadcastSubscribers = /* @__PURE__ */ new Set();
+  #currentAdvert;
+  #advertSeq = 0;
+  constructor(config = {}) {
+    this.#logger = config.logger ?? CONSOLE_LOGGER;
+    this.#cors = config.cors ?? { mode: "permissive" };
+    this.#clockSkewSec = config.clockSkewSec ?? DEFAULT_CLOCK_SKEW_SEC;
+    this.#inboxBufferSize = config.inboxBufferSize ?? 100;
+    this.#advertTtlMs = config.advertTtlMs ?? DEFAULT_ADVERT_TTL_MS;
+    this.#heartbeatMs = config.heartbeatIntervalMs ?? DEFAULT_HEARTBEAT_MS;
+    this.#rateLimiter = config.rateLimiter ?? new RateLimiter();
+    this.#nonceCache = config.nonceCache ?? new NonceCache();
+    this.#now = config.now ?? (() => Date.now());
+  }
+  // ----------------------------------------------------------------
+  // Transport interface
+  // ----------------------------------------------------------------
+  start() {
+  }
+  /**
+   * Detach the transport: close every open SSE subscription, clear the advert
+   * cache, and drop all actor / peer / inbox state. Intended for shutdown and
+   * for test teardown.
+   */
+  stop() {
+    for (const sub of this.#broadcastSubscribers) this.#closeBroadcastSubscriber(sub);
+    this.#broadcastSubscribers.clear();
+    for (const inbox of this.#inboxes.values()) {
+      for (const sub of inbox.subscribers) this.#closeInboxSubscriber(sub);
+      inbox.subscribers.clear();
+    }
+    this.#inboxes.clear();
+    this.#currentAdvert = void 0;
+  }
+  registerActor(did, keys) {
+    this.#actors.set(did, { keys, handlers: /* @__PURE__ */ new Map() });
+  }
+  unregisterActor(did) {
+    this.#actors.delete(did);
+    this.#peers.delete(did);
+  }
+  getActorPk(did) {
+    return this.#actors.get(did)?.keys.publicKey.compressed;
+  }
+  registerPeer(did, communicationPk) {
+    try {
+      new import_keypair3.CompressedSecp256k1PublicKey(communicationPk);
+    } catch {
+      throw new HttpTransportError(
+        `Invalid peer public key for ${did}`,
+        "INVALID_PEER_KEY",
+        { did, keyLength: communicationPk.length }
+      );
+    }
+    this.#peers.set(did, communicationPk);
+  }
+  getPeerPk(did) {
+    return this.#peers.get(did);
+  }
+  registerMessageHandler(actorDid, messageType, handler) {
+    const actor = this.#actors.get(actorDid);
+    if (!actor) {
+      throw new HttpTransportError(
+        `Cannot register handler: actor ${actorDid} not registered`,
+        "UNKNOWN_ACTOR",
+        { did: actorDid }
+      );
+    }
+    actor.handlers.set(messageType, handler);
+  }
+  unregisterMessageHandler(actorDid, messageType) {
+    this.#actors.get(actorDid)?.handlers.delete(messageType);
+  }
+  async sendMessage(message, sender, recipient) {
+    if (!recipient) {
+      throw new HttpTransportError(
+        "HttpServerTransport.sendMessage requires a recipient. Use publishRepeating for broadcasts.",
+        "MISSING_RECIPIENT",
+        { messageType: message.type }
+      );
+    }
+    const actor = this.#actors.get(sender);
+    if (!actor) {
+      throw new HttpTransportError(
+        `Unknown sender: ${sender}`,
+        "UNKNOWN_SENDER",
+        { did: sender }
+      );
+    }
+    const envelope = signEnvelope(message, { did: sender, keys: actor.keys }, { to: recipient });
+    const dataJson = JSON.stringify(envelope);
+    const inbox = this.#getOrCreateInbox(recipient);
+    const stored = inbox.buffer.append(SSE_EVENT.MESSAGE, dataJson);
+    for (const sub of inbox.subscribers) {
+      this.#safeWrite(sub.stream, stored.event, stored.data, stored.id);
+    }
+  }
+  publishRepeating(message, sender, _intervalMs, _recipient) {
+    const actor = this.#actors.get(sender);
+    if (!actor) {
+      throw new HttpTransportError(`Unknown sender: ${sender}`, "UNKNOWN_SENDER", { did: sender });
+    }
+    const envelope = signEnvelope(message, { did: sender, keys: actor.keys });
+    const dataJson = JSON.stringify(envelope);
+    const id = String(++this.#advertSeq);
+    const expiresAtMs = this.#now() + this.#advertTtlMs;
+    this.#currentAdvert = { dataJson, id, expiresAtMs };
+    for (const sub of this.#broadcastSubscribers) {
+      this.#safeWrite(sub.stream, SSE_EVENT.ADVERT, dataJson, id);
+    }
+    return () => {
+      if (this.#currentAdvert?.id === id) this.#currentAdvert = void 0;
+    };
+  }
+  // ----------------------------------------------------------------
+  // Sans-I/O HTTP surface
+  // ----------------------------------------------------------------
+  /**
+   * Handle a POST / GET request (non-SSE). The caller dispatches SSE paths to
+   * {@link handleSse} instead. Returns a fully formed response; the caller's
+   * adapter turns it into an HTTP write.
+   */
+  async handleRequest(req) {
+    const method = req.method.toUpperCase();
+    if (method === "OPTIONS") return this.#respond(204, "", req);
+    const path = extractPath(req.url);
+    if (method === "GET" && path === HTTP_ROUTE.WELL_KNOWN) {
+      return this.#respondJson(200, this.#wellKnownMetadata(), req);
+    }
+    if (method === "POST" && path === HTTP_ROUTE.MESSAGES) {
+      return await this.#handleMessagesPost(req);
+    }
+    if (method === "POST" && path === HTTP_ROUTE.ADVERTS) {
+      return await this.#handleAdvertsPost(req);
+    }
+    return this.#respondJson(404, { error: "not_found" }, req);
+  }
+  /**
+   * Open an SSE stream for a GET request. The caller is responsible for
+   * flushing writes and propagating the `onClose` callback when the HTTP
+   * connection ends.
+   */
+  handleSse(req, stream) {
+    if (req.method.toUpperCase() !== "GET") {
+      stream.close();
+      return;
+    }
+    const path = extractPath(req.url);
+    if (path === HTTP_ROUTE.ADVERTS) {
+      this.#openBroadcastSubscription(stream);
+      return;
+    }
+    const inboxMatch = matchInboxPath(path);
+    if (inboxMatch) {
+      this.#openInboxSubscription(req, stream, inboxMatch.did, path);
+      return;
+    }
+    stream.close();
+  }
+  // ----------------------------------------------------------------
+  // Request handlers
+  // ----------------------------------------------------------------
+  async #handleMessagesPost(req) {
+    const envelope = parseJsonBody(req.body);
+    if (!envelope) return this.#respondJson(400, { error: "invalid_json" }, req);
+    const senderPk = this.#resolveSenderPk(envelope.from);
+    if (!senderPk) {
+      return this.#respondJson(401, { error: "unknown_sender" }, req);
+    }
+    try {
+      verifyEnvelope(envelope, senderPk, { clockSkewSec: this.#clockSkewSec });
+    } catch (err) {
+      this.#logger.debug("POST /v1/messages: envelope verification failed:", err);
+      return this.#respondJson(401, { error: "invalid_envelope" }, req);
+    }
+    if (!this.#nonceCache.store(envelope.from, envelope.nonce, envelope.timestamp)) {
+      return this.#respondJson(409, { error: "replay" }, req);
+    }
+    if (!this.#rateLimiter.consume(envelope.from, this.#now())) {
+      return this.#respondJson(429, { error: "rate_limited" }, req);
+    }
+    if (!envelope.to) {
+      return this.#respondJson(400, { error: "missing_recipient" }, req);
+    }
+    const actor = this.#actors.get(envelope.to);
+    if (!actor) {
+      return this.#respondJson(404, { error: "unknown_recipient" }, req);
+    }
+    const revived = reviveFromWire(envelope.message);
+    const flat = flattenMessage2(revived);
+    const messageType = typeof flat.type === "string" ? flat.type : void 0;
+    if (!messageType) return this.#respondJson(400, { error: "missing_message_type" }, req);
+    const handler = actor.handlers.get(messageType);
+    if (handler) {
+      try {
+        await handler(flat);
+      } catch (err) {
+        this.#logger.debug(`Handler threw for ${messageType}:`, err);
+      }
+    }
+    return this.#respondJson(202, { ok: true }, req);
+  }
+  async #handleAdvertsPost(req) {
+    const envelope = parseJsonBody(req.body);
+    if (!envelope) return this.#respondJson(400, { error: "invalid_json" }, req);
+    const senderPk = this.#resolveSenderPk(envelope.from);
+    if (!senderPk) return this.#respondJson(401, { error: "unknown_sender" }, req);
+    try {
+      verifyEnvelope(envelope, senderPk, { clockSkewSec: this.#clockSkewSec });
+    } catch {
+      return this.#respondJson(401, { error: "invalid_envelope" }, req);
+    }
+    if (!this.#nonceCache.store(envelope.from, envelope.nonce, envelope.timestamp)) {
+      return this.#respondJson(409, { error: "replay" }, req);
+    }
+    if (!this.#rateLimiter.consume(envelope.from, this.#now())) {
+      return this.#respondJson(429, { error: "rate_limited" }, req);
+    }
+    if (!this.#actors.has(envelope.from)) {
+      return this.#respondJson(403, { error: "not_an_actor" }, req);
+    }
+    const id = String(++this.#advertSeq);
+    this.#currentAdvert = {
+      dataJson: JSON.stringify(envelope),
+      id,
+      expiresAtMs: this.#now() + this.#advertTtlMs
+    };
+    for (const sub of this.#broadcastSubscribers) {
+      this.#safeWrite(sub.stream, SSE_EVENT.ADVERT, this.#currentAdvert.dataJson, id);
+    }
+    return this.#respondJson(202, { ok: true }, req);
+  }
+  #openBroadcastSubscription(stream) {
+    const sub = { stream };
+    this.#broadcastSubscribers.add(sub);
+    stream.onClose(() => {
+      this.#closeBroadcastSubscriber(sub);
+      this.#broadcastSubscribers.delete(sub);
+    });
+    if (this.#currentAdvert && this.#currentAdvert.expiresAtMs > this.#now()) {
+      this.#safeWrite(stream, SSE_EVENT.ADVERT, this.#currentAdvert.dataJson, this.#currentAdvert.id);
+    }
+    if (this.#heartbeatMs > 0) {
+      sub.heartbeatTimer = setInterval(() => {
+        try {
+          stream.writeComment("hb");
+        } catch {
+        }
+      }, this.#heartbeatMs);
+    }
+  }
+  #openInboxSubscription(req, stream, did, path) {
+    const auth = req.headers.authorization;
+    if (!auth) {
+      this.#logger.debug(`Inbox subscribe: missing authorization header for ${did}`);
+      stream.close();
+      return;
+    }
+    const senderPk = this.#resolveSenderPk(did);
+    if (!senderPk) {
+      stream.close();
+      return;
+    }
+    let parsedTs = 0;
+    let parsedNonce = "";
+    try {
+      const parsed = verifyRequestAuth(auth, path, senderPk, {
+        clockSkewSec: this.#clockSkewSec,
+        now: () => this.#now()
+      });
+      if (parsed.did !== did) {
+        stream.close();
+        return;
+      }
+      parsedTs = parsed.ts;
+      parsedNonce = parsed.nonce;
+    } catch (err) {
+      this.#logger.debug(`Inbox subscribe: auth verification failed for ${did}:`, err);
+      stream.close();
+      return;
+    }
+    if (!this.#nonceCache.store(did, parsedNonce, parsedTs)) {
+      stream.close();
+      return;
+    }
+    if (!this.#rateLimiter.consume(did, this.#now())) {
+      stream.close();
+      return;
+    }
+    const inbox = this.#getOrCreateInbox(did);
+    const sub = { stream };
+    inbox.subscribers.add(sub);
+    stream.onClose(() => {
+      this.#closeInboxSubscriber(sub);
+      inbox.subscribers.delete(sub);
+    });
+    const lastEventId = req.headers["last-event-id"];
+    for (const stored of inbox.buffer.since(lastEventId)) {
+      this.#safeWrite(stream, stored.event, stored.data, stored.id);
+    }
+    if (this.#heartbeatMs > 0) {
+      sub.heartbeatTimer = setInterval(() => {
+        try {
+          stream.writeComment("hb");
+        } catch {
+        }
+      }, this.#heartbeatMs);
+    }
+  }
+  // ----------------------------------------------------------------
+  // Internal helpers
+  // ----------------------------------------------------------------
+  #getOrCreateInbox(did) {
+    let inbox = this.#inboxes.get(did);
+    if (!inbox) {
+      inbox = { buffer: new InboxBuffer(this.#inboxBufferSize), subscribers: /* @__PURE__ */ new Set() };
+      this.#inboxes.set(did, inbox);
+    }
+    return inbox;
+  }
+  #resolveSenderPk(did) {
+    const peerBytes = this.#peers.get(did);
+    if (peerBytes) {
+      try {
+        return new import_keypair3.CompressedSecp256k1PublicKey(peerBytes);
+      } catch {
+      }
+    }
+    try {
+      const components = Identifier.decode(did);
+      if (components.idType === "KEY") {
+        return new import_keypair3.CompressedSecp256k1PublicKey(components.genesisBytes);
+      }
+    } catch {
+    }
+    return void 0;
+  }
+  #safeWrite(stream, event, data, id) {
+    try {
+      stream.writeEvent(event, data, id);
+    } catch (err) {
+      this.#logger.debug("SSE writeEvent failed:", err);
+    }
+  }
+  #closeBroadcastSubscriber(sub) {
+    if (sub.heartbeatTimer) clearInterval(sub.heartbeatTimer);
+    try {
+      sub.stream.close();
+    } catch {
+    }
+  }
+  #closeInboxSubscriber(sub) {
+    if (sub.heartbeatTimer) clearInterval(sub.heartbeatTimer);
+    try {
+      sub.stream.close();
+    } catch {
+    }
+  }
+  #respondJson(status, body, req) {
+    return {
+      status,
+      headers: { "content-type": "application/json", ...this.#corsHeaders(req) },
+      body: JSON.stringify(body)
+    };
+  }
+  #respond(status, body, req) {
+    return { status, headers: this.#corsHeaders(req), body };
+  }
+  #corsHeaders(req) {
+    const origin = req.headers.origin;
+    if (!origin) return {};
+    const common = {
+      "access-control-allow-methods": "GET, POST, OPTIONS",
+      "access-control-allow-headers": "authorization, content-type, last-event-id",
+      "access-control-max-age": "86400"
+    };
+    switch (this.#cors.mode) {
+      case "permissive":
+        return { "access-control-allow-origin": "*", ...common };
+      case "allowlist":
+        if (this.#cors.origins.includes(origin)) {
+          return { "access-control-allow-origin": origin, vary: "origin", ...common };
+        }
+        return {};
+      case "same-origin":
+        return {};
+    }
+  }
+  #wellKnownMetadata() {
+    return {
+      envelopeVersion: HTTP_ENVELOPE_VERSION,
+      heartbeatIntervalMs: this.#heartbeatMs,
+      inboxBufferSize: this.#inboxBufferSize,
+      advertTtlMs: this.#advertTtlMs
+    };
+  }
+};
+function extractPath(reqUrl) {
+  if (reqUrl.startsWith("http://") || reqUrl.startsWith("https://")) {
+    return new URL(reqUrl).pathname;
+  }
+  const q = reqUrl.indexOf("?");
+  return q === -1 ? reqUrl : reqUrl.slice(0, q);
+}
+function matchInboxPath(path) {
+  if (!path.startsWith(INBOX_PATH_PREFIX) || !path.endsWith(INBOX_PATH_SUFFIX)) return void 0;
+  const encodedDid = path.slice(INBOX_PATH_PREFIX.length, path.length - INBOX_PATH_SUFFIX.length);
+  if (!encodedDid) return void 0;
+  try {
+    return { did: decodeURIComponent(encodedDid) };
+  } catch {
+    return void 0;
+  }
+}
+function parseJsonBody(body) {
+  if (body === void 0 || body === "") return void 0;
+  try {
+    return JSON.parse(body);
+  } catch {
+    return void 0;
+  }
+}
+function flattenMessage2(msg) {
+  if (msg.body && typeof msg.body === "object") {
+    return { ...msg, ...msg.body };
+  }
+  return msg;
+}
 
