@did-btcr2/method 0.29.0 → 0.33.0

package/dist/esm/core/beacon/beacon.js

@@ -1,24 +1,78 @@
-import { getPublicKey } from '@noble/secp256k1';
-import { hexToBytes } from '@noble/hashes/utils';
-import { OP, p2tr, p2wpkh, Script, Transaction } from '@scure/btc-signer';
+import { concatBytes, hexToBytes } from '@noble/hashes/utils.js';
+import { Address, OutScript, p2pkh, p2tr, p2wpkh, Script, SigHash, Transaction } from '@scure/btc-signer';
 import { BeaconError } from './error.js';
 import { StaticFeeEstimator } from './fee-estimator.js';
 /** Default fee estimator used when none is supplied. ~5 sat/vB static rate. */
 const DEFAULT_FEE_ESTIMATOR = new StaticFeeEstimator(5);
 /**
  * Conservative vsize estimate for a 1-input P2TR key-path → 1 P2TR change + 1 OP_RETURN(32) tx.
- * Taproot key-path witness is a fixed 64-byte Schnorr signature, so vsize is predictable
- * without having to sign. Used for fee estimation in the aggregation path where MuSig2
- * signatures are produced externally.
+ * Stripped 137 + witness ≈ 68 (marker + flag + stack-count + sig-len + 64 BIP-340 sig).
+ * Weight = 137*4 + 68 = 616, vsize ≈ 154, rounded to 160 for headroom.
  */
-const P2TR_BEACON_TX_VSIZE = 140;
+export const P2TR_BEACON_TX_VSIZE = 160;
+/**
+ * Conservative vsize estimate for a 1-input P2WPKH → 1 P2WPKH change + 1 OP_RETURN(32) tx.
+ * Stripped 125 + witness ≈ 110 (worst-case DER ECDSA sig 72 + sighash byte + 33 pubkey + framing).
+ * vsize = ceil((125*4 + 110) / 4) ≈ 153, rounded to 155.
+ */
+export const P2WPKH_BEACON_TX_VSIZE = 155;
+/**
+ * Conservative vsize estimate for a 1-input P2PKH → 1 P2PKH change + 1 OP_RETURN(32) tx.
+ * Legacy (non-segwit): scriptSig carries the full sig+pubkey (~108 bytes), no witness
+ * discount. Stripped ≈ 4 nVer + 1 vin-count + (32+4+1+108+4) input + 1 vout-count +
+ * 34 P2PKH-change + 43 OP_RETURN + 4 nLockTime ≈ 236 bytes. vsize = 236, rounded to 240.
+ */
+export const P2PKH_BEACON_TX_VSIZE = 240;
+/** Per-kind vsize lookup for singleton beacon fee estimation. */
+export const SINGLETON_BEACON_TX_VSIZE = {
+    p2pkh: P2PKH_BEACON_TX_VSIZE,
+    p2wpkh: P2WPKH_BEACON_TX_VSIZE,
+    p2tr: P2TR_BEACON_TX_VSIZE,
+};
+/**
+ * Detect the singleton script kind of a Bitcoin address (P2PKH / P2WPKH / P2TR).
+ * The deterministic-DID document emits all three kinds; the broadcast path needs
+ * to know which is in use to construct the input and dispatch the signing primitive.
+ */
+export function detectSingletonScriptKind(bitcoinAddress, network) {
+    const decoded = Address(network).decode(bitcoinAddress);
+    if (decoded.type === 'pkh')
+        return 'p2pkh';
+    if (decoded.type === 'wpkh')
+        return 'p2wpkh';
+    if (decoded.type === 'tr')
+        return 'p2tr';
+    throw new BeaconError(`Unsupported singleton beacon address type "${decoded.type}". `
+        + 'Expected P2PKH, P2WPKH, or P2TR (taproot key-path).', 'UNSUPPORTED_BEACON_ADDRESS_TYPE', { address: bitcoinAddress, kind: decoded.type });
+}
+/**
+ * Derive the address that `pubkey` produces under the given script kind. Used to
+ * fail-fast when a caller wires a signer to a beacon address that the signer's
+ * pubkey cannot actually spend.
+ */
+export function deriveSingletonAddress(kind, pubkey, network) {
+    if (kind === 'p2pkh')
+        return p2pkh(pubkey, network).address;
+    if (kind === 'p2wpkh')
+        return p2wpkh(pubkey, network).address;
+    // P2TR key-path: x-only internal key (drop the SEC prefix byte).
+    return p2tr(pubkey.slice(1, 33), undefined, network).address;
+}
 /**
  * Build an OP_RETURN script carrying a 32-byte beacon signal.
  * Exported as a utility so callers building txs outside Beacon (e.g., the aggregation
  * `onProvideTxData` callback) can produce identical output.
+ *
+ * Uses the opcode *string* `'RETURN'` rather than the numeric `OP.RETURN`
+ * constant because scure's `Script.encode` interprets a number as a byte to
+ * push, not as the opcode. The string form emits the bare opcode (0x6a)
+ * followed by an `OP_PUSHBYTES_32` push, producing the standard NULL_DATA
+ * shape Bitcoin Core's `IsStandard` accepts. The numeric form silently
+ * produces `OP_PUSHBYTES_1 0x6a OP_PUSHBYTES_32 <32 bytes>`, which is
+ * non-standard and rejected at broadcast with `RPC error -26: scriptpubkey`.
  */
 export function opReturnScript(signalBytes) {
-    return Script.encode([OP.RETURN, signalBytes]);
+    return Script.encode(['RETURN', signalBytes]);
 }
 /**
  * Fetch the most recent confirmed UTXO at `bitcoinAddress` + the raw bytes of its
@@ -27,11 +81,11 @@ export function opReturnScript(signalBytes) {
 async function fetchSpendableUtxo(bitcoinAddress, bitcoin) {
     const utxos = await bitcoin.rest.address.getUtxos(bitcoinAddress);
     if (!utxos.length) {
-        throw new BeaconError('No UTXOs found, please fund address!', 'UNFUNDED_BEACON_ADDRESS', { bitcoinAddress });
+        throw new BeaconError('No UTXOs found, please fund address!', 'UNFUNDED_BEACON_ADDRESS', { address: bitcoinAddress });
     }
     const utxo = utxos.sort((a, b) => b.status.block_height - a.status.block_height).shift();
     if (!utxo) {
-        throw new BeaconError('Beacon bitcoin address unfunded or utxos unconfirmed.', 'UNFUNDED_BEACON_ADDRESS', { bitcoinAddress });
+        throw new BeaconError('Beacon bitcoin address unfunded or utxos unconfirmed.', 'UNFUNDED_BEACON_ADDRESS', { address: bitcoinAddress });
     }
     const prevTxHex = await bitcoin.rest.transaction.getHex(utxo.txid);
     return { utxo, prevTxBytes: hexToBytes(prevTxHex) };
@@ -56,9 +110,12 @@ export async function buildAggregationBeaconTx(opts) {
     // Fee cannot be probe-measured (no secret key for MuSig2 round). Use fixed P2TR vsize.
     const feeSats = await feeEstimator.estimateFee(P2TR_BEACON_TX_VSIZE);
     if (BigInt(utxo.value) <= feeSats) {
-        throw new BeaconError(`UTXO value (${utxo.value}) insufficient to cover fee (${feeSats}).`, 'INSUFFICIENT_FUNDS', { bitcoinAddress: opts.beaconAddress, utxoValue: utxo.value, fee: feeSats.toString() });
+        throw new BeaconError(`UTXO value (${utxo.value}) insufficient to cover fee (${feeSats}).`, 'INSUFFICIENT_FUNDS', { address: opts.beaconAddress, valueSats: utxo.value, feeSats });
     }
-    const tx = new Transaction();
