@did-btcr2/method 0.32.0 → 0.33.0

package/dist/browser.mjs

@@ -46575,11 +46575,11 @@ function padNumber(inputNumber, fullLength) {
     return "";
   }
   const dif = fullLength - str.length;
-  const padding3 = new Array(dif);
+  const padding2 = new Array(dif);
   for (let i4 = 0; i4 < dif; i4++) {
-    padding3[i4] = "0";
+    padding2[i4] = "0";
   }
-  const paddingString = padding3.join("");
+  const paddingString = padding2.join("");
   return paddingString.concat(str);
 }
 var log22;
@@ -93252,32 +93252,6 @@ function join(separator = "") {
   };
 }
 // @__NO_SIDE_EFFECTS__
-function padding(bits, chr = "=") {
-  anumber2(bits);
-  astr("padding", chr);
-  return {
-    encode(data) {
-      astrArr("padding.encode", data);
-      while (data.length * bits % 8)
-        data.push(chr);
-      return data;
-    },
-    decode(input) {
-      astrArr("padding.decode", input);
-      let end = input.length;
-      if (end * bits % 8)
-        throw new Error("padding: invalid, string should have whole number of bytes");
-      for (; end > 0 && input[end - 1] === chr; end--) {
-        const last = end - 1;
-        const byte = last * bits;
-        if (byte % 8 === 0)
-          throw new Error("padding: invalid, string has too much padding");
-      }
-      return input.slice(0, end);
-    }
-  };
-}
-// @__NO_SIDE_EFFECTS__
 function normalize(fn) {
   afn(fn);
   return { encode: (from8) => from8, decode: (to) => fn(to) };
@@ -93338,7 +93312,7 @@ var powers = /* @__PURE__ */ (() => {
     res.push(2 ** i4);
   return res;
 })();
-function convertRadix2(data, from8, to, padding3) {
+function convertRadix2(data, from8, to, padding2) {
   aArr(data);
   if (from8 <= 0 || from8 > 32)
     throw new Error(`convertRadix2: wrong from=${from8}`);
@@ -93368,11 +93342,11 @@ function convertRadix2(data, from8, to, padding3) {
     carry &= pow3 - 1;
   }
   carry = carry << to - pos & mask;
-  if (!padding3 && pos >= from8)
+  if (!padding2 && pos >= from8)
     throw new Error("Excess padding");
-  if (!padding3 && carry > 0)
+  if (!padding2 && carry > 0)
     throw new Error(`Non-zero padding: ${carry}`);
-  if (padding3 && pos > 0)
+  if (padding2 && pos > 0)
     res.push(carry >>> 0);
   return res;
 }
@@ -93446,24 +93420,6 @@ function checksum(len, fn) {
     }
   };
 }
-var hasBase64Builtin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
-var decodeBase64Builtin = (s2, isUrl) => {
-  astr("base64", s2);
-  const re = isUrl ? /^[A-Za-z0-9=_-]+$/ : /^[A-Za-z0-9=+/]+$/;
-  const alphabet5 = isUrl ? "base64url" : "base64";
-  if (s2.length > 0 && !re.test(s2))
-    throw new Error("invalid base64");
-  return Uint8Array.fromBase64(s2, { alphabet: alphabet5, lastChunkHandling: "strict" });
-};
-var base64 = hasBase64Builtin ? {
-  encode(b) {
-    abytes2(b);
-    return b.toBase64();
-  },
-  decode(s2) {
-    return decodeBase64Builtin(s2, false);
-  }
-} : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join(""));
 var base64urlnopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"), /* @__PURE__ */ join(""));
 var genBase58 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain(/* @__PURE__ */ radix(58), /* @__PURE__ */ alphabet(abc), /* @__PURE__ */ join(""));
 var base58 = /* @__PURE__ */ genBase58("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
@@ -97898,7 +97854,7 @@ function join2(separator = "") {
   };
 }
 // @__NO_SIDE_EFFECTS__
-function padding2(bits, chr = "=") {
+function padding(bits, chr = "=") {
   anumber4(bits);
   astr2("padding", chr);
   return {
@@ -97979,7 +97935,7 @@ var powers2 = /* @__PURE__ */ (() => {
     res.push(2 ** i4);
   return res;
 })();
-function convertRadix22(data, from8, to, padding3) {
+function convertRadix22(data, from8, to, padding2) {
   aArr2(data);
   if (from8 <= 0 || from8 > 32)
     throw new Error(`convertRadix2: wrong from=${from8}`);
@@ -98009,11 +97965,11 @@ function convertRadix22(data, from8, to, padding3) {
     carry &= pow3 - 1;
   }
   carry = carry << to - pos & mask;
-  if (!padding3 && pos >= from8)
+  if (!padding2 && pos >= from8)
     throw new Error("Excess padding");
-  if (!padding3 && carry > 0)
+  if (!padding2 && carry > 0)
     throw new Error(`Non-zero padding: ${carry}`);
-  if (padding3 && pos > 0)
+  if (padding2 && pos > 0)
     res.push(carry >>> 0);
   return res;
 }