 // src/core/aggregation/transport/nostr.ts
-var import_keypair = require("@did-btcr2/keypair");
-var import_utils4 = require("@noble/hashes/utils");
+var import_keypair4 = require("@did-btcr2/keypair");
+var import_utils6 = require("@noble/hashes/utils");
 var import_nostr_tools = require("nostr-tools");
 var import_pool = require("nostr-tools/pool");
 var DEFAULT_NOSTR_RELAYS = [
@@ -1852,7 +3263,7 @@ var NostrTransport = class _NostrTransport {
    */
   registerPeer(did, communicationPk) {
     try {
-      new import_keypair.CompressedSecp256k1PublicKey(communicationPk);
+      new import_keypair4.CompressedSecp256k1PublicKey(communicationPk);
     } catch {
       throw new TransportAdapterError(
         `Invalid communication public key for peer ${did}: expected a 33-byte compressed secp256k1 key.`,
@@ -1953,14 +3364,14 @@ var NostrTransport = class _NostrTransport {
     }
     const senderKeys = actor.keys;
     const tags = [
-      ["p", (0, import_utils4.bytesToHex)(senderKeys.publicKey.x)],
+      ["p", (0, import_utils6.bytesToHex)(senderKeys.publicKey.x)],
       ["t", type]
     ];
     if (to) {
       const recipientPkBytes = this.#peerRegistry.get(to);
       if (recipientPkBytes) {
-        const recipientPk = new import_keypair.CompressedSecp256k1PublicKey(recipientPkBytes);
-        tags.push(["p", (0, import_utils4.bytesToHex)(recipientPk.x)]);
+        const recipientPk = new import_keypair4.CompressedSecp256k1PublicKey(recipientPkBytes);
+        tags.push(["p", (0, import_utils6.bytesToHex)(recipientPk.x)]);
       }
     }
     if (isKeygenMessageType(type)) {
@@ -1990,10 +3401,10 @@ var NostrTransport = class _NostrTransport {
           { adapter: this.name, did: to }
         );
       }
-      const recipientPk = new import_keypair.CompressedSecp256k1PublicKey(recipientPkBytes);
+      const recipientPk = new import_keypair4.CompressedSecp256k1PublicKey(recipientPkBytes);
       const conversationKey = import_nostr_tools.nip44.v2.utils.getConversationKey(
         senderKeys.secretKey.bytes,
-        (0, import_utils4.bytesToHex)(recipientPk.x)
+        (0, import_utils6.bytesToHex)(recipientPk.x)
       );
       const content = import_nostr_tools.nip44.v2.encrypt(JSON.stringify(message, _NostrTransport.#jsonReplacer), conversationKey);
       const event = (0, import_nostr_tools.finalizeEvent)({
@@ -2047,7 +3458,7 @@ var NostrTransport = class _NostrTransport {
    */
   #subscribeDirected(did, entry) {
     if (!this.pool) return;
-    const pkHex = (0, import_utils4.bytesToHex)(entry.keys.publicKey.x);
+    const pkHex = (0, import_utils6.bytesToHex)(entry.keys.publicKey.x);
     const sub = this.pool.subscribeMany(this.#relays, { kinds: [1, 1059], "#p": [pkHex] }, {
       onclose: (reasons) => this.#logger.debug(`Nostr directed subscription closed for ${did}`, reasons),
       onevent: this.#makeActorEventHandler(did)
@@ -2065,7 +3476,7 @@ var NostrTransport = class _NostrTransport {
     return async (event) => {
       const actor = this.#actors.get(actorDid);
       if (!actor) return;
-      if (event.pubkey === (0, import_utils4.bytesToHex)(actor.keys.publicKey.x)) return;
+      if (event.pubkey === (0, import_utils6.bytesToHex)(actor.keys.publicKey.x)) return;
       let message;
       try {
         if (event.kind === 1) {
@@ -2178,7 +3589,7 @@ var NostrTransport = class _NostrTransport {
    */
   static #jsonReplacer(_key, value) {
     if (value instanceof Uint8Array) {
-      return { __bytes: (0, import_utils4.bytesToHex)(value) };
+      return { __bytes: (0, import_utils6.bytesToHex)(value) };
     }
     return value;
   }
@@ -2196,7 +3607,7 @@ var NostrTransport = class _NostrTransport {
    */
   static #jsonReviver(_key, value) {
     if (value && typeof value === "object" && "__bytes" in value) {
-      return (0, import_utils4.hexToBytes)(value.__bytes);
+      return (0, import_utils6.hexToBytes)(value.__bytes);
     }
     return value;
   }
@@ -2207,9 +3618,19 @@ var TransportFactory = class {
   static establish(config) {
     switch (config.type) {
       case "nostr":
-        return new NostrTransport({ relays: config.relays });
+        return new NostrTransport({
+          relays: config.relays,
+          logger: config.logger,
+          broadcastLookbackMs: config.broadcastLookbackMs
+        });
       case "didcomm":
-        throw new import_common7.NotImplementedError("DIDComm transport not implemented yet.");
+        throw new import_common10.NotImplementedError("DIDComm transport not implemented yet.");
+      case "http":
+        if (config.role === "client") return new HttpClientTransport(config);
+        if (config.role === "server") return new HttpServerTransport(config);
+        throw new import_common10.NotImplementedError(
+          `HTTP transport role not implemented: ${config.role}`
+        );
       default:
         throw new TransportError(
           `Invalid transport type: ${config.type}`,
@@ -2221,41 +3642,58 @@ var TransportFactory = class {
 };
 
 // src/core/aggregation/transport/didcomm.ts
-var import_common8 = require("@did-btcr2/common");
+var import_common11 = require("@did-btcr2/common");
 var DidCommTransport = class {
   name = "didcomm";
   start() {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented. Use NostrTransport instead.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented. Use NostrTransport instead.");
   }
   registerActor(_did, _keys) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   getActorPk(_did) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   registerPeer(_did, _communicationPk) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   getPeerPk(_did) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   registerMessageHandler(_actorDid, _messageType, _handler) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   unregisterMessageHandler(_actorDid, _messageType) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   unregisterActor(_did) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   async sendMessage(_message, _sender, _recipient) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
   publishRepeating(_message, _sender, _intervalMs, _recipient) {
-    throw new import_common8.NotImplementedError("DidCommTransport not implemented.");
+    throw new import_common11.NotImplementedError("DidCommTransport not implemented.");
   }
 };
 
+// src/core/aggregation/transport/http/sse-writer.ts
+function formatSseEvent(event, data, id) {
+  const lines = [];
+  if (id !== void 0) lines.push(`id: ${id}`);
+  lines.push(`event: ${event}`);
+  for (const part of data.split("\n")) lines.push(`data: ${part}`);
+  lines.push("");
+  lines.push("");
+  return lines.join("\n");
+}
+function formatSseComment(comment) {
+  const safe = comment.replace(/\n/g, " ");
+  return `: ${safe}
+
+`;
+}
+
 // src/core/aggregation/runner/typed-emitter.ts
 var TypedEventEmitter = class {
   #listeners = /* @__PURE__ */ new Map();
@@ -2931,33 +4369,32 @@ var AggregationParticipantRunner = class _AggregationParticipantRunner extends T
 };
 
 // src/core/beacon/beacon.ts
-var import_secp256k12 = require("@noble/secp256k1");
-var import_utils5 = require("@noble/hashes/utils");
+var import_utils7 = require("@noble/hashes/utils.js");
 var import_btc_signer4 = require("@scure/btc-signer");
 
 // src/core/beacon/error.ts
-var import_common9 = require("@did-btcr2/common");
-var BeaconError = class extends import_common9.MethodError {
+var import_common12 = require("@did-btcr2/common");
+var BeaconError = class extends import_common12.MethodError {
   constructor(message, type = "BeaconError", data) {
     super(message, type, data);
   }
 };
-var SingletonBeaconError = class extends import_common9.MethodError {
+var SingletonBeaconError = class extends import_common12.MethodError {
   constructor(message, type = "SingletonBeaconError", data) {
     super(message, type, data);
   }
 };
-var AggregateBeaconError = class extends import_common9.MethodError {
+var AggregateBeaconError = class extends import_common12.MethodError {
   constructor(message, type = "AggregateBeaconError", data) {
     super(message, type, data);
   }
 };
-var CASBeaconError = class extends import_common9.MethodError {
+var CASBeaconError = class extends import_common12.MethodError {
   constructor(message, type = "CASBeaconError", data) {
     super(message, type, data);
   }
 };
-var SMTBeaconError = class extends import_common9.MethodError {
+var SMTBeaconError = class extends import_common12.MethodError {
   constructor(message, type = "SMTBeaconError", data) {
     super(message, type, data);
   }
@@ -2985,9 +4422,32 @@ var StaticFeeEstimator = class {
 