+    // allowUnknownOutputs: scure does not classify OP_RETURN as a "known" output
+    // type because it is unspendable by design. The opt-in flag tells scure we
+    // know the output is intentional (the beacon signal embedded in OP_RETURN).
+    const tx = new Transaction({ allowUnknownOutputs: true });
     tx.addInput({
         txid: utxo.txid,
         index: utxo.vout,
@@ -75,8 +132,72 @@ export async function buildAggregationBeaconTx(opts) {
         beaconAddress: opts.beaconAddress,
         utxo,
         feeSats,
+        scriptKind: 'p2tr',
     };
 }
+/**
+ * Sign the single input of a singleton beacon transaction. Dispatches to the
+ * correct sighash + signature-application path based on `kind`, finalizes the
+ * tx, and returns the signed raw hex.
+ *
+ * - **P2PKH**: legacy ECDSA sighash; scure assembles the scriptSig from `partialSig`.
+ * - **P2WPKH**: BIP-143 segwit-v0 sighash (P2PKH-shaped scriptCode); scure assembles
+ *   the witness from `partialSig`.
+ * - **P2TR**: BIP-341 taproot key-path sighash (SIGHASH_DEFAULT); 64-byte BIP-340
+ *   Schnorr signature applied via `tapKeySig`.
+ */
+async function signSingletonInput(tx, inputIdx, kind, signer, prevOutScript, amount) {
+    const pubkey = signer.publicKey;
+    if (kind === 'p2pkh') {
+        // Legacy sighash: scriptCode is the prev-output P2PKH script itself.
+        // scure-btc-signer marks `preimageLegacy` as TypeScript-private but does not
+        // expose a public alternative; its own `signIdx` consumes the secret key
+        // directly. We need only the sighash bytes so an external Signer can produce
+        // the signature, so we reach through the type system here. If scure ever
+        // renames this method, the P2PKH path tests fail loudly.
+        // TODO: track https://github.com/paulmillr/scure-btc-signer/issues/142 —
+        // drop the cast once a public preimage (e.g. `preimageP2PKH`) lands upstream.
+        const sighashType = SigHash.ALL;
+        const sighash = tx.preimageLegacy(inputIdx, prevOutScript, sighashType);
+        const sig = signer.sign(sighash, 'ecdsa');
+        const sigWithType = concatBytes(sig, new Uint8Array([sighashType]));
+        tx.updateInput(inputIdx, { partialSig: [[pubkey, sigWithType]] }, true);
+        tx.finalize();
+        return tx.hex;
+    }
+    if (kind === 'p2wpkh') {
+        // BIP-143: scriptCode for a P2WPKH input is the equivalent legacy P2PKH script
+        // (`OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG`). The P2PKH-shaped
+        // script appearing here in P2WPKH signing is intentional, not a bug.
+        //
+        // Derive the hash from `prevOutScript` (the bytes actually committed on-chain),
+        // not by re-hashing `signer.publicKey`. BIP-143 commits to the prev output, so
+        // the sighash must follow those bytes exactly. Rebuilding from the signer's
+        // pubkey assumes (rather than verifies) the two are in sync.
+        const decoded = OutScript.decode(prevOutScript);
+        if (decoded.type !== 'wpkh') {
+            throw new BeaconError(`Expected P2WPKH prev-output script, got "${decoded.type}".`, 'PREVOUT_SCRIPT_MISMATCH', { kind, observedScriptType: decoded.type });
+        }
+        const sighashScript = OutScript.encode({ type: 'pkh', hash: decoded.hash });
+        const sighashType = SigHash.ALL;
+        const sighash = tx.preimageWitnessV0(inputIdx, sighashScript, sighashType, amount);
+        const sig = signer.sign(sighash, 'ecdsa');
+        const sigWithType = concatBytes(sig, new Uint8Array([sighashType]));
+        tx.updateInput(inputIdx, { partialSig: [[pubkey, sigWithType]] }, true);
+        tx.finalize();
+        return tx.hex;
+    }
+    // P2TR key-path. BIP-341 requires signing with the taproot-tweaked secret
+    // `d' = taprootTweakPrivKey(d, merkleRoot)`; the verifier checks against the
+    // tweaked output internal key `Q = P + tG`. The tweak lives inside the Signer
+    // (it needs the secret key), so we use scheme 'bip341' rather than the raw
+    // 'bip340' scheme. No script tree on singleton beacons → no merkleRoot.
+    const sighash = tx.preimageWitnessV1(inputIdx, [prevOutScript], SigHash.DEFAULT, [amount]);
+    const sig = signer.sign(sighash, 'bip341');
+    tx.updateInput(inputIdx, { tapKeySig: sig });
+    tx.finalize();
+    return tx.hex;
+}
 /**
  * Abstract base class for all BTCR2 Beacon types.
  * A Beacon is a service listed in a BTCR2 DID document that informs resolvers
@@ -101,7 +222,9 @@ export class Beacon {
         this.service = service;
     }
     /**
-     * Build + sign + broadcast a single-party beacon signal transaction (P2WPKH spend).
+     * Build + sign + broadcast a singleton beacon signal transaction. The beacon
+     * address's script kind (P2PKH / P2WPKH / P2TR) is detected automatically
+     * and the input is constructed and signed accordingly.
      *
      * Composed from the three extracted phases ({@link buildSinglePartyTx},
      * {@link signSinglePartyTx}, {@link broadcastRawTx}) so each piece can be exercised
@@ -110,72 +233,99 @@ export class Beacon {
      * plumbing (UTXO fetch + OP_RETURN output + change output) is shared.
      *
      * @param signalBytes 32-byte payload to embed in OP_RETURN.
-     * @param secretKey Secret key used to sign the spending input.
+     * @param signer Signer used to sign the spending input.
      * @param bitcoin Bitcoin network connection.
      * @param options Broadcast options (fee estimator, etc.).
      * @returns The txid of the broadcast transaction.
      * @throws {BeaconError} if the address is unfunded, no UTXO is available, or fee exceeds value.
      */
-    async buildSignAndBroadcast(signalBytes, secretKey, bitcoin, options) {
+    async buildSignAndBroadcast(signalBytes, signer, bitcoin, options) {
         const feeEstimator = options?.feeEstimator ?? DEFAULT_FEE_ESTIMATOR;
         const beaconAddress = this.service.serviceEndpoint.replace('bitcoin:', '');
         const { utxo, prevTxBytes } = await fetchSpendableUtxo(beaconAddress, bitcoin);
         const plan = await this.buildSinglePartyTx({
-            signalBytes, beaconAddress, utxo, prevTxBytes, secretKey, bitcoin, feeEstimator,
+            signalBytes, beaconAddress, utxo, prevTxBytes, signer, bitcoin, feeEstimator,
         });