@@ -98061,8 +98017,8 @@ function unsafeWrapper2(fn) {
     }
   };
 }
-var hasBase64Builtin2 = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
-var decodeBase64Builtin2 = (s2, isUrl) => {
+var hasBase64Builtin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
+var decodeBase64Builtin = (s2, isUrl) => {
   astr2("base64", s2);
   const re = isUrl ? /^[A-Za-z0-9=_-]+$/ : /^[A-Za-z0-9=+/]+$/;
   const alphabet5 = isUrl ? "base64url" : "base64";
@@ -98070,15 +98026,15 @@ var decodeBase64Builtin2 = (s2, isUrl) => {
     throw new Error("invalid base64");
   return Uint8Array.fromBase64(s2, { alphabet: alphabet5, lastChunkHandling: "strict" });
 };
-var base642 = hasBase64Builtin2 ? {
+var base64 = hasBase64Builtin ? {
   encode(b) {
     abytes4(b);
     return b.toBase64();
   },
   decode(s2) {
-    return decodeBase64Builtin2(s2, false);
+    return decodeBase64Builtin(s2, false);
   }
-} : /* @__PURE__ */ chain2(/* @__PURE__ */ radix22(6), /* @__PURE__ */ alphabet2("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding2(6), /* @__PURE__ */ join2(""));
+} : /* @__PURE__ */ chain2(/* @__PURE__ */ radix22(6), /* @__PURE__ */ alphabet2("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join2(""));
 var genBase582 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain2(/* @__PURE__ */ radix3(58), /* @__PURE__ */ alphabet2(abc), /* @__PURE__ */ join2(""));
 var base582 = /* @__PURE__ */ genBase582("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
 var BECH_ALPHABET2 = /* @__PURE__ */ chain2(/* @__PURE__ */ alphabet2("qpzry9x8gf2tvdw0s3jn54khce6mua7l"), /* @__PURE__ */ join2(""));
@@ -100334,125 +100290,25 @@ function hashToHex(hash3) {
   }
   return s2;
 }
-function hexToHash(hex2) {
-  validateHex(hex2, true);
-  const hash3 = new Uint8Array(HASH_BYTE_LENGTH);
-  for (let i4 = 0; i4 < HASH_BYTE_LENGTH; i4++) {
-    hash3[i4] = Number.parseInt(hex2.substring(i4 * 2, i4 * 2 + 2), 16);
-  }
-  return hash3;
-}
-function bigIntToHex(value2, padded) {
-  const s2 = value2.toString(16);
-  return padded ? s2.padStart(HASH_HEX_LENGTH, "0") : s2;
-}
-function hexToBigInt(hex2, padded) {
-  validateHex(hex2, padded);
-  return BigInt(`0x${hex2}`);
-}
 function hashesEqual(a2, b) {
   if (!isValidHash(a2) || !isValidHash(b))
     return false;
   return equalBytes(a2, b);
 }
-function hashToBase64(hash3) {
+function hashToBase64Url(hash3) {
   validateHash(hash3);
-  return base64.encode(hash3);
+  return base64urlnopad.encode(hash3);
 }
-function base64ToHash(b64) {
-  const hash3 = base64.decode(b64);
+function base64UrlToHash(b64u) {
+  const hash3 = base64urlnopad.decode(b64u);
   if (hash3.length !== HASH_BYTE_LENGTH) {
-    throw new RangeError(`Invalid base64 hash: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${hash3.length}`);
+    throw new RangeError(`Invalid base64url hash: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${hash3.length}`);
   }
   return hash3;
 }
-function bigIntToBase64(value2, padded) {
-  let bytes3 = bigIntToHash(value2);
-  if (!padded) {
-    const firstNonZero = bytes3.findIndex((b) => b !== 0);
-    bytes3 = firstNonZero === -1 ? new Uint8Array(1) : bytes3.slice(firstNonZero);
-  }
-  return base64.encode(bytes3);
-}
-function base64ToBigInt(b64, padded) {
-  const bytes3 = base64.decode(b64);
-  if (padded && bytes3.length !== HASH_BYTE_LENGTH) {
-    throw new RangeError(`Invalid padded base64 bigint: expected ${HASH_BYTE_LENGTH} decoded bytes, got ${bytes3.length}`);
-  }
-  if (bytes3.length > HASH_BYTE_LENGTH) {
-    throw new RangeError(`Value exceeds ${HASH_BYTE_LENGTH} bytes`);
-  }
-  let value2 = 0n;
-  for (const byte of bytes3) {
-    value2 = value2 << 8n | BigInt(byte);
-  }
-  return value2;
-}
-var HEX_RE = /^[0-9A-Fa-f]+$/;
-function validateHex(s2, requireHashLength) {
-  const len = s2.length;
-  const minLen = requireHashLength ? HASH_HEX_LENGTH : 1;
-  if (len < minLen || len > HASH_HEX_LENGTH || !HEX_RE.test(s2)) {
-    throw new RangeError(`Invalid hex string: expected ${requireHashLength ? HASH_HEX_LENGTH : "1-" + HASH_HEX_LENGTH} hex characters, got ${len}`);
-  }
-}
 
 // ../smt/dist/esm/node.js
 init_shim();
-var BaseNode = class {
-  #index;
-  #depth;
-  constructor(index, depth) {
-    this.#index = index;
-    this.#depth = depth;
-  }
-  get index() {
-    return this.#index;
-  }
-  get depth() {
-    return this.#depth;