 // src/core/beacon/beacon.ts
 var DEFAULT_FEE_ESTIMATOR = new StaticFeeEstimator(5);
-var P2TR_BEACON_TX_VSIZE = 140;
+var P2TR_BEACON_TX_VSIZE = 160;
+var P2WPKH_BEACON_TX_VSIZE = 155;
+var P2PKH_BEACON_TX_VSIZE = 240;
+var SINGLETON_BEACON_TX_VSIZE = {
+  p2pkh: P2PKH_BEACON_TX_VSIZE,
+  p2wpkh: P2WPKH_BEACON_TX_VSIZE,
+  p2tr: P2TR_BEACON_TX_VSIZE
+};
+function detectSingletonScriptKind(bitcoinAddress, network) {
+  const decoded = (0, import_btc_signer4.Address)(network).decode(bitcoinAddress);
+  if (decoded.type === "pkh") return "p2pkh";
+  if (decoded.type === "wpkh") return "p2wpkh";
+  if (decoded.type === "tr") return "p2tr";
+  throw new BeaconError(
+    `Unsupported singleton beacon address type "${decoded.type}". Expected P2PKH, P2WPKH, or P2TR (taproot key-path).`,
+    "UNSUPPORTED_BEACON_ADDRESS_TYPE",
+    { address: bitcoinAddress, kind: decoded.type }
+  );
+}
+function deriveSingletonAddress(kind, pubkey, network) {
+  if (kind === "p2pkh") return (0, import_btc_signer4.p2pkh)(pubkey, network).address;
+  if (kind === "p2wpkh") return (0, import_btc_signer4.p2wpkh)(pubkey, network).address;
+  return (0, import_btc_signer4.p2tr)(pubkey.slice(1, 33), void 0, network).address;
+}
 function opReturnScript(signalBytes) {
-  return import_btc_signer4.Script.encode([import_btc_signer4.OP.RETURN, signalBytes]);
+  return import_btc_signer4.Script.encode(["RETURN", signalBytes]);
 }
 async function fetchSpendableUtxo(bitcoinAddress, bitcoin) {
   const utxos = await bitcoin.rest.address.getUtxos(bitcoinAddress);
@@ -2995,7 +4455,7 @@ async function fetchSpendableUtxo(bitcoinAddress, bitcoin) {
     throw new BeaconError(
       "No UTXOs found, please fund address!",
       "UNFUNDED_BEACON_ADDRESS",
-      { bitcoinAddress }
+      { address: bitcoinAddress }
     );
   }
   const utxo = utxos.sort((a, b) => b.status.block_height - a.status.block_height).shift();
@@ -3003,11 +4463,11 @@ async function fetchSpendableUtxo(bitcoinAddress, bitcoin) {
     throw new BeaconError(
       "Beacon bitcoin address unfunded or utxos unconfirmed.",
       "UNFUNDED_BEACON_ADDRESS",
-      { bitcoinAddress }
+      { address: bitcoinAddress }
     );
   }
   const prevTxHex = await bitcoin.rest.transaction.getHex(utxo.txid);
-  return { utxo, prevTxBytes: (0, import_utils5.hexToBytes)(prevTxHex) };
+  return { utxo, prevTxBytes: (0, import_utils7.hexToBytes)(prevTxHex) };
 }
 async function buildAggregationBeaconTx(opts) {
   const feeEstimator = opts.feeEstimator ?? DEFAULT_FEE_ESTIMATOR;
@@ -3019,10 +4479,10 @@ async function buildAggregationBeaconTx(opts) {
     throw new BeaconError(
       `UTXO value (${utxo.value}) insufficient to cover fee (${feeSats}).`,
       "INSUFFICIENT_FUNDS",
-      { bitcoinAddress: opts.beaconAddress, utxoValue: utxo.value, fee: feeSats.toString() }
+      { address: opts.beaconAddress, valueSats: utxo.value, feeSats }
     );
   }
-  const tx = new import_btc_signer4.Transaction();
+  const tx = new import_btc_signer4.Transaction({ allowUnknownOutputs: true });
   tx.addInput({
     txid: utxo.txid,
     index: utxo.vout,
@@ -3038,9 +4498,45 @@ async function buildAggregationBeaconTx(opts) {
     prevOutValues: [BigInt(utxo.value)],
     beaconAddress: opts.beaconAddress,
     utxo,
-    feeSats
+    feeSats,
+    scriptKind: "p2tr"
   };
 }
+async function signSingletonInput(tx, inputIdx, kind, signer, prevOutScript, amount) {
+  const pubkey = signer.publicKey;
+  if (kind === "p2pkh") {
+    const sighashType = import_btc_signer4.SigHash.ALL;
+    const sighash2 = tx.preimageLegacy(inputIdx, prevOutScript, sighashType);
+    const sig2 = signer.sign(sighash2, "ecdsa");
+    const sigWithType = (0, import_utils7.concatBytes)(sig2, new Uint8Array([sighashType]));
+    tx.updateInput(inputIdx, { partialSig: [[pubkey, sigWithType]] }, true);
+    tx.finalize();
+    return tx.hex;
+  }
+  if (kind === "p2wpkh") {
+    const decoded = import_btc_signer4.OutScript.decode(prevOutScript);
+    if (decoded.type !== "wpkh") {
+      throw new BeaconError(
+        `Expected P2WPKH prev-output script, got "${decoded.type}".`,
+        "PREVOUT_SCRIPT_MISMATCH",
+        { kind, observedScriptType: decoded.type }
+      );
+    }
+    const sighashScript = import_btc_signer4.OutScript.encode({ type: "pkh", hash: decoded.hash });
+    const sighashType = import_btc_signer4.SigHash.ALL;
+    const sighash2 = tx.preimageWitnessV0(inputIdx, sighashScript, sighashType, amount);
+    const sig2 = signer.sign(sighash2, "ecdsa");
+    const sigWithType = (0, import_utils7.concatBytes)(sig2, new Uint8Array([sighashType]));
+    tx.updateInput(inputIdx, { partialSig: [[pubkey, sigWithType]] }, true);
+    tx.finalize();
+    return tx.hex;
+  }
+  const sighash = tx.preimageWitnessV1(inputIdx, [prevOutScript], import_btc_signer4.SigHash.DEFAULT, [amount]);
+  const sig = signer.sign(sighash, "bip341");
+  tx.updateInput(inputIdx, { tapKeySig: sig });
+  tx.finalize();
+  return tx.hex;
+}
 var Beacon = class {
   /**
    * The Beacon service configuration parsed from the DID Document.
@@ -3050,7 +4546,9 @@ var Beacon = class {
     this.service = service;
   }
   /**
-   * Build + sign + broadcast a single-party beacon signal transaction (P2WPKH spend).
+   * Build + sign + broadcast a singleton beacon signal transaction. The beacon
+   * address's script kind (P2PKH / P2WPKH / P2TR) is detected automatically
+   * and the input is constructed and signed accordingly.
    *
    * Composed from the three extracted phases ({@link buildSinglePartyTx},
    * {@link signSinglePartyTx}, {@link broadcastRawTx}) so each piece can be exercised
@@ -3059,13 +4557,13 @@ var Beacon = class {
    * plumbing (UTXO fetch + OP_RETURN output + change output) is shared.
    *
    * @param signalBytes 32-byte payload to embed in OP_RETURN.
-   * @param secretKey Secret key used to sign the spending input.
+   * @param signer Signer used to sign the spending input.
    * @param bitcoin Bitcoin network connection.
    * @param options Broadcast options (fee estimator, etc.).
    * @returns The txid of the broadcast transaction.
    * @throws {BeaconError} if the address is unfunded, no UTXO is available, or fee exceeds value.
    */
-  async buildSignAndBroadcast(signalBytes, secretKey, bitcoin, options) {
+  async buildSignAndBroadcast(signalBytes, signer, bitcoin, options) {
     const feeEstimator = options?.feeEstimator ?? DEFAULT_FEE_ESTIMATOR;
     const beaconAddress = this.service.serviceEndpoint.replace("bitcoin:", "");
     const { utxo, prevTxBytes } = await fetchSpendableUtxo(beaconAddress, bitcoin);
@@ -3074,69 +4572,97 @@ var Beacon = class {
       beaconAddress,
       utxo,
       prevTxBytes,
-      secretKey,
+      signer,
       bitcoin,
       feeEstimator
     });
-    const signedHex = this.signSinglePartyTx(plan.tx, secretKey);
+    const signedHex = await this.signSinglePartyTx(plan, signer);
     return this.broadcastRawTx(bitcoin, signedHex);
   }
   /**
-   * Build an unsigned P2WPKH single-party beacon tx + probe-sign to determine vsize,
-   * then rebuild with the real fee. Returns the tx and prev-output metadata.
+   * Build an unsigned singleton beacon tx ready for {@link signSinglePartyTx}.
    *
-   * The secret key is required here (not just in `signSinglePartyTx`) because the
-   * two-pass fee estimation requires an actual signature to measure vsize accurately.
+   * Detects the beacon address script kind (P2PKH / P2WPKH / P2TR) and configures
+   * the input accordingly. Validates that the signer's pubkey produces the beacon
+   * address under that script kind — without this check, a misconfigured caller
+   * would burn a real UTXO on a tx that fails at broadcast. Fees are computed from
+   * the per-kind {@link SINGLETON_BEACON_TX_VSIZE} constant, avoiding any probe-sign
+   * round-trip.
    */
   async buildSinglePartyTx(opts) {
-    const pubkey = this.#derivePubkey(opts.secretKey);
-    const witnessOut = (0, import_btc_signer4.p2wpkh)(pubkey, opts.bitcoin.data);
-    const witnessScript = witnessOut.script;
-    const build = (feeSats2) => {
-      const tx2 = new import_btc_signer4.Transaction();
-      tx2.addInput({
-        txid: opts.utxo.txid,
-        index: opts.utxo.vout,
-        nonWitnessUtxo: opts.prevTxBytes,
-        witnessUtxo: { amount: BigInt(opts.utxo.value), script: witnessScript }
-      });
-      tx2.addOutputAddress(
-        opts.beaconAddress,
-        BigInt(opts.utxo.value) - feeSats2,
-        opts.bitcoin.data
+    const network = opts.bitcoin.data;
+    const pubkey = opts.signer.publicKey;
+    const kind = detectSingletonScriptKind(opts.beaconAddress, network);
+    const derivedAddress = deriveSingletonAddress(kind, pubkey, network);
+    if (derivedAddress !== opts.beaconAddress) {
+      throw new BeaconError(
+        `Signer pubkey produces ${kind.toUpperCase()} address "${derivedAddress}", but beacon address is "${opts.beaconAddress}".`,
+        "SIGNER_KEY_MISMATCH",
+        { kind, address: opts.beaconAddress, derivedAddress }
       );
-      tx2.addOutput({ script: opReturnScript(opts.signalBytes), amount: 0n });
-      return tx2;
-    };
-    const probe = build(0n);
-    probe.signIdx(opts.secretKey, 0);
-    probe.finalize();
-    const vsize = probe.vsize;
-    const feeSats = await opts.feeEstimator.estimateFee(vsize);
-    if (BigInt(opts.utxo.value) <= feeSats) {
+    }
+    const feeSats = await opts.feeEstimator.estimateFee(SINGLETON_BEACON_TX_VSIZE[kind]);
+    const amount = BigInt(opts.utxo.value);
+    if (amount <= feeSats) {
       throw new BeaconError(
         `UTXO value (${opts.utxo.value}) insufficient to cover fee (${feeSats}).`,
         "INSUFFICIENT_FUNDS",
-        { bitcoinAddress: opts.beaconAddress, utxoValue: opts.utxo.value, fee: feeSats.toString() }
+        { address: opts.beaconAddress, valueSats: opts.utxo.value, feeSats }
       );
     }
-    const tx = build(feeSats);
+    const tx = new import_btc_signer4.Transaction({ allowUnknownOutputs: true });
+    let prevOutScript;
+    if (kind === "p2pkh") {
+      prevOutScript = (0, import_btc_signer4.p2pkh)(pubkey, network).script;
+      tx.addInput({
+        txid: opts.utxo.txid,
+        index: opts.utxo.vout,
+        nonWitnessUtxo: opts.prevTxBytes
+      });
+    } else if (kind === "p2wpkh") {
+      prevOutScript = (0, import_btc_signer4.p2wpkh)(pubkey, network).script;
+      tx.addInput({
+        txid: opts.utxo.txid,
+        index: opts.utxo.vout,
+        nonWitnessUtxo: opts.prevTxBytes,
+        witnessUtxo: { amount, script: prevOutScript }
+      });
+    } else {
+      const internalKey = pubkey.slice(1, 33);
+      prevOutScript = (0, import_btc_signer4.p2tr)(internalKey, void 0, network).script;
+      tx.addInput({
+        txid: opts.utxo.txid,
+        index: opts.utxo.vout,
+        nonWitnessUtxo: opts.prevTxBytes,
+        witnessUtxo: { amount, script: prevOutScript },
+        tapInternalKey: internalKey
+      });
+    }
+    tx.addOutputAddress(opts.beaconAddress, amount - feeSats, network);
+    tx.addOutput({ script: opReturnScript(opts.signalBytes), amount: 0n });
     return {
       tx,
-      prevOutScripts: [witnessScript],
-      prevOutValues: [BigInt(opts.utxo.value)],
+      prevOutScripts: [prevOutScript],
+      prevOutValues: [amount],
       beaconAddress: opts.beaconAddress,
       utxo: opts.utxo,
-      feeSats
+      feeSats,
+      scriptKind: kind
     };
   }
   /**
    * Sign + finalize the unsigned single-party tx and return its raw hex.
+   * Dispatches to the correct signing primitive based on `plan.scriptKind`.
    */
-  signSinglePartyTx(tx, secretKey) {
-    tx.signIdx(secretKey, 0);
-    tx.finalize();
-    return tx.hex;
+  async signSinglePartyTx(plan, signer) {
+    return signSingletonInput(
+      plan.tx,
+      0,
+      plan.scriptKind,
+      signer,
+      plan.prevOutScripts[0],
+      plan.prevOutValues[0]
+    );
   }
   /**
    * Broadcast raw transaction hex via the Bitcoin REST endpoint. Returns the txid.
@@ -3144,14 +4670,10 @@ var Beacon = class {
   async broadcastRawTx(bitcoin, rawHex) {
     return bitcoin.rest.transaction.send(rawHex);
   }
-  /** Derive the compressed secp256k1 public key from a raw secret key. */
-  #derivePubkey(secretKey) {
-    return (0, import_secp256k12.getPublicKey)(secretKey, true);
-  }
 };
 