-        const signedHex = this.signSinglePartyTx(plan.tx, secretKey);
+        const signedHex = await this.signSinglePartyTx(plan, signer);
         return this.broadcastRawTx(bitcoin, signedHex);
     }
     /**
-     * Build an unsigned P2WPKH single-party beacon tx + probe-sign to determine vsize,
-     * then rebuild with the real fee. Returns the tx and prev-output metadata.
+     * Build an unsigned singleton beacon tx ready for {@link signSinglePartyTx}.
      *
-     * The secret key is required here (not just in `signSinglePartyTx`) because the
-     * two-pass fee estimation requires an actual signature to measure vsize accurately.
+     * Detects the beacon address script kind (P2PKH / P2WPKH / P2TR) and configures
+     * the input accordingly. Validates that the signer's pubkey produces the beacon
+     * address under that script kind — without this check, a misconfigured caller
+     * would burn a real UTXO on a tx that fails at broadcast. Fees are computed from
+     * the per-kind {@link SINGLETON_BEACON_TX_VSIZE} constant, avoiding any probe-sign
+     * round-trip.
      */
     async buildSinglePartyTx(opts) {
-        const pubkey = this.#derivePubkey(opts.secretKey);
-        const witnessOut = p2wpkh(pubkey, opts.bitcoin.data);
-        const witnessScript = witnessOut.script;
-        const build = (feeSats) => {
-            const tx = new Transaction();
+        const network = opts.bitcoin.data;
+        const pubkey = opts.signer.publicKey;
+        const kind = detectSingletonScriptKind(opts.beaconAddress, network);
+        const derivedAddress = deriveSingletonAddress(kind, pubkey, network);
+        if (derivedAddress !== opts.beaconAddress) {
+            throw new BeaconError(`Signer pubkey produces ${kind.toUpperCase()} address "${derivedAddress}", but beacon address is "${opts.beaconAddress}".`, 'SIGNER_KEY_MISMATCH', { kind, address: opts.beaconAddress, derivedAddress });
+        }
+        const feeSats = await opts.feeEstimator.estimateFee(SINGLETON_BEACON_TX_VSIZE[kind]);
+        const amount = BigInt(opts.utxo.value);
+        if (amount <= feeSats) {
+            throw new BeaconError(`UTXO value (${opts.utxo.value}) insufficient to cover fee (${feeSats}).`, 'INSUFFICIENT_FUNDS', { address: opts.beaconAddress, valueSats: opts.utxo.value, feeSats });
+        }
+        // allowUnknownOutputs: scure does not classify OP_RETURN as a "known" output
+        // type because it is unspendable by design. The opt-in flag tells scure we
+        // know the output is intentional (the beacon signal embedded in OP_RETURN).
+        const tx = new Transaction({ allowUnknownOutputs: true });
+        // Per-kind input setup: P2PKH consumes via nonWitnessUtxo only (legacy);
+        // P2WPKH and P2TR also carry a witnessUtxo (and P2TR carries tapInternalKey).
+        let prevOutScript;
+        if (kind === 'p2pkh') {
+            prevOutScript = p2pkh(pubkey, network).script;
             tx.addInput({
                 txid: opts.utxo.txid,
                 index: opts.utxo.vout,
                 nonWitnessUtxo: opts.prevTxBytes,
-                witnessUtxo: { amount: BigInt(opts.utxo.value), script: witnessScript },
             });
-            tx.addOutputAddress(opts.beaconAddress, BigInt(opts.utxo.value) - feeSats, opts.bitcoin.data);
-            tx.addOutput({ script: opReturnScript(opts.signalBytes), amount: 0n });
-            return tx;
-        };
-        // First pass: sign with zero fee to measure vsize.
-        const probe = build(0n);
-        probe.signIdx(opts.secretKey, 0);
-        probe.finalize();
-        const vsize = probe.vsize;
-        const feeSats = await opts.feeEstimator.estimateFee(vsize);
-        if (BigInt(opts.utxo.value) <= feeSats) {
-            throw new BeaconError(`UTXO value (${opts.utxo.value}) insufficient to cover fee (${feeSats}).`, 'INSUFFICIENT_FUNDS', { bitcoinAddress: opts.beaconAddress, utxoValue: opts.utxo.value, fee: feeSats.toString() });
         }
-        // Second pass: real fee.
-        const tx = build(feeSats);
+        else if (kind === 'p2wpkh') {
+            prevOutScript = p2wpkh(pubkey, network).script;
+            tx.addInput({
+                txid: opts.utxo.txid,
+                index: opts.utxo.vout,
+                nonWitnessUtxo: opts.prevTxBytes,
+                witnessUtxo: { amount, script: prevOutScript },
+            });
+        }
+        else {
+            // p2tr key-path
+            const internalKey = pubkey.slice(1, 33);
+            prevOutScript = p2tr(internalKey, undefined, network).script;
+            tx.addInput({
+                txid: opts.utxo.txid,
+                index: opts.utxo.vout,
+                nonWitnessUtxo: opts.prevTxBytes,
+                witnessUtxo: { amount, script: prevOutScript },
+                tapInternalKey: internalKey,
+            });
+        }
+        tx.addOutputAddress(opts.beaconAddress, amount - feeSats, network);
+        tx.addOutput({ script: opReturnScript(opts.signalBytes), amount: 0n });
         return {
             tx,
-            prevOutScripts: [witnessScript],
-            prevOutValues: [BigInt(opts.utxo.value)],
+            prevOutScripts: [prevOutScript],
+            prevOutValues: [amount],
             beaconAddress: opts.beaconAddress,
             utxo: opts.utxo,
             feeSats,
+            scriptKind: kind,
         };
     }
     /**
      * Sign + finalize the unsigned single-party tx and return its raw hex.
+     * Dispatches to the correct signing primitive based on `plan.scriptKind`.
      */
-    signSinglePartyTx(tx, secretKey) {
-        tx.signIdx(secretKey, 0);
-        tx.finalize();
-        return tx.hex;
+    async signSinglePartyTx(plan, signer) {
+        return signSingletonInput(plan.tx, 0, plan.scriptKind, signer, plan.prevOutScripts[0], plan.prevOutValues[0]);
     }
     /**
      * Broadcast raw transaction hex via the Bitcoin REST endpoint. Returns the txid.
@@ -183,9 +333,5 @@ export class Beacon {
     async broadcastRawTx(bitcoin, rawHex) {
         return bitcoin.rest.transaction.send(rawHex);
     }
-    /** Derive the compressed secp256k1 public key from a raw secret key. */
-    #derivePubkey(secretKey) {
-        return getPublicKey(secretKey, true);
-    }
 }
 //# sourceMappingURL=beacon.js.map