-  }
-};
-var LeafNode = class extends BaseNode {
-  #hash = null;
-  get hash() {
-    return this.#hash;
-  }
-  set hash(value2) {
-    if (this.#hash !== null) {
-      throw new RangeError("Leaf hash already set");
-    }
-    this.#hash = value2;
-  }
-  reset() {
-    this.#hash = null;
-  }
-};
-var ParentNode = class extends BaseNode {
-  #left;
-  #right;
-  constructor(index, depth, left, right) {
-    super(index, depth);
-    this.#left = left;
-    this.#right = right;
-  }
-  get left() {
-    return this.#left;
-  }
-  set left(node) {
-    this.#left = node;
-  }
-  get right() {
-    return this.#right;
-  }
-  set right(node) {
-    this.#right = node;
-  }
-  reset() {
-    this.#left.reset();
-    this.#right.reset();
-  }
-};
 
 // ../smt/dist/esm/smt-proof.js
 init_shim();
@@ -100462,377 +100318,84 @@ var ValidationState;
   ValidationState2[ValidationState2["Valid"] = 1] = "Valid";
   ValidationState2[ValidationState2["Invalid"] = 2] = "Invalid";
 })(ValidationState || (ValidationState = {}));
-var SMTProof = class _SMTProof {
-  #converge;
-  #hashes;
-  constructor(converge, hashes2) {
-    this.#converge = converge;
-    this.#hashes = hashes2;
-  }
-  /** Converge bitmap: bit `i` set means a sibling hash exists at depth `256 - i - 1`. */
-  get converge() {
-    return this.#converge;
-  }
-  /** Sibling hashes at converge points, ordered leaf-to-root. */
-  get hashes() {
-    return this.#hashes;
-  }
-  /**
-   * Verify this proof for a single leaf.
-   *
-   * @param index         - Leaf index in the 256-bit key space.
-   * @param candidateHash - Expected leaf hash.
-   * @param rootHash      - Expected root hash.
-   * @returns `true` if the proof is valid.
-   */
-  isValid(index, candidateHash, rootHash) {
-    return this.#validate(index, candidateHash, rootHash);
-  }
-  /**
-   * Batch-validate multiple proofs against the same root hash.
-   *
-   * Caches intermediate (partial) proofs so that subsequent candidates
-   * sharing an ancestor path can short-circuit once a cached match is found.
-   *
-   * @yields One {@link SMTProofResult} per candidate.
-   */
-  static *isValidBatch(candidates, rootHash) {
-    const cache4 = /* @__PURE__ */ new Map();
-    for (const candidate of candidates) {
-      const added = [];
-      const { index } = candidate;
-      const valid = candidate.proof.#validate(index | OUTER_BIT, candidate.hash, rootHash, (nodeIndex, partial) => {
-        const cached = cache4.get(nodeIndex);
-        if (cached === void 0) {
-          cache4.set(nodeIndex, partial);
-          added.push(nodeIndex);
-          return ValidationState.Pending;
-        }
-        if (hashesEqual(partial.hash, cached.hash) && partial.converge === cached.converge && partial.hashes.length === cached.hashes.length && partial.hashes.every((h, i4) => hashesEqual(h, cached.hashes[i4]))) {
-          return ValidationState.Valid;
-        }
-        return ValidationState.Invalid;
-      });
-      if (!valid) {
-        for (const key of added)
-          cache4.delete(key);
-      }
-      yield { index, valid, additional: candidate.additional };
-    }
-  }
-  /**
-   * Export to JSON.
-   * @param base64  - Use base64 encoding instead of hex (default: `false`).
-   * @param compact - Omit whitespace (default: `true`).
-   */
-  toJSON(base646 = false, compact = true) {
-    const convergeStr = base646 ? bigIntToBase64(this.#converge, false) : bigIntToHex(this.#converge, false);
-    const hashStrs = this.#hashes.map((h) => base646 ? hashToBase64(h) : hashToHex(h));
-    const obj = { converge: convergeStr, hashes: hashStrs };
-    return JSON.stringify(obj, null, compact ? 0 : 2);
-  }
-  /**
-   * Import from JSON.
-   * @param json   - JSON string.
-   * @param base64 - Parse base64 instead of hex (default: `false`).
-   */
-  static fromJSON(json, base646 = false) {
-    const raw = JSON.parse(json);
-    if (typeof raw?.converge !== "string" || !Array.isArray(raw.hashes)) {
-      throw new RangeError("Invalid SMTProof JSON: expected { converge, hashes }");
-    }
-    const converge = base646 ? base64ToBigInt(raw.converge, false) : hexToBigInt(raw.converge, false);
-    const hashes2 = raw.hashes.map((h) => base646 ? base64ToHash(h) : hexToHash(h));
-    return new _SMTProof(converge, hashes2);
-  }
-  /**
-   * Export to compact binary format.