 // src/core/beacon/cas-beacon.ts
-var import_common10 = require("@did-btcr2/common");
+var import_common13 = require("@did-btcr2/common");
 var CASBeacon = class extends Beacon {
   /**
    * Creates an instance of CASBeacon.
@@ -3192,7 +4714,7 @@ var CASBeacon = class extends Beacon {
       if (!updateHashEncoded) {
         continue;
       }
-      const updateHash = (0, import_common10.encode)((0, import_common10.decode)(updateHashEncoded, "base64urlnopad"), "hex");
+      const updateHash = (0, import_common13.encode)((0, import_common13.decode)(updateHashEncoded, "base64urlnopad"), "hex");
       const signedUpdate = sidecar.updateMap.get(updateHash);
       if (!signedUpdate) {
         needs.push({
@@ -3215,19 +4737,19 @@ var CASBeacon = class extends Beacon {
    * and broadcast are delegated to {@link Beacon.buildSignAndBroadcast}.
    *
    * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-   * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+   * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
    * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
    * @param {CASBroadcastOptions} [options] Optional broadcast configuration, including a
    *   `casPublish` callback to publish the announcement off-chain and a `feeEstimator`.
    * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
    * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
    */
-  async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
+  async broadcastSignal(signedUpdate, signer, bitcoin, options) {
     const did = this.service.id.split("#")[0];
-    const updateHash = (0, import_common10.canonicalHash)(signedUpdate);
+    const updateHash = (0, import_common13.canonicalHash)(signedUpdate);
     const casAnnouncement = { [did]: updateHash };
-    const announcementHash = (0, import_common10.hash)((0, import_common10.canonicalize)(casAnnouncement));
-    await this.buildSignAndBroadcast(announcementHash, secretKey, bitcoin, options);
+    const announcementHash = (0, import_common13.hash)((0, import_common13.canonicalize)(casAnnouncement));
+    await this.buildSignAndBroadcast(announcementHash, signer, bitcoin, options);
     if (options?.casPublish) {
       await options.casPublish(casAnnouncement);
     }
@@ -3236,10 +4758,10 @@ var CASBeacon = class extends Beacon {
 };
 
 // src/core/beacon/factory.ts
-var import_common13 = require("@did-btcr2/common");
+var import_common16 = require("@did-btcr2/common");
 
 // src/core/beacon/singleton-beacon.ts
-var import_common11 = require("@did-btcr2/common");
+var import_common14 = require("@did-btcr2/common");
 var SingletonBeacon = class extends Beacon {
   /**
    * Creates an instance of SingletonBeacon.
@@ -3280,23 +4802,23 @@ var SingletonBeacon = class extends Beacon {
    * {@link Beacon.buildSignAndBroadcast}.
    *
    * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-   * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+   * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
    * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
    * @param {BroadcastOptions} [options] Optional broadcast configuration (e.g. fee estimator).
    * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
    * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
    */
-  async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
-    const signalBytes = (0, import_common11.hash)((0, import_common11.canonicalize)(signedUpdate));
-    await this.buildSignAndBroadcast(signalBytes, secretKey, bitcoin, options);
+  async broadcastSignal(signedUpdate, signer, bitcoin, options) {
+    const signalBytes = (0, import_common14.hash)((0, import_common14.canonicalize)(signedUpdate));
+    await this.buildSignAndBroadcast(signalBytes, signer, bitcoin, options);
     return signedUpdate;
   }
 };
 
 // src/core/beacon/smt-beacon.ts
-var import_common12 = require("@did-btcr2/common");
+var import_common15 = require("@did-btcr2/common");
 var import_smt3 = require("@did-btcr2/smt");
-var import_utils6 = require("@noble/hashes/utils");
+var import_utils8 = require("@noble/hashes/utils");
 var SMTBeacon = class extends Beacon {
   /**
    * Creates an instance of SMTBeacon.
@@ -3332,9 +4854,6 @@ var SMTBeacon = class extends Beacon {
         });
         continue;
       }
-      if (!smtProof.updateId) {
-        continue;
-      }
       if (!smtProof.nonce) {
         throw new SMTBeaconError(
           "SMT proof missing required nonce field.",
@@ -3343,7 +4862,8 @@ var SMTBeacon = class extends Beacon {
         );
       }
       const index = (0, import_smt3.didToIndex)(did);
-      const candidateHash = (0, import_smt3.blockHash)((0, import_smt3.blockHash)((0, import_smt3.hexToHash)(smtProof.nonce)), (0, import_smt3.hexToHash)(smtProof.updateId));
+      const nonceHash = (0, import_smt3.base64UrlToHash)(smtProof.nonce);
+      const candidateHash = smtProof.updateId ? (0, import_smt3.blockHash)((0, import_smt3.blockHash)(nonceHash), (0, import_smt3.base64UrlToHash)(smtProof.updateId)) : (0, import_smt3.blockHash)((0, import_smt3.blockHash)(nonceHash));
       const valid = (0, import_smt3.verifySerializedProof)(smtProof, index, candidateHash);
       if (!valid) {
         throw new SMTBeaconError(
@@ -3352,11 +4872,15 @@ var SMTBeacon = class extends Beacon {
           { smtProof, did }
         );
       }
-      const signedUpdate = sidecar.updateMap.get(smtProof.updateId);
+      if (!smtProof.updateId) {
+        continue;
+      }
+      const updateHashHex = (0, import_smt3.hashToHex)((0, import_smt3.base64UrlToHash)(smtProof.updateId));
+      const signedUpdate = sidecar.updateMap.get(updateHashHex);
       if (!signedUpdate) {
         needs.push({
           kind: "NeedSignedUpdate",
-          updateHash: smtProof.updateId,
+          updateHash: updateHashHex,
           beaconServiceId: this.service.id
         });
         continue;
@@ -3374,20 +4898,20 @@ var SMTBeacon = class extends Beacon {
    * signing, and broadcast are delegated to {@link Beacon.buildSignAndBroadcast}.
    *
    * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-   * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+   * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
    * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
    * @param {BroadcastOptions} [options] Optional broadcast configuration (e.g. fee estimator).
    * @return {Promise<SignedBTCR2Update>} The signed update that was broadcast.
    * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
    */
-  async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
+  async broadcastSignal(signedUpdate, signer, bitcoin, options) {
     const did = this.service.id.split("#")[0];
-    const canonicalBytes = new TextEncoder().encode((0, import_common12.canonicalize)(signedUpdate));
-    const nonce = (0, import_utils6.randomBytes)(32);
+    const canonicalBytes = new TextEncoder().encode((0, import_common15.canonicalize)(signedUpdate));
+    const nonce = (0, import_utils8.randomBytes)(32);
     const tree = new import_smt3.BTCR2MerkleTree();
     tree.addEntries([{ did, nonce, signedUpdate: canonicalBytes }]);
     tree.finalize();
-    await this.buildSignAndBroadcast(tree.rootHash, secretKey, bitcoin, options);
+    await this.buildSignAndBroadcast(tree.rootHash, signer, bitcoin, options);
     return signedUpdate;
   }
 };
@@ -3408,18 +4932,18 @@ var BeaconFactory = class {
       case "SMTBeacon":
         return new SMTBeacon(service);
       default:
-        throw new import_common13.MethodError("Invalid Beacon Type", "INVALID_BEACON_ERROR", service);
+        throw new import_common16.MethodError("Invalid Beacon Type", "INVALID_BEACON_ERROR", service);
     }
   }
 };
 
 // src/core/beacon/signal-discovery.ts
 var import_bitcoin2 = require("@did-btcr2/bitcoin");
-var import_common16 = require("@did-btcr2/common");
+var import_common18 = require("@did-btcr2/common");
 
 // src/core/beacon/utils.ts
 var import_bitcoin = require("@did-btcr2/bitcoin");
-var import_common15 = require("@did-btcr2/common");
+var import_common17 = require("@did-btcr2/common");
 var import_btc_signer5 = require("@scure/btc-signer");
 
 // src/utils/appendix.ts
@@ -4460,198 +5984,6 @@ var Appendix = class _Appendix {
   }
 };
 