package/dist/esm/core/beacon/beacon.js.map

@@ -1 +1 @@
-{"version":3,"file":"beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/beacon.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAG1E,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAIxD,+EAA+E;AAC/E,MAAM,qBAAqB,GAAiB,IAAI,kBAAkB,CAAC,CAAC,CAAC,CAAC;AAEtE;;;;;GAKG;AACH,MAAM,oBAAoB,GAAG,GAAG,CAAC;AA6BjC;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,WAAuB;IACpD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,kBAAkB,CAC/B,cAAsB,EACtB,OAA0B;IAE1B,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAClE,IAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CACnB,sCAAsC,EACtC,yBAAyB,EAAE,EAAE,cAAc,EAAE,CAC9C,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACzF,IAAG,CAAC,IAAI,EAAE,CAAC;QACT,MAAM,IAAI,WAAW,CACnB,uDAAuD,EACvD,yBAAyB,EAAE,EAAE,cAAc,EAAE,CAC9C,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAa9C;IACC,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,qBAAqB,CAAC;IAChE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAEzF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAClE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;IAEpC,uFAAuF;IACvF,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;IACrE,IAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;QACjC,MAAM,IAAI,WAAW,CACnB,eAAe,IAAI,CAAC,KAAK,gCAAgC,OAAO,IAAI,EACpE,oBAAoB,EACpB,EAAE,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CACvF,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,WAAW,EAAE,CAAC;IAC7B,EAAE,CAAC,QAAQ,CAAC;QACV,IAAI,EAAa,IAAI,CAAC,IAAI;QAC1B,KAAK,EAAY,IAAI,CAAC,IAAI;QAC1B,cAAc,EAAG,WAAW;QAC5B,WAAW,EAAM,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE;QACtE,cAAc,EAAG,IAAI,CAAC,cAAc;KACrC,CAAC,CAAC;IACH,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IACpF,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAEvE,OAAO;QACL,EAAE;QACF,cAAc,EAAG,CAAC,aAAa,CAAC;QAChC,aAAa,EAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,aAAa,EAAI,IAAI,CAAC,aAAa;QACnC,IAAI;QACJ,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,OAAgB,MAAM;IAC1B;;OAEG;IACM,OAAO,CAAgB;IAEhC,YAAY,OAAsB;QAChC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAkCD;;;;;;;;;;;;;;;OAeG;IACO,KAAK,CAAC,qBAAqB,CACnC,WAAuB,EACvB,SAAmB,EACnB,OAA0B,EAC1B,OAA0B;QAE1B,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,qBAAqB,CAAC;QACpE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC3E,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,kBAAkB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAC/E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC;YACzC,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY;SAChF,CAAC,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;OAMG;IACO,KAAK,CAAC,kBAAkB,CAAC,IAQlC;QACC,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC;QAExC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAe,EAAE;YAC7C,MAAM,EAAE,GAAG,IAAI,WAAW,EAAE,CAAC;YAC7B,EAAE,CAAC,QAAQ,CAAC;gBACV,IAAI,EAAa,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,KAAK,EAAY,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,cAAc,EAAG,IAAI,CAAC,WAAW;gBACjC,WAAW,EAAM,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE;aAC5E,CAAC,CAAC;YACH,EAAE,CAAC,gBAAgB,CACjB,IAAI,CAAC,aAAa,EAClB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,OAAO,EACjC,IAAI,CAAC,OAAO,CAAC,IAAI,CAClB,CAAC;YACF,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;YACvE,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC;QAEF,mDAAmD;QACnD,MAAM,KAAK,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC;QACxB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QACjC,KAAK,CAAC,QAAQ,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;QAE1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3D,IAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,WAAW,CACnB,eAAe,IAAI,CAAC,IAAI,CAAC,KAAK,gCAAgC,OAAO,IAAI,EACzE,oBAAoB,EACpB,EAAE,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAC5F,CAAC;QACJ,CAAC;QAED,yBAAyB;QACzB,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO;YACL,EAAE;YACF,cAAc,EAAG,CAAC,aAAa,CAAC;YAChC,aAAa,EAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1C,aAAa,EAAI,IAAI,CAAC,aAAa;YACnC,IAAI,EAAa,IAAI,CAAC,IAAI;YAC1B,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACO,iBAAiB,CAAC,EAAe,EAAE,SAAmB;QAC9D,EAAE,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QACzB,EAAE,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,EAAE,CAAC,GAAG,CAAC;IAChB,CAAC;IAED;;OAEG;IACO,KAAK,CAAC,cAAc,CAAC,OAA0B,EAAE,MAAc;QACvE,OAAO,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED,wEAAwE;IACxE,aAAa,CAAC,SAAmB;QAC/B,OAAO,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC;CACF"}
+{"version":3,"file":"beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/beacon.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACjE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAG1G,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAIxD,+EAA+E;AAC/E,MAAM,qBAAqB,GAAiB,IAAI,kBAAkB,CAAC,CAAC,CAAC,CAAC;AAUtE;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAG,CAAC;AAExC;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,CAAC;AAE1C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,GAAG,CAAC;AAEzC,iEAAiE;AACjE,MAAM,CAAC,MAAM,yBAAyB,GAAkD;IACtF,KAAK,EAAI,qBAAqB;IAC9B,MAAM,EAAG,sBAAsB;IAC/B,IAAI,EAAK,oBAAoB;CAC9B,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,yBAAyB,CACvC,cAAsB,EACtB,OAAmB;IAEnB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACxD,IAAG,OAAO,CAAC,IAAI,KAAK,KAAK;QAAE,OAAO,OAAO,CAAC;IAC1C,IAAG,OAAO,CAAC,IAAI,KAAK,MAAM;QAAE,OAAO,QAAQ,CAAC;IAC5C,IAAG,OAAO,CAAC,IAAI,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IACxC,MAAM,IAAI,WAAW,CACnB,8CAA8C,OAAO,CAAC,IAAI,KAAK;UAC7D,qDAAqD,EACvD,iCAAiC,EACjC,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAChD,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,sBAAsB,CACpC,IAAyB,EACzB,MAAgB,EAChB,OAAmB;IAEnB,IAAG,IAAI,KAAK,OAAO;QAAG,OAAO,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,OAAQ,CAAC;IAC7D,IAAG,IAAI,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,OAAQ,CAAC;IAC9D,iEAAiE;IACjE,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,OAAQ,CAAC;AAChE,CAAC;AAkCD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,cAAc,CAAC,WAAuB;IACpD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC;AAChD,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,kBAAkB,CAC/B,cAAsB,EACtB,OAA0B;IAE1B,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAClE,IAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CACnB,sCAAsC,EACtC,yBAAyB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CACvD,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACzF,IAAG,CAAC,IAAI,EAAE,CAAC;QACT,MAAM,IAAI,WAAW,CACnB,uDAAuD,EACvD,yBAAyB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CACvD,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAa9C;IACC