-   *
-   * Layout: `[convergeZeroCount : 1] [truncatedConverge : 32-zc] [hashCount : 1] [hashes : N*32]`
-   */
-  toBinary() {
-    const convergeBin = bigIntToHash(this.#converge);
-    let zc = 0;
-    while (zc < HASH_BYTE_LENGTH && convergeBin[zc] === 0)
-      zc++;
-    const truncated = convergeBin.slice(zc);
-    const hashCount = this.#hashes.length;
-    const totalBytes = 1 + truncated.length + 1 + hashCount * HASH_BYTE_LENGTH;
-    const out = new Uint8Array(totalBytes);
-    let pos = 0;
-    out[pos++] = zc;
-    out.set(truncated, pos);
-    pos += truncated.length;
-    out[pos++] = hashCount;
-    for (const h of this.#hashes) {
-      out.set(h, pos);
-      pos += HASH_BYTE_LENGTH;
-    }
-    return out;
-  }
-  /**
-   * Import from compact binary format.
-   * Accepts any sync or async byte iterable (e.g. `Uint8Array`, `ReadableStream`).
-   */
-  static async fromBinary(source) {
-    const iter = Symbol.iterator in source ? source[Symbol.iterator]() : source[Symbol.asyncIterator]();
-    async function readBytes(n2) {
-      const buf2 = new Uint8Array(n2);
-      for (let i4 = 0; i4 < n2; i4++) {
-        const r2 = await iter.next();
-        if (r2.done)
-          throw new Error("Unexpected end of binary source");
-        buf2[i4] = r2.value;
-      }
-      return buf2;
-    }
-    const zc = (await readBytes(1))[0];
-    const convergeBin = new Uint8Array(HASH_BYTE_LENGTH);
-    convergeBin.set(await readBytes(HASH_BYTE_LENGTH - zc), zc);
-    const hashCount = (await readBytes(1))[0];
-    const hashes2 = new Array(hashCount);
-    for (let i4 = 0; i4 < hashCount; i4++) {
-      hashes2[i4] = await readBytes(HASH_BYTE_LENGTH);
-    }
-    return new _SMTProof(hashToBigInt(convergeBin), hashes2);
-  }
-  #validate(index, candidateHash, rootHash, onMerge) {
-    let nodeIndex = index;
-    let nodeHash = candidateHash;
-    let remaining = this.#converge;
-    const hashes2 = this.#hashes;
-    let hi = 0;
-    const leftPad = [];
-    const rightPad = [];
-    const finalizePadding = () => {
-      if (leftPad.length > 0 || rightPad.length > 0) {
-        nodeHash = blockHash(new Uint8Array(leftPad), nodeHash, new Uint8Array(rightPad));
-        leftPad.length = 0;
-        rightPad.length = 0;
-      }
-    };
-    let state = ValidationState.Pending;
-    for (let i4 = 0; state === ValidationState.Pending && i4 < HASH_BIT_LENGTH; i4++) {
-      const isLeft = (nodeIndex & 1n) === 0n;
-      nodeIndex >>= 1n;
-      const bit = BITS[i4];
-      if ((remaining & bit) !== 0n) {
-        remaining ^= bit;
-        finalizePadding();
-        if (hi >= hashes2.length) {
-          state = ValidationState.Invalid;
-        } else {
-          const peer = hashes2[hi++];
-          nodeHash = isLeft ? blockHash(nodeHash, peer) : blockHash(peer, nodeHash);
-          if (onMerge !== void 0) {
-            state = onMerge(nodeIndex, {
-              hash: nodeHash,
-              converge: remaining,
-              hashes: hashes2.slice(hi)
-            });
-          }
-        }
-      } else {
-        const depth = HASH_BIT_LENGTH - i4 - 1;
-        if (isLeft) {
-          rightPad.push(depth);
-        } else {
-          leftPad.unshift(depth);
-        }
-      }
-    }
-    finalizePadding();
-    if (state === ValidationState.Pending) {
-      state = hi === hashes2.length && hashesEqual(nodeHash, rootHash) ? ValidationState.Valid : ValidationState.Invalid;
-    }
-    return state === ValidationState.Valid;
-  }
-};
 
 // ../smt/dist/esm/optimized-smt.js
 init_shim();
-var OptimizedSMT = class _OptimizedSMT {
-  /** `2^256` — sentinel bit above the key space. Used by batch validation. */
-  static OUTER_BIT = OUTER_BIT;
-  /** Pre-computed MSB-first bit masks for tree traversal. */
-  static BITS = BITS;
-  #allowNonInclusion;
-  #root = null;
-  #rootHash = null;
-  #proofs = /* @__PURE__ */ new Map();
-  constructor(allowNonInclusion) {
-    this.#allowNonInclusion = allowNonInclusion;
-  }
-  get allowNonInclusion() {
-    return this.#allowNonInclusion;
-  }
-  /** Root hash. Throws if tree has not been finalized. */
-  get rootHash() {
-    if (this.#rootHash === null)
-      throw new RangeError("SMT not finalized");
-    return this.#rootHash;
+
+// ../smt/dist/esm/zero-hash.js
+init_shim();
+var TREE_DEPTH = HASH_BIT_LENGTH;
+function bitAt(index, position) {
+  return Number(index >> BigInt(position) & 1n);
+}
+var CACHED_ZERO = (() => {
+  const arr = new Array(TREE_DEPTH + 1);
+  let z = new Uint8Array(HASH_BYTE_LENGTH);
+  for (let h = 0; h <= TREE_DEPTH; h++) {
+    z = blockHash(z, z);
+    arr[h] = z;
   }
-  // -----------------------------------------------------------------------
-  // Build phase
-  // -----------------------------------------------------------------------
-  /**
-   * Add leaf indexes to the tree.