-// src/core/identifier.ts
-var import_common14 = require("@did-btcr2/common");
-var import_keypair2 = require("@did-btcr2/keypair");
-var import_base7 = require("@scure/base");
-var Identifier = class _Identifier {
-  /**
-   * Implements {@link https://dcdpr.github.io/did-btcr2/#didbtcr2-identifier-encoding | 3.2 did:btcr2 Identifier Encoding}.
-   *
-   * A did:btcr2 DID consists of a did:btcr2 prefix, followed by an id-bech32 value, which is a Bech32m encoding of:
-   *  - the specification version;
-   *  - the Bitcoin network identifier; and
-   *  - either:
-   *    - a key-value representing a secp256k1 public key; or
-   *    - a hash-value representing the hash of an initiating external DID document.
-   *
-   * @param {KeyBytes | DocumentBytes} genesisBytes The genesis bytes (public key or document bytes).
-   * @param {DidCreateOptions} options The DID creation options.
-   * @returns {string} The new did:btcr2 identifier.
-   */
-  static encode(genesisBytes, options) {
-    const { idType, version = 1, network } = options;
-    if (!(idType in import_common14.IdentifierTypes)) {
-      throw new import_common14.IdentifierError('Expected "idType" to be "KEY" or "EXTERNAL"', import_common14.INVALID_DID, { idType });
-    }
-    if (isNaN(version) || version > 1) {
-      throw new import_common14.IdentifierError('Expected "version" to be 1', import_common14.INVALID_DID, { version });
-    }
-    if (typeof network === "string" && !(network in import_common14.BitcoinNetworkNames)) {
-      throw new import_common14.IdentifierError('Invalid "network" name', import_common14.INVALID_DID, { network });
-    }
-    if (typeof network === "number" && (network < 0 || network > 8)) {
-      throw new import_common14.IdentifierError('Invalid "network" number', import_common14.INVALID_DID, { network });
-    }
-    if (idType === "KEY") {
-      try {
-        new import_keypair2.CompressedSecp256k1PublicKey(genesisBytes);
-      } catch {
-        throw new import_common14.IdentifierError(
-          'Expected "genesisBytes" to be a valid compressed secp256k1 public key',
-          import_common14.INVALID_DID,
-          { genesisBytes }
-        );
-      }
-    }
-    const hrp = idType === "KEY" ? "k" : "x";
-    const nibbles = [];
-    const fCount = Math.floor((version - 1) / 15);
-    for (let i = 0; i < fCount; i++) {
-      nibbles.push(15);
-    }
-    nibbles.push((version - 1) % 15);
-    if (typeof network === "string") {
-      nibbles.push(import_common14.BitcoinNetworkNames[network]);
-    } else if (typeof network === "number") {
-      nibbles.push(network + 11);
-    }
-    if (nibbles.length % 2 !== 0) {
-      nibbles.push(0);
-    }
-    if (fCount !== 0) {
-      for (const index in Array.from({ length: nibbles.length / 2 - 1 })) {
-        throw new import_common14.IdentifierError("Not implemented", "NOT_IMPLEMENTED", { index });
-      }
-    }
-    const dataBytes = new Uint8Array([nibbles[2 * 0] << 4 | nibbles[2 * 0 + 1], ...genesisBytes]);
-    return `did:btcr2:${import_base7.bech32m.encodeFromBytes(hrp, dataBytes)}`;
-  }
-  /**
-   * Implements {@link https://dcdpr.github.io/did-btcr2/#didbtcr2-identifier-decoding | 3.3 did:btcr2 Identifier Decoding}.
-   * @param {string} identifier The BTCR2 DID to be parsed
-   * @returns {DidComponents} The parsed identifier components. See {@link DidComponents} for details.
-   * @throws {DidError} if an error occurs while parsing the identifier
-   * @throws {DidErrorCode.InvalidDid} if identifier is invalid
-   * @throws {DidErrorCode.MethodNotSupported} if the method is not supported
-   */
-  static decode(identifier) {
-    const components = identifier.split(":");
-    if (components.length !== 3) {
-      throw new import_common14.IdentifierError(`Invalid did: ${identifier}`, import_common14.INVALID_DID, { identifier });
-    }
-    const [scheme, method, encoded] = components;
-    if (scheme !== "did") {
-      throw new import_common14.IdentifierError(`Invalid did: ${identifier}`, import_common14.INVALID_DID, { identifier });
-    }
-    if (method !== "btcr2") {
-      throw new import_common14.IdentifierError(`Invalid did method: ${method}`, import_common14.METHOD_NOT_SUPPORTED, { identifier });
-    }
-    if (!encoded) {
-      throw new import_common14.IdentifierError(`Invalid method-specific id: ${identifier}`, import_common14.INVALID_DID, { identifier });
-    }
-    const { prefix: hrp, bytes: dataBytes } = import_base7.bech32m.decodeToBytes(encoded);
-    if (!["x", "k"].includes(hrp)) {
-      throw new import_common14.IdentifierError(`Invalid hrp: ${hrp}`, import_common14.INVALID_DID, { identifier });
-    }
-    if (!dataBytes) {
-      throw new import_common14.IdentifierError(`Failed to decode id: ${encoded}`, import_common14.INVALID_DID, { identifier });
-    }
-    const idType = hrp === "k" ? "KEY" : "EXTERNAL";
-    let version = 1;
-    let byteIndex = 0;
-    let nibblesConsumed = 0;
-    let currentByte = dataBytes[byteIndex];
-    let versionNibble = currentByte >>> 4;
-    while (versionNibble === 15) {
-      version += 15;
-      if (nibblesConsumed % 2 === 0) {
-        versionNibble = currentByte & 15;
-      } else {
-        currentByte = dataBytes[++byteIndex];
-        versionNibble = currentByte >>> 4;
-      }
-      nibblesConsumed += 1;
-      if (version > 1) {
-        throw new import_common14.IdentifierError(`Invalid version: ${version}`, import_common14.INVALID_DID, { identifier });
-      }
-    }
-    version += versionNibble;
-    nibblesConsumed += 1;
-    let networkValue = nibblesConsumed % 2 === 0 ? dataBytes[++byteIndex] >>> 4 : currentByte & 15;
-    nibblesConsumed += 1;
-    let network = import_common14.BitcoinNetworkNames[networkValue];
-    if (!network) {
-      if (networkValue >= 8 && networkValue <= 15) {
-        network = networkValue - 11;
-      } else {
-        throw new import_common14.IdentifierError(`Invalid did: ${identifier}`, import_common14.INVALID_DID, { identifier });
-      }
-    }
-    if (nibblesConsumed % 2 === 1) {
-      const fillerNibble = currentByte & 15;
-      if (fillerNibble !== 0) {
-        throw new import_common14.IdentifierError(`Invalid did: ${identifier}`, import_common14.INVALID_DID, { identifier });
-      }
-    }
-    const genesisBytes = dataBytes.slice(byteIndex + 1);
-    if (idType === "KEY") {
-      try {
-        new import_keypair2.CompressedSecp256k1PublicKey(genesisBytes);
-      } catch {
-        throw new import_common14.IdentifierError(`Invalid genesisBytes: ${genesisBytes}`, import_common14.INVALID_DID, { identifier });
-      }
-    }
-    return { idType, hrp, version, network, genesisBytes };
-  }
-  /**
-   * Generates a new did:btcr2 identifier based on a newly generated key pair.
-   * @returns {string} The new did:btcr2 identifier.
-   */
-  static generate() {
-    const keyPair = import_keypair2.SchnorrKeyPair.generate();
-    const did = this.encode(
-      keyPair.publicKey.compressed,
-      {
-        idType: "KEY",
-        version: 1,
-        network: "regtest"
-      }
-    );
-    return { keyPair: keyPair.exportJSON(), did };
-  }
-  /**
-   * Extracts the compressed secp256k1 public key from a KEY-type did:btcr2 identifier.
-   * @param {string} did The did:btcr2 identifier to extract the public key from.
-   * @returns {CompressedSecp256k1PublicKey} The compressed public key.
-   * @throws {IdentifierError} If the DID is EXTERNAL type (genesis bytes are a hash, not a pubkey).
-   */
-  static getPublicKey(did) {
-    const { idType, genesisBytes } = _Identifier.decode(did);
-    if (idType !== "KEY") {
-      throw new import_common14.IdentifierError(
-        `Cannot extract public key from EXTERNAL DID: ${did}. EXTERNAL DIDs encode a document hash, not a public key.`,
-        import_common14.INVALID_DID,
-        { did, idType }
-      );
-    }
-    return new import_keypair2.CompressedSecp256k1PublicKey(genesisBytes);
-  }
-  /**
-   * Validates a did:btcr2 identifier.
-   * @param {string} identifier The did:btcr2 identifier to validate.
-   * @returns {boolean} True if the identifier is valid, false otherwise.
-   */
-  static isValid(identifier) {
-    try {
-      this.decode(identifier);
-      return true;
-    } catch {
-      return false;
-    }
-  }
-};
-
 // src/core/beacon/utils.ts
 var BeaconUtils = class {
   /**
@@ -4662,7 +5994,7 @@ var BeaconUtils = class {
    */
   static parseBitcoinAddress(uri) {
     if (!uri.startsWith("bitcoin:")) {
-      throw new import_common15.MethodError("Invalid Bitcoin URI format", "BEACON_SERVICE_ERROR", { uri });
+      throw new import_common17.MethodError("Invalid Bitcoin URI format", "BEACON_SERVICE_ERROR", { uri });
     }
     return uri.replace("bitcoin:", "").split("?")[0];
   }
@@ -4743,7 +6075,7 @@ var BeaconUtils = class {
       const p2wpkhAddr = (0, import_btc_signer5.p2wpkh)(publicKey, network).address;
       const p2trAddr = (0, import_btc_signer5.p2tr)(publicKey.slice(1, 33), void 0, network).address;
       if (!p2pkhAddr || !p2wpkhAddr || !p2trAddr) {
-        throw new import_common15.DidMethodError("Failed to generate bitcoin addresses");
+        throw new import_common17.DidMethodError("Failed to generate bitcoin addresses");
       }
       return [
         {
@@ -4859,7 +6191,7 @@ var BeaconSignalDiscovery = class {
     }
     const rpc = bitcoin.rpc;
     if (!rpc) {
-      throw new import_common16.ResolveError("RPC connection is not available", "RPC_CONNECTION_ERROR", bitcoin);
+      throw new import_common18.ResolveError("RPC connection is not available", "RPC_CONNECTION_ERROR", bitcoin);
     }
     const targetHeight = await rpc.getBlockCount();
     const beaconServicesMap = BeaconUtils.getBeaconServicesMap(beaconServices);
@@ -4930,23 +6262,23 @@ var BeaconSignalDiscovery = class {
 
 // src/core/resolver.ts
 var import_bitcoin4 = require("@did-btcr2/bitcoin");
-var import_common20 = require("@did-btcr2/common");
+var import_common22 = require("@did-btcr2/common");
 var import_cryptosuite3 = require("@did-btcr2/cryptosuite");
-var import_keypair4 = require("@did-btcr2/keypair");
+var import_keypair6 = require("@did-btcr2/keypair");
 
 // src/did-btcr2.ts
-var import_common19 = require("@did-btcr2/common");
+var import_common21 = require("@did-btcr2/common");
 var import_dids2 = require("@web5/dids");
 
 // src/core/updater.ts
-var import_common18 = require("@did-btcr2/common");
+var import_common20 = require("@did-btcr2/common");
 var import_cryptosuite2 = require("@did-btcr2/cryptosuite");
 