,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,qBAAqB,CAAC;IAChE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAEzF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAClE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;IAEpC,uFAAuF;IACvF,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;IACrE,IAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;QACjC,MAAM,IAAI,WAAW,CACnB,eAAe,IAAI,CAAC,KAAK,gCAAgC,OAAO,IAAI,EACpE,oBAAoB,EACpB,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,CAChE,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,2EAA2E;IAC3E,4EAA4E;IAC5E,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1D,EAAE,CAAC,QAAQ,CAAC;QACV,IAAI,EAAa,IAAI,CAAC,IAAI;QAC1B,KAAK,EAAY,IAAI,CAAC,IAAI;QAC1B,cAAc,EAAG,WAAW;QAC5B,WAAW,EAAM,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE;QACtE,cAAc,EAAG,IAAI,CAAC,cAAc;KACrC,CAAC,CAAC;IACH,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IACpF,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAEvE,OAAO;QACL,EAAE;QACF,cAAc,EAAG,CAAC,aAAa,CAAC;QAChC,aAAa,EAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,aAAa,EAAI,IAAI,CAAC,aAAa;QACnC,IAAI;QACJ,OAAO;QACP,UAAU,EAAO,MAAM;KACxB,CAAC;AACJ,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,UAAU,kBAAkB,CAC/B,EAAe,EACf,QAAgB,EAChB,IAAyB,EACzB,MAAc,EACd,aAAyB,EACzB,MAAc;IAEd,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC;IAEhC,IAAG,IAAI,KAAK,OAAO,EAAE,CAAC;QACpB,qEAAqE;QACrE,6EAA6E;QAC7E,yEAAyE;QACzE,6EAA6E;QAC7E,yEAAyE;QACzE,yDAAyD;QACzD,yEAAyE;QACzE,8EAA8E;QAC9E,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC;QAChC,MAAM,OAAO,GAAI,EAEf,CAAC,cAAc,CAAC,QAAQ,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QACxD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1C,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,IAAI,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;QACpE,EAAE,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACxE,EAAE,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,EAAE,CAAC,GAAG,CAAC;IAChB,CAAC;IAED,IAAG,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrB,+EAA+E;QAC/E,kFAAkF;QAClF,qEAAqE;QACrE,EAAE;QACF,gFAAgF;QAChF,+EAA+E;QAC/E,4EAA4E;QAC5E,6DAA6D;QAC7D,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAChD,IAAG,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,IAAI,WAAW,CACnB,4CAA4C,OAAO,CAAC,IAAI,IAAI,EAC5D,yBAAyB,EACzB,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,CAAC,IAAI,EAAE,CAC3C,CAAC;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5E,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC;QAChC,MAAM,OAAO,GAAG,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QACnF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1C,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,IAAI,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;QACpE,EAAE,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACxE,EAAE,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,EAAE,CAAC,GAAG,CAAC;IAChB,CAAC;IAED,0EAA0E;IAC1E,6EAA6E;IAC7E,8EAA8E;IAC9E,2EAA2E;IAC3E,wEAAwE;IACxE,MAAM,OAAO,GAAG,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3F,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC3C,EAAE,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,EAAE,CAAC,QAAQ,EAAE,CAAC;IACd,OAAO,EAAE,CAAC,GAAG,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,OAAgB,MAAM;IAC1B;;OAEG;IACM,OAAO,CAAgB;IAEhC,YAAY,OAAsB;QAChC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAmCD;;;;;;;;;;;;;;;;;OAiBG;IACO,KAAK,CAAC,qBAAqB,CACnC,WAAuB,EACvB,MAAc,EACd,OAA0B,EAC1B,OAA0B;QAE1B,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,qBAAqB,CAAC;QACpE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC3E,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,kBAAkB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAC/E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC;YACzC,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY;SAC7E,CAAC,CAAC;QACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;;;;OASG;IACO,KAAK,CAAC,kBAAkB,CAAC,IAQlC;QACC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QACrC,MAAM,IAAI,GAAG,yBAAyB,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEpE,MAAM,cAAc,GAAG,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QACrE,IAAG,cAAc,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;YACzC,MAAM,IAAI,WAAW,CACnB,0BAA0B,IAAI,CAAC,WAAW,EAAE,aAAa,cAAc,6BAA6B,IAAI,CAAC,aAAa,IAAI,EAC1H,qBAAqB,EACrB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE,cAAc,EAAE,CACtD,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC;QACrF,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvC,IAAG,MAAM,IAAI,OAAO,EAAE,CAAC;YACrB,MAAM,IAAI,WAAW,CACnB,eAAe,IAAI,CAAC,IAAI,CAAC,KAAK,gCAAgC,OAAO,IAAI,EACzE,oBAAoB,EACpB,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,CACrE,CAAC;QACJ,CAAC;QAED,6EAA6E;QAC7E,2EAA2E;QAC3E,4EAA4E;QAC5E,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC;QAE1D,yEAAyE;QACzE,8EAA8E;QAC9E,IAAI,aAAyB,CAAC;QAC9B,IAAG,IAAI,KAAK,OAAO,EAAE,CAAC;YACpB,aAAa,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC;YAC9C,EAAE,CAAC,QAAQ,CAAC;gBACV,IAAI,EAAa,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,KAAK,EAAY,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,cAAc,EAAG,IAAI,CAAC,WAAW;aAClC,CAAC,CAAC;QACL,CAAC;aAAM,IAAG,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC5B,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC;YAC/C,EAAE,CAAC,QAAQ,CAAC;gBACV,IAAI,EAAa,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,KAAK,EAAY,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,cAAc,EAAG,IAAI,CAAC,WAAW;gBACjC,WAAW,EAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE;aACnD,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,gBAAgB;YAChB,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxC,aAAa,GAAG,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC;YAC7D,EAAE,CAAC,QAAQ,CAAC;gBACV,IAAI,EAAa,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,KAAK,EAAY,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/B,cAAc,EAAG,IAAI,CAAC,WAAW;gBACjC,WAAW,EAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE;gBAClD,cAAc,EAAG,WAAW;aAC7B,CAAC,CAAC;QACL,CAAC;QAED,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,EAAE,OAAO,CAAC,CAAC;QACnE,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvE,OAAO;YACL,EAAE;YACF,cAAc,EAAG,CAAC,aAAa,CAAC;YAChC,aAAa,EAAI,CAAC,MAAM,CAAC;YACzB,aAAa,EAAI,IAAI,CAAC,aAAa;YACnC,IAAI,EAAa,IAAI,CAAC,IAAI;YAC1B,OAAO;YACP,UAAU,EAAO,IAAI;SACtB,CAAC;IACJ,CAAC;IAED;;;OAGG;IACO,KAAK,CAAC,iBAAiB,CAAC,IAAkB,EAAE,MAAc;QAClE,OAAO,kBAAkB,CACvB,IAAI,CAAC,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,MAAM,EACnC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAE,CAChD,CAAC;IACJ,CAAC;IAED;;OAEG;IACO,KAAK,CAAC,cAAc,CAAC,OAA0B,EAAE,MAAc;QACvE,OAAO,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/C,CAAC;CACF"}