-   * May be called multiple times before finalization. Duplicate indexes throw.
-   */
-  add(indexes) {
-    this.#checkNotFinalized();
-    for (const index of indexes) {
-      if (index < 0n || index >= _OptimizedSMT.OUTER_BIT) {
-        throw new RangeError("Index out of range");
-      }
-      const leaf = new LeafNode(index, HASH_BIT_LENGTH);
-      if (this.#root === null) {
-        this.#root = leaf;
+  return arr;
+})();
+function subtreeHash(leaves, height) {
+  if (leaves.length === 0)
+    return CACHED_ZERO[height];
+  if (height === 0)
+    return leaves[0].leaf;
+  const bit = TREE_DEPTH - height;
+  const left = [];
+  const right = [];
+  for (const e2 of leaves)
+    (bitAt(e2.index, bit) === 0 ? left : right).push(e2);
+  return blockHash(subtreeHash(left, height - 1), subtreeHash(right, height - 1));
+}
+function zeroHashRoot(leaves) {
+  return subtreeHash(leaves, TREE_DEPTH);
+}
+function generateZeroHashProof(leaves, targetIndex) {
+  let collapsed = 0n;
+  const hashes2 = [];
+  for (let height = 1; height <= TREE_DEPTH; height++) {
+    const bit = TREE_DEPTH - height;
+    const siblingLeaves = [];
+    for (const e2 of leaves) {
+      if (e2.index === targetIndex)
         continue;
-      }
-      let replaceNode = (node2) => {
-        this.#root = node2;
-      };
-      let node = this.#root;
-      let commonIndex = 0n;
-      let commonDepth = 0;
-      let done = false;
-      while (!done) {
-        const bit = BITS[commonDepth];
-        const indexBit = index & bit;
-        const isLeft = indexBit === 0n;
-        if (commonDepth === node.depth) {
-          if (node instanceof ParentNode) {
-            const parent = node;
-            if (isLeft) {
-              node = parent.left;
-              replaceNode = (n2) => {
-                parent.left = n2;
-              };
-            } else {
-              node = parent.right;
-              replaceNode = (n2) => {
-                parent.right = n2;
-              };
-            }
-          } else {
-            throw new RangeError("Duplicate index");
-          }
-        } else if ((node.index & bit) === indexBit) {
-          commonIndex |= indexBit;
-          commonDepth++;
-        } else {
-          replaceNode(new ParentNode(commonIndex, commonDepth, isLeft ? leaf : node, isLeft ? node : leaf));
-          done = true;
+      let sharesLowerPath = true;
+      for (let lower = 0; lower < bit; lower++) {
+        if (bitAt(e2.index, lower) !== bitAt(targetIndex, lower)) {
+          sharesLowerPath = false;
+          break;
         }
       }
+      if (sharesLowerPath && bitAt(e2.index, bit) !== bitAt(targetIndex, bit))
+        siblingLeaves.push(e2);
     }
-  }
-  /**
-   * Set the hash for a leaf at the given index.
-   * The index must have been previously added via {@link add}.
-   * Each leaf's hash can only be set once (until {@link reset}).
-   */
-  setHash(index, hash3) {
-    this.#checkNotFinalized();
-    validateHash(hash3);
-    let node = this.#root;
-    if (node === null)
-      throw new RangeError("Empty SMT");
-    while (node instanceof ParentNode) {
-      node = (index & BITS[node.depth]) === 0n ? node.left : node.right;
-    }
-    if (node.index !== index)
-      throw new RangeError("Index not found");
-    node.hash = hash3;
-  }
-  // -----------------------------------------------------------------------
-  // Finalize phase
-  // -----------------------------------------------------------------------
-  /**
-   * Compute root hash and generate all proofs in a single recursive pass.
-   * Must be called after all hashes are set.
-   */
-  finalize() {
-    if (this.#root === null) {
-      this.#rootHash = NULL_HASH;
-      return;
+    if (siblingLeaves.length === 0) {
+      collapsed |= 1n << BigInt(bit);
+    } else {
+      hashes2.push(subtreeHash(siblingLeaves, height - 1));
     }
-    const result = this.#finalizeStep(this.#root, 0n, 0);
-    this.#rootHash = result.hash;
-    result.saveProofs([]);
-  }
-  /** Retrieve the proof for an index. Only valid after {@link finalize}. */
-  proof(index) {
-    const p2 = this.#proofs.get(index);
-    if (p2 === void 0)
-      throw new RangeError("Proof not found");
-    return p2;
-  }
-  /** Clear hashes and proofs, keeping the tree structure for reuse. */
-  reset() {
-    this.#root?.reset();
-    this.#rootHash = null;
-    this.#proofs.clear();
-  }
-  /**
-   * Check if the SMT has not been finalized yet.
-   * @throws {Error} If the SMT has already been finalized.
-   */
-  #checkNotFinalized() {
-    if (this.#rootHash !== null)
-      throw new Error("SMT already finalized");
   }
-  /**
-   * Perform a single step of finalization on the given node.
-   * @param {Node} node The node to finalize.