 // src/utils/did-document.ts
 var import_bitcoin3 = require("@did-btcr2/bitcoin");
-var import_common17 = require("@did-btcr2/common");
-var import_keypair3 = require("@did-btcr2/keypair");
-var import_utils8 = require("@web5/dids/utils");
+var import_common19 = require("@did-btcr2/common");
+var import_keypair5 = require("@did-btcr2/keypair");
+var import_utils10 = require("@web5/dids/utils");
 var import_btc_signer6 = require("@scure/btc-signer");
 var BTCR2_DID_DOCUMENT_CONTEXT = [
   "https://www.w3.org/ns/did/v1.1",
@@ -4988,20 +6320,20 @@ var DidDocument = class _DidDocument {
   deactivated;
   constructor(document) {
     if (!document.id) {
-      throw new import_common17.DidDocumentError("DID Document must have an id", import_common17.INVALID_DID_DOCUMENT, document);
+      throw new import_common19.DidDocumentError("DID Document must have an id", import_common19.INVALID_DID_DOCUMENT, document);
     }
-    const idType = document.id.includes("k1") ? import_common17.IdentifierTypes.KEY : import_common17.IdentifierTypes.EXTERNAL;
+    const idType = document.id.includes("k1") ? import_common19.IdentifierTypes.KEY : import_common19.IdentifierTypes.EXTERNAL;
     const isGenesis = document.id === ID_PLACEHOLDER_VALUE;
     const { id, verificationMethod: vm, service } = document;
     if (!isGenesis) {
       if (!_DidDocument.isValidId(id)) {
-        throw new import_common17.DidDocumentError(`Invalid id: ${id}`, import_common17.INVALID_DID_DOCUMENT, document);
+        throw new import_common19.DidDocumentError(`Invalid id: ${id}`, import_common19.INVALID_DID_DOCUMENT, document);
       }
       if (!_DidDocument.isValidVerificationMethods(vm)) {
-        throw new import_common17.DidDocumentError("Invalid verificationMethod: " + vm, import_common17.INVALID_DID_DOCUMENT, document);
+        throw new import_common19.DidDocumentError("Invalid verificationMethod: " + vm, import_common19.INVALID_DID_DOCUMENT, document);
       }
       if (!_DidDocument.isValidServices(service)) {
-        throw new import_common17.DidDocumentError("Invalid service: " + service, import_common17.INVALID_DID_DOCUMENT, document);
+        throw new import_common19.DidDocumentError("Invalid service: " + service, import_common19.INVALID_DID_DOCUMENT, document);
       }
     }
     this.id = document.id;
@@ -5011,7 +6343,7 @@ var DidDocument = class _DidDocument {
       "https://www.w3.org/ns/did/v1.1",
       "https://btcr2.dev/context/v1"
     ];
-    if (idType === import_common17.IdentifierTypes.KEY) {
+    if (idType === import_common19.IdentifierTypes.KEY) {
       const keyRef = `${this.id}#initialKey`;
       this.authentication = document.authentication || [keyRef];
       this.assertionMethod = document.assertionMethod || [keyRef];
@@ -5097,19 +6429,19 @@ var DidDocument = class _DidDocument {
    */
   static isValid(didDocument) {
     if (!this.isValidContext(didDocument?.["@context"])) {
-      throw new import_common17.DidDocumentError('Invalid "@context"', import_common17.INVALID_DID_DOCUMENT, didDocument);
+      throw new import_common19.DidDocumentError('Invalid "@context"', import_common19.INVALID_DID_DOCUMENT, didDocument);
     }
     if (!this.isValidId(didDocument?.id)) {
-      throw new import_common17.DidDocumentError('Invalid "id"', import_common17.INVALID_DID_DOCUMENT, didDocument);
+      throw new import_common19.DidDocumentError('Invalid "id"', import_common19.INVALID_DID_DOCUMENT, didDocument);
     }
     if (!this.isValidVerificationMethods(didDocument?.verificationMethod)) {
-      throw new import_common17.DidDocumentError('Invalid "verificationMethod"', import_common17.INVALID_DID_DOCUMENT, didDocument);
+      throw new import_common19.DidDocumentError('Invalid "verificationMethod"', import_common19.INVALID_DID_DOCUMENT, didDocument);
     }
     if (!this.isValidServices(didDocument?.service)) {
-      throw new import_common17.DidDocumentError('Invalid "service"', import_common17.INVALID_DID_DOCUMENT, didDocument);
+      throw new import_common19.DidDocumentError('Invalid "service"', import_common19.INVALID_DID_DOCUMENT, didDocument);
     }
     if (!this.isValidVerificationRelationships(didDocument)) {
-      throw new import_common17.DidDocumentError("Invalid verification relationships", import_common17.INVALID_DID_DOCUMENT, didDocument);
+      throw new import_common19.DidDocumentError("Invalid verification relationships", import_common19.INVALID_DID_DOCUMENT, didDocument);
     }
     return true;
   }
@@ -5156,7 +6488,7 @@ var DidDocument = class _DidDocument {
    * @returns {boolean} True if the services are valid.
    */
   static isValidServices(service) {
-    return Array.isArray(service) && service.every(import_utils8.isDidService);
+    return Array.isArray(service) && service.every(import_utils10.isDidService);
   }
   /**
    * Validates verification relationships (authentication, assertionMethod, capabilityInvocation, capabilityDelegation).
@@ -5199,16 +6531,16 @@ var DidDocument = class _DidDocument {
    */
   validateGenesis() {
     if (this.id !== ID_PLACEHOLDER_VALUE) {
-      throw new import_common17.DidDocumentError("Invalid GenesisDocument ID", import_common17.INVALID_DID_DOCUMENT, this);
+      throw new import_common19.DidDocumentError("Invalid GenesisDocument ID", import_common19.INVALID_DID_DOCUMENT, this);
     }
     if (!this.verificationMethod.every((vm) => vm.id.includes(ID_PLACEHOLDER_VALUE) && vm.controller === ID_PLACEHOLDER_VALUE)) {
-      throw new import_common17.DidDocumentError("Invalid GenesisDocument verificationMethod", import_common17.INVALID_DID_DOCUMENT, this);
+      throw new import_common19.DidDocumentError("Invalid GenesisDocument verificationMethod", import_common19.INVALID_DID_DOCUMENT, this);
     }
     if (!this.service.every((svc) => svc.id.includes(ID_PLACEHOLDER_VALUE))) {
-      throw new import_common17.DidDocumentError("Invalid GenesisDocument service", import_common17.INVALID_DID_DOCUMENT, this);
+      throw new import_common19.DidDocumentError("Invalid GenesisDocument service", import_common19.INVALID_DID_DOCUMENT, this);
     }
     if (!_DidDocument.isValidVerificationRelationships(this)) {
-      throw new import_common17.DidDocumentError("Invalid GenesisDocument assertionMethod", import_common17.INVALID_DID_DOCUMENT, this);
+      throw new import_common19.DidDocumentError("Invalid GenesisDocument assertionMethod", import_common19.INVALID_DID_DOCUMENT, this);
     }
     return true;
   }
@@ -5218,7 +6550,7 @@ var DidDocument = class _DidDocument {
    */
   toIntermediate() {
     if (this.id.includes("k1")) {
-      throw new import_common17.DidDocumentError("Cannot convert a key identifier to an intermediate document", import_common17.INVALID_DID_DOCUMENT, this);
+      throw new import_common19.DidDocumentError("Cannot convert a key identifier to an intermediate document", import_common19.INVALID_DID_DOCUMENT, this);
     }
     return new GenesisDocument(this);
   }
@@ -5248,7 +6580,7 @@ var GenesisDocument = class _GenesisDocument extends DidDocument {
    * @returns {GenesisDocument} The GenesisDocument representation of the DidDocument.
    */
   static fromDidDocument(didDocument) {
-    const intermediateDocument = import_common17.JSONUtils.cloneReplace(didDocument, DID_REGEX, ID_PLACEHOLDER_VALUE);
+    const intermediateDocument = import_common19.JSONUtils.cloneReplace(didDocument, DID_REGEX, ID_PLACEHOLDER_VALUE);
     return new _GenesisDocument(intermediateDocument);
   }
   /**
@@ -5267,7 +6599,7 @@ var GenesisDocument = class _GenesisDocument extends DidDocument {
    * @returns {GenesisDocument} A new GenesisDocument with the placeholder ID.
    */
   static fromPublicKey(publicKey, network) {
-    const pk = new import_keypair3.CompressedSecp256k1PublicKey(publicKey);
+    const pk = new import_keypair5.CompressedSecp256k1PublicKey(publicKey);
     const id = ID_PLACEHOLDER_VALUE;
     const address = (0, import_btc_signer6.p2pkh)(pk.compressed, (0, import_bitcoin3.getNetwork)(network)).address;
     const services = [{
@@ -5305,20 +6637,18 @@ var GenesisDocument = class _GenesisDocument extends DidDocument {
    * @returns {Bytes} The genesis bytes.
    */
   static toGenesisBytes(genesisDocument) {
-    return (0, import_common17.hash)((0, import_common17.canonicalize)(genesisDocument));
+    return (0, import_common19.hash)((0, import_common19.canonicalize)(genesisDocument));
   }
 };
 