package/dist/esm/core/beacon/cas-beacon.js

@@ -85,14 +85,14 @@ export class CASBeacon extends Beacon {
      * and broadcast are delegated to {@link Beacon.buildSignAndBroadcast}.
      *
      * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-     * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+     * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
      * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
      * @param {CASBroadcastOptions} [options] Optional broadcast configuration, including a
      *   `casPublish` callback to publish the announcement off-chain and a `feeEstimator`.
      * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
      * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
      */
-    async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
+    async broadcastSignal(signedUpdate, signer, bitcoin, options) {
         // Extract the DID from the beacon service id (strip the #fragment)
         const did = this.service.id.split('#')[0];
         // Hash the signed update (base64urlnopad for the CAS Announcement entry per spec)
@@ -102,7 +102,7 @@ export class CASBeacon extends Beacon {
         // Canonicalize and hash the CAS Announcement for the OP_RETURN output
         const announcementHash = hash(canonicalize(casAnnouncement));
         // Delegate UTXO selection, PSBT construction, fee estimation, signing, and broadcast
-        await this.buildSignAndBroadcast(announcementHash, secretKey, bitcoin, options);
+        await this.buildSignAndBroadcast(announcementHash, signer, bitcoin, options);
         // Publish CAS Announcement to content-addressed store if callback provided
         if (options?.casPublish) {
             await options.casPublish(casAnnouncement);

package/dist/esm/core/beacon/cas-beacon.js.map

@@ -1 +1 @@
-{"version":3,"file":"cas-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/cas-beacon.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAKtF,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAYrC;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,SAAU,SAAQ,MAAM;IACnC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,iEAAiE;YACjE,MAAM,gBAAgB,GAAG,MAAM,CAAC,WAAW,CAAC;YAE5C,iDAAiD;YACjD,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAE7D,IAAG,CAAC,eAAe,EAAE,CAAC;gBACpB,+CAA+C;gBAC/C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAgB,qBAAqB;oBACzC,gBAAgB;oBAChB,eAAe,EAAK,IAAI,CAAC,OAAO,CAAC,EAAE;iBACpC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,yDAAyD;YACzD,kFAAkF;YAClF,MAAM,iBAAiB,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;YAE/C,sFAAsF;YACtF,IAAG,CAAC,iBAAiB,EAAE,CAAC;gBACtB,SAAS;YACX,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,EAAE,KAAK,CAAC,CAAC;YAE9E,iDAAiD;YACjD,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAEvD,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,4CAA4C;gBAC5C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU;oBACV,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,SAAmB,EACnB,OAA0B,EAC1B,OAA6B;QAE7B,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,kFAAkF;QAClF,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;QAE/C,kEAAkE;QAClE,MAAM,eAAe,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,CAAC;QAE9C,sEAAsE;QACtE,MAAM,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAC;QAE7D,qFAAqF;QACrF,MAAM,IAAI,CAAC,qBAAqB,CAAC,gBAAgB,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAEhF,2EAA2E;QAC3E,IAAG,OAAO,EAAE,UAAU,EAAE,CAAC;YACvB,MAAM,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}
+{"version":3,"file":"cas-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/cas-beacon.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAMtF,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAYrC;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,SAAU,SAAQ,MAAM;IACnC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,iEAAiE;YACjE,MAAM,gBAAgB,GAAG,MAAM,CAAC,WAAW,CAAC;YAE5C,iDAAiD;YACjD,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAE7D,IAAG,CAAC,eAAe,EAAE,CAAC;gBACpB,+CAA+C;gBAC/C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAgB,qBAAqB;oBACzC,gBAAgB;oBAChB,eAAe,EAAK,IAAI,CAAC,OAAO,CAAC,EAAE;iBACpC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,yDAAyD;YACzD,kFAAkF;YAClF,MAAM,iBAAiB,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;YAE/C,sFAAsF;YACtF,IAAG,CAAC,iBAAiB,EAAE,CAAC;gBACtB,SAAS;YACX,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,EAAE,KAAK,CAAC,CAAC;YAE9E,iDAAiD;YACjD,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAEvD,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,4CAA4C;gBAC5C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU;oBACV,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,MAAc,EACd,OAA0B,EAC1B,OAA6B;QAE7B,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,kFAAkF;QAClF,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;QAE/C,kEAAkE;QAClE,MAAM,eAAe,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,CAAC;QAE9C,sEAAsE;QACtE,MAAM,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAC;QAE7D,qFAAqF;QACrF,MAAM,IAAI,CAAC,qBAAqB,CAAC,gBAAgB,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE7E,2EAA2E;QAC3E,IAAG,OAAO,EAAE,UAAU,EAAE,CAAC;YACvB,MAAM,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}