-   * @param {bigint} parentConverge The convergence value from the parent node.
-   * @param {number} depth The current depth in the tree.
-   * @returns {FinalizeStepResult} The result of the finalization step.
-   */
-  #finalizeStep(node, parentConverge, depth) {
-    const converge = parentConverge | BITS[HASH_BIT_LENGTH - depth];
-    let hash3;
-    let saveProofs;
-    if (node instanceof ParentNode) {
-      const childDepth = node.depth + 1;
-      const leftResult = this.#finalizeStep(node.left, converge, childDepth);
-      const rightResult = this.#finalizeStep(node.right, converge, childDepth);
-      hash3 = blockHash(leftResult.hash, rightResult.hash);
-      saveProofs = (hashes2) => {
-        const leftHashes = hashes2;
-        const rightHashes = hashes2.slice();
-        leftHashes.unshift(rightResult.hash);
-        rightHashes.unshift(leftResult.hash);
-        leftResult.saveProofs(leftHashes);
-        rightResult.saveProofs(rightHashes);
-      };
+  return { collapsed, hashes: hashes2 };
+}
+function verifyZeroHash(collapsed, hashes2, index, candidate, root) {
+  let acc = candidate;
+  let hashPtr = 0;
+  for (let n2 = 0; n2 < TREE_DEPTH; n2++) {
+    const i4 = TREE_DEPTH - 1 - n2;
+    let sibling;
+    if ((collapsed >> BigInt(i4) & 1n) === 1n) {
+      sibling = CACHED_ZERO[n2];
     } else {
-      if (node.hash === null) {
-        if (!this.#allowNonInclusion)
-          throw new RangeError("Hash missing");
-        node.hash = NULL_HASH;
-      }
-      hash3 = node.hash;
-      saveProofs = (hashes2) => {
-        this.#proofs.set(node.index, new SMTProof(converge, hashes2));
-      };
-    }
-    if (node.depth !== depth) {
-      const leftPad = [];
-      const rightPad = [];
-      for (let i4 = node.depth - 1; i4 >= depth; i4--) {
-        if ((node.index & BITS[i4]) === 0n) {
-          rightPad.push(i4);
-        } else {
-          leftPad.unshift(i4);
-        }
-      }
-      hash3 = blockHash(new Uint8Array(leftPad), hash3, new Uint8Array(rightPad));
+      if (hashPtr >= hashes2.length)
+        return false;
+      sibling = hashes2[hashPtr++];
     }
-    return { hash: hash3, saveProofs };
+    acc = bitAt(index, i4) === 1 ? blockHash(sibling, acc) : blockHash(acc, sibling);
   }
-};
+  return hashPtr === hashes2.length && hashesEqual(acc, root);
+}
 
 // ../smt/dist/esm/btcr2-leaf.js
 init_shim();
@@ -100849,51 +100412,53 @@ function nonInclusionLeafHash(nonce) {
 
 // ../smt/dist/esm/btcr2-proof.js
 init_shim();
-function serializeProof(proof, rootHash, options2) {
+function serializeProof(rootHash, proof, options2) {
   const result = {
-    id: hashToHex(rootHash),
-    collapsed: bigIntToHex(proof.converge, false),
-    hashes: proof.hashes.map((h) => hashToHex(h))
+    id: hashToBase64Url(rootHash),
+    collapsed: hashToBase64Url(bigIntToHash(proof.collapsed)),
+    hashes: proof.hashes.map((h) => hashToBase64Url(h))
   };
   if (options2?.nonce)
-    result.nonce = hashToHex(options2.nonce);
+    result.nonce = hashToBase64Url(options2.nonce);
   if (options2?.updateId)
-    result.updateId = hashToHex(options2.updateId);
+    result.updateId = hashToBase64Url(options2.updateId);
   return result;
 }
 function deserializeProof(serialized) {
-  const converge = hexToBigInt(serialized.collapsed, false);
-  const hashes2 = serialized.hashes.map((h) => hexToHash(h));
   const result = {
-    proof: new SMTProof(converge, hashes2),
-    rootHash: hexToHash(serialized.id)
+    rootHash: base64UrlToHash(serialized.id),
+    collapsed: hashToBigInt(base64UrlToHash(serialized.collapsed)),
+    hashes: serialized.hashes.map((h) => base64UrlToHash(h))
   };
   if (serialized.nonce)
-    result.nonce = hexToHash(serialized.nonce);
+    result.nonce = base64UrlToHash(serialized.nonce);
   if (serialized.updateId)
-    result.updateId = hexToHash(serialized.updateId);
+    result.updateId = base64UrlToHash(serialized.updateId);
   return result;
 }
 function verifySerializedProof(serialized, index, candidateHash) {
-  const { proof, rootHash } = deserializeProof(serialized);
-  return proof.isValid(index, candidateHash, rootHash);
+  const { rootHash, collapsed, hashes: hashes2 } = deserializeProof(serialized);
+  return verifyZeroHash(collapsed, hashes2, index, candidateHash, rootHash);
 }
 
 // ../smt/dist/esm/btcr2-tree.js
 init_shim();
 var BTCR2MerkleTree = class {
-  #smt;
   #entries = /* @__PURE__ */ new Map();
   #indexByDid = /* @__PURE__ */ new Map();
-  constructor(allowNonInclusion = true) {
-    this.#smt = new OptimizedSMT(allowNonInclusion);
+  #leaves = null;
+  #root = null;
+  /**
+   * @param _allowNonInclusion Retained for API compatibility; non-inclusion
+   *   leaves are always supported (an entry without `signedUpdate`).