 // src/core/updater.ts
 var Updater = class _Updater {
-  #phase = "Construct" /* Construct */;
+  #state = { phase: "Construct" };
   #sourceDocument;
   #patches;
   #sourceVersionId;
   #verificationMethod;
   #beaconService;
-  #unsignedUpdate = null;
-  #signedUpdate = null;
   /**
    * @internal — Use {@link DidBtcr2.update} to create instances.
    */
@@ -5352,19 +6682,26 @@ var Updater = class _Updater {
       patch: patches,
       targetHash: "",
       targetVersionId: sourceVersionId + 1,
-      sourceHash: (0, import_common18.canonicalHash)(sourceDocument)
+      sourceHash: (0, import_common20.canonicalHash)(sourceDocument)
     };
-    const targetDocument = import_common18.JSONPatch.apply(sourceDocument, patches);
+    const targetDocument = import_common20.JSONPatch.apply(sourceDocument, patches);
+    if (targetDocument.id !== sourceDocument.id) {
+      throw new import_common20.UpdateError(
+        `Patches must not change the DID document id (source "${sourceDocument.id}" \u2192 target "${targetDocument.id}").`,
+        import_common20.INVALID_DID_UPDATE,
+        { sourceId: sourceDocument.id, targetId: targetDocument.id }
+      );
+    }
     try {
       DidDocument.isValid(targetDocument);
     } catch (error) {
-      throw new import_common18.UpdateError(
+      throw new import_common20.UpdateError(
         "Error validating targetDocument: " + (error instanceof Error ? error.message : String(error)),
-        import_common18.INVALID_DID_UPDATE,
+        import_common20.INVALID_DID_UPDATE,
         targetDocument
       );
     }
-    unsignedUpdate.targetHash = (0, import_common18.canonicalHash)(targetDocument);
+    unsignedUpdate.targetHash = (0, import_common20.canonicalHash)(targetDocument);
     return unsignedUpdate;
   }
   /**
@@ -5373,13 +6710,28 @@ var Updater = class _Updater {
    * @param {string} did The did-btcr2 identifier to derive the root capability from.
    * @param {UnsignedBTCR2Update} unsignedUpdate The unsigned update to sign.
    * @param {DidVerificationMethod} verificationMethod The verification method for signing.
-   * @param {KeyBytes} secretKey The secret key bytes.
+   * @param {Signer} signer Signer that produces the BIP-340 Schnorr signature.
    * @returns {SignedBTCR2Update} The signed update with a Data Integrity proof.
    */
-  static sign(did, unsignedUpdate, verificationMethod, secretKey) {
+  static sign(did, unsignedUpdate, verificationMethod, signer) {
+    if (!did.startsWith("did:btcr2:")) {
+      throw new import_common20.UpdateError(
+        `Expected a did:btcr2 identifier for the root capability; got "${did}".`,
+        import_common20.INVALID_DID_UPDATE,
+        { did }
+      );
+    }
     const controller = verificationMethod.controller;
-    const id = verificationMethod.id.slice(verificationMethod.id.indexOf("#"));
-    const multikey = import_cryptosuite2.SchnorrMultikey.fromSecretKey(id, controller, secretKey);
+    const hashIdx = verificationMethod.id.indexOf("#");
+    if (hashIdx < 0) {
+      throw new import_common20.UpdateError(
+        `Verification method id must contain a fragment (e.g. "${verificationMethod.id}#initialKey"); got "${verificationMethod.id}".`,
+        import_common20.INVALID_DID_UPDATE,
+        { verificationMethodId: verificationMethod.id }
+      );
+    }
+    const id = verificationMethod.id.slice(hashIdx);
+    const multikey = import_cryptosuite2.SchnorrMultikey.fromSigner(id, controller, signer);
     const config = {
       "@context": [
         "https://w3id.org/security/v2",
@@ -5403,24 +6755,20 @@ var Updater = class _Updater {
    *
    * @param {BeaconService} beaconService The beacon service to broadcast through.
    * @param {SignedBTCR2Update} update The signed update to announce.
-   * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+   * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
    * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
    * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
    */
-  static async announce(beaconService, update, secretKey, bitcoin) {
+  static async announce(beaconService, update, signer, bitcoin) {
     const beacon = BeaconFactory.establish(beaconService);
-    return beacon.broadcastSignal(update, secretKey, bitcoin);
+    return beacon.broadcastSignal(update, signer, bitcoin);
   }
-  // ─── Private instance wrappers ─────────────────────────────────────────────
+  // Private instance wrappers
   // Delegate to the public statics with bound instance fields for cleaner
   // advance/provide code.
   #construct() {
     return _Updater.construct(this.#sourceDocument, this.#patches, this.#sourceVersionId);
   }
-  #sign(secretKey) {
-    return _Updater.sign(this.#sourceDocument.id, this.#unsignedUpdate, this.#verificationMethod, secretKey);
-  }
-  // ─── State machine ─────────────────────────────────────────────────────────
   /**
    * Advance the state machine. Returns either:
    * - `{ status: 'action-required', needs }` — caller must provide data via {@link provide}
@@ -5428,30 +6776,30 @@ var Updater = class _Updater {
    */
   advance() {
     while (true) {
-      switch (this.#phase) {
+      switch (this.#state.phase) {
         // Phase: Construct
         // Build the unsigned update from source doc + patches. Pure, synchronous.
-        case "Construct" /* Construct */: {
-          this.#unsignedUpdate = this.#construct();
-          this.#phase = "Sign" /* Sign */;
+        case "Construct": {
+          const unsignedUpdate = this.#construct();
+          this.#state = { phase: "Sign", unsignedUpdate };
           continue;
         }
         // Phase: Sign
         // Emit NeedSigningKey — the caller supplies the secret key (or a KMS signature).
-        case "Sign" /* Sign */: {
+        case "Sign": {
           return {
             status: "action-required",
             needs: [{
               kind: "NeedSigningKey",
               verificationMethodId: this.#verificationMethod.id,
-              unsignedUpdate: this.#unsignedUpdate
+              unsignedUpdate: this.#state.unsignedUpdate
             }]
           };
         }
         // Phase: Fund
         // Emit NeedFunding with the beacon address. The caller checks UTXOs,
         // funds the address if needed, and provides to continue.
-        case "Fund" /* Fund */: {
+        case "Fund": {
           const beaconAddress = this.#beaconService.serviceEndpoint.replace("bitcoin:", "");
           return {
             status: "action-required",
@@ -5465,21 +6813,21 @@ var Updater = class _Updater {
         // Phase: Broadcast
         // Emit NeedBroadcast with the signed update + beacon service. The caller performs
         // the actual on-chain announcement (or hands off to the aggregation protocol).
-        case "Broadcast" /* Broadcast */: {
+        case "Broadcast": {
           return {
             status: "action-required",
             needs: [{
               kind: "NeedBroadcast",
               beaconService: this.#beaconService,
-              signedUpdate: this.#signedUpdate
+              signedUpdate: this.#state.signedUpdate
             }]
           };
         }
         // Phase: Complete
-        case "Complete" /* Complete */: {
+        case "Complete": {
           return {
             status: "complete",
-            result: { signedUpdate: this.#signedUpdate }
+            result: { signedUpdate: this.#state.signedUpdate }
           };
         }
       }
@@ -5488,49 +6836,63 @@ var Updater = class _Updater {
   provide(need, data) {
     switch (need.kind) {
       case "NeedSigningKey": {
-        if (this.#phase !== "Sign" /* Sign */) {
-          throw new import_common18.UpdateError(
-            `Cannot provide NeedSigningKey: updater phase is ${this.#phase}, expected Sign.`,
-            import_common18.INVALID_DID_UPDATE,
-            { phase: this.#phase }
+        if (this.#state.phase !== "Sign") {
+          throw new import_common20.UpdateError(
+            `Cannot provide NeedSigningKey: updater phase is ${this.#state.phase}, expected Sign.`,
+            import_common20.INVALID_DID_UPDATE,
+            { phase: this.#state.phase }
           );
         }
         if (!data) {
-          throw new import_common18.UpdateError(
-            "NeedSigningKey requires secret key bytes.",
-            import_common18.INVALID_DID_UPDATE
-          );
-        }
-        if (!this.#unsignedUpdate) {
-          throw new import_common18.UpdateError(
-            "Internal error: unsigned update missing in Sign phase.",
-            import_common18.INVALID_DID_UPDATE
+          throw new import_common20.UpdateError(
+            "NeedSigningKey requires a Signer.",
+            import_common20.INVALID_DID_UPDATE
           );
         }
-        this.#signedUpdate = this.#sign(data);
-        this.#phase = "Fund" /* Fund */;
+        const unsignedUpdate = this.#state.unsignedUpdate;
+        const signedUpdate = _Updater.sign(
+          this.#sourceDocument.id,
+          unsignedUpdate,
+          this.#verificationMethod,
+          data
+        );
+        this.#state = { phase: "Fund", unsignedUpdate, signedUpdate };
         break;
       }
       case "NeedFunding": {
-        if (this.#phase !== "Fund" /* Fund */) {
-          throw new import_common18.UpdateError(
-            `Cannot provide NeedFunding: updater phase is ${this.#phase}, expected Fund.`,
-            import_common18.INVALID_DID_UPDATE,
-            { phase: this.#phase }
+        if (this.#state.phase !== "Fund") {
+          throw new import_common20.UpdateError(
+            `Cannot provide NeedFunding: updater phase is ${this.#state.phase}, expected Fund.`,
+            import_common20.INVALID_DID_UPDATE,
+            { phase: this.#state.phase }
           );
         }
-        this.#phase = "Broadcast" /* Broadcast */;
+        if (data !== void 0) {
+          const proof = data;
+          if (typeof proof.utxoCount !== "number" || !Number.isFinite(proof.utxoCount) || proof.utxoCount < 1) {
+            throw new import_common20.UpdateError(
+              `NeedFunding proof must have utxoCount >= 1; got ${String(proof.utxoCount)}.`,
+              import_common20.INVALID_DID_UPDATE,
+              { utxoCount: proof.utxoCount }
+            );
+          }
+        }
+        this.#state = {
+          phase: "Broadcast",
+          unsignedUpdate: this.#state.unsignedUpdate,
+          signedUpdate: this.#state.signedUpdate
+        };
         break;
       }
       case "NeedBroadcast": {
-        if (this.#phase !== "Broadcast" /* Broadcast */) {
-          throw new import_common18.UpdateError(
-            `Cannot provide NeedBroadcast: updater phase is ${this.#phase}, expected Broadcast.`,
-            import_common18.INVALID_DID_UPDATE,
-            { phase: this.#phase }
+        if (this.#state.phase !== "Broadcast") {
+          throw new import_common20.UpdateError(
+            `Cannot provide NeedBroadcast: updater phase is ${this.#state.phase}, expected Broadcast.`,
+            import_common20.INVALID_DID_UPDATE,
+            { phase: this.#state.phase }
           );
         }
-        this.#phase = "Complete" /* Complete */;
+        this.#state = { phase: "Complete", signedUpdate: this.#state.signedUpdate };
         break;
       }
     }
@@ -5562,9 +6924,9 @@ var DidBtcr2 = class {
   static create(genesisBytes, options) {
     const { idType, version = 1, network = "bitcoin" } = options || {};
     if (!idType) {
-      throw new import_common19.MethodError(
+      throw new import_common21.MethodError(
         "idType is required for creating a did:btcr2 identifier",
-        import_common19.INVALID_DID_DOCUMENT,
+        import_common21.INVALID_DID_DOCUMENT,
         options
       );
     }
@@ -5594,7 +6956,7 @@ var DidBtcr2 = class {
   static resolve(did, resolutionOptions = {}) {
     const didComponents = Identifier.decode(did);
     const sidecarData = Resolver.sidecarData(resolutionOptions.sidecar);
-    const currentDocument = didComponents.hrp === import_common19.IdentifierHrp.k ? Resolver.deterministic(didComponents) : null;
+    const currentDocument = didComponents.hrp === import_common21.IdentifierHrp.k ? Resolver.deterministic(didComponents) : null;
     return new Resolver(didComponents, sidecarData, currentDocument, {
       versionId: resolutionOptions.versionId,
       versionTime: resolutionOptions.versionTime,
@@ -5632,39 +6994,39 @@ var DidBtcr2 = class {
     beaconId
   }) {
     if (!sourceDocument.capabilityInvocation?.some((vr) => vr === verificationMethodId)) {
-      throw new import_common19.UpdateError(
+      throw new import_common21.UpdateError(
         "Invalid verificationMethodId: not authorized for capabilityInvocation",
-        import_common19.INVALID_DID_DOCUMENT,
+        import_common21.INVALID_DID_DOCUMENT,
         sourceDocument
       );
     }
     const verificationMethod = this.getSigningMethod(sourceDocument, verificationMethodId);
     if (!verificationMethod) {
-      throw new import_common19.UpdateError(
+      throw new import_common21.UpdateError(
         "Invalid verificationMethod: not found in source document",
-        import_common19.INVALID_DID_DOCUMENT,
+        import_common21.INVALID_DID_DOCUMENT,
         { sourceDocument, verificationMethodId }
       );
     }
     if (verificationMethod.type !== "Multikey") {
-      throw new import_common19.UpdateError(
+      throw new import_common21.UpdateError(
         'Invalid verificationMethod: verificationMethod.type must be "Multikey"',
-        import_common19.INVALID_DID_DOCUMENT,
+        import_common21.INVALID_DID_DOCUMENT,
         verificationMethod
       );
     }
     if (verificationMethod.publicKeyMultibase?.slice(0, 4) !== "zQ3s") {
-      throw new import_common19.UpdateError(
+      throw new import_common21.UpdateError(
         'Invalid verificationMethodId: publicKeyMultibase prefix must start with "zQ3s"',
-        import_common19.INVALID_DID_DOCUMENT,
+        import_common21.INVALID_DID_DOCUMENT,
         verificationMethod
       );
     }
     const beaconService = sourceDocument.service.filter((service) => service.id === beaconId).filter((service) => !!service).shift();
     if (!beaconService) {
-      throw new import_common19.UpdateError(
+      throw new import_common21.UpdateError(
         "No beacon service found for provided beaconId",
-        import_common19.INVALID_DID_UPDATE,
+        import_common21.INVALID_DID_UPDATE,
         { sourceDocument, beaconId }
       );
     }
@@ -5690,7 +7052,7 @@ var DidBtcr2 = class {
     methodId ??= "#initialKey";
     const parsedDid = import_dids2.Did.parse(didDocument.id);
     if (parsedDid && parsedDid.method !== this.methodName) {
-      throw new import_common19.MethodError(`Method not supported: ${parsedDid.method}`, import_common19.METHOD_NOT_SUPPORTED, { identifier: didDocument.id });
+      throw new import_common21.MethodError(`Method not supported: ${parsedDid.method}`, import_common21.METHOD_NOT_SUPPORTED, { identifier: didDocument.id });
     }
     const verificationMethod = didDocument.verificationMethod?.find(
       (vm) => Appendix.extractDidFragment(vm.id) === (Appendix.extractDidFragment(methodId) ?? Appendix.extractDidFragment(didDocument.assertionMethod?.[0]))
@@ -5706,7 +7068,7 @@ var DidBtcr2 = class {
 };
 