package/dist/esm/core/beacon/singleton-beacon.js

@@ -49,15 +49,15 @@ export class SingletonBeacon extends Beacon {
      * {@link Beacon.buildSignAndBroadcast}.
      *
      * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-     * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+     * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
      * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
      * @param {BroadcastOptions} [options] Optional broadcast configuration (e.g. fee estimator).
      * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
      * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
      */
-    async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
+    async broadcastSignal(signedUpdate, signer, bitcoin, options) {
         const signalBytes = hash(canonicalize(signedUpdate));
-        await this.buildSignAndBroadcast(signalBytes, secretKey, bitcoin, options);
+        await this.buildSignAndBroadcast(signalBytes, signer, bitcoin, options);
         return signedUpdate;
     }
 }

package/dist/esm/core/beacon/singleton-beacon.js.map

@@ -1 +1 @@
-{"version":3,"file":"singleton-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/singleton-beacon.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAKvD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAGrC;;;;;GAKG;AACH,MAAM,OAAO,eAAgB,SAAQ,MAAM;IAEzC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,iEAAiE;YACjE,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC;YAEtC,iDAAiD;YACjD,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAEvD,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,uDAAuD;gBACvD,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU;oBACV,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,SAAmB,EACnB,OAA0B,EAC1B,OAA0B;QAE1B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;QACrD,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3E,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}
+{"version":3,"file":"singleton-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/singleton-beacon.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAMvD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAGrC;;;;;GAKG;AACH,MAAM,OAAO,eAAgB,SAAQ,MAAM;IAEzC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,iEAAiE;YACjE,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC;YAEtC,iDAAiD;YACjD,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAEvD,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,uDAAuD;gBACvD,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU;oBACV,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,MAAc,EACd,OAA0B,EAC1B,OAA0B;QAE1B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;QACrD,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QACxE,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}

package/dist/esm/core/beacon/smt-beacon.js

@@ -1,5 +1,5 @@
 import { canonicalize } from '@did-btcr2/common';
-import { blockHash, BTCR2MerkleTree, didToIndex, hexToHash, verifySerializedProof } from '@did-btcr2/smt';
+import { base64UrlToHash, blockHash, BTCR2MerkleTree, didToIndex, hashToHex, verifySerializedProof } from '@did-btcr2/smt';
 import { randomBytes } from '@noble/hashes/utils';
 import { Beacon } from './beacon.js';
 import { SMTBeaconError } from './error.js';
@@ -53,28 +53,36 @@ export class SMTBeacon extends Beacon {
                 });
                 continue;
             }
-            // Non-inclusion proof — no update for this DID in this epoch, skip
-            if (!smtProof.updateId) {
-                continue;
-            }
-            // Nonce is required for proof verification
+            // Nonce is required for proof verification (inclusion and non-inclusion).
             if (!smtProof.nonce) {
                 throw new SMTBeaconError('SMT proof missing required nonce field.', 'INVALID_SMT_PROOF', { smtProof, did });
             }
-            // Verify Merkle inclusion: leaf = hash(hash(nonce) || updateId)
+            // Verify the SMT proof against the on-chain root. Leaf value per spec:
+            // inclusion = hash(hash(nonce) || updateId); non-inclusion = hash(hash(nonce)).
+            // Hash fields are base64url (no padding) per the SMT Proof spec. A
+            // non-inclusion proof (absent updateId) is verified too, not trusted.
             const index = didToIndex(did);
-            const candidateHash = blockHash(blockHash(hexToHash(smtProof.nonce)), hexToHash(smtProof.updateId));
+            const nonceHash = base64UrlToHash(smtProof.nonce);
+            const candidateHash = smtProof.updateId
+                ? blockHash(blockHash(nonceHash), base64UrlToHash(smtProof.updateId))
+                : blockHash(blockHash(nonceHash));
             const valid = verifySerializedProof(smtProof, index, candidateHash);
             if (!valid) {
                 throw new SMTBeaconError('SMT proof verification failed.', 'INVALID_SMT_PROOF', { smtProof, did });
             }
-            // Look up the signed update in sidecar updateMap (keyed by hex canonical hash)
-            const signedUpdate = sidecar.updateMap.get(smtProof.updateId);
+            // Non-inclusion proof verified — no update for this DID this epoch, skip.
+            if (!smtProof.updateId) {
+                continue;
+            }
+            // Look up the signed update in sidecar updateMap (keyed by hex canonical
+            // hash). The proof's updateId is base64url, so convert to hex to match.
+            const updateHashHex = hashToHex(base64UrlToHash(smtProof.updateId));
+            const signedUpdate = sidecar.updateMap.get(updateHashHex);
             if (!signedUpdate) {
                 // Signed update not available — emit a need
                 needs.push({
                     kind: 'NeedSignedUpdate',
-                    updateHash: smtProof.updateId,
+                    updateHash: updateHashHex,
                     beaconServiceId: this.service.id
                 });
                 continue;
@@ -92,13 +100,13 @@ export class SMTBeacon extends Beacon {
      * signing, and broadcast are delegated to {@link Beacon.buildSignAndBroadcast}.
      *
      * @param {SignedBTCR2Update} signedUpdate The signed BTCR2 update to broadcast.
-     * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+     * @param {Signer} signer Signer that produces the ECDSA signature for the Bitcoin transaction.
      * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
      * @param {BroadcastOptions} [options] Optional broadcast configuration (e.g. fee estimator).
      * @return {Promise<SignedBTCR2Update>} The signed update that was broadcast.
      * @throws {BeaconError} if the bitcoin address is invalid, unfunded, or UTXO cannot cover the fee.
      */
-    async broadcastSignal(signedUpdate, secretKey, bitcoin, options) {
+    async broadcastSignal(signedUpdate, signer, bitcoin, options) {
         // Extract the DID from the beacon service id (strip the #fragment)
         const did = this.service.id.split('#')[0];
         // Build a single-entry SMT from the signed update
@@ -108,7 +116,7 @@ export class SMTBeacon extends Beacon {
         tree.addEntries([{ did, nonce, signedUpdate: canonicalBytes }]);
         tree.finalize();
         // Root hash is the signal bytes for the OP_RETURN output
-        await this.buildSignAndBroadcast(tree.rootHash, secretKey, bitcoin, options);
+        await this.buildSignAndBroadcast(tree.rootHash, signer, bitcoin, options);
         return signedUpdate;
     }
 }