+   */
+  constructor(_allowNonInclusion = true) {
   }
   /**
    * Add entries to the tree. May be called multiple times before
    * {@link finalize}. Duplicate DIDs (same index) throw.
    */
   addEntries(entries) {
-    const indexes = [];
     for (const entry of entries) {
       const index = didToIndex(entry.did);
       if (this.#entries.has(index)) {
@@ -100901,24 +100466,28 @@ var BTCR2MerkleTree = class {
       }
       this.#entries.set(index, entry);
       this.#indexByDid.set(entry.did, index);
-      indexes.push(index);
     }
-    this.#smt.add(indexes);
+    this.#leaves = null;
+    this.#root = null;
   }
   /**
-   * Compute leaf hashes and finalize the tree.
+   * Compute leaf hashes and the zero-hash root.
    * After this call, {@link rootHash} and {@link proof} become available.
    */
   finalize() {
+    const leaves = [];
     for (const [index, entry] of this.#entries) {
-      const leafHash = entry.signedUpdate !== void 0 ? inclusionLeafHash(entry.nonce, entry.signedUpdate) : nonInclusionLeafHash(entry.nonce);
-      this.#smt.setHash(index, leafHash);
+      const leaf = entry.signedUpdate !== void 0 ? inclusionLeafHash(entry.nonce, entry.signedUpdate) : nonInclusionLeafHash(entry.nonce);
+      leaves.push({ index, leaf });
     }
-    this.#smt.finalize();
+    this.#leaves = leaves;
+    this.#root = zeroHashRoot(leaves);
   }
   /** Root hash of the finalized tree. Throws if not finalized. */
   get rootHash() {
-    return this.#smt.rootHash;
+    if (this.#root === null)
+      throw new Error("Tree not finalized: call finalize() first");
+    return this.#root;
   }
   /**
    * Get the did:btcr2 serialized proof for a DID.
@@ -100928,14 +100497,18 @@ var BTCR2MerkleTree = class {
     const index = this.#indexByDid.get(did);
     if (index === void 0)
       throw new RangeError(`DID not in tree: ${did}`);
+    if (this.#leaves === null || this.#root === null) {
+      throw new Error("Tree not finalized: call finalize() first");
+    }
     const entry = this.#entries.get(index);
-    const smtProof = this.#smt.proof(index);
+    const proof = generateZeroHashProof(this.#leaves, index);
     const updateId = entry.signedUpdate !== void 0 ? blockHash(entry.signedUpdate) : void 0;
-    return serializeProof(smtProof, this.#smt.rootHash, { nonce: entry.nonce, updateId });
+    return serializeProof(this.#root, proof, { nonce: entry.nonce, updateId });
   }
-  /** Clear hashes and proofs, keeping tree structure. Entries are preserved. */
+  /** Clear computed leaves and root, keeping entries. */
   reset() {
-    this.#smt.reset();
+    this.#leaves = null;
+    this.#root = null;
   }
 };
 
@@ -100970,12 +100543,12 @@ var SMT_STRATEGY = {
     const smtProof = body.smtProof;
     if (!smtProof?.updateId || !smtProof?.nonce) return { matches: false };
     const canonicalBytes = new TextEncoder().encode(canonicalize2(submittedUpdate));
-    const expectedUpdateId = hashToHex(blockHash(canonicalBytes));
+    const expectedUpdateId = hashToBase64Url(blockHash(canonicalBytes));
     if (smtProof.updateId !== expectedUpdateId) {
       return { matches: false, smtProof };
     }
     const index = didToIndex(participantDid);
-    const candidateHash = blockHash(blockHash(hexToHash(smtProof.nonce)), hexToHash(smtProof.updateId));
+    const candidateHash = blockHash(blockHash(base64UrlToHash(smtProof.nonce)), base64UrlToHash(smtProof.updateId));
     return {
       matches: verifySerializedProof(smtProof, index, candidateHash),
       smtProof
@@ -108312,8 +107885,8 @@ function encrypt2(secretKey, pubkey, text) {
   let iv = Uint8Array.from(randomBytes2(16));
   let plaintext = utf8Encoder.encode(text);
   let ciphertext = cbc(normalizedKey, iv).encrypt(plaintext);
-  let ctb64 = base642.encode(new Uint8Array(ciphertext));
-  let ivb64 = base642.encode(new Uint8Array(iv.buffer));
+  let ctb64 = base64.encode(new Uint8Array(ciphertext));
+  let ivb64 = base64.encode(new Uint8Array(iv.buffer));
   return `${ctb64}?iv=${ivb64}`;
 }
 function decrypt2(secretKey, pubkey, data) {
@@ -108321,8 +107894,8 @@ function decrypt2(secretKey, pubkey, data) {
   let [ctb64, ivb64] = data.split("?iv=");
   let key = secp256k1.getSharedSecret(privkey, hexToBytes2("02" + pubkey));
   let normalizedKey = getNormalizedX(key);
-  let iv = base642.decode(ivb64);
-  let ciphertext = base642.decode(ctb64);
+  let iv = base64.decode(ivb64);
+  let ciphertext = base64.decode(ctb64);
   let plaintext = cbc(normalizedKey, iv).decrypt(ciphertext);
   return utf8Decoder.decode(plaintext);
 }
@@ -108642,7 +108215,7 @@ function decodePayload(payload) {
     throw new Error("unknown encryption version");
   let data;
   try {
-    data = base642.decode(payload);
+    data = base64.decode(payload);
   } catch (error) {
     throw new Error("invalid base64: " + error.message);
   }
@@ -108663,7 +108236,7 @@ function encrypt22(plaintext, conversationKey, nonce = randomBytes2(32)) {
   const padded = pad(plaintext);
   const ciphertext = chacha20(chacha_key, chacha_nonce, padded);
   const mac = hmacAad(hmac_key, ciphertext, nonce);
-  return base642.encode(concatBytes2(new Uint8Array([2]), nonce, ciphertext, mac));
+  return base64.encode(concatBytes2(new Uint8Array([2]), nonce, ciphertext, mac));
 }
 function decrypt22(payload, conversationKey) {
   const { nonce, ciphertext, mac } = decodePayload(payload);
@@ -109938,7 +109511,7 @@ async function getToken(loginUrl, httpMethod, sign, includeAuthorizationScheme =
   }
   const signedEvent = await sign(event);
   const authorizationScheme = includeAuthorizationScheme ? _authorizationScheme : "";
-  return authorizationScheme + base642.encode(utf8Encoder.encode(JSON.stringify(signedEvent)));
+  return authorizationScheme + base64.encode(utf8Encoder.encode(JSON.stringify(signedEvent)));
 }
 async function validateToken(token, url, method) {
   const event = await unpackEventFromToken(token).catch((error) => {
@@ -109954,7 +109527,7 @@ async function unpackEventFromToken(token) {
     throw new Error("Missing token");
   }
   token = token.replace(_authorizationScheme, "");
-  const eventB64 = utf8Decoder.decode(base642.decode(token));
+  const eventB64 = utf8Decoder.decode(base64.decode(token));
   if (!eventB64 || eventB64.length === 0 || !eventB64.startsWith("{")) {
     throw new Error("Invalid token");
   }
@@ -112647,9 +112220,6 @@ var SMTBeacon = class extends Beacon {
         });
         continue;
       }
-      if (!smtProof.updateId) {
-        continue;
-      }
       if (!smtProof.nonce) {
         throw new SMTBeaconError(
           "SMT proof missing required nonce field.",
@@ -112658,7 +112228,8 @@ var SMTBeacon = class extends Beacon {
         );
       }
       const index = didToIndex(did);
-      const candidateHash = blockHash(blockHash(hexToHash(smtProof.nonce)), hexToHash(smtProof.updateId));
+      const nonceHash2 = base64UrlToHash(smtProof.nonce);
+      const candidateHash = smtProof.updateId ? blockHash(blockHash(nonceHash2), base64UrlToHash(smtProof.updateId)) : blockHash(blockHash(nonceHash2));
       const valid = verifySerializedProof(smtProof, index, candidateHash);
       if (!valid) {
         throw new SMTBeaconError(
@@ -112667,11 +112238,15 @@ var SMTBeacon = class extends Beacon {
           { smtProof, did }
         );
       }
-      const signedUpdate = sidecar.updateMap.get(smtProof.updateId);
+      if (!smtProof.updateId) {
+        continue;
+      }
+      const updateHashHex = hashToHex(base64UrlToHash(smtProof.updateId));
+      const signedUpdate = sidecar.updateMap.get(updateHashHex);
       if (!signedUpdate) {
         needs.push({
           kind: "NeedSignedUpdate",
-          updateHash: smtProof.updateId,
+          updateHash: updateHashHex,
           beaconServiceId: this.service.id
         });
         continue;
@@ -128861,7 +128436,7 @@ var Resolver = class _Resolver {
     const smtMap = /* @__PURE__ */ new Map();
     if (sidecar.smtProofs?.length)
       for (const proof of sidecar.smtProofs) {
-        smtMap.set(proof.id, proof);
+        smtMap.set(encode(decode(proof.id, "base64urlnopad"), "hex"), proof);
       }
     return { updateMap, casMap, smtMap };
   }
@@ -129149,11 +128724,12 @@ var Resolver = class _Resolver {
       case "NeedSMTProof": {
         const smtNeed = need;
         const proof = data;
-        if (proof.id !== smtNeed.smtRootHash) {
+        const proofIdHex = encode(decode(proof.id, "base64urlnopad"), "hex");
+        if (proofIdHex !== smtNeed.smtRootHash) {
           throw new ResolveError(
-            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proof.id}`,
+            `SMT proof root hash mismatch: expected ${smtNeed.smtRootHash}, got ${proofIdHex}`,
             INVALID_DID_UPDATE,
-            { expected: smtNeed.smtRootHash, actual: proof.id }
+            { expected: smtNeed.smtRootHash, actual: proofIdHex }
           );
         }
         this.#sidecarData.smtMap.set(smtNeed.smtRootHash, proof);