 // src/core/resolver.ts
-var import_utils10 = require("@noble/curves/utils.js");
+var import_utils12 = require("@noble/curves/utils.js");
 var Resolver = class _Resolver {
   // --- Immutable inputs ---
   #didComponents;
@@ -5746,7 +7108,7 @@ var Resolver = class _Resolver {
   static deterministic(didComponents) {
     const genesisBytes = didComponents.genesisBytes;
     const did = Identifier.encode(genesisBytes, didComponents);
-    const { multibase } = new import_keypair4.CompressedSecp256k1PublicKey(genesisBytes);
+    const { multibase } = new import_keypair6.CompressedSecp256k1PublicKey(genesisBytes);
     const service = BeaconUtils.generateBeaconServices({
       id: did,
       publicKey: genesisBytes,
@@ -5772,14 +7134,14 @@ var Resolver = class _Resolver {
    * @throws {ResolveError} InvalidDidDocument if not conformant to DID Core v1.1
    */
   static external(didComponents, genesisDocument) {
-    const genesisDocumentHash = (0, import_common20.canonicalHashBytes)(genesisDocument);
-    if (!(0, import_utils10.equalBytes)(didComponents.genesisBytes, genesisDocumentHash)) {
-      throw new import_common20.ResolveError(
+    const genesisDocumentHash = (0, import_common22.canonicalHashBytes)(genesisDocument);
+    if (!(0, import_utils12.equalBytes)(didComponents.genesisBytes, genesisDocumentHash)) {
+      throw new import_common22.ResolveError(
         `Initial document mismatch: genesisBytes !== genesisDocumentHash`,
-        import_common20.INVALID_DID_DOCUMENT,
+        import_common22.INVALID_DID_DOCUMENT,
         {
-          genesisBytes: (0, import_common20.encode)(didComponents.genesisBytes, "hex"),
-          genesisDocumentHash: (0, import_common20.encode)(genesisDocumentHash, "hex")
+          genesisBytes: (0, import_common22.encode)(didComponents.genesisBytes, "hex"),
+          genesisDocumentHash: (0, import_common22.encode)(genesisDocumentHash, "hex")
         }
       );
     }
@@ -5798,17 +7160,17 @@ var Resolver = class _Resolver {
     const updateMap = /* @__PURE__ */ new Map();
     if (sidecar.updates?.length)
       for (const update of sidecar.updates) {
-        updateMap.set((0, import_common20.canonicalHash)(update, { encoding: "hex" }), update);
+        updateMap.set((0, import_common22.canonicalHash)(update, { encoding: "hex" }), update);
       }
     const casMap = /* @__PURE__ */ new Map();
     if (sidecar.casUpdates?.length)
       for (const update of sidecar.casUpdates) {
-        casMap.set((0, import_common20.canonicalHash)(update, { encoding: "hex" }), update);
+        casMap.set((0, import_common22.canonicalHash)(update, { encoding: "hex" }), update);
       }
     const smtMap = /* @__PURE__ */ new Map();
     if (sidecar.smtProofs?.length)
       for (const proof of sidecar.smtProofs) {
-        smtMap.set(proof.id, proof);
+        smtMap.set((0, import_common22.encode)((0, import_common22.decode)(proof.id, "base64urlnopad"), "hex"), proof);
       }
     return { updateMap, casMap, smtMap };
   }
@@ -5836,12 +7198,12 @@ var Resolver = class _Resolver {
       }
     };
     for (const [update, block] of updates) {
-      const currentDocumentHash = (0, import_common20.canonicalHashBytes)(response.didDocument);
-      const blocktime = import_common20.DateUtils.blocktimeToTimestamp(block.time);
-      response.metadata.updated = import_common20.DateUtils.toISOStringNonFractional(blocktime);
+      const currentDocumentHash = (0, import_common22.canonicalHashBytes)(response.didDocument);
+      const blocktime = import_common22.DateUtils.blocktimeToTimestamp(block.time);
+      response.metadata.updated = import_common22.DateUtils.toISOStringNonFractional(blocktime);
       response.metadata.confirmations = block.confirmations;
       if (versionTime) {
-        if (blocktime > import_common20.DateUtils.dateStringToTimestamp(versionTime)) {
+        if (blocktime > import_common22.DateUtils.dateStringToTimestamp(versionTime)) {
           return response;
         }
       }
@@ -5849,22 +7211,22 @@ var Resolver = class _Resolver {
         updateHashHistory.push(currentDocumentHash);
         this.confirmDuplicate(update, updateHashHistory);
       } else if (update.targetVersionId === currentVersionId + 1) {
-        const sourceHashBytes = (0, import_common20.decode)(update.sourceHash, "base64urlnopad");
-        if (!(0, import_utils10.equalBytes)(sourceHashBytes, currentDocumentHash)) {
-          throw new import_common20.ResolveError(
+        const sourceHashBytes = (0, import_common22.decode)(update.sourceHash, "base64urlnopad");
+        if (!(0, import_utils12.equalBytes)(sourceHashBytes, currentDocumentHash)) {
+          throw new import_common22.ResolveError(
             `Hash mismatch: update.sourceHash !== currentDocumentHash`,
-            import_common20.INVALID_DID_UPDATE,
+            import_common22.INVALID_DID_UPDATE,
             {
               sourceHash: update.sourceHash,
-              currentDocumentHash: (0, import_common20.encode)(currentDocumentHash, "hex")
+              currentDocumentHash: (0, import_common22.encode)(currentDocumentHash, "hex")
             }
           );
         }
         response.didDocument = this.applyUpdate(response.didDocument, update);
-        const unsignedUpdate = import_common20.JSONUtils.deleteKeys(update, ["proof"]);
-        updateHashHistory.push((0, import_common20.canonicalHashBytes)(unsignedUpdate));
+        const unsignedUpdate = import_common22.JSONUtils.deleteKeys(update, ["proof"]);
+        updateHashHistory.push((0, import_common22.canonicalHashBytes)(unsignedUpdate));
       } else if (update.targetVersionId > currentVersionId + 1) {
-        throw new import_common20.ResolveError(
+        throw new import_common22.ResolveError(
           `Version Id Mismatch: targetVersionId cannot be > currentVersionId + 1`,
           "LATE_PUBLISHING_ERROR",
           {
@@ -5895,15 +7257,15 @@ var Resolver = class _Resolver {
    */
   static confirmDuplicate(update, updateHashHistory) {
     const { proof: _, ...unsignedUpdate } = update;
-    const unsignedUpdateHash = (0, import_common20.canonicalHashBytes)(unsignedUpdate);
+    const unsignedUpdateHash = (0, import_common22.canonicalHashBytes)(unsignedUpdate);
     const historicalUpdateHash = updateHashHistory[update.targetVersionId - 2];
-    if (!(0, import_utils10.equalBytes)(historicalUpdateHash, unsignedUpdateHash)) {
-      throw new import_common20.ResolveError(
+    if (!(0, import_utils12.equalBytes)(historicalUpdateHash, unsignedUpdateHash)) {
+      throw new import_common22.ResolveError(
         `Invalid duplicate: unsigned update hash does not match historical hash`,
-        import_common20.LATE_PUBLISHING_ERROR,
+        import_common22.LATE_PUBLISHING_ERROR,
         {
-          unsignedUpdateHash: (0, import_common20.encode)(unsignedUpdateHash, "hex"),
-          historicalHash: (0, import_common20.encode)(historicalUpdateHash, "hex")
+          unsignedUpdateHash: (0, import_common22.encode)(unsignedUpdateHash, "hex"),
+          historicalHash: (0, import_common22.encode)(historicalUpdateHash, "hex")
         }
       );
     }
@@ -5918,42 +7280,42 @@ var Resolver = class _Resolver {
   static applyUpdate(currentDocument, update) {
     const capabilityId = update.proof?.capability;
     if (!capabilityId) {
-      throw new import_common20.ResolveError("No root capability found in update", import_common20.INVALID_DID_UPDATE, update);
+      throw new import_common22.ResolveError("No root capability found in update", import_common22.INVALID_DID_UPDATE, update);
     }
     const rootCapability = Appendix.dereferenceZcapId(capabilityId);
     const { invocationTarget, controller: rootController } = rootCapability;
     if (![invocationTarget, rootController].every((id) => id === currentDocument.id)) {
-      throw new import_common20.ResolveError(
+      throw new import_common22.ResolveError(
         "Invalid root capability",
-        import_common20.INVALID_DID_UPDATE,
+        import_common22.INVALID_DID_UPDATE,
         { rootCapability, currentDocument }
       );
     }
     const verificationMethodId = update.proof?.verificationMethod;
     if (!verificationMethodId) {
-      throw new import_common20.ResolveError("No verificationMethod found in update", import_common20.INVALID_DID_UPDATE, update);
+      throw new import_common22.ResolveError("No verificationMethod found in update", import_common22.INVALID_DID_UPDATE, update);
     }
     const vm = DidBtcr2.getSigningMethod(currentDocument, verificationMethodId);
     const multikey = import_cryptosuite3.SchnorrMultikey.fromVerificationMethod(vm);
     const cryptosuite = new import_cryptosuite3.BIP340Cryptosuite(multikey);
-    const canonicalUpdate = (0, import_common20.canonicalize)(update);
+    const canonicalUpdate = (0, import_common22.canonicalize)(update);
     const diProof = new import_cryptosuite3.BIP340DataIntegrityProof(cryptosuite);
     const verificationResult = diProof.verifyProof(canonicalUpdate, "capabilityInvocation");
     if (!verificationResult.verified) {
-      throw new import_common20.ResolveError(
+      throw new import_common22.ResolveError(
         "Invalid update: proof not verified",
-        import_common20.INVALID_DID_UPDATE,
+        import_common22.INVALID_DID_UPDATE,
         verificationResult
       );
     }
-    const updatedDocument = import_common20.JSONPatch.apply(currentDocument, update.patch);
+    const updatedDocument = import_common22.JSONPatch.apply(currentDocument, update.patch);
     DidDocument.validate(updatedDocument);
-    const currentDocumentHash = (0, import_common20.canonicalHashBytes)(updatedDocument);
-    const updateTargetHash = (0, import_common20.decode)(update.targetHash);
-    if (!(0, import_utils10.equalBytes)(updateTargetHash, currentDocumentHash)) {
-      throw new import_common20.ResolveError(
+    const currentDocumentHash = (0, import_common22.canonicalHashBytes)(updatedDocument);
+    const updateTargetHash = (0, import_common22.decode)(update.targetHash);
+    if (!(0, import_utils12.equalBytes)(updateTargetHash, currentDocumentHash)) {
+      throw new import_common22.ResolveError(
         `Invalid update: update.targetHash !== currentDocumentHash`,
-        import_common20.INVALID_DID_UPDATE,
+        import_common22.INVALID_DID_UPDATE,
         { updateTargetHash, currentDocumentHash }
       );
     }
@@ -5981,7 +7343,7 @@ var Resolver = class _Resolver {
             this.#phase = "BeaconDiscovery" /* BeaconDiscovery */;
             continue;
           }
-          const genesisHash = (0, import_common20.encode)(this.#didComponents.genesisBytes, "hex");
+          const genesisHash = (0, import_common22.encode)(this.#didComponents.genesisBytes, "hex");
           return {
             status: "action-required",
             needs: [{ kind: "NeedGenesisDocument", genesisHash }]
@@ -6085,22 +7447,23 @@ var Resolver = class _Resolver {
       }
       case "NeedCASAnnouncement": {
         const announcement = data;
-        this.#sidecarData.casMap.set((0, import_common20.canonicalHash)(announcement, { encoding: "hex" }), announcement);
+        this.#sidecarData.casMap.set((0, import_common22.canonicalHash)(announcement, { encoding: "hex" }), announcement);
         break;
       }
       case "NeedSignedUpdate": {
         const update = data;
-        this.#sidecarData.updateMap.set((0, import_common20.canonicalHash)(update, { encoding: "hex" }), update);
+        this.#sidecarData.updateMap.set((0, import_common22.canonicalHash)(update, { encoding: "hex" }), update);
         break;
       }
       case "NeedSMTProof": {
         const smtNeed = need;
         const proof = data;
-        if (proof.id !== smtNeed.smtRootHash) {
-          throw new import_common20.ResolveError(
-            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proof.id}`,
-            import_common20.INVALID_DID_UPDATE,
-            { expected: smtNeed.smtRootHash, actual: proof.id }
+        const proofIdHex = (0, import_common22.encode)((0, import_common22.decode)(proof.id, "base64urlnopad"), "hex");
+        if (proofIdHex !== smtNeed.smtRootHash) {
+          throw new import_common22.ResolveError(
+            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proofIdHex}`,
+            import_common22.INVALID_DID_UPDATE,
+            { expected: smtNeed.smtRootHash, actual: proofIdHex }
           );
         }
         this.#sidecarData.smtMap.set(smtNeed.smtRootHash, proof);
@@ -6111,12 +7474,12 @@ var Resolver = class _Resolver {
 };
 
 // src/utils/did-document-builder.ts
-var import_common21 = require("@did-btcr2/common");
+var import_common23 = require("@did-btcr2/common");
 var DidDocumentBuilder = class {
   document = {};
   constructor(initialDocument) {
     if (!initialDocument.id) {
-      throw new import_common21.DidDocumentError('Missing required "id" property', import_common21.INVALID_DID_DOCUMENT, initialDocument);
+      throw new import_common23.DidDocumentError('Missing required "id" property', import_common23.INVALID_DID_DOCUMENT, initialDocument);
     }
     this.document.id = initialDocument.id;
     this.document.verificationMethod = initialDocument.verificationMethod ?? [];
@@ -6198,7 +7561,9 @@ var DidDocumentBuilder = class {
   CONSOLE_LOGGER,
   DEFAULT_ADVERT_REPEAT_INTERVAL_MS,
   DEFAULT_BROADCAST_LOOKBACK_MS,
+  DEFAULT_CLOCK_SKEW_SEC,
   DEFAULT_MAX_UPDATE_SIZE_BYTES,
+  DEFAULT_NONCE_LEN_BYTES,
   DEFAULT_NOSTR_RELAYS,
   DID_REGEX,
   DISTRIBUTE_AGGREGATED_DATA,
@@ -6209,16 +7574,31 @@ var DidDocumentBuilder = class {
   DidVerificationMethod,
   Document,
   GenesisDocument,
+  HTTP_ENVELOPE_VERSION,
+  HTTP_ROUTE,
+  HttpClientTransport,
+  HttpServerTransport,
+  HttpTransportError,
   ID_PLACEHOLDER_VALUE,
   Identifier,
+  InMemoryRateLimitStore,
+  InboxBuffer,
   NONCE_CONTRIBUTION,
+  NonceCache,
   NostrTransport,
+  P2PKH_BEACON_TX_VSIZE,
+  P2TR_BEACON_TX_VSIZE,
+  P2WPKH_BEACON_TX_VSIZE,
   ParticipantCohortPhase,
+  REQUEST_AUTH_SCHEME,
+  RateLimiter,
   Resolver,
   SIGNATURE_AUTHORIZATION,
   SILENT_LOGGER,
+  SINGLETON_BEACON_TX_VSIZE,
   SMTBeacon,
   SMTBeaconError,
+  SSE_EVENT,
   SUBMIT_UPDATE,
   ServiceCohortPhase,
   SigningSessionError,
@@ -6233,6 +7613,7 @@ var DidDocumentBuilder = class {
   Updater,
   VALIDATION_ACK,
   buildAggregationBeaconTx,
+  buildRequestAuth,
   createAggregatedNonceMessage,
   createAuthorizationRequestMessage,
   createCohortAdvertMessage,
@@ -6244,6 +7625,11 @@ var DidDocumentBuilder = class {
   createSignatureAuthorizationMessage,
   createSubmitUpdateMessage,
   createValidationAckMessage,
+  defaultReconnectBackoff,
+  deriveSingletonAddress,
+  detectSingletonScriptKind,
+  formatSseComment,
+  formatSseEvent,
   getBeaconStrategy,
   isAggregatedNonceMessage,
   isAggregationMessageType,
@@ -6260,6 +7646,13 @@ var DidDocumentBuilder = class {
   isSubmitUpdateMessage,
   isUpdateMessageType,
   isValidationAckMessage,
+  normalizeForWire,
   opReturnScript,
-  registerBeaconStrategy
+  parseRequestAuth,
+  parseSseStream,
+  registerBeaconStrategy,
+  reviveFromWire,
+  signEnvelope,
+  verifyEnvelope,
+  verifyRequestAuth
 });