package/dist/esm/core/beacon/smt-beacon.js.map

@@ -1 +1 @@
-{"version":3,"file":"smt-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/smt-beacon.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGjD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,UAAU,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAC1G,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAIlD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,SAAU,SAAQ,MAAM;IACnC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,yFAAyF;YACzF,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAExD,IAAG,CAAC,QAAQ,EAAE,CAAC;gBACb,wCAAwC;gBACxC,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAc,cAAc;oBAChC,WAAW,EAAO,MAAM,CAAC,WAAW;oBACpC,eAAe,EAAG,IAAI,CAAC,OAAO,CAAC,EAAE;iBAClC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,mEAAmE;YACnE,IAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACtB,SAAS;YACX,CAAC;YAED,2CAA2C;YAC3C,IAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACnB,MAAM,IAAI,cAAc,CACtB,yCAAyC,EACzC,mBAAmB,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CACvC,CAAC;YACJ,CAAC;YAED,gEAAgE;YAChE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;YAC9B,MAAM,aAAa,GAAG,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YACpG,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;YAEpE,IAAG,CAAC,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,cAAc,CACtB,gCAAgC,EAChC,mBAAmB,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CACvC,CAAC;YACJ,CAAC;YAED,+EAA+E;YAC/E,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAE9D,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,4CAA4C;gBAC5C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU,EAAS,QAAQ,CAAC,QAAQ;oBACpC,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,SAAmB,EACnB,OAA0B,EAC1B,OAA0B;QAE1B,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,kDAAkD;QAClD,MAAM,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;QAC5E,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,CAAC,QAAQ,EAAE,CAAC;QAEhB,yDAAyD;QACzD,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE7E,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}
+{"version":3,"file":"smt-beacon.js","sourceRoot":"","sources":["../../../../src/core/beacon/smt-beacon.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGjD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,eAAe,EAAE,UAAU,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAC3H,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAIlD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,SAAU,SAAQ,MAAM;IACnC;;;OAGG;IACH,YAAY,OAAsB;QAChC,KAAK,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,cAAc,CACZ,OAA4B,EAC5B,OAAoB;QAEpB,MAAM,OAAO,GAAG,IAAI,KAAK,EAAsC,CAAC;QAChE,MAAM,KAAK,GAAG,IAAI,KAAK,EAAY,CAAC;QAEpC,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,KAAI,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC5B,yFAAyF;YACzF,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAExD,IAAG,CAAC,QAAQ,EAAE,CAAC;gBACb,wCAAwC;gBACxC,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAc,cAAc;oBAChC,WAAW,EAAO,MAAM,CAAC,WAAW;oBACpC,eAAe,EAAG,IAAI,CAAC,OAAO,CAAC,EAAE;iBAClC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,0EAA0E;YAC1E,IAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACnB,MAAM,IAAI,cAAc,CACtB,yCAAyC,EACzC,mBAAmB,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CACvC,CAAC;YACJ,CAAC;YAED,uEAAuE;YACvE,gFAAgF;YAChF,mEAAmE;YACnE,sEAAsE;YACtE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;YAC9B,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,aAAa,GAAG,QAAQ,CAAC,QAAQ;gBACrC,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACrE,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;YAEpE,IAAG,CAAC,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,cAAc,CACtB,gCAAgC,EAChC,mBAAmB,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CACvC,CAAC;YACJ,CAAC;YAED,0EAA0E;YAC1E,IAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACtB,SAAS;YACX,CAAC;YAED,yEAAyE;YACzE,wEAAwE;YACxE,MAAM,aAAa,GAAG,SAAS,CAAC,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YACpE,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAE1D,IAAG,CAAC,YAAY,EAAE,CAAC;gBACjB,4CAA4C;gBAC5C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAe,kBAAkB;oBACrC,UAAU,EAAS,aAAa;oBAChC,eAAe,EAAI,IAAI,CAAC,OAAO,CAAC,EAAE;iBACnC,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,eAAe,CACnB,YAA+B,EAC/B,MAAc,EACd,OAA0B,EAC1B,OAA0B;QAE1B,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1C,kDAAkD;QAClD,MAAM,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;QAC5E,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,CAAC,QAAQ,EAAE,CAAC;QAEhB,yDAAyD;QACzD,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE1E,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}

package/dist/esm/core/resolver.js

@@ -149,11 +149,12 @@ export class Resolver {
             for (const update of sidecar.casUpdates) {
                 casMap.set(canonicalHash(update, { encoding: 'hex' }), update);
             }
-        // SMT Proofs map
+        // SMT Proofs map. proof.id is base64url per the SMT Proof spec; key by the
+        // hex root hash so lookups match the hex signalBytes from the OP_RETURN.
         const smtMap = new Map();
         if (sidecar.smtProofs?.length)
             for (const proof of sidecar.smtProofs) {
-                smtMap.set(proof.id, proof);
+                smtMap.set(encodeHash(decodeHash(proof.id, 'base64urlnopad'), 'hex'), proof);
             }
         return { updateMap, casMap, smtMap };
     }
@@ -479,8 +480,10 @@ export class Resolver {
             case 'NeedSMTProof': {
                 const smtNeed = need;
                 const proof = data;
-                if (proof.id !== smtNeed.smtRootHash) {
-                    throw new ResolveError(`SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proof.id}`, INVALID_DID_UPDATE, { expected: smtNeed.smtRootHash, actual: proof.id });
+                // proof.id is base64url per spec; smtRootHash is the hex on-chain signal.
+                const proofIdHex = encodeHash(decodeHash(proof.id, 'base64urlnopad'), 'hex');
+                if (proofIdHex !== smtNeed.smtRootHash) {
+                    throw new ResolveError(`SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proofIdHex}`, INVALID_DID_UPDATE, { expected: smtNeed.smtRootHash, actual: proofIdHex });
                 }
                 this.#sidecarData.smtMap.set(smtNeed.smtRootHash, proof);
                